Users

In this section we’ll cover how you can create or register users, assign groups and permissions to users.

Sentry::createUser()

To create a new user you need to pass an array() of user fields into the create() method, please note, that the login field and the password are required, all the other fields are optional.

Param Required Default Type Description
$credentials true null array The user credentials and attributes.

Examples

Create a User and assign this new user an existing group.

  1. try
  2. {
  3.     // Create the user
  4.     $user = Sentry::createUser(array(
  5.         'email'     => 'john.doe@example.com',
  6.         'password'  => 'test',
  7.         'activated' => true,
  8.     ));
  10.     // Find the group using the group id
  11.     $adminGroup = Sentry::findGroupById(1);
  13.     // Assign the group to the user
  14.     $user->addGroup($adminGroup);
  15. }
  16. catch (Cartalyst\Sentry\Users\LoginRequiredException $e)
  17. {
  18.     echo 'Login field is required.';
  19. }
  20. catch (Cartalyst\Sentry\Users\PasswordRequiredException $e)
  21. {
  22.     echo 'Password field is required.';
  23. }
  24. catch (Cartalyst\Sentry\Users\UserExistsException $e)
  25. {
  26.     echo 'User with this login already exists.';
  27. }
  28. catch (Cartalyst\Sentry\Groups\GroupNotFoundException $e)
  29. {
  30.     echo 'Group was not found.';
  31. }

Create a new user and set permissions on this user.

This example does pretty much the same as the previous one with the exception that we are not assigning him any group, but we are granting this user some permissions.

  1. try
  2. {
  3.     // Create the user
  4.     $user = Sentry::createUser(array(
  5.         'email'       => 'john.doe@example.com',
  6.         'password'    => 'test',
  7.         'activated'   => true,
  8.         'permissions' => array(
  9.             'user.create' => -1,
  10.             'user.delete' => -1,
  11.             'user.view'   => 1,
  12.             'user.update' => 1,
  13.         ),
  14.     ));
  15. }
  16. catch (Cartalyst\Sentry\Users\LoginRequiredException $e)
  17. {
  18.     echo 'Login field is required.';
  19. }
  20. catch (Cartalyst\Sentry\Users\PasswordRequiredException $e)
  21. {
  22.     echo 'Password field is required.'
  23. }
  24. catch (Cartalyst\Sentry\Users\UserExistsException $e)
  25. {
  26.     echo 'User with this login already exists.';
  27. }

Exceptions

Below is a list of exceptions that this method can throw.

Exception Description
Cartalyst\Sentry\Users\LoginRequiredException When you don’t provide the required login field, this exception will be thrown.
Cartalyst\Sentry\Users\PasswordRequiredException When you don’t provide the password field, this exception will be thrown.
Cartalyst\Sentry\Users\UserExistsException This exception will be thrown when the user you are trying to create already exists on your database.
Cartalyst\Sentry\Groups\GroupNotFoundException This exception will be thrown when the group that’s being assigned to the user doesn’t exist.

Sentry::register()

Registering a user will require the user to be manually activated but you can bypass this passing a boolean of true as a second parameter.

If the user already exists but is not activated, it will create a new activation code.

Param Required Default Type Description
$credentials true null array The user credentials and attributes.
$activate false false boolean Flag to wether activate the user or not.

Example

  1. try
  2. {
  3.     // Let's register a user.
  4.     $user = Sentry::register(array(
  5.         'email'    => 'john.doe@example.com',
  6.         'password' => 'test',
  7.     ));
  9.     // Let's get the activation code
  10.     $activationCode = $user->getActivationCode();
  12.     // Send activation code to the user so he can activate the account
  13. }
  14. catch (Cartalyst\Sentry\Users\LoginRequiredException $e)
  15. {
  16.     echo 'Login field is required.';
  17. }
  18. catch (Cartalyst\Sentry\Users\PasswordRequiredException $e)
  19. {
  20.     echo 'Password field is required.';
  21. }
  22. catch (Cartalyst\Sentry\Users\UserExistsException $e)
  23. {
  24.     echo 'User with this login already exists.';
  25. }

Exceptions

Below is a list of exceptions that this method can throw.

Exception Description
Cartalyst\Sentry\Users\LoginRequiredException When you don’t provide the required login field, this exception will be thrown.
Cartalyst\Sentry\Users\PasswordRequiredException When you don’t provide the required password field, this exception will be thrown.
Cartalyst\Sentry\Users\UserExistsException This exception will be thrown when the user you are trying to create already exists on your database.

Update a User

Updating users information is very easy with Sentry, you just need to find the user you want to update and update their information. You can add or remove groups from users as well.

Examples

In this example we are just updating the user information.

Note: If you provide another email address, and that email address is already registered in your system, the following Exception Cartalyst\Sentry\Users\UserExistsException will be thrown.

  1. try
  2. {
  3.     // Find the user using the user id
  4.     $user = Sentry::findUserById(1);
  6.     // Update the user details
  7.     $user->email = 'john.doe@example.com';
  8.     $user->first_name = 'John';
  10.     // Update the user
  11.     if ($user->save())
  12.     {
  13.         // User information was updated
  14.     }
  15.     else
  16.     {
  17.         // User information was not updated
  18.     }
  19. }
  20. catch (Cartalyst\Sentry\Users\UserExistsException $e)
  21. {
  22.     echo 'User with this login already exists.';
  23. }
  24. catch (Cartalyst\Sentry\Users\UserNotFoundException $e)
  25. {
  26.     echo 'User was not found.';
  27. }

Assign a new Group to a User

In this example we are assigning the provided Group to the provided User.

Note: If the provided Group is not found an Exception Cartalyst\Sentry\Groups\GroupNotFoundException will be thrown.

  1. try
  2. {
  3.     // Find the user using the user id
  4.     $user = Sentry::findUserById(1);
  6.     // Find the group using the group id
  7.     $adminGroup = Sentry::findGroupById(1);
  9.     // Assign the group to the user
  10.     if ($user->addGroup($adminGroup))
  11.     {
  12.         // Group assigned successfully
  13.     }
  14.     else
  15.     {
  16.         // Group was not assigned
  17.     }
  18. }
  19. catch (Cartalyst\Sentry\Users\UserNotFoundException $e)
  20. {
  21.     echo 'User was not found.';
  22. }
  23. catch (Cartalyst\Sentry\Groups\GroupNotFoundException $e)
  24. {
  25.     echo 'Group was not found.';
  26. }

Remove a Group from the User

In this example we are removing the provided Group from the provided User.

Note: If the provided Group is not found an Exception Cartalyst\Sentry\Groups\GroupNotFoundException will be thrown.

  1. try
  2. {
  3.     // Find the user using the user id
  4.     $user = Sentry::findUserById(1);
  6.     // Find the group using the group id
  7.     $adminGroup = Sentry::findGroupById(1);
  9.     // Assign the group to the user
  10.     if ($user->removeGroup($adminGroup))
  11.     {
  12.         // Group removed successfully
  13.     }
  14.     else
  15.     {
  16.         // Group was not removed
  17.     }
  18. }
  19. catch (Cartalyst\Sentry\Users\UserNotFoundException $e)
  20. {
  21.     echo 'User was not found.';
  22. }
  23. catch (Cartalyst\Sentry\Groups\GroupNotFoundException $e)
  24. {
  25.     echo 'Group was not found.';
  26. }

Update the User details and assign a new Group

This is a combination of the previous examples, where we are updating the user information and assigning a new Group the provided User.

Note: If the provided Group is not found an Exception Cartalyst\Sentry\Groups\GroupNotFoundException will be thrown.

  1. try
  2. {
  3.     // Find the user using the user id
  4.     $user = Sentry::findUserById(1);
  6.     // Find the group using the group id
  7.     $adminGroup = Sentry::findGroupById(1);
  9.     // Assign the group to the user
  10.     if ($user->addGroup($adminGroup))
  11.     {
  12.         // Group assigned successfully
  13.     }
  14.     else
  15.     {
  16.         // Group was not assigned
  17.     }
  19.     // Update the user details
  20.     $user->email = 'john.doe@example.com';
  21.     $user->first_name = 'John';
  23.     // Update the user
  24.     if ($user->save())
  25.     {
  26.         // User information was updated
  27.     }
  28.     else
  29.     {
  30.         // User information was not updated
  31.     }
  32. }
  33. catch (Cartalyst\Sentry\Users\UserExistsException $e)
  34. {
  35.     echo 'User with this login already exists.';
  36. }
  37. catch (Cartalyst\Sentry\Users\UserNotFoundException $e)
  38. {
  39.     echo 'User was not found.';
  40. }
  41. catch (Cartalyst\Sentry\Groups\GroupNotFoundException $e)
  42. {
  43.     echo 'Group was not found.';
  44. }

Exceptions

Below is a list of exceptions that the methods can throw.

Exception Description
Cartalyst\Sentry\Users\LoginRequiredException When you don’t provide the required login field, this exception will be thrown.
Cartalyst\Sentry\Users\UserExistsException This exception will be thrown when the user you are trying to create already exists in your database.
Cartalyst\Sentry\Users\UserNotFoundException If the provided user was not found, this exception will be thrown.
Cartalyst\Sentry\Groups\GroupNotFoundException This exception will be thrown when the group that’s being assigned to the user doesn’t exist.

Delete a user

Deleting users is very simple and easy.

Example

  1. try
  2. {
  3.     // Find the user using the user id
  4.     $user = Sentry::findUserById(1);
  6.     // Delete the user
  7.     $user->delete();
  8. }
  9. catch (Cartalyst\Sentry\Users\UserNotFoundException $e)
  10. {
  11.     echo 'User was not found.';
  12. }

Exceptions

Below is a list of exceptions that the methods can throw.

Exception Description
Cartalyst\Sentry\Users\UserNotFoundException If the provided user was not found, this exception will be thrown.

Activating a User

User activation is very easy with Sentry, you need to first find the user you want to activate, then use the attemptActivation() method and provide the activation code, if the activation passes it will return true otherwise, it will return false .

Note: If the user you are trying to activate, is already activated, the following Exception Cartalyst\Sentry\Users\UserAlreadyActivatedException will be thrown.

Example

  1. try
  2. {
  3.     // Find the user using the user id
  4.     $user = Sentry::findUserById(1);
  6.     // Attempt to activate the user
  7.     if ($user->attemptActivation('8f1Z7wA4uVt7VemBpGSfaoI9mcjdEwtK8elCnQOb'))
  8.     {
  9.         // User activation passed
  10.     }
  11.     else
  12.     {
  13.         // User activation failed
  14.     }
  15. }
  16. catch (Cartalyst\Sentry\Users\UserNotFoundException $e)
  17. {
  18.     echo 'User was not found.';
  19. }
  20. catch (Cartalyst\Sentry\Users\UserAlreadyActivatedException $e)
  21. {
  22.     echo 'User is already activated.';
  23. }

Exceptions

Below is a list of exceptions that the methods can throw.

Exception Description
Cartalyst\Sentry\Users\UserAlreadyActivatedException If the provided user is already activated, this exception will be thrown.
Cartalyst\Sentry\Users\UserNotFoundException If the provided user was not found, this exception will be thrown.

Reset a User Password

In this section you will learn how easy it is to reset a user password with Sentry 2.

Step 1

The first step is to get a password reset code, to do this we use the
getResetPasswordCode() method.

Example
  1. try
  2. {
  3.     // Find the user using the user email address
  4.     $user = Sentry::findUserByLogin('john.doe@example.com');
  6.     // Get the password reset code
  7.     $resetCode = $user->getResetPasswordCode();
  9.     // Now you can send this code to your user via email for example.
  10. }
  11. catch (Cartalyst\Sentry\Users\UserNotFoundException $e)
  12. {
  13.     echo 'User was not found.';
  14. }

Step 2

After your user received the password reset code you need to provide a way for them to validate that code, and reset their password.

All the logic part on how you pass the reset password code is all up to you.

Example

  1. try
  2. {
  3.     // Find the user using the user id
  4.     $user = Sentry::findUserById(1);
  6.     // Check if the reset password code is valid
  7.     if ($user->checkResetPasswordCode('8f1Z7wA4uVt7VemBpGSfaoI9mcjdEwtK8elCnQOb'))
  8.     {
  9.         // Attempt to reset the user password
  10.         if ($user->attemptResetPassword('8f1Z7wA4uVt7VemBpGSfaoI9mcjdEwtK8elCnQOb', 'new_password'))
  11.         {
  12.             // Password reset passed
  13.         }
  14.         else
  15.         {
  16.             // Password reset failed
  17.         }
  18.     }
  19.     else
  20.     {
  21.         // The provided password reset code is Invalid
  22.     }
  23. }
  24. catch (Cartalyst\Sentry\Users\UserNotFoundException $e)
  25. {
  26.     echo 'User was not found.';
  27. }

Exceptions

Below is a list of exceptions that the methods can throw.

Exception Description
Cartalyst\Sentry\Users\UserNotFoundException If the provided user was not found, this exception will be thrown.

Finding Users

Finding users can sometimes be difficult and harsh, well, Sentry provides you simple methods to find your users.

Get the Current Logged in User

Returns the user that’s set with Sentry, does not check if a user is logged in or not. To do that, use check() instead.

  1. try
  2. {
  3.     // Get the current active/logged in user
  4.     $user = Sentry::getUser();
  5. }
  6. catch (Cartalyst\Sentry\Users\UserNotFoundException $e)
  7. {
  8.     // User wasn't found, should only happen if the user was deleted
  9.     // when they were already logged in or had a "remember me" cookie set
  10.     // and they were deleted.
  11. }

Find all the Users

This will return all the users.

  1. $users = Sentry::findAllUsers();

Find all the Users with access to a permissions(s)

Finds all users with access to a permission(s).

  1. // Feel free to pass a string for just one permission instead
  2. $users = Sentry::findAllUsersWithAccess(array('admin', 'other'));

Find all the Users in a Group

Finds all users assigned to a group.

  1. $group = Sentry::findGroupByName('admin');
  3. $users = Sentry::findAllUsersInGroup($group);

Find a User by their Credentials

Find a user by an array of credentials, which must include the login column. Hashed fields will be hashed and checked against their value in the database.

  1. try
  2. {
  3.     $user = Sentry::findUserByCredentials(array(
  4.         'email'      => 'john.doe@example.com',
  5.         'password'   => 'test',
  6.         'first_name' => 'John',
  7.     ));
  8. }
  9. catch (Cartalyst\Sentry\Users\UserNotFoundException $e)
  10. {
  11.     echo 'User was not found.';
  12. }

Find a User by their Id

Find a user by their ID.

  1. try
  2. {
  3.     $user = Sentry::findUserById(1);
  4. }
  5. catch (Cartalyst\Sentry\Users\UserNotFoundException $e)
  6. {
  7.     echo 'User was not found.';
  8. }

Find a User by their Login Id

Find a user by their login ID.

  1. try
  2. {
  3.     $user = Sentry::findUserByLogin('john.doe@example.com');
  4. }
  5. catch (Cartalyst\Sentry\Users\UserNotFoundException $e)
  6. {
  7.     echo 'User was not found.';
  8. }

Find a User by their Activation Code

Find a user by their registration activation code.

  1. try
  2. {
  3.     $user = Sentry::findUserByActivationCode('8f1Z7wA4uVt7VemBpGSfaoI9mcjdEwtK8elCnQOb');
  4. }
  5. catch (Cartalyst\Sentry\Users\UserNotFoundException $e)
  6. {
  7.     echo 'User was not found.';
  8. }

Find a User by their Reset Password Code

Find a user by their reset password code.

  1. try
  2. {
  3.     $user = Sentry::findUserByResetPasswordCode('8f1Z7wA4uVt7VemBpGSfaoI9mcjdEwtK8elCnQOb');
  4. }
  5. catch (Cartalyst\Sentry\Users\UserNotFoundException $e)
  6. {
  7.     echo 'User was not found.';
  8. }

Exceptions

Below is a list of exceptions that the methods can throw.

Exception Description
Cartalyst\Sentry\Users\UserNotFoundException If the provided user was not found, this exception will be thrown.

Helpers

checkPassword()

Checks if the provided password matches the user’s current password.

  1. try
  2. {
  3.     // Find the user using the user id
  4.     $user = Sentry::findUserById(1);
  6.     if($user->checkPassword('mypassword'))
  7.     {
  8.         echo 'Password matches.';
  9.     }
  10.     else
  11.     {
  12.         echo 'Password does not match.';
  13.     }
  14. }
  15. catch (Cartalyst\Sentry\Users\UserNotFoundException $e)
  16. {
  17.     echo 'User was not found.';
  18. }

getGroups()

Returns the user groups.

  1. try
  2. {
  3.     // Find the user using the user id
  4.     $user = Sentry::findUserByID(1);
  6.     // Get the user groups
  7.     $groups = $user->getGroups();
  8. }
  9. catch (Cartalyst\Sentry\Users\UserNotFoundException $e)
  10. {
  11.     echo 'User was not found.';
  12. }

getPermissions()

Returns the user permissions.

  1. try
  2. {
  3.     // Find the user using the user id
  4.     $user = Sentry::findUserByID(1);
  6.     // Get the user permissions
  7.     $permissions = $user->getPermissions();
  8. }
  9. catch (Cartalyst\Sentry\Users\UserNotFoundException $e)
  10. {
  11.     echo 'User was not found.';
  12. }

getMergedPermissions()

Returns an array of merged permissions from groups and the user permissions.

  1. try
  2. {
  3.     // Find the user using the user id
  4.     $user = Sentry::getUserProvider()->findById(1);
  6.     // Get the user permissions
  7.     $permissions = $user->getMergedPermissions();
  8. }
  9. catch (Cartalyst\Sentry\Users\UserNotFoundException $e)
  10. {
  11.     echo 'User was not found.';
  12. }

hasAccess($permission)

Checks to see if a user been granted a certain permission. This includes any
permissions given to them by groups they may be apart of as well. Users may
also have permissions with a value of ‘-1’. This value is used to deny users of
permissions that may have been assigned to them from a group.

Any user with superuser permissions automatically has access to everything,
regardless of the user permissions and group permissions.

  1. try
  2. {
  3.     // Find the user using the user id
  4.     $user = Sentry::findUserByID(1);
  6.     // Check if the user has the 'admin' permission. Also,
  7.     // multiple permissions may be used by passing an array
  8.     if ($user->hasAccess('admin'))
  9.     {
  10.         // User has access to the given permission
  11.     }
  12.     else
  13.     {
  14.         // User does not have access to the given permission
  15.     }
  16. }
  17. catch (Cartalyst\Sentry\UserNotFoundException $e)
  18. {
  19.     echo 'User was not found.';
  20. }

hasAnyAccess($permissions)

This method calls the hasAccess() method, and it is used to check if an user
has access to any of the provided permissions.

If one of the provided permissions is found it will return true even though the
user may not have access to the other provided permissions.

  1. try
  2. {
  3.     // Find the user using the user id
  4.     $user = Sentry::getUserProvider()->findById(1);
  6.     // Check if the user has the 'admin' and 'foo' permission.
  7.     if ($user->hasAnyAccess(array('admin', 'foo')))
  8.     {
  9.         // User has access to one of the given permissions
  10.     }
  11.     else
  12.     {
  13.         // User does not have access to any of the given permissions
  14.     }
  15. }
  16. catch (Cartalyst\Sentry\UserNotFoundException $e)
  17. {
  18.     echo 'User was not found.';
  19. }

isActivated()

Checks if a user is activated.

  1. try
  2. {
  3.     // Find the user
  4.     $user = Sentry::findUserByLogin('jonh.doe@example.com');
  6.     // Check if the user is activated or not
  7.     if ($user->isActivated())
  8.     {
  9.         // User is Activated
  10.     }
  11.     else
  12.     {
  13.         // User is Not Activated
  14.     }
  15. }
  16. catch (Cartalyst\Sentry\Users\UserNotFoundException $e)
  17. {
  18.     echo 'User was not found.';
  19. }

isSuperUser()

Returns if the user is a super user, it means, that has access to everything regardless of permissions.

  1. try
  2. {
  3.     // Find the user
  4.     $user = Sentry::findUserByLogin('jonh.doe@example.com');
  6.     // Check if this user is a super user
  7.     if ($user->isSuperUser())
  8.     {
  9.         // User is a super user
  10.     }
  11.     else
  12.     {
  13.         // User is not a super user
  14.     }
  15. }
  16. catch (Cartalyst\Sentry\Users\UserNotFoundException $e)
  17. {
  18.     echo 'User was not found.';
  19. }

inGroup($group)

Checks if a user is in a certain group.

  1. try
  2. {
  3.     // Find the user using the user id
  4.     $user = Sentry::findUserByID(1);
  6.     // Find the Administrator group
  7.     $admin = Sentry::findGroupByName('Administrator');
  9.     // Check if the user is in the administrator group
  10.     if ($user->inGroup($admin))
  11.     {
  12.         // User is in Administrator group
  13.     }
  14.     else
  15.     {
  16.         // User is not in Administrator group
  17.     }
  18. }
  19. catch (Cartalyst\Sentry\Users\UserNotFoundException $e)
  20. {
  21.     echo 'User was not found.';
  22. }
  23. catch (Cartalyst\Sentry\Groups\GroupNotFoundException $e)
  24. {
  25.     echo 'Group was not found.';
  26. }