[!!!][TASK] TCA: Remove wizard _HIDDENFIELD and hideParent
[Packages/TYPO3.CMS.git] / typo3 / sysext / backend / Classes / FrontendBackendUserAuthentication.php
1 <?php
2 namespace TYPO3\CMS\Backend;
3
4 /*
5 * This file is part of the TYPO3 CMS project.
6 *
7 * It is free software; you can redistribute it and/or modify it under
8 * the terms of the GNU General Public License, either version 2
9 * of the License, or any later version.
10 *
11 * For the full copyright and license information, please read the
12 * LICENSE.txt file that was distributed with this source code.
13 *
14 * The TYPO3 project - inspiring people to share!
15 */
16
17 use TYPO3\CMS\Core\Cache\Frontend\FrontendInterface;
18 use TYPO3\CMS\Core\Utility\GeneralUtility;
19 use TYPO3\CMS\Lang\LanguageService;
20
21 /**
22 * TYPO3 backend user authentication in the TSFE frontend.
23 * This includes mainly functions related to the Admin Panel
24 *
25 * @author Kasper Skårhøj <kasperYYYY@typo3.com>
26 */
27 class FrontendBackendUserAuthentication extends \TYPO3\CMS\Core\Authentication\BackendUserAuthentication {
28
29 /**
30 * Form field with login name.
31 *
32 * @var string
33 */
34 public $formfield_uname = '';
35
36 /**
37 * Form field with password.
38 *
39 * @var string
40 */
41 public $formfield_uident = '';
42
43 /**
44 * Decides if the writelog() function is called at login and logout.
45 *
46 * @var bool
47 */
48 public $writeStdLog = FALSE;
49
50 /**
51 * If the writelog() functions is called if a login-attempt has be tried without success.
52 *
53 * @var bool
54 */
55 public $writeAttemptLog = FALSE;
56
57 /**
58 * Array of page related information (uid, title, depth).
59 *
60 * @var array
61 */
62 public $extPageInTreeInfo = array();
63
64 /**
65 * General flag which is set if the adminpanel is enabled at all.
66 *
67 * @var bool
68 */
69 public $extAdmEnabled = FALSE;
70
71 /**
72 * @var \TYPO3\CMS\Frontend\View\AdminPanelView Instance of admin panel
73 */
74 public $adminPanel = NULL;
75
76 /**
77 * @var \TYPO3\CMS\Core\FrontendEditing\FrontendEditingController
78 */
79 public $frontendEdit = NULL;
80
81 /**
82 * @var array
83 */
84 public $extAdminConfig = array();
85
86 /**
87 * Initializes the admin panel.
88 *
89 * @return void
90 */
91 public function initializeAdminPanel() {
92 $this->extAdminConfig = $this->getTSConfigProp('admPanel');
93 if (isset($this->extAdminConfig['enable.'])) {
94 foreach ($this->extAdminConfig['enable.'] as $value) {
95 if ($value) {
96 $this->adminPanel = GeneralUtility::makeInstance(\TYPO3\CMS\Frontend\View\AdminPanelView::class);
97 $this->extAdmEnabled = TRUE;
98 break;
99 }
100 }
101 }
102 }
103
104 /**
105 * Initializes frontend editing.
106 *
107 * @return void
108 */
109 public function initializeFrontendEdit() {
110 if (isset($this->extAdminConfig['enable.']) && $this->isFrontendEditingActive()) {
111 foreach ($this->extAdminConfig['enable.'] as $value) {
112 if ($value) {
113 if ($GLOBALS['TSFE'] instanceof \TYPO3\CMS\Frontend\Controller\TypoScriptFrontendController) {
114 // Grab the Page TSConfig property that determines which controller to use.
115 $pageTSConfig = $GLOBALS['TSFE']->getPagesTSconfig();
116 $controllerKey = isset($pageTSConfig['TSFE.']['frontendEditingController'])
117 ? $pageTSConfig['TSFE.']['frontendEditingController']
118 : 'default';
119 } else {
120 $controllerKey = 'default';
121 }
122 $controllerClass = $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_tsfebeuserauth.php']['frontendEditingController'][$controllerKey];
123 if ($controllerClass) {
124 $this->frontendEdit = GeneralUtility::getUserObj($controllerClass, FALSE);
125 }
126 break;
127 }
128 }
129 }
130 }
131
132 /**
133 * Determines whether frontend editing is currently active.
134 *
135 * @return bool Whether frontend editing is active
136 */
137 public function isFrontendEditingActive() {
138 return $this->extAdmEnabled && (
139 $this->adminPanel->isAdminModuleEnabled('edit') ||
140 $GLOBALS['TSFE']->displayEditIcons == 1 ||
141 $GLOBALS['TSFE']->displayFieldEditIcons == 1
142 );
143 }
144
145 /**
146 * Delegates to the appropriate view and renders the admin panel content.
147 *
148 * @return string.
149 */
150 public function displayAdminPanel() {
151 return $this->adminPanel->display();
152 }
153
154 /**
155 * Determines whether the admin panel is enabled and visible.
156 *
157 * @return bool Whether the admin panel is enabled and visible
158 */
159 public function isAdminPanelVisible() {
160 return $this->extAdmEnabled && !$this->extAdminConfig['hide'] && $GLOBALS['TSFE']->config['config']['admPanel'];
161 }
162
163 /*****************************************************
164 *
165 * TSFE BE user Access Functions
166 *
167 ****************************************************/
168 /**
169 * Implementing the access checks that the TYPO3 CMS bootstrap script does before a user is ever logged in.
170 * Used in the frontend.
171 *
172 * @return bool Returns TRUE if access is OK
173 */
174 public function checkBackendAccessSettingsFromInitPhp() {
175 // Check Hardcoded lock on BE
176 if ($GLOBALS['TYPO3_CONF_VARS']['BE']['adminOnly'] < 0) {
177 return FALSE;
178 }
179 // Check IP
180 if (trim($GLOBALS['TYPO3_CONF_VARS']['BE']['IPmaskList'])) {
181 $remoteAddress = GeneralUtility::getIndpEnv('REMOTE_ADDR');
182 if (!GeneralUtility::cmpIP($remoteAddress, $GLOBALS['TYPO3_CONF_VARS']['BE']['IPmaskList'])) {
183 return FALSE;
184 }
185 }
186 // Check SSL (https)
187 if ((int)$GLOBALS['TYPO3_CONF_VARS']['BE']['lockSSL'] && (int)$GLOBALS['TYPO3_CONF_VARS']['BE']['lockSSL'] !== 3) {
188 if (!GeneralUtility::getIndpEnv('TYPO3_SSL')) {
189 return FALSE;
190 }
191 }
192 // Finally a check from \TYPO3\CMS\Core\Authentication\BackendUserAuthentication::backendCheckLogin()
193 if ($this->isUserAllowedToLogin()) {
194 return TRUE;
195 } else {
196 return FALSE;
197 }
198 }
199
200 /**
201 * Evaluates if the Backend User has read access to the input page record.
202 * The evaluation is based on both read-permission and whether the page is found in one of the users webmounts.
203 * Only if both conditions are TRUE will the function return TRUE.
204 * Read access means that previewing is allowed etc.
205 * Used in index_ts.php
206 *
207 * @param array $pageRec The page record to evaluate for
208 * @return bool TRUE if read access
209 */
210 public function extPageReadAccess($pageRec) {
211 return $this->isInWebMount($pageRec['uid']) && $this->doesUserHaveAccess($pageRec, 1);
212 }
213
214 /*****************************************************
215 *
216 * TSFE BE user Access Functions
217 *
218 ****************************************************/
219 /**
220 * Generates a list of Page-uid's from $id. List does not include $id itself
221 * The only pages excluded from the list are deleted pages.
222 *
223 * @param int $id Start page id
224 * @param int $depth Depth to traverse down the page tree.
225 * @param int $begin Is an optional integer that determines at which level in the tree to start collecting uid's. Zero means 'start right away', 1 = 'next level and out'
226 * @param string $perms_clause Perms clause
227 * @return string Returns the list with a comma in the end (if any pages selected!)
228 */
229 public function extGetTreeList($id, $depth, $begin = 0, $perms_clause) {
230 $depth = (int)$depth;
231 $begin = (int)$begin;
232 $id = (int)$id;
233 $theList = '';
234 if ($id && $depth > 0) {
235 $where = 'pid=' . $id . ' AND doktype IN (' . $GLOBALS['TYPO3_CONF_VARS']['FE']['content_doktypes']
236 . ') AND deleted=0 AND ' . $perms_clause;
237 $res = $this->db->exec_SELECTquery('uid,title', 'pages', $where);
238 while (($row = $this->db->sql_fetch_assoc($res))) {
239 if ($begin <= 0) {
240 $theList .= $row['uid'] . ',';
241 $this->extPageInTreeInfo[] = array($row['uid'], htmlspecialchars($row['title'], $depth));
242 }
243 if ($depth > 1) {
244 $theList .= $this->extGetTreeList($row['uid'], $depth - 1, $begin - 1, $perms_clause);
245 }
246 }
247 $this->db->sql_free_result($res);
248 }
249 return $theList;
250 }
251
252 /**
253 * Returns the number of cached pages for a page id.
254 *
255 * @param int $pageId The page id.
256 * @return int The number of pages for this page in the table "cache_pages
257 */
258 public function extGetNumberOfCachedPages($pageId) {
259 /** @var FrontendInterface $pageCache */
260 $pageCache = GeneralUtility::makeInstance(\TYPO3\CMS\Core\Cache\CacheManager::class)->getCache('cache_pages');
261 $pageCacheEntries = $pageCache->getByTag('pageId_' . (int)$pageId);
262 return count($pageCacheEntries);
263 }
264
265 /*****************************************************
266 *
267 * Localization handling
268 *
269 ****************************************************/
270 /**
271 * Returns the label for key. If a translation for the language set in $this->uc['lang']
272 * is found that is returned, otherwise the default value.
273 * If the global variable $LOCAL_LANG is NOT an array (yet) then this function loads
274 * the global $LOCAL_LANG array with the content of "sysext/lang/locallang_tsfe.xlf"
275 * such that the values therein can be used for labels in the Admin Panel
276 *
277 * @param string $key Key for a label in the $GLOBALS['LOCAL_LANG'] array of "sysext/lang/locallang_tsfe.xlf
278 * @return string The value for the $key
279 */
280 public function extGetLL($key) {
281 if (!is_array($GLOBALS['LOCAL_LANG'])) {
282 $this->getLanguageService()->includeLLFile('EXT:lang/locallang_tsfe.xlf');
283 if (!is_array($GLOBALS['LOCAL_LANG'])) {
284 $GLOBALS['LOCAL_LANG'] = array();
285 }
286 }
287 // Label string in the default backend output charset.
288 $labelStr = htmlspecialchars($this->getLanguageService()->getLL($key));
289 $labelStr = $this->getLanguageService()->csConvObj->utf8_to_entities($labelStr);
290 // Return the result:
291 return $labelStr;
292 }
293
294 /**
295 * @return LanguageService
296 */
297 protected function getLanguageService() {
298 return $GLOBALS['LANG'];
299 }
300
301 }