PHPackages                             fromholdio/silverstripe-configured-groups - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Security](/categories/security)
4. /
5. fromholdio/silverstripe-configured-groups

ActiveSilverstripe-vendormodule[Security](/categories/security)

fromholdio/silverstripe-configured-groups
=========================================

Use configuration to define security groups

3.0.0(7mo ago)04201BSD-3-ClausePHP

Since Feb 22Pushed 7mo ago1 watchersCompare

[ Source](https://github.com/fromholdio/silverstripe-configured-groups)[ Packagist](https://packagist.org/packages/fromholdio/silverstripe-configured-groups)[ Docs](https://github.com/fromholdio/silverstripe-configured-groups)[ RSS](/packages/fromholdio-silverstripe-configured-groups/feed)WikiDiscussions master Synced 1mo ago

READMEChangelog (4)Dependencies (1)Versions (8)Used By (1)

silverstripe-configured-groups
==============================

[](#silverstripe-configured-groups)

Silverstripe module that provides mechanism to configure security groups via yml config.

Requirements
------------

[](#requirements)

- 2.x branch currently supports both SilverStripe 4 &amp; 5.

Rationale
---------

[](#rationale)

For many sites, the core security groups and their key permissions should not be changed by CMS users.

It leaves open the possibility of users breaking permission configurations, deletion of groups that would have consequential impacts throughout the site, and so forth.

Having these managed via CMS also means that developers moving &amp; deploying between environments must port group configurations manually.

Instead, this module provides yml config:

- Configuration of groups, and their assigned permissions, initialised on dev/build
- If no ADMIN group is configured, the default 'administrators' group will remain in place
- Can force only configured groups as root groups (ie. CMS user cannot add new top-level groups)
- On per configured group basis, dis/allow CMS users adding new sub-groups (by extension, allowing or preventing CMS users adding new groups at all)
- Can force only configured permissions per group (ie. any permissions set via CMS checkbox, that are not in yml config, are deleted on dev/build)
- For configured groups, title, description and parent cms fields are read-only
- Where a configured group's permissions are set to only a configured set, the permissions checkbox set is read-only
- A configured group can be marked as hidden, and will not be displayed to users who are not direct members of that group (used to obfuscate the administrators group when only utilised by developers, for instance)

Installation
------------

[](#installation)

Install the module using composer:

```
composer require fromholdio/silverstripe-configured-groups dev-master

```

Then apply your own group configuration (see below) and run dev/build.

Config examples
---------------

[](#config-examples)

- Out of the box, no configuration is applied, only the extension itself. You need to compose your groups configuration per example below:

```
SilverStripe\Security\Group:
  is_configured_root_groups_only: true      # only configured groups as top-level (cms users cannot add new with parentID 0)
  is_configured_permissions_only: true      # only configured permissions on this group (others deleted during dev/build)
  configured_groups:
    administrators:                         # configured group code
      title: Administrators
      sort: 0
      is_hidden: true                       # hides group from view of non-direct-members
      permissions:                          # array of permission codes
        - ADMIN
    managers:
      title: Site managers
      description: 'Primary non-developer super-user account type'
      sort: 1
      is_configured_children_only: true     # only configured groups as sub-groups (cms users cannot add new groups with parent ID as this group's ID)
      permissions:
        - CMS_ACCESS_CMSMain
        - CMS_ACCESS_AssetAdmin
        - CMS_ACCESS_ReportAdmin
        - CMS_ACCESS_SecurityAdmin
        - SITETREE_REORGANISE
        - EDIT_SITECONFIG
    previewers:
      title: Previewers
      sort: 2
      children:
        previewer-special:
          title: 'Special previewers'
          sort: 0
          permissions:
            - CMS_ACCESS_CMSMain
            - VIEW_DRAFT_CONTENT
        previewer-okay:
          title: 'Just okay previewers'
          sort: 1
          permissions:
            - VIEW_DRAFT_CONTENT
```

License
-------

[](#license)

BSD 3-Clause License, see [License](LICENSE)

###  Health Score

38

—

LowBetter than 85% of packages

Maintenance62

Regular maintenance activity

Popularity15

Limited adoption so far

Community9

Small or concentrated contributor base

Maturity54

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~261 days

Total

6

Last Release

234d ago

Major Versions

1.x-dev → 2.0.02023-05-17

2.x-dev → 3.0.02025-09-20

### Community

Maintainers

![](https://www.gravatar.com/avatar/40e135ad117686bee39707c1d9286cc5e915e219c26a10d13858ca44d14f1eb0?d=identicon)[dizzystuff](/maintainers/dizzystuff)

---

Top Contributors

[![dizzystuff](https://avatars.githubusercontent.com/u/576903?v=4)](https://github.com/dizzystuff "dizzystuff (7 commits)")

---

Tags

configurationsecuritysilverstripecmsgroups

### Embed Badge

![Health badge](/badges/fromholdio-silverstripe-configured-groups/health.svg)

```
[![Health](https://phpackages.com/badges/fromholdio-silverstripe-configured-groups/health.svg)](https://phpackages.com/packages/fromholdio-silverstripe-configured-groups)
```

###  Alternatives

[bringyourownideas/silverstripe-maintenance

Toolset to help with the day by day maintenance work.

32221.8k4](/packages/bringyourownideas-silverstripe-maintenance)[bringyourownideas/silverstripe-composer-security-checker

Provides information if your SilverStripe application uses dependencies with known vulnerabilities.

11103.9k2](/packages/bringyourownideas-silverstripe-composer-security-checker)[feejin/silverstripe-securitytemplates

Custom security templates to mirror CMS

128.1k1](/packages/feejin-silverstripe-securitytemplates)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)