Jimbo Plugin

Jimbo Plugin is a system plugin that provides all essential functionalities for creating an admin panel within the Festi Framework. It includes authentication, settings management, routing, making it easy to build and manage administrative interfaces.

For install and update plugins use url:

/festi/install/

Settings

SETTING_KEY_NON_AUTH_EXCEPTION

The SETTING_KEY_NON_AUTH_EXCEPTION setting controls whether the plugin should throw an exception for unauthorized access attempts on non-auth URLs, rather than redirecting users to the login form.

$plugin->addSetting(JimboPlugin::SETTING_KEY_NON_AUTH_EXCEPTION, true);

URL Rules

Non-Auth URL Rule

The Non-Auth URL Rule allows specific URLs to be accessed without requiring user authentication. This is useful for public routes such as login, signup, password recovery, or API endpoints.

Adding Non-Auth URLs

You can directly add non-auth URLs by defining them within your plugin code.

$plugin = Core::getInstance()->getSystemPlugin('Jimbo');
$plugin->addNonAuthUrl('/custom/public/url/');

Adding Non-Auth URLs Using Events

To add non-auth URLs through an event, use the ConfigureRequestUrlRulesEvent. This method is ideal for setting non-auth routes during plugin initialization.

$this->addEventListener(
    ConfigureRequestUrlRulesEvent::EVENT_TYPE,
    function (ConfigureRequestUrlRulesEvent $event) {
        $event->addNonAuthUrl('/public/url/');
    }
);

Supporting Regular Expressions

You can also define non-auth URLs using regular expressions for more dynamic routing.

'#^/api/public/.*#'

Menu

Menu items are stored in the festi_menus table. Visibility is controlled by festi_menu_permissions (role-based) or by festi_sections (permission section-based).

Areas

Areas are custom strings stored in festi_url_areas. A project can define any areas it needs, but the two conventional ones are:

Area	Usage
backend	Admin panel
default	Frontend website

Retrieving menu items in a template

getStructureMenu(string $area) returns IMenuItem[] — ready-to-render objects, not plain arrays.

$items = $this->core->getSystemPlugin()->getStructureMenu('default');

Pass the result directly to mainNavbar()->setMenuItems():

$mainNav = $this->ui->mainNavbar()
    ->setLogoUrl('/static/images/logo.png')
    ->setMenuItems($items)
    ->fetch();

Adding a menu item (CLI)

Use festi-dgs-exec with --access-token (the token from the access_token column on the users table):

./vendor/bin/festi-dgs-exec \
  --plugin Jimbo \
  --dgs festi_menus \
  --action insert \
  --values '{"caption":"My Item","url":"/my-url/","order_n":10,"area":"default"}' \
  --path src/site \
  --access-token <token>

List existing items:

./vendor/bin/festi-dgs-exec --plugin Jimbo --dgs festi_menus --action list \
  --path src/site --access-token <token>

Remove an item by id:

./vendor/bin/festi-dgs-exec --plugin Jimbo --dgs festi_menus --action remove \
  --values '{"id":42}' --path src/site --access-token <token>

Anonymous (unauthenticated) users

Anonymous users have role DefaultUser::TYPE_ANONYM = -1. To make a menu item visible to guests, add a festi_menu_permissions row with id_role = -1:

INSERT INTO festi_menu_permissions (id_role, id_menu) VALUES (-1, :id_menu);

Section-based visibility

If id_section is set on a menu item, it is only shown when the user's granted mask for that section is > 0 (checked via festi_sections_user_types_permission). Items with id_section IS NULL rely solely on festi_menu_permissions.

Events

ConfigureRequestUrlRulesEvent

When you need to modify or add some rules for URL routing, you can use that event. Additionally, through that event, you are able to add a URL that will be accessible without authorization.

To use this event add init.php into your plugin directory.

• addNonAuthUrl method to add URL to whitelist for non-authenticated actions, e.g. webhooks etc.
• addUrlRule method to add new URL rule from code.

<?php

$this->addEventListener(
    ConfigureRequestUrlRulesEvent::EVENT_TYPE,
    function (ConfigureRequestUrlRulesEvent $event) {
        $event->addNonAuthUrl('/some/plugin/url/');

        $event->addUrlRule(' ~^/test/$~', 'Test', 'onDisplayTest');
    } 
);

RequestExceptionEvent

RequestExceptionEvent is dispatched when a permission exception is triggered.

ResponseErrorEvent

ResponseErrorEvent is dispatched when an exception occurs.

SignInErrorEvent

SignInErrorEvent is triggered when a user fails to sign in due to incorrect credentials, account restrictions, or other authentication errors. It allows handling failed login attempts, logging errors, or displaying custom messages.

SignInEvent

SignInEvent is triggered upon a successful user login. It allows executing additional actions like logging sign-ins, updating last login timestamps, or redirecting users to a specific page.

SignInRedirectEvent

SignInRedirectEvent is fired after a successful login but before redirecting the user. It enables customization of the redirection process, such as directing different user roles to specific pages.

SignOutEvent

SignOutEvent is triggered when a user logs out. It can be used to clear session data, log user activity, or perform other cleanup actions.