Manage user access to SilverStripe CMS by adding, editing, and removing user accounts.
Prerequisites
- Admin access to SilverStripe CMS
- Understanding of SilverStripe permission groups
Adding Users via CMS
Step 1: Access Security Section
- Log in to SilverStripe CMS
- Click Security in the left sidebar
- Select Users tab
Step 2: Create New User
- Click Add Member
- Fill in required fields:
- First Name
- Surname
- Email (must be unique)
- Password
Step 3: Assign Groups
- Go to Groups tab
- Select appropriate groups (e.g., "Administrators", "Content Authors")
- Click Save
User Groups
Default Groups
- Administrators: Full CMS access
- Content Authors: Can edit content
- Content Publishers: Can publish pages
Custom Groups
Create custom groups in Security > Groups > Add Group
Adding Users Programmatically
Via Build Task
File: app/src/Tasks/CreateUserTask.php
<?php
namespace App\Tasks;
use SilverStripe\Dev\BuildTask;
use SilverStripe\Security\Member;
use SilverStripe\Security\Group;
class CreateUserTask extends BuildTask
{
private static $segment = 'create-user';
protected $title = 'Create CMS User';
protected $description = 'Creates a new CMS user';
public function run($request)
{
$member = Member::create();
$member->FirstName = 'John';
$member->Surname = 'Doe';
$member->Email = 'john@example.com';
$member->setPassword('SecurePassword123!');
$member->write();
// Add to administrators group
$adminGroup = Group::get()->filter('Code', 'administrators')->first();
if ($adminGroup) {
$member->Groups()->add($adminGroup);
}
echo "User created: {$member->Email}\n";
}
}
Run:
sake dev/tasks/create-user
Editing Users
Via CMS
- Security > Users
- Click user to edit
- Modify fields
- Save
Change Password
- Open user
- Go to Password field
- Enter new password
- Confirm password
- Save
Removing Users
Via CMS
- Security > Users
- Select user
- Click Delete
- Confirm deletion
Warning: Deletion is permanent.
Alternative: Deactivate User
Better practice than deletion:
File: app/src/Extensions/MemberExtension.php
<?php
namespace App\Extensions;
use SilverStripe\ORM\DataExtension;
use SilverStripe\Forms\FieldList;
use SilverStripe\Forms\CheckboxField;
class MemberExtension extends DataExtension
{
private static $db = [
'IsActive' => 'Boolean',
];
private static $defaults = [
'IsActive' => true,
];
public function updateCMSFields(FieldList $fields)
{
$fields->addFieldToTab(
'Root.Main',
CheckboxField::create('IsActive', 'User is active')
);
}
}
Register extension:
SilverStripe\Security\Member:
extensions:
- App\Extensions\MemberExtension
Bulk User Management
Import Users from CSV
File: app/src/Tasks/ImportUsersTask.php
<?php
namespace App\Tasks;
use SilverStripe\Dev\BuildTask;
use SilverStripe\Security\Member;
use SilverStripe\Security\Group;
class ImportUsersTask extends BuildTask
{
private static $segment = 'import-users';
public function run($request)
{
$csvFile = BASE_PATH . '/users.csv';
$handle = fopen($csvFile, 'r');
// Skip header row
fgetcsv($handle);
while (($data = fgetcsv($handle)) !== false) {
$member = Member::create();
$member->FirstName = $data[0];
$member->Surname = $data[1];
$member->Email = $data[2];
$member->setPassword($data[3]);
$member->write();
echo "Created: {$member->Email}\n";
}
fclose($handle);
}
}
CSV Format (users.csv):
FirstName,Surname,Email,Password
John,Doe,john@example.com,password123
Jane,Smith,jane@example.com,password456
Security Best Practices
Password Requirements
File: app/_config/config.yml
SilverStripe\Security\Member:
password_validator:
min_length: 8
require_digits: true
require_lowercase: true
require_uppercase: true
Lock Accounts After Failed Logins
SilverStripe\Security\Member:
lock_out_after_incorrect_logins: 5
lock_out_delay_mins: 15
Troubleshooting
Can't Create User
Error: Email already exists
Solution: Email must be unique. Check if user exists.
Password Not Working
Solution:
- Verify password meets requirements
- Check no extra spaces
- Use "Forgot Password" link