[TASK] Re-work/simplify copyright header in PHP files - Part 3
[Packages/TYPO3.CMS.git] / typo3 / sysext / core / Classes / Resource / Security / StoragePermissionsAspect.php
1 <?php
2 namespace TYPO3\CMS\Core\Resource\Security;
3
4 /**
5 * This file is part of the TYPO3 CMS project.
6 *
7 * It is free software; you can redistribute it and/or modify it under
8 * the terms of the GNU General Public License, either version 2
9 * of the License, or any later version.
10 *
11 * For the full copyright and license information, please read the
12 * LICENSE.txt file that was distributed with this source code.
13 *
14 * The TYPO3 project - inspiring people to share!
15 */
16
17 use TYPO3\CMS\Core\Authentication\BackendUserAuthentication;
18 use TYPO3\CMS\Core\Resource\Exception\FolderDoesNotExistException;
19 use TYPO3\CMS\Core\Resource\ResourceFactory;
20 use TYPO3\CMS\Core\Resource\ResourceStorage;
21
22 /**
23 * Class StoragePermissionsAspect
24 *
25 * We do not have AOP in TYPO3 for now, thus the acspect which
26 * deals with resource security is a slot which reacts on a signal
27 * on storage object creation.
28 *
29 * The aspect injects user permissions and mount points into the storage
30 * based on user or group configuration.
31 */
32 class StoragePermissionsAspect {
33
34 /**
35 * @var BackendUserAuthentication
36 */
37 protected $backendUserAuthentication;
38
39 /**
40 * @var array
41 */
42 protected $defaultStorageZeroPermissions = array(
43 'readFolder' => TRUE,
44 'readFile' => TRUE
45 );
46
47
48 /**
49 * @param BackendUserAuthentication|null $backendUserAuthentication
50 */
51 public function __construct($backendUserAuthentication = NULL) {
52 $this->backendUserAuthentication = $backendUserAuthentication ?: $GLOBALS['BE_USER'];
53 }
54
55 /**
56 * The slot for the signal in ResourceFactory where storage objects are created
57 *
58 * @param ResourceFactory $resourceFactory
59 * @param ResourceStorage $storage
60 * @return void
61 */
62 public function addUserPermissionsToStorage(ResourceFactory $resourceFactory, ResourceStorage $storage) {
63 if (!$this->backendUserAuthentication->isAdmin()) {
64 $storage->setEvaluatePermissions(TRUE);
65 if ($storage->getUid() > 0) {
66 $storage->setUserPermissions($this->backendUserAuthentication->getFilePermissionsForStorage($storage));
67 } else {
68 $storage->setEvaluatePermissions(FALSE);
69 }
70 $this->addFileMountsToStorage($storage);
71 }
72 }
73
74 /**
75 * Adds file mounts from the user's file mount records
76 *
77 * @param ResourceStorage $storage
78 * @return void
79 */
80 protected function addFileMountsToStorage(ResourceStorage $storage) {
81 foreach ($this->backendUserAuthentication->getFileMountRecords() as $fileMountRow) {
82 if ((int)$fileMountRow['base'] === (int)$storage->getUid()) {
83 try {
84 $storage->addFileMount($fileMountRow['path'], $fileMountRow);
85 } catch (FolderDoesNotExistException $e) {
86 // That file mount does not seem to be valid, fail silently
87 }
88 }
89 }
90 }
91 }