From a9ebd8aec54550bf0d44aa77c8eb8332bd568755 Mon Sep 17 00:00:00 2001
From: Andreas Fernandez <a.fernandez@scripting-base.de>
Date: Mon, 2 Mar 2015 14:19:51 +0100
Subject: [PATCH] [TASK] Use constants instead of raw bitmask values
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
The used bitmasks of JsConfirmation and Permission are put
into "enums" and their representing constants are used instead
of the raw bitmask values.
Resolves: #65455
Releases: master
Change-Id: I1910bb960b69836ea29c16c91d730ac74c22f929
Reviewed-on: http://review.typo3.org/37455
Reviewed-by: Nicole Cordes <typo3@cordes.co>
Tested-by: Nicole Cordes <typo3@cordes.co>
Reviewed-by: Mathias Brodala <mbrodala@pagemachine.de>
Reviewed-by: Stefan Neufeind <typo3.neufeind@speedpartner.de>
Reviewed-by: Frank Nägler <typo3@naegler.net>
Tested-by: Frank Nägler <typo3@naegler.net>
---
.../backend/Classes/ClickMenu/ClickMenu.php | 14 +++--
.../backend/Classes/Clipboard/Clipboard.php | 5 +-
.../Controller/EditDocumentController.php | 16 +++---
.../Controller/PageLayoutController.php | 9 +--
.../Wizard/AbstractWizardController.php | 5 +-
.../Classes/Form/Element/FlexElement.php | 3 +-
.../Classes/Form/Element/InlineElement.php | 15 ++---
.../Classes/Form/Element/TreeElement.php | 3 +-
.../backend/Classes/Form/FormEngine.php | 5 +-
.../Classes/Search/LiveSearch/LiveSearch.php | 5 +-
.../Pagetree/ExtdirectTreeDataProvider.php | 3 +-
.../backend/Classes/View/PageLayoutView.php | 7 ++-
.../backend/Classes/View/ThumbnailView.php | 3 +-
.../BackendUserAuthentication.php | 36 ++++++------
.../core/Classes/DataHandling/DataHandler.php | 3 +-
.../FrontendEditingController.php | 9 +--
.../Classes/Type/Bitmask/JsConfirmation.php | 46 +++++++++++++++
.../core/Classes/Type/Bitmask/Permission.php | 56 +++++++++++++++++++
.../feedit/Classes/FrontendEditPanel.php | 3 +-
typo3/sysext/filelist/Classes/FileList.php | 3 +-
.../frontend/Classes/View/AdminPanelView.php | 9 +--
.../RecordList/AbstractDatabaseRecordList.php | 5 +-
.../Classes/RecordList/DatabaseRecordList.php | 15 ++---
.../Classes/Utility/RecyclerUtility.php | 5 +-
24 files changed, 202 insertions(+), 81 deletions(-)
create mode 100644 typo3/sysext/core/Classes/Type/Bitmask/JsConfirmation.php
create mode 100644 typo3/sysext/core/Classes/Type/Bitmask/Permission.php
diff --git a/typo3/sysext/backend/Classes/ClickMenu/ClickMenu.php b/typo3/sysext/backend/Classes/ClickMenu/ClickMenu.php
index 12006daf4f0f..3f859b42475b 100644
--- a/typo3/sysext/backend/Classes/ClickMenu/ClickMenu.php
+++ b/typo3/sysext/backend/Classes/ClickMenu/ClickMenu.php
@@ -14,14 +14,16 @@ namespace TYPO3\CMS\Backend\ClickMenu;
* The TYPO3 project - inspiring people to share!
*/
+use TYPO3\CMS\Backend\Clipboard\Clipboard;
use TYPO3\CMS\Backend\Utility\BackendUtility;
use TYPO3\CMS\Backend\Utility\IconUtility;
+use TYPO3\CMS\Core\Authentication\BackendUserAuthentication;
use TYPO3\CMS\Core\Resource\Folder;
use TYPO3\CMS\Core\Resource\ResourceFactory;
+use TYPO3\CMS\Core\Type\Bitmask\JsConfirmation;
+use TYPO3\CMS\Core\Type\Bitmask\Permission;
use TYPO3\CMS\Core\Utility\ExtensionManagementUtility;
use TYPO3\CMS\Core\Utility\GeneralUtility;
-use TYPO3\CMS\Backend\Clipboard\Clipboard;
-use TYPO3\CMS\Core\Authentication\BackendUserAuthentication;
use TYPO3\CMS\Lang\LanguageService;
/**
@@ -287,7 +289,7 @@ class ClickMenu {
$root ? $GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename'] : GeneralUtility::fixed_lgd_cs(BackendUtility::getRecordTitle($table, $this->rec), $this->backendUser->uc['titleLen']),
$this->clipObj->currentMode()
);
- if ($table === 'pages' && $lCP & 8) {
+ if ($table === 'pages' && $lCP & Permission::PAGE_NEW) {
if ($elFromAllTables) {
$menuItems['pasteinto'] = $this->DB_paste('', $uid, 'into', $elInfo);
}
@@ -528,7 +530,7 @@ class ClickMenu {
*/
public function DB_paste($table, $uid, $type, $elInfo) {
$loc = 'top.content.list_frame';
- if ($this->backendUser->jsConfirmation(2)) {
+ if ($this->backendUser->jsConfirmation(JsConfirmation::COPY_MOVE_PASTE)) {
$conf = $loc . ' && confirm(' . GeneralUtility::quoteJSvalue(sprintf($this->languageService->sL(('LLL:EXT:lang/locallang_core.xlf:mess.' . ($elInfo[2] === 'copy' ? 'copy' : 'move') . '_' . $type)), $elInfo[0], $elInfo[1])) . ')';
} else {
$conf = $loc;
@@ -727,7 +729,7 @@ class ClickMenu {
*/
public function DB_delete($table, $uid, $elInfo) {
$loc = 'top.content.list_frame';
- if ($this->backendUser->jsConfirmation(4)) {
+ if ($this->backendUser->jsConfirmation(JsConfirmation::DELETE)) {
$conf = 'confirm(' . GeneralUtility::quoteJSvalue((sprintf($this->languageService->sL('LLL:EXT:lang/locallang_core.xlf:mess.delete'), $elInfo[0]) . BackendUtility::referenceCount($table, $uid, ' (There are %s reference(s) to this record!)') . BackendUtility::translationCount($table, $uid, (' ' . $this->languageService->sL('LLL:EXT:lang/locallang_core.xlf:labels.translationsOfRecord'))))) . ')';
} else {
$conf = '1==1';
@@ -1053,7 +1055,7 @@ class ClickMenu {
*/
public function FILE_paste($path, $target, $elInfo) {
$loc = 'top.content.list_frame';
- if ($this->backendUser->jsConfirmation(2)) {
+ if ($this->backendUser->jsConfirmation(JsConfirmation::COPY_MOVE_PASTE)) {
$conf = $loc . ' && confirm(' . GeneralUtility::quoteJSvalue(sprintf($this->languageService->sL(('LLL:EXT:lang/locallang_core.xlf:mess.' . ($elInfo[2] === 'copy' ? 'copy' : 'move') . '_into')), $elInfo[0], $elInfo[1])) . ')';
} else {
$conf = $loc;
diff --git a/typo3/sysext/backend/Classes/Clipboard/Clipboard.php b/typo3/sysext/backend/Classes/Clipboard/Clipboard.php
index d599d771b813..6fe3fd461c1a 100644
--- a/typo3/sysext/backend/Classes/Clipboard/Clipboard.php
+++ b/typo3/sysext/backend/Classes/Clipboard/Clipboard.php
@@ -17,6 +17,7 @@ namespace TYPO3\CMS\Backend\Clipboard;
use TYPO3\CMS\Backend\Utility\BackendUtility;
use TYPO3\CMS\Backend\Utility\IconUtility;
use TYPO3\CMS\Core\Resource\ResourceFactory;
+use TYPO3\CMS\Core\Type\Bitmask\JsConfirmation;
use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Core\Utility\ExtensionManagementUtility;
use TYPO3\CMS\Core\Utility\MathUtility;
@@ -270,7 +271,7 @@ class Clipboard {
// Delete:
if ($elCount) {
$deleteLink = '<a class="btn btn-danger" href="' . htmlspecialchars($rmall_url) . '#clip_head">' . IconUtility::getSpriteIcon('actions-document-close', array('title' => $this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:buttons.clear', TRUE))) . '</a>';
- if ($this->getBackendUser()->jsConfirmation(4)) {
+ if ($this->getBackendUser()->jsConfirmation(JsConfirmation::DELETE)) {
$js = '
if (confirm(' . GeneralUtility::quoteJSvalue(sprintf($this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:mess.deleteClip'), $elCount)) . ')){
window.location.href=\'' . $this->deleteUrl(0, ($this->fileMode ? 1 : 0)) . '&redirect=\'+top.rawurlencode(window.location.href);
@@ -630,7 +631,7 @@ class Clipboard {
* @return string JavaScript "confirm" message
*/
public function confirmMsg($table, $rec, $type, $clElements, $columnLabel = '') {
- if ($this->getBackendUser()->jsConfirmation(2)) {
+ if ($this->getBackendUser()->jsConfirmation(JsConfirmation::COPY_MOVE_PASTE)) {
$labelKey = 'LLL:EXT:lang/locallang_core.xlf:mess.' . ($this->currentMode() == 'copy' ? 'copy' : 'move') . ($this->current == 'normal' ? '' : 'cb') . '_' . $type;
$msg = $this->getLanguageService()->sL($labelKey . ($columnLabel ? '_colPos': ''));
if ($table == '_FILE') {
diff --git a/typo3/sysext/backend/Classes/Controller/EditDocumentController.php b/typo3/sysext/backend/Classes/Controller/EditDocumentController.php
index 08a5f884dd97..f211589c9473 100644
--- a/typo3/sysext/backend/Classes/Controller/EditDocumentController.php
+++ b/typo3/sysext/backend/Classes/Controller/EditDocumentController.php
@@ -18,6 +18,8 @@ use TYPO3\CMS\Backend\Form\FormEngine;
use TYPO3\CMS\Backend\Utility\BackendUtility;
use TYPO3\CMS\Backend\Utility\IconUtility;
use TYPO3\CMS\Core\Html\HtmlParser;
+use TYPO3\CMS\Core\Type\Bitmask\JsConfirmation;
+use TYPO3\CMS\Core\Type\Bitmask\Permission;
use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Core\Utility\HttpUtility;
use TYPO3\CMS\Core\Utility\MathUtility;
@@ -697,7 +699,7 @@ class EditDocumentController {
}
function deleteRecord(table,id,url) { //
if (
- ' . ($GLOBALS['BE_USER']->jsConfirmation(4) ? 'confirm(' . GeneralUtility::quoteJSvalue($GLOBALS['LANG']->getLL('deleteWarning')) . ')' : '1==1') . '
+ ' . ($GLOBALS['BE_USER']->jsConfirmation(JsConfirmation::DELETE) ? 'confirm(' . GeneralUtility::quoteJSvalue($GLOBALS['LANG']->getLL('deleteWarning')) . ')' : '1==1') . '
) {
window.location.href = ' . GeneralUtility::quoteJSvalue(BackendUtility::getModuleUrl('tce_db') . '&cmd[') . '+table+"]["+id+"][delete]=1' . BackendUtility::getUrlToken('tceAction') . '&redirect="+escape(url)+"&vC=' . $GLOBALS['BE_USER']->veriCode() . '&prErr=1&uPT=1";
}
@@ -833,10 +835,10 @@ class EditDocumentController {
$CALC_PERMS = $GLOBALS['BE_USER']->calcPerms($calcPRec);
if ($table == 'pages') {
// If pages:
- $hasAccess = $CALC_PERMS & 8 ? 1 : 0;
+ $hasAccess = $CALC_PERMS & Permission::PAGE_NEW ? 1 : 0;
$this->viewId = 0;
} else {
- $hasAccess = $CALC_PERMS & 16 ? 1 : 0;
+ $hasAccess = $CALC_PERMS & Permission::CONTENT_EDIT ? 1 : 0;
$this->viewId = $calcPRec['uid'];
}
}
@@ -850,14 +852,14 @@ class EditDocumentController {
if (is_array($calcPRec)) {
if ($table == 'pages') { // If pages:
$CALC_PERMS = $GLOBALS['BE_USER']->calcPerms($calcPRec);
- $hasAccess = $CALC_PERMS & 2 ? 1 : 0;
- $deleteAccess = $CALC_PERMS & 4 ? 1 : 0;
+ $hasAccess = $CALC_PERMS & Permission::PAGE_EDIT ? 1 : 0;
+ $deleteAccess = $CALC_PERMS & Permission::PAGE_DELETE ? 1 : 0;
$this->viewId = $calcPRec['uid'];
} else {
// Fetching pid-record first
$CALC_PERMS = $GLOBALS['BE_USER']->calcPerms(BackendUtility::getRecord('pages', $calcPRec['pid']));
- $hasAccess = $CALC_PERMS & 16 ? 1 : 0;
- $deleteAccess = $CALC_PERMS & 16 ? 1 : 0;
+ $hasAccess = $CALC_PERMS & Permission::CONTENT_EDIT ? 1 : 0;
+ $deleteAccess = $CALC_PERMS & Permission::CONTENT_EDIT ? 1 : 0;
$this->viewId = $calcPRec['pid'];
// Adding "&L=xx" if the record being edited has a languageField with a value larger than zero!
if ($GLOBALS['TCA'][$table]['ctrl']['languageField'] && $calcPRec[$GLOBALS['TCA'][$table]['ctrl']['languageField']] > 0) {
diff --git a/typo3/sysext/backend/Classes/Controller/PageLayoutController.php b/typo3/sysext/backend/Classes/Controller/PageLayoutController.php
index 1a5c1c14450f..22449342ae8d 100644
--- a/typo3/sysext/backend/Classes/Controller/PageLayoutController.php
+++ b/typo3/sysext/backend/Classes/Controller/PageLayoutController.php
@@ -16,6 +16,7 @@ namespace TYPO3\CMS\Backend\Controller;
use TYPO3\CMS\Backend\Utility\BackendUtility;
use TYPO3\CMS\Backend\Utility\IconUtility;
+use TYPO3\CMS\Core\Type\Bitmask\Permission;
use TYPO3\CMS\Core\Messaging\FlashMessage;
use TYPO3\CMS\Core\Utility\ExtensionManagementUtility;
use TYPO3\CMS\Core\Utility\GeneralUtility;
@@ -449,7 +450,7 @@ class PageLayoutController {
if ($this->id && $access) {
// Initialize permission settings:
$this->CALC_PERMS = $GLOBALS['BE_USER']->calcPerms($this->pageinfo);
- $this->EDIT_CONTENT = $this->CALC_PERMS & 16 ? 1 : 0;
+ $this->EDIT_CONTENT = $this->CALC_PERMS & Permission::CONTENT_EDIT ? 1 : 0;
// Start document template object:
$this->doc = GeneralUtility::makeInstance(\TYPO3\CMS\Backend\Template\DocumentTemplate::class);
$this->doc->backPath = $GLOBALS['BACK_PATH'];
@@ -730,7 +731,7 @@ class PageLayoutController {
// Splitting the edit-record cmd value into table/uid:
$this->eRParts = explode(':', $edit_record);
// Delete-button flag?
- $this->deleteButton = MathUtility::canBeInterpretedAsInteger($this->eRParts[1]) && $edit_record && ($this->eRParts[0] != 'pages' && $this->EDIT_CONTENT || $this->eRParts[0] == 'pages' && $this->CALC_PERMS & 4);
+ $this->deleteButton = MathUtility::canBeInterpretedAsInteger($this->eRParts[1]) && $edit_record && ($this->eRParts[0] != 'pages' && $this->EDIT_CONTENT || $this->eRParts[0] == 'pages' && $this->CALC_PERMS & Permission::PAGE_DELETE);
// If undo-button should be rendered (depends on available items in sys_history)
$this->undoButton = 0;
$undoRes = $GLOBALS['TYPO3_DB']->exec_SELECTquery('tstamp', 'sys_history', 'tablename=' . $GLOBALS['TYPO3_DB']->fullQuoteStr($this->eRParts[0], 'sys_history') . ' AND recuid=' . (int)$this->eRParts[1], '', 'tstamp DESC', '1');
@@ -757,7 +758,7 @@ class PageLayoutController {
BackendUtility::getModuleUrl('web_layout') . '&id=' . $this->id . '&edit_record='
) . '+escape(this.options[this.selectedIndex].value)' . $retUrlStr . ',this);') . '">' . implode('', $opt) . '</select>';
// Creating editing form:
- if ($GLOBALS['BE_USER']->check('tables_modify', $this->eRParts[0]) && $edit_record && ($this->eRParts[0] !== 'pages' && $this->EDIT_CONTENT || $this->eRParts[0] === 'pages' && $this->CALC_PERMS & 1)) {
+ if ($GLOBALS['BE_USER']->check('tables_modify', $this->eRParts[0]) && $edit_record && ($this->eRParts[0] !== 'pages' && $this->EDIT_CONTENT || $this->eRParts[0] === 'pages' && $this->CALC_PERMS & Permission::PAGE_SHOW)) {
// Splitting uid parts for special features, if new:
list($uidVal, $ex_pid, $ex_colPos) = explode('/', $this->eRParts[1]);
// Convert $uidVal to workspace version if any:
@@ -1082,7 +1083,7 @@ class PageLayoutController {
}
// Edit page properties and page language overlay icons
- if ($this->CALC_PERMS & 2) {
+ if ($this->CALC_PERMS & Permission::PAGE_EDIT) {
// Edit localized page_language_overlay only when one specific language is selected
if ($this->MOD_SETTINGS['function'] == 1 && $this->current_sys_language > 0) {
diff --git a/typo3/sysext/backend/Classes/Controller/Wizard/AbstractWizardController.php b/typo3/sysext/backend/Classes/Controller/Wizard/AbstractWizardController.php
index de680deec590..0512b873ab80 100644
--- a/typo3/sysext/backend/Classes/Controller/Wizard/AbstractWizardController.php
+++ b/typo3/sysext/backend/Classes/Controller/Wizard/AbstractWizardController.php
@@ -18,6 +18,7 @@ use TYPO3\CMS\Backend\Template\DocumentTemplate;
use TYPO3\CMS\Backend\Utility\BackendUtility;
use TYPO3\CMS\Core\Authentication\BackendUserAuthentication;
use TYPO3\CMS\Core\Database\DatabaseConnection;
+use TYPO3\CMS\Core\Type\Bitmask\Permission;
use TYPO3\CMS\Lang\LanguageService;
/**
@@ -39,12 +40,12 @@ class AbstractWizardController {
// If pages:
if ($table === 'pages') {
$calculatedPermissions = $this->getBackendUserAuthentication()->calcPerms($calcPermissionRecord);
- $hasAccess = $calculatedPermissions & 2;
+ $hasAccess = $calculatedPermissions & Permission::PAGE_EDIT;
} else {
// Fetching pid-record first.
$calculatedPermissions = $this->getBackendUserAuthentication()->calcPerms(
BackendUtility::getRecord('pages', $calcPermissionRecord['pid']));
- $hasAccess = $calculatedPermissions & 16;
+ $hasAccess = $calculatedPermissions & Permission::CONTENT_EDIT;
}
// Check internals regarding access:
if ($hasAccess) {
diff --git a/typo3/sysext/backend/Classes/Form/Element/FlexElement.php b/typo3/sysext/backend/Classes/Form/Element/FlexElement.php
index 665751444614..68182db33f27 100644
--- a/typo3/sysext/backend/Classes/Form/Element/FlexElement.php
+++ b/typo3/sysext/backend/Classes/Form/Element/FlexElement.php
@@ -17,6 +17,7 @@ namespace TYPO3\CMS\Backend\Form\Element;
use TYPO3\CMS\Backend\Form\Utility\FormEngineUtility;
use TYPO3\CMS\Backend\Utility\BackendUtility;
use TYPO3\CMS\Backend\Utility\IconUtility;
+use TYPO3\CMS\Core\Type\Bitmask\JsConfirmation;
use TYPO3\CMS\Core\Utility\ExtensionManagementUtility;
use TYPO3\CMS\Core\Utility\GeneralUtility;
@@ -485,7 +486,7 @@ class FlexElement extends AbstractFormElement {
|| !empty($GLOBALS['TCA'][$table]['ctrl']['requestUpdate'])
&& GeneralUtility::inList($GLOBALS['TCA'][$table]['ctrl']['requestUpdate'], $key)
) {
- if ($this->getBackendUserAuthentication()->jsConfirmation(1)) {
+ if ($this->getBackendUserAuthentication()->jsConfirmation(JsConfirmation::TYPE_CHANGE)) {
$alertMsgOnChange = 'if (confirm(TBE_EDITOR.labels.onChangeAlert) && TBE_EDITOR.checkSubmit(-1)){ TBE_EDITOR.submitForm() };';
} else {
$alertMsgOnChange = 'if(TBE_EDITOR.checkSubmit(-1)){ TBE_EDITOR.submitForm();}';
diff --git a/typo3/sysext/backend/Classes/Form/Element/InlineElement.php b/typo3/sysext/backend/Classes/Form/Element/InlineElement.php
index bed861a2fcd2..8e54625a2226 100644
--- a/typo3/sysext/backend/Classes/Form/Element/InlineElement.php
+++ b/typo3/sysext/backend/Classes/Form/Element/InlineElement.php
@@ -20,6 +20,7 @@ use TYPO3\CMS\Backend\Form\DataPreprocessor;
use TYPO3\CMS\Core\Database\DatabaseConnection;
use TYPO3\CMS\Core\Database\RelationHandler;
use TYPO3\CMS\Core\Messaging\FlashMessage;
+use TYPO3\CMS\Core\Type\Bitmask\Permission;
use TYPO3\CMS\Core\Utility\ArrayUtility;
use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Core\Utility\MathUtility;
@@ -671,7 +672,7 @@ class InlineElement {
$localCalcPerms = $GLOBALS['BE_USER']->calcPerms(BackendUtility::getRecord('pages', $rec['uid']));
}
// This expresses the edit permissions for this particular element:
- $permsEdit = $isPagesTable && $localCalcPerms & 2 || !$isPagesTable && $calcPerms & 16;
+ $permsEdit = $isPagesTable && $localCalcPerms & Permission::PAGE_EDIT || !$isPagesTable && $calcPerms & Permission::CONTENT_EDIT;
// Controls: Defines which controls should be shown
$enabledControls = $config['appearance']['enabledControls'];
// Hook: Can disable/enable single controls for specific child records:
@@ -701,7 +702,7 @@ class InlineElement {
if (!$tcaTableCtrl['readOnly'] && !$isVirtualRecord) {
// "New record after" link (ONLY if the records in the table are sorted by a "sortby"-row or if default values can depend on previous record):
if ($enabledControls['new'] && ($enableManualSorting || $tcaTableCtrl['useColumnsForDefaultValues'])) {
- if (!$isPagesTable && $calcPerms & 16 || $isPagesTable && $calcPerms & 8) {
+ if (!$isPagesTable && $calcPerms & Permission::CONTENT_EDIT || $isPagesTable && $calcPerms & Permission::PAGE_NEW) {
$onClick = 'return inline.createNewRecord(\'' . $nameObjectFt . '\',\'' . $rec['uid'] . '\')';
if ($config['inline']['inlineNewButtonStyle']) {
$style = ' style="' . $config['inline']['inlineNewButtonStyle'] . '"';
@@ -749,7 +750,7 @@ class InlineElement {
}
}
// "Delete" link:
- if ($enabledControls['delete'] && ($isPagesTable && $localCalcPerms & 4 || !$isPagesTable && $calcPerms & 16)) {
+ if ($enabledControls['delete'] && ($isPagesTable && $localCalcPerms & Permission::PAGE_DELETE || !$isPagesTable && $calcPerms & Permission::CONTENT_EDIT)) {
$onClick = 'inline.deleteRecord(' . GeneralUtility::quoteJSvalue($nameObjectFtId) . ');';
$cells['delete'] = '
<a class="btn btn-default" href="#" onclick="' . htmlspecialchars(('if (confirm(' . GeneralUtility::quoteJSvalue($languageService->getLL('deleteWarning')) . ')) { ' . $onClick . ' } return false;')) . '">
@@ -2207,10 +2208,10 @@ class InlineElement {
// If pages:
if ($table == 'pages') {
// Are we allowed to create new subpages?
- $hasAccess = $CALC_PERMS & 8 ? 1 : 0;
+ $hasAccess = $CALC_PERMS & Permission::PAGE_NEW ? 1 : 0;
} else {
// Are we allowed to edit content on this page?
- $hasAccess = $CALC_PERMS & 16 ? 1 : 0;
+ $hasAccess = $CALC_PERMS & Permission::CONTENT_EDIT ? 1 : 0;
}
} else {
$hasAccess = 1;
@@ -2223,11 +2224,11 @@ class InlineElement {
// If pages:
if ($table == 'pages') {
$CALC_PERMS = $GLOBALS['BE_USER']->calcPerms($calcPRec);
- $hasAccess = $CALC_PERMS & 2 ? 1 : 0;
+ $hasAccess = $CALC_PERMS & Permission::PAGE_EDIT ? 1 : 0;
} else {
// Fetching pid-record first.
$CALC_PERMS = $GLOBALS['BE_USER']->calcPerms(BackendUtility::getRecord('pages', $calcPRec['pid']));
- $hasAccess = $CALC_PERMS & 16 ? 1 : 0;
+ $hasAccess = $CALC_PERMS & Permission::CONTENT_EDIT ? 1 : 0;
}
// Check internals regarding access:
if ($hasAccess) {
diff --git a/typo3/sysext/backend/Classes/Form/Element/TreeElement.php b/typo3/sysext/backend/Classes/Form/Element/TreeElement.php
index d6f662f70253..e0b3ce11e6fb 100644
--- a/typo3/sysext/backend/Classes/Form/Element/TreeElement.php
+++ b/typo3/sysext/backend/Classes/Form/Element/TreeElement.php
@@ -14,6 +14,7 @@ namespace TYPO3\CMS\Backend\Form\Element;
* The TYPO3 project - inspiring people to share!
*/
+use TYPO3\CMS\Core\Type\Bitmask\JsConfirmation;
use TYPO3\CMS\Core\Utility\GeneralUtility;
/**
@@ -116,7 +117,7 @@ class TreeElement extends AbstractFormElement {
|| !empty($GLOBALS['TCA'][$table]['ctrl']['requestUpdate'])
&& GeneralUtility::inList(str_replace(' ', '', $GLOBALS['TCA'][$table]['ctrl']['requestUpdate']), $field)
) {
- if ($GLOBALS['BE_USER']->jsConfirmation(1)) {
+ if ($GLOBALS['BE_USER']->jsConfirmation(JsConfirmation::TYPE_CHANGE)) {
$onChange .= 'if (confirm(TBE_EDITOR.labels.onChangeAlert) && ' . 'TBE_EDITOR.checkSubmit(-1)){ TBE_EDITOR.submitForm() };';
} else {
$onChange .= 'if (TBE_EDITOR.checkSubmit(-1)){ TBE_EDITOR.submitForm() };';
diff --git a/typo3/sysext/backend/Classes/Form/FormEngine.php b/typo3/sysext/backend/Classes/Form/FormEngine.php
index 90d6858af353..d1fd91c7dd55 100644
--- a/typo3/sysext/backend/Classes/Form/FormEngine.php
+++ b/typo3/sysext/backend/Classes/Form/FormEngine.php
@@ -29,6 +29,7 @@ use TYPO3\CMS\Core\Html\HtmlParser;
use TYPO3\CMS\Core\Messaging\FlashMessage;
use TYPO3\CMS\Core\Messaging\FlashMessageQueue;
use TYPO3\CMS\Core\Messaging\FlashMessageService;
+use TYPO3\CMS\Core\Type\Bitmask\JsConfirmation;
use TYPO3\CMS\Core\Utility\DiffUtility;
use TYPO3\CMS\Core\Utility\ExtensionManagementUtility;
use TYPO3\CMS\Core\Utility\GeneralUtility;
@@ -876,7 +877,7 @@ class FormEngine {
|| !empty($GLOBALS['TCA'][$table]['ctrl']['requestUpdate'])
&& GeneralUtility::inList(str_replace(' ', '', $GLOBALS['TCA'][$table]['ctrl']['requestUpdate']), $field)
) {
- if ($backendUser->jsConfirmation(1)) {
+ if ($backendUser->jsConfirmation(JsConfirmation::TYPE_CHANGE)) {
$alertMsgOnChange = 'if (confirm(TBE_EDITOR.labels.onChangeAlert) && TBE_EDITOR.checkSubmit(-1)){ TBE_EDITOR.submitForm() };';
} else {
$alertMsgOnChange = 'if (TBE_EDITOR.checkSubmit(-1)){ TBE_EDITOR.submitForm() };';
@@ -2948,7 +2949,7 @@ class FormEngine {
$tCells = array();
$pct = round(100 / count($sArr));
foreach ($sArr as $sKey => $sheetCfg) {
- if ($this->getBackendUserAuthentication()->jsConfirmation(1)) {
+ if ($this->getBackendUserAuthentication()->jsConfirmation(JsConfirmation::TYPE_CHANGE)) {
$onClick = 'if (confirm(TBE_EDITOR.labels.onChangeAlert) && TBE_EDITOR.checkSubmit(-1)){'
. 'document.editform[\'' . $elName . '\'].value=\'' . $sKey . '\'; TBE_EDITOR.submitForm()};';
} else {
diff --git a/typo3/sysext/backend/Classes/Search/LiveSearch/LiveSearch.php b/typo3/sysext/backend/Classes/Search/LiveSearch/LiveSearch.php
index b4ff4511c503..62d16f72924d 100644
--- a/typo3/sysext/backend/Classes/Search/LiveSearch/LiveSearch.php
+++ b/typo3/sysext/backend/Classes/Search/LiveSearch/LiveSearch.php
@@ -16,6 +16,7 @@ namespace TYPO3\CMS\Backend\Search\LiveSearch;
use TYPO3\CMS\Backend\Utility\BackendUtility;
use TYPO3\CMS\Backend\Utility\IconUtility;
+use TYPO3\CMS\Core\Type\Bitmask\Permission;
use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Core\Utility\MathUtility;
@@ -239,9 +240,9 @@ class LiveSearch {
$editLink = '';
if ($tableName == 'pages') {
$localCalcPerms = $GLOBALS['BE_USER']->calcPerms(BackendUtility::getRecord('pages', $row['uid']));
- $permsEdit = $localCalcPerms & 2;
+ $permsEdit = $localCalcPerms & Permission::PAGE_EDIT;
} else {
- $permsEdit = $calcPerms & 16;
+ $permsEdit = $calcPerms & Permission::CONTENT_EDIT;
}
// "Edit" link: ( Only if permissions to edit the page-record of the content of the parent page ($this->id)
// @todo Is there an existing function to generate this link?
diff --git a/typo3/sysext/backend/Classes/Tree/Pagetree/ExtdirectTreeDataProvider.php b/typo3/sysext/backend/Classes/Tree/Pagetree/ExtdirectTreeDataProvider.php
index e538445eeead..bedd8644521a 100644
--- a/typo3/sysext/backend/Classes/Tree/Pagetree/ExtdirectTreeDataProvider.php
+++ b/typo3/sysext/backend/Classes/Tree/Pagetree/ExtdirectTreeDataProvider.php
@@ -15,6 +15,7 @@ namespace TYPO3\CMS\Backend\Tree\Pagetree;
*/
use TYPO3\CMS\Backend\Utility\IconUtility;
+use TYPO3\CMS\Core\Type\Bitmask\JsConfirmation;
use TYPO3\CMS\Core\Utility\GeneralUtility;
/**
@@ -175,7 +176,7 @@ class ExtdirectTreeDataProvider extends \TYPO3\CMS\Backend\Tree\AbstractExtJsTre
),
'Configuration' => array(
'hideFilter' => $GLOBALS['BE_USER']->getTSConfigVal('options.pageTree.hideFilter'),
- 'displayDeleteConfirmation' => $GLOBALS['BE_USER']->jsConfirmation(4),
+ 'displayDeleteConfirmation' => $GLOBALS['BE_USER']->jsConfirmation(JsConfirmation::DELETE),
'canDeleteRecursivly' => $GLOBALS['BE_USER']->uc['recursiveDelete'] == TRUE,
'disableIconLinkToContextmenu' => $GLOBALS['BE_USER']->getTSConfigVal('options.pageTree.disableIconLinkToContextmenu'),
'indicator' => $indicators['html'],
diff --git a/typo3/sysext/backend/Classes/View/PageLayoutView.php b/typo3/sysext/backend/Classes/View/PageLayoutView.php
index 8fbc43a95f14..a33cf166fa97 100644
--- a/typo3/sysext/backend/Classes/View/PageLayoutView.php
+++ b/typo3/sysext/backend/Classes/View/PageLayoutView.php
@@ -20,6 +20,7 @@ use TYPO3\CMS\Backend\Utility\IconUtility;
use TYPO3\CMS\Core\Authentication\BackendUserAuthentication;
use TYPO3\CMS\Core\Database\DatabaseConnection;
use TYPO3\CMS\Core\Messaging\FlashMessage;
+use TYPO3\CMS\Core\Type\Bitmask\Permission;
use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Core\Versioning\VersionState;
@@ -844,7 +845,7 @@ class PageLayoutView extends \TYPO3\CMS\Recordlist\RecordList\AbstractDatabaseRe
if ($this->option_showBigButtons) {
$bArray = array();
if (!$this->getPageLayoutController()->current_sys_language) {
- if ($this->ext_CALC_PERMS & 2) {
+ if ($this->ext_CALC_PERMS & Permission::PAGE_EDIT) {
$bArray[0] = $this->getPageLayoutController()->doc->t3Button(
BackendUtility::editOnClick('&edit[pages][' . $id . ']=edit', $this->backPath, ''),
$this->getLanguageService()->getLL('editPageProperties')
@@ -865,14 +866,14 @@ class PageLayoutView extends \TYPO3\CMS\Recordlist\RecordList\AbstractDatabaseRe
);
}
}
- if ($this->ext_CALC_PERMS & 4 || $this->ext_CALC_PERMS & 2) {
+ if ($this->ext_CALC_PERMS & Permission::PAGE_DELETE || $this->ext_CALC_PERMS & Permission::PAGE_EDIT) {
$bArray[1] = $this->getPageLayoutController()->doc->t3Button(
'window.location.href=' . GeneralUtility::quoteJSvalue(BackendUtility::getModuleUrl('move_element', array(), $this->backPath) . '&table=pages&uid=' . $id
. '&returnUrl=' . rawurlencode(GeneralUtility::getIndpEnv('REQUEST_URI'))) . ';',
$this->getLanguageService()->getLL('move_page')
);
}
- if ($this->ext_CALC_PERMS & 8) {
+ if ($this->ext_CALC_PERMS & Permission::PAGE_NEW) {
$parameters = [
'id' => $id,
'pagesOnly' => 1,
diff --git a/typo3/sysext/backend/Classes/View/ThumbnailView.php b/typo3/sysext/backend/Classes/View/ThumbnailView.php
index 972f0d87848d..64d7110558f7 100644
--- a/typo3/sysext/backend/Classes/View/ThumbnailView.php
+++ b/typo3/sysext/backend/Classes/View/ThumbnailView.php
@@ -16,6 +16,7 @@ namespace TYPO3\CMS\Backend\View;
use TYPO3\CMS\Core\Resource\File;
use TYPO3\CMS\Core\Resource\ResourceFactory;
+use TYPO3\CMS\Core\Type\Bitmask\Permission;
use TYPO3\CMS\Core\Utility\CommandUtility;
use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Core\Utility\MathUtility;
@@ -204,7 +205,7 @@ class ThumbnailView {
// Should be - ? 'png' : 'gif' - , but doesn't work (ImageMagick prob.?)
// René: png work for me
$thmMode = MathUtility::forceIntegerInRange($GLOBALS['TYPO3_CONF_VARS']['GFX']['thumbnails_png'], 0);
- $outext = $this->image->getExtension() != 'jpg' || $thmMode & 2 ? ($thmMode & 1 ? 'png' : 'gif') : 'jpg';
+ $outext = $this->image->getExtension() != 'jpg' || $thmMode & Permission::PAGE_EDIT ? ($thmMode & 1 ? 'png' : 'gif') : 'jpg';
$outfile = 'tmb_' . substr(md5(($this->image->getName() . $this->mtime . $this->size)), 0, 10) . '.' . $outext;
$this->output = $outpath . $outfile;
if ($GLOBALS['TYPO3_CONF_VARS']['GFX']['im']) {
diff --git a/typo3/sysext/core/Classes/Authentication/BackendUserAuthentication.php b/typo3/sysext/core/Classes/Authentication/BackendUserAuthentication.php
index 5dafdd138cf9..85d5b7526543 100644
--- a/typo3/sysext/core/Classes/Authentication/BackendUserAuthentication.php
+++ b/typo3/sysext/core/Classes/Authentication/BackendUserAuthentication.php
@@ -15,6 +15,7 @@ namespace TYPO3\CMS\Core\Authentication;
*/
use TYPO3\CMS\Core\Resource\ResourceStorage;
+use TYPO3\CMS\Core\Type\Bitmask\Permission;
use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Backend\Utility\BackendUtility;
@@ -521,13 +522,13 @@ class BackendUserAuthentication extends \TYPO3\CMS\Core\Authentication\AbstractU
public function calcPerms($row) {
// Return 31 for admin users.
if ($this->isAdmin()) {
- return 31;
+ return Permission::ALL;
}
// Return 0 if page is not within the allowed web mount
if (!$this->isInWebMount($row['uid'])) {
- return 0;
+ return Permission::NOTHING;
}
- $out = 0;
+ $out = Permission::NOTHING;
if (
isset($row['perms_userid']) && isset($row['perms_user']) && isset($row['perms_groupid'])
&& isset($row['perms_group']) && isset($row['perms_everybody']) && isset($this->groupList)
@@ -845,23 +846,23 @@ class BackendUserAuthentication extends \TYPO3\CMS\Core\Authentication\AbstractU
} elseif ($tableName == 'pages') {
switch ($actionType) {
case 'edit':
- $result = ($compiledPermissions & 2) !== 0;
+ $result = ($compiledPermissions & Permission::PAGE_EDIT) !== 0;
break;
case 'new':
// Create new page OR page content
- $result = ($compiledPermissions & 8 + 16) !== 0;
+ $result = ($compiledPermissions & Permission::PAGE_NEW + Permission::CONTENT_EDIT) !== 0;
break;
case 'delete':
- $result = ($compiledPermissions & 4) !== 0;
+ $result = ($compiledPermissions & Permission::PAGE_DELETE) !== 0;
break;
case 'editcontent':
- $result = ($compiledPermissions & 16) !== 0;
+ $result = ($compiledPermissions & Permission::CONTENT_EDIT) !== 0;
break;
default:
$result = FALSE;
}
} else {
- $result = ($compiledPermissions & 16) !== 0;
+ $result = ($compiledPermissions & Permission::CONTENT_EDIT) !== 0;
}
return $result;
}
@@ -1123,7 +1124,7 @@ class BackendUserAuthentication extends \TYPO3\CMS\Core\Authentication\AbstractU
break;
default:
// Custom workspace
- $retVal = $wsAccess['_ACCESS'] === 'owner' || $this->checkWorkspace(0) && !($wsAccess['publish_access'] & 2);
+ $retVal = $wsAccess['_ACCESS'] === 'owner' || $this->checkWorkspace(0) && !($wsAccess['publish_access'] & Permission::PAGE_EDIT);
// Either be an adminuser OR have access to online
// workspace which is OK as well as long as publishing
// access is not limited by workspace option.
@@ -1231,13 +1232,8 @@ class BackendUserAuthentication extends \TYPO3\CMS\Core\Authentication\AbstractU
/**
* Returns TRUE or FALSE, depending if an alert popup (a javascript confirmation) should be shown
- * call like $GLOBALS['BE_USER']->jsConfirmation($BITMASK)
- *
- * 1 - typeChange
- * 2 - copy/move/paste
- * 4 - delete
- * 8 - frontend editing
- * 128 - other (not used yet)
+ * call like $GLOBALS['BE_USER']->jsConfirmation($BITMASK).
+ * See \TYPO3\CMS\Core\Type\Bitmask\JsConfirmation.
*
* @param int $bitmask Bitmask
* @return bool TRUE if the confirmation should be shown
@@ -1434,11 +1430,11 @@ class BackendUserAuthentication extends \TYPO3\CMS\Core\Authentication\AbstractU
$this->includeHierarchy[] = $idList;
$this->TSdataArray[] = $this->addTScomment('Group "' . $row['title'] . '" [' . $row['uid'] . '] TSconfig field:') . $row['TSconfig'];
// Mount group database-mounts
- if (($this->user['options'] & 1) == 1) {
+ if (($this->user['options'] & Permission::PAGE_SHOW) == 1) {
$this->dataLists['webmount_list'] .= ',' . $row['db_mountpoints'];
}
// Mount group file-mounts
- if (($this->user['options'] & 2) == 2) {
+ if (($this->user['options'] & Permission::PAGE_EDIT) == 2) {
$this->dataLists['filemount_list'] .= ',' . $row['file_mountpoints'];
}
// The lists are made: groupMods, tables_select, tables_modify, pagetypes_select, non_exclude_fields, explicit_allowdeny, allowed_languages, custom_options
@@ -1649,7 +1645,7 @@ class BackendUserAuthentication extends \TYPO3\CMS\Core\Authentication\AbstractU
}
// Mount group home-dirs
- if ((is_array($this->user) && $this->user['options'] & 2) == 2 && $GLOBALS['TYPO3_CONF_VARS']['BE']['groupHomePath'] != '') {
+ if ((is_array($this->user) && $this->user['options'] & Permission::PAGE_EDIT) == 2 && $GLOBALS['TYPO3_CONF_VARS']['BE']['groupHomePath'] != '') {
// If groupHomePath is set, we attempt to mount it
list($groupHomeStorageUid, $groupHomeFilter) = explode(':', $GLOBALS['TYPO3_CONF_VARS']['BE']['groupHomePath'], 2);
$groupHomeStorageUid = (int)$groupHomeStorageUid;
@@ -1987,7 +1983,7 @@ class BackendUserAuthentication extends \TYPO3\CMS\Core\Authentication\AbstractU
} else {
switch ((string)$wsRec['uid']) {
case '0':
- $retVal = $this->groupData['workspace_perms'] & 1
+ $retVal = $this->groupData['workspace_perms'] & Permission::PAGE_SHOW
? array_merge($wsRec, array('_ACCESS' => 'online'))
: FALSE;
break;
diff --git a/typo3/sysext/core/Classes/DataHandling/DataHandler.php b/typo3/sysext/core/Classes/DataHandling/DataHandler.php
index 6fcc6b2f70e3..eb9bc4f3c389 100644
--- a/typo3/sysext/core/Classes/DataHandling/DataHandler.php
+++ b/typo3/sysext/core/Classes/DataHandling/DataHandler.php
@@ -25,6 +25,7 @@ use TYPO3\CMS\Core\Database\RelationHandler;
use TYPO3\CMS\Core\Messaging\FlashMessage;
use TYPO3\CMS\Core\Messaging\FlashMessageService;
use TYPO3\CMS\Core\Resource\ResourceFactory;
+use TYPO3\CMS\Core\Type\Bitmask\Permission;
use TYPO3\CMS\Core\Utility\ArrayUtility;
use TYPO3\CMS\Core\Utility\File\BasicFileUtility;
use TYPO3\CMS\Core\Utility\GeneralUtility;
@@ -5645,7 +5646,7 @@ class DataHandler {
* @see doesRecordExist()
*/
public function doesRecordExist_pageLookUp($id, $perms) {
- return $this->databaseConnection->exec_SELECTquery('uid', 'pages', 'uid=' . (int)$id . $this->deleteClause('pages') . ($perms && !$this->admin ? ' AND ' . $this->BE_USER->getPagePermsClause($perms) : '') . (!$this->admin && $GLOBALS['TCA']['pages']['ctrl']['editlock'] && $perms & 2 + 4 + 16 ? ' AND ' . $GLOBALS['TCA']['pages']['ctrl']['editlock'] . '=0' : ''));
+ return $this->databaseConnection->exec_SELECTquery('uid', 'pages', 'uid=' . (int)$id . $this->deleteClause('pages') . ($perms && !$this->admin ? ' AND ' . $this->BE_USER->getPagePermsClause($perms) : '') . (!$this->admin && $GLOBALS['TCA']['pages']['ctrl']['editlock'] && $perms & Permission::PAGE_EDIT + Permission::PAGE_DELETE + Permission::CONTENT_EDIT ? ' AND ' . $GLOBALS['TCA']['pages']['ctrl']['editlock'] . '=0' : ''));
}
/**
diff --git a/typo3/sysext/core/Classes/FrontendEditing/FrontendEditingController.php b/typo3/sysext/core/Classes/FrontendEditing/FrontendEditingController.php
index bdcd9af42623..0842f1f048d2 100644
--- a/typo3/sysext/core/Classes/FrontendEditing/FrontendEditingController.php
+++ b/typo3/sysext/core/Classes/FrontendEditing/FrontendEditingController.php
@@ -14,6 +14,7 @@ namespace TYPO3\CMS\Core\FrontendEditing;
* The TYPO3 project - inspiring people to share!
*/
+use TYPO3\CMS\Core\Type\Bitmask\Permission;
use TYPO3\CMS\Core\Utility\GeneralUtility;
/**
@@ -483,7 +484,7 @@ class FrontendEditingController {
$mayEdit = TRUE;
}
} else {
- $mayEdit = count($allow) && $perms & 16;
+ $mayEdit = count($allow) && $perms & Permission::CONTENT_EDIT;
}
}
}
@@ -516,15 +517,15 @@ class FrontendEditingController {
unset($allow['hide']);
unset($allow['delete']);
}
- if (!($perms & 2)) {
+ if (!($perms & Permission::PAGE_EDIT)) {
unset($allow['edit']);
unset($allow['move']);
unset($allow['hide']);
}
- if (!($perms & 4)) {
+ if (!($perms & Permission::PAGE_DELETE)) {
unset($allow['delete']);
}
- if (!($perms & 8)) {
+ if (!($perms & Permission::PAGE_NEW)) {
unset($allow['new']);
}
}
diff --git a/typo3/sysext/core/Classes/Type/Bitmask/JsConfirmation.php b/typo3/sysext/core/Classes/Type/Bitmask/JsConfirmation.php
new file mode 100644
index 000000000000..4bd9fab72932
--- /dev/null
+++ b/typo3/sysext/core/Classes/Type/Bitmask/JsConfirmation.php
@@ -0,0 +1,46 @@
+<?php
+namespace TYPO3\CMS\Core\Type\Bitmask;
+
+/*
+ * This file is part of the TYPO3 CMS project.
+ *
+ * It is free software; you can redistribute it and/or modify it under
+ * the terms of the GNU General Public License, either version 2
+ * of the License, or any later version.
+ *
+ * For the full copyright and license information, please read the
+ * LICENSE.txt file that was distributed with this source code.
+ *
+ * The TYPO3 project - inspiring people to share!
+ */
+
+/**
+ * A class providing constants for bitwise operations on javascript confirmation popups
+ */
+class JsConfirmation extends \TYPO3\CMS\Core\Type\Enumeration {
+
+ /**
+ * @var int
+ */
+ const TYPE_CHANGE = 1;
+
+ /**
+ * @var int
+ */
+ const COPY_MOVE_PASTE = 2;
+
+ /**
+ * @var int
+ */
+ const DELETE = 4;
+
+ /**
+ * @var int
+ */
+ const FE_EDIT = 8;
+
+ /**
+ * @var int
+ */
+ const OTHER = 128;
+}
diff --git a/typo3/sysext/core/Classes/Type/Bitmask/Permission.php b/typo3/sysext/core/Classes/Type/Bitmask/Permission.php
new file mode 100644
index 000000000000..242b15ae193f
--- /dev/null
+++ b/typo3/sysext/core/Classes/Type/Bitmask/Permission.php
@@ -0,0 +1,56 @@
+<?php
+namespace TYPO3\CMS\Core\Type\Bitmask;
+
+/*
+ * This file is part of the TYPO3 CMS project.
+ *
+ * It is free software; you can redistribute it and/or modify it under
+ * the terms of the GNU General Public License, either version 2
+ * of the License, or any later version.
+ *
+ * For the full copyright and license information, please read the
+ * LICENSE.txt file that was distributed with this source code.
+ *
+ * The TYPO3 project - inspiring people to share!
+ */
+
+/**
+ * A class providing constants for bitwise operations on page access check
+ */
+class Permission extends \TYPO3\CMS\Core\Type\Enumeration {
+
+ /**
+ * @var int
+ */
+ const NOTHING = 0;
+
+ /**
+ * @var int
+ */
+ const PAGE_SHOW = 1;
+
+ /**
+ * @var int
+ */
+ const PAGE_EDIT = 2;
+
+ /**
+ * @var int
+ */
+ const PAGE_DELETE = 4;
+
+ /**
+ * @var int
+ */
+ const PAGE_NEW = 8;
+
+ /**
+ * @var int
+ */
+ const CONTENT_EDIT = 16;
+
+ /**
+ * @var int
+ */
+ const ALL = 31;
+}
diff --git a/typo3/sysext/feedit/Classes/FrontendEditPanel.php b/typo3/sysext/feedit/Classes/FrontendEditPanel.php
index e631e9a92c7c..1be54e75936e 100644
--- a/typo3/sysext/feedit/Classes/FrontendEditPanel.php
+++ b/typo3/sysext/feedit/Classes/FrontendEditPanel.php
@@ -18,6 +18,7 @@ use TYPO3\CMS\Backend\Utility\BackendUtility;
use TYPO3\CMS\Backend\Utility\IconUtility;
use TYPO3\CMS\Backend\FrontendBackendUserAuthentication;
use TYPO3\CMS\Core\Database\DatabaseConnection;
+use TYPO3\CMS\Core\Type\Bitmask\JsConfirmation;
use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Core\Utility\MathUtility;
use TYPO3\CMS\Frontend\Controller\TypoScriptFrontendController;
@@ -252,7 +253,7 @@ class FrontendEditPanel {
$out = $this->editPanelLinkWrap_doWrap($string, $adminURL . 'alt_doc.php?edit[' . $rParts[0] . '][' . $nPid . ']=new&noView=' . $nV, $currentRecord);
}
} else {
- if ($confirm && $this->backendUser->jsConfirmation(8)) {
+ if ($confirm && $this->backendUser->jsConfirmation(JsConfirmation::FE_EDIT)) {
// Gets htmlspecialchared later
$cf1 = 'if (confirm(' . GeneralUtility::quoteJSvalue($confirm, TRUE) . ')) {';
$cf2 = '}';
diff --git a/typo3/sysext/filelist/Classes/FileList.php b/typo3/sysext/filelist/Classes/FileList.php
index c0180a86709a..c6034b966538 100644
--- a/typo3/sysext/filelist/Classes/FileList.php
+++ b/typo3/sysext/filelist/Classes/FileList.php
@@ -27,6 +27,7 @@ use TYPO3\CMS\Core\Resource\InaccessibleFolder;
use TYPO3\CMS\Core\Resource\ProcessedFile;
use TYPO3\CMS\Core\Resource\ResourceFactory;
use TYPO3\CMS\Core\Resource\Utility\ListUtility;
+use TYPO3\CMS\Core\Type\Bitmask\JsConfirmation;
use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Core\Resource\FolderInterface;
@@ -906,7 +907,7 @@ class FileList extends AbstractRecordList {
$referenceCountText = BackendUtility::referenceCount('sys_file', $fileOrFolderObject->getUid(), ' (There are %s reference(s) to this file!)');
}
- if ($this->getBackendUser()->jsConfirmation(4)) {
+ if ($this->getBackendUser()->jsConfirmation(JsConfirmation::DELETE)) {
$confirmationCheck = 'confirm(' . GeneralUtility::quoteJSvalue(sprintf($this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:mess.delete'), $fileOrFolderObject->getName()) . $referenceCountText) . ')';
} else {
$confirmationCheck = '1 == 1';
diff --git a/typo3/sysext/frontend/Classes/View/AdminPanelView.php b/typo3/sysext/frontend/Classes/View/AdminPanelView.php
index 3230d77f3ec8..69c0a7a5bc49 100644
--- a/typo3/sysext/frontend/Classes/View/AdminPanelView.php
+++ b/typo3/sysext/frontend/Classes/View/AdminPanelView.php
@@ -16,6 +16,7 @@ namespace TYPO3\CMS\Frontend\View;
use TYPO3\CMS\Backend\Utility\BackendUtility;
use TYPO3\CMS\Backend\Utility\IconUtility;
+use TYPO3\CMS\Core\Type\Bitmask\Permission;
use TYPO3\CMS\Core\Utility\GeneralUtility;
/**
@@ -604,7 +605,7 @@ class AdminPanelView {
$icon = IconUtility::getSpriteIcon('actions-document-history-open', array('title' => $this->extGetLL('edit_recordHistory', FALSE)));
$toolBar = '<a href="' . htmlspecialchars(TYPO3_mainDir . BackendUtility::getModuleUrl('record_history', array('element' => 'pages:' . $id, 'returnUrl' => $returnUrl))) . '#latest">' . $icon . '</a>';
- if ($perms & 16 && $langAllowed) {
+ if ($perms & Permission::CONTENT_EDIT && $langAllowed) {
$params = '';
if ($GLOBALS['TSFE']->sys_language_uid) {
$params = '&sys_language_uid=' . $GLOBALS['TSFE']->sys_language_uid;
@@ -612,15 +613,15 @@ class AdminPanelView {
$icon = IconUtility::getSpriteIcon('actions-document-new', array('title' => $this->extGetLL('edit_newContentElement', FALSE)));
$toolBar .= '<a href="' . htmlspecialchars($newContentWizScriptPath . 'id=' . $id . $params . '&returnUrl=' . rawurlencode($returnUrl)) . '">' . $icon . '</a>';
}
- if ($perms & 2) {
+ if ($perms & Permission::PAGE_EDIT) {
$icon = IconUtility::getSpriteIcon('actions-document-move', array('title' => $this->extGetLL('edit_move_page', FALSE)));
$toolBar .= '<a href="' . htmlspecialchars(TYPO3_mainDir . BackendUtility::getModuleUrl('move_element', ['table' => 'pages', 'uid' => $id, 'returnUrl' => $returnUrl])) . '">' . $icon . '</a>';
}
- if ($perms & 8) {
+ if ($perms & Permission::PAGE_NEW) {
$icon = IconUtility::getSpriteIcon('actions-page-new', array('title' => $this->extGetLL('edit_newPage', FALSE)));
$toolBar .= '<a href="' . htmlspecialchars(TYPO3_mainDir . BackendUtility::getModuleUrl('db_new', ['id' => $id, 'pagesOnly' => 1, 'returnUrl' => $returnUrl])) . '">' . $icon . '</a>';
}
- if ($perms & 2) {
+ if ($perms & Permission::PAGE_EDIT) {
$params = '&edit[pages][' . $id . ']=edit';
$icon = IconUtility::getSpriteIcon('actions-document-open', array('title' => $this->extGetLL('edit_editPageProperties', FALSE)));
$toolBar .= '<a href="' . htmlspecialchars(TYPO3_mainDir . 'alt_doc.php?' . $params . '&noView=1&returnUrl=' . rawurlencode($returnUrl)) . '">' . $icon . '</a>';
diff --git a/typo3/sysext/recordlist/Classes/RecordList/AbstractDatabaseRecordList.php b/typo3/sysext/recordlist/Classes/RecordList/AbstractDatabaseRecordList.php
index 0905216e2aa9..ced8fb777139 100644
--- a/typo3/sysext/recordlist/Classes/RecordList/AbstractDatabaseRecordList.php
+++ b/typo3/sysext/recordlist/Classes/RecordList/AbstractDatabaseRecordList.php
@@ -19,6 +19,7 @@ use TYPO3\CMS\Backend\Tree\View\PageTreeView;
use TYPO3\CMS\Backend\Utility\BackendUtility;
use TYPO3\CMS\Core\Authentication\BackendUserAuthentication;
use TYPO3\CMS\Core\Database\DatabaseConnection;
+use TYPO3\CMS\Core\Type\Bitmask\Permission;
use TYPO3\CMS\Core\Utility\ExtensionManagementUtility;
use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Core\Utility\HttpUtility;
@@ -796,9 +797,9 @@ class AbstractDatabaseRecordList extends AbstractRecordList {
// If the listed table is 'pages' we have to request the permission settings for each page:
if ($table == 'pages') {
$localCalcPerms = $this->getBackendUserAuthentication()->calcPerms(BackendUtility::getRecord('pages', $row['uid']));
- $permsEdit = $localCalcPerms & 2;
+ $permsEdit = $localCalcPerms & Permission::PAGE_EDIT;
} else {
- $permsEdit = $this->calcPerms & 16;
+ $permsEdit = $this->calcPerms & Permission::CONTENT_EDIT;
}
// "Edit" link: ( Only if permissions to edit the page-record of the content of the parent page ($this->id)
if ($permsEdit) {
diff --git a/typo3/sysext/recordlist/Classes/RecordList/DatabaseRecordList.php b/typo3/sysext/recordlist/Classes/RecordList/DatabaseRecordList.php
index e69a839d0f94..19002b622890 100644
--- a/typo3/sysext/recordlist/Classes/RecordList/DatabaseRecordList.php
+++ b/typo3/sysext/recordlist/Classes/RecordList/DatabaseRecordList.php
@@ -20,6 +20,7 @@ use TYPO3\CMS\Backend\Template\DocumentTemplate;
use TYPO3\CMS\Core\Database\DatabaseConnection;
use TYPO3\CMS\Core\Messaging\FlashMessage;
use TYPO3\CMS\Core\Messaging\FlashMessageService;
+use TYPO3\CMS\Core\Type\Bitmask\Permission;
use TYPO3\CMS\Core\Utility\ExtensionManagementUtility;
use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Backend\Utility\BackendUtility;
@@ -248,7 +249,7 @@ class DatabaseRecordList extends AbstractDatabaseRecordList {
}
// If edit permissions are set, see
// \TYPO3\CMS\Core\Authentication\BackendUserAuthentication
- if ($localCalcPerms & 2 && !empty($this->id)) {
+ if ($localCalcPerms & Permission::PAGE_EDIT && !empty($this->id)) {
// Edit
$params = '&edit[pages][' . $this->pageRow['uid'] . ']=edit';
$onClick = htmlspecialchars(BackendUtility::editOnClick($params, $this->backPath, -1));
@@ -257,7 +258,7 @@ class DatabaseRecordList extends AbstractDatabaseRecordList {
. IconUtility::getSpriteIcon('actions-page-open') . '</a>';
}
// Paste
- if ($localCalcPerms & 8 || $localCalcPerms & 16) {
+ if ($localCalcPerms & Permission::PAGE_NEW || $localCalcPerms & Permission::CONTENT_EDIT) {
$elFromTable = $this->clipObj->elFromTable('');
if (count($elFromTable)) {
$onClick = htmlspecialchars(('return ' . $this->clipObj->confirmMsg('pages', $this->pageRow, 'into', $elFromTable)));
@@ -1187,7 +1188,7 @@ class DatabaseRecordList extends AbstractDatabaseRecordList {
$localCalcPerms = $this->getBackendUserAuthentication()->calcPerms(BackendUtility::getRecord('pages', $row['uid']));
}
// This expresses the edit permissions for this particular element:
- $permsEdit = $table === 'pages' && $localCalcPerms & 2 || $table !== 'pages' && $this->calcPerms & 16;
+ $permsEdit = $table === 'pages' && $localCalcPerms & Permission::PAGE_EDIT || $table !== 'pages' && $this->calcPerms & Permission::CONTENT_EDIT;
// "Show" link (only pages and tt_content elements)
if ($table == 'pages' || $table == 'tt_content') {
$viewAction = '<a class="btn btn-default" href="#" onclick="'
@@ -1261,7 +1262,7 @@ class DatabaseRecordList extends AbstractDatabaseRecordList {
// "New record after" link (ONLY if the records in the table are sorted by a "sortby"-row
// or if default values can depend on previous record):
if ($GLOBALS['TCA'][$table]['ctrl']['sortby'] || $GLOBALS['TCA'][$table]['ctrl']['useColumnsForDefaultValues']) {
- if ($table !== 'pages' && $this->calcPerms & 16 || $table === 'pages' && $this->calcPerms & 8) {
+ if ($table !== 'pages' && $this->calcPerms & Permission::CONTENT_EDIT || $table === 'pages' && $this->calcPerms & Permission::PAGE_NEW) {
if ($this->showNewRecLink($table)) {
$params = '&edit[' . $table . '][' . -($row['_MOVE_PLH'] ? $row['_MOVE_PLH_uid'] : $row['uid']) . ']=new';
$newAction = '<a class="btn btn-default" href="#" onclick="' . htmlspecialchars(BackendUtility::editOnClick($params, $this->backPath, -1))
@@ -1324,7 +1325,7 @@ class DatabaseRecordList extends AbstractDatabaseRecordList {
$this->addActionToCellGroup($cells, $hideAction, 'hide');
}
// "Delete" link:
- if ($table === 'pages' && $localCalcPerms & 4 || $table !== 'pages' && $this->calcPerms & 16) {
+ if ($table === 'pages' && $localCalcPerms & Permission::PAGE_DELETE || $table !== 'pages' && $this->calcPerms & Permission::CONTENT_EDIT) {
// Check if the record version is in "deleted" state, because that will switch the action to "restore"
if ($this->getBackendUserAuthentication()->workspace > 0 && isset($row['t3ver_state']) && (int)$row['t3ver_state'] === 2) {
$actionName = 'restore';
@@ -1361,7 +1362,7 @@ class DatabaseRecordList extends AbstractDatabaseRecordList {
// "Levels" links: Moving pages into new levels...
if ($permsEdit && $table == 'pages' && !$this->searchLevels) {
// Up (Paste as the page right after the current parent page)
- if ($this->calcPerms & 8) {
+ if ($this->calcPerms & Permission::PAGE_NEW) {
$params = '&cmd[' . $table . '][' . $row['uid'] . '][move]=' . -$this->id;
$moveLeftAction = '<a class="btn btn-default" href="#" onclick="'
. htmlspecialchars('return jumpToUrl(\'' . $module->doc->issueCommand($params, -1) . '\');')
@@ -1372,7 +1373,7 @@ class DatabaseRecordList extends AbstractDatabaseRecordList {
// Down (Paste as subpage to the page right above)
if ($this->currentTable['prevUid'][$row['uid']]) {
$localCalcPerms = $this->getBackendUserAuthentication()->calcPerms(BackendUtility::getRecord('pages', $this->currentTable['prevUid'][$row['uid']]));
- if ($localCalcPerms & 8) {
+ if ($localCalcPerms & Permission::PAGE_NEW) {
$params = '&cmd[' . $table . '][' . $row['uid'] . '][move]=' . $this->currentTable['prevUid'][$row['uid']];
$moveRightAction = '<a class="btn btn-default" href="#" onclick="'
. htmlspecialchars('return jumpToUrl(\'' . $module->doc->issueCommand($params, -1) . '\');')
diff --git a/typo3/sysext/recycler/Classes/Utility/RecyclerUtility.php b/typo3/sysext/recycler/Classes/Utility/RecyclerUtility.php
index 49b146298246..0b96c3cbca13 100644
--- a/typo3/sysext/recycler/Classes/Utility/RecyclerUtility.php
+++ b/typo3/sysext/recycler/Classes/Utility/RecyclerUtility.php
@@ -15,6 +15,7 @@ namespace TYPO3\CMS\Recycler\Utility;
*/
use TYPO3\CMS\Backend\Utility\BackendUtility;
+use TYPO3\CMS\Core\Type\Bitmask\Permission;
use TYPO3\CMS\Core\Utility\GeneralUtility;
/**
@@ -49,11 +50,11 @@ class RecyclerUtility {
if ($table === 'pages') {
// If pages:
$calculatedPermissions = $backendUser->calcPerms($calcPRec);
- $hasAccess = $calculatedPermissions & 2 ? TRUE : FALSE;
+ $hasAccess = $calculatedPermissions & Permission::PAGE_EDIT ? TRUE : FALSE;
} else {
$calculatedPermissions = $backendUser->calcPerms(BackendUtility::getRecord('pages', $calcPRec['pid']));
// Fetching pid-record first.
- $hasAccess = $calculatedPermissions & 16 ? TRUE : FALSE;
+ $hasAccess = $calculatedPermissions & Permission::CONTENT_EDIT ? TRUE : FALSE;
}
// Check internals regarding access:
if ($hasAccess) {
--
GitLab