Announcement: ¶
hi guys, unfortunately lately i've been in development hell since i moved to a new company, and i couldn't really give this module the time it really needs/deserve.
Still i don't want the module to just die, so i've decided that this w/e i'll move the module to github to allow whoever is interested to maintain/contribute to the project.
thanks a lot for your support, without you and your bug reports this module would've never become what it is right now.
update:
as promised here is the url of the git repository.
contact me for any kind of request regarding it.
Nick
userGroups let's you manage user and groups inside your applications. This modules comes in with features like user registrations, password retrieving, banning system, user activation system and so on.
userGroups auto install itself creating the required database tables and guiding you through the whole installation process, never leaving you wondering abot what you are supposed to do next.
Thanks to userGroups you will also have an extension of the accessControlFilter that will provide you with new rules for groups, levels and access permissions.
You will be able to grant different permissions (read, write and admin) to every user or group for every single controller inside your application.
Users will inherit their groups permission but you will be able to further customize every single user granting him special permissions.
It's up to you how to implement those permissions using, along with the old ones, new rule sets like:
- groups: let's you decide what group the user has to belong to perform an action
- levels: you can decide what level the user needs to perform an action
- permissions: you can decide that just users with a certain permission on that controller or another can perform a certain action
userGroups also can be configured to better suit your needs
and provides some cronjobs to unban your users and delete those that never activated their accounts.
You can even add new cron jobs just extending the provided class.
userGroups provides you with an exaustively written and full of examples documentation on how take better advantage of this module.
This module was coded using design patterns and other standards, taking true advantage of Yii core methods and most reknown practices, paying special attention to security issues.
Main Features ¶
New Rules Examples ¶
// allow all users who belong to the admin or core group
// or to the group with id 5 to perform 'update' and 'admin' actions
array('allow',
'actions'=>array('update','admin'),
'groups'=>array('admin', 'core', 5),
),
// allow all users with a level lower then 10, or equal to 20
// or higher or equal to 35 to perform an update action
array('allow',
'actions'=>array('update'),
'level'=>array('<10', '20' ,'>=35'),
),
// allow all users with a level lower then 40 AND
// higher then 35 to perform an update action
array('allow',
'actions'=>array('update'),
'level'=>array('<40', '>35', 'strict' => true),
),
// allow users with admin permissions on this controller OR
// the companies controller to access the update action.
array('allow',
'actions'=>array('update'),
'pbac'=>array('admin', 'companies.admin'),
),
Profile Extensions ¶
If you need to add new fields to your profile thanks to this feature you can do it easily creating just your own models and view, without ever have to think about digging the module code.
For more info about how to use this feature read about it in the updated documentation inside the module.
If you need some examples download the profileExtension.tgz file.
Email Customization ¶
From version 1.6 you can now customize the emails that userGroups is sending to your users.
For more details read the module documentation.
Since version 1.8 the mail body message is stored inside view files to make it easier to change text and whatsoever.
Requirements ¶
Yii 1.1.7
Tested just on last versions of MySQL and Postgres.
Some issues where found on postgres (thanks artur_oliveira).
For more info look at the google code project page.
Tested on Yii 1.1.8
Installation ¶
This installation instruction are assuming that you are using urlManager, that you have showScriptName with a boolean false value and that you have an .htaccess file in your project root directory.
The module wasn't tested yet in the other possible conditions, so i apologies if you experience some problems.
If you want to know how to configure those settings read the urlManager section of this document.
To use this module just open the package,
copy the module directory inside the protected/modules/ directory of you application
and then add the module inside your application configuration file:
'modules'=>array(
'userGroups'=>array(
'accessCode'=>'type here your access code',
)
),
then into your browser go to yourApplicationRoot/userGroups and the installation process will guide you through.
urlManager Settings ¶
To setup urlManager go inside your configuration file and enable it:
// uncomment the following to enable URLs in path-format
'urlManager'=>array(
'urlFormat'=>'path',
'rules'=>array(
'<controller:\w+>/<id:\d+>'=>'<controller>/view',
'<controller:\w+>/<action:\w+>/<id:\d+>'=>'<controller>/<action>',
'<controller:\w+>/<action:\w+>'=>'<controller>/<action>',
),
'showScriptName'=>false,
),
don't forget to set showScriptName just like in the example above.
Now download the htaccess.tgz archive, and copy the .htaccess file into your application root directory.
Remember that htaccess files won't work if you don't have mod rewrite enabled in apache.
Common Installation issues ¶
userGroups creates a new Controller.php file into your application component directory, and your application's controllers need to extend it.
If your controllers are extending another controller you'll have to copy inside it the public static $_permissionControl and the public function filterUserGroupsAccessControl that you'll find in the controller created by userGroups
What if installation won't work ¶
tell me about the problem and i'll fix it as soon as possible.
if you have any trouble during installation delete all the db tables created by the installation process before repeating it.
Updating the module ¶
If you'll need to update the module all you have to do is to overwrite the old files inside your version with the new ones.
Updating from 1.x to 1.6 ¶
Before copying the new files over the old ones login as Root.
Download the patch file.
The Patch file contains the PatchController. Just copy inside the userGroups controller directory, and then access it going to the url /userGroups/patch.
once the patch process is over delete the file.
Download the last version of userGroups.
Copy the new files over the old ones.
if you used the salt option you cannot truly update to this version. To improve security we changed how salt are used. If you want to upload to this version and you used a custom salt you'll have to recreate your users.
Updating from 1.x to 1.7.1 ¶
After this update the salt will no more be timezone-dependent.
From now on the salt timezone will be setted to UTC.
This means that probably your password won't work anymore.
To fix this issue you will have to reset your passwords.
To do so try to log-in and then follow the password reset link.
If you are on a development server and no email was sent to your email account containing the instructions about how to reset your password, open the db and get the activation_code value.
Then go to yourapplication/userGroups/user/activate and input your data on the form.
Updating from 1.7.1 to 1.8 and so on ¶
Since version 1.8 every time you'll have to update userGroups you have to login first with your root user, then copy the new files over the old ones, and after you've done that just go to the Root Tools page. A link will appear on the top, just click on it and follow the instructions.
Changelog ¶
8-5-2011
version 1.8 - stable and partially tested
fixed the following issues: #14, #15, #16, #17, #20.
from now on you'll be able to get the current user mail address with Yii->app()->user->email
if you have the swiftmail yii-mail component installed userGroups will use it to execute the sending action.
email body text is stored inside view files to make it easier for you to change it.
if the simple_password_reset setting is on the question and answer form fields won't appear in any form.
you can now use crontab to execute the cronjobs if you want to.
added several spelling corrections thanks to David Drury.
6-6-2011
version 1.7.1 - stable and tested
fixed issue #13, from now on the salt used it's not anymore timezone related
read the specific instructions about how to update
25-5-2011
version 1.7 - stable and tested
made several correction to avoid errors when using PHP with E_STRICT
improved UI on userGroups admin user gridview and list user's gridview
implemented a new method to store in session Profile Extension's attributes
16-5-2011
version 1.6.8 - stable
from now on there won't be any problem with controllers with the same class name or with modules that are not extending properly the controller generated by userGroups.
fixed the bug related to the compatibility of the changeIdentity method located inside WebUserGroups.
5-5-2011
version 1.6.7 - stable and fully tested release
corrected any bug related to profiles
corrected the blank-screen-after-login bug
5-2-2011
version 1.6.6 - stable release
corrected bug #10 (thanks artur)
corrected bug reported on the forum (thanks Dave_D)
4-26-2011
version 1.6.5 - stable release
corrected bugs #6, #8, #9
4-20-2011
version 1.6.4 - stable release
corrected bugs #3, #4, #5
4-18-2011
version 1.6.3 - stable release
implemented support for tablePrefix
solved bugs related to relative urls (thanks artur_oliveira and petar)
4-10-2011
version 1.6.2 - stable release
solved a case sensitive bug issue during installation (thanks julias).
4-7-2011
version 1.6.1 - stable release
solved a bug that didn't allowed a correct creation of new users
4-7-2011
version 1.6
added Email Customization
improved security against rainbow table attacks
added client side validation for profile updates
solved a bug occurring on case sensitive systems
solved a stupid issue that was preventing rememberMe to work properly.
if you used the salt option you cannot truly update to this version. To improve security we changed how salt are used. If you want to upload to this version and you used a custom salt you'll have to recreate your users.
3-28-2011
version 1.5
Profile Extensions now work on registration too
documentation of Profile Extensions improved
fixed an installation bug under Postgres (thanks Cam)
support for ClientValidation on registration
dropped support for Yii version 1.1.6
3-28-2011
version 1.4.3 - stable
fixed last bug occurring when not using Profile Extensions
3-28-2011
version 1.4.2
fixed a bug occurring when recovering user login from the cookie
fixed a bug that didn't let you create an instance of UserGroupsUser outside of the userGroups module
3-26-2011
version 1.4.1
fixed a logout permission issue: users could access the logout action just using ajax
3-25-2011
version 1.4
fixed a bug occurring with the new Profile Extensions feature.
3-25-2011
version 1.3
fixed a user creation bug that occurred when creating a user with no permissions from Root Tools
3-25-2011
version 1.2
fixed an installation bug (thanks inluxc)
updated the documentation
3-25-2011
version 1.1
fixed the rememberMe bug (thanks Gustavo)
added the new Profile Extensions feature
updated the documentation
3-24-2011
version 1.0
little correction to the documentation.
Issue Tracking ¶
if you are experiencing any issue with the module post it here or on the google code project page
Suggestions ¶
If you want to request a feature or make a suggestion visit the official topic
Thanks for sharing!
It looks great, exactly what I needed
I'm taking it to a test-drive right now
Test Drives
if you guys test it leave me a feedback about eventual bugs or features to improve :D
litte improvement
a little improvement would be to the created controller class to come with
public function filters() { return array( 'userGroupsAccessControl', // perform access control for CRUD operations ); }by default
the rest, so far so good
Thanks
Thank you so much for this extension. RBAC is one of the most complicated parts of an application. This looks very well done and I will definitely use this. Thumbs up!
Instaltion error
I get the following error during the instalation,
Hwo can i resolve this???
CDbCommand failed to execute the SQL statement: SQLSTATE[HY000]: General error: 1364 Field 'access' doesn't have a default valuemore info please
did you set an accessCode just like the installation process tells you?
tell me exactly what did you do step by step, so i'll try to replicate the error and debug it :D
bug found!
i think i found it.
thanks a lot inluxc.
try with the new release i just uploaded and tell me if you are still experiencing any problems.
Login Error.
Ok, that did it :) Thanks.
But when i login for the first time i get this error:
Class AttachController does not have a property named _permissionControl userGroups\models\UserGroupsAccess.php(180)Google code
Why dont you, create an Google Code Project for this module, it better to track bugs :)
google code
i'm starting to think about it, i'm about to make another release for a minor bug i just found about the Profile Extensions feature XD
anyway, the last error is pretty weird.
When the module install itself it creates a new Controller.php class into your component folders, and that controller has that property.
So all your controllers should inherit.
The only thing i can think about is that your controllers inside your projects are extending another controller and not the one that is in the component folder of your application.
Login Error - Continue
Yep i using GIIX extention, how can i go around it????
The only thing i can think about is that your controllers inside your projects are extending another controller and not the one that is in the component folder of your application.
solving giix problem
easy, inside the module you can see a directory named templates, inside it you will find a file named template_Controller.php
to make everything work as it supposed to do copy the public static $_permissionControl and the public function filterUserGroupsAccessControl
ps: i'm starting the google code project ^^
Yep.. It works
That did the trick ;)
latest version
good!
if you didn't yet, download the last version, it solves a couple of bugs that were pending inside the Profile Extensions feature.
Localize
Well i updated to the version 1.4, i just need to upload the files, nothing else, right?
I will do the Portugues "Portugal" translation for you.
portuguese localization
yep, 1.4 is the last one
thanks a lot for the localization :D
sorry for the last release
i'm sorry, but i noticed that while releasing the 1.4.2 version i created a new bug solving an old one.
Unfortunately this module is being developed and tested just by one person (me v.v)
This last version should be stable and bug free (at least not with new bugs created by last bug fixes)
thanks for your patience and support
Bug report Create Table pgsql
In
userGroups/controllers/InstallController.php
Line 411 should be changed from
-level INT(6),
to
+level INTEGER,
Thanks,
Cam Johnson
apologies
i apology about the earlier release.
this one is completely stable.
thank you guys for your support.
Some problems found
When i installed this extension i had two problems:
1 - Base directory
If the Yii site is served under a subdirectory of the web server say for instance http://localhost/test/ then several problems appear:
a. Final installation step redirects to http://localhost/userGroups
b. add user and add group do not work because the javascript functions assume the base URL is /
2 - TablePreffix is not used when creating tables
Looks very interesting
Going to give this a shot for my next project.
@artur_oliveira
thanks artur i'm going to fix those issues asap.
if you find some other path issues when using it in a subdirectory let me know.
Version 1.6.3, tableprefix and subdirectory problems
Hi thanks for your response.
I will try out the new version ASAP.
Update the problems i opened in google code project issue tracker.
Best Regards
Artur
@artur
thank you for the feedbacks!
still i didn't have time to investigate through the postgres related issue.
i updated the google project issue tracker btw ^^
images down
my domain will go down within the next 24 ours for a couple of hours do to a registrar change.
Therefore the images on this page will go down as well.
sorry for the inconvenience
Problems generating controllers list while getting module name in Windows
I created a new issue related to module name generation in google project issue tracking
I included the solution i found for the problem
As for the relative path issue is concerned everything is working fine. Thanks nickcv
Regards
Artur
Problem : Unable to save other user/group permissions when logged in user only has userGroups.admin.write permissions
One more problem - Unable to save other user/group permissions when logged in user only has userGroups.admin.write permissions - created issue in issue tracker
1.6.4
corrected all the signaled bugs.
thanks guys!
URL Manager Rules to use path to user profile
If anyone would like to use path urls to access a user profile this is the way.
On a setup like the documentation one would access a user profile like this:
http://localhost/userGroups?u=admin
To use URL with path style add the following rule to URL manager:
'userGroups/u/<u:\w+>'=>'userGroups',This should be the first rule
After that if using path style URLS one can use:
http://localhost/userGroups/u/admin
This is specially usefull if you are using:
Yii::app()->createUrl(array('userGroups','u='.$username))or
CHtml::link($username, array('userGroups','u'=>$username))to create URLs
Not working
I am at http://localhost/usergroups/userGroups where i see the documentation.
I see a menu with the following links - My Profile, Invite User, User List, Root Tools, Documentation. Unfortunately all except Root Tools are working. When I click on Root Tools, nothing is happening.The Root Tools menu has a link 'http://localhost/usergroups/userGroups/admin'. No action happens when I click on Root Tools. But if I try to open Root Tools on a different tab, an error message is displayed (shown below).
Details of my development environment-
Apache/2.2.17 (Win32) mod_ssl/2.2.17 OpenSSL/0.9.8o PHP/5.3.4 mod_perl/2.0.4 Perl/v5.10.1 Yii Framework/1.1.7
Details of error-
PHP Error
Only variables should be passed by reference
D:\yiiroot\framework\base\CComponent.php(616) : eval()'d code(1)
The line numbers are 11,15 and 20
11 +– D:\xampp\htdocs\usergroups\protected\modules\userGroups\views\admin\crons.php(52): CBaseController->widget("zii.widgets.grid.CGridView", array("dataProvider" => CActiveDataProvider, "id" => "configuration-list", "enableSorting" => false, "summaryText" => false, ...))
47 array(
48 'name'=>'description',
49 'value'=>'UGCron::getDescriptions($data->name, true);',
50 ),
51 ),
52 )); ?>
53 <?php if (Yii::app()->user->pbac('userGroups.admin.admin')): ?>
54
55 <?php echo CHtml::submitButton(Yii::t('userGroupsModule.general','Save')); ?>
56
57 <?php $this->endWidget(); ?>
15 +– D:\xampp\htdocs\usergroups\protected\modules\userGroups\views\admin\index.php(14): CController->renderPartial("crons", array("cronDataProvider" => CActiveDataProvider))
09 <?php $this->renderPartial('/admin/menu', array('mode' => 'profile', 'root' => true))?>
10
11 <?php if (!UserGroupsConfiguration::findRule('dumb_admin') || Yii::app()->user->pbac('admin')): ?>
12 <?php $this->renderPartial('configurations', array('confDataProvider'=>$confDataProvider))?>
13 <hr/>
14 <?php $this->renderPartial('crons', array('cronDataProvider'=>$cronDataProvider))?>
15 <hr/>
16 <?php endif; ?>
17 <?php $this->renderPartial('groups', array('groupModel'=>$groupModel))?>
18 <hr/>
19 <?php $this->renderPartial('users', array('userModel'=>$userModel))?>
20 +– D:\xampp\htdocs\usergroups\protected\modules\userGroups\controllers\AdminController.php(99): CController->render("index", array("confDataProvider" => CActiveDataProvider, "cronDataProvider" => CActiveDataProvider, "groupModel" => UserGroupsGroup, "userModel" => UserGroupsUser))
094
095 // checks if the page was loaded as ajax
096 if (Yii::app()->request->isAjaxRequest)
097 $this->renderPartial('index', array('confDataProvider'=>$confDataProvider, 'cronDataProvider'=>$cronDataProvider, 'groupModel' => $groupModel, 'userModel' => $userModel), false, true);
098 else
099 $this->render('index', array('confDataProvider'=>$confDataProvider, 'cronDataProvider'=>$cronDataProvider, 'groupModel' => $groupModel, 'userModel' => $userModel));
100 }
101
102 /*
103 display the documentation
104 */
Pl guide me.
I am unable to get it working to test it.
Harilal
kharilal@gmail.dom
ops XD wrong upload
sorry guys i uploaded the wrong tar... now there's the right one
Duplicate Controller name is still a problem
If one has a site with two modules created with yii they both have a defaultcontroller
This still does not work
i retested duplicated names
i just retested creating with gii 3 modules, and i couldn't find any issue regarding controllers with duplicated names
arthur please open a ticket describing better how to reproduce the error.
Great work!
I've been using Rights and Yii-user for a long time, but this gem of a extension module put an end to that. Not that there's anything wrong with the two; yours is simply better. And then it's just one module, instead of two. That counts as well.
I love it. Keep up the good work.
It's appreciated. :)
Great
Excellent ext :) I'm on a new project with features just like what you've provided here. thank you.
Great Extension
This is saving me a lot of work. Thank You.
Also, can you put a hook in to use our own encrypt routine?
I want to port a site I wrote from codeigniter to yii.
Profile does not refresh
Hello,
If I am logged in and change my MarkUp from 10 to 20,
the code [code]Yii::app()->user->profile('Profile', 'MarkUp')[/code]
returns 10 until I logout and login again.
Slight change to install instructions
Hi,
In windows 7 with Apache (XAMPP)
If you are getting a 404 not found error when trying to install remove this line from the components/urlManager section in protected/config/main.php
'caseSensitive'=>false,Thanks again for the great job on the module!
Hi and Thx
A question about Subfolders in Contollers can you implement that ? i have controllers/admin/NewsController but in usergruop this one will not show
Profile Extensions
Is there a way to associate specific profiles to groups?
I only want to show profile extensions to some of the groups and not all of them.
Thanks for the great extension
latest file corrupted
I downloaded the latest 1.8 pack, and i could not extract it. i am getting a message, that the file is corrupted.. could u pls check
corrupted file
I just tried it and no error was found.
@cfletcher1856
is something i was thinking about for next release :D
corrupted file: my way to open it
@psenthilraja
I had also problem extracting file in ubuntu linux. I found a silly way to solve it:
renamed file to userExtensions.zip and extracted it (with right click -> extract here)
as a result I got one file userExtensions with no extension
renamed userExtensions to userExtensions.tar.gz
now it was possible to extract it (again right click -> extract here)
same with userGroups
can't explain but worked for me :)
reuploaded the file
i reuploaded the file, now you should not have any more problems
Problem with a custom controller
I have a custom controller and when I try to create a new user or a new group I get the following error:
Fatal error: include(): Cannot redeclare class mycontroller in [...]protected/modules/userGroups/models/UserGroupsAccess.php on line 194any way to fix?
Argh
@maxxer this normally means you have 2 different classes called mycontroller. Make sure you haven't declared that class twice.
@everyone else - anyone know how to translate these mod rewrite rules to IIS?
One User --> Many Groups?
Hi Nick,
It looks like this module assumes each user will belong to only one group. Is that correct? A user cannot be a member of multiple groups at one time?
Controller in components
Hi, i have a controller inside of component folder on costum module and the usergroup don't like :D
How i can resolve it?
include(AdminBaseController.php) [<a href='function.include'>function.include</a>]: failed to open stream: No such file or directory <?php /** * News controller Home page */ class AdminController extends AdminBaseController {@dkrochmalny
no, I don't have a double declaration of the controller! if I just hide that it works, but if I leave the file in place it won't allow me to add new users or groups!
Customize the Login Form
Hi, Sorry if its not the place.
Im trying to customize the form login. the only option I find is to change the css file. ok. but I want to place it in the corner of the page, I mean, in other place that is not the $content. Im trying to reference the login form as "Yii::app()->user->loginUrl" but its not working. some one has a better idea?
Problem in access control
I gone through this extension,it allows me to creating users and groups in the front end.but it won't take the access permissions that we give in the front end check box.ie we have to specify in the controller only.any solution??
@Y!!
@ Y!!
have you put this in controller???
public function filters() { return array( 'userGroupsAccessControl', // perform access control for CRUD operations ); }Problem in access control
Yes i put that in controller before itself.Got the solution,now i am using pbac(Permission Based Access Control) option instead of users or groups in accessRules.
If you have any questions, please ask in the forum instead.
Signup or Login in order to comment.