[BUGFIX] Sanitize loading first module 27/50227/4
authorWouter Wolters <typo3@wouterwolters.nl>
Fri, 14 Oct 2016 13:00:29 +0000 (15:00 +0200)
committerFrank Naegler <frank.naegler@typo3.org>
Fri, 14 Oct 2016 14:05:04 +0000 (16:05 +0200)
Suppress an invalid content iframe call if a
user logs in with no access rights to main modules.

Resolves: #78297
Related: #52877
Releases: master
Change-Id: I909ad485b55f2769959076011338fed2ec5a4758
Reviewed-on: https://review.typo3.org/50227
Reviewed-by: Christian Kuhn <lolli@schwarzbu.ch>
Tested-by: Christian Kuhn <lolli@schwarzbu.ch>
Tested-by: TYPO3com <no-reply@typo3.com>
Reviewed-by: Frank Naegler <frank.naegler@typo3.org>
Tested-by: Frank Naegler <frank.naegler@typo3.org>
typo3/sysext/backend/Resources/Public/JavaScript/modulemenu.js

index f0fb429..fa7215e 100644 (file)
@@ -39,7 +39,12 @@ require(
                                        me.showModule(top.startInModule[0], top.startInModule[1]);
                                } else {
                                        // fetch first module
-                                       me.showModule($('.t3js-mainmodule:first').attr('id'));
+                                       if ($('.t3js-mainmodule:first').attr('id')) {
+                                               me.showModule($('.t3js-mainmodule:first').attr('id'));
+                                       }
+                                       // else case: the main module has no entries, this is probably a backend
+                                       // user with very little access rights, maybe only the logout button and
+                                       // a user settings module in topbar.
                                }
 
                                // check if module menu should be collapsed or not