StoragePermissionsAspect.php

Go to the documentation of this file.

<?php
namespace TYPO3\CMS\Core\Resource\Security;

use TYPO3\CMS\Core\Authentication\BackendUserAuthentication;
use TYPO3\CMS\Core\Resource\Exception\FolderDoesNotExistException;
use TYPO3\CMS\Core\Resource\ResourceFactory;
use TYPO3\CMS\Core\Resource\ResourceStorage;

class StoragePermissionsAspect {

    protected $backendUserAuthentication;

    protected $defaultStorageZeroPermissions = array(
        'readFolder' => TRUE,
        'readFile' => TRUE
    );


    public function __construct($backendUserAuthentication = NULL) {
        $this->backendUserAuthentication = $backendUserAuthentication ?: $GLOBALS['BE_USER'];
    }

    public function addUserPermissionsToStorage(ResourceFactory $resourceFactory, ResourceStorage $storage) {
        if (!$this->backendUserAuthentication->isAdmin()) {
            $storage->setEvaluatePermissions(TRUE);
            if ($storage->getUid() > 0) {
                $storage->setUserPermissions($this->backendUserAuthentication->getFilePermissionsForStorage($storage));
            } else {
                $storage->setEvaluatePermissions(FALSE);
            }
            $this->addFileMountsToStorage($storage);
        }
    }

    protected function addFileMountsToStorage(ResourceStorage $storage) {
        foreach ($this->backendUserAuthentication->getFileMountRecords() as $fileMountRow) {
            if ((int)$fileMountRow['base'] === (int)$storage->getUid()) {
                try {
                    $storage->addFileMount($fileMountRow['path'], $fileMountRow);
                } catch (FolderDoesNotExistException $e) {
                    // That file mount does not seem to be valid, fail silently
                }
            }
        }
    }
}