[TASK] Streamline escaping for ViewHelpers of all sysexts
[Packages/TYPO3.CMS.git] / typo3 / sysext / beuser / Classes / ViewHelpers / RemoveUserViewHelper.php
1 <?php
2 namespace TYPO3\CMS\Beuser\ViewHelpers;
3
4 /*
5 * This file is part of the TYPO3 CMS project.
6 *
7 * It is free software; you can redistribute it and/or modify it under
8 * the terms of the GNU General Public License, either version 2
9 * of the License, or any later version.
10 *
11 * For the full copyright and license information, please read the
12 * LICENSE.txt file that was distributed with this source code.
13 *
14 * The TYPO3 project - inspiring people to share!
15 */
16
17 use TYPO3\CMS\Backend\Utility\BackendUtility;
18 use TYPO3\CMS\Beuser\Domain\Model\BackendUser;
19 use TYPO3\CMS\Core\Authentication\BackendUserAuthentication;
20 use TYPO3\CMS\Core\Imaging\Icon;
21 use TYPO3\CMS\Core\Imaging\IconFactory;
22 use TYPO3\CMS\Core\Utility\GeneralUtility;
23 use TYPO3\CMS\Extbase\Utility\LocalizationUtility;
24 use TYPO3\CMS\Fluid\Core\ViewHelper\AbstractViewHelper;
25 use TYPO3Fluid\Fluid\Core\Rendering\RenderingContextInterface;
26
27 /**
28 * Displays 'Delete user' link with sprite icon to remove user
29 *
30 * @internal
31 */
32 class RemoveUserViewHelper extends AbstractViewHelper
33 {
34 /**
35 * As this ViewHelper renders HTML, the output must not be escaped.
36 *
37 * @var bool
38 */
39 protected $escapeOutput = false;
40
41 /**
42 * Render link with sprite icon to remove user
43 *
44 * @param \TYPO3\CMS\Beuser\Domain\Model\BackendUser $backendUser Target backendUser to switch active session to
45 * @return string
46 */
47 public function render(BackendUser $backendUser)
48 {
49 return static::renderStatic(
50 array(
51 'backendUser' => $backendUser
52 ),
53 $this->buildRenderChildrenClosure(),
54 $this->renderingContext
55 );
56 }
57
58 /**
59 * @param array $arguments
60 * @param \Closure $renderChildrenClosure
61 * @param RenderingContextInterface $renderingContext
62 *
63 * @return string
64 */
65 public static function renderStatic(array $arguments, \Closure $renderChildrenClosure, RenderingContextInterface $renderingContext)
66 {
67 /** @var \TYPO3\CMS\Beuser\Domain\Model\BackendUser $backendUser */
68 $backendUser = $arguments['backendUser'];
69 /** @var BackendUserAuthentication $beUser */
70 $beUser = $GLOBALS['BE_USER'];
71 /** @var IconFactory $iconFactory */
72 $iconFactory = GeneralUtility::makeInstance(IconFactory::class);
73 if ($backendUser->getUid() === (int)$beUser->user['uid']) {
74 return '<span class="btn btn-default disabled">' . $iconFactory->getIcon('empty-empty', Icon::SIZE_SMALL)->render() . '</span>';
75 }
76
77 $urlParameters = [
78 'cmd[be_users][' . $backendUser->getUid() . '][delete]' => 1,
79 'vC' => $beUser->veriCode(),
80 'prErr' => 1,
81 'uPT' => 1,
82 'redirect' => GeneralUtility::getIndpEnv('REQUEST_URI')
83 ];
84 $url = BackendUtility::getModuleUrl('tce_db', $urlParameters);
85
86 return '<a class="btn btn-default t3js-modal-trigger" href="' . htmlspecialchars($url) . '"'
87 . ' data-severity="warning"'
88 . ' data-title="' . htmlspecialchars($GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_alt_doc.xlf:label.confirm.delete_record.title')) . '"'
89 . ' data-content="' . htmlspecialchars(LocalizationUtility::translate('confirm', 'beuser', array($backendUser->getUserName()))) . '" '
90 . ' data-button-close-text="' . htmlspecialchars($GLOBALS['LANG']->sL('LLL:EXT:lang/locallang_common.xlf:cancel')) . '"'
91 . '>' . $iconFactory->getIcon('actions-edit-delete', Icon::SIZE_SMALL)->render() . '</a>';
92 }
93 }