‪TYPO3CMS  ‪main
PagePermissionRestriction.php
Go to the documentation of this file.
1 <?php
2 
3 declare(strict_types=1);
4 
5 /*
6  * This file is part of the TYPO3 CMS project.
7  *
8  * It is free software; you can redistribute it and/or modify it under
9  * the terms of the GNU General Public License, either version 2
10  * of the License, or any later version.
11  *
12  * For the full copyright and license information, please read the
13  * LICENSE.txt file that was distributed with this source code.
14  *
15  * The TYPO3 project - inspiring people to share!
16  */
17 
18 namespace ‪TYPO3\CMS\Core\Database\Query\Restriction;
19 
20 use ‪TYPO3\CMS\Core\Context\UserAspect;
21 use ‪TYPO3\CMS\Core\Database\Query\Expression\CompositeExpression;
22 use ‪TYPO3\CMS\Core\Database\Query\Expression\ExpressionBuilder;
23 
41 class ‪PagePermissionRestriction implements ‪QueryRestrictionInterface
42 {
46  protected ‪$permissions;
47 
51  protected ‪$userAspect;
52 
53  public function ‪__construct(‪UserAspect ‪$userAspect, int ‪$permissions)
54  {
55  $this->permissions = ‪$permissions;
56  $this->userAspect = ‪$userAspect;
57  }
58 
66  public function ‪buildExpression(array $queriedTables, ‪ExpressionBuilder $expressionBuilder): ‪CompositeExpression
67  {
68  $constraints = [];
69 
70  foreach ($queriedTables as $tableAlias => $tableName) {
71  if ($tableName !== 'pages') {
72  continue;
73  }
74 
75  $constraint = $this->‪buildUserConstraints($expressionBuilder, $tableAlias);
76  if ($constraint) {
77  $constraints[] = $expressionBuilder->‪and($constraint);
78  }
79  }
80 
81  return $expressionBuilder->‪and(...$constraints);
82  }
83 
88  protected function ‪buildUserConstraints(ExpressionBuilder $expressionBuilder, string $tableAlias)
89  {
90  if (!$this->userAspect->isLoggedIn()) {
91  return $expressionBuilder->comparison(1, ExpressionBuilder::EQ, 0);
92  }
93  if ($this->userAspect->isAdmin()) {
94  return null;
95  }
96  // User permissions
97  $constraint = $expressionBuilder->‪or(
98  $expressionBuilder->comparison(
99  $expressionBuilder->bitAnd($tableAlias . '.perms_everybody', $this->permissions),
100  ExpressionBuilder::EQ,
101  $this->permissions
102  ),
103  $expressionBuilder->and(
104  $expressionBuilder->eq($tableAlias . '.perms_userid', $this->userAspect->get('id')),
105  $expressionBuilder->comparison(
106  $expressionBuilder->bitAnd($tableAlias . '.perms_user', $this->permissions),
107  ExpressionBuilder::EQ,
108  $this->permissions
109  )
110  )
111  );
112 
113  // User groups (if any are set)
114  $groupIds = array_map(intval(...), $this->userAspect->getGroupIds());
115  if (!empty($groupIds)) {
116  $constraint = $constraint->with(
117  $expressionBuilder->and(
118  $expressionBuilder->in(
119  $tableAlias . '.perms_groupid',
120  $groupIds
121  ),
122  $expressionBuilder->comparison(
123  $expressionBuilder->bitAnd($tableAlias . '.perms_group', $this->permissions),
124  ExpressionBuilder::EQ,
125  $this->permissions
126  )
127  )
128  );
129  }
130  return $constraint;
131  }
132 }
‪TYPO3\CMS\Core\Database\Query\Expression\CompositeExpression\or
‪static or($part=null,... $parts)
Definition: CompositeExpression.php:96
‪TYPO3\CMS\Core\Database\Query\Expression\ExpressionBuilder\in
‪in(string $fieldName, $value)
Definition: ExpressionBuilder.php:227
‪TYPO3\CMS\Core\Database\Query\Expression\ExpressionBuilder
Definition: ExpressionBuilder.php:40
‪TYPO3\CMS\Core\Database\Query\Restriction\PagePermissionRestriction\buildExpression
‪CompositeExpression buildExpression(array $queriedTables, ExpressionBuilder $expressionBuilder)
Definition: PagePermissionRestriction.php:64
‪TYPO3\CMS\Core\Database\Query\Restriction\QueryRestrictionInterface
Definition: QueryRestrictionInterface.php:27
‪TYPO3\CMS\Core\Database\Query\Restriction\PagePermissionRestriction\$userAspect
‪UserAspect $userAspect
Definition: PagePermissionRestriction.php:49
‪TYPO3\CMS\Core\Database\Query\Expression\ExpressionBuilder\or
‪or(CompositeExpression|\Doctrine\DBAL\Query\Expression\CompositeExpression|string|null ... $expressions)
Definition: ExpressionBuilder.php:59
‪TYPO3\CMS\Core\Database\Query\Expression\ExpressionBuilder\comparison
‪comparison($leftExpression, string $operator, $rightExpression)
Definition: ExpressionBuilder.php:73
‪TYPO3\CMS\Core\Database\Query\Restriction\PagePermissionRestriction\$permissions
‪int $permissions
Definition: PagePermissionRestriction.php:45
‪TYPO3\CMS\Core\Database\Query\Expression\ExpressionBuilder\eq
‪eq(string $fieldName, $value)
Definition: ExpressionBuilder.php:84
‪TYPO3\CMS\Core\Database\Query\Expression\CompositeExpression
Definition: CompositeExpression.php:27
‪TYPO3\CMS\Core\Database\Query\Restriction
Definition: AbstractRestrictionContainer.php:18
‪TYPO3\CMS\Core\Database\Query\Restriction\PagePermissionRestriction\__construct
‪__construct(UserAspect $userAspect, int $permissions)
Definition: PagePermissionRestriction.php:51
‪TYPO3\CMS\Core\Database\Query\Restriction\PagePermissionRestriction
Definition: PagePermissionRestriction.php:42
‪TYPO3\CMS\Core\Database\Query\Expression\ExpressionBuilder\bitAnd
‪bitAnd(string $fieldName, int $value)
Definition: ExpressionBuilder.php:444
‪TYPO3\CMS\Core\Database\Query\Expression\ExpressionBuilder\and
‪and(CompositeExpression|\Doctrine\DBAL\Query\Expression\CompositeExpression|string|null ... $expressions,)
Definition: ExpressionBuilder.php:50
‪TYPO3\CMS\Core\Database\Query\Restriction\PagePermissionRestriction\buildUserConstraints
‪string CompositeExpression null buildUserConstraints(ExpressionBuilder $expressionBuilder, string $tableAlias)
Definition: PagePermissionRestriction.php:86
‪TYPO3\CMS\Core\Context\UserAspect
Definition: UserAspect.php:37