‪TYPO3CMS  ‪main
RecordAccessVoter.php
Go to the documentation of this file.
1 <?php
2 
3 declare(strict_types=1);
4 
5 /*
6  * This file is part of the TYPO3 CMS project.
7  *
8  * It is free software; you can redistribute it and/or modify it under
9  * the terms of the GNU General Public License, either version 2
10  * of the License, or any later version.
11  *
12  * For the full copyright and license information, please read the
13  * LICENSE.txt file that was distributed with this source code.
14  *
15  * The TYPO3 project - inspiring people to share!
16  */
17 
19 
20 use Psr\EventDispatcher\EventDispatcherInterface;
21 use Symfony\Component\DependencyInjection\Attribute\Autoconfigure;
23 
29 #[Autoconfigure(public: true)]
31 {
32  public function ‪__construct(
33  protected readonly EventDispatcherInterface $eventDispatcher
34  ) {}
35 
46  public function ‪accessGranted(string $table, array ‪$record, ‪Context $context): bool
47  {
48  $event = new ‪RecordAccessGrantedEvent($table, ‪$record, $context);
49  $this->eventDispatcher->dispatch($event);
50  if ($event->isPropagationStopped()) {
51  return $event->accessGranted();
52  }
53  ‪$record = $event->getRecord();
54 
55  $configuration = $this->‪getEnableFieldsConfigurationForTable($table);
56  $visibilityAspect = $context->‪getAspect('visibility');
57  $includeHidden = $table === 'pages'
58  ? $visibilityAspect->includeHiddenPages()
59  : $visibilityAspect->includeHiddenContent();
60 
61  // Hidden field is active and hidden records should not be included
62  if ((‪$record[$configuration['disabled'] ?? null] ?? false) && !$includeHidden) {
63  return false;
64  }
65  // Records' starttime set AND is HIGHER than the current access time
66  if (isset($configuration['starttime'], ‪$record[$configuration['starttime']])
67  && (int)‪$record[$configuration['starttime']] > ‪$GLOBALS['SIM_ACCESS_TIME']
68  ) {
69  return false;
70  }
71  // Records' endtime is set AND NOT "0" AND LOWER than the current access time
72  if (isset($configuration['endtime'], ‪$record[$configuration['endtime']])
73  && ((int)‪$record[$configuration['endtime']] !== 0)
74  && ((int)‪$record[$configuration['endtime']] < ‪$GLOBALS['SIM_ACCESS_TIME'])
75  ) {
76  return false;
77  }
78  // Insufficient group access
79  if ($this->‪groupAccessGranted($table, ‪$record, $context) === false) {
80  return false;
81  }
82  // Record is available
83  return true;
84  }
85 
94  public function ‪groupAccessGranted(string $table, array ‪$record, ‪Context $context): bool
95  {
96  $configuration = $this->‪getEnableFieldsConfigurationForTable($table);
97  if (!isset($configuration['fe_group']) || !(‪$record[$configuration['fe_group']] ?? false)) {
98  return true;
99  }
100  // No frontend user, but 'fe_group' is not empty, so shut this down.
101  if (!$context->‪hasAspect('frontend.user')) {
102  return false;
103  }
104  $pageGroupList = explode(',', (string)‪$record[$configuration['fe_group']]);
105  return count(array_intersect($context->‪getAspect('frontend.user')->getGroupIds(), $pageGroupList)) > 0;
106  }
107 
116  public function ‪accessGrantedForPageInRootLine(array $pageRecord, ‪Context $context): bool
117  {
118  return !($pageRecord['extendToSubpages'] ?? false) || $this->‪accessGranted('pages', $pageRecord, $context);
119  }
120 
121  protected function ‪getEnableFieldsConfigurationForTable(string $table): array
122  {
123  return ‪$GLOBALS['TCA'][$table]['ctrl']['enablecolumns'] ?? [];
124  }
125 }
‪TYPO3\CMS\Core\Domain\Access\RecordAccessVoter\accessGranted
‪bool accessGranted(string $table, array $record, Context $context)
Definition: RecordAccessVoter.php:46
‪TYPO3\CMS\Core\Context\Context\getAspect
‪getAspect(string $name)
Definition: Context.php:76
‪TYPO3\CMS\Core\Domain\Access\RecordAccessVoter\__construct
‪__construct(protected readonly EventDispatcherInterface $eventDispatcher)
Definition: RecordAccessVoter.php:32
‪TYPO3\CMS\Core\Context\Context
Definition: Context.php:54
‪TYPO3\CMS\Core\Domain\Access\RecordAccessVoter\groupAccessGranted
‪bool groupAccessGranted(string $table, array $record, Context $context)
Definition: RecordAccessVoter.php:94
‪TYPO3\CMS\Core\Context\Context\hasAspect
‪hasAspect(string $name)
Definition: Context.php:63
‪TYPO3\CMS\Webhooks\Message\$record
‪identifier readonly int readonly array $record
Definition: PageModificationMessage.php:36
‪TYPO3\CMS\Core\Domain\Access\RecordAccessVoter\accessGrantedForPageInRootLine
‪accessGrantedForPageInRootLine(array $pageRecord, Context $context)
Definition: RecordAccessVoter.php:116
‪TYPO3\CMS\Core\Domain\Access\RecordAccessGrantedEvent
Definition: RecordAccessGrantedEvent.php:29
‪TYPO3\CMS\Core\Domain\Access\RecordAccessVoter\getEnableFieldsConfigurationForTable
‪getEnableFieldsConfigurationForTable(string $table)
Definition: RecordAccessVoter.php:121
‪$GLOBALS
‪$GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['adminpanel']['modules']
Definition: ext_localconf.php:25
‪TYPO3\CMS\Core\Domain\Access
Definition: RecordAccessGrantedEvent.php:18
‪TYPO3\CMS\Core\Domain\Access\RecordAccessVoter
Definition: RecordAccessVoter.php:31