diff --git a/typo3/sysext/backend/Classes/ContextMenu/ItemProviders/RecordProvider.php b/typo3/sysext/backend/Classes/ContextMenu/ItemProviders/RecordProvider.php
index 6f0254e29a1da20d497ca2c4eb025cacbb2c5823..3e4b6491cae0729ce7ef2ff4b56dce4c81820d05 100644
--- a/typo3/sysext/backend/Classes/ContextMenu/ItemProviders/RecordProvider.php
+++ b/typo3/sysext/backend/Classes/ContextMenu/ItemProviders/RecordProvider.php
@@ -616,8 +616,7 @@ class RecordProvider extends AbstractProvider
*/
protected function isRecordCurrentBackendUser(): bool
{
- return $this->table === 'be_users'
- && (int)($this->record['uid'] ?? 0) === (int)$this->backendUser->user[$this->backendUser->userid_column];
+ return $this->table === 'be_users' && (int)($this->record['uid'] ?? 0) === $this->backendUser->getUserId();
}
/**
diff --git a/typo3/sysext/backend/Classes/Controller/EditDocumentController.php b/typo3/sysext/backend/Classes/Controller/EditDocumentController.php
index 08a2cc1aa7c94d4410ffde8d5b5cdfc733def7c2..6f59a0771de75665c2a73c5af4abfbcef803b5c6 100644
--- a/typo3/sysext/backend/Classes/Controller/EditDocumentController.php
+++ b/typo3/sysext/backend/Classes/Controller/EditDocumentController.php
@@ -523,7 +523,7 @@ class EditDocumentController
$tce->process_cmdmap();
// Update the module menu for the current backend user, as they updated their UI language
- $currentUserId = (int)($beUser->user[$beUser->userid_column] ?? 0);
+ $currentUserId = $beUser->getUserId();
if ($currentUserId
&& (string)($this->data['be_users'][$currentUserId]['lang'] ?? '') !== ''
&& $this->data['be_users'][$currentUserId]['lang'] !== $beUser->user['lang']
@@ -1846,8 +1846,7 @@ class EditDocumentController
protected function isRecordCurrentBackendUser(): bool
{
$backendUser = $this->getBackendUser();
- return $this->firstEl['table'] === 'be_users'
- && (int)($this->firstEl['uid'] ?? 0) === (int)$backendUser->user[$backendUser->userid_column];
+ return $this->firstEl['table'] === 'be_users' && (int)($this->firstEl['uid'] ?? 0) === $backendUser->getUserId();
}
/**
diff --git a/typo3/sysext/backend/Classes/Controller/MfaAjaxController.php b/typo3/sysext/backend/Classes/Controller/MfaAjaxController.php
index 5a7d6c059fcd749ec5346245e55128b12457721c..6061454191e66a535de56c76f102d912d094f338 100644
--- a/typo3/sysext/backend/Classes/Controller/MfaAjaxController.php
+++ b/typo3/sysext/backend/Classes/Controller/MfaAjaxController.php
@@ -83,7 +83,7 @@ class MfaAjaxController
protected function deactivateAction(ServerRequestInterface $request, AbstractUserAuthentication $user): array
{
$lang = $this->getLanguageService();
- $userName = (string)($user->user[$user->username_column] ?? '');
+ $userName = $user->getUserName() ?? '';
$providerToDeactivate = (string)($request->getParsedBody()['provider'] ?? '');
if ($providerToDeactivate === '') {
@@ -191,13 +191,12 @@ class MfaAjaxController
return false;
}
// Providers from system maintainers can only be deactivated by system maintainers.
- // This check is however only be necessary if the target is a backend user.
- if ($user instanceof BackendUserAuthentication) {
- $systemMaintainers = array_map(intval(...), $GLOBALS['TYPO3_CONF_VARS']['SYS']['systemMaintainers'] ?? []);
- $isTargetUserSystemMaintainer = $user->isAdmin() && in_array((int)$user->user[$user->userid_column], $systemMaintainers, true);
- if ($isTargetUserSystemMaintainer && !$this->getBackendUser()->isSystemMaintainer()) {
- return false;
- }
+ // However, this check is only necessary if the target is a backend user.
+ if (($user instanceof BackendUserAuthentication)
+ && $user->isSystemMaintainer(true)
+ && !$this->getBackendUser()->isSystemMaintainer()
+ ) {
+ return false;
}
return true;
}
diff --git a/typo3/sysext/backend/Classes/Controller/MfaController.php b/typo3/sysext/backend/Classes/Controller/MfaController.php
index 9def4483969926eecac85d7dc7f6cf46e2120875..a19527e64b85bb80aae3eb56a915887ff5a85539 100644
--- a/typo3/sysext/backend/Classes/Controller/MfaController.php
+++ b/typo3/sysext/backend/Classes/Controller/MfaController.php
@@ -194,10 +194,10 @@ class MfaController extends AbstractMfaController
int $error = SystemLogErrorClassification::MESSAGE
): void {
$user = $this->getBackendUser();
- $username = $user->user[$user->username_column];
+ $username = $user->getUserName();
$context = [
'user' => [
- 'uid' => $user->user[$user->userid_column],
+ 'uid' => $user->getUserId(),
'username' => $username,
],
];
diff --git a/typo3/sysext/backend/Classes/Controller/MfaSetupController.php b/typo3/sysext/backend/Classes/Controller/MfaSetupController.php
index 9a8b11b6ec66899c9875dd176e9e9b33b22d7597..cc7e3ca4ffbb45d5ed358d40f0aad0da63a52c92 100644
--- a/typo3/sysext/backend/Classes/Controller/MfaSetupController.php
+++ b/typo3/sysext/backend/Classes/Controller/MfaSetupController.php
@@ -264,8 +264,8 @@ class MfaSetupController extends AbstractMfaController
$user = $this->getBackendUser();
$context = [
'user' => [
- 'uid' => $user->user[$user->userid_column],
- 'username' => $user->user[$user->username_column],
+ 'uid' => $user->getUserId(),
+ 'username' => $user->getUserName(),
],
];
if ($mfaProvider !== null) {
diff --git a/typo3/sysext/backend/Classes/Controller/RecordListDownloadController.php b/typo3/sysext/backend/Classes/Controller/RecordListDownloadController.php
index 77569709878cfc642116d98a478cea1f6a1ac024..3cf994b485d2527560811bea72b7ba4ba884d891 100644
--- a/typo3/sysext/backend/Classes/Controller/RecordListDownloadController.php
+++ b/typo3/sysext/backend/Classes/Controller/RecordListDownloadController.php
@@ -226,7 +226,7 @@ class RecordListDownloadController
'table' => $this->table,
'page' => $this->id,
'timestamp' => GeneralUtility::makeInstance(Context::class)->getPropertyFromAspect('date', 'timestamp'),
- 'user' => $user->user[$user->username_column] ?? '',
+ 'user' => $user->getUserName() ?? '',
'site' => $GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename'] ?? '',
'options' => [
'columns' => array_values($headerRow),
diff --git a/typo3/sysext/backend/Classes/Controller/SwitchUserController.php b/typo3/sysext/backend/Classes/Controller/SwitchUserController.php
index c7a8216897883d334642593b54eacb07baa1517c..4b61dc8abc965ffb7cf33f0b3e2cb8301d143fcc 100644
--- a/typo3/sysext/backend/Classes/Controller/SwitchUserController.php
+++ b/typo3/sysext/backend/Classes/Controller/SwitchUserController.php
@@ -65,8 +65,8 @@ class SwitchUserController
$targetUserId = (int)($request->getParsedBody()['targetUser'] ?? 0);
if (!$targetUserId
- || $targetUserId === (int)($currentUser->user[$currentUser->userid_column] ?? 0)
|| !$currentUser->isAdmin()
+ || $targetUserId === $currentUser->getUserId()
|| $currentUser->getOriginalUserIdWhenInSwitchUserMode() !== null
) {
return $this->jsonResponse(['success' => false]);
@@ -86,13 +86,13 @@ class SwitchUserController
// Write user switch to log
$currentUser->writelog(Type::LOGIN, 2, 0, 1, 'User %s switched to user %s (be_users:%s)', [
- $currentUser->user[$currentUser->username_column] ?? '',
+ $currentUser->getUserName() ?? '',
$targetUser['username'] ?? '',
$targetUserId,
]);
$sessionObject = $currentUser->getSession();
- $sessionObject->set('backuserid', (int)($currentUser->user[$currentUser->userid_column] ?? 0));
+ $sessionObject->set('backuserid', $currentUser->getUserId() ?? 0);
$sessionRecord = $sessionObject->toArray();
$sessionRecord['ses_userid'] = $targetUserId;
$this->sessionBackend->update($sessionObject->getIdentifier(), $sessionRecord);
diff --git a/typo3/sysext/backend/Classes/Form/Element/MfaInfoElement.php b/typo3/sysext/backend/Classes/Form/Element/MfaInfoElement.php
index 3f377542340f3112a8192bce685e8f87f540571e..bbce9d7aad5f6af03bc054f9afffd088e421a1b5 100644
--- a/typo3/sysext/backend/Classes/Form/Element/MfaInfoElement.php
+++ b/typo3/sysext/backend/Classes/Form/Element/MfaInfoElement.php
@@ -65,13 +65,12 @@ class MfaInfoElement extends AbstractFormElement
$isDeactivationAllowed = true;
// Providers from system maintainers can only be deactivated by system maintainers.
- // This check is however only be necessary if the target is a backend user.
- if ($targetUser instanceof BackendUserAuthentication) {
- $systemMaintainers = array_map(intval(...), $GLOBALS['TYPO3_CONF_VARS']['SYS']['systemMaintainers'] ?? []);
- $isTargetUserSystemMaintainer = $targetUser->isAdmin() && in_array($userId, $systemMaintainers, true);
- if ($isTargetUserSystemMaintainer && !$currentBackendUser->isSystemMaintainer()) {
- $isDeactivationAllowed = false;
- }
+ // However, this check is only necessary if the target is a backend user.
+ if (($targetUser instanceof BackendUserAuthentication)
+ && $targetUser->isSystemMaintainer(true)
+ && !$currentBackendUser->isSystemMaintainer()
+ ) {
+ $isDeactivationAllowed = false;
}
// Fetch providers from the mfa field
diff --git a/typo3/sysext/backend/Classes/Form/FieldInformation/AdminIsSystemMaintainer.php b/typo3/sysext/backend/Classes/Form/FieldInformation/AdminIsSystemMaintainer.php
index c5f91171f30673245cb4782fe43380647be873cb..303bfc412fb132ad5116e25584ef35ceb8b47629 100644
--- a/typo3/sysext/backend/Classes/Form/FieldInformation/AdminIsSystemMaintainer.php
+++ b/typo3/sysext/backend/Classes/Form/FieldInformation/AdminIsSystemMaintainer.php
@@ -49,7 +49,7 @@ class AdminIsSystemMaintainer extends AbstractNode
return $resultArray;
}
- // False if current user is not in system maintainer list or if switch to user mode is active
+ // False, if the current user is not in the list of system maintainers, or if the switch to user mode is active
$isCurrentUserSystemMaintainer = $this->getBackendUser()->isSystemMaintainer();
$systemMaintainers = array_map(intval(...), $GLOBALS['TYPO3_CONF_VARS']['SYS']['systemMaintainers'] ?? []);
$isTargetUserInSystemMaintainerList = in_array((int)$this->data['vanillaUid'], $systemMaintainers, true);
diff --git a/typo3/sysext/backend/Classes/Search/EventListener/AddLiveSearchResultActionsListener.php b/typo3/sysext/backend/Classes/Search/EventListener/AddLiveSearchResultActionsListener.php
index 6a0a2e7a5e2e306e4ff0edc4d50b656b5cce036c..96af5895649404dc2dae17688cfbcd90e6b2731e 100644
--- a/typo3/sysext/backend/Classes/Search/EventListener/AddLiveSearchResultActionsListener.php
+++ b/typo3/sysext/backend/Classes/Search/EventListener/AddLiveSearchResultActionsListener.php
@@ -67,9 +67,9 @@ final class AddLiveSearchResultActionsListener
if (
$backendUserIsActive
- && (int)(($currentUser->user[$currentUser->userid_column] ?? 0) !== $resultItem->getExtraData()['uid'])
&& $currentUser->isAdmin()
&& $currentUser->getOriginalUserIdWhenInSwitchUserMode() === null
+ && (int)$currentUser->getUserId() !== (int)$resultItem->getExtraData()['uid']
) {
$switchUserAction = (new ResultItemAction('switch_backend_user'))
->setLabel($this->languageService->sL('LLL:EXT:beuser/Resources/Private/Language/locallang.xlf:switchBackMode'))
diff --git a/typo3/sysext/beuser/Classes/ViewHelpers/SwitchUserViewHelper.php b/typo3/sysext/beuser/Classes/ViewHelpers/SwitchUserViewHelper.php
index e153a68266829d7d6b9ae5e4c086d8a06a3d7c9a..a9b09b9e2c2f0943940265377e4e00847b429524 100644
--- a/typo3/sysext/beuser/Classes/ViewHelpers/SwitchUserViewHelper.php
+++ b/typo3/sysext/beuser/Classes/ViewHelpers/SwitchUserViewHelper.php
@@ -52,7 +52,7 @@ final class SwitchUserViewHelper extends AbstractTagBasedViewHelper
$currentUser = self::getBackendUserAuthentication();
$iconFactory = GeneralUtility::makeInstance(IconFactory::class);
- if ((int)$targetUser->getUid() === (int)($currentUser->user[$currentUser->userid_column] ?? 0)
+ if ((int)$targetUser->getUid() === (int)$currentUser->getUserId()
|| !$targetUser->isActive()
|| !$currentUser->isAdmin()
|| $currentUser->getOriginalUserIdWhenInSwitchUserMode() !== null
diff --git a/typo3/sysext/core/Classes/Authentication/AbstractUserAuthentication.php b/typo3/sysext/core/Classes/Authentication/AbstractUserAuthentication.php
index 81c6ce791321b76f5421ce5463e6bc2780ed9efb..ce4066b8a20bc23cfb6b579f07270dd9a4d7fe5d 100644
--- a/typo3/sysext/core/Classes/Authentication/AbstractUserAuthentication.php
+++ b/typo3/sysext/core/Classes/Authentication/AbstractUserAuthentication.php
@@ -557,8 +557,8 @@ abstract class AbstractUserAuthentication implements LoggerAwareInterface
// The login session is started.
$this->loginSessionStarted = true;
$this->logger->debug('User session finally read', [
- $this->userid_column => $this->user[$this->userid_column],
- $this->username_column => $this->user[$this->username_column],
+ $this->userid_column => $this->getUserId(),
+ $this->username_column => $this->getUserName(),
]);
} else {
// if we come here the current session is for sure not anonymous as this is a pre-condition for $authenticated = true
@@ -941,15 +941,16 @@ abstract class AbstractUserAuthentication implements LoggerAwareInterface
*/
public function writeUC()
{
- if (is_array($this->user) && $this->user[$this->userid_column]) {
+ $userId = $this->getUserId();
+ if ($userId) {
$this->logger->debug('writeUC: {userid_column}={value}', [
'userid_column' => $this->userid_column,
- 'value' => $this->user[$this->userid_column],
+ 'value' => $userId,
]);
GeneralUtility::makeInstance(ConnectionPool::class)->getConnectionForTable($this->user_table)->update(
$this->user_table,
['uc' => serialize($this->uc)],
- [$this->userid_column => (int)$this->user[$this->userid_column]],
+ [$this->userid_column => $userId],
['uc' => Connection::PARAM_LOB]
);
}
@@ -1253,6 +1254,22 @@ abstract class AbstractUserAuthentication implements LoggerAwareInterface
return $query->executeQuery()->fetchAssociative();
}
+ public function getUserId(): ?int
+ {
+ if (isset($this->user[$this->userid_column])) {
+ return (int)$this->user[$this->userid_column];
+ }
+ return null;
+ }
+
+ public function getUserName(): ?string
+ {
+ if (isset($this->user[$this->username_column])) {
+ return (string)$this->user[$this->username_column];
+ }
+ return null;
+ }
+
public function getSession(): UserSession
{
return $this->userSession;
diff --git a/typo3/sysext/core/Classes/Authentication/BackendUserAuthentication.php b/typo3/sysext/core/Classes/Authentication/BackendUserAuthentication.php
index 1dafb4d0b6ba9181efead8373dfece78ae2447a1..c6a15ca093069edf2416d4ad4dfb3dcb46af9b07 100644
--- a/typo3/sysext/core/Classes/Authentication/BackendUserAuthentication.php
+++ b/typo3/sysext/core/Classes/Authentication/BackendUserAuthentication.php
@@ -375,17 +375,19 @@ class BackendUserAuthentication extends AbstractUserAuthentication
* Checks if the user is in the valid list of allowed system maintainers. if the list is not set,
* then all admins are system maintainers. If the list is empty, no one is system maintainer (good for production
* systems). If the currently logged in user is in "switch user" mode, this method will return false.
+ *
+ * @param bool $pure Whether to apply pure behavior (ignore development & skip fallback for empty setting)
*/
- public function isSystemMaintainer(): bool
+ public function isSystemMaintainer(bool $pure = false): bool
{
if (!$this->isAdmin()) {
return false;
}
- if ($GLOBALS['BE_USER']->getOriginalUserIdWhenInSwitchUserMode()) {
+ if (!$pure && $GLOBALS['BE_USER']->getOriginalUserIdWhenInSwitchUserMode()) {
return false;
}
- if (Environment::getContext()->isDevelopment()) {
+ if (!$pure && Environment::getContext()->isDevelopment()) {
return true;
}
$systemMaintainers = $GLOBALS['TYPO3_CONF_VARS']['SYS']['systemMaintainers'] ?? [];
@@ -396,11 +398,10 @@ class BackendUserAuthentication extends AbstractUserAuthentication
// No system maintainers set up yet, so any admin is allowed to access the modules
// but explicitly no system maintainers allowed (empty string in TYPO3_CONF_VARS).
// @todo: this needs to be adjusted once system maintainers can log into the install tool with their credentials
- if (isset($GLOBALS['TYPO3_CONF_VARS']['SYS']['systemMaintainers'])
- && empty($GLOBALS['TYPO3_CONF_VARS']['SYS']['systemMaintainers'])) {
- return false;
+ if (!$pure && !isset($GLOBALS['TYPO3_CONF_VARS']['SYS']['systemMaintainers'])) {
+ return true;
}
- return true;
+ return false;
}
/**
@@ -2045,8 +2046,8 @@ class BackendUserAuthentication extends AbstractUserAuthentication
// In case the current session is a "switch-user" session, MFA is not required
if ($this->getOriginalUserIdWhenInSwitchUserMode() !== null) {
$this->logger->debug('MFA is skipped in switch user mode', [
- $this->userid_column => $this->user[$this->userid_column],
- $this->username_column => $this->user[$this->username_column],
+ $this->userid_column => $this->getUserId(),
+ $this->username_column => $this->getUserName(),
]);
return;
}
diff --git a/typo3/sysext/core/Classes/Authentication/Mfa/MfaProviderPropertyManager.php b/typo3/sysext/core/Classes/Authentication/Mfa/MfaProviderPropertyManager.php
index 751e6885cd68cf2e89405f2a6a1f25694cdcb5a1..ea96331a1142b0fd87b683d230ba8d742fe121e6 100644
--- a/typo3/sysext/core/Classes/Authentication/Mfa/MfaProviderPropertyManager.php
+++ b/typo3/sysext/core/Classes/Authentication/Mfa/MfaProviderPropertyManager.php
@@ -157,8 +157,8 @@ class MfaProviderPropertyManager implements LoggerAwareInterface
$this->logger->debug('MFA properties updated', [
'provider' => $this->providerIdentifier,
'user' => [
- 'uid' => $this->user->user[$this->user->userid_column],
- 'username' => $this->user->user[$this->user->username_column],
+ 'uid' => $this->user->getUserId(),
+ 'username' => $this->user->getUserName(),
],
]);
@@ -166,7 +166,7 @@ class MfaProviderPropertyManager implements LoggerAwareInterface
return (bool)GeneralUtility::makeInstance(ConnectionPool::class)->getConnectionForTable($this->user->user_table)->update(
$this->user->user_table,
[self::DATABASE_FIELD_NAME => $mfa],
- [$this->user->userid_column => (int)$this->user->user[$this->user->userid_column]],
+ [$this->user->userid_column => (int)$this->user->getUserId()],
[self::DATABASE_FIELD_NAME => Connection::PARAM_LOB]
);
}
diff --git a/typo3/sysext/core/Classes/Hooks/TcaDisplayConditions.php b/typo3/sysext/core/Classes/Hooks/TcaDisplayConditions.php
index 21a66562f3b3905974f19f8d749a4e0669c475b9..0d531b42fd6acae9c8469d4a61acfa68cab7b211 100644
--- a/typo3/sysext/core/Classes/Hooks/TcaDisplayConditions.php
+++ b/typo3/sysext/core/Classes/Hooks/TcaDisplayConditions.php
@@ -49,7 +49,7 @@ class TcaDisplayConditions
public function isRecordCurrentUser(array $parameters): bool
{
$backendUser = $this->getBackendUser();
- $isCurrentUser = (int)($parameters['record']['uid'] ?? 0) === (int)$backendUser->user[$backendUser->userid_column];
+ $isCurrentUser = (int)($parameters['record']['uid'] ?? 0) === (int)$backendUser->getUserId();
return strtolower($parameters['conditionParameters'][0] ?? 'true') !== 'true' ? !$isCurrentUser : $isCurrentUser;
}
diff --git a/typo3/sysext/frontend/Classes/Authentication/FrontendUserAuthentication.php b/typo3/sysext/frontend/Classes/Authentication/FrontendUserAuthentication.php
index 32ff2af66c1216ee32feef073de74b85f687e03a..164e64fe2f130e8dcffd7e04f8341fcf35d51e25 100644
--- a/typo3/sysext/frontend/Classes/Authentication/FrontendUserAuthentication.php
+++ b/typo3/sysext/frontend/Classes/Authentication/FrontendUserAuthentication.php
@@ -268,8 +268,8 @@ class FrontendUserAuthentication extends AbstractUserAuthentication
$groupDataArr = [];
if (is_array($this->user)) {
$this->logger->debug('Get usergroups for user', [
- $this->userid_column => $this->user[$this->userid_column],
- $this->username_column => $this->user[$this->username_column],
+ $this->userid_column => $this->getUserId(),
+ $this->username_column => $this->getUserName(),
]);
$groupDataArr = GeneralUtility::makeInstance(GroupResolver::class)->resolveGroupsForUser($this->user, $this->usergroup_table);
}
diff --git a/typo3/sysext/setup/Classes/Controller/SetupModuleController.php b/typo3/sysext/setup/Classes/Controller/SetupModuleController.php
index acf7e2da4e90c11091730b732c76b8e94dd5f5ce..e8a627c3d206d8b8de2836c78b514ac2f1c9265e 100644
--- a/typo3/sysext/setup/Classes/Controller/SetupModuleController.php
+++ b/typo3/sysext/setup/Classes/Controller/SetupModuleController.php
@@ -774,9 +774,8 @@ class SetupModuleController
}
$backendUser = $this->getBackendUser();
- $systemMaintainers = array_map('intval', $GLOBALS['TYPO3_CONF_VARS']['SYS']['systemMaintainers'] ?? []);
- if ($backendUser->getOriginalUserIdWhenInSwitchUserMode() && in_array((int)$backendUser->user['uid'], $systemMaintainers, true)) {
- // DataHandler denies changing password of system maintainer users in switch user mode.
+ if ($backendUser->getOriginalUserIdWhenInSwitchUserMode() && $backendUser->isSystemMaintainer(true)) {
+ // DataHandler denies changing the password of system maintainer users in switch user mode.
// Do not show the password fields is this case.
$key = array_search('password', $allowedFields);
if ($key !== false) {
diff --git a/typo3/sysext/sys_note/Classes/Renderer/NoteRenderer.php b/typo3/sysext/sys_note/Classes/Renderer/NoteRenderer.php
index 389a9eff649328e3b3f7821fec82a67435cf1839..11d8e25cb14ea706d204701c7f06478814687b4a 100644
--- a/typo3/sysext/sys_note/Classes/Renderer/NoteRenderer.php
+++ b/typo3/sysext/sys_note/Classes/Renderer/NoteRenderer.php
@@ -50,13 +50,13 @@ class NoteRenderer
{
$backendUser = $this->getBackendUser();
if ($pid <= 0
- || empty($backendUser->user[$backendUser->userid_column])
+ || empty($backendUser->getUserId())
|| !$backendUser->check('tables_select', 'sys_note')
) {
return '';
}
- $notes = $this->sysNoteRepository->findByPidAndAuthorId($pid, (int)$backendUser->user[$backendUser->userid_column], $position);
+ $notes = $this->sysNoteRepository->findByPidAndAuthorId($pid, (int)$backendUser->getUserId(), $position);
if (!$notes) {
return '';
}
diff --git a/typo3/sysext/webhooks/Classes/Message/MfaVerificationErrorOccurredMessage.php b/typo3/sysext/webhooks/Classes/Message/MfaVerificationErrorOccurredMessage.php
index a2ff91d179a5fc8e7f65a1f5b054b2a7d9afb1fd..6cef5314ea96b46524f4e9fae396906af1c88410 100644
--- a/typo3/sysext/webhooks/Classes/Message/MfaVerificationErrorOccurredMessage.php
+++ b/typo3/sysext/webhooks/Classes/Message/MfaVerificationErrorOccurredMessage.php
@@ -55,8 +55,8 @@ final class MfaVerificationErrorOccurredMessage implements WebhookMessageInterfa
$event->getRequest()->getUri(),
[
'user' => [
- 'id' => $user->user[$user->userid_column],
- 'name' => $user->user[$user->username_column],
+ 'id' => $user->getUserId(),
+ 'name' => $user->getUserName(),
],
'provider' => $event->getProviderIdentifier(),
'isLocked' => $event->isProviderLocked(),