‪TYPO3CMS  10.4
Public Member Functions | Static Public Member Functions | Public Attributes | Protected Member Functions | Protected Attributes | List of all members
TYPO3\CMS\Core\Authentication\BackendUserAuthentication Class Reference
Inheritance diagram for TYPO3\CMS\Core\Authentication\BackendUserAuthentication:
TYPO3\CMS\Core\Authentication\AbstractUserAuthentication TYPO3\CMS\Backend\FrontendBackendUserAuthentication TYPO3\CMS\Core\Authentication\CommandLineUserAuthentication TYPO3\CMS\Workspaces\Authentication\PreviewUserAuthentication

Public Member Functions

 __construct ()
 
bool isAdmin ()
 
bool isMemberOfGroup ($groupId)
 
bool doesUserHaveAccess ($row, $perms)
 
int null isInWebMount ($idOrRow, $readPerms='', $exitOnError=0)
 
bool modAccess ($conf)
 
bool isSystemMaintainer ()
 
string getPagePermsClause ($perms)
 
int calcPerms ($row)
 
bool isRTE ()
 
bool check ($type, $value)
 
bool checkAuthMode ($table, $field, $value, $authMode)
 
bool checkLanguageAccess ($langValue)
 
bool checkFullLanguagesAccess ($table, $record)
 
bool recordEditAccessInternals ($table, $idOrRow, $newRecord=false, $deletedRecord=false, $checkFullLanguageAccess=false)
 
bool mayMakeShortcut ()
 
string workspaceCannotEditRecord ($table, $recData)
 
string workspaceCannotEditOfflineVersion ($table, $recData)
 
mixed workspaceAllowLiveRecordsInPID ($pid, $table)
 
bool workspaceAllowsLiveEditingInTable (string $table)
 
bool workspaceCreateNewRecord ($pid, $table)
 
bool workspaceCanCreateNewRecord (string $table)
 
bool workspaceAllowAutoCreation ($table, $id, $recpid)
 
bool workspaceCheckStageForCurrent ($stage)
 
bool workspacePublishAccess ($wsid)
 
bool workspaceSwapAccess ()
 
array getTSConfig ()
 
array returnWebmounts ()
 
 setWebmounts (array $mountPointUids, $append=false)
 
 initializeWebmountsForElementBrowser ()
 
bool jsConfirmation ($bitmask)
 
 fetchGroupData ()
 
 fetchGroups ($grList, $idList='')
 
 setCachedList ($cList)
 
array getCategoryMountPoints ()
 
array getFileMountRecords ()
 
TYPO3 CMS Core Resource ResourceStorage[] getFileStorages ()
 
 evaluateUserSpecificFileFilterSettings ()
 
array getFilePermissions ()
 
array getFilePermissionsForStorage (ResourceStorage $storageObject)
 
TYPO3 CMS Core Resource Folder bool getDefaultUploadFolder ($pid=null, $table=null, $field=null)
 
TYPO3 CMS Core Resource Folder null getDefaultUploadTemporaryFolder ()
 
 workspaceInit ()
 
array checkWorkspace ($wsRec, $fields=' *')
 
array checkWorkspaceCurrent ()
 
 setWorkspace ($workspaceId)
 
bool setTemporaryWorkspace ($workspaceId)
 
 setDefaultWorkspace ()
 
int getDefaultWorkspace ()
 
int writelog ($type, $action, $error, $details_nr, $details, $data, $tablename='', $recuid='', $recpid='', $event_pid=-1, $NEWid='', $userId=0)
 
 checkLogFailures ($email, $secondsBack=3600, $max=3)
 
bool checkLockToIP ()
 
 backendCheckLogin ($proceedIfNoUserIsLoggedIn=false)
 
 backendSetUC ()
 
 overrideUC ()
 
 resetUC ()
 
 logoff ()
 
 isImportEnabled ()
 
 isExportEnabled ()
 
- ‪Public Member Functions inherited from ‪TYPO3\CMS\Core\Authentication\AbstractUserAuthentication
 start ()
 
bool isSetSessionCookie ()
 
bool isRefreshTimeBasedCookie ()
 
 checkAuthentication ()
 
string createSessionId ()
 
array createUserSession ($tempuser)
 
array getNewSessionRecord ($tempuser)
 
array bool fetchUserSession ($skipSessionUpdate=false)
 
 enforceNewSessionId ()
 
 removeCookie ($cookieName)
 
bool isExistingSessionRecord ($id)
 
bool isCookieSet ()
 
 writeUC ($variable='')
 
 unpack_uc ($theUC='')
 
 pushModuleData ($module, $data, $noSave=0)
 
mixed getModuleData ($module, $type='')
 
mixed getSessionData ($key)
 
 setSessionData ($key, $data)
 
 setAndSaveSessionData ($key, $data)
 
array getLoginFormData ()
 
array processLoginData ($loginData, $passwordTransmissionStrategy='')
 
array getAuthInfoArray ()
 
 gc ()
 
 writelog ($type, $action, $error, $details_nr, $details, $data, $tablename, $recuid, $recpid)
 
 setBeUserByUid ($uid)
 
 setBeUserByName ($name)
 
array getRawUserByUid ($uid)
 
array getRawUserByName ($name)
 
string getSessionId ()
 
string getLoginType ()
 

Static Public Member Functions

static string getCookieName ()
 

Public Attributes

const ROLE_SYSTEMMAINTAINER = 'systemMaintainer'
 
string $usergroup_column = 'usergroup'
 
string $usergroup_table = 'be_groups'
 
array $groupData
 
array $userGroups = array( )
 
array $userGroupsUID = array( )
 
string $groupList = ''
 
int $workspace = -99
 
array $workspaceRec = array( )
 
array $dataLists
 
array $includeGroupArray = array( )
 
string $errorMsg = ''
 
string $user_table = 'be_users'
 
string $username_column = 'username'
 
string $userident_column = 'password'
 
string $userid_column = 'uid'
 
string $lastLogin_column = 'lastlogin'
 
array $enablecolumns
 
string $formfield_uname = 'username'
 
string $formfield_uident = 'userident'
 
string $formfield_status = 'login_status'
 
bool $writeStdLog = true
 
bool $writeAttemptLog = true
 
int $sessionTimeout = 28800
 
int $firstMainGroup = 0
 
array $uc
 
array $uc_default
 
string $loginType = 'BE'
 
- ‪Public Attributes inherited from ‪TYPO3\CMS\Core\Authentication\AbstractUserAuthentication
string $name = ''
 
string $user_table = ''
 
string $usergroup_table = ''
 
string $username_column = ''
 
string $userident_column = ''
 
string $userid_column = ''
 
string $usergroup_column = ''
 
string $lastLogin_column = ''
 
array $enablecolumns
 
bool $showHiddenRecords = false
 
string $formfield_uname = ''
 
string $formfield_uident = ''
 
string $formfield_status = ''
 
int $sessionTimeout = 0
 
string $auth_timeout_field = ''
 
int $lifetime = 0
 
int $gc_time = 86400
 
int $gc_probability = 1
 
bool $writeStdLog = false
 
bool $writeAttemptLog = false
 
bool $sendNoCacheHeaders = true
 
int $hash_length = 32
 
string $warningEmail = ''
 
int $warningPeriod = 3600
 
int $warningMax = 3
 
bool $checkPid = true
 
int $checkPid_value = 0
 
string $id
 
bool $loginFailure = false
 
bool $loginSessionStarted = false
 
array null $user
 
bool $newSessionID = false
 
bool $forceSetCookie = false
 
bool $dontSetCookie = false
 
string $loginType = ''
 
array $svConfig = array( )
 
array $uc
 

Protected Member Functions

 prepareUserTsConfig ()
 
 initializeFileStorages ()
 
 initializeDbMountpointsInWorkspace ()
 
 sendLoginAttemptEmail (Statement $result, string $emailAddress)
 
bool isUserAllowedToLogin ()
 
 releaseLockedRecords (int $userId)
 
- ‪Protected Member Functions inherited from ‪TYPO3\CMS\Core\Authentication\AbstractUserAuthentication
 sendHttpHeaders ()
 
array getHttpHeaders ()
 
 setSessionCookie ()
 
string getCookieDomain ()
 
string getCookie ($cookieName)
 
Traversable getAuthServices (string $subType, array $loginData, array $authInfo)
 
 regenerateSessionId (array $existingSessionRecord=[], bool $anonymous=false)
 
 updateLoginTimestamp (int $userId)
 
 performLogoff ()
 
QueryRestrictionContainerInterface userConstraints ()
 
mixed removeSensitiveLoginDataForLoggingInfo ($data, bool $isUserRecord=false)
 
SessionBackendInterface getSessionBackend ()
 

Protected Attributes

array $userTS = array( )
 
bool $userTSUpdated = false
 
array null $checkWorkspaceCurrent_cache
 
TYPO3 CMS Core Resource ResourceStorage[] $fileStorages
 
array $filePermissions
 
- ‪Protected Attributes inherited from ‪TYPO3\CMS\Core\Authentication\AbstractUserAuthentication
bool $cookieWasSetOnCurrentRequest = false
 
IpLocker $ipLocker
 
SessionBackendInterface $sessionBackend
 
array $sessionData = array( )
 

Detailed Description

TYPO3 backend user authentication Contains most of the functions used for checking permissions, authenticating users, setting up the user, and API for user from outside. This class contains the configuration of the database fields used plus some functions for the authentication process of backend users.

Definition at line 61 of file BackendUserAuthentication.php.

Constructor & Destructor Documentation

◆ __construct()

TYPO3\CMS\Core\Authentication\BackendUserAuthentication::__construct ( )

Constructor

Reimplemented from TYPO3\CMS\Core\Authentication\AbstractUserAuthentication.

Reimplemented in TYPO3\CMS\Workspaces\Authentication\PreviewUserAuthentication, and TYPO3\CMS\Core\Authentication\CommandLineUserAuthentication.

Definition at line 278 of file BackendUserAuthentication.php.

References $GLOBALS, and TYPO3\CMS\Core\Authentication\BackendUserAuthentication\getCookieName().

Member Function Documentation

◆ backendCheckLogin()

TYPO3\CMS\Core\Authentication\BackendUserAuthentication::backendCheckLogin (   $proceedIfNoUserIsLoggedIn = false)

Check if user is logged in and if so, call ->fetchGroupData() to load group information and access lists of all kind, further check IP, set the ->uc array. If no user is logged in the default behaviour is to exit with an error message. This function is called right after ->start() in fx. the TYPO3 Bootstrap.

Parameters
bool$proceedIfNoUserIsLoggedIn‪if this option is set, then there won't be a redirect to the login screen of the Backend - used for areas in the backend which do not need user rights like the login page.
Exceptions

Reimplemented in TYPO3\CMS\Core\Authentication\CommandLineUserAuthentication, and TYPO3\CMS\Backend\FrontendBackendUserAuthentication.

Definition at line 2500 of file BackendUserAuthentication.php.

References $GLOBALS, TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\$user, TYPO3\CMS\Core\Authentication\BackendUserAuthentication\backendSetUC(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\checkLockToIP(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\fetchGroupData(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\isUserAllowedToLogin(), and TYPO3\CMS\Core\Utility\HttpUtility\redirect().

◆ backendSetUC()

TYPO3\CMS\Core\Authentication\BackendUserAuthentication::backendSetUC ( )

Initialize the internal ->uc array for the backend user Will make the overrides if necessary, and write the UC back to the be_users record if changes has happened

Definition at line 2547 of file BackendUserAuthentication.php.

References $GLOBALS, TYPO3\CMS\Core\Authentication\BackendUserAuthentication\$uc, TYPO3\CMS\Core\Authentication\BackendUserAuthentication\getTSConfig(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\overrideUC(), TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\unpack_uc(), and TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\writeUC().

Referenced by TYPO3\CMS\Core\Authentication\CommandLineUserAuthentication\authenticate(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\backendCheckLogin(), and TYPO3\CMS\Core\Authentication\BackendUserAuthentication\resetUC().

◆ calcPerms()

int TYPO3\CMS\Core\Authentication\BackendUserAuthentication::calcPerms (   $row)

Returns a combined binary representation of the current users permissions for the page-record, $row. The perms for user, group and everybody is OR'ed together (provided that the page-owner is the user and for the groups that the user is a member of the group. If the user is admin, 31 is returned (full permissions for all five flags)

Parameters
array$row‪Input page row with all perms_* fields available.
Returns
‪int Bitwise representation of the users permissions in relation to input page row, $row

Reimplemented in TYPO3\CMS\Workspaces\Authentication\PreviewUserAuthentication.

Definition at line 568 of file BackendUserAuthentication.php.

References $GLOBALS, TYPO3\CMS\Core\Type\Bitmask\Permission\ALL, TYPO3\CMS\Core\Authentication\BackendUserAuthentication\isAdmin(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\isInWebMount(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\isMemberOfGroup(), and TYPO3\CMS\Core\Type\Bitmask\Permission\NOTHING.

Referenced by TYPO3\CMS\Backend\FrontendBackendUserAuthentication\allowedToEdit(), TYPO3\CMS\Backend\Controller\Wizard\AbstractWizardController\checkEditAccess(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\doesUserHaveAccess(), TYPO3\CMS\Backend\FrontendBackendUserAuthentication\getAllowedEditActions(), TYPO3\CMS\Recordlist\RecordList\DatabaseRecordList\linkWrapItems(), and TYPO3\CMS\Recordlist\RecordList\DatabaseRecordList\makeClip().

◆ check()

bool TYPO3\CMS\Core\Authentication\BackendUserAuthentication::check (   $type,
  $value 
)

Returns TRUE if the $value is found in the list in a $this->groupData[] index pointed to by $type (array key). Can thus be users to check for modules, exclude-fields, select/modify permissions for tables etc. If user is admin TRUE is also returned

Parameters
string$type‪The type value; "webmounts", "filemounts", "pagetypes_select", "tables_select", "tables_modify", "non_exclude_fields", "modules", "available_widgets"
string$value‪String to search for in the groupData-list
Returns
‪bool TRUE if permission is granted (that is, the value was found in the groupData list - or the BE_USER is "admin")

Definition at line 624 of file BackendUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\BackendUserAuthentication\isAdmin().

Referenced by TYPO3\CMS\Backend\Domain\Repository\TableManualRepository\checkAccess(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\checkLanguageAccess(), TYPO3\CMS\Backend\View\PageLayoutView\generateLanguageView(), TYPO3\CMS\Filelist\FileFacade\getIsMetadataEditable(), TYPO3\CMS\Backend\Controller\ContentElement\ElementInformationController\getPropertiesForTable(), TYPO3\CMS\Backend\View\PageLayoutView\hasContentModificationAndAccessPermissions(), TYPO3\CMS\Backend\Controller\ContentElement\ElementInformationController\initDatabaseRecord(), TYPO3\CMS\Backend\Form\FormDataProvider\TcaInline\isUserAllowedToModify(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\modAccess(), and TYPO3\CMS\Backend\Controller\NewRecordController\renderNewRecordControls().

◆ checkAuthMode()

bool TYPO3\CMS\Core\Authentication\BackendUserAuthentication::checkAuthMode (   $table,
  $field,
  $value,
  $authMode 
)

Checking the authMode of a select field with authMode set

Parameters
string$table‪Table name
string$field‪Field name (must be configured in TCA and of type "select" with authMode set!)
string$value‪Value to evaluation (single value, must not contain any of the chars ":,|")
string$authMode‪Auth mode keyword (explicitAllow, explicitDeny, individual)
Returns
‪bool Whether access is granted or not

Definition at line 639 of file BackendUserAuthentication.php.

References $GLOBALS, and TYPO3\CMS\Core\Authentication\BackendUserAuthentication\isAdmin().

Referenced by TYPO3\CMS\Core\Authentication\BackendUserAuthentication\recordEditAccessInternals().

◆ checkFullLanguagesAccess()

bool TYPO3\CMS\Core\Authentication\BackendUserAuthentication::checkFullLanguagesAccess (   $table,
  $record 
)

Check if user has access to all existing localizations for a certain record

Parameters
string$table‪The table
array$record‪The current record
Returns
‪bool

Definition at line 729 of file BackendUserAuthentication.php.

References $GLOBALS, TYPO3\CMS\Core\Authentication\BackendUserAuthentication\checkLanguageAccess(), and TYPO3\CMS\Backend\Utility\BackendUtility\isTableLocalizable().

Referenced by TYPO3\CMS\Core\Authentication\BackendUserAuthentication\recordEditAccessInternals().

◆ checkLanguageAccess()

bool TYPO3\CMS\Core\Authentication\BackendUserAuthentication::checkLanguageAccess (   $langValue)

Checking if a language value (-1, 0 and >0 for sys_language records) is allowed to be edited by the user.

Parameters
int$langValue‪Language value to evaluate
Returns
‪bool Returns TRUE if the language value is allowed, otherwise FALSE.

Definition at line 709 of file BackendUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\BackendUserAuthentication\check().

Referenced by TYPO3\CMS\Backend\FrontendBackendUserAuthentication\allowedToEditLanguage(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\checkFullLanguagesAccess(), TYPO3\CMS\Backend\View\PageLayoutView\generateLanguageView(), TYPO3\CMS\Backend\FrontendBackendUserAuthentication\getAllowedEditActions(), TYPO3\CMS\Core\Site\Entity\NullSite\getAvailableLanguages(), TYPO3\CMS\Core\Site\Entity\Site\getAvailableLanguages(), TYPO3\CMS\Workspaces\Preview\PreviewUriBuilder\getAvailableLanguages(), TYPO3\CMS\Backend\Controller\PageLayoutController\isContentEditable(), TYPO3\CMS\Backend\View\PageLayoutView\isContentEditable(), TYPO3\CMS\Frontend\Middleware\SiteBaseRedirectResolver\isLanguageEnabled(), TYPO3\CMS\Recordlist\RecordList\DatabaseRecordList\makeLocalizationPanel(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\recordEditAccessInternals(), TYPO3\CMS\Backend\Form\Container\FlexFormContainerContainer\render(), and TYPO3\CMS\Backend\Form\Container\FlexFormSectionContainer\render().

◆ checkLockToIP()

bool TYPO3\CMS\Core\Authentication\BackendUserAuthentication::checkLockToIP ( )

If TYPO3_CONF_VARS['BE']['enabledBeUserIPLock'] is enabled and an IP-list is found in the User TSconfig objString "options.lockToIP", then make an IP comparison with REMOTE_ADDR and check if the IP address matches

Returns
‪bool TRUE, if IP address validates OK (or no check is done at all because no restriction is set)

should only be used from within TYPO3 Core

Definition at line 2479 of file BackendUserAuthentication.php.

References $GLOBALS, and TYPO3\CMS\Core\Authentication\BackendUserAuthentication\getTSConfig().

Referenced by TYPO3\CMS\Backend\FrontendBackendUserAuthentication\backendCheckLogin(), and TYPO3\CMS\Core\Authentication\BackendUserAuthentication\backendCheckLogin().

◆ checkLogFailures()

TYPO3\CMS\Core\Authentication\BackendUserAuthentication::checkLogFailures (   $email,
  $secondsBack = 3600,
  $max = 3 
)

Sends a warning to $email if there has been a certain amount of failed logins during a period. If a login fails, this function is called. It will look up the sys_log to see if there have been more than $max failed logins the last $secondsBack seconds (default 3600). If so, an email with a warning is sent to $email.

Parameters
string$email‪Email address
int$secondsBack‪Number of sections back in time to check. This is a kind of limit for how many failures an hour for instance.
int$max‪Max allowed failures before a warning mail is sent

Reimplemented from TYPO3\CMS\Core\Authentication\AbstractUserAuthentication.

Definition at line 2356 of file BackendUserAuthentication.php.

References $GLOBALS, TYPO3\CMS\Core\Authentication\BackendUserAuthentication\sendLoginAttemptEmail(), and TYPO3\CMS\Core\Authentication\BackendUserAuthentication\writelog().

◆ checkWorkspace()

array TYPO3\CMS\Core\Authentication\BackendUserAuthentication::checkWorkspace (   $wsRec,
  $fields = '*' 
)

Checking if a workspace is allowed for backend user

Parameters
mixed$wsRec‪If integer, workspace record is looked up, if array it is seen as a Workspace record with at least uid, title, members and adminusers columns. Can be faked for workspaces uid 0 and -1 (online and offline)
string$fields‪List of fields to select. Default fields are all
Returns
‪array Output will also show how access was granted. Admin users will have a true output regardless of input.

should only be used from within TYPO3 Core

Reimplemented in TYPO3\CMS\Workspaces\Authentication\PreviewUserAuthentication.

Definition at line 2101 of file BackendUserAuthentication.php.

References $fields, TYPO3\CMS\Core\Authentication\BackendUserAuthentication\isAdmin(), TYPO3\CMS\Core\Utility\ExtensionManagementUtility\isLoaded(), TYPO3\CMS\Core\Type\Bitmask\Permission\PAGE_SHOW, and TYPO3\CMS\Core\Utility\GeneralUtility\trimExplode().

Referenced by TYPO3\CMS\Core\Authentication\BackendUserAuthentication\checkWorkspaceCurrent(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\getDefaultWorkspace(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\setDefaultWorkspace(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\setTemporaryWorkspace(), and TYPO3\CMS\Core\Authentication\BackendUserAuthentication\workspacePublishAccess().

◆ checkWorkspaceCurrent()

array TYPO3\CMS\Core\Authentication\BackendUserAuthentication::checkWorkspaceCurrent ( )

Uses checkWorkspace() to check if current workspace is available for user. This function caches the result and so can be called many times with no performance loss.

Returns
‪array See checkWorkspace()
See also
checkWorkspace()

should only be used from within TYPO3 Core

Definition at line 2172 of file BackendUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\BackendUserAuthentication\$checkWorkspaceCurrent_cache, and TYPO3\CMS\Core\Authentication\BackendUserAuthentication\checkWorkspace().

Referenced by TYPO3\CMS\Core\Authentication\BackendUserAuthentication\workspaceCheckStageForCurrent().

◆ doesUserHaveAccess()

bool TYPO3\CMS\Core\Authentication\BackendUserAuthentication::doesUserHaveAccess (   $row,
  $perms 
)

Checks if the permissions is granted based on a page-record ($row) and $perms (binary and'ed)

Bits for permissions, see $perms variable:

1 - Show: See/Copy page and the pagecontent. 2 - Edit page: Change/Move the page, eg. change title, startdate, hidden. 4 - Delete page: Delete the page and pagecontent. 8 - New pages: Create new pages under the page. 16 - Edit pagecontent: Change/Add/Delete/Move pagecontent.

Parameters
array$row‪Is the pagerow for which the permissions is checked
int$perms‪Is the binary representation of the permission we are going to check. Every bit in this number represents a permission that must be set. See function explanation.
Returns
‪bool

Definition at line 330 of file BackendUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\BackendUserAuthentication\calcPerms().

Referenced by TYPO3\CMS\Backend\FrontendBackendUserAuthentication\allowedToEdit(), TYPO3\CMS\Backend\Tree\View\PagePositionMap\checkNewPageInPid(), TYPO3\CMS\Backend\View\PageLayoutView\hasContentModificationAndAccessPermissions(), TYPO3\CMS\Backend\Controller\PageLayoutController\isContentEditable(), TYPO3\CMS\Backend\View\PageLayoutView\isPageEditable(), and TYPO3\CMS\Info\Controller\PageInformationController\pages_drawItem().

◆ evaluateUserSpecificFileFilterSettings()

TYPO3\CMS\Core\Authentication\BackendUserAuthentication::evaluateUserSpecificFileFilterSettings ( )

Adds filters based on what the user has set this should be done in this place, and called whenever needed, but only when needed

Definition at line 1798 of file BackendUserAuthentication.php.

References TYPO3\CMS\Core\Resource\Filter\FileNameFilter\setShowHiddenFilesAndFolders().

Referenced by TYPO3\CMS\Core\Authentication\BackendUserAuthentication\initializeFileStorages(), and TYPO3\CMS\Filelist\Controller\FileListController\initializeObject().

◆ fetchGroupData()

TYPO3\CMS\Core\Authentication\BackendUserAuthentication::fetchGroupData ( )

Initializes a lot of stuff like the access-lists, database-mountpoints and filemountpoints This method is called by ->backendCheckLogin() (from extending BackendUserAuthentication) if the backend user login has verified OK. Generally this is required initialization of a backend user.

See also
‪\TYPO3\CMS\Core\TypoScript\Parser\TypoScriptParser

Definition at line 1309 of file BackendUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\BackendUserAuthentication\fetchGroups(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\getPagePermsClause(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\getTSConfig(), TYPO3\CMS\Core\Utility\GeneralUtility\intExplode(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\isAdmin(), TYPO3\CMS\Core\Type\Bitmask\Permission\PAGE_SHOW, TYPO3\CMS\Core\Authentication\BackendUserAuthentication\prepareUserTsConfig(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\setCachedList(), and TYPO3\CMS\Core\Authentication\BackendUserAuthentication\workspaceInit().

Referenced by TYPO3\CMS\Core\Authentication\CommandLineUserAuthentication\authenticate(), and TYPO3\CMS\Core\Authentication\BackendUserAuthentication\backendCheckLogin().

◆ fetchGroups()

TYPO3\CMS\Core\Authentication\BackendUserAuthentication::fetchGroups (   $grList,
  $idList = '' 
)

Fetches the group records, subgroups and fills internal arrays. Function is called recursively to fetch subgroups

Parameters
string$grList‪Commalist of be_groups uid numbers
string$idList‪List of already processed be_groups-uids so the function will not fall into an eternal recursion.

Definition at line 1453 of file BackendUserAuthentication.php.

References $GLOBALS, TYPO3\CMS\Core\Utility\GeneralUtility\intExplode(), TYPO3\CMS\Core\Type\Bitmask\Permission\PAGE_EDIT, and TYPO3\CMS\Core\Type\Bitmask\Permission\PAGE_SHOW.

Referenced by TYPO3\CMS\Core\Authentication\BackendUserAuthentication\fetchGroupData().

◆ getCategoryMountPoints()

array TYPO3\CMS\Core\Authentication\BackendUserAuthentication::getCategoryMountPoints ( )

Returns an array of category mount points. The category permissions from BE Groups are also taken into consideration and are merged into User permissions.

Returns
‪array

Definition at line 1603 of file BackendUserAuthentication.php.

References TYPO3\CMS\Core\Utility\GeneralUtility\trimExplode().

Referenced by TYPO3\CMS\Beuser\Service\UserInformationService\convert().

◆ getCookieName()

static string TYPO3\CMS\Core\Authentication\BackendUserAuthentication::getCookieName ( )
static

Getter for the cookie name

Returns
‪string returns the configured cookie name

Definition at line 2462 of file BackendUserAuthentication.php.

References $GLOBALS.

Referenced by TYPO3\CMS\Core\Authentication\BackendUserAuthentication\__construct(), TYPO3\CMS\Backend\Controller\LoginController\checkRedirect(), and TYPO3\CMS\Frontend\Middleware\BackendUserAuthenticator\process().

◆ getDefaultUploadFolder()

TYPO3 CMS Core Resource Folder bool TYPO3\CMS\Core\Authentication\BackendUserAuthentication::getDefaultUploadFolder (   $pid = null,
  $table = null,
  $field = null 
)

Returns a \TYPO3\CMS\Core\Resource\Folder object that is used for uploading files by default. This is used for RTE and its magic images, as well as uploads in the TCEforms fields.

The default upload folder for a user is the defaultFolder on the first filestorage/filemount that the user can access and to which files are allowed to be added however, you can set the users' upload folder like this:

options.defaultUploadFolder = 3:myfolder/yourfolder/

Parameters
int$pid‪PageUid
string$table‪Table name
string$field‪Field name
Returns
‪\TYPO3\CMS\Core\Resource\Folder|bool The default upload folder for this user

Definition at line 1933 of file BackendUserAuthentication.php.

References $GLOBALS, TYPO3\CMS\Core\Authentication\BackendUserAuthentication\getFileStorages(), and TYPO3\CMS\Core\Authentication\BackendUserAuthentication\getTSConfig().

Referenced by TYPO3\CMS\Backend\Controller\OnlineMediaController\addMediaFromUrl(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\getDefaultUploadTemporaryFolder(), and TYPO3\CMS\Recordlist\LinkHandler\FileLinkHandler\getSelectedFolder().

◆ getDefaultUploadTemporaryFolder()

TYPO3 CMS Core Resource Folder null TYPO3\CMS\Core\Authentication\BackendUserAuthentication::getDefaultUploadTemporaryFolder ( )

Returns a \TYPO3\CMS\Core\Resource\Folder object that could be used for uploading temporary files in user context. The folder temp below the default upload folder of the user is used.

Returns
‪\TYPO3\CMS\Core\Resource\Folder|null
See also
‪\TYPO3\CMS\Core\Authentication\BackendUserAuthentication::getDefaultUploadFolder()

Definition at line 2001 of file BackendUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\BackendUserAuthentication\getDefaultUploadFolder().

Referenced by TYPO3\CMS\Impexp\Controller\ImportExportController\getDefaultImportExportFolder().

◆ getDefaultWorkspace()

int TYPO3\CMS\Core\Authentication\BackendUserAuthentication::getDefaultWorkspace ( )

Return default workspace ID for user, if EXT:workspaces is not installed the user will be pushed to the Live workspace, if he has access to. If no workspace is available for the user, the workspace ID is set to "-99"

Returns
‪int Default workspace id.

should only be used from within TYPO3 Core

Definition at line 2245 of file BackendUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\BackendUserAuthentication\checkWorkspace(), and TYPO3\CMS\Core\Utility\ExtensionManagementUtility\isLoaded().

Referenced by TYPO3\CMS\Core\Authentication\BackendUserAuthentication\setDefaultWorkspace().

◆ getFileMountRecords()

array TYPO3\CMS\Core\Authentication\BackendUserAuthentication::getFileMountRecords ( )

Returns an array of file mount records, taking workspaces and user home and group home directories into account Needs to be called AFTER the groups have been loaded.

Returns
‪array

Definition at line 1636 of file BackendUserAuthentication.php.

References $GLOBALS, TYPO3\CMS\Core\Authentication\BackendUserAuthentication\$groupData, TYPO3\CMS\Core\Authentication\BackendUserAuthentication\getTSConfig(), TYPO3\CMS\Core\Utility\GeneralUtility\intExplode(), TYPO3\CMS\Core\Type\Bitmask\Permission\PAGE_EDIT, TYPO3\CMS\Core\Database\Query\QueryHelper\parseOrderBy(), and TYPO3\CMS\Core\Utility\GeneralUtility\trimExplode().

Referenced by TYPO3\CMS\Core\Authentication\BackendUserAuthentication\initializeFileStorages().

◆ getFilePermissions()

array TYPO3\CMS\Core\Authentication\BackendUserAuthentication::getFilePermissions ( )

Returns the information about file permissions. Previously, this was stored in the DB field fileoper_perms now it is file_permissions. Besides it can be handled via userTSconfig

permissions.file.default { addFile = 1 readFile = 1 writeFile = 1 copyFile = 1 moveFile = 1 renameFile = 1 deleteFile = 1

addFolder = 1 readFolder = 1 writeFolder = 1 copyFolder = 1 moveFolder = 1 renameFolder = 1 deleteFolder = 1 recursivedeleteFolder = 1 }

overwrite settings for a specific storageObject

permissions.file.storage.StorageUid { readFile = 1 recursivedeleteFolder = 0 }

Please note that these permissions only apply, if the storage has the capabilities (browseable, writable), and if the driver allows for writing etc

Returns
‪array

Definition at line 1841 of file BackendUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\BackendUserAuthentication\$filePermissions, TYPO3\CMS\Core\Authentication\BackendUserAuthentication\getTSConfig(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\isAdmin(), and TYPO3\CMS\Core\Utility\GeneralUtility\trimExplode().

Referenced by TYPO3\CMS\Core\Authentication\BackendUserAuthentication\getFilePermissionsForStorage().

◆ getFilePermissionsForStorage()

array TYPO3\CMS\Core\Authentication\BackendUserAuthentication::getFilePermissionsForStorage ( ResourceStorage  $storageObject)

Gets the file permissions for a storage by merging any storage-specific permissions for a storage with the default settings. Admin users will always get the default settings.

Parameters
\TYPO3\CMS\Core\Resource\ResourceStorage$storageObject
Returns
‪array

Definition at line 1899 of file BackendUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\BackendUserAuthentication\getFilePermissions(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\getTSConfig(), TYPO3\CMS\Core\Resource\ResourceStorage\getUid(), and TYPO3\CMS\Core\Authentication\BackendUserAuthentication\isAdmin().

◆ getFileStorages()

TYPO3 CMS Core Resource ResourceStorage [] TYPO3\CMS\Core\Authentication\BackendUserAuthentication::getFileStorages ( )

Returns an array with the filemounts for the user. Each filemount is represented with an array of a "name", "path" and "type". If no filemounts an empty array is returned.

Returns
‪\TYPO3\CMS\Core\Resource\ResourceStorage[]

Definition at line 1784 of file BackendUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\BackendUserAuthentication\$fileStorages, and TYPO3\CMS\Core\Authentication\BackendUserAuthentication\initializeFileStorages().

Referenced by TYPO3\CMS\Core\Authentication\BackendUserAuthentication\getDefaultUploadFolder(), TYPO3\CMS\Filelist\Controller\FileListController\initializeObject(), TYPO3\CMS\Backend\Form\FormDataProvider\AbstractItemProvider\removeItemsByUserStorageRestriction(), and TYPO3\CMS\Core\Resource\Service\UserFileMountService\renderTceformsSelectDropdown().

◆ getPagePermsClause()

string TYPO3\CMS\Core\Authentication\BackendUserAuthentication::getPagePermsClause (   $perms)

Returns a WHERE-clause for the pages-table where user permissions according to input argument, $perms, is validated. $perms is the "mask" used to select. Fx. if $perms is 1 then you'll get all pages that a user can actually see! 2^0 = show (1) 2^1 = edit (2) 2^2 = delete (4) 2^3 = new (8) If the user is 'admin' " 1=1" is returned (no effect) If the user is not set at all (->user is not an array), then " 1=0" is returned (will cause no selection results at all) The 95% use of this function is "->getPagePermsClause(1)" which will return WHERE clauses for selecting pages in backend listings - in other words this will check read permissions.

Parameters
int$perms‪Permission mask to use, see function description
Returns
‪string Part of where clause. Prefix " AND " to this.

should only be used from within TYPO3 Core, use PagePermissionDatabaseRestriction instead.

Reimplemented in TYPO3\CMS\Workspaces\Authentication\PreviewUserAuthentication.

Definition at line 499 of file BackendUserAuthentication.php.

References $GLOBALS, TYPO3\CMS\Core\Database\Query\Expression\ExpressionBuilder\EQ, TYPO3\CMS\Core\Utility\GeneralUtility\intExplode(), and TYPO3\CMS\Core\Authentication\BackendUserAuthentication\isAdmin().

Referenced by TYPO3\CMS\Impexp\Controller\ImportExportController\__construct(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\fetchGroupData(), TYPO3\CMS\Linkvalidator\Report\LinkValidatorReport\getPageList(), TYPO3\CMS\Extbase\Configuration\BackendConfigurationManager\getRecursiveStoragePids(), TYPO3\CMS\IndexedSearch\Domain\Repository\AdministrationRepository\getTree(), TYPO3\CMS\Adminpanel\Repositories\FrontendGroupsRepository\getUserGroupOptionCountByBackendUser(), TYPO3\CMS\Adminpanel\Repositories\FrontendGroupsRepository\getUserGroupsForPagesByBackendUser(), TYPO3\CMS\Backend\Controller\ContentElement\MoveElementController\init(), TYPO3\CMS\Backend\Controller\ContentElement\ElementInformationController\init(), TYPO3\CMS\Info\Controller\InfoModuleController\init(), TYPO3\CMS\IndexedSearch\Controller\AdministrationController\initializeView(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\isInWebMount(), TYPO3\CMS\Recordlist\Controller\ClearPageCacheController\mainAction(), and TYPO3\CMS\Tstemplate\Controller\TypoScriptTemplateModuleController\mainAction().

◆ getTSConfig()

array TYPO3\CMS\Core\Authentication\BackendUserAuthentication::getTSConfig ( )

Returns full parsed user TSconfig array, merged with TSconfig from groups.

Example: [ 'options.' => [ 'fooEnabled' => '0', 'fooEnabled.' => [ 'tt_content' => 1, ], ], ]

Returns
‪array Parsed and merged user TSconfig array

Definition at line 1217 of file BackendUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\BackendUserAuthentication\$userTS.

Referenced by TYPO3\CMS\Filelist\Configuration\ThumbnailConfiguration\__construct(), TYPO3\CMS\Adminpanel\Service\ConfigurationService\__construct(), TYPO3\CMS\Backend\Backend\ToolbarItems\ClearCacheToolbarItem\__construct(), TYPO3\CMS\Backend\Form\FormDataProvider\UserTsConfig\addData(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\backendSetUC(), TYPO3\CMS\Opendocs\Backend\ToolbarItems\OpendocsToolbarItem\checkAccess(), TYPO3\CMS\Backend\Backend\ToolbarItems\ShortcutToolbarItem\checkAccess(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\checkLockToIP(), TYPO3\CMS\Beuser\Service\UserInformationService\convert(), TYPO3\CMS\Recycler\Controller\RecyclerAjaxController\dispatch(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\fetchGroupData(), TYPO3\CMS\Recordlist\Browser\FileBrowser\getBulkSelector(), TYPO3\CMS\Filelist\Controller\FileListController\getDefaultAction(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\getDefaultUploadFolder(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\getFileMountRecords(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\getFilePermissions(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\getFilePermissionsForStorage(), TYPO3\CMS\Adminpanel\Modules\CacheModule\getPageSettings(), TYPO3\CMS\Backend\Controller\BackendController\handlePageEditing(), TYPO3\CMS\Filelist\Controller\FileListController\indexAction(), TYPO3\CMS\Recordlist\Browser\FileBrowser\initialize(), TYPO3\CMS\Setup\Controller\SetupModuleController\initialize(), TYPO3\CMS\Backend\Clipboard\Clipboard\initializeClipboard(), TYPO3\CMS\Backend\Controller\Page\TreeController\initializeConfiguration(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\initializeWebmountsForElementBrowser(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\isExportEnabled(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\isImportEnabled(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\jsConfirmation(), TYPO3\CMS\Core\Database\QueryGenerator\makeSelectorTable(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\mayMakeShortcut(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\overrideUC(), TYPO3\CMS\Info\Controller\PageInformationController\pages_drawItem(), TYPO3\CMS\Backend\Domain\Repository\Module\BackendModuleRepository\removeHiddenModules(), TYPO3\CMS\Recordlist\Browser\DatabaseBrowser\render(), TYPO3\CMS\Recordlist\LinkHandler\PageLinkHandler\render(), TYPO3\CMS\Info\Controller\TranslationStatusController\renderL10nTable(), TYPO3\CMS\Recordlist\LinkHandler\RecordLinkHandler\renderPageTree(), TYPO3\CMS\Recordlist\View\FolderUtilityRenderer\uploadForm(), and TYPO3\CMS\Core\Authentication\BackendUserAuthentication\workspaceInit().

◆ initializeDbMountpointsInWorkspace()

TYPO3\CMS\Core\Authentication\BackendUserAuthentication::initializeDbMountpointsInWorkspace ( )
protected

Limiting the DB mountpoints if there any selected in the workspace record

Definition at line 2044 of file BackendUserAuthentication.php.

References TYPO3\CMS\Backend\Utility\BackendUtility\BEgetRootLine(), TYPO3\CMS\Core\Utility\GeneralUtility\intExplode(), and TYPO3\CMS\Core\Authentication\BackendUserAuthentication\isInWebMount().

Referenced by TYPO3\CMS\Core\Authentication\BackendUserAuthentication\workspaceInit().

◆ initializeFileStorages()

TYPO3\CMS\Core\Authentication\BackendUserAuthentication::initializeFileStorages ( )
protected

Sets up all file storages for a user. Needs to be called AFTER the groups have been loaded.

Definition at line 1569 of file BackendUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\BackendUserAuthentication\evaluateUserSpecificFileFilterSettings(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\getFileMountRecords(), and TYPO3\CMS\Core\Authentication\BackendUserAuthentication\isAdmin().

Referenced by TYPO3\CMS\Core\Authentication\BackendUserAuthentication\getFileStorages().

◆ initializeWebmountsForElementBrowser()

TYPO3\CMS\Core\Authentication\BackendUserAuthentication::initializeWebmountsForElementBrowser ( )

Checks for alternative web mount points for the element browser.

If there is a temporary mount point active in the page tree it will be used.

If the User TSconfig options.pageTree.altElementBrowserMountPoints is not empty the pages configured there are used as web mounts If options.pageTree.altElementBrowserMountPoints.append is enabled, they are appended to the existing webmounts.

- do not use in your own extension

Definition at line 1263 of file BackendUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\getSessionData(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\getTSConfig(), TYPO3\CMS\Core\Utility\GeneralUtility\intExplode(), and TYPO3\CMS\Core\Authentication\BackendUserAuthentication\setWebmounts().

◆ isAdmin()

bool TYPO3\CMS\Core\Authentication\BackendUserAuthentication::isAdmin ( )

Returns TRUE if user is admin Basically this function evaluates if the ->user[admin] field has bit 0 set. If so, user is admin.

Returns
‪bool

Definition at line 292 of file BackendUserAuthentication.php.

Referenced by TYPO3\CMS\Backend\Backend\ToolbarItems\ClearCacheToolbarItem\__construct(), TYPO3\CMS\Backend\FrontendBackendUserAuthentication\allowedToEdit(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\calcPerms(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\check(), TYPO3\CMS\Backend\Backend\ToolbarItems\SystemInformationToolbarItem\checkAccess(), TYPO3\CMS\Setup\Controller\SetupModuleController\checkAccess(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\checkAuthMode(), TYPO3\CMS\Backend\Tree\View\PagePositionMap\checkNewPageInPid(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\checkWorkspace(), TYPO3\CMS\Recycler\Controller\RecyclerAjaxController\dispatch(), TYPO3\CMS\Recordlist\RecordList\DatabaseRecordList\editLockPermissions(), TYPO3\CMS\Backend\Security\EmailLoginNotification\emailAtLogin(), TYPO3\CMS\Backend\Form\FormDataProvider\EvaluateDisplayConditions\evaluateConditionRecursive(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\fetchGroupData(), TYPO3\CMS\Backend\Tree\Repository\PageTreeRepository\filterPagesOnMountPoints(), TYPO3\CMS\Backend\Domain\Repository\Localization\LocalizationRepository\getAllowedLanguageConstraintsForBackendUser(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\getFilePermissions(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\getFilePermissionsForStorage(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\getPagePermsClause(), TYPO3\CMS\Adminpanel\Modules\CacheModule\getPageSettings(), TYPO3\CMS\Recycler\Controller\RecyclerModuleController\handleRequest(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\initializeFileStorages(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\isExportEnabled(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\isImportEnabled(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\isInWebMount(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\isSystemMaintainer(), TYPO3\CMS\Backend\Controller\NewRecordController\isTableAllowedOnPage(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\isUserAllowedToLogin(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\modAccess(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\prepareUserTsConfig(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\recordEditAccessInternals(), TYPO3\CMS\Backend\Form\Container\FlexFormElementContainer\render(), TYPO3\CMS\Backend\Controller\NewRecordController\renderNewRecordControls(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\workspaceCheckStageForCurrent(), and TYPO3\CMS\Core\Authentication\BackendUserAuthentication\workspacePublishAccess().

◆ isExportEnabled()

TYPO3\CMS\Core\Authentication\BackendUserAuthentication::isExportEnabled ( )

Returns if export functionality is available for current user

Definition at line 2703 of file BackendUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\BackendUserAuthentication\getTSConfig(), and TYPO3\CMS\Core\Authentication\BackendUserAuthentication\isAdmin().

Referenced by TYPO3\CMS\Core\Tests\Functional\Authentication\BackendUserAuthenticationTest\isExportEnabledReturnsExpectedValues().

◆ isImportEnabled()

TYPO3\CMS\Core\Authentication\BackendUserAuthentication::isImportEnabled ( )

Returns if import functionality is available for current user

Definition at line 2692 of file BackendUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\BackendUserAuthentication\getTSConfig(), and TYPO3\CMS\Core\Authentication\BackendUserAuthentication\isAdmin().

Referenced by TYPO3\CMS\Core\Tests\Functional\Authentication\BackendUserAuthenticationTest\isImportEnabledReturnsExpectedValues().

◆ isInWebMount()

int null TYPO3\CMS\Core\Authentication\BackendUserAuthentication::isInWebMount (   $idOrRow,
  $readPerms = '',
  $exitOnError = 0 
)

Checks if the page id or page record ($idOrRow) is found within the webmounts set up for the user. This should ALWAYS be checked for any page id a user works with, whether it's about reading, writing or whatever. The point is that this will add the security that a user can NEVER touch parts outside his mounted pages in the page tree. This is otherwise possible if the raw page permissions allows for it. So this security check just makes it easier to make safe user configurations. If the user is admin OR if this feature is disabled (fx. by setting TYPO3_CONF_VARS['BE']['lockBeUserToDBmounts']=0) then it returns "1" right away Otherwise the function will return the uid of the webmount which was first found in the rootline of the input page $id

Parameters
int | array$idOrRowPage ID or full page record to check
string$readPerms‪Content of "->getPagePermsClause(1)" (read-permissions). If not set, they will be internally calculated (but if you have the correct value right away you can save that database lookup!)
bool | int$exitOnError‪If set, then the function will exit with an error message.
Exceptions

Definition at line 352 of file BackendUserAuthentication.php.

References $GLOBALS, TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\$id, TYPO3\CMS\Backend\Utility\BackendUtility\BEgetRootLine(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\getPagePermsClause(), TYPO3\CMS\Backend\Utility\BackendUtility\getRecord(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\isAdmin(), TYPO3\CMS\Core\Type\Bitmask\Permission\PAGE_SHOW, and TYPO3\CMS\Core\Authentication\BackendUserAuthentication\returnWebmounts().

Referenced by TYPO3\CMS\Core\Authentication\BackendUserAuthentication\calcPerms(), TYPO3\CMS\Backend\Controller\ContentElement\ElementInformationController\canAccessPage(), TYPO3\CMS\Backend\Tree\Repository\PageTreeRepository\filterPagesOnMountPoints(), and TYPO3\CMS\Core\Authentication\BackendUserAuthentication\initializeDbMountpointsInWorkspace().

◆ isMemberOfGroup()

bool TYPO3\CMS\Core\Authentication\BackendUserAuthentication::isMemberOfGroup (   $groupId)

Returns TRUE if the current user is a member of group $groupId $groupId must be set. $this->groupList must contain groups Will return TRUE also if the user is a member of a group through subgroups.

Parameters
int$groupId‪Group ID to look for in $this->groupList
Returns
‪bool

should only be used from within TYPO3 Core, use Context API for quicker access

Definition at line 306 of file BackendUserAuthentication.php.

Referenced by TYPO3\CMS\Core\Authentication\BackendUserAuthentication\calcPerms().

◆ isRTE()

bool TYPO3\CMS\Core\Authentication\BackendUserAuthentication::isRTE ( )

Returns TRUE if the RTE (Rich Text Editor) is enabled for the user.

Returns
‪bool

should only be used from within TYPO3 Core

Definition at line 610 of file BackendUserAuthentication.php.

◆ isSystemMaintainer()

bool TYPO3\CMS\Core\Authentication\BackendUserAuthentication::isSystemMaintainer ( )

Checks if the user is in the valid list of allowed system maintainers. if the list is not set, then all admins are system maintainers. If the list is empty, no one is system maintainer (good for production systems). If the currently logged in user is in "switch user" mode, this method will return false.

Returns
‪bool

Definition at line 456 of file BackendUserAuthentication.php.

References $GLOBALS, TYPO3\CMS\Core\Core\Environment\getContext(), and TYPO3\CMS\Core\Authentication\BackendUserAuthentication\isAdmin().

Referenced by TYPO3\CMS\Core\Authentication\BackendUserAuthentication\logoff(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\modAccess(), and TYPO3\CMS\Backend\Form\FieldInformation\AdminIsSystemMaintainer\render().

◆ isUserAllowedToLogin()

bool TYPO3\CMS\Core\Authentication\BackendUserAuthentication::isUserAllowedToLogin ( )
protected

Determines whether a backend user is allowed to access the backend.

The conditions are:

  • ‪backend user is a regular user and adminOnly is not defined
  • ‪backend user is an admin user
  • ‪backend user is used in CLI context and adminOnly is explicitly set to "2" (see CommandLineUserAuthentication)
  • ‪backend user is being controlled by an admin user
Returns
‪bool Whether a backend user is allowed to access the backend

Reimplemented in TYPO3\CMS\Core\Authentication\CommandLineUserAuthentication.

Definition at line 2624 of file BackendUserAuthentication.php.

References $GLOBALS, and TYPO3\CMS\Core\Authentication\BackendUserAuthentication\isAdmin().

Referenced by TYPO3\CMS\Backend\FrontendBackendUserAuthentication\backendCheckLogin(), and TYPO3\CMS\Core\Authentication\BackendUserAuthentication\backendCheckLogin().

◆ jsConfirmation()

bool TYPO3\CMS\Core\Authentication\BackendUserAuthentication::jsConfirmation (   $bitmask)

Returns TRUE or FALSE, depending if an alert popup (a javascript confirmation) should be shown call like $GLOBALS['BE_USER']->jsConfirmation($BITMASK).

Parameters
int$bitmask‪Bitmask, one of \TYPO3\CMS\Core\Type\Bitmask\JsConfirmation
Returns
‪bool TRUE if the confirmation should be shown
See also
‪JsConfirmation

Definition at line 1288 of file BackendUserAuthentication.php.

References TYPO3\CMS\Core\Type\Enumeration\cast(), and TYPO3\CMS\Core\Authentication\BackendUserAuthentication\getTSConfig().

Referenced by TYPO3\CMS\Backend\Controller\Page\TreeController\fetchConfigurationAction().

◆ logoff()

TYPO3\CMS\Core\Authentication\BackendUserAuthentication::logoff ( )

Logs out the current user and clears the form protection tokens.

Reimplemented from TYPO3\CMS\Core\Authentication\AbstractUserAuthentication.

Definition at line 2652 of file BackendUserAuthentication.php.

References $GLOBALS, TYPO3\CMS\Core\FormProtection\AbstractFormProtection\clean(), TYPO3\CMS\Core\FormProtection\FormProtectionFactory\get(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\isSystemMaintainer(), and TYPO3\CMS\Core\Authentication\BackendUserAuthentication\releaseLockedRecords().

Referenced by TYPO3\CMS\Backend\Controller\LoginController\init(), and TYPO3\CMS\Backend\Controller\LogoutController\processLogout().

◆ mayMakeShortcut()

bool TYPO3\CMS\Core\Authentication\BackendUserAuthentication::mayMakeShortcut ( )

Returns TRUE if the BE_USER is allowed to create shortcuts in the backend modules

Returns
‪bool

Definition at line 877 of file BackendUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\BackendUserAuthentication\getTSConfig().

Referenced by TYPO3\CMS\Redirects\Controller\ManagementController\getButtons(), TYPO3\CMS\Viewpage\Controller\ViewModuleController\registerDocHeader(), and TYPO3\CMS\Form\Controller\FormManagerController\registerDocheaderButtons().

◆ modAccess()

bool TYPO3\CMS\Core\Authentication\BackendUserAuthentication::modAccess (   $conf)

Checks access to a backend module with the $MCONF passed as first argument

Parameters
array$conf‪$MCONF array of a backend module!
Exceptions

Definition at line 415 of file BackendUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\BackendUserAuthentication\check(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\isAdmin(), TYPO3\CMS\Core\Utility\ExtensionManagementUtility\isLoaded(), TYPO3\CMS\Backend\Utility\BackendUtility\isModuleSetInTBE_MODULES(), and TYPO3\CMS\Core\Authentication\BackendUserAuthentication\isSystemMaintainer().

◆ overrideUC()

TYPO3\CMS\Core\Authentication\BackendUserAuthentication::overrideUC ( )

Override: Call this function every time the uc is updated. That is 1) by reverting to default values, 2) in the setup-module, 3) userTS changes (userauthgroup)

Definition at line 2596 of file BackendUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\BackendUserAuthentication\getTSConfig().

Referenced by TYPO3\CMS\Core\Authentication\BackendUserAuthentication\backendSetUC().

◆ prepareUserTsConfig()

TYPO3\CMS\Core\Authentication\BackendUserAuthentication::prepareUserTsConfig ( )
protected

This method parses the UserTSconfig from the current user and all their groups. If the contents are the same, parsing is skipped. No matching is applied here currently.

Definition at line 1407 of file BackendUserAuthentication.php.

References $GLOBALS, TYPO3\CMS\Core\TypoScript\Parser\TypoScriptParser\checkIncludeLines_array(), and TYPO3\CMS\Core\Authentication\BackendUserAuthentication\isAdmin().

Referenced by TYPO3\CMS\Core\Authentication\BackendUserAuthentication\fetchGroupData().

◆ recordEditAccessInternals()

bool TYPO3\CMS\Core\Authentication\BackendUserAuthentication::recordEditAccessInternals (   $table,
  $idOrRow,
  $newRecord = false,
  $deletedRecord = false,
  $checkFullLanguageAccess = false 
)

Checking if a user has editing access to a record from a $GLOBALS['TCA'] table. The checks does not take page permissions and other "environmental" things into account. It only deal with record internals; If any values in the record fields disallows it. For instance languages settings, authMode selector boxes are evaluated (and maybe more in the future). It will check for workspace dependent access. The function takes an ID (int) or row (array) as second argument.

Parameters
string$table‪Table name
int | array$idOrRow‪If integer, then this is the ID of the record. If Array this just represents fields in the record.
bool$newRecord‪Set, if testing a new (non-existing) record array. Will disable certain checks that doesn't make much sense in that context.
bool$deletedRecord‪Set, if testing a deleted record array.
bool$checkFullLanguageAccess‪Set, whenever access to all translations of the record is required
Returns
‪bool TRUE if OK, otherwise FALSE

should only be used from within TYPO3 Core

Definition at line 779 of file BackendUserAuthentication.php.

References $GLOBALS, TYPO3\CMS\Core\Authentication\BackendUserAuthentication\checkAuthMode(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\checkFullLanguagesAccess(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\checkLanguageAccess(), TYPO3\CMS\Backend\Utility\BackendUtility\getRecord(), and TYPO3\CMS\Core\Authentication\BackendUserAuthentication\isAdmin().

Referenced by TYPO3\CMS\Backend\FrontendBackendUserAuthentication\allowedToEdit(), and TYPO3\CMS\Backend\Controller\Wizard\AbstractWizardController\checkEditAccess().

◆ releaseLockedRecords()

TYPO3\CMS\Core\Authentication\BackendUserAuthentication::releaseLockedRecords ( int  $userId)
protected

Remove any "locked records" added for editing for the given user (= current backend user)

Parameters
int$userId

Definition at line 2675 of file BackendUserAuthentication.php.

Referenced by TYPO3\CMS\Core\Authentication\BackendUserAuthentication\logoff().

◆ resetUC()

TYPO3\CMS\Core\Authentication\BackendUserAuthentication::resetUC ( )

Clears the user[uc] and ->uc to blank strings. Then calls ->backendSetUC() to fill it again with reset contents

Definition at line 2606 of file BackendUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\BackendUserAuthentication\backendSetUC().

◆ returnWebmounts()

array TYPO3\CMS\Core\Authentication\BackendUserAuthentication::returnWebmounts ( )

Returns an array with the webmounts. If no webmounts, and empty array is returned. Webmounts permissions are checked in fetchGroupData()

Returns
‪array of web mounts uids (may include '0')

Definition at line 1229 of file BackendUserAuthentication.php.

Referenced by TYPO3\CMS\Core\Authentication\BackendUserAuthentication\isInWebMount().

◆ sendLoginAttemptEmail()

TYPO3\CMS\Core\Authentication\BackendUserAuthentication::sendLoginAttemptEmail ( Statement  $result,
string  $emailAddress 
)
protected

Sends out an email if the number of attempts have exceeded a limit.

Parameters
Statement$result
string$emailAddress

Definition at line 2432 of file BackendUserAuthentication.php.

References $GLOBALS.

Referenced by TYPO3\CMS\Core\Authentication\BackendUserAuthentication\checkLogFailures().

◆ setCachedList()

TYPO3\CMS\Core\Authentication\BackendUserAuthentication::setCachedList (   $cList)

Updates the field be_users.usergroup_cached_list if the groupList of the user has changed/is different from the current list. The field "usergroup_cached_list" contains the list of groups which the user is a member of. After authentication (where these functions are called...) one can depend on this list being a representation of the exact groups/subgroups which the BE_USER has membership with.

Parameters
string$cList‪The newly compiled group-list which must be compared with the current list in the user record and possibly stored if a difference is detected.

Definition at line 1554 of file BackendUserAuthentication.php.

Referenced by TYPO3\CMS\Core\Authentication\BackendUserAuthentication\fetchGroupData().

◆ setDefaultWorkspace()

TYPO3\CMS\Core\Authentication\BackendUserAuthentication::setDefaultWorkspace ( )

Sets the default workspace in the context of the current backend user.

should only be used from within TYPO3 Core

Definition at line 2231 of file BackendUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\BackendUserAuthentication\checkWorkspace(), and TYPO3\CMS\Core\Authentication\BackendUserAuthentication\getDefaultWorkspace().

Referenced by TYPO3\CMS\Core\Authentication\BackendUserAuthentication\setWorkspace().

◆ setTemporaryWorkspace()

bool TYPO3\CMS\Core\Authentication\BackendUserAuthentication::setTemporaryWorkspace (   $workspaceId)

Sets a temporary workspace in the context of the current backend user.

Parameters
int$workspaceId
Returns
‪bool

should only be used from within TYPO3 Core

Definition at line 2213 of file BackendUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\BackendUserAuthentication\checkWorkspace().

Referenced by TYPO3\CMS\Core\Authentication\BackendUserAuthentication\setWorkspace().

◆ setWebmounts()

TYPO3\CMS\Core\Authentication\BackendUserAuthentication::setWebmounts ( array  $mountPointUids,
  $append = false 
)

Initializes the given mount points for the current Backend user.

Parameters
array$mountPointUidsPage UIDs that should be used as web mountpoints
bool$append‪If TRUE the given mount point will be appended. Otherwise the current mount points will be replaced.

Definition at line 1240 of file BackendUserAuthentication.php.

References TYPO3\CMS\Core\Utility\GeneralUtility\intExplode().

Referenced by TYPO3\CMS\Core\Authentication\BackendUserAuthentication\initializeWebmountsForElementBrowser().

◆ setWorkspace()

TYPO3\CMS\Core\Authentication\BackendUserAuthentication::setWorkspace (   $workspaceId)

Setting workspace ID

Parameters
int$workspaceId‪ID of workspace to set for backend user. If not valid the default workspace for BE user is found and set.

should only be used from within TYPO3 Core

Definition at line 2186 of file BackendUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\BackendUserAuthentication\$workspace, TYPO3\CMS\Core\Authentication\BackendUserAuthentication\setDefaultWorkspace(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\setTemporaryWorkspace(), and TYPO3\CMS\Core\Authentication\BackendUserAuthentication\writelog().

Referenced by TYPO3\CMS\Workspaces\Controller\PreviewController\handleRequest(), TYPO3\CMS\Workspaces\Controller\AjaxController\switchWorkspaceAction(), and TYPO3\CMS\Core\Authentication\BackendUserAuthentication\workspaceInit().

◆ workspaceAllowAutoCreation()

bool TYPO3\CMS\Core\Authentication\BackendUserAuthentication::workspaceAllowAutoCreation (   $table,
  $id,
  $recpid 
)

Evaluates if auto creation of a version of a record is allowed. Auto-creation of version: In offline workspace, test if versioning is enabled and look for workspace version of input record. If there is no versionized record found we will create one and save to that.

Parameters
string$table‪Table of the record
int$id‪UID of record
int$recpid‪PID of record
Returns
‪bool TRUE if ok.

should only be used from within TYPO3 Core

Definition at line 1067 of file BackendUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\AbstractUserAuthentication\$id, TYPO3\CMS\Backend\Utility\BackendUtility\getWorkspaceVersionOfRecord(), and TYPO3\CMS\Backend\Utility\BackendUtility\isTableWorkspaceEnabled().

◆ workspaceAllowLiveRecordsInPID()

mixed TYPO3\CMS\Core\Authentication\BackendUserAuthentication::workspaceAllowLiveRecordsInPID (   $pid,
  $table 
)

Check if "live" records from $table may be created or edited in this PID. If the answer is FALSE it means the only valid way to create or edit records in the PID is by versioning If the answer is 1 or 2 it means it is OK to create a record, if -1 it means that it is OK in terms of versioning because the element was within a versionized branch but NOT ok in terms of the state the root point had!

Note: this method is not in use anymore and will likely be deprecated in future TYPO3 versions.

Parameters
int$pid‪PID value to check for. OBSOLETE!
string$table‪Table name
Returns
‪mixed Returns FALSE if a live record cannot be created and must be versionized in order to do so. 2 means a) Workspace is "Live" or workspace allows "live edit" of records from non-versionized tables (and the $table is not versionizable). 1 and -1 means the pid is inside a versionized branch where -1 means that the branch-point did NOT allow a new record according to its state.

should only be used from within TYPO3 Core

Definition at line 973 of file BackendUserAuthentication.php.

References $GLOBALS, and TYPO3\CMS\Backend\Utility\BackendUtility\isTableWorkspaceEnabled().

◆ workspaceAllowsLiveEditingInTable()

bool TYPO3\CMS\Core\Authentication\BackendUserAuthentication::workspaceAllowsLiveEditingInTable ( string  $table)

Checks if a record is allowed to be edited in the current workspace. This is not bound to an actual record, but to the mere fact if the user is in a workspace and depending on the table settings.

Parameters
string$table
Returns
‪bool

should only be used from within TYPO3 Core

Definition at line 998 of file BackendUserAuthentication.php.

References $GLOBALS, and TYPO3\CMS\Backend\Utility\BackendUtility\isTableWorkspaceEnabled().

Referenced by TYPO3\CMS\Core\Authentication\BackendUserAuthentication\workspaceCanCreateNewRecord(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\workspaceCannotEditRecord(), and TYPO3\CMS\Core\Authentication\BackendUserAuthentication\workspaceCreateNewRecord().

◆ workspaceCanCreateNewRecord()

bool TYPO3\CMS\Core\Authentication\BackendUserAuthentication::workspaceCanCreateNewRecord ( string  $table)

Evaluates if a record from $table can be created. If the table is not set up for versioning, and the "live edit" flag of the page is set, return false. In live workspace this is always true, as all records can be created in live workspace

Parameters
string$table‪Table name
Returns
‪bool

should only be used from within TYPO3 Core

Definition at line 1046 of file BackendUserAuthentication.php.

References TYPO3\CMS\Backend\Utility\BackendUtility\isTableWorkspaceEnabled(), and TYPO3\CMS\Core\Authentication\BackendUserAuthentication\workspaceAllowsLiveEditingInTable().

Referenced by TYPO3\CMS\Backend\Controller\NewRecordController\renderNewRecordControls().

◆ workspaceCannotEditOfflineVersion()

string TYPO3\CMS\Core\Authentication\BackendUserAuthentication::workspaceCannotEditOfflineVersion (   $table,
  $recData 
)

Evaluates if a user is allowed to edit the offline version

Parameters
string$table‪Table of record
array | int$recData‪Integer (record uid) or array where fields are at least: pid, t3ver_wsid, t3ver_stage (if versioningWS is set)
Returns
‪string String error code, telling the failure state. FALSE=All ok
See also
workspaceCannotEditRecord()

this method will be moved to EXT:workspaces

Definition at line 942 of file BackendUserAuthentication.php.

References TYPO3\CMS\Backend\Utility\BackendUtility\getRecord(), TYPO3\CMS\Backend\Utility\BackendUtility\isTableWorkspaceEnabled(), and TYPO3\CMS\Core\Authentication\BackendUserAuthentication\workspaceCannotEditRecord().

◆ workspaceCannotEditRecord()

string TYPO3\CMS\Core\Authentication\BackendUserAuthentication::workspaceCannotEditRecord (   $table,
  $recData 
)

Checking if editing of an existing record is allowed in current workspace if that is offline. Rules for editing in offline mode:

  • ‪record supports versioning and is an offline version from workspace and has the current stage
  • ‪or record (any) is in a branch where there is a page which is a version from the workspace and where the stage is not preventing records
Parameters
string$table‪Table of record
array | int$recData‪Integer (record uid) or array where fields are at least: pid, t3ver_wsid, t3ver_oid, t3ver_stage (if versioningWS is set)
Returns
‪string String error code, telling the failure state. FALSE=All ok

should only be used from within TYPO3 Core

Definition at line 895 of file BackendUserAuthentication.php.

References TYPO3\CMS\Backend\Utility\BackendUtility\getRecord(), TYPO3\CMS\Backend\Utility\BackendUtility\isTableWorkspaceEnabled(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\workspaceAllowsLiveEditingInTable(), and TYPO3\CMS\Core\Authentication\BackendUserAuthentication\workspaceCheckStageForCurrent().

Referenced by TYPO3\CMS\Core\Authentication\BackendUserAuthentication\workspaceCannotEditOfflineVersion().

◆ workspaceCheckStageForCurrent()

bool TYPO3\CMS\Core\Authentication\BackendUserAuthentication::workspaceCheckStageForCurrent (   $stage)

Checks if an element stage allows access for the user in the current workspace In live workspace (= 0) access is always granted for any stage. Admins are always allowed. An option for custom workspaces allows members to also edit when the stage is "Review"

Parameters
int$stage‪Stage id from an element: -1,0 = editing, 1 = reviewer, >1 = owner
Returns
‪bool TRUE if user is allowed access

should only be used from within TYPO3 Core

Definition at line 1097 of file BackendUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\BackendUserAuthentication\$workspaceRec, TYPO3\CMS\Core\Authentication\BackendUserAuthentication\checkWorkspaceCurrent(), TYPO3\CMS\Backend\Utility\BackendUtility\getRecord(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\isAdmin(), and TYPO3\CMS\Core\Utility\ExtensionManagementUtility\isLoaded().

Referenced by TYPO3\CMS\Workspaces\Service\StagesService\isStageAllowedForUser(), and TYPO3\CMS\Core\Authentication\BackendUserAuthentication\workspaceCannotEditRecord().

◆ workspaceCreateNewRecord()

bool TYPO3\CMS\Core\Authentication\BackendUserAuthentication::workspaceCreateNewRecord (   $pid,
  $table 
)

Evaluates if a record from $table can be created in $pid

Note: this method is not in use anymore and will likely be deprecated in future TYPO3 versions.

Parameters
int$pidPage id. This value must be the _ORIG_uid if available: So when you have pages versionized as "page" or "element" you must supply the id of the page version in the workspace!
string$table‪Table name
Returns
‪bool TRUE if OK.

should only be used from within TYPO3 Core

Definition at line 1027 of file BackendUserAuthentication.php.

References TYPO3\CMS\Backend\Utility\BackendUtility\isTableWorkspaceEnabled(), and TYPO3\CMS\Core\Authentication\BackendUserAuthentication\workspaceAllowsLiveEditingInTable().

◆ workspaceInit()

TYPO3\CMS\Core\Authentication\BackendUserAuthentication::workspaceInit ( )

Initializing workspace. Called from within this function, see fetchGroupData()

See also
fetchGroupData()

should only be used from within TYPO3 Core

Definition at line 2029 of file BackendUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\BackendUserAuthentication\$workspace, TYPO3\CMS\Core\Authentication\BackendUserAuthentication\getTSConfig(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\initializeDbMountpointsInWorkspace(), and TYPO3\CMS\Core\Authentication\BackendUserAuthentication\setWorkspace().

Referenced by TYPO3\CMS\Core\Authentication\BackendUserAuthentication\fetchGroupData().

◆ workspacePublishAccess()

bool TYPO3\CMS\Core\Authentication\BackendUserAuthentication::workspacePublishAccess (   $wsid)

Returns TRUE if the user has access to publish content from the workspace ID given. Admin-users are always granted access to do this If the workspace ID is 0 (live) all users have access also For custom workspaces it depends on whether the user is owner OR like with draft workspace if the user has access to Live workspace.

Parameters
int$wsid‪Workspace UID; 0,1+
Returns
‪bool Returns TRUE if the user has access to publish content from the workspace ID given.

this method will be moved to EXT:workspaces

Definition at line 1159 of file BackendUserAuthentication.php.

References TYPO3\CMS\Core\Authentication\BackendUserAuthentication\checkWorkspace(), and TYPO3\CMS\Core\Authentication\BackendUserAuthentication\isAdmin().

◆ workspaceSwapAccess()

bool TYPO3\CMS\Core\Authentication\BackendUserAuthentication::workspaceSwapAccess ( )

Workspace swap-mode access?

Returns
‪bool Returns TRUE if records can be swapped in the current workspace, otherwise FALSE

this method will be moved to EXT:workspaces

Definition at line 1189 of file BackendUserAuthentication.php.

◆ writelog()

int TYPO3\CMS\Core\Authentication\BackendUserAuthentication::writelog (   $type,
  $action,
  $error,
  $details_nr,
  $details,
  $data,
  $tablename = '',
  $recuid = '',
  $recpid = '',
  $event_pid = -1,
  $NEWid = '',
  $userId = 0 
)

Writes an entry in the logfile/table Documentation in "TYPO3 Core API"

Parameters
int$type‪Denotes which module that has submitted the entry. See "TYPO3 Core API". Use "4" for extensions.
int$action‪Denotes which specific operation that wrote the entry. Use "0" when no sub-categorizing applies
int$error‪Flag. 0 = message, 1 = error (user problem), 2 = System Error (which should not happen), 3 = security notice (admin)
int$details_nr‪The message number. Specific for each $type and $action. This will make it possible to translate errormessages to other languages
string$details‪Default text that follows the message (in english!). Possibly translated by identification through type/action/details_nr
array$data‪Data that follows the log. Might be used to carry special information. If an array the first 5 entries (0-4) will be sprintf'ed with the details-text
string$tablename‪Table name. Special field used by tce_main.php.
int | string$recuid‪Record UID. Special field used by tce_main.php.
int | string$recpid‪Record PID. Special field used by tce_main.php. OBSOLETE
int$event_pid‪The page_uid (pid) where the event occurred. Used to select log-content for specific pages.
string$NEWid‪Special field used by tce_main.php. NEWid string of newly created records.
int$userId‪Alternative Backend User ID (used for logging login actions where this is not yet known).
Returns
‪int Log entry ID.

Definition at line 2290 of file BackendUserAuthentication.php.

References $fields, and $GLOBALS.

Referenced by TYPO3\CMS\Core\Authentication\BackendUserAuthentication\checkLogFailures(), TYPO3\CMS\Scheduler\Controller\SchedulerModuleController\deleteTask(), TYPO3\CMS\Backend\Controller\LogoutController\processLogout(), TYPO3\CMS\Scheduler\Controller\SchedulerModuleController\saveTask(), TYPO3\CMS\Core\Authentication\BackendUserAuthentication\setWorkspace(), and TYPO3\CMS\Beuser\Controller\BackendUserController\switchUser().

Member Data Documentation

◆ $checkWorkspaceCurrent_cache

array null TYPO3\CMS\Core\Authentication\BackendUserAuthentication::$checkWorkspaceCurrent_cache
protected

Cache for checkWorkspaceCurrent()

Definition at line 156 of file BackendUserAuthentication.php.

Referenced by TYPO3\CMS\Core\Authentication\BackendUserAuthentication\checkWorkspaceCurrent().

◆ $dataLists

array TYPO3\CMS\Core\Authentication\BackendUserAuthentication::$dataLists
Initial value:
= array(
'webmount_list' => '',
'filemount_list' => '',
'file_permissions' => '',
'modList' => '',
'tables_select' => '',
'tables_modify' => '',
'pagetypes_select' => '',
'non_exclude_fields' => '',
'explicit_allowdeny' => '',
'allowed_languages' => '',
'workspace_perms' => '',
'available_widgets' => '',
'custom_options' => ''
)

Used to accumulate data for the user-group. DON NOT USE THIS EXTERNALLY! Use $this->groupData instead

Definition at line 117 of file BackendUserAuthentication.php.

◆ $enablecolumns

array TYPO3\CMS\Core\Authentication\BackendUserAuthentication::$enablecolumns
Initial value:
= array(
'rootLevel' => 1,
'deleted' => 'deleted',
'disabled' => 'disable',
'starttime' => 'starttime',
'endtime' => 'endtime'
)

Definition at line 192 of file BackendUserAuthentication.php.

◆ $errorMsg

string TYPO3\CMS\Core\Authentication\BackendUserAuthentication::$errorMsg = ''

Contains last error message

should only be used from within TYPO3 Core

Definition at line 151 of file BackendUserAuthentication.php.

◆ $filePermissions

array TYPO3\CMS\Core\Authentication\BackendUserAuthentication::$filePermissions
protected

Definition at line 164 of file BackendUserAuthentication.php.

Referenced by TYPO3\CMS\Core\Authentication\BackendUserAuthentication\getFilePermissions().

◆ $fileStorages

TYPO3 CMS Core Resource ResourceStorage [] TYPO3\CMS\Core\Authentication\BackendUserAuthentication::$fileStorages
protected

Definition at line 160 of file BackendUserAuthentication.php.

Referenced by TYPO3\CMS\Core\Authentication\BackendUserAuthentication\getFileStorages().

◆ $firstMainGroup

int TYPO3\CMS\Core\Authentication\BackendUserAuthentication::$firstMainGroup = 0

should only be used from within TYPO3 Core

Definition at line 239 of file BackendUserAuthentication.php.

◆ $formfield_status

string TYPO3\CMS\Core\Authentication\BackendUserAuthentication::$formfield_status = 'login_status'

Form field with status: *'login', 'logout'

Definition at line 213 of file BackendUserAuthentication.php.

◆ $formfield_uident

string TYPO3\CMS\Core\Authentication\BackendUserAuthentication::$formfield_uident = 'userident'

Form field with password

Definition at line 208 of file BackendUserAuthentication.php.

◆ $formfield_uname

string TYPO3\CMS\Core\Authentication\BackendUserAuthentication::$formfield_uname = 'username'

Form field with login-name

Definition at line 203 of file BackendUserAuthentication.php.

◆ $groupData

array TYPO3\CMS\Core\Authentication\BackendUserAuthentication::$groupData
Initial value:
= array(
'filemounts' => []
)

holds lists of eg. tables, fields and other values related to the permission-system. See fetchGroupData

Definition at line 79 of file BackendUserAuthentication.php.

Referenced by TYPO3\CMS\Core\Authentication\BackendUserAuthentication\getFileMountRecords().

◆ $groupList

string TYPO3\CMS\Core\Authentication\BackendUserAuthentication::$groupList = ''

This is $this->userGroupsUID imploded to a comma list... Will correspond to the 'usergroup_cached_list'

Definition at line 96 of file BackendUserAuthentication.php.

◆ $includeGroupArray

array TYPO3\CMS\Core\Authentication\BackendUserAuthentication::$includeGroupArray = array( )

List of group_id's in the order they are processed.

should only be used from within TYPO3 Core

Definition at line 137 of file BackendUserAuthentication.php.

◆ $lastLogin_column

string TYPO3\CMS\Core\Authentication\BackendUserAuthentication::$lastLogin_column = 'lastlogin'

Definition at line 188 of file BackendUserAuthentication.php.

◆ $loginType

string TYPO3\CMS\Core\Authentication\BackendUserAuthentication::$loginType = 'BE'

Login type, used for services.

Definition at line 273 of file BackendUserAuthentication.php.

◆ $sessionTimeout

int TYPO3\CMS\Core\Authentication\BackendUserAuthentication::$sessionTimeout = 28800

Session timeout (on the server), defaults to 8 hours for backend user

If >0: session-timeout in seconds. If <=0: Instant logout after login. The value must be at least 180 to avoid side effects.

should only be used from within TYPO3 Core

Definition at line 234 of file BackendUserAuthentication.php.

◆ $uc

array TYPO3\CMS\Core\Authentication\BackendUserAuthentication::$uc

User Config

Definition at line 244 of file BackendUserAuthentication.php.

Referenced by TYPO3\CMS\Core\Authentication\BackendUserAuthentication\backendSetUC().

◆ $uc_default

array TYPO3\CMS\Core\Authentication\BackendUserAuthentication::$uc_default
Initial value:
= array(
'interfaceSetup' => '',
'moduleData' => [],
'thumbnailsByDefault' => 1,
'emailMeAtLogin' => 0,
'titleLen' => 50,
'edit_RTE' => '1',
'edit_docModuleUpload' => '1',
'resizeTextareas' => 1,
'resizeTextareas_MaxHeight' => 500,
'resizeTextareas_Flexible' => 0
)

User Config Default values: The array may contain other fields for configuration. For this, see "setup" extension and "TSconfig" document (User TSconfig, "setup.[xxx]....") Reserved keys for other storage of session data: moduleData moduleSessionID

should only be used from within TYPO3 Core

Definition at line 255 of file BackendUserAuthentication.php.

◆ $user_table

string TYPO3\CMS\Core\Authentication\BackendUserAuthentication::$user_table = 'be_users'

Table in database with user data

Definition at line 169 of file BackendUserAuthentication.php.

◆ $usergroup_column

string TYPO3\CMS\Core\Authentication\BackendUserAuthentication::$usergroup_column = 'usergroup'

Should be set to the usergroup-column (id-list) in the user-record

Definition at line 68 of file BackendUserAuthentication.php.

◆ $usergroup_table

string TYPO3\CMS\Core\Authentication\BackendUserAuthentication::$usergroup_table = 'be_groups'

The name of the group-table

Definition at line 73 of file BackendUserAuthentication.php.

◆ $userGroups

array TYPO3\CMS\Core\Authentication\BackendUserAuthentication::$userGroups = array( )

This array will hold the groups that the user is a member of

Definition at line 86 of file BackendUserAuthentication.php.

◆ $userGroupsUID

array TYPO3\CMS\Core\Authentication\BackendUserAuthentication::$userGroupsUID = array( )

This array holds the uid's of the groups in the listed order

Definition at line 91 of file BackendUserAuthentication.php.

◆ $userid_column

string TYPO3\CMS\Core\Authentication\BackendUserAuthentication::$userid_column = 'uid'

Column for user-id

Definition at line 184 of file BackendUserAuthentication.php.

◆ $userident_column

string TYPO3\CMS\Core\Authentication\BackendUserAuthentication::$userident_column = 'password'

Column for password

Definition at line 179 of file BackendUserAuthentication.php.

◆ $username_column

string TYPO3\CMS\Core\Authentication\BackendUserAuthentication::$username_column = 'username'

Column for login-name

Definition at line 174 of file BackendUserAuthentication.php.

◆ $userTS

array TYPO3\CMS\Core\Authentication\BackendUserAuthentication::$userTS = array( )
protected

Parsed user TSconfig

Definition at line 141 of file BackendUserAuthentication.php.

Referenced by TYPO3\CMS\Core\Authentication\BackendUserAuthentication\getTSConfig().

◆ $userTSUpdated

bool TYPO3\CMS\Core\Authentication\BackendUserAuthentication::$userTSUpdated = false
protected

True if the user TSconfig was parsed and needs to be cached.

Definition at line 145 of file BackendUserAuthentication.php.

◆ $workspace

int TYPO3\CMS\Core\Authentication\BackendUserAuthentication::$workspace = -99

User workspace. -99 is ERROR (none available) 0 is online >0 is custom workspaces

Definition at line 104 of file BackendUserAuthentication.php.

Referenced by TYPO3\CMS\Core\Authentication\BackendUserAuthentication\setWorkspace(), and TYPO3\CMS\Core\Authentication\BackendUserAuthentication\workspaceInit().

◆ $workspaceRec

array TYPO3\CMS\Core\Authentication\BackendUserAuthentication::$workspaceRec = array( )

Custom workspace record if any

Definition at line 109 of file BackendUserAuthentication.php.

Referenced by TYPO3\CMS\Core\Authentication\BackendUserAuthentication\workspaceCheckStageForCurrent().

◆ $writeAttemptLog

bool TYPO3\CMS\Core\Authentication\BackendUserAuthentication::$writeAttemptLog = true

If the writelog() functions is called if a login-attempt has be tried without success

Definition at line 223 of file BackendUserAuthentication.php.

◆ $writeStdLog

bool TYPO3\CMS\Core\Authentication\BackendUserAuthentication::$writeStdLog = true

Decides if the writelog() function is called at login and logout

Definition at line 218 of file BackendUserAuthentication.php.

◆ ROLE_SYSTEMMAINTAINER

const TYPO3\CMS\Core\Authentication\BackendUserAuthentication::ROLE_SYSTEMMAINTAINER = 'systemMaintainer'

Definition at line 63 of file BackendUserAuthentication.php.

Referenced by TYPO3\CMS\Backend\Module\ModuleLoader\checkModAccess().