[FEATURE] Add Contexts for storing data access modes
[Packages/TYPO3.CMS.git] / typo3 / sysext / core / Classes / Database / Query / Restriction / FrontendGroupRestriction.php
1 <?php
2 declare(strict_types = 1);
3 namespace TYPO3\CMS\Core\Database\Query\Restriction;
4
5 /*
6 * This file is part of the TYPO3 CMS project.
7 *
8 * It is free software; you can redistribute it and/or modify it under
9 * the terms of the GNU General Public License, either version 2
10 * of the License, or any later version.
11 *
12 * For the full copyright and license information, please read the
13 * LICENSE.txt file that was distributed with this source code.
14 *
15 * The TYPO3 project - inspiring people to share!
16 */
17
18 use TYPO3\CMS\Core\Context\Context;
19 use TYPO3\CMS\Core\Context\UserAspect;
20 use TYPO3\CMS\Core\Database\Query\Expression\CompositeExpression;
21 use TYPO3\CMS\Core\Database\Query\Expression\ExpressionBuilder;
22 use TYPO3\CMS\Core\Utility\GeneralUtility;
23
24 /**
25 * Restriction to filter records, which are limited to the given user groups
26 */
27 class FrontendGroupRestriction implements QueryRestrictionInterface
28 {
29 /**
30 * @var array
31 */
32 protected $frontendGroupIds;
33
34 /**
35 * @param array $frontendGroupIds Normalized array with user groups of currently logged in user (typically found in the Frontend Context)
36 */
37 public function __construct(array $frontendGroupIds = null)
38 {
39 if ($frontendGroupIds !== null) {
40 $this->frontendGroupIds = $frontendGroupIds;
41 } else {
42 /** @var UserAspect $frontendUserAspect */
43 $frontendUserAspect = GeneralUtility::makeInstance(Context::class)->getAspect('frontend.user');
44 $this->frontendGroupIds = $frontendUserAspect->getGroupIds();
45 }
46 }
47
48 /**
49 * Main method to build expressions for given tables
50 * Evaluates the ctrl/enablecolumns/fe_group flag of the table and adds the according restriction if set
51 *
52 * @param array $queriedTables Array of tables, where array key is table alias and value is a table name
53 * @param ExpressionBuilder $expressionBuilder Expression builder instance to add restrictions with
54 * @return CompositeExpression The result of query builder expression(s)
55 */
56 public function buildExpression(array $queriedTables, ExpressionBuilder $expressionBuilder): CompositeExpression
57 {
58 $constraints = [];
59 foreach ($queriedTables as $tableAlias => $tableName) {
60 $groupFieldName = $GLOBALS['TCA'][$tableName]['ctrl']['enablecolumns']['fe_group'] ?? null;
61 if (!empty($groupFieldName)) {
62 $fieldName = $tableAlias . '.' . $groupFieldName;
63 // Allow records where no group access has been configured (field values NULL, 0 or empty string)
64 $constraints = [
65 $expressionBuilder->isNull($fieldName),
66 $expressionBuilder->eq($fieldName, $expressionBuilder->literal('')),
67 $expressionBuilder->eq($fieldName, $expressionBuilder->literal('0')),
68 ];
69 foreach ($this->frontendGroupIds as $frontendGroupId) {
70 $constraints[] = $expressionBuilder->inSet(
71 $fieldName,
72 $expressionBuilder->literal((string)$frontendGroupId)
73 );
74 }
75 }
76 }
77 return $expressionBuilder->orX(...$constraints);
78 }
79 }