‪TYPO3CMS  10.4
PermissionAjaxController.php
Go to the documentation of this file.
1 <?php
2 
3 /*
4  * This file is part of the TYPO3 CMS project.
5  *
6  * It is free software; you can redistribute it and/or modify it under
7  * the terms of the GNU General Public License, either version 2
8  * of the License, or any later version.
9  *
10  * For the full copyright and license information, please read the
11  * LICENSE.txt file that was distributed with this source code.
12  *
13  * The TYPO3 project - inspiring people to share!
14  */
15 
16 namespace ‪TYPO3\CMS\Beuser\Controller;
17 
18 use Psr\Http\Message\ResponseInterface;
19 use Psr\Http\Message\ServerRequestInterface;
20 use ‪TYPO3\CMS\Backend\Utility\BackendUtility;
21 use ‪TYPO3\CMS\Core\DataHandling\DataHandler;
22 use ‪TYPO3\CMS\Core\Http\HtmlResponse;
23 use ‪TYPO3\CMS\Core\Imaging\Icon;
24 use ‪TYPO3\CMS\Core\Imaging\IconFactory;
25 use ‪TYPO3\CMS\Core\Utility\ExtensionManagementUtility;
26 use ‪TYPO3\CMS\Core\Utility\GeneralUtility;
27 use ‪TYPO3\CMS\Fluid\View\StandaloneView;
28 
35 class ‪PermissionAjaxController
36 {
42  protected ‪$conf;
43 
47  protected ‪$iconFactory;
48 
52  public function ‪__construct()
53  {
54  $this->iconFactory = GeneralUtility::makeInstance(IconFactory::class);
55  $this->‪getLanguageService()->includeLLFile('EXT:beuser/Resources/Private/Language/locallang_mod_permission.xlf');
56  }
57 
64  public function ‪dispatch(ServerRequestInterface $request): ‪ResponseInterface
65  {
66  $parsedBody = $request->getParsedBody();
67  $this->conf = [
68  'page' => $parsedBody['page'] ?? null,
69  'who' => $parsedBody['who'] ?? null,
70  'mode' => $parsedBody['mode'] ?? null,
71  'bits' => (int)($parsedBody['bits'] ?? 0),
72  'permissions' => (int)($parsedBody['permissions'] ?? 0),
73  'action' => $parsedBody['action'] ?? null,
74  'ownerUid' => (int)($parsedBody['ownerUid'] ?? 0),
75  'username' => $parsedBody['username'] ?? null,
76  'groupUid' => (int)($parsedBody['groupUid'] ?? 0),
77  'groupname' => $parsedBody['groupname'] ?? '',
78  'editLockState' => (int)($parsedBody['editLockState'] ?? 0),
79  'new_owner_uid' => (int)($parsedBody['newOwnerUid'] ?? 0),
80  'new_group_uid' => (int)($parsedBody['newGroupUid'] ?? 0),
81  ];
82 
83  $extPath = ‪ExtensionManagementUtility::extPath('beuser');
84 
85  $view = GeneralUtility::makeInstance(StandaloneView::class);
86  $view->setPartialRootPaths(['default' => ‪ExtensionManagementUtility::extPath('beuser') . 'Resources/Private/Partials']);
87  $view->assign('pageId', $this->conf['page']);
88 
89  $response = new ‪HtmlResponse('');
90 
91  // Basic test for required value
92  if ($this->conf['page'] <= 0) {
93  $response->getBody()->write('This script cannot be called directly');
94  return $response->withStatus(500);
95  }
96 
97  $content = '';
98  // Init TCE for execution of update
99  $tce = GeneralUtility::makeInstance(DataHandler::class);
100  // Determine the scripts to execute
101  switch ($this->conf['action']) {
102  case 'show_change_owner_selector':
103  $content = $this->‪renderUserSelector($this->conf['page'], $this->conf['ownerUid'], $this->conf['username']);
104  break;
105  case 'change_owner':
106  $userId = $this->conf['new_owner_uid'];
107  if (is_int($userId)) {
108  // Prepare data to change
109  $data = [];
110  $data['pages'][$this->conf['page']]['perms_userid'] = $userId;
111  // Execute TCE Update
112  $tce->start($data, []);
113  $tce->process_datamap();
114 
115  $view->setTemplatePathAndFilename($extPath . 'Resources/Private/Templates/PermissionAjax/ChangeOwner.html');
116  $view->assign('userId', $userId);
117  $usernameArray = ‪BackendUtility::getUserNames('username', ' AND uid = ' . $userId);
118  $view->assign('username', $usernameArray[$userId]['username']);
119  $content = $view->render();
120  } else {
121  $response->getBody()->write('An error occurred: No page owner uid specified');
122  $response = $response->withStatus(500);
123  }
124  break;
125  case 'show_change_group_selector':
126  $content = $this->‪renderGroupSelector($this->conf['page'], $this->conf['groupUid'], $this->conf['groupname']);
127  break;
128  case 'change_group':
129  $groupId = $this->conf['new_group_uid'];
130  if (is_int($groupId)) {
131  // Prepare data to change
132  $data = [];
133  $data['pages'][$this->conf['page']]['perms_groupid'] = $groupId;
134  // Execute TCE Update
135  $tce->start($data, []);
136  $tce->process_datamap();
137 
138  $view->setTemplatePathAndFilename($extPath . 'Resources/Private/Templates/PermissionAjax/ChangeGroup.html');
139  $view->assign('groupId', $groupId);
140  $groupnameArray = ‪BackendUtility::getGroupNames('title', ' AND uid = ' . $groupId);
141  $view->assign('groupname', $groupnameArray[$groupId]['title']);
142  $content = $view->render();
143  } else {
144  $response->getBody()->write('An error occurred: No page group uid specified');
145  $response = $response->withStatus(500);
146  }
147  break;
148  case 'toggle_edit_lock':
149  // Prepare data to change
150  $data = [];
151  $data['pages'][$this->conf['page']]['editlock'] = $this->conf['editLockState'] === 1 ? 0 : 1;
152  // Execute TCE Update
153  $tce->start($data, []);
154  $tce->process_datamap();
155  $content = $this->‪renderToggleEditLock($this->conf['page'], $data['pages'][$this->conf['page']]['editlock']);
156  break;
157  default:
158  if ($this->conf['mode'] === 'delete') {
159  $this->conf['permissions'] = (int)($this->conf['permissions'] - $this->conf['bits']);
160  } else {
161  $this->conf['permissions'] = (int)($this->conf['permissions'] + $this->conf['bits']);
162  }
163  // Prepare data to change
164  $data = [];
165  $data['pages'][$this->conf['page']]['perms_' . $this->conf['who']] = $this->conf['permissions'];
166  // Execute TCE Update
167  $tce->start($data, []);
168  $tce->process_datamap();
169 
170  $view->setTemplatePathAndFilename($extPath . 'Resources/Private/Templates/PermissionAjax/ChangePermission.html');
171  $view->assign('permission', $this->conf['permissions']);
172  $view->assign('scope', $this->conf['who']);
173  $content = $view->render();
174  }
175  $response->getBody()->write($content);
176  return $response;
177  }
178 
187  protected function ‪renderUserSelector($page, $ownerUid, $username = '')
188  {
189  $page = (int)$page;
190  $ownerUid = (int)$ownerUid;
191  // Get usernames
192  $beUsers = ‪BackendUtility::getUserNames();
193  // Owner selector:
194  $options = '';
195  // Loop through the users
196  foreach ($beUsers as $uid => $row) {
197  $uid = (int)$uid;
198  $selected = $uid === $ownerUid ? ' selected="selected"' : '';
199  $options .= '<option value="' . $uid . '"' . $selected . '>' . htmlspecialchars($row['username']) . '</option>';
200  }
201  $elementId = 'o_' . $page;
202  $options = '<option value="0"></option>' . $options;
203  $selector = '<select name="new_page_owner" id="new_page_owner">' . $options . '</select>';
204  $saveButton = '<button class="saveowner btn btn-default" data-page="' . $page . '" data-owner="' . $ownerUid
205  . '" data-element-id="' . $elementId . '" title="Change owner" type="button">'
206  . $this->iconFactory->getIcon('actions-document-save', ‪Icon::SIZE_SMALL)->render()
207  . '</button>';
208  $cancelButton = '<button class="restoreowner btn btn-default" data-page="' . $page . '" data-owner="' . $ownerUid
209  . '" data-element-id="' . $elementId . '"'
210  . (!empty($username) ? ' data-username="' . htmlspecialchars($username) . '"' : '')
211  . ' title="Cancel" type="button">'
212  . $this->iconFactory->getIcon('actions-close', ‪Icon::SIZE_SMALL)->render()
213  . '</button>';
214  return '<span id="' . $elementId . '">'
215  . $selector
216  . '<span class="btn-group">'
217  . $saveButton
218  . $cancelButton
219  . '</span>'
220  . '</span>';
221  }
222 
231  protected function ‪renderGroupSelector($page, $groupUid, $groupname = '')
232  {
233  $page = (int)$page;
234  $groupUid = (int)$groupUid;
235 
236  // Get group names
237  $beGroupsO = $beGroups = ‪BackendUtility::getGroupNames();
238  // Group selector:
239  $options = '';
240  // flag: is set if the page-groupid equals one from the group-list
241  $userset = 0;
242  // Loop through the groups
243  foreach ($beGroups as $uid => $row) {
244  $uid = (int)$uid;
245  if ($uid === $groupUid) {
246  $userset = 1;
247  $selected = ' selected="selected"';
248  } else {
249  $selected = '';
250  }
251  $options .= '<option value="' . $uid . '"' . $selected . '>' . htmlspecialchars($row['title']) . '</option>';
252  }
253  // If the group was not set AND there is a group for the page
254  if (!$userset && $groupUid) {
255  $options = '<option value="' . $groupUid . '" selected="selected">' .
256  htmlspecialchars($beGroupsO[$groupUid]['title']) . '</option>' . $options;
257  }
258  $elementId = 'g_' . $page;
259  $options = '<option value="0"></option>' . $options;
260  $selector = '<select name="new_page_group" id="new_page_group">' . $options . '</select>';
261  $saveButton = '<button class="savegroup btn btn-default" data-page="' . $page . '" data-group-id="' . $groupUid
262  . '" data-element-id="' . $elementId . '" title="Change group" type="button">'
263  . $this->iconFactory->getIcon('actions-document-save', ‪Icon::SIZE_SMALL)->render()
264  . '</button>';
265  $cancelButton = '<button class="restoregroup btn btn-default" data-page="' . $page . '" data-group-id="' . $groupUid
266  . '" data-element-id="' . $elementId . '"'
267  . (!empty($groupname) ? ' data-groupname="' . htmlspecialchars($groupname) . '"' : '')
268  . ' title="Cancel" type="button">'
269  . $this->iconFactory->getIcon('actions-close', ‪Icon::SIZE_SMALL)->render()
270  . '</button>';
271  return '<span id="' . $elementId . '">'
272  . $selector
273  . '<span class="btn-group">'
274  . $saveButton
275  . $cancelButton
276  . '</span>'
277  . '</span>';
278  }
279 
287  protected function ‪renderToggleEditLock($page, $editLockState)
288  {
289  $page = (int)$page;
290  if ($editLockState === 1) {
291  $ret = '<span id="el_' . $page . '"><button type="button" class="editlock btn btn-default" data-page="' . $page
292  . '" data-lockstate="1" title="The page and all content is locked for editing by all non-Admin users.">'
293  . $this->iconFactory->getIcon('actions-lock', ‪Icon::SIZE_SMALL)->render() . '</button></span>';
294  } else {
295  $ret = '<span id="el_' . $page . '"><button type="button" class="editlock btn btn-default" data-page="' . $page .
296  '" data-lockstate="0" title="Enable the &raquo;Admin-only&laquo; edit lock for this page">'
297  . $this->iconFactory->getIcon('actions-unlock', ‪Icon::SIZE_SMALL)->render() . '</button></span>';
298  }
299  return $ret;
300  }
301 
305  protected function ‪getLanguageService()
306  {
307  return ‪$GLOBALS['LANG'];
308  }
309 }
‪TYPO3\CMS\Core\DataHandling\DataHandler
Definition: DataHandler.php:84
‪TYPO3\CMS\Core\Imaging\Icon\SIZE_SMALL
‪const SIZE_SMALL
Definition: Icon.php:30
‪TYPO3\CMS\Beuser\Controller\PermissionAjaxController\__construct
‪__construct()
Definition: PermissionAjaxController.php:50
‪TYPO3\CMS\Beuser\Controller\PermissionAjaxController
Definition: PermissionAjaxController.php:36
‪TYPO3\CMS\Core\Imaging\Icon
Definition: Icon.php:26
‪TYPO3\CMS\Extbase\Mvc\ResponseInterface
Definition: ResponseInterface.php:22
‪TYPO3\CMS\Beuser\Controller\PermissionAjaxController\$conf
‪array $conf
Definition: PermissionAjaxController.php:41
‪TYPO3\CMS\Beuser\Controller
Definition: BackendUserController.php:16
‪TYPO3\CMS\Core\Imaging\IconFactory
Definition: IconFactory.php:33
‪TYPO3\CMS\Backend\Utility\BackendUtility\getUserNames
‪static array getUserNames($fields='username, usergroup, usergroup_cached_list, uid', $where='')
Definition: BackendUtility.php:818
‪TYPO3\CMS\Core\Utility\ExtensionManagementUtility
Definition: ExtensionManagementUtility.php:43
‪TYPO3\CMS\Beuser\Controller\PermissionAjaxController\getLanguageService
‪TYPO3 CMS Core Localization LanguageService getLanguageService()
Definition: PermissionAjaxController.php:303
‪TYPO3\CMS\Beuser\Controller\PermissionAjaxController\renderGroupSelector
‪string renderGroupSelector($page, $groupUid, $groupname='')
Definition: PermissionAjaxController.php:229
‪TYPO3\CMS\Backend\Utility\BackendUtility\getGroupNames
‪static array getGroupNames($fields='title, uid', $where='')
Definition: BackendUtility.php:836
‪TYPO3\CMS\Backend\Utility\BackendUtility
Definition: BackendUtility.php:75
‪TYPO3\CMS\Beuser\Controller\PermissionAjaxController\dispatch
‪ResponseInterface dispatch(ServerRequestInterface $request)
Definition: PermissionAjaxController.php:62
‪TYPO3\CMS\Fluid\View\StandaloneView
Definition: StandaloneView.php:34
‪$GLOBALS
‪$GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['adminpanel']['modules']
Definition: ext_localconf.php:5
‪TYPO3\CMS\Beuser\Controller\PermissionAjaxController\renderToggleEditLock
‪string renderToggleEditLock($page, $editLockState)
Definition: PermissionAjaxController.php:285
‪TYPO3\CMS\Core\Utility\ExtensionManagementUtility\extPath
‪static string extPath($key, $script='')
Definition: ExtensionManagementUtility.php:127
‪TYPO3\CMS\Core\Utility\GeneralUtility
Definition: GeneralUtility.php:46
‪TYPO3\CMS\Beuser\Controller\PermissionAjaxController\renderUserSelector
‪string renderUserSelector($page, $ownerUid, $username='')
Definition: PermissionAjaxController.php:185
‪TYPO3\CMS\Beuser\Controller\PermissionAjaxController\$iconFactory
‪IconFactory $iconFactory
Definition: PermissionAjaxController.php:45
‪TYPO3\CMS\Core\Http\HtmlResponse
Definition: HtmlResponse.php:26