‪TYPO3CMS  10.4
FrontendBackendUserAuthentication.php
Go to the documentation of this file.
1 <?php
2 
3 /*
4  * This file is part of the TYPO3 CMS project.
5  *
6  * It is free software; you can redistribute it and/or modify it under
7  * the terms of the GNU General Public License, either version 2
8  * of the License, or any later version.
9  *
10  * For the full copyright and license information, please read the
11  * LICENSE.txt file that was distributed with this source code.
12  *
13  * The TYPO3 project - inspiring people to share!
14  */
15 
16 namespace ‪TYPO3\CMS\Backend;
17 
24 
31 {
37  public ‪$formfield_uname = '';
38 
44  public ‪$formfield_uident = '';
45 
52  public ‪$formfield_status = '';
53 
59  public ‪$writeStdLog = false;
60 
66  public ‪$writeAttemptLog = false;
67 
75  public function ‪backendCheckLogin($proceedIfNoUserIsLoggedIn = false)
76  {
77  if (empty($this->user['uid'])) {
78  return false;
79  }
80  // Check Hardcoded lock on BE
81  if (‪$GLOBALS['TYPO3_CONF_VARS']['BE']['adminOnly'] < 0) {
82  return false;
83  }
84  // Check IP mask based on TSconfig
85  if (!$this->‪checkLockToIP()) {
86  return false;
87  }
88  return $this->‪isUserAllowedToLogin();
89  }
90 
102  public function ‪allowedToEditLanguage($table, array $currentRecord): bool
103  {
104  // If no access right to record languages, return immediately
106  $languageAspect = GeneralUtility::makeInstance(Context::class)->getAspect('language');
107  if ($table === 'pages') {
108  $languageId = $languageAspect->getId();
109  } elseif ($table === 'tt_content') {
110  $languageId = $languageAspect->getContentId();
111  } elseif (‪$GLOBALS['TCA'][$table]['ctrl']['languageField']) {
112  $languageId = $currentRecord[‪$GLOBALS['TCA'][$table]['ctrl']['languageField']];
113  } else {
114  $languageId = -1;
115  }
116  return $this->‪checkLanguageAccess($languageId);
117  }
118 
128  public function ‪allowedToEdit(string $table, array $dataArray, array $conf, bool $checkEditAccessInternals): bool
129  {
130  // Unless permissions specifically allow it, editing is not allowed.
131  $mayEdit = false;
132  if ($checkEditAccessInternals) {
133  $editAccessInternals = $this->‪recordEditAccessInternals($table, $dataArray, false, false);
134  } else {
135  $editAccessInternals = true;
136  }
137  if ($editAccessInternals) {
138  $restrictEditingToRecordsOfCurrentPid = !empty($conf['onlyCurrentPid'] ?? false);
139  if ($this->‪isAdmin()) {
140  $mayEdit = true;
141  } elseif ($table === 'pages') {
142  if ($this->‪doesUserHaveAccess($dataArray, ‪Permission::PAGE_EDIT)) {
143  $mayEdit = true;
144  }
145  } else {
146  $pageOfEditableRecord = ‪BackendUtility::getRecord('pages', $dataArray['pid']);
147  if (is_array($pageOfEditableRecord) && $this->‪doesUserHaveAccess($pageOfEditableRecord, ‪Permission::CONTENT_EDIT) && !$restrictEditingToRecordsOfCurrentPid) {
148  $mayEdit = true;
149  }
150  }
151  // Check the permission of the "pid" that should be accessed, if not disabled.
152  if (!$restrictEditingToRecordsOfCurrentPid || $dataArray['pid'] == ‪$GLOBALS['TSFE']->id) {
153  // Permissions
154  if ($table === 'pages') {
155  $allow = $this->‪getAllowedEditActions($table, $conf, $dataArray['pid']);
156  // Can only display editbox if there are options in the menu
157  if (!empty($allow)) {
158  $mayEdit = true;
159  }
160  } else {
161  $perms = $this->‪calcPerms(‪$GLOBALS['TSFE']->page);
162  $types = ‪GeneralUtility::trimExplode(',', strtolower($conf['allow']), true);
163  $allow = array_flip($types);
164  $mayEdit = !empty($allow) && $perms & ‪Permission::CONTENT_EDIT;
165  }
166  }
167  }
168  return $mayEdit;
169  }
170 
179  public function ‪getAllowedEditActions($table, array $conf, $pid): array
180  {
181  $types = ‪GeneralUtility::trimExplode(',', strtolower($conf['allow']), true);
182  $allow = array_flip($types);
183  if (!$conf['onlyCurrentPid'] || $pid == ‪$GLOBALS['TSFE']->id) {
184  // Permissions
185  $types = ‪GeneralUtility::trimExplode(',', strtolower($conf['allow']), true);
186  $allow = array_flip($types);
187  $perms = $this->‪calcPerms(‪$GLOBALS['TSFE']->page);
188  if ($table === 'pages') {
189  // Rootpage
190  if (count(‪$GLOBALS['TSFE']->config['rootLine']) === 1) {
191  unset($allow['move']);
192  unset($allow['hide']);
193  unset($allow['delete']);
194  }
195  if (!($perms & ‪Permission::PAGE_EDIT) || !$this->‪checkLanguageAccess(0)) {
196  unset($allow['edit']);
197  unset($allow['move']);
198  unset($allow['hide']);
199  }
200  if (!($perms & ‪Permission::PAGE_DELETE)) {
201  unset($allow['delete']);
202  }
203  if (!($perms & ‪Permission::PAGE_NEW)) {
204  unset($allow['new']);
205  }
206  }
207  }
208  return $allow;
209  }
210 }
‪TYPO3\CMS\Backend\FrontendBackendUserAuthentication\$writeStdLog
‪bool $writeStdLog
Definition: FrontendBackendUserAuthentication.php:55
‪TYPO3\CMS\Core\Authentication\BackendUserAuthentication\recordEditAccessInternals
‪bool recordEditAccessInternals($table, $idOrRow, $newRecord=false, $deletedRecord=false, $checkFullLanguageAccess=false)
Definition: BackendUserAuthentication.php:779
‪TYPO3\CMS\Core\Type\Bitmask\Permission\PAGE_NEW
‪const PAGE_NEW
Definition: Permission.php:48
‪TYPO3\CMS\Backend\FrontendBackendUserAuthentication
Definition: FrontendBackendUserAuthentication.php:31
‪TYPO3\CMS\Backend
‪TYPO3\CMS\Core\Authentication\BackendUserAuthentication\calcPerms
‪int calcPerms($row)
Definition: BackendUserAuthentication.php:568
‪TYPO3\CMS\Core\Authentication\BackendUserAuthentication\isAdmin
‪bool isAdmin()
Definition: BackendUserAuthentication.php:292
‪TYPO3\CMS\Backend\FrontendBackendUserAuthentication\$writeAttemptLog
‪bool $writeAttemptLog
Definition: FrontendBackendUserAuthentication.php:61
‪TYPO3\CMS\Backend\FrontendBackendUserAuthentication\$formfield_status
‪string $formfield_status
Definition: FrontendBackendUserAuthentication.php:49
‪TYPO3\CMS\Backend\FrontendBackendUserAuthentication\$formfield_uident
‪string $formfield_uident
Definition: FrontendBackendUserAuthentication.php:42
‪TYPO3\CMS\Backend\FrontendBackendUserAuthentication\allowedToEditLanguage
‪bool allowedToEditLanguage($table, array $currentRecord)
Definition: FrontendBackendUserAuthentication.php:97
‪TYPO3\CMS\Core\Context\Context
Definition: Context.php:53
‪TYPO3\CMS\Core\Type\Bitmask\Permission
Definition: Permission.php:24
‪TYPO3\CMS\Core\Authentication\BackendUserAuthentication\checkLockToIP
‪bool checkLockToIP()
Definition: BackendUserAuthentication.php:2479
‪TYPO3\CMS\Core\Authentication\BackendUserAuthentication\isUserAllowedToLogin
‪bool isUserAllowedToLogin()
Definition: BackendUserAuthentication.php:2624
‪TYPO3\CMS\Core\Authentication\BackendUserAuthentication\doesUserHaveAccess
‪bool doesUserHaveAccess($row, $perms)
Definition: BackendUserAuthentication.php:330
‪TYPO3\CMS\Core\Authentication\BackendUserAuthentication\checkLanguageAccess
‪bool checkLanguageAccess($langValue)
Definition: BackendUserAuthentication.php:709
‪TYPO3\CMS\Core\Authentication\BackendUserAuthentication
Definition: BackendUserAuthentication.php:62
‪TYPO3\CMS\Backend\FrontendBackendUserAuthentication\$formfield_uname
‪string $formfield_uname
Definition: FrontendBackendUserAuthentication.php:36
‪TYPO3\CMS\Core\Context\LanguageAspect
Definition: LanguageAspect.php:57
‪TYPO3\CMS\Backend\Utility\BackendUtility
Definition: BackendUtility.php:75
‪TYPO3\CMS\Backend\Utility\BackendUtility\getRecord
‪static array null getRecord($table, $uid, $fields=' *', $where='', $useDeleteClause=true)
Definition: BackendUtility.php:95
‪TYPO3\CMS\Core\Utility\GeneralUtility\trimExplode
‪static string[] trimExplode($delim, $string, $removeEmptyValues=false, $limit=0)
Definition: GeneralUtility.php:1059
‪TYPO3\CMS\Core\Type\Bitmask\Permission\CONTENT_EDIT
‪const CONTENT_EDIT
Definition: Permission.php:53
‪TYPO3\CMS\Backend\FrontendBackendUserAuthentication\backendCheckLogin
‪bool backendCheckLogin($proceedIfNoUserIsLoggedIn=false)
Definition: FrontendBackendUserAuthentication.php:70
‪$GLOBALS
‪$GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['adminpanel']['modules']
Definition: ext_localconf.php:5
‪TYPO3\CMS\Core\Type\Bitmask\Permission\PAGE_EDIT
‪const PAGE_EDIT
Definition: Permission.php:38
‪TYPO3\CMS\Core\Type\Bitmask\Permission\PAGE_DELETE
‪const PAGE_DELETE
Definition: Permission.php:43
‪TYPO3\CMS\Backend\FrontendBackendUserAuthentication\allowedToEdit
‪bool allowedToEdit(string $table, array $dataArray, array $conf, bool $checkEditAccessInternals)
Definition: FrontendBackendUserAuthentication.php:123
‪TYPO3\CMS\Backend\FrontendBackendUserAuthentication\getAllowedEditActions
‪array getAllowedEditActions($table, array $conf, $pid)
Definition: FrontendBackendUserAuthentication.php:174
‪TYPO3\CMS\Core\Utility\GeneralUtility
Definition: GeneralUtility.php:46