TYPO3CMS  8
 All Classes Namespaces Files Functions Variables Pages
PermissionAjaxController.php
Go to the documentation of this file.
1 <?php
2 namespace TYPO3\CMS\Beuser\Controller;
3 
4 /*
5  * This file is part of the TYPO3 CMS project.
6  *
7  * It is free software; you can redistribute it and/or modify it under
8  * the terms of the GNU General Public License, either version 2
9  * of the License, or any later version.
10  *
11  * For the full copyright and license information, please read the
12  * LICENSE.txt file that was distributed with this source code.
13  *
14  * The TYPO3 project - inspiring people to share!
15  */
16 
17 use Psr\Http\Message\ResponseInterface;
18 use Psr\Http\Message\ServerRequestInterface;
26 
33 {
39  protected $conf = [];
40 
44  protected $iconFactory;
45 
49  public function __construct()
50  {
51  $this->iconFactory = GeneralUtility::makeInstance(IconFactory::class);
52  $this->getLanguageService()->includeLLFile('EXT:lang/Resources/Private/Language/locallang_mod_web_perm.xlf');
53  // Configuration, variable assignment
54  $this->conf['page'] = GeneralUtility::_POST('page');
55  $this->conf['who'] = GeneralUtility::_POST('who');
56  $this->conf['mode'] = GeneralUtility::_POST('mode');
57  $this->conf['bits'] = (int)GeneralUtility::_POST('bits');
58  $this->conf['permissions'] = (int)GeneralUtility::_POST('permissions');
59  $this->conf['action'] = GeneralUtility::_POST('action');
60  $this->conf['ownerUid'] = (int)GeneralUtility::_POST('ownerUid');
61  $this->conf['username'] = GeneralUtility::_POST('username');
62  $this->conf['groupUid'] = (int)GeneralUtility::_POST('groupUid');
63  $this->conf['groupname'] = GeneralUtility::_POST('groupname');
64  $this->conf['editLockState'] = (int)GeneralUtility::_POST('editLockState');
65  $this->conf['new_owner_uid'] = (int)GeneralUtility::_POST('newOwnerUid');
66  $this->conf['new_group_uid'] = (int)GeneralUtility::_POST('newGroupUid');
67  }
68 
76  public function dispatch(ServerRequestInterface $request, ResponseInterface $response)
77  {
78  $extPath = ExtensionManagementUtility::extPath('beuser');
79 
80  $view = GeneralUtility::makeInstance(StandaloneView::class);
81  $view->setPartialRootPaths(['default' => ExtensionManagementUtility::extPath('beuser') . 'Resources/Private/Partials']);
82  $view->assign('pageId', $this->conf['page']);
83 
84  $content = '';
85  // Basic test for required value
86  if ($this->conf['page'] > 0) {
87  // Init TCE for execution of update
89  $tce = GeneralUtility::makeInstance(DataHandler::class);
90  // Determine the scripts to execute
91  switch ($this->conf['action']) {
92  case 'show_change_owner_selector':
93  $content = $this->renderUserSelector($this->conf['page'], $this->conf['ownerUid'], $this->conf['username']);
94  break;
95  case 'change_owner':
96  $userId = $this->conf['new_owner_uid'];
97  if (is_int($userId)) {
98  // Prepare data to change
99  $data = [];
100  $data['pages'][$this->conf['page']]['perms_userid'] = $userId;
101  // Execute TCE Update
102  $tce->start($data, []);
103  $tce->process_datamap();
104 
105  $view->setTemplatePathAndFilename($extPath . 'Resources/Private/Templates/PermissionAjax/ChangeOwner.html');
106  $view->assign('userId', $userId);
107  $usernameArray = BackendUtility::getUserNames('username', ' AND uid = ' . $userId);
108  $view->assign('username', $usernameArray[$userId]['username']);
109  $content = $view->render();
110  } else {
111  $response->getBody()->write('An error occurred: No page owner uid specified');
112  $response = $response->withStatus(500);
113  }
114  break;
115  case 'show_change_group_selector':
116  $content = $this->renderGroupSelector($this->conf['page'], $this->conf['groupUid'], $this->conf['groupname']);
117  break;
118  case 'change_group':
119  $groupId = $this->conf['new_group_uid'];
120  if (is_int($groupId)) {
121  // Prepare data to change
122  $data = [];
123  $data['pages'][$this->conf['page']]['perms_groupid'] = $groupId;
124  // Execute TCE Update
125  $tce->start($data, []);
126  $tce->process_datamap();
127 
128  $view->setTemplatePathAndFilename($extPath . 'Resources/Private/Templates/PermissionAjax/ChangeGroup.html');
129  $view->assign('groupId', $groupId);
130  $groupnameArray = BackendUtility::getGroupNames('title', ' AND uid = ' . $groupId);
131  $view->assign('groupname', $groupnameArray[$groupId]['title']);
132  $content = $view->render();
133  } else {
134  $response->getBody()->write('An error occurred: No page group uid specified');
135  $response = $response->withStatus(500);
136  }
137  break;
138  case 'toggle_edit_lock':
139  // Prepare data to change
140  $data = [];
141  $data['pages'][$this->conf['page']]['editlock'] = $this->conf['editLockState'] === 1 ? 0 : 1;
142  // Execute TCE Update
143  $tce->start($data, []);
144  $tce->process_datamap();
145  $content = $this->renderToggleEditLock($this->conf['page'], $data['pages'][$this->conf['page']]['editlock']);
146  break;
147  default:
148  if ($this->conf['mode'] === 'delete') {
149  $this->conf['permissions'] = (int)($this->conf['permissions'] - $this->conf['bits']);
150  } else {
151  $this->conf['permissions'] = (int)($this->conf['permissions'] + $this->conf['bits']);
152  }
153  // Prepare data to change
154  $data = [];
155  $data['pages'][$this->conf['page']]['perms_' . $this->conf['who']] = $this->conf['permissions'];
156  // Execute TCE Update
157  $tce->start($data, []);
158  $tce->process_datamap();
159 
160  $view->setTemplatePathAndFilename($extPath . 'Resources/Private/Templates/PermissionAjax/ChangePermission.html');
161  $view->assign('permission', $this->conf['permissions']);
162  $view->assign('scope', $this->conf['who']);
163  $content = $view->render();
164  }
165  } else {
166  $response->getBody()->write('This script cannot be called directly');
167  $response = $response->withStatus(500);
168  }
169  $response->getBody()->write($content);
170  $response = $response->withHeader('Content-Type', 'text/html; charset=utf-8');
171  return $response;
172  }
173 
182  protected function renderUserSelector($page, $ownerUid, $username = '')
183  {
184  $page = (int)$page;
185  $ownerUid = (int)$ownerUid;
186  // Get usernames
187  $beUsers = BackendUtility::getUserNames();
188  // Owner selector:
189  $options = '';
190  // Loop through the users
191  foreach ($beUsers as $uid => $row) {
192  $uid = (int)$uid;
193  $selected = $uid === $ownerUid ? ' selected="selected"' : '';
194  $options .= '<option value="' . $uid . '"' . $selected . '>' . htmlspecialchars($row['username']) . '</option>';
195  }
196  $elementId = 'o_' . $page;
197  $options = '<option value="0"></option>' . $options;
198  $selector = '<select name="new_page_owner" id="new_page_owner">' . $options . '</select>';
199  $saveButton = '<a class="saveowner btn btn-default" data-page="' . $page . '" data-owner="' . $ownerUid . '" data-element-id="' . $elementId . '" title="Change owner">' . $this->iconFactory->getIcon('actions-document-save', Icon::SIZE_SMALL)->render() . '</a>';
200  $cancelButton = '<a class="restoreowner btn btn-default" data-page="' . $page . '" data-owner="' . $ownerUid . '" data-element-id="' . $elementId . '"' . (!empty($username) ? ' data-username="' . htmlspecialchars($username) . '"' : '') . ' title="Cancel">' . $this->iconFactory->getIcon('actions-document-close', Icon::SIZE_SMALL)->render() . '</a>';
201  return '<span id="' . $elementId . '">'
202  . $selector
203  . '<span class="btn-group">'
204  . $saveButton
205  . $cancelButton
206  . '</span>'
207  . '</span>';
208  }
209 
218  protected function renderGroupSelector($page, $groupUid, $groupname = '')
219  {
220  $page = (int)$page;
221  $groupUid = (int)$groupUid;
222 
223  // Get usernames
224  $beGroupsO = $beGroups = BackendUtility::getGroupNames();
225  // Group selector:
226  $options = '';
227  // flag: is set if the page-groupid equals one from the group-list
228  $userset = 0;
229  // Loop through the groups
230  foreach ($beGroups as $uid => $row) {
231  $uid = (int)$uid;
232  if ($uid === $groupUid) {
233  $userset = 1;
234  $selected = ' selected="selected"';
235  } else {
236  $selected = '';
237  }
238  $options .= '<option value="' . $uid . '"' . $selected . '>' . htmlspecialchars($row['title']) . '</option>';
239  }
240  // If the group was not set AND there is a group for the page
241  if (!$userset && $groupUid) {
242  $options = '<option value="' . $groupUid . '" selected="selected">' .
243  htmlspecialchars($beGroupsO[$groupUid]['title']) . '</option>' . $options;
244  }
245  $elementId = 'g_' . $page;
246  $options = '<option value="0"></option>' . $options;
247  $selector = '<select name="new_page_group" id="new_page_group">' . $options . '</select>';
248  $saveButton = '<a class="savegroup btn btn-default" data-page="' . $page . '" data-group="' . $groupUid . '" data-element-id="' . $elementId . '" title="Change group">' . $this->iconFactory->getIcon('actions-document-save', Icon::SIZE_SMALL)->render() . '</a>';
249  $cancelButton = '<a class="restoregroup btn btn-default" data-page="' . $page . '" data-group="' . $groupUid . '" data-element-id="' . $elementId . '"' . (!empty($groupname) ? ' data-groupname="' . htmlspecialchars($groupname) . '"' : '') . ' title="Cancel">' . $this->iconFactory->getIcon('actions-document-close', Icon::SIZE_SMALL)->render() . '</a>';
250  return '<span id="' . $elementId . '">'
251  . $selector
252  . '<span class="btn-group">'
253  . $saveButton
254  . $cancelButton
255  . '</span>'
256  . '</span>';
257  }
258 
266  protected function renderToggleEditLock($page, $editLockState)
267  {
268  $page = (int)$page;
269  if ($editLockState === 1) {
270  $ret = '<span id="el_' . $page . '"><a class="editlock btn btn-default" data-page="' . $page . '" data-lockstate="1" title="The page and all content is locked for editing by all non-Admin users.">' . $this->iconFactory->getIcon('actions-lock', Icon::SIZE_SMALL)->render() . '</a></span>';
271  } else {
272  $ret = '<span id="el_' . $page . '"><a class="editlock btn btn-default" data-page="' . $page . '" data-lockstate="0" title="Enable the &raquo;Admin-only&laquo; edit lock for this page">' . $this->iconFactory->getIcon('actions-unlock', Icon::SIZE_SMALL)->render() . '</a></span>';
273  }
274  return $ret;
275  }
276 
280  protected function getLanguageService()
281  {
282  return $GLOBALS['LANG'];
283  }
284 
288  protected function getBackendUser()
289  {
290  return $GLOBALS['BE_USER'];
291  }
292 }
if(TYPO3_MODE=== 'BE') $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_tsfebeuserauth.php']['frontendEditingController']['default']
static makeInstance($className,...$constructorArguments)
static getUserNames($fields= 'username, usergroup, usergroup_cached_list, uid', $where= '')