Skip to content

Pimcore Object, Asset and Document Restriction & Frontend Authentication

License

Notifications You must be signed in to change notification settings

dachcom-digital/pimcore-members

Repository files navigation

Pimcore Members Bundle

Add frontend user authentication and document restriction to pimcore.

Join the chat at https://gitter.im/pimcore/pimcore Software License Latest Release Tests PhpStan

Release Plan

Release Supported Pimcore Versions Supported Symfony Versions Release Date Maintained Branch
5.x 11.0 6.2 28.09.2023 Feature Branch master
4.x 10.5 - 10.6 5.4 22.11.2021 Unsupported 4.x
3.x 6.0 - 6.8 3.4, ^4.4 21.07.2019 Unsupported 3.x
2.5 5.4, 5.5, 5.6, 5.7, 5.8 3.4 18.07.2019 Unsupported 2.5
1.5 4.0 -- 07.07.2017 Unsupported pimcore4

Features

  • Create Members in backend
  • Allow Members to register in frontend
  • Restrict documents, objects and assets to specific user roles

Installation

Please read the installation instructions before going deep with Members!

Composer Installation

  1. Add code below to your composer.json
"require" : {
    "dachcom-digital/members" : "~5.0.0"
}

Add Bundle to bundles.php:

return [
    MembersBundle\MembersBundle::class => ['all' => true],
];
  • Execute: $ bin/console pimcore:bundle:install MembersBundle

Upgrading

  • Execute: $ bin/console doctrine:migrations:migrate --prefix 'MembersBundle\Migrations'

Optional: Class Installation

Read more about the required classes below).

bin/console members:install:class

Security Installation

It is not possible to merge security configurations from multiple locations, including bundles. Instead, you have to move them to one single config file, e.g. config/packages/security.yaml. Please adopt security_auth_manager.yaml and merge your own firewall configuration into one single file.

Route Installation

MembersBundle does not include any routes per default. Otherwise, it would be hard for you to change or override included routes.

Include all Routes

# config/routes.yaml
app:
    resource: '@MembersBundle/config/pimcore/routing/all.yaml'

Just include some Routes

# config/routes.yaml
members_auth:
    resource: '@MembersBundle/config/pimcore/routing/auth.yaml'
    prefix: /{_locale}/members #change your prefix if you have to.

Class Installation

Since Members should be the one and only frontend authentication bundle, we need to add the most flexibility as possible. But no worries, it's still simple to integrate.

There is also a class installer command. If you're not using any special class configuration, feel free to use this command: $ bin/console members:install:class Use the -o argument to also install the SsoIdentity Class

You need two classes: User and Group. So let's create it:

User

  1. Create a class and call it MembersUser
  2. Add parent class: \MembersBundle\Adapter\User\AbstractUser
  3. Add fields:
Name Field Type Comment
userName Input
email Input Note: Do not add this field if you're using the CMF.
confirmationToken Input must set to it read only
lastLogin Date & Time must set to it read only
password Password Hide it, if you want. Note: Do not add this field if you're using the CMF.
passwordRequestedAt Date & Time must set to it read only
groups User Group This field comes with Members

membersUser is the default name, you may want to change it. Read here how to achieve that.

Customer Data Framework

If you want to use the Customer Data Framework you need to do some further work. Read more about it here.

SSO Login

You want to enable the SSO Feature in Members? Read more about it here.

Group

  1. Create a class and call it MembersGroup
  2. Add parent class: \MembersBundle\Adapter\Group\AbstractGroup
  3. Add fields:
Name Field Type Comment
name Input
roles Multiselection Set "Options Provider Class or Service Name" to @MembersBundle\CoreExtension\Provider\RoleOptionsProvider

membersGroup is the default name, you may want to change it. Read here how to achieve that.

Feel free to add additional fields since those are just the required ones. That's it. Members will use those classes to manage authentication and group management.

Email Configuration

You're almost there, just check the email configuration and you're good to go.


User Management: Further Information


Restrictions

Learn more about the Members Restriction feature:


Single Sign On (SSO) with OAuth2

Upgrade Info

Before updating, please check our upgrade notes!

Copyright and license

Copyright: DACHCOM.DIGITAL
For licensing details please visit LICENSE.md