TYPO3\CMS\Core\Resource\Security\FileMetadataPermissionsAspect Class Reference

Inheritance diagram for TYPO3\CMS\Core\Resource\Security\FileMetadataPermissionsAspect:

Public Member Functions
int null	checkRecordUpdateAccess ($table, $id, $fileMetadataRecord, $otherHookGrantedAccess, DataHandler $dataHandler)
	checkModifyAccessList (&$accessAllowed, $table, DataHandler $parent)
bool	isAllowedToShowEditForm (array $parameters)

Protected Member Functions
bool	checkFileWriteAccessForFileMetaData ($fileMetadataRecord)

Detailed Description

We do not have AOP in TYPO3 for now, thus the aspect which deals with file metadata data security is an assembly of hooks to check permissions on files belonging to file meta data records

Definition at line 31 of file FileMetadataPermissionsAspect.php.

Member Function Documentation

checkFileWriteAccessForFileMetaData()

bool TYPO3\CMS\Core\Resource\Security\FileMetadataPermissionsAspect::checkFileWriteAccessForFileMetaData (   $fileMetadataRecord )

protected

Checks write access to the file belonging to a metadata entry

Parameters

array

$fileMetadataRecord

Returns

‪bool

Definition at line 158 of file FileMetadataPermissionsAspect.php.

Referenced by TYPO3\CMS\Core\Resource\Security\FileMetadataPermissionsAspect\checkModifyAccessList(), TYPO3\CMS\Core\Resource\Security\FileMetadataPermissionsAspect\checkRecordUpdateAccess(), and TYPO3\CMS\Core\Resource\Security\FileMetadataPermissionsAspect\isAllowedToShowEditForm().

checkModifyAccessList()

TYPO3\CMS\Core\Resource\Security\FileMetadataPermissionsAspect::checkModifyAccessList	(	&	$accessAllowed,
			$table,
		DataHandler	$parent
	)

Hook that determines whether a user has access to modify a table. We "abuse" it here to actually check if access is allowed to sys_file_metadata.

Parameters

int	$accessAllowed	‪Whether the user has access to modify a table
string	$table	‪The name of the table to be modified
DataHandler	$parent	‪The calling parent object

Exceptions

Implements TYPO3\CMS\Core\DataHandling\DataHandlerCheckModifyAccessListHookInterface.

Definition at line 67 of file FileMetadataPermissionsAspect.php.

References TYPO3\CMS\Core\Utility\MathUtility\canBeInterpretedAsInteger(), TYPO3\CMS\Core\Resource\Security\FileMetadataPermissionsAspect\checkFileWriteAccessForFileMetaData(), and TYPO3\CMS\Backend\Utility\BackendUtility\getRecord().

checkRecordUpdateAccess()

int null TYPO3\CMS\Core\Resource\Security\FileMetadataPermissionsAspect::checkRecordUpdateAccess	(		$table,
			$id,
			$fileMetadataRecord,
			$otherHookGrantedAccess,
		DataHandler	$dataHandler
	)

This hook is called before any write operation by DataHandler

Parameters

string	$table
int	$id
array	$fileMetadataRecord
int | null	$otherHookGrantedAccess
\TYPO3\CMS\Core\DataHandling\DataHandler	$dataHandler

Returns

‪int|null

Definition at line 43 of file FileMetadataPermissionsAspect.php.

References TYPO3\CMS\Core\Resource\Security\FileMetadataPermissionsAspect\checkFileWriteAccessForFileMetaData(), and TYPO3\CMS\Backend\Utility\BackendUtility\getRecord().

isAllowedToShowEditForm()

bool TYPO3\CMS\Core\Resource\Security\FileMetadataPermissionsAspect::isAllowedToShowEditForm

(

array

$parameters

)

Deny access to the edit form. This is not mandatory, but better to show this right away that access is denied.

Parameters

array

$parameters

Returns

‪bool

Definition at line 138 of file FileMetadataPermissionsAspect.php.

References TYPO3\CMS\Core\Resource\Security\FileMetadataPermissionsAspect\checkFileWriteAccessForFileMetaData(), and TYPO3\CMS\Backend\Utility\BackendUtility\getRecord().