[BUGFIX] Do not depend on a database connection in CLI authentication 27/58427/5
authorBenjamin Franzke <bfr@qbus.de>
Wed, 26 Sep 2018 20:54:22 +0000 (22:54 +0200)
committerChristian Kuhn <lolli@schwarzbu.ch>
Sun, 30 Sep 2018 12:39:55 +0000 (14:39 +0200)
Neither the backend user authentication should try to perform
database queries, nor the extbase services.

As a side effect this allows to run the cli tool when
LocalConfiguration.php or PackageStates.php are missing,
which allows to run commands like `dumpautoload` in that case.
Note: *Only* in that case, not if a database connection
is configured, but not available – for that usecase failsafe
booting will be needed, as proposed in https://review.typo3.org/c/58298/
and/or https://review.typo3.org/c/58300/

As a drive-by we also add a null coalescing operator to
IconRegistry::registerModuleIcons() which is currently
required because ext_tables.php files are loaded in
incorrect order if PackageStates.php is missing (reported
in another bug: #86408). Although this workaround will
not be strictly required when that bug is fixed, that functions
should still properly handle that case.

Change-Id: I7d339e21160d25b5aee5dd0e2f25491a22ec83e9
Releases: master
Resolves: #86416
Related: #86408
Reviewed-on: https://review.typo3.org/58427
Tested-by: TYPO3com <no-reply@typo3.com>
Reviewed-by: Benni Mack <benni@typo3.org>
Tested-by: Benni Mack <benni@typo3.org>
Reviewed-by: Wouter Wolters <typo3@wouterwolters.nl>
Reviewed-by: Stefan Neufeind <typo3.neufeind@speedpartner.de>
Reviewed-by: Christian Kuhn <lolli@schwarzbu.ch>
Tested-by: Christian Kuhn <lolli@schwarzbu.ch>
typo3/sysext/core/Classes/Authentication/CommandLineUserAuthentication.php
typo3/sysext/core/Classes/Imaging/IconRegistry.php
typo3/sysext/extbase/Classes/Command/CoreCommand.php

index 442a37e..cfa4ee4 100644 (file)
@@ -52,6 +52,28 @@ class CommandLineUserAuthentication extends BackendUserAuthentication
     }
 
     /**
+     * Replacement for AbstactUserAuthentication::start()
+     *
+     * We do not need support for sessions, cookies, $_GET-modes, the postUserLookup hook or
+     * a database connectiona during CLI Bootstrap
+     */
+    public function start()
+    {
+        $this->logger->debug('## Beginning of auth logging.');
+        // svConfig is unused, but we set it, as the property is public and might be used by extensions
+        $this->svConfig = $GLOBALS['TYPO3_CONF_VARS']['SVCONF']['auth'] ?? [];
+    }
+
+    /**
+     * Replacement for AbstactUserAuthentication::checkAuthentication()
+     *
+     * Not required in CLI mode, therefore empty.
+     */
+    public function checkAuthentication()
+    {
+    }
+
+    /**
      * Logs-in the _CLI_ user. It does not need to check for credentials.
      *
      * @throws \RuntimeException when the user could not log in or it is an admin
index 4c647ae..e247d1b 100644 (file)
@@ -831,7 +831,7 @@ class IconRegistry implements SingletonInterface
      */
     protected function registerModuleIcons()
     {
-        $moduleConfiguration = $GLOBALS['TBE_MODULES']['_configuration'];
+        $moduleConfiguration = $GLOBALS['TBE_MODULES']['_configuration'] ?? [];
         foreach ($moduleConfiguration as $moduleKey => $singleModuleConfiguration) {
             $iconIdentifier = !empty($singleModuleConfiguration['iconIdentifier'])
                 ? $singleModuleConfiguration['iconIdentifier']
index a578da7..5a1a1bd 100644 (file)
@@ -16,6 +16,8 @@ namespace TYPO3\CMS\Extbase\Command;
 
 use Symfony\Component\Console\Application;
 use Symfony\Component\Console\Command\Command;
+use TYPO3\CMS\Core\Package\FailsafePackageManager;
+use TYPO3\CMS\Core\Package\PackageManager;
 use TYPO3\CMS\Core\Utility\GeneralUtility;
 use TYPO3\CMS\Extbase\Core\Bootstrap;
 use TYPO3\CMS\Extbase\Mvc\Cli\CommandManager;
@@ -54,6 +56,11 @@ class CoreCommand extends Command
     {
         parent::setApplication($application);
 
+        // Extbase commands can not be initialized in failsafe mode
+        if (GeneralUtility::makeInstance(PackageManager::class) instanceof FailsafePackageManager) {
+            return;
+        }
+
         // Find any registered Extbase commands
         $this->extbaseBootstrap = GeneralUtility::makeInstance(Bootstrap::class);
         $this->extbaseBootstrap->initialize([]);