Jump to content

Temporarily lock out all from admin except superusers


Lars282
 Share

Recommended Posts

Hi all,

Is there a way to easily lock out all from login into the admin except superusers? I could not find anything on this issue.

I could write a small module, but I am sure that i am not the first person that needs this?

We have a larger site with multiple users maintaining content. I want to copy the entire site to a staging server, make some changes (setup of fields), test them, and copy the site back to production. I want to temporarily lock all users out so that the content does not change on production system between the copies. Or is there a better way to do this?

Thanks

Lars

Link to comment
Share on other sites

If you are happy with a quick hack, try this in your templates/admin.php file.

if($user->isLoggedIn() && !$user->isSuperuser()) {
    echo 'Sorry, login is temporarily disabled';
    return;
}
  • Like 1
Link to comment
Share on other sites

The maintenance mode module handles this on a per role basis so far more than what I would need.

Keep in mind that the maintenance mode and protected mode modules only limit access to the front-end of the site, not the admin panel, so won't work for your needs anyway.

  • Like 1
Link to comment
Share on other sites

  • 2 weeks later...

So I have created a small module to do this. In addition to preventing users from logging in, I also want to log out everyone, but cannot get this to work - does anyone have an idea why it does not log users out with the code below? Preventing login works fine. Am I hooking wrong? Thanks!

<?php

/**
 * 
 */

class SessionLoginDisable extends WireData implements Module {

	public static function getModuleInfo() {
		return array(
			'title' => 'Session Login Disable',
			'version' => 001,
			'summary' => 'Provides option to disable login for all users except superusers.',
			'author' => 'Lars Bergemann',
			'autoload' => TRUE,
			'singular' => TRUE
			);
	}

	public function init() {
		$this->addHookBefore('Session::allowLogin', $this, 'allowLogin');
		$this->addHookAfter('Session::isValidSession', $this, 'isValidSession'); //no effect currently
		$this->addHookBefore('ProcessLogin::execute', $this, 'disableLoginNotice');
	}
	
	public function allowLogin($event) {
		$name = $event->arguments[0];
		$user = strlen($name) ? $this->wire('users')->get("name=$name") : null;

		if(count($this->disable) > 0 && $user && $user->id && !$user->isSuperuser()) {
			$event->replace = true;
			return false;
		}

		return null;
	}

	public function isValidSession($event) {
		if ($event->return) {
			$userID = $event->arguments[0];
			$user = wire('users')->get($userID);
			if (count($this->disable) > 0 && $user && $user->id && !$user->isSuperuser()) {
				$event->return = false;
			}
		}
	}

	public function disableLoginNotice($event) {
		$this->error("Login currently disabled."); 
		return null;
	}

}

  • Like 1
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...