This application implements users and roles management and utilize Single Sign On (SSO) concept. The SSO is a term used to indicate when a pool of applications needs a centralized authentication, so that users login once and access to any application.
Implementing the single sign on concept for you application pool is quite simple, and can be done by using examples which are included to the package. The package contains simple and advanced examples how to connect your web sites and the users and roles management web site. The User Role Manager application performs users and roles management and helps to support Single Sign On (SSO) concept for your PHP applications without the need to create user management application again and again for each new web site. Also, you can use the same application and database with different domains using different configuration which can be linked to specific domain
Important: This implementation supports single sign-on approach for subdomains. The cross domain implementation is possible in the future.
Users can self register and activate their account or admin can to do that. Users are linked to specific domain(s) and roles can be split by domain. It means that a user can have different roles in different domain(s).
The User Role Management application uses a concept of Roles, designed to give the tool owner the ability to control and define what users can and cannot do. An owner of admin application can manage roles and users and allow access to such functions as creating role, creating users, assigning roles, managing other users.
For instance, the role of Admin encompasses every possible task that can be performed within User Role application. On the other hand, the Blocked role prevents to sing-in or execute any another action.
Each role is given names that highlight the core functional responsibilities of the role and each role has own color, name and settings properties. The settings property is used to keep text information which can be used as configuration string for different purposes by third party applications.
The role names are self speaking and the meaning is pretty clear. You can add new role and use it according to your needs. Unnecessary self-made role can be deleted if there are no users whom such role is assigned. Role assigned every new created user by default can be changed by you.
An authentication and authorization is a key requirement for many web applications which you want to develop. In order to do that a user (user) should have unique e-mail and password. This area allows creating and managing users. You can create, delete, assign a role to a user, or remove users from the role and control a user action by audit log. The application allows you to create API token which gives a possibility to use application functionality in other applications which need authentication and authorization? Also, you have a possibility to export/import users via CSV file. The format of the export file is very easy to understand and will be described on FAQ page.
This page contains the list of available domains, so you can use it to restrict profile fields visibility by domains. If you created a profile fields it will be visible for all domains by default. To change that click on the field name on the Fields page and click on "Restricted By Domains" or "Restricted By Roles" tab and check domains or roles which you need. You can select a user domain on the user edit dialog or it will be assigned during sign up process. The domain name will be set for a user during signup process or you can find the user on the Users page, click on the user name and set the user domain on the Domains tab.
A user should be able to log in to any subdomain and be logged in to another subdomain and the root domain.
This area provides an ability to create additional fields which keeps additional information about a user like country, city, address etc. You have the posibility to group the fields and define their type: it can be simple string or collection of values. The next release will have more types like date, date range, multiple selection collection etc. Any field can be included to sign up form.
The visibility of each profile field can be restricted by domain, role, or a mission (for inatnce signup form, admin use only etc.)
This area provides an ability to track what happens for admin application. The application support the following type of audit events: System, Application, API.
You have an ability to use this feature or switch it off. The audit log allows analyzing different type of events and provides extra information like a query string, request parameters, cookies, exception message and detail etc.
The last audit event will be always on top of event list. Each row will be collapsed if event description contains more than 80 words. Some rows will have the detail link which provides extra information about events.
This area contains a set of simple tools. Actually, at the moment, the application has only one item in this area. It is the PHP framework configuration info.
This area provides a set of options which help to adjust the application to your needs.
You have a possibility to create extra configuration as well and attach them to a domain. Each domain can have own a set of parameters.
The package contains three web applications: User Roles Manager and two example wed sites which demonstarte how to use it. Just drop content of UserRolesManager.Application to your Apache web site, run it in broswer and use installation wizard to set up all parameters. Also see more details below.
Maybe useful: Simple tutorials on setting up a LAMP stack on
Ubuntu 14.04 LTS and 12.04 LTS.
Another useful example: how to correctly install apache2, php5, mysql and phpmyadmin
The application is downloadable in zip archive, within which you'll find the following directories and files, logically grouping common resources and code files. The package contains five folders with web applications:
<VirtualHost *:80> ServerName accounts.localhost.com DocumentRoot [web site full path] ErrorLog [web site error log file full path] CustomLog [web site custome log file full path] <Directory [web site full path]> Require all granted RewriteEngine On Options Indexes FollowSymLinks MultiViews AllowOverride all Order allow,deny Allow from all </Directory> </VirtualHost>
<VirtualHost *:80> ServerName simple.localhost.com DocumentRoot [web site full path] ErrorLog [web site error log file full path] CustomLog [web site custome log file full path] <Directory [web site full path]> Require all granted RewriteEngine On Options Indexes FollowSymLinks MultiViews AllowOverride all Order allow,deny Allow from all </Directory> </VirtualHost>
<VirtualHost *:80> ServerName advanced.localhost.com DocumentRoot [web site full path] ErrorLog [web site error log file full path] CustomLog [web site custome log file full path] <Directory [web site full path]> Require all granted RewriteEngine On Options Indexes FollowSymLinks MultiViews AllowOverride all Order allow,deny Allow from all </Directory> </VirtualHost>
/* Setup domain and roles to your domain */ START TRANSACTION; SET @your_domain_name = N'your_domain_name'; INSERT INTO `domains` (`Name`, `Description`, `ThemePublic`, `ThemeAdmin`, ConfigID, `Created`, `Modified`) VALUES (@your_domain_name, N'The localhost management domain.', N'bootstrap', N'bootstrap', 0, NOW(), NULL); SET @your_domain_id = LAST_INSERT_ID(); INSERT INTO `domainusers`(`UserID`, `DomainID`) SELECT UserID,@your_domain_id FROM `users`; INSERT INTO `domainroles` (`DomainID`,`RoleID`) SELECT @your_domain_id, RoleID FROM `roles`; INSERT INTO `userroles` (`UserID`,`DomainID`, `RoleID`, `Created`) VALUES (1, @your_domain_id,1, NOW()); COMMIT;
© 2016 User Roles Management Tool Version: 1.0