Wallogit.com
2017 © Pedro Peláez
Improved webvimark/module-user-management (hybrid mode local database + ldap)
This package is modified like the following:, (*1)
It is possible to set the boolean attribute ldap_user for an user object:, (*2)
$user->ldap_user = true
A user declared as an ldap user will not be authenticated to the local database, instead it will be checked against the directory., (*3)
If the the login is successful the user will be logged in as the user that is given in the local database., (*4)
You can set multiple LDAP servers and multiple LDAP domains inside the config file:, (*5)
'user' => [ 'class' => 'webvimark\modules\UserManagement\components\UserConfig', 'ldapServer' => ['10.11.12.13','1.2.3.4','99.99.99.99'], 'ldapDomain' => ['YOURDOMAIN','ANOTHERDOMAIN'], ]
The login procedure will try out every server/domain combination with the given credentials.
If you want to use a server port just declare the LDAP server like 12.13.14.16:9999, (*6)
Example usage of this plugin:, (*7)
You have local users inside the database with passwords (non ldap users). Additionally to this you want to bind an active directory to your application., (*8)
In this case you could create a Yii2 command controller that is going to run monthly/weekly/daily/hourly (whatever you want) and synchronizes the ldap users into yout database like the this:, (*9)
$security = new \yii\base\Security(); $new_user = new \webvimark\modules\UserManagement\models\User; $new_user->id = NULL; $new_user->username = "newuser"; $new_user->password = md5($security->generateRandomString()); $new_user->email = "newuser@example.com"; $new_user->email_confirmed = true; $new_user->ldap_user = true; $new_user->save();
Notice: I'm using $security->generateRandomString inside md5() method to generate a random strong password inside the local database. It is just necessary to create this user to have an user object on the webpage that is controlled by our ldap user., (*10)
The preferred way to install this extension is through composer., (*11)
Either run, (*12)
composer require --prefer-dist webvimark/module-user-management "*"
or add, (*13)
"webvimark/module-user-management": "*"
to the require section of your composer.json file., (*14)
1) In your config/web.php, (*15)
'components'=>[ 'user' => [ 'class' => 'webvimark\modules\UserManagement\components\UserConfig', // Comment this if you don't want to record user logins 'on afterLogin' => function($event) { \webvimark\modules\UserManagement\models\UserVisitLog::newVisitor($event->identity->id); } ], ], 'modules'=>[ 'user-management' => [ 'class' => 'webvimark\modules\UserManagement\UserManagementModule', // Here you can set your handler to change layout for any controller or action // Tip: you can use this event in any module 'on beforeAction'=>function(yii\base\ActionEvent $event) { if ( $event->action->uniqueId == 'user-management/auth/login' ) { $event->action->controller->layout = 'loginLayout.php'; }; }, ], ],
To learn about events check:, (*16)
Layout handler example in AuthHelper::layoutHandler(), (*17)
To see full list of options check UserManagementModule file, (*18)
2) In your config/console.php (this is needed for migrations and working with console), (*19)
'modules'=>[ 'user-management' => [ 'class' => 'webvimark\modules\UserManagement\UserManagementModule', ], ],
3) Run migrations, (*20)
./yii migrate --migrationPath=vendor/webvimark/module-user-management/migrations/
4) In you base controller, (*21)
public function behaviors() { return [ 'ghost-access'=> [ 'class' => 'webvimark\modules\UserManagement\components\GhostAccessControl', ], ]; }
false, 'activateParents'=>true, 'items' => [ [ 'label' => 'Backend routes', 'items'=>UserManagementModule::menuItems() ], [ 'label' => 'Frontend routes', 'items'=>[ ['label'=>'Login', 'url'=>['/user-management/auth/login']], ['label'=>'Logout', 'url'=>['/user-management/auth/logout']], ['label'=>'Registration', 'url'=>['/user-management/auth/registration']], ['label'=>'Change own password', 'url'=>['/user-management/auth/change-own-password']], ['label'=>'Password recovery', 'url'=>['/user-management/auth/password-recovery']], ['label'=>'E-mail confirmation', 'url'=>['/user-management/auth/confirm-email']], ], ], ], ]); ?>
From the menu above at first you'll se only 2 element: "Login" and "Logout" because you have no permission to visit other urls and to render menu we using GhostMenu::widget(). It's render only element that active user can visit., (*22)
Also same functionality has GhostNav::widget() and GhostHtml:a(), (*23)
1) Login as superadmin/superadmin, (*24)
2) Go to "Permissions" and play there, (*25)
3) Go to "Roles" and play there, (*26)
4) Go to "User" and play there, (*27)
5) Relax, (*28)
You controllers may have two properties that will make whole controller or selected action accessible to everyone, (*29)
public $freeAccess = true;
Or, (*30)
public $freeAccessActions = ['first-action', 'another-action'];
Here are list of the useful helpers. For detailed explanation look in the corresponding functions., (*31)
User::hasRole($roles, $superAdminAllowed = true) User::hasPermission($permission, $superAdminAllowed = true) User::canRoute($route, $superAdminAllowed = true) User::assignRole($userId, $roleName) User::revokeRole($userId, $roleName) User::getCurrentUser($fromSingleton = true)
Role, Permission and Route all have following methods, (*32)
Role::create($name, $description = null, $groupCode = null, $ruleName = null, $data = null) Role::addChildren($parentName, $childrenNames, $throwException = false) Role::removeChildren($parentName, $childrenNames)
Events can be handled via config file like following, (*33)
'modules'=>[ 'user-management' => [ 'class' => 'webvimark\modules\UserManagement\UserManagementModule', 'on afterRegistration' => function(UserAuthEvent $event) { // Here you can do your own stuff like assign roles, send emails and so on }, ], ],
List of supported events can be found in UserAuthEvent class, (*34)
Question: I want users to register and login with they e-mails! Mmmmm... And they should confirm it too!, (*35)
Answer: See configuration properties $useEmailAsLogin and $emailConfirmationRequired, (*36)
Question: I want to have profile for user with avatar, birthday and stuff. What should I do ?, (*37)
Answer: Profiles are to project-specific, so you'll have to implement them yourself (but you can find example here - https://github.com/webvimark/user-management/wiki/Profile-and-custom-registration). Here is how to do it without modifying this module, (*38)
1) Create table and model for profile, that have user_id (connect with "user" table), (*39)
2) Check AuthController::actionRegistration() how it works (you can skip this part), (*40)
3) Define your layout for registration. Check example in AuthHelper::layoutHandler(). Now use theming to change registraion.php file, (*41)
4) Define your own UserManagementModule::$registrationFormClass. In this class you can do whatever you want like validating custom forms and saving profiles, (*42)
5) Create your controller where user can view profiles, (*43)
Improved webvimark/module-user-management (hybrid mode local database + ldap)