[BUGFIX] Only access FAL security checks when in Backend 44/54344/2
authorBenni Mack <benni@typo3.org>
Fri, 6 Oct 2017 15:34:52 +0000 (17:34 +0200)
committerBenni Mack <benni@typo3.org>
Tue, 10 Oct 2017 08:15:47 +0000 (10:15 +0200)
commit37be4760371dca172de0d05d9be9d318c28847b3
treeb45c2511dbce3b8c39f0c0feb390c2c16a30847c
parent0089a7c7e5f61cfee8434195e8726ff243f9ac17
[BUGFIX] Only access FAL security checks when in Backend

The FAL security checks which adds additional checks for Backend Users
are currently placed within TYPO3_MODE === BE which applies to CLI as well.

In order to even use the FAL API via CLI, a user has to be authenticated (just for
browsing files). Therefore, the check needs to be handled via TYPO3_REQUEST_TYPE
which excludes symfony commands on CLI basis.

Additionally, the REQUEST TYPE checks are handled within the Slot and not
when to register the hook (see other cleanup patch as well).

Resolves: #82691
Releases: master, 8.7
Change-Id: I7b895a119a17ea166331eb1dbcb75e57fffbd388
Reviewed-on: https://review.typo3.org/54344
Tested-by: TYPO3com <no-reply@typo3.com>
Reviewed-by: Benni Mack <benni@typo3.org>
Tested-by: Benni Mack <benni@typo3.org>
typo3/sysext/backend/Classes/Security/CategoryPermissionsAspect.php
typo3/sysext/backend/ext_localconf.php
typo3/sysext/core/Classes/Resource/Security/StoragePermissionsAspect.php
typo3/sysext/core/ext_localconf.php