[BUGFIX] Fix parameter type in BackendModuleRequestHandler 68/51868/2
authorBenni Mack <benni@typo3.org>
Mon, 27 Feb 2017 05:37:18 +0000 (06:37 +0100)
committerWouter Wolters <typo3@wouterwolters.nl>
Mon, 27 Feb 2017 06:29:35 +0000 (07:29 +0100)
The function
\TYPO3\CMS\Core\Authentication\BackendUserAuthentication
->getPagePermsClause accepts only an integer value as parameter,
but a boolean value is given in
TYPO3\CMS\Backend\Http\BackendModuleRequestHandler->dispatchModule

Resolves: #79949
Releases: master, 7.6
Change-Id: I6d0e6049ce2f68f361853f5c5ea50984c9448347
Reviewed-on: https://review.typo3.org/51868
Tested-by: TYPO3com <no-reply@typo3.com>
Reviewed-by: Markus Hölzle <typo3@markus-hoelzle.de>
Tested-by: Markus Hölzle <typo3@markus-hoelzle.de>
Reviewed-by: Thomas Hohn <thomas@hohn.dk>
Reviewed-by: Wouter Wolters <typo3@wouterwolters.nl>
Tested-by: Wouter Wolters <typo3@wouterwolters.nl>
typo3/sysext/backend/Classes/Http/BackendModuleRequestHandler.php

index bc78485..ad62e9c 100644 (file)
@@ -24,6 +24,7 @@ use TYPO3\CMS\Core\FormProtection\FormProtectionFactory;
 use TYPO3\CMS\Core\Http\Dispatcher;
 use TYPO3\CMS\Core\Http\RequestHandlerInterface;
 use TYPO3\CMS\Core\Http\Response;
+use TYPO3\CMS\Core\Type\Bitmask\Permission;
 use TYPO3\CMS\Core\Utility\GeneralUtility;
 use TYPO3\CMS\Core\Utility\MathUtility;
 
@@ -181,7 +182,7 @@ class BackendModuleRequestHandler implements RequestHandlerInterface
         $this->backendUserAuthentication->modAccess($moduleConfiguration, true);
         $id = isset($this->request->getQueryParams()['id']) ? $this->request->getQueryParams()['id'] : $this->request->getParsedBody()['id'];
         if ($id && MathUtility::canBeInterpretedAsInteger($id)) {
-            $permClause = $this->backendUserAuthentication->getPagePermsClause(true);
+            $permClause = $this->backendUserAuthentication->getPagePermsClause(Permission::PAGE_SHOW);
             // Check page access
             $access = is_array(BackendUtility::readPageAccess((int)$id, $permClause));
             if (!$access) {