2 declare(strict_types
= 1);
3 namespace TYPO3\CMS\Frontend\Middleware
;
6 * This file is part of the TYPO3 CMS project.
8 * It is free software; you can redistribute it and/or modify it under
9 * the terms of the GNU General Public License, either version 2
10 * of the License, or any later version.
12 * For the full copyright and license information, please read the
13 * LICENSE.txt file that was distributed with this source code.
15 * The TYPO3 project - inspiring people to share!
18 use Psr\Http\Message\ResponseInterface
;
19 use Psr\Http\Message\ServerRequestInterface
;
20 use Psr\Http\Server\MiddlewareInterface
;
21 use Psr\Http\Server\RequestHandlerInterface
;
22 use TYPO3\CMS\Core\Type\Bitmask\Permission
;
23 use TYPO3\CMS\Core\Utility\GeneralUtility
;
24 use TYPO3\CMS\Frontend\Controller\TypoScriptFrontendController
;
27 * Process the ID, type and other parameters.
28 * After this point we have an array, TSFE->page, which is the page-record of the current page, $TSFE->id.
30 * Now, if there is a backend user logged in and he has NO access to this page,
31 * then re-evaluate the id shown!
33 class PageResolver
implements MiddlewareInterface
38 * @param ServerRequestInterface $request
39 * @param RequestHandlerInterface $handler
40 * @return ResponseInterface
42 public function process(ServerRequestInterface
$request, RequestHandlerInterface
$handler): ResponseInterface
44 $GLOBALS['TSFE']->siteScript
= $request->getAttribute('normalizedParams')->getSiteScript();
45 $this->checkAlternativeIdMethods($GLOBALS['TSFE']);
46 $GLOBALS['TSFE']->clear_preview();
47 $GLOBALS['TSFE']->determineId();
49 // No access? Then remove user & Re-evaluate the page-id
50 if ($GLOBALS['TSFE']->isBackendUserLoggedIn() && !$GLOBALS['BE_USER']->doesUserHaveAccess($GLOBALS['TSFE']->page
, Permission
::PAGE_SHOW
)) {
51 unset($GLOBALS['BE_USER']);
52 $GLOBALS['TSFE']->beUserLogin
= false;
53 $this->checkAlternativeIdMethods($GLOBALS['TSFE']);
54 $GLOBALS['TSFE']->clear_preview();
55 $GLOBALS['TSFE']->determineId();
58 // Evaluate the cache hash parameter
59 $GLOBALS['TSFE']->makeCacheHash();
61 return $handler->handle($request);
65 * Provides ways to bypass the '?id=[xxx]&type=[xx]' format, using either PATH_INFO or Server Rewrites
68 * 1) Use PATH_INFO (also Apache) to extract id and type from that var. Does not require any special modules compiled with apache. (less typical)
69 * 2) Using hook which enables features like those provided from "realurl" extension (AKA "Speaking URLs")
71 protected function checkAlternativeIdMethods(TypoScriptFrontendController
$tsfe)
73 // Call post processing function for custom URL methods.
74 $_params = ['pObj' => &$tsfe];
75 foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['tslib/class.tslib_fe.php']['checkAlternativeIdMethods-PostProc'] ??
[] as $_funcRef) {
76 GeneralUtility
::callUserFunction($_funcRef, $_params, $tsfe);