MODX CMP User restriction Plugin

restirctusermanagement.plugin.php

<?php
if ($modx->context->get("key") == "mgr") {
    if ($modx->user->get("sudo") || $modx->user->isMember("Administrator")) {
        return;
    }

    switch ($modx->event->name) {
        case "OnMODXInit":
            $action = $modx->getOption("action", $_REQUEST, "");
        
            // hide users in grid by default
            if (
                $action == "security/user/getList" &&
                empty($_REQUEST["usergroup"])
            ) {
                $_POST["usergroup"] = 99999; // empty result
            }
        
            // exclude all other groups from usergroup - selectbox
            if (strtolower($action) == "security/group/getlist") {
                $_POST["exclude"] = [1, 2, 5]; // define group ids to hide
            }
        
            // exclude none from roles - selectbox
            if (strtolower($action) == "security/role/getlist") {
                $_POST["addNone"] = false;
            }
        
            // restrict edit for users not in group
            if ($_GET["a"] == "security/user/update") {
                $user = $modx->getObject("modUser", $_GET["id"]);
                if (!$user->isMember(["Attendees", "Member"])) { // define group names to edit
                    $_GET["id"] = 99999;
                }
            }
            break;
    }
}
return;