[BUGFIX] File metadata can’t be edited inline 86/37586/6
authorBenjamin Mack <benni@typo3.org>
Mon, 15 Jun 2015 10:04:51 +0000 (12:04 +0200)
committerAndreas Wolf <andreas.wolf@typo3.org>
Tue, 16 Jun 2015 09:08:54 +0000 (11:08 +0200)
Since 2012, there is a special mechanism to allow some tables for
editing even if their records reside on a page that is inaccessible for
the user. This is checked for regular forms in
``EditDocumentController``, but the check for inline elements was
missing until this patch.

Resolves: #65563
Releases: master, 6.2
Change-Id: I6d984c28672e2b3ba225ea91f6c7292aa3e1127d
Reviewed-on: http://review.typo3.org/37586
Reviewed-by: Benjamin Mack <benni@typo3.org>
Reviewed-by: Daniel Maier <dani-maier@gmx.de>
Tested-by: Daniel Maier <dani-maier@gmx.de>
Reviewed-by: Christian Kuhn <lolli@schwarzbu.ch>
Tested-by: Christian Kuhn <lolli@schwarzbu.ch>
Reviewed-by: Andreas Wolf <andreas.wolf@typo3.org>
Tested-by: Andreas Wolf <andreas.wolf@typo3.org>
typo3/sysext/backend/Classes/Controller/EditDocumentController.php
typo3/sysext/backend/Classes/Form/Container/InlineRecordContainer.php

index 0377374..8f37925 100644 (file)
@@ -983,7 +983,7 @@ class EditDocumentController {
                                                                        }
                                                                        // Check internals regarding access:
                                                                        $isRootLevelRestrictionIgnored = BackendUtility::isRootLevelRestrictionIgnored($table);
-                                                                       if ($hasAccess || (string)$calcPRec['pid'] === '0' && $isRootLevelRestrictionIgnored) {
+                                                                       if ($hasAccess || (int)$calcPRec['pid'] === 0 && $isRootLevelRestrictionIgnored) {
                                                                                $hasAccess = $GLOBALS['BE_USER']->recordEditAccessInternals($table, $calcPRec);
                                                                                $deniedAccessReason = $GLOBALS['BE_USER']->errorMsg;
                                                                        }
index f8cc598..d456aea 100644 (file)
@@ -644,8 +644,9 @@ class InlineRecordContainer extends AbstractContainer {
                                        $CALC_PERMS = $backendUser->calcPerms(BackendUtility::getRecord('pages', $calcPRec['pid']));
                                        $hasAccess = (bool)($CALC_PERMS & Permission::CONTENT_EDIT);
                                }
-                               // Check internals regarding access:
-                               if ($hasAccess) {
+                               // Check internals regarding access
+                               $isRootLevelRestrictionIgnored = BackendUtility::isRootLevelRestrictionIgnored($table);
+                               if ($hasAccess|| (int)$calcPRec['pid'] === 0 && $isRootLevelRestrictionIgnored) {
                                        $hasAccess = (bool)$backendUser->recordEditAccessInternals($table, $calcPRec);
                                }
                        }