‪TYPO3CMS  9.5
CategoryPermissionsAspect.php
Go to the documentation of this file.
1 <?php
3 
4 /*
5  * This file is part of the TYPO3 CMS project.
6  *
7  * It is free software; you can redistribute it and/or modify it under
8  * the terms of the GNU General Public License, either version 2
9  * of the License, or any later version.
10  *
11  * For the full copyright and license information, please read the
12  * LICENSE.txt file that was distributed with this source code.
13  *
14  * The TYPO3 project - inspiring people to share!
15  */
16 
23 
34 {
38  protected ‪$categoryTableName = 'sys_category';
39 
44 
48  public function ‪__construct(‪$backendUserAuthentication = null)
49  {
50  $this->backendUserAuthentication = ‪$backendUserAuthentication ?: ‪$GLOBALS['BE_USER'];
51  }
52 
59  public function ‪addUserPermissionsToCategoryTreeData(‪DatabaseTreeDataProvider $dataProvider, $treeData)
60  {
61  // Only evaluate this in the backend
62  if (!(TYPO3_REQUESTTYPE & TYPO3_REQUESTTYPE_BE)) {
63  return;
64  }
65 
66  if (!$this->backendUserAuthentication->isAdmin() && $dataProvider->‪getTableName() === $this->categoryTableName) {
67 
68  // Get User permissions related to category
69  $categoryMountPoints = $this->backendUserAuthentication->getCategoryMountPoints();
70 
71  // Backup child nodes to be processed.
72  $treeNodeCollection = $treeData->getChildNodes();
73 
74  if (!empty($categoryMountPoints) && !empty($treeNodeCollection)) {
75 
76  // Check the rootline against categoryMountPoints when tree was filtered
77  if ($dataProvider->‪getRootUid() !== null) {
78  if (in_array($dataProvider->‪getRootUid(), $categoryMountPoints)) {
79  return;
80  }
81  $uidsInRootline = $this->‪findUidsInRootline($dataProvider->‪getRootUid());
82  if (!empty(array_intersect($categoryMountPoints, $uidsInRootline))) {
83  // One of the parents was found in categoryMountPoints so all children are secure
84  return;
85  }
86  }
87 
88  // First, remove all child nodes which must be analyzed to be considered as "secure".
89  // The nodes were backed up in variable $treeNodeCollection beforehand.
90  $treeData->removeChildNodes();
91 
92  // Create an empty tree node collection to receive the secured nodes.
94  $securedTreeNodeCollection = \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance(\‪TYPO3\CMS\Backend\Tree\TreeNodeCollection::class);
95 
96  foreach ($categoryMountPoints as $categoryMountPoint) {
97  $treeNode = $this->‪lookUpCategoryMountPointInTreeNodes((int)$categoryMountPoint, $treeNodeCollection);
98  if ($treeNode !== null) {
99  $securedTreeNodeCollection->append($treeNode);
100  }
101  }
102 
103  // Reset child nodes.
104  $treeData->setChildNodes($securedTreeNodeCollection);
105  }
106  }
107  }
108 
116  protected function ‪lookUpCategoryMountPointInTreeNodes($categoryMountPoint, ‪TreeNodeCollection $treeNodeCollection)
117  {
118  $result = null;
119 
120  // If any User permission, recursively traverse the tree and set tree part as mount point
121  foreach ($treeNodeCollection as $treeNode) {
122 
124  if ((int)$treeNode->getId() === $categoryMountPoint) {
125  $result = $treeNode;
126  break;
127  }
128 
129  if ($treeNode->hasChildNodes()) {
130 
132  $node = $this->‪lookUpCategoryMountPointInTreeNodes($categoryMountPoint, $treeNode->getChildNodes());
133  if ($node !== null) {
134  $result = $node;
135  break;
136  }
137  }
138  }
139  return $result;
140  }
141 
148  protected function ‪findUidsInRootline($uid)
149  {
151  $queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable($this->categoryTableName);
152  $row = $queryBuilder
153  ->select('parent')
154  ->from($this->categoryTableName)
155  ->where(
156  $queryBuilder->expr()->eq('uid', $queryBuilder->createNamedParameter($uid, \PDO::PARAM_INT))
157  )
158  ->execute()
159  ->fetch();
160 
161  $parentUids = [];
162  if ($row['parent'] > 0) {
163  $parentUids = $this->‪findUidsInRootline($row['parent']);
164  $parentUids[] = $row['parent'];
165  }
166  return $parentUids;
167  }
168 }
‪TYPO3\CMS\Backend\Security\CategoryPermissionsAspect\$categoryTableName
‪string $categoryTableName
Definition: CategoryPermissionsAspect.php:37
‪TYPO3
‪TYPO3\CMS\Core\Tree\TableConfiguration\DatabaseTreeDataProvider
Definition: DatabaseTreeDataProvider.php:30
‪TYPO3\CMS\Backend\Tree\TreeNodeCollection
Definition: TreeNodeCollection.php:21
‪TYPO3\CMS\Core\Tree\TableConfiguration\DatabaseTreeDataProvider\getRootUid
‪int getRootUid()
Definition: DatabaseTreeDataProvider.php:201
‪TYPO3\CMS\Backend\Tree\TreeNode
Definition: TreeNode.php:23
‪TYPO3\CMS\Backend\Security\CategoryPermissionsAspect\$backendUserAuthentication
‪BackendUserAuthentication $backendUserAuthentication
Definition: CategoryPermissionsAspect.php:41
‪TYPO3\CMS\Backend\Security
Definition: CategoryPermissionsAspect.php:2
‪TYPO3\CMS\Core\Authentication\BackendUserAuthentication
Definition: BackendUserAuthentication.php:45
‪TYPO3\CMS\Backend\Security\CategoryPermissionsAspect\findUidsInRootline
‪array findUidsInRootline($uid)
Definition: CategoryPermissionsAspect.php:146
‪TYPO3\CMS\Backend\Security\CategoryPermissionsAspect\lookUpCategoryMountPointInTreeNodes
‪TreeNode null lookUpCategoryMountPointInTreeNodes($categoryMountPoint, TreeNodeCollection $treeNodeCollection)
Definition: CategoryPermissionsAspect.php:114
‪TYPO3\CMS\Backend\Security\CategoryPermissionsAspect
Definition: CategoryPermissionsAspect.php:34
‪$GLOBALS
‪$GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['adminpanel']['modules']
Definition: ext_localconf.php:5
‪TYPO3\CMS\Core\Tree\TableConfiguration\DatabaseTreeDataProvider\getTableName
‪string getTableName()
Definition: DatabaseTreeDataProvider.php:122
‪TYPO3\CMS\Backend\Security\CategoryPermissionsAspect\addUserPermissionsToCategoryTreeData
‪addUserPermissionsToCategoryTreeData(DatabaseTreeDataProvider $dataProvider, $treeData)
Definition: CategoryPermissionsAspect.php:57
‪TYPO3\CMS\Core\Database\ConnectionPool
Definition: ConnectionPool.php:44
‪TYPO3\CMS\Core\Utility\GeneralUtility
Definition: GeneralUtility.php:45
‪TYPO3\CMS\Backend\Security\CategoryPermissionsAspect\__construct
‪__construct($backendUserAuthentication=null)
Definition: CategoryPermissionsAspect.php:46