‪TYPO3CMS  ‪main
Public Member Functions | Public Attributes | Private Member Functions | Private Attributes | List of all members
TYPO3\CMS\Backend\Controller\Security\SudoModeController Class Reference
Inheritance diagram for TYPO3\CMS\Backend\Controller\Security\SudoModeController:

Public Member Functions

 __construct (private readonly UriBuilder $uriBuilder, private readonly PageRenderer $pageRenderer, private readonly AccessFactory $factory, private readonly AccessStorage $storage, private readonly PasswordVerification $passwordVerification, private readonly ModuleTemplateFactory $moduleTemplateFactory, private readonly BackendEntryPointResolver $backendEntryPointResolver, private readonly HashService $hashService,)
 
 buildModuleActionUriForClaim (AccessClaim $claim)
 
 moduleAction (ServerRequestInterface $request)
 
 applyAction (ServerRequestInterface $request)
 
 errorAction (ServerRequestInterface $request)
 
 verifyAction (ServerRequestInterface $request)
 

Public Attributes

 return ['claim'=> $claim->id, 'user'=> $backendUserAspect->get('id'),]
 

Private Member Functions

 redirectToErrorAction ()
 
 buildUriParametersForClaim (AccessClaim $claim, string $additionalPepper)
 
 resolveClaimFromRequest (ServerRequestInterface $request, string $additionalPepper)
 
 grantClaim (AccessClaim $claim)
 
array< string, buildLoggerContext(AccessClaim $claim):array { $backendUserAspect=GeneralUtility::makeInstance(Context::class) -> getAspect ('backend.user')
 
 getBackendUser ()
 

Private Attributes

const ROUTE_PATH_MODULE = '/sudo-mode/module'
 
const ROUTE_PATH_APPLY = '/sudo-mode/apply'
 
const ROUTE_PATH_ERROR = '/sudo-mode/error'
 
const ROUTE_PATH_VERIFY = '/ajax/sudo-mode/verify'
 

Detailed Description

Handling visual sudo mode verification for configured routes/modules.

Definition at line 48 of file SudoModeController.php.

Constructor & Destructor Documentation

◆ __construct()

TYPO3\CMS\Backend\Controller\Security\SudoModeController::__construct ( private readonly UriBuilder  $uriBuilder,
private readonly PageRenderer  $pageRenderer,
private readonly AccessFactory  $factory,
private readonly AccessStorage  $storage,
private readonly PasswordVerification  $passwordVerification,
private readonly ModuleTemplateFactory  $moduleTemplateFactory,
private readonly BackendEntryPointResolver  $backendEntryPointResolver,
private readonly HashService  $hashService 
)

Definition at line 57 of file SudoModeController.php.

Member Function Documentation

◆ applyAction()

TYPO3\CMS\Backend\Controller\Security\SudoModeController::applyAction ( ServerRequestInterface  $request)

Called from JavaScript web-component, throwing an exception that is handled by SudoModeInterceptor middleware.

Definition at line 101 of file SudoModeController.php.

References TYPO3\CMS\Backend\Controller\Security\SudoModeController\redirectToErrorAction(), and TYPO3\CMS\Backend\Controller\Security\SudoModeController\resolveClaimFromRequest().

◆ buildModuleActionUriForClaim()

TYPO3\CMS\Backend\Controller\Security\SudoModeController::buildModuleActionUriForClaim ( AccessClaim  $claim)

Definition at line 68 of file SudoModeController.php.

References TYPO3\CMS\Backend\Controller\Security\SudoModeController\buildUriParametersForClaim().

◆ buildUriParametersForClaim()

TYPO3\CMS\Backend\Controller\Security\SudoModeController::buildUriParametersForClaim ( AccessClaim  $claim,
string  $additionalPepper 
)
private
Parameters
string$additionalPepper‪used to create a specific signature (e.g. on the action)

Definition at line 169 of file SudoModeController.php.

Referenced by TYPO3\CMS\Backend\Controller\Security\SudoModeController\buildModuleActionUriForClaim().

◆ errorAction()

TYPO3\CMS\Backend\Controller\Security\SudoModeController::errorAction ( ServerRequestInterface  $request)

Renders markup with error messages in case AccessClaim could not be resolved (e.g. when expired).

Definition at line 117 of file SudoModeController.php.

◆ getAspect()

array<string, buildLoggerContext(AccessClaim $claim): array { $backendUserAspect = GeneralUtility::makeInstance(Context::class) -> TYPO3\CMS\Backend\Controller\Security\SudoModeController::getAspect ( 'backend.user'  )
private
Returns
‪array<string, int|string>

◆ getBackendUser()

TYPO3\CMS\Backend\Controller\Security\SudoModeController::getBackendUser ( )
private

Definition at line 212 of file SudoModeController.php.

References $GLOBALS.

◆ grantClaim()

TYPO3\CMS\Backend\Controller\Security\SudoModeController::grantClaim ( AccessClaim  $claim)
private

Definition at line 193 of file SudoModeController.php.

Referenced by TYPO3\CMS\Backend\Controller\Security\SudoModeController\verifyAction().

◆ moduleAction()

TYPO3\CMS\Backend\Controller\Security\SudoModeController::moduleAction ( ServerRequestInterface  $request)

Renders the module backend markup, including the <typo3-backend-security-sudo-mode> element.

Definition at line 79 of file SudoModeController.php.

References TYPO3\CMS\Backend\Controller\Security\SudoModeController\redirectToErrorAction(), and TYPO3\CMS\Backend\Controller\Security\SudoModeController\resolveClaimFromRequest().

◆ redirectToErrorAction()

TYPO3\CMS\Backend\Controller\Security\SudoModeController::redirectToErrorAction ( )
private

Definition at line 160 of file SudoModeController.php.

Referenced by TYPO3\CMS\Backend\Controller\Security\SudoModeController\applyAction(), and TYPO3\CMS\Backend\Controller\Security\SudoModeController\moduleAction().

◆ resolveClaimFromRequest()

TYPO3\CMS\Backend\Controller\Security\SudoModeController::resolveClaimFromRequest ( ServerRequestInterface  $request,
string  $additionalPepper 
)
private
Parameters
string$additionalPepper‪used to create a specific signature (e.g. on the action)

Definition at line 181 of file SudoModeController.php.

Referenced by TYPO3\CMS\Backend\Controller\Security\SudoModeController\applyAction(), TYPO3\CMS\Backend\Controller\Security\SudoModeController\moduleAction(), and TYPO3\CMS\Backend\Controller\Security\SudoModeController\verifyAction().

◆ verifyAction()

TYPO3\CMS\Backend\Controller\Security\SudoModeController::verifyAction ( ServerRequestInterface  $request)

Verifies the provided password, called via AJAX from JavaScript web-component.

Definition at line 130 of file SudoModeController.php.

References TYPO3\CMS\Backend\Controller\Security\SudoModeController\grantClaim(), and TYPO3\CMS\Backend\Controller\Security\SudoModeController\resolveClaimFromRequest().

Member Data Documentation

◆ return

TYPO3\CMS\Backend\Controller\Security\SudoModeController::return[ 'claim'=> $claim->id, 'user'=> $backendUserAspect->get( 'id'),]

Definition at line 206 of file SudoModeController.php.

◆ ROUTE_PATH_APPLY

const TYPO3\CMS\Backend\Controller\Security\SudoModeController::ROUTE_PATH_APPLY = '/sudo-mode/apply'
private

Definition at line 53 of file SudoModeController.php.

◆ ROUTE_PATH_ERROR

const TYPO3\CMS\Backend\Controller\Security\SudoModeController::ROUTE_PATH_ERROR = '/sudo-mode/error'
private

Definition at line 54 of file SudoModeController.php.

◆ ROUTE_PATH_MODULE

const TYPO3\CMS\Backend\Controller\Security\SudoModeController::ROUTE_PATH_MODULE = '/sudo-mode/module'
private

Definition at line 52 of file SudoModeController.php.

◆ ROUTE_PATH_VERIFY

const TYPO3\CMS\Backend\Controller\Security\SudoModeController::ROUTE_PATH_VERIFY = '/ajax/sudo-mode/verify'
private

Definition at line 55 of file SudoModeController.php.