[BUGFIX] Notify about wrong backend user group setting 16/41116/5
authorNicole Cordes <typo3@cordes.co>
Mon, 13 Jul 2015 09:22:51 +0000 (11:22 +0200)
committerWouter Wolters <typo3@wouterwolters.nl>
Tue, 14 Jul 2015 21:58:06 +0000 (23:58 +0200)
An editor can't edit a plugin as long as the page content type "Insert
Plugin" isn't allowed for the backend user group even if the access to
a plugin is defined. This patch adds a notification about missing
configuration to improve usability for integrators.

Releases: master
Resolves: #61559
Change-Id: Id7c56c2514ec4525f731c101e8e6e7dbade274e1
Reviewed-on: http://review.typo3.org/41116
Reviewed-by: Susanne Moog <typo3@susannemoog.de>
Tested-by: Susanne Moog <typo3@susannemoog.de>
Reviewed-by: Wouter Wolters <typo3@wouterwolters.nl>
Tested-by: Wouter Wolters <typo3@wouterwolters.nl>
typo3/sysext/core/Classes/Hooks/BackendUserGroupIntegrityCheck.php [new file with mode: 0644]
typo3/sysext/core/ext_localconf.php
typo3/sysext/lang/locallang_core.xlf

diff --git a/typo3/sysext/core/Classes/Hooks/BackendUserGroupIntegrityCheck.php b/typo3/sysext/core/Classes/Hooks/BackendUserGroupIntegrityCheck.php
new file mode 100644 (file)
index 0000000..94bc748
--- /dev/null
@@ -0,0 +1,75 @@
+<?php
+namespace TYPO3\CMS\Core\Hooks;
+
+/*
+ * This file is part of the TYPO3 CMS project.
+ *
+ * It is free software; you can redistribute it and/or modify it under
+ * the terms of the GNU General Public License, either version 2
+ * of the License, or any later version.
+ *
+ * For the full copyright and license information, please read the
+ * LICENSE.txt file that was distributed with this source code.
+ *
+ * The TYPO3 project - inspiring people to share!
+ */
+
+use TYPO3\CMS\Backend\Utility\BackendUtility;
+use TYPO3\CMS\Core\DataHandling\DataHandler;
+use TYPO3\CMS\Core\Messaging\FlashMessage;
+use TYPO3\CMS\Core\Messaging\FlashMessageQueue;
+use TYPO3\CMS\Core\Messaging\FlashMessageService;
+use TYPO3\CMS\Core\SingletonInterface;
+use TYPO3\CMS\Core\Utility\GeneralUtility;
+use TYPO3\CMS\Core\Utility\StringUtility;
+use TYPO3\CMS\Lang\LanguageService;
+
+/**
+ * DataHandler hook class to check the integrity of submitted be_groups data
+ */
+class BackendUserGroupIntegrityCheck {
+
+       /**
+        * @param string $status
+        * @param string $table
+        * @param int $id
+        * @param array $fieldArray
+        * @param DataHandler $parentObject
+        */
+       public function processDatamap_afterDatabaseOperations($status, $table, $id, $fieldArray, $parentObject) {
+               if ($table !== 'be_groups' || $GLOBALS['TYPO3_CONF_VARS']['BE']['explicitADmode'] !== 'explicitAllow') {
+                       return;
+               }
+
+               $backendUserGroup = BackendUtility::getRecord($table, $id, 'explicit_allowdeny');
+               $explicitAllowDenyFields = GeneralUtility::trimExplode(',', $backendUserGroup['explicit_allowdeny']);
+               foreach ($explicitAllowDenyFields as $value) {
+                       if (StringUtility::beginsWith($value, 'tt_content:list_type:')) {
+                               if (!in_array('tt_content:CType:list:ALLOW', $explicitAllowDenyFields, TRUE)) {
+                                       /** @var $flashMessage FlashMessage */
+                                       $flashMessage = GeneralUtility::makeInstance(
+                                               FlashMessage::class,
+                                               $this->getLanguageService()->sl('LLL:EXT:lang/locallang_core.xlf:error.backendUserGroupListTypeError.message'),
+                                               $this->getLanguageService()->sl('LLL:EXT:lang/locallang_core.xlf:error.backendUserGroupListTypeError.header'),
+                                               FlashMessage::WARNING,
+                                               TRUE
+                                       );
+                                       /** @var $flashMessageService FlashMessageService */
+                                       $flashMessageService = GeneralUtility::makeInstance(FlashMessageService::class);
+                                       /** @var $defaultFlashMessageQueue FlashMessageQueue */
+                                       $defaultFlashMessageQueue = $flashMessageService->getMessageQueueByIdentifier();
+                                       $defaultFlashMessageQueue->enqueue($flashMessage);
+                               }
+                               return;
+                       }
+               }
+       }
+
+       /**
+        * @return LanguageService
+        */
+       protected function getLanguageService() {
+               return $GLOBALS['LANG'];
+       }
+
+}
index 69eb610..6e2b5e3 100644 (file)
@@ -13,6 +13,7 @@ if (TYPO3_MODE === 'BE' && !(TYPO3_REQUESTTYPE & TYPO3_REQUESTTYPE_INSTALL)) {
                'addUserPermissionsToStorage'
        );
        $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_tcemain.php']['processDatamapClass'][] = 'TYPO3\\CMS\\Core\\Resource\\Security\\FileMetadataPermissionsAspect';
+       $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_tcemain.php']['processDatamapClass'][] = 'TYPO3\\CMS\\Core\\Hooks\\BackendUserGroupIntegrityCheck';
        $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/alt_doc.php']['makeEditForm_accessCheck'][] = 'TYPO3\\CMS\\Core\\Resource\\Security\\FileMetadataPermissionsAspect->isAllowedToShowEditForm';
        $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_tceforms_inline.php']['checkAccess'][] = 'TYPO3\\CMS\\Core\\Resource\\Security\\FileMetadataPermissionsAspect->isAllowedToShowEditForm';
        $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_tcemain.php']['checkModifyAccessList'][] = 'TYPO3\\CMS\\Core\\Resource\\Security\\FileMetadataPermissionsAspect';
index af3adce..d26e52d 100644 (file)
@@ -1143,6 +1143,12 @@ Check also the following points:\n
                        <trans-unit id="error.invalidEmail">
                                <source>"%s" is not a valid e-mail address.</source>
                        </trans-unit>
+                       <trans-unit id="error.backendUserGroupListTypeError.header">
+                               <source>Possible misconfiguration detected</source>
+                       </trans-unit>
+                       <trans-unit id="error.backendUserGroupListTypeError.message">
+                               <source>Editing of at least one plugin was enabled but editing the page content type "Insert Plugin" is still disallowed. Group members won't be able to edit plugins unless you activate editing for the content type.</source>
+                       </trans-unit>
                </body>
        </file>
 </xliff>