[BUGFIX] Set permission module for admins only
[Packages/TYPO3.CMS.git] / typo3 / sysext / perm / Classes / Controller / PermissionModuleController.php
1 <?php
2 namespace TYPO3\CMS\Perm\Controller;
3
4 /**
5 * Module: Permission setting
6 *
7 * Script Class for the Web > Access module
8 * This module lets you view and change permissions for pages.
9 *
10 * Variables:
11 * $this->MOD_SETTINGS['depth']: intval 1-3: decides the depth of the list
12 *
13 * @author Kasper Skårhøj <kasperYYYY@typo3.com>
14 * @author Andreas Kundoch <typo3@mehrwert.de>
15 * @package TYPO3
16 * @subpackage core
17 */
18 class PermissionModuleController {
19
20 /**
21 * Number of levels to enable recursive settings for
22 *
23 * @var integer
24 */
25 public $getLevels = 10;
26
27 /**
28 * Module config
29 * Internal static
30 *
31 * @var array
32 */
33 protected $MCONF = array();
34
35 /**
36 * Document Template Object
37 *
38 * @var \TYPO3\CMS\Backend\Template\DocumentTemplate
39 */
40 public $doc;
41
42 /**
43 * Content accumulation
44 *
45 * @var string
46 */
47 public $content;
48
49 /**
50 * Module menu
51 *
52 * @var array
53 */
54 public $MOD_MENU = array();
55
56 /**
57 * Module settings, cleansed.
58 *
59 * @var aray
60 */
61 public $MOD_SETTINGS = array();
62
63 /**
64 * Page select permissions
65 *
66 * @var string
67 */
68 public $perms_clause;
69
70 /**
71 * Current page record
72 *
73 * @var array
74 */
75 public $pageinfo;
76
77 /**
78 * Background color 1
79 *
80 * @var string
81 */
82 public $color;
83
84 /**
85 * Background color 2
86 *
87 * @var string
88 */
89 public $color2;
90
91 /**
92 * Background color 3
93 *
94 * @var string
95 */
96 public $color3;
97
98 /**
99 * Set internally if the current user either OWNS the page OR is admin user!
100 *
101 * @var boolean
102 */
103 public $editingAllowed;
104
105 /**
106 * Internal, static: GPvars: Page id.
107 *
108 * @var integer
109 */
110 public $id;
111
112 /**
113 * If set, editing of the page permissions will occur (showing the editing screen). Notice:
114 * This value is evaluated against permissions and so it will change internally!
115 *
116 * @var boolean
117 */
118 public $edit;
119
120 /**
121 * ID to return to after editing.
122 *
123 * @var integer
124 */
125 public $return_id;
126
127 /**
128 * Id of the page which was just edited.
129 *
130 * @var integer
131 */
132 public $lastEdited;
133
134 /**
135 * Initialization of the class
136 *
137 * @return void
138 */
139 public function init() {
140 // Setting GPvars:
141 $this->id = intval(\TYPO3\CMS\Core\Utility\GeneralUtility::_GP('id'));
142 $this->edit = \TYPO3\CMS\Core\Utility\GeneralUtility::_GP('edit');
143 $this->return_id = \TYPO3\CMS\Core\Utility\GeneralUtility::_GP('return_id');
144 $this->lastEdited = \TYPO3\CMS\Core\Utility\GeneralUtility::_GP('lastEdited');
145 // Module name;
146 $this->MCONF = $GLOBALS['MCONF'];
147 // Page select clause:
148 $this->perms_clause = $GLOBALS['BE_USER']->getPagePermsClause(1);
149 // Initializing document template object:
150 $this->doc = \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance('TYPO3\\CMS\\Backend\\Template\\DocumentTemplate');
151 $this->doc->backPath = $GLOBALS['BACK_PATH'];
152 $this->doc->setModuleTemplate('templates/perm.html');
153 $this->doc->form = '<form action="' . $GLOBALS['BACK_PATH'] . 'tce_db.php" method="post" name="editform">';
154 $this->doc->loadJavascriptLib('../t3lib/jsfunc.updateform.js');
155 $this->doc->getPageRenderer()->loadPrototype();
156 $this->doc->loadJavascriptLib(\TYPO3\CMS\Core\Extension\ExtensionManager::extRelPath('perm') . 'mod1/perm.js');
157 // Setting up the context sensitive menu:
158 $this->doc->getContextMenuCode();
159 // Set up menus:
160 $this->menuConfig();
161 }
162
163 /**
164 * Configuration of the menu and initialization of ->MOD_SETTINGS
165 *
166 * @return void
167 */
168 public function menuConfig() {
169 $level = $GLOBALS['LANG']->getLL('levels');
170 $this->MOD_MENU = array(
171 'depth' => array(
172 1 => '1 ' . $level,
173 2 => '2 ' . $level,
174 3 => '3 ' . $level,
175 4 => '4 ' . $level,
176 10 => '10 ' . $level
177 )
178 );
179 // Clean up settings:
180 $this->MOD_SETTINGS = \TYPO3\CMS\Backend\Utility\BackendUtility::getModuleData($this->MOD_MENU, \TYPO3\CMS\Core\Utility\GeneralUtility::_GP('SET'), $this->MCONF['name']);
181 }
182
183 /**
184 * Main function, creating the content for the access editing forms/listings
185 *
186 * @return void
187 */
188 public function main() {
189 // Access check...
190 // The page will show only if there is a valid page and if this page may be viewed by the user
191 $this->pageinfo = \TYPO3\CMS\Backend\Utility\BackendUtility::readPageAccess($this->id, $this->perms_clause);
192 $access = is_array($this->pageinfo);
193 // Checking access:
194 if ($this->id && $access || $GLOBALS['BE_USER']->isAdmin() && !$this->id) {
195 if ($GLOBALS['BE_USER']->isAdmin() && !$this->id) {
196 $this->pageinfo = array('title' => '[root-level]', 'uid' => 0, 'pid' => 0);
197 }
198 // This decides if the editform can and will be drawn:
199 $this->editingAllowed = $this->pageinfo['perms_userid'] == $GLOBALS['BE_USER']->user['uid'] || $GLOBALS['BE_USER']->isAdmin();
200 $this->edit = $this->edit && $this->editingAllowed;
201 // If $this->edit then these functions are called in the end of the page...
202 if ($this->edit) {
203 $this->doc->postCode .= $this->doc->wrapScriptTags('
204 setCheck("check[perms_user]", "data[pages][' . $this->id . '][perms_user]");
205 setCheck("check[perms_group]", "data[pages][' . $this->id . '][perms_group]");
206 setCheck("check[perms_everybody]", "data[pages][' . $this->id . '][perms_everybody]");
207 ');
208 }
209 // Draw the HTML page header.
210 $this->content .= $this->doc->header($GLOBALS['LANG']->getLL('permissions') . ($this->edit ? ': ' . $GLOBALS['LANG']->getLL('Edit') : ''));
211 $this->content .= $this->doc->spacer(5);
212 $vContent = $this->doc->getVersionSelector($this->id, 1);
213 if ($vContent) {
214 $this->content .= $this->doc->section('', $vContent);
215 }
216 // Main function, branching out:
217 if (!$this->edit) {
218 $this->notEdit();
219 } else {
220 $this->doEdit();
221 }
222 $docHeaderButtons = $this->getButtons();
223 $markers['CSH'] = $this->docHeaderButtons['csh'];
224 $markers['FUNC_MENU'] = \TYPO3\CMS\Backend\Utility\BackendUtility::getFuncMenu($this->id, 'SET[mode]', $this->MOD_SETTINGS['mode'], $this->MOD_MENU['mode']);
225 $markers['CONTENT'] = $this->content;
226 // Build the <body> for the module
227 $this->content = $this->doc->moduleBody($this->pageinfo, $docHeaderButtons, $markers);
228 } else {
229 // If no access or if ID == zero
230 $this->content = $this->doc->header($GLOBALS['LANG']->getLL('permissions'));
231 }
232 // Renders the module page
233 $this->content = $this->doc->render($GLOBALS['LANG']->getLL('permissions'), $this->content);
234 }
235
236 /**
237 * Outputting the accumulated content to screen
238 *
239 * @return void
240 */
241 public function printContent() {
242 $this->content = $this->doc->insertStylesAndJS($this->content);
243 echo $this->content;
244 }
245
246 /**
247 * Create the panel of buttons for submitting the form or otherwise perform operations.
248 *
249 * @return array all available buttons as an assoc. array
250 */
251 protected function getButtons() {
252 $buttons = array(
253 'csh' => '',
254 'view' => '',
255 'shortcut' => ''
256 );
257 // CSH
258 $buttons['csh'] = \TYPO3\CMS\Backend\Utility\BackendUtility::cshItem('_MOD_web_info', '', $GLOBALS['BACK_PATH'], '', TRUE);
259 // View page
260 $buttons['view'] = '<a href="#" onclick="' . htmlspecialchars(\TYPO3\CMS\Backend\Utility\BackendUtility::viewonclick($this->pageinfo['uid'], $GLOBALS['BACK_PATH'], \TYPO3\CMS\Backend\Utility\BackendUtility::BEgetRootLine($this->pageinfo['uid']))) . '" title="' . $GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_core.php:labels.showPage', 1) . '">' . \TYPO3\CMS\Backend\Utility\IconUtility::getSpriteIcon('actions-document-view') . '</a>';
261 // Shortcut
262 if ($GLOBALS['BE_USER']->mayMakeShortcut()) {
263 $buttons['shortcut'] = $this->doc->makeShortcutIcon('id, edit_record, pointer, new_unique_uid, search_field, search_levels, showLimit', implode(',', array_keys($this->MOD_MENU)), $this->MCONF['name']);
264 }
265 return $buttons;
266 }
267
268 /*****************************
269 *
270 * Listing and Form rendering
271 *
272 *****************************/
273 /**
274 * Creating form for editing the permissions ($this->edit = TRUE)
275 * (Adding content to internal content variable)
276 *
277 * @return void
278 */
279 public function doEdit() {
280 if ($GLOBALS['BE_USER']->workspace != 0) {
281 // Adding section with the permission setting matrix:
282 $lockedMessage = \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance('TYPO3\\CMS\\Core\\Messaging\\FlashMessage', $GLOBALS['LANG']->getLL('WorkspaceWarningText'), $GLOBALS['LANG']->getLL('WorkspaceWarning'), \TYPO3\CMS\Core\Messaging\FlashMessage::WARNING);
283 \TYPO3\CMS\Core\Messaging\FlashMessageQueue::addMessage($lockedMessage);
284 }
285 // Get usernames and groupnames
286 $beGroupArray = \TYPO3\CMS\Backend\Utility\BackendUtility::getListGroupNames('title,uid');
287 $beGroupKeys = array_keys($beGroupArray);
288 $beUserArray = \TYPO3\CMS\Backend\Utility\BackendUtility::getUserNames();
289 if (!$GLOBALS['BE_USER']->isAdmin()) {
290 $beUserArray = \TYPO3\CMS\Backend\Utility\BackendUtility::blindUserNames($beUserArray, $beGroupKeys, 1);
291 }
292 $beGroupArray_o = ($beGroupArray = \TYPO3\CMS\Backend\Utility\BackendUtility::getGroupNames());
293 if (!$GLOBALS['BE_USER']->isAdmin()) {
294 $beGroupArray = \TYPO3\CMS\Backend\Utility\BackendUtility::blindGroupNames($beGroupArray_o, $beGroupKeys, 1);
295 }
296
297 // Owner selector:
298 $options = '';
299 // flag: is set if the page-userid equals one from the user-list
300 $userset = 0;
301 foreach ($beUserArray as $uid => $row) {
302 if ($uid == $this->pageinfo['perms_userid']) {
303 $userset = 1;
304 $selected = ' selected="selected"';
305 } else {
306 $selected = '';
307 }
308 $options .= '
309 <option value="' . $uid . '"' . $selected . '>' . htmlspecialchars($row['username']) . '</option>';
310 }
311 $options = '
312 <option value="0"></option>' . $options;
313 $selector = '
314 <select name="data[pages][' . $this->id . '][perms_userid]">
315 ' . $options . '
316 </select>';
317 $this->content .= $this->doc->section($GLOBALS['LANG']->getLL('Owner') . ':', $selector);
318 // Group selector:
319 $options = '';
320 $userset = 0;
321 foreach ($beGroupArray as $uid => $row) {
322 if ($uid == $this->pageinfo['perms_groupid']) {
323 $userset = 1;
324 $selected = ' selected="selected"';
325 } else {
326 $selected = '';
327 }
328 $options .= '
329 <option value="' . $uid . '"' . $selected . '>' . htmlspecialchars($row['title']) . '</option>';
330 }
331 // If the group was not set AND there is a group for the page
332 if (!$userset && $this->pageinfo['perms_groupid']) {
333 $options = '
334 <option value="' . $this->pageinfo['perms_groupid'] . '" selected="selected">' . htmlspecialchars($beGroupArray_o[$this->pageinfo['perms_groupid']]['title']) . '</option>' . $options;
335 }
336 $options = '
337 <option value="0"></option>' . $options;
338 $selector = '
339 <select name="data[pages][' . $this->id . '][perms_groupid]">
340 ' . $options . '
341 </select>';
342 $this->content .= $this->doc->divider(5);
343 $this->content .= $this->doc->section($GLOBALS['LANG']->getLL('Group') . ':', $selector);
344 // Permissions checkbox matrix:
345 $code = '
346 <table border="0" cellspacing="2" cellpadding="0" id="typo3-permissionMatrix">
347 <tr>
348 <td></td>
349 <td class="bgColor2">' . str_replace(' ', '<br />', $GLOBALS['LANG']->getLL('1', 1)) . '</td>
350 <td class="bgColor2">' . str_replace(' ', '<br />', $GLOBALS['LANG']->getLL('16', 1)) . '</td>
351 <td class="bgColor2">' . str_replace(' ', '<br />', $GLOBALS['LANG']->getLL('2', 1)) . '</td>
352 <td class="bgColor2">' . str_replace(' ', '<br />', $GLOBALS['LANG']->getLL('4', 1)) . '</td>
353 <td class="bgColor2">' . str_replace(' ', '<br />', $GLOBALS['LANG']->getLL('8', 1)) . '</td>
354 </tr>
355 <tr>
356 <td align="right" class="bgColor2">' . $GLOBALS['LANG']->getLL('Owner', 1) . '</td>
357 <td class="bgColor-20">' . $this->printCheckBox('perms_user', 1) . '</td>
358 <td class="bgColor-20">' . $this->printCheckBox('perms_user', 5) . '</td>
359 <td class="bgColor-20">' . $this->printCheckBox('perms_user', 2) . '</td>
360 <td class="bgColor-20">' . $this->printCheckBox('perms_user', 3) . '</td>
361 <td class="bgColor-20">' . $this->printCheckBox('perms_user', 4) . '</td>
362 </tr>
363 <tr>
364 <td align="right" class="bgColor2">' . $GLOBALS['LANG']->getLL('Group', 1) . '</td>
365 <td class="bgColor-20">' . $this->printCheckBox('perms_group', 1) . '</td>
366 <td class="bgColor-20">' . $this->printCheckBox('perms_group', 5) . '</td>
367 <td class="bgColor-20">' . $this->printCheckBox('perms_group', 2) . '</td>
368 <td class="bgColor-20">' . $this->printCheckBox('perms_group', 3) . '</td>
369 <td class="bgColor-20">' . $this->printCheckBox('perms_group', 4) . '</td>
370 </tr>
371 <tr>
372 <td align="right" class="bgColor2">' . $GLOBALS['LANG']->getLL('Everybody', 1) . '</td>
373 <td class="bgColor-20">' . $this->printCheckBox('perms_everybody', 1) . '</td>
374 <td class="bgColor-20">' . $this->printCheckBox('perms_everybody', 5) . '</td>
375 <td class="bgColor-20">' . $this->printCheckBox('perms_everybody', 2) . '</td>
376 <td class="bgColor-20">' . $this->printCheckBox('perms_everybody', 3) . '</td>
377 <td class="bgColor-20">' . $this->printCheckBox('perms_everybody', 4) . '</td>
378 </tr>
379 </table>
380 <br />
381
382 <input type="hidden" name="data[pages][' . $this->id . '][perms_user]" value="' . $this->pageinfo['perms_user'] . '" />
383 <input type="hidden" name="data[pages][' . $this->id . '][perms_group]" value="' . $this->pageinfo['perms_group'] . '" />
384 <input type="hidden" name="data[pages][' . $this->id . '][perms_everybody]" value="' . $this->pageinfo['perms_everybody'] . '" />
385 ' . $this->getRecursiveSelect($this->id, $this->perms_clause) . '
386 <input type="submit" name="submit" value="' . $GLOBALS['LANG']->getLL('Save', 1) . '" />' . '<input type="submit" value="' . $GLOBALS['LANG']->getLL('Abort', 1) . '" onclick="' . htmlspecialchars(('jumpToUrl(' . \TYPO3\CMS\Core\Utility\GeneralUtility::quoteJSvalue((\TYPO3\CMS\Backend\Utility\BackendUtility::getModuleUrl('web_perm') . '&id=' . $this->id), TRUE) . '); return false;')) . '" />
387 <input type="hidden" name="redirect" value="' . htmlspecialchars((\TYPO3\CMS\Backend\Utility\BackendUtility::getModuleUrl('web_perm') . '&mode=' . $this->MOD_SETTINGS['mode'] . '&depth=' . $this->MOD_SETTINGS['depth'] . '&id=' . intval($this->return_id) . '&lastEdited=' . $this->id)) . '" />
388 ' . \TYPO3\CMS\Backend\Form\FormEngine::getHiddenTokenField('tceAction');
389 // Adding section with the permission setting matrix:
390 $this->content .= $this->doc->divider(5);
391 $this->content .= $this->doc->section($GLOBALS['LANG']->getLL('permissions') . ':', $code);
392 // CSH for permissions setting
393 $this->content .= \TYPO3\CMS\Backend\Utility\BackendUtility::cshItem('xMOD_csh_corebe', 'perm_module_setting', $GLOBALS['BACK_PATH'], '<br /><br />');
394 // Adding help text:
395 if ($GLOBALS['BE_USER']->uc['helpText']) {
396 $this->content .= $this->doc->divider(20);
397 $legendText = '<strong>' . $GLOBALS['LANG']->getLL('1', 1) . '</strong>: ' . $GLOBALS['LANG']->getLL('1_t', 1);
398 $legendText .= '<br /><strong>' . $GLOBALS['LANG']->getLL('16', 1) . '</strong>: ' . $GLOBALS['LANG']->getLL('16_t', 1);
399 $legendText .= '<br /><strong>' . $GLOBALS['LANG']->getLL('2', 1) . '</strong>: ' . $GLOBALS['LANG']->getLL('2_t', 1);
400 $legendText .= '<br /><strong>' . $GLOBALS['LANG']->getLL('4', 1) . '</strong>: ' . $GLOBALS['LANG']->getLL('4_t', 1);
401 $legendText .= '<br /><strong>' . $GLOBALS['LANG']->getLL('8', 1) . '</strong>: ' . $GLOBALS['LANG']->getLL('8_t', 1);
402 $code = $legendText . '<br /><br />' . $GLOBALS['LANG']->getLL('def', 1);
403 $this->content .= $this->doc->section($GLOBALS['LANG']->getLL('Legend', 1) . ':', $code);
404 }
405 }
406
407 /**
408 * Showing the permissions in a tree ($this->edit = FALSE)
409 * (Adding content to internal content variable)
410 *
411 * @return void
412 */
413 public function notEdit() {
414 // Get usernames and groupnames: The arrays we get in return contains only 1) users which are members of the groups of the current user, 2) groups that the current user is member of
415 $beGroupKeys = $GLOBALS['BE_USER']->userGroupsUID;
416 $beUserArray = \TYPO3\CMS\Backend\Utility\BackendUtility::getUserNames();
417 if (!$GLOBALS['BE_USER']->isAdmin()) {
418 $beUserArray = \TYPO3\CMS\Backend\Utility\BackendUtility::blindUserNames($beUserArray, $beGroupKeys, 0);
419 }
420 $beGroupArray = \TYPO3\CMS\Backend\Utility\BackendUtility::getGroupNames();
421 if (!$GLOBALS['BE_USER']->isAdmin()) {
422 $beGroupArray = \TYPO3\CMS\Backend\Utility\BackendUtility::blindGroupNames($beGroupArray, $beGroupKeys, 0);
423 }
424 // Length of strings:
425 $tLen = 20;
426 // Selector for depth:
427 $code = $GLOBALS['LANG']->getLL('Depth') . ': ';
428 $code .= \TYPO3\CMS\Backend\Utility\BackendUtility::getFuncMenu($this->id, 'SET[depth]', $this->MOD_SETTINGS['depth'], $this->MOD_MENU['depth']);
429 $this->content .= $this->doc->section('', $code);
430 $this->content .= $this->doc->spacer(5);
431 // Initialize tree object:
432 $tree = \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance('TYPO3\\CMS\\Backend\\Tree\\View\\PageTreeView');
433 $tree->init('AND ' . $this->perms_clause);
434 $tree->addField('perms_user', 1);
435 $tree->addField('perms_group', 1);
436 $tree->addField('perms_everybody', 1);
437 $tree->addField('perms_userid', 1);
438 $tree->addField('perms_groupid', 1);
439 $tree->addField('hidden');
440 $tree->addField('fe_group');
441 $tree->addField('starttime');
442 $tree->addField('endtime');
443 $tree->addField('editlock');
444 // Creating top icon; the current page
445 $HTML = \TYPO3\CMS\Backend\Utility\IconUtility::getSpriteIconForRecord('pages', $this->pageinfo);
446 $tree->tree[] = array('row' => $this->pageinfo, 'HTML' => $HTML);
447 // Create the tree from $this->id:
448 $tree->getTree($this->id, $this->MOD_SETTINGS['depth'], '');
449 // Make header of table:
450 $code = '
451 <tr class="t3-row-header">
452 <td colspan="2">&nbsp;</td>
453 <td><img' . \TYPO3\CMS\Backend\Utility\IconUtility::skinImg($GLOBALS['BACK_PATH'], 'gfx/line.gif', 'width="5" height="16"') . ' alt="" /></td>
454 <td>' . $GLOBALS['LANG']->getLL('Owner', TRUE) . '</td>
455 <td><img' . \TYPO3\CMS\Backend\Utility\IconUtility::skinImg($GLOBALS['BACK_PATH'], 'gfx/line.gif', 'width="5" height="16"') . ' alt="" /></td>
456 <td align="center">' . $GLOBALS['LANG']->getLL('Group', TRUE) . '</td>
457 <td><img' . \TYPO3\CMS\Backend\Utility\IconUtility::skinImg($GLOBALS['BACK_PATH'], 'gfx/line.gif', 'width="5" height="16"') . ' alt="" /></td>
458 <td align="center">' . $GLOBALS['LANG']->getLL('Everybody', TRUE) . '</td>
459 <td><img' . \TYPO3\CMS\Backend\Utility\IconUtility::skinImg($GLOBALS['BACK_PATH'], 'gfx/line.gif', 'width="5" height="16"') . ' alt="" /></td>
460 <td align="center">' . $GLOBALS['LANG']->getLL('EditLock', TRUE) . '</td>
461 </tr>
462 ';
463 // Traverse tree:
464 foreach ($tree->tree as $data) {
465 $cells = array();
466 $pageId = $data['row']['uid'];
467 // Background colors:
468 $bgCol = $this->lastEdited == $pageId ? ' class="bgColor-20"' : '';
469 $lE_bgCol = $bgCol;
470 // User/Group names:
471 $userName = $beUserArray[$data['row']['perms_userid']] ? $beUserArray[$data['row']['perms_userid']]['username'] : ($data['row']['perms_userid'] ? $data['row']['perms_userid'] : '');
472 if ($data['row']['perms_userid'] && !$beUserArray[$data['row']['perms_userid']]) {
473 $userName = \TYPO3\CMS\Perm\Controller\PermissionAjaxController::renderOwnername($pageId, $data['row']['perms_userid'], htmlspecialchars(\TYPO3\CMS\Core\Utility\GeneralUtility::fixed_lgd_cs($userName, 20)), FALSE);
474 } else {
475 $userName = \TYPO3\CMS\Perm\Controller\PermissionAjaxController::renderOwnername($pageId, $data['row']['perms_userid'], htmlspecialchars(\TYPO3\CMS\Core\Utility\GeneralUtility::fixed_lgd_cs($userName, 20)));
476 }
477 $groupName = $beGroupArray[$data['row']['perms_groupid']] ? $beGroupArray[$data['row']['perms_groupid']]['title'] : ($data['row']['perms_groupid'] ? $data['row']['perms_groupid'] : '');
478 if ($data['row']['perms_groupid'] && !$beGroupArray[$data['row']['perms_groupid']]) {
479 $groupName = \TYPO3\CMS\Perm\Controller\PermissionAjaxController::renderGroupname($pageId, $data['row']['perms_groupid'], htmlspecialchars(\TYPO3\CMS\Core\Utility\GeneralUtility::fixed_lgd_cs($groupName, 20)), FALSE);
480 } else {
481 $groupName = \TYPO3\CMS\Perm\Controller\PermissionAjaxController::renderGroupname($pageId, $data['row']['perms_groupid'], htmlspecialchars(\TYPO3\CMS\Core\Utility\GeneralUtility::fixed_lgd_cs($groupName, 20)));
482 }
483 // Seeing if editing of permissions are allowed for that page:
484 $editPermsAllowed = $data['row']['perms_userid'] == $GLOBALS['BE_USER']->user['uid'] || $GLOBALS['BE_USER']->isAdmin();
485 // First column:
486 $cellAttrib = $data['row']['_CSSCLASS'] ? ' class="' . $data['row']['_CSSCLASS'] . '"' : '';
487 $cells[] = '
488 <td align="left" nowrap="nowrap"' . ($cellAttrib ? $cellAttrib : $bgCol) . '>' . $data['HTML'] . htmlspecialchars(\TYPO3\CMS\Core\Utility\GeneralUtility::fixed_lgd_cs($data['row']['title'], $tLen)) . '&nbsp;</td>';
489 // "Edit permissions" -icon
490 if ($editPermsAllowed && $pageId) {
491 $aHref = \TYPO3\CMS\Backend\Utility\BackendUtility::getModuleUrl('web_perm') . '&mode=' . $this->MOD_SETTINGS['mode'] . '&depth=' . $this->MOD_SETTINGS['depth'] . '&id=' . ($data['row']['_ORIG_uid'] ? $data['row']['_ORIG_uid'] : $pageId) . '&return_id=' . $this->id . '&edit=1';
492 $cells[] = '
493 <td' . $bgCol . '><a href="' . htmlspecialchars($aHref) . '" title="' . $GLOBALS['LANG']->getLL('ch_permissions', 1) . '">' . \TYPO3\CMS\Backend\Utility\IconUtility::getSpriteIcon('actions-document-open') . '</a></td>';
494 } else {
495 $cells[] = '
496 <td' . $bgCol . '></td>';
497 }
498
499 $cells[] = '
500 <td' . $bgCol . ' class="center"><img' . \TYPO3\CMS\Backend\Utility\IconUtility::skinImg($GLOBALS['BACK_PATH'], 'gfx/line.gif', 'width="5" height="16"') . ' alt="" /></td>
501 <td' . $bgCol . ' nowrap="nowrap">' . ($pageId ? \TYPO3\CMS\Perm\Controller\PermissionAjaxController::renderPermissions($data['row']['perms_user'], $pageId, 'user') . ' ' . $userName : '') . '</td>
502
503 <td' . $bgCol . ' class="center"><img' . \TYPO3\CMS\Backend\Utility\IconUtility::skinImg($GLOBALS['BACK_PATH'], 'gfx/line.gif', 'width="5" height="16"') . ' alt="" /></td>
504 <td' . $bgCol . ' nowrap="nowrap">' . ($pageId ? \TYPO3\CMS\Perm\Controller\PermissionAjaxController::renderPermissions($data['row']['perms_group'], $pageId, 'group') . ' ' . $groupName : '') . '</td>
505
506 <td' . $bgCol . ' class="center"><img' . \TYPO3\CMS\Backend\Utility\IconUtility::skinImg($GLOBALS['BACK_PATH'], 'gfx/line.gif', 'width="5" height="16"') . ' alt="" /></td>
507 <td' . $bgCol . ' nowrap="nowrap">' . ($pageId ? ' ' . \TYPO3\CMS\Perm\Controller\PermissionAjaxController::renderPermissions($data['row']['perms_everybody'], $pageId, 'everybody') : '') . '</td>
508
509 <td' . $bgCol . ' class="center"><img' . \TYPO3\CMS\Backend\Utility\IconUtility::skinImg($GLOBALS['BACK_PATH'], 'gfx/line.gif', 'width="5" height="16"') . ' alt="" /></td>
510 <td' . $bgCol . ' nowrap="nowrap">' . ($data['row']['editlock'] ? '<span id="el_' . $pageId . '" class="editlock"><a class="editlock" onclick="WebPermissions.toggleEditLock(\'' . $pageId . '\', \'1\');" title="' . $GLOBALS['LANG']->getLL('EditLock_descr', 1) . '">' . \TYPO3\CMS\Backend\Utility\IconUtility::getSpriteIcon('status-warning-lock') . '</a></span>' : ($pageId === 0 ? '' : '<span id="el_' . $pageId . '" class="editlock"><a class="editlock" onclick="WebPermissions.toggleEditLock(\'' . $pageId . '\', \'0\');" title="Enable the &raquo;Admin-only&laquo; edit lock for this page">[+]</a></span>')) . '</td>
511 ';
512 // Compile table row:
513 $code .= '
514 <tr>
515 ' . implode('
516 ', $cells) . '
517 </tr>';
518 }
519 // Wrap rows in table tags:
520 $code = '<table border="0" cellspacing="0" cellpadding="0" id="typo3-permissionList">' . $code . '</table>';
521 // Adding the content as a section:
522 $this->content .= $this->doc->section('', $code);
523 // CSH for permissions setting
524 $this->content .= \TYPO3\CMS\Backend\Utility\BackendUtility::cshItem('xMOD_csh_corebe', 'perm_module', $GLOBALS['BACK_PATH'], '<br />|');
525 // Creating legend table:
526 $legendText = '<strong>' . $GLOBALS['LANG']->getLL('1', 1) . '</strong>: ' . $GLOBALS['LANG']->getLL('1_t', 1);
527 $legendText .= '<br /><strong>' . $GLOBALS['LANG']->getLL('16', 1) . '</strong>: ' . $GLOBALS['LANG']->getLL('16_t', 1);
528 $legendText .= '<br /><strong>' . $GLOBALS['LANG']->getLL('2', 1) . '</strong>: ' . $GLOBALS['LANG']->getLL('2_t', 1);
529 $legendText .= '<br /><strong>' . $GLOBALS['LANG']->getLL('4', 1) . '</strong>: ' . $GLOBALS['LANG']->getLL('4_t', 1);
530 $legendText .= '<br /><strong>' . $GLOBALS['LANG']->getLL('8', 1) . '</strong>: ' . $GLOBALS['LANG']->getLL('8_t', 1);
531 $code = '<table border="0" id="typo3-legendTable">
532 <tr>
533 <td valign="top">
534 <img' . \TYPO3\CMS\Backend\Utility\IconUtility::skinImg($GLOBALS['BACK_PATH'], 'gfx/legend.gif', 'width="86" height="75"') . ' alt="" />
535 </td>
536 <td valign="top" nowrap="nowrap">' . $legendText . '</td>
537 </tr>
538 </table>';
539 $code .= '<div id="perm-legend">' . $GLOBALS['LANG']->getLL('def', 1);
540 $code .= '<br /><br />' . \TYPO3\CMS\Backend\Utility\IconUtility::getSpriteIcon('status-status-permission-granted') . ': ' . $GLOBALS['LANG']->getLL('A_Granted', 1);
541 $code .= '<br />' . \TYPO3\CMS\Backend\Utility\IconUtility::getSpriteIcon('status-status-permission-denied') . ': ' . $GLOBALS['LANG']->getLL('A_Denied', 1);
542 $code .= '</div>';
543 // Adding section with legend code:
544 $this->content .= $this->doc->spacer(20);
545 $this->content .= $this->doc->section($GLOBALS['LANG']->getLL('Legend') . ':', $code, 0, 1);
546 }
547
548 /*****************************
549 *
550 * Helper functions
551 *
552 *****************************/
553 /**
554 * Print a checkbox for the edit-permission form
555 *
556 * @param string $checkName Checkbox name key
557 * @param integer $num Checkbox number index
558 * @return string HTML checkbox
559 */
560 public function printCheckBox($checkName, $num) {
561 $onclick = 'checkChange(\'check[' . $checkName . ']\', \'data[pages][' . $GLOBALS['SOBE']->id . '][' . $checkName . ']\')';
562 return '<input type="checkbox" name="check[' . $checkName . '][' . $num . ']" onclick="' . htmlspecialchars($onclick) . '" /><br />';
563 }
564
565 /**
566 * Finding tree and offer setting of values recursively.
567 *
568 * @param integer $id Page id.
569 * @param string $perms_clause Select clause
570 * @return string Select form element for recursive levels (if any levels are found)
571 */
572 public function getRecursiveSelect($id, $perms_clause) {
573 // Initialize tree object:
574 $tree = \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance('TYPO3\\CMS\\Backend\\Tree\\View\\PageTreeView');
575 $tree->init('AND ' . $perms_clause);
576 $tree->addField('perms_userid', 1);
577 $tree->makeHTML = 0;
578 $tree->setRecs = 1;
579 // Make tree:
580 $tree->getTree($id, $this->getLevels, '');
581 // If there are a hierarchy of page ids, then...
582 if ($GLOBALS['BE_USER']->user['uid'] && count($tree->orig_ids_hierarchy)) {
583 // Init:
584 $label_recur = $GLOBALS['LANG']->getLL('recursive');
585 $label_levels = $GLOBALS['LANG']->getLL('levels');
586 $label_pA = $GLOBALS['LANG']->getLL('pages_affected');
587 $theIdListArr = array();
588 $opts = '
589 <option value=""></option>';
590 // Traverse the number of levels we want to allow recursive setting of permissions for:
591 for ($a = $this->getLevels; $a > 0; $a--) {
592 if (is_array($tree->orig_ids_hierarchy[$a])) {
593 foreach ($tree->orig_ids_hierarchy[$a] as $theId) {
594 if ($GLOBALS['BE_USER']->isAdmin() || $GLOBALS['BE_USER']->user['uid'] == $tree->recs[$theId]['perms_userid']) {
595 $theIdListArr[] = $theId;
596 }
597 }
598 $lKey = $this->getLevels - $a + 1;
599 $opts .= '
600 <option value="' . htmlspecialchars(implode(',', $theIdListArr)) . '">' . \TYPO3\CMS\Core\Utility\GeneralUtility::deHSCentities(htmlspecialchars(($label_recur . ' ' . $lKey . ' ' . $label_levels))) . ' (' . count($theIdListArr) . ' ' . $label_pA . ')' . '</option>';
601 }
602 }
603 // Put the selector box together:
604 $theRecursiveSelect = '<br />
605 <select name="mirror[pages][' . $id . ']">
606 ' . $opts . '
607 </select>
608 <br /><br />';
609 } else {
610 $theRecursiveSelect = '';
611 }
612 // Return selector box element:
613 return $theRecursiveSelect;
614 }
615
616 }
617
618
619 ?>