From 615ed3a4e50fc49e97cee425907ea559e47e216d Mon Sep 17 00:00:00 2001
From: Wouter Wolters <typo3@wouterwolters.nl>
Date: Thu, 17 Aug 2017 16:00:59 +0200
Subject: [PATCH] [TASK] Remove leftover code for db_mountpoints in ActionTask

Resolves: #81999
Releases: master,8.7
Change-Id: Ib3311a4f10d7393b41c04fd193e8614d5984f35f
Reviewed-on: https://review.typo3.org/53723
Tested-by: TYPO3com <no-reply@typo3.com>
Reviewed-by: Georg Ringer <georg.ringer@gmail.com>
Tested-by: Georg Ringer <georg.ringer@gmail.com>
Reviewed-by: Susanne Moog <susanne.moog@typo3.org>
Tested-by: Susanne Moog <susanne.moog@typo3.org>
---
 .../sysext/sys_action/Classes/ActionTask.php  | 31 -------------------
 1 file changed, 31 deletions(-)

diff --git a/typo3/sysext/sys_action/Classes/ActionTask.php b/typo3/sysext/sys_action/Classes/ActionTask.php
index 490bdd116fda..2a88dcaced2c 100644
--- a/typo3/sysext/sys_action/Classes/ActionTask.php
+++ b/typo3/sysext/sys_action/Classes/ActionTask.php
@@ -547,8 +547,6 @@ class ActionTask implements \TYPO3\CMS\Taskcenter\TaskInterface
      */
     protected function saveNewBackendUser($record, $vars)
     {
-        // Check if the db mount is a page the current user is allowed to.);
-        $vars['db_mountpoints'] = $this->fixDbMount($vars['db_mountpoints']);
         // Check if the usergroup is allowed
         $vars['usergroup'] = $this->fixUserGroup($vars['usergroup'], $record);
         $key = $vars['key'];
@@ -571,7 +569,6 @@ class ActionTask implements \TYPO3\CMS\Taskcenter\TaskInterface
                 $data['be_users'][$key]['disable'] = (int)$vars['disable'];
                 $data['be_users'][$key]['admin'] = 0;
                 $data['be_users'][$key]['usergroup'] = $vars['usergroup'];
-                $data['be_users'][$key]['db_mountpoints'] = $vars['db_mountpoints'];
                 $data['be_users'][$key]['createdByAction'] = $record['uid'];
             }
         } else {
@@ -588,7 +585,6 @@ class ActionTask implements \TYPO3\CMS\Taskcenter\TaskInterface
                 $data['be_users'][$key]['disable'] = (int)$vars['disable'];
                 $data['be_users'][$key]['admin'] = 0;
                 $data['be_users'][$key]['usergroup'] = $vars['usergroup'];
-                $data['be_users'][$key]['db_mountpoints'] = $vars['db_mountpoints'];
                 $newUserId = $key;
             }
         }
@@ -651,33 +647,6 @@ class ActionTask implements \TYPO3\CMS\Taskcenter\TaskInterface
         return $appliedUsergroups;
     }
 
-    /**
-     * Clean the to be applied DB-Mounts from not allowed ones
-     *
-     * @param string $appliedDbMounts List of pages like pages_123,pages456
-     * @return string Cleaned list
-     */
-    protected function fixDbMount($appliedDbMounts)
-    {
-        // Admins can see any page, no need to check there
-        if (!empty($appliedDbMounts) && !$this->getBackendUser()->isAdmin()) {
-            $cleanDbMountList = [];
-            $dbMounts = GeneralUtility::trimExplode(',', $appliedDbMounts, true);
-            // Walk through every wanted DB-Mount and check if it allowed for the current user
-            foreach ($dbMounts as $dbMount) {
-                $uid = (int)substr($dbMount, strrpos($dbMount, '_') + 1);
-                $page = BackendUtility::getRecord('pages', $uid);
-                // Check rootline and access rights
-                if ($this->checkRootline($uid) && $this->getBackendUser()->calcPerms($page)) {
-                    $cleanDbMountList[] = 'pages_' . $uid;
-                }
-            }
-            // Build the clean list
-            $appliedDbMounts = implode(',', $cleanDbMountList);
-        }
-        return $appliedDbMounts;
-    }
-
     /**
      * Check if a page is inside the rootline the current user can see
      *
-- 
GitLab