search

sjaakp / yii2-pluto

User management extension for Yii2
https://demo.sjaakpriester.nl/
MIT License
8 stars 12 forks source link

Disable registration #31

Open vandres opened 4 years ago

vandres commented 4 years ago

Is there an easy way to disable registration?

Background

We want to have a system, where only an admin role can create new users. Since the system is publicily, everyone could enter "/pluto/signup" in the browser. Especially some smart students :D

rossaddison commented 3 years ago 
'modules' => [
      'libra' => [
        'class' => 'sjaakp\pluto\Module',
        //'passwordFlags' => ['all' => 'captcha'],
        'passwordFlags' => ['all' => 'reveal'],
        'passwordHint' => Yii::t('app','At least eight characters, one uppercase, one digit'),
        'passwordRegexp' => '/^\S*(?=\S{8,})(?=\S*[a-z])(?=\S*[A-Z])(?=\S*[\d])\S*$/',
        'identityClass' => 'sjaakp\pluto\models\User',
        //prevent the external guest signing up of users until site is stable by setting fenceMode to true
    //if fenceMode is set to true you can still signup users internally as the user with 'admin' rights.
        //Default: No user including Admin has this permission ie. site is open to signup for everyone
        //Use: All users inherit the fencemode role. The fencemode role can switch between true and false 
        //with this permission either being assigned or not assigned.
        //ie. the site is open for signup or not.
        //'fenceMode'=>true,  
        'fenceMode' => !'User can Login but not Signup - Fence Mode On',
        'viewOptions' => [
           'row' => [ 'class' => 'row justify-content-center' ],
           'col' => [ 'class' => 'col-md-6 col-lg-5' ],
           'button' => [ 'class' => 'btn btn-success' ],
           'link' => [ 'class' => 'btn btn-sm btn-secondary' ],
        ],        
       ],
rossaddison commented 3 years ago

I suggest you start with fenceMode => true. This prevents external signing up. The admin though can signup users internally. Or you can create a permission eg. 'User can Login but not Signup - Fence Mode On' . Assign this permission to the student Role that you have created and then use an if statement eg.

if Yii::$app->user->can('User can Login but not Signup - Fence Mode On') to gain access to certain areas or...

in your main menu eg. 

['label' => Html::button(Yii::t('app','Admin'),['class'=>'btn btn-info btn-lg']),'url'=> '','visible'=>Yii::$app->user->can('Manage Admin'),
                 'items' => [
                            ['label' => str_repeat(" ", 2).Html::button(Yii::t('app','Role Management (Admin)'),['class'=>'btn btn-info btn-lg']), 'url' => ['/libra/role'],],
                            ['label' => str_repeat(" ", 2).Html::button(Yii::t('app','Update Admin'),['class'=>'btn btn-info btn-lg']), 'url' => ['/libra/role/update/admin'],],
                            ['label' => str_repeat(" ", 2).Html::button(Yii::t('app','Permission Management (Admin)'),['class'=>'btn btn-info btn-lg']), 'url' => ['/libra/permission'],],
                            ['label' => str_repeat(" ", 2).Html::button(Yii::t('app','Conditions/Rules Management (Admin)'),['class'=>'btn btn-info btn-lg']), 'url' => ['/libra/rule/index'],],
                            ['label' => str_repeat(" ", 2).Html::button(Yii::t('app','User Management (Support and Admin)'),['class'=>'btn btn-info btn-lg']), 'url' => ['/libra/user'],],
                            ['label' => str_repeat(" ", 2).Html::button(Yii::t('app','Delete a User'),['class'=>'btn btn-info btn-lg']), 'url' => ['/libra/delete'],],
                            ['label' => str_repeat(" ", 2).Html::button(Yii::t('app','Download User Data'),['class'=>'btn btn-info btn-lg']), 'url' => ['/libra/download'],],
                            ['label' => str_repeat(" ", 2).Html::button(Yii::t('app','Change User Name or Email Address'), ['class'=>'btn btn-info btn-lg']),'url' => ['/libra/settings'],],
                            ['label' => str_repeat(" ", 2).Html::button(Yii::t('app','User forgot their password'),['class'=>'btn btn-info btn-lg']), 'url' => ['/libra/forgot'],],
                            ['label' => str_repeat(" ", 2).Html::button(Yii::t('app','Signup a User'),['class'=>'btn btn-info btn-lg']), 'url' => ['/libra/signup'],],
                  ],
                ],
vandres commented 3 years ago

@rossaddison Thank you!