From 1e54574246a386e7f46e7740dbe8fc512e8b1608 Mon Sep 17 00:00:00 2001
From: Nicole Cordes <typo3@cordes.co>
Date: Mon, 13 Jul 2015 11:22:51 +0200
Subject: [PATCH] [BUGFIX] Notify about wrong backend user group setting
An editor can't edit a plugin as long as the page content type "Insert
Plugin" isn't allowed for the backend user group even if the access to
a plugin is defined. This patch adds a notification about missing
configuration to improve usability for integrators.
Releases: master
Resolves: #61559
Change-Id: Id7c56c2514ec4525f731c101e8e6e7dbade274e1
Reviewed-on: http://review.typo3.org/41116
Reviewed-by: Susanne Moog <typo3@susannemoog.de>
Tested-by: Susanne Moog <typo3@susannemoog.de>
Reviewed-by: Wouter Wolters <typo3@wouterwolters.nl>
Tested-by: Wouter Wolters <typo3@wouterwolters.nl>
---
.../Hooks/BackendUserGroupIntegrityCheck.php | 75 +++++++++++++++++++
typo3/sysext/core/ext_localconf.php | 1 +
typo3/sysext/lang/locallang_core.xlf | 6 ++
3 files changed, 82 insertions(+)
create mode 100644 typo3/sysext/core/Classes/Hooks/BackendUserGroupIntegrityCheck.php
diff --git a/typo3/sysext/core/Classes/Hooks/BackendUserGroupIntegrityCheck.php b/typo3/sysext/core/Classes/Hooks/BackendUserGroupIntegrityCheck.php
new file mode 100644
index 000000000000..94bc74869a5c
--- /dev/null
+++ b/typo3/sysext/core/Classes/Hooks/BackendUserGroupIntegrityCheck.php
@@ -0,0 +1,75 @@
+<?php
+namespace TYPO3\CMS\Core\Hooks;
+
+/*
+ * This file is part of the TYPO3 CMS project.
+ *
+ * It is free software; you can redistribute it and/or modify it under
+ * the terms of the GNU General Public License, either version 2
+ * of the License, or any later version.
+ *
+ * For the full copyright and license information, please read the
+ * LICENSE.txt file that was distributed with this source code.
+ *
+ * The TYPO3 project - inspiring people to share!
+ */
+
+use TYPO3\CMS\Backend\Utility\BackendUtility;
+use TYPO3\CMS\Core\DataHandling\DataHandler;
+use TYPO3\CMS\Core\Messaging\FlashMessage;
+use TYPO3\CMS\Core\Messaging\FlashMessageQueue;
+use TYPO3\CMS\Core\Messaging\FlashMessageService;
+use TYPO3\CMS\Core\SingletonInterface;
+use TYPO3\CMS\Core\Utility\GeneralUtility;
+use TYPO3\CMS\Core\Utility\StringUtility;
+use TYPO3\CMS\Lang\LanguageService;
+
+/**
+ * DataHandler hook class to check the integrity of submitted be_groups data
+ */
+class BackendUserGroupIntegrityCheck {
+
+ /**
+ * @param string $status
+ * @param string $table
+ * @param int $id
+ * @param array $fieldArray
+ * @param DataHandler $parentObject
+ */
+ public function processDatamap_afterDatabaseOperations($status, $table, $id, $fieldArray, $parentObject) {
+ if ($table !== 'be_groups' || $GLOBALS['TYPO3_CONF_VARS']['BE']['explicitADmode'] !== 'explicitAllow') {
+ return;
+ }
+
+ $backendUserGroup = BackendUtility::getRecord($table, $id, 'explicit_allowdeny');
+ $explicitAllowDenyFields = GeneralUtility::trimExplode(',', $backendUserGroup['explicit_allowdeny']);
+ foreach ($explicitAllowDenyFields as $value) {
+ if (StringUtility::beginsWith($value, 'tt_content:list_type:')) {
+ if (!in_array('tt_content:CType:list:ALLOW', $explicitAllowDenyFields, TRUE)) {
+ /** @var $flashMessage FlashMessage */
+ $flashMessage = GeneralUtility::makeInstance(
+ FlashMessage::class,
+ $this->getLanguageService()->sl('LLL:EXT:lang/locallang_core.xlf:error.backendUserGroupListTypeError.message'),
+ $this->getLanguageService()->sl('LLL:EXT:lang/locallang_core.xlf:error.backendUserGroupListTypeError.header'),
+ FlashMessage::WARNING,
+ TRUE
+ );
+ /** @var $flashMessageService FlashMessageService */
+ $flashMessageService = GeneralUtility::makeInstance(FlashMessageService::class);
+ /** @var $defaultFlashMessageQueue FlashMessageQueue */
+ $defaultFlashMessageQueue = $flashMessageService->getMessageQueueByIdentifier();
+ $defaultFlashMessageQueue->enqueue($flashMessage);
+ }
+ return;
+ }
+ }
+ }
+
+ /**
+ * @return LanguageService
+ */
+ protected function getLanguageService() {
+ return $GLOBALS['LANG'];
+ }
+
+}
diff --git a/typo3/sysext/core/ext_localconf.php b/typo3/sysext/core/ext_localconf.php
index 69eb61004908..6e2b5e361ae7 100644
--- a/typo3/sysext/core/ext_localconf.php
+++ b/typo3/sysext/core/ext_localconf.php
@@ -13,6 +13,7 @@ if (TYPO3_MODE === 'BE' && !(TYPO3_REQUESTTYPE & TYPO3_REQUESTTYPE_INSTALL)) {
'addUserPermissionsToStorage'
);
$GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_tcemain.php']['processDatamapClass'][] = 'TYPO3\\CMS\\Core\\Resource\\Security\\FileMetadataPermissionsAspect';
+ $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_tcemain.php']['processDatamapClass'][] = 'TYPO3\\CMS\\Core\\Hooks\\BackendUserGroupIntegrityCheck';
$GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/alt_doc.php']['makeEditForm_accessCheck'][] = 'TYPO3\\CMS\\Core\\Resource\\Security\\FileMetadataPermissionsAspect->isAllowedToShowEditForm';
$GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_tceforms_inline.php']['checkAccess'][] = 'TYPO3\\CMS\\Core\\Resource\\Security\\FileMetadataPermissionsAspect->isAllowedToShowEditForm';
$GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_tcemain.php']['checkModifyAccessList'][] = 'TYPO3\\CMS\\Core\\Resource\\Security\\FileMetadataPermissionsAspect';
diff --git a/typo3/sysext/lang/locallang_core.xlf b/typo3/sysext/lang/locallang_core.xlf
index af3adcee4689..d26e52d77ef7 100644
--- a/typo3/sysext/lang/locallang_core.xlf
+++ b/typo3/sysext/lang/locallang_core.xlf
@@ -1143,6 +1143,12 @@ Check also the following points:\n
<trans-unit id="error.invalidEmail">
<source>"%s" is not a valid e-mail address.</source>
</trans-unit>
+ <trans-unit id="error.backendUserGroupListTypeError.header">
+ <source>Possible misconfiguration detected</source>
+ </trans-unit>
+ <trans-unit id="error.backendUserGroupListTypeError.message">
+ <source>Editing of at least one plugin was enabled but editing the page content type "Insert Plugin" is still disallowed. Group members won't be able to edit plugins unless you activate editing for the content type.</source>
+ </trans-unit>
</body>
</file>
</xliff>
--
GitLab