Form Customization

Show Only Users in the Same Group

 gourmet fare

Restrict Users List

Sometimes you want users to be able to see only certain users in the Manage Users lists. There is no setting in MODX for this; if a user can manage users he can manage all of them. Here's a plugin to limit that list to only users of the same group.

m_dimitris asked...

Is it possible when a user with manager access enters the manager to be able to see ONLY the users that belong to the same usergroup in user page?

The Solution:

Bruno17 says...

At least, you can restrict the listing in the grid to users in the primarygroup only of the current user with a plugin.

  if ($modx->context->get('key') == "mgr") {
    switch ($modx->event->name) {
      case 'OnMODXInit':
        $action = $modx->getOption('action', $_REQUEST, '');
        if ($action == 'security/user/getList') {
          $group = $modx->user->getPrimaryGroup();
          $_POST['usergroup'] = $group->get('id');
        }
        break;
    }
  }
  return;

Here's an expansion on the theme by Bruno17, how to restrict the usergroups within the usergroup - selectbox, when adding a user to usergroups:

if ($modx->context->get('key') == "mgr") {
  //exclude Sudo Users and Administrators from this restriction
  if ($modx->user->get('sudo')) { return; }
  if ($modx->user->isMember('Administrator')) { return; }
  switch ($modx->event->name) {
    case 'OnMODXInit':
      $action = $modx->getOption('action', $_REQUEST, '');
      //show only users in the grid, which are in the same group as the logged in users primary group
      if ($action == 'security/user/getList') {
        $group = $modx->user->getPrimaryGroup();
        $_POST['usergroup'] = $group->get('id');
      }
      //exclude all other groups from usergroup - selectbox
      if ($action == 'security/group/getlist') {
        $group = $modx->user->getPrimaryGroup();
        $primarygroup_id = $group->get('id');
        $c = $modx->newQuery('modUserGroup');
        if ($collection = $modx->getCollection('modUserGroup',$c)){
          foreach($collection as $object){
            $group_id = $object->get('id');
            if ($group_id != $primarygroup_id){
            $groups[] = $object->get('id');
          }
        }
      }
      $_POST['exclude'] = $groups;
    }
    break;
  }
}
return;

What's the Story?

This plugin, with its System Events set to OnMODXInit, will only show the Manager user a list of the users in the same group as his primary group.

You can exclude Sudo users from this restriction by adding a single line:

  if ($modx->context->get('key') == "mgr") {
    if ($modx->user->get('sudo')) { return; }
  ...

This will simply stop the plugin from continuing if the user is a Sudo user.

Note - it should be noted that "security/user/getList" uses an upper case L, while "security/group/getlist" uses a lower case l.