FrontendBackendUserAuthentication.php

Go to the documentation of this file.

<?php
 
/*
 * This file is part of the TYPO3 CMS project.
 *
 * It is free software; you can redistribute it and/or modify it under
 * the terms of the GNU General Public License, either version 2
 * of the License, or any later version.
 *
 * For the full copyright and license information, please read the
 * LICENSE.txt file that was distributed with this source code.
 *
 * The TYPO3 project - inspiring people to share!
 */
 
namespace ‪TYPO3\CMS\Backend;
 
use TYPO3\CMS\Backend\Utility\BackendUtility;
use ‪TYPO3\CMS\Core\Authentication\BackendUserAuthentication;
use ‪TYPO3\CMS\Core\Context\Context;
use ‪TYPO3\CMS\Core\Context\LanguageAspect;
use ‪TYPO3\CMS\Core\Type\Bitmask\Permission;
use ‪TYPO3\CMS\Core\Utility\GeneralUtility;
 
class ‪FrontendBackendUserAuthentication extends ‪BackendUserAuthentication
{
    public ‪$formfield_uname = '';
 
    public ‪$formfield_uident = '';
 
    public ‪$formfield_status = '';
 
    public ‪$writeStdLog = false;
 
    public ‪$writeAttemptLog = false;
 
    public function ‪backendCheckLogin($proceedIfNoUserIsLoggedIn = null)
    {
        if (empty($this->user['uid'])) {
            return false;
        }
        // Check Hardcoded lock on BE
        if (‪$GLOBALS['TYPO3_CONF_VARS']['BE']['adminOnly'] < 0) {
            return false;
        }
        return $this->‪isUserAllowedToLogin();
    }
 
    public function ‪allowedToEditLanguage($table, array $currentRecord): bool
    {
        // If no access right to record languages, return immediately
        $languageAspect = GeneralUtility::makeInstance(Context::class)->getAspect('language');
        if ($table === 'pages') {
            $languageId = $languageAspect->getId();
        } elseif ($table === 'tt_content') {
            $languageId = $languageAspect->getContentId();
        } elseif (‪$GLOBALS['TCA'][$table]['ctrl']['languageField'] ?? false) {
            $languageId = $currentRecord[‪$GLOBALS['TCA'][$table]['ctrl']['languageField']];
        } else {
            $languageId = -1;
        }
        return $this->‪checkLanguageAccess($languageId);
    }
 
    public function ‪allowedToEdit(string $table, array $dataArray, array $conf, bool $checkEditAccessInternals): bool
    {
        // Unless permissions specifically allow it, editing is not allowed.
        $mayEdit = false;
        if ($checkEditAccessInternals) {
            $editAccessInternals = $this->‪recordEditAccessInternals($table, $dataArray, false, false);
        } else {
            $editAccessInternals = true;
        }
        if ($editAccessInternals) {
            $restrictEditingToRecordsOfCurrentPid = !empty($conf['onlyCurrentPid'] ?? false);
            if ($this->‪isAdmin()) {
                $mayEdit = true;
            } elseif ($table === 'pages') {
                if ($this->‪doesUserHaveAccess($dataArray, ‪Permission::PAGE_EDIT)) {
                    $mayEdit = true;
                }
            } else {
                $pageOfEditableRecord = BackendUtility::getRecord('pages', $dataArray['pid']);
                if (is_array($pageOfEditableRecord) && $this->‪doesUserHaveAccess($pageOfEditableRecord, ‪Permission::CONTENT_EDIT) && !$restrictEditingToRecordsOfCurrentPid) {
                    $mayEdit = true;
                }
            }
            // Check the permission of the "pid" that should be accessed, if not disabled.
            if (!$restrictEditingToRecordsOfCurrentPid || $dataArray['pid'] == ‪$GLOBALS['TSFE']->id) {
                // Permissions
                if ($table === 'pages') {
                    $allow = $this->‪getAllowedEditActions($table, $conf, $dataArray['pid']);
                    // Can only display editbox if there are options in the menu
                    if (!empty($allow)) {
                        $mayEdit = true;
                    }
                } else {
                    $perms = new ‪Permission($this->‪calcPerms(‪$GLOBALS['TSFE']->page));
                    $types = ‪GeneralUtility::trimExplode(',', strtolower($conf['allow']), true);
                    $allow = array_flip($types);
                    $mayEdit = !empty($allow) && $perms->editContentPermissionIsGranted();
                }
            }
        }
        return $mayEdit;
    }
 
    public function ‪getAllowedEditActions($table, array $conf, $pid): array
    {
        $types = ‪GeneralUtility::trimExplode(',', strtolower($conf['allow']), true);
        $allow = array_flip($types);
        if (!($conf['onlyCurrentPid'] ?? false) || $pid == ‪$GLOBALS['TSFE']->id) {
            // Permissions
            $types = ‪GeneralUtility::trimExplode(',', strtolower($conf['allow']), true);
            $allow = array_flip($types);
            $perms = new ‪Permission($this->‪calcPerms(‪$GLOBALS['TSFE']->page));
            if ($table === 'pages') {
                // Rootpage
                if (count(‪$GLOBALS['TSFE']->config['rootLine']) === 1) {
                    unset($allow['move']);
                    unset($allow['hide']);
                    unset($allow['delete']);
                }
                if (!$perms->editPagePermissionIsGranted() || !$this->checkLanguageAccess(0)) {
                    unset($allow['edit']);
                    unset($allow['move']);
                    unset($allow['hide']);
                }
                if (!$perms->deletePagePermissionIsGranted()) {
                    unset($allow['delete']);
                }
                if (!$perms->createPagePermissionIsGranted()) {
                    unset($allow['new']);
                }
            }
        }
        return $allow;
    }
 
    protected function ‪hasEditAccessToLiveWorkspace(): bool
    {
        return true;
    }
}