TYPO3CMS  8
 All Classes Namespaces Files Functions Variables Pages
FilesReplacePermissionUpdate.php
Go to the documentation of this file.
1 <?php
2 namespace TYPO3\CMS\Install\Updates;
3 
4 /*
5  * This file is part of the TYPO3 CMS project.
6  *
7  * It is free software; you can redistribute it and/or modify it under
8  * the terms of the GNU General Public License, either version 2
9  * of the License, or any later version.
10  *
11  * For the full copyright and license information, please read the
12  * LICENSE.txt file that was distributed with this source code.
13  *
14  * The TYPO3 project - inspiring people to share!
15  */
16 
19 
24 {
28  protected $title = 'Set the "Files:replace" permission for all BE user/groups with "Files:write" set';
29 
33  protected $tablesToProcess = ['be_users', 'be_groups'];
34 
41  public function checkForUpdate(&$description)
42  {
43  if ($this->isWizardDone()) {
44  return false;
45  }
46 
47  $needsExecution = false;
48 
49  foreach ($this->tablesToProcess as $table) {
50  $queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable($table);
51  $queryBuilder->getRestrictions()->removeAll();
52  $numberOfUpgradeRows = $queryBuilder->count('uid')
53  ->from($table)
54  ->where(
55  $queryBuilder->expr()->like(
56  'file_permissions',
57  $queryBuilder->createNamedParameter('%writeFile%', \PDO::PARAM_STR)
58  ),
59  $queryBuilder->expr()->notLike(
60  'file_permissions',
61  $queryBuilder->createNamedParameter('%replaceFile%', \PDO::PARAM_STR)
62  )
63  )
64  ->execute()
65  ->fetchColumn(0);
66  if ($numberOfUpgradeRows > 0) {
67  $needsExecution = true;
68  break;
69  }
70  }
71 
72  if ($needsExecution) {
73  $description = 'A new file permission was introduced regarding replacing files.'
74  . ' This update sets "Files:replace" for all BE users/groups with the permission "Files:write".';
75  }
76 
77  return $needsExecution;
78  }
79 
87  public function performUpdate(array &$databaseQueries, &$customMessages)
88  {
89  foreach ($this->tablesToProcess as $table) {
90  $connection = GeneralUtility::makeInstance(ConnectionPool::class)->getConnectionForTable($table);
91  $queryBuilder = $connection->createQueryBuilder();
92  $queryBuilder->getRestrictions()->removeAll();
93  $statement = $queryBuilder->select('uid', 'file_permissions')
94  ->from($table)
95  ->where(
96  $queryBuilder->expr()->like(
97  'file_permissions',
98  $queryBuilder->createNamedParameter('%writeFile%', \PDO::PARAM_STR)
99  ),
100  $queryBuilder->expr()->notLike(
101  'file_permissions',
102  $queryBuilder->createNamedParameter('%replaceFile%', \PDO::PARAM_STR)
103  )
104  )
105  ->execute();
106  while ($record = $statement->fetch()) {
107  $queryBuilder = $connection->createQueryBuilder();
108  $queryBuilder->update($table)
109  ->where(
110  $queryBuilder->expr()->eq(
111  'uid',
112  $queryBuilder->createNamedParameter($record['uid'], \PDO::PARAM_INT)
113  )
114  )
115  // Manual quoting to have the final value in $databaseQueries and not a statement placeholder
116  ->set('file_permissions', $record['file_permissions'] . ',replaceFile');
117  $databaseQueries[] = $queryBuilder->getSQL();
118  $queryBuilder->execute();
119  }
120  }
121  $this->markWizardAsDone();
122  return true;
123  }
124 }
static makeInstance($className,...$constructorArguments)