[TASK] Move access right parameters from BE to SYS configuration 89/44289/8
authorZsolt Molnar <zsolt.molnar@arxia.com>
Mon, 26 Oct 2015 12:12:14 +0000 (14:12 +0200)
committerNicole Cordes <typo3@cordes.co>
Wed, 28 Oct 2015 17:39:10 +0000 (18:39 +0100)
Resolves: #36166
Releases: master
Change-Id: Ifee71aca46e39842a1fcecc97d905dbddac53aa5
Reviewed-on: https://review.typo3.org/44289
Reviewed-by: Stefan Neufeind <typo3.neufeind@speedpartner.de>
Tested-by: Stefan Neufeind <typo3.neufeind@speedpartner.de>
Reviewed-by: Zsolt Molnar <zsolt.molnar@arxia.com>
Tested-by: Zsolt Molnar <zsolt.molnar@arxia.com>
Reviewed-by: Nicole Cordes <typo3@cordes.co>
Tested-by: Nicole Cordes <typo3@cordes.co>
14 files changed:
typo3/sysext/backend/Tests/Unit/Utility/IconUtilityTest.php
typo3/sysext/core/Classes/Utility/GeneralUtility.php
typo3/sysext/core/Configuration/DefaultConfiguration.php
typo3/sysext/core/Documentation/Changelog/master/Important-36166-MoveAccessRightParametersFromBEToSYSConfiguration.rst [new file with mode: 0644]
typo3/sysext/core/Tests/Unit/Locking/LockerTest.php
typo3/sysext/core/Tests/Unit/Locking/SimpleLockStrategyTest.php
typo3/sysext/core/Tests/Unit/Resource/Driver/LocalDriverTest.php
typo3/sysext/core/Tests/Unit/Utility/GeneralUtilityTest.php
typo3/sysext/install/Classes/FolderStructure/DefaultFactory.php
typo3/sysext/install/Classes/FolderStructure/DefaultPermissionsCheck.php
typo3/sysext/install/Classes/Updates/AccessRightParametersUpdate.php [new file with mode: 0644]
typo3/sysext/install/ext_localconf.php
typo3/sysext/reports/Classes/Report/Status/ConfigurationStatus.php
typo3/sysext/reports/Resources/Private/Language/locallang_reports.xlf

index a6781c3..3934cf1 100644 (file)
@@ -90,7 +90,7 @@ class IconUtilityTest extends \TYPO3\CMS\Core\Tests\UnitTestCase
         $fixtureGifRessource = imagecreatefromgif($fixtureGifFile);
         $targetFilename = PATH_site . 'typo3temp/' . $this->getUniqueId('test_') . '.gif';
         $this->testFilesToDelete[] = $targetFilename;
-        $GLOBALS['TYPO3_CONF_VARS']['BE']['fileCreateMask'] = '0777';
+        $GLOBALS['TYPO3_CONF_VARS']['SYS']['fileCreateMask'] = '0777';
         IconUtilityFixture::imagemake($fixtureGifRessource, $targetFilename);
         clearstatcache();
         $resultFilePermissions = substr(decoct(fileperms($targetFilename)), 2);
index 6ca363c..f5bf057 100755 (executable)
@@ -2699,25 +2699,25 @@ Connection: close
         }
         if (self::isAllowedAbsPath($path)) {
             if (@is_file($path)) {
-                $targetFilePermissions = isset($GLOBALS['TYPO3_CONF_VARS']['BE']['fileCreateMask'])
-                    ? octdec($GLOBALS['TYPO3_CONF_VARS']['BE']['fileCreateMask'])
+                $targetFilePermissions = isset($GLOBALS['TYPO3_CONF_VARS']['SYS']['fileCreateMask'])
+                    ? octdec($GLOBALS['TYPO3_CONF_VARS']['SYS']['fileCreateMask'])
                     : octdec('0644');
                 // "@" is there because file is not necessarily OWNED by the user
                 $result = @chmod($path, $targetFilePermissions);
             } elseif (@is_dir($path)) {
-                $targetDirectoryPermissions = isset($GLOBALS['TYPO3_CONF_VARS']['BE']['folderCreateMask'])
-                    ? octdec($GLOBALS['TYPO3_CONF_VARS']['BE']['folderCreateMask'])
+                $targetDirectoryPermissions = isset($GLOBALS['TYPO3_CONF_VARS']['SYS']['folderCreateMask'])
+                    ? octdec($GLOBALS['TYPO3_CONF_VARS']['SYS']['folderCreateMask'])
                     : octdec('0755');
                 // "@" is there because file is not necessarily OWNED by the user
                 $result = @chmod($path, $targetDirectoryPermissions);
             }
             // Set createGroup if not empty
             if (
-                isset($GLOBALS['TYPO3_CONF_VARS']['BE']['createGroup'])
-                && $GLOBALS['TYPO3_CONF_VARS']['BE']['createGroup'] !== ''
+                isset($GLOBALS['TYPO3_CONF_VARS']['SYS']['createGroup'])
+                && $GLOBALS['TYPO3_CONF_VARS']['SYS']['createGroup'] !== ''
             ) {
                 // "@" is there because file is not necessarily OWNED by the user
-                $changeGroupResult = @chgrp($path, $GLOBALS['TYPO3_CONF_VARS']['BE']['createGroup']);
+                $changeGroupResult = @chgrp($path, $GLOBALS['TYPO3_CONF_VARS']['SYS']['createGroup']);
                 $result = $changeGroupResult ? $result : false;
             }
             // Call recursive if recursive flag if set and $path is directory
@@ -2801,15 +2801,15 @@ Connection: close
 
     /**
      * Wrapper function for mkdir.
-     * Sets folder permissions according to $GLOBALS['TYPO3_CONF_VARS']['BE']['folderCreateMask']
-     * and group ownership according to $GLOBALS['TYPO3_CONF_VARS']['BE']['createGroup']
+     * Sets folder permissions according to $GLOBALS['TYPO3_CONF_VARS']['SYS']['folderCreateMask']
+     * and group ownership according to $GLOBALS['TYPO3_CONF_VARS']['SYS']['createGroup']
      *
      * @param string $newFolder Absolute path to folder, see PHP mkdir() function. Removes trailing slash internally.
      * @return bool TRUE if @mkdir went well!
      */
     public static function mkdir($newFolder)
     {
-        $result = @mkdir($newFolder, octdec($GLOBALS['TYPO3_CONF_VARS']['BE']['folderCreateMask']));
+        $result = @mkdir($newFolder, octdec($GLOBALS['TYPO3_CONF_VARS']['SYS']['folderCreateMask']));
         if ($result) {
             self::fixPermissions($newFolder);
         }
@@ -2859,7 +2859,7 @@ Connection: close
     {
         $currentPath = $fullDirectoryPath;
         $firstCreatedPath = '';
-        $permissionMask = octdec($GLOBALS['TYPO3_CONF_VARS']['BE']['folderCreateMask']);
+        $permissionMask = octdec($GLOBALS['TYPO3_CONF_VARS']['SYS']['folderCreateMask']);
         if (!@is_dir($currentPath)) {
             do {
                 $firstCreatedPath = $currentPath;
index 4e90802..12bd139 100644 (file)
@@ -51,6 +51,9 @@ return array(
                 'xlf' => \TYPO3\CMS\Core\Localization\Parser\XliffParser::class
             )
         ),
+        'fileCreateMask' => '0664',                        // File mode mask for Unix file systems (when files are uploaded/created).
+        'folderCreateMask' => '2775',                    // As above, but for folders.
+        'createGroup' => '',                            // Group for newly created files and folders (Unix only). Group ownership can be changed on Unix file systems (see above). Set this if you want to change the group ownership of created files/folders to a specific group. This makes sense in all cases where the webserver is running with a different user/group as you do. Create a new group on your system and add you and the webserver user to the group. Now you can safely set the last bit in fileCreateMask/folderCreateMask to 0 (e.g. 770). Important: The user who is running your webserver needs to be a member of the group you specify here! Otherwise you might get some error messages.
         'sitename' => 'TYPO3',                    // Name of the base-site. This title shows up in the root of the tree structure if you're an 'admin' backend user.
         'encryptionKey' => '',                    // This is a "salt" used for various kinds of encryption, CRC checksums and validations. You can enter any rubbish string here but try to keep it secret. You should notice that a change to this value might invalidate temporary information, URLs etc. At least, clear all cache if you change this so any such information can be rebuild with the new key.
         'cookieDomain' => '',                    // Restricts the domain name for FE and BE session cookies. When setting the value to ".domain.com" (replace domain.com with your domain!), login sessions will be shared across subdomains. Alternatively, if you have more than one domain with sub-domains, you can set the value to a regular expression to match against the domain of the HTTP request. The result of the match is used as the domain for the cookie. eg. /\.(example1|example2)\.com$/ or /\.(example1\.com)|(example2\.net)$/. Separate domains for FE and BE can be set using <a href="#FE-cookieDomain">$TYPO3_CONF_VARS['FE']['cookieDomain']</a> and <a href="#BE-cookieDomain">$TYPO3_CONF_VARS['BE']['cookieDomain']</a> respectively.
@@ -683,9 +686,6 @@ return array(
         'userHomePath' => '',                            // Combined folder identifier of the directory where TYPO3 backend-users have their home-dirs. A combined folder identifier looks like this: [storageUid]:[folderIdentifier]. Eg. '2:users/'. A home for backend user 2 would be: '2:users/2/'. Ending slash required!
         'groupHomePath' => '',                            // Combined folder identifier of the directory where TYPO3 backend-groups have their home-dirs. A combined folder identifier looks like this: [storageUid]:[folderIdentifier]. Eg. '2:groups/'. A home for backend group 1 would be: '2:groups/1/'. Ending slash required!
         'userUploadDir' => '',                            // Suffix to the user home dir which is what gets mounted in TYPO3. Eg. if the user dir is "../123_user/" and this value is "/upload" then "../123_user/upload" gets mounted.
-        'fileCreateMask' => '0664',                        // File mode mask for Unix file systems (when files are uploaded/created).
-        'folderCreateMask' => '2775',                    // As above, but for folders.
-        'createGroup' => '',                            // Group for newly created files and folders (Unix only). Group ownership can be changed on Unix file systems (see above). Set this if you want to change the group ownership of created files/folders to a specific group. This makes sense in all cases where the webserver is running with a different user/group as you do. Create a new group on your system and add you and the webserver user to the group. Now you can safely set the last bit in fileCreateMask/folderCreateMask to 0 (e.g. 770). Important: The user who is running your webserver needs to be a member of the group you specify here! Otherwise you might get some error messages.
         'warning_email_addr' => '',                        // Email address that will receive notification whenever an attempt to login to the Install Tool is made and that will also receive warnings whenever more than 3 failed backend login attempts (regardless of user) are detected within an hour.
         'warning_mode' => '',                            // Bit 1: If set, warning_email_addr will be notified every time a backend user logs in. Bit 2: If set, warning_email_addr will be notified every time an ADMIN backend user logs in. Other bits are reserved for future options.
         'lockIP' => 4,                                    // Integer (0-4). Session IP locking for backend users. See <a href="#FE-lockIP">[FE][lockIP]</a> for details. Default is 4 (which is locking the FULL IP address to session).
diff --git a/typo3/sysext/core/Documentation/Changelog/master/Important-36166-MoveAccessRightParametersFromBEToSYSConfiguration.rst b/typo3/sysext/core/Documentation/Changelog/master/Important-36166-MoveAccessRightParametersFromBEToSYSConfiguration.rst
new file mode 100644 (file)
index 0000000..90a136e
--- /dev/null
@@ -0,0 +1,10 @@
+=============================================================================
+Important: #36166 - Move access right parameters from BE to SYS configuration
+=============================================================================
+
+Description
+===========
+
+The access right parameters (fileCreateMask, folderCreateMask, createGroup) have been moved from
+$GLOBALS['TYPO3_CONF_VARS']['BE'] to $GLOBALS['TYPO3_CONF_VARS']['SYS'].
+A new Upgrade Wizard ensures the correct migrations of the settings.
\ No newline at end of file
index 52f8041..0b6081c 100644 (file)
@@ -152,7 +152,7 @@ class LockerTest extends \TYPO3\CMS\Core\Tests\UnitTestCase
         $instance = new Locker(999999999, Locker::LOCKING_METHOD_SIMPLE);
         $instance->setEnableLogging(false);
         $pathOfLockFile = $instance->getResource();
-        $GLOBALS['TYPO3_CONF_VARS']['BE']['fileCreateMask'] = '0777';
+        $GLOBALS['TYPO3_CONF_VARS']['SYS']['fileCreateMask'] = '0777';
         // Acquire lock, get actual file permissions and clean up
         $instance->acquireExclusiveLock();
         clearstatcache();
index 5b029c1..516a1f9 100644 (file)
@@ -56,7 +56,7 @@ class SimpleLockStrategyTest extends UnitTestCase
 
         $pathOfLockFile = $lock->_get('filePath');
 
-        $GLOBALS['TYPO3_CONF_VARS']['BE']['fileCreateMask'] = '0777';
+        $GLOBALS['TYPO3_CONF_VARS']['SYS']['fileCreateMask'] = '0777';
 
         // Acquire lock, get actual file permissions and clean up
         $lock->acquire();
index a285197..f834cfa 100644 (file)
@@ -610,7 +610,7 @@ class LocalDriverTest extends \TYPO3\CMS\Core\Tests\Unit\Resource\BaseTestCase
 
         // No one will use this as his default file create mask so we hopefully don't get any false positives
         $testpattern = '0646';
-        $GLOBALS['TYPO3_CONF_VARS']['BE']['fileCreateMask'] = $testpattern;
+        $GLOBALS['TYPO3_CONF_VARS']['SYS']['fileCreateMask'] = $testpattern;
 
         $this->addToMount(
             array(
index e9570a3..dca03d2 100644 (file)
@@ -2799,7 +2799,7 @@ class GeneralUtilityTest extends \TYPO3\CMS\Core\Tests\UnitTestCase
         $this->testFilesToDelete[] = $filename;
         $currentGroupId = posix_getegid();
         // Set target group and run method
-        $GLOBALS['TYPO3_CONF_VARS']['BE']['createGroup'] = $currentGroupId;
+        $GLOBALS['TYPO3_CONF_VARS']['SYS']['createGroup'] = $currentGroupId;
         GeneralUtility::fixPermissions($filename);
         clearstatcache();
         $this->assertEquals($currentGroupId, filegroup($filename));
@@ -2819,7 +2819,7 @@ class GeneralUtilityTest extends \TYPO3\CMS\Core\Tests\UnitTestCase
         $this->testFilesToDelete[] = $filename;
         chmod($filename, 482);
         // Set target permissions and run method
-        $GLOBALS['TYPO3_CONF_VARS']['BE']['fileCreateMask'] = '0660';
+        $GLOBALS['TYPO3_CONF_VARS']['SYS']['fileCreateMask'] = '0660';
         $fixPermissionsResult = GeneralUtility::fixPermissions($filename);
         clearstatcache();
         $this->assertTrue($fixPermissionsResult);
@@ -2840,7 +2840,7 @@ class GeneralUtilityTest extends \TYPO3\CMS\Core\Tests\UnitTestCase
         $this->testFilesToDelete[] = $filename;
         chmod($filename, 482);
         // Set target permissions and run method
-        $GLOBALS['TYPO3_CONF_VARS']['BE']['fileCreateMask'] = '0660';
+        $GLOBALS['TYPO3_CONF_VARS']['SYS']['fileCreateMask'] = '0660';
         $fixPermissionsResult = GeneralUtility::fixPermissions($filename);
         clearstatcache();
         $this->assertTrue($fixPermissionsResult);
@@ -2861,7 +2861,7 @@ class GeneralUtilityTest extends \TYPO3\CMS\Core\Tests\UnitTestCase
         $this->testFilesToDelete[] = $directory;
         chmod($directory, 1551);
         // Set target permissions and run method
-        $GLOBALS['TYPO3_CONF_VARS']['BE']['folderCreateMask'] = '0770';
+        $GLOBALS['TYPO3_CONF_VARS']['SYS']['folderCreateMask'] = '0770';
         $fixPermissionsResult = GeneralUtility::fixPermissions($directory);
         clearstatcache();
         $this->assertTrue($fixPermissionsResult);
@@ -2882,7 +2882,7 @@ class GeneralUtilityTest extends \TYPO3\CMS\Core\Tests\UnitTestCase
         $this->testFilesToDelete[] = $directory;
         chmod($directory, 1551);
         // Set target permissions and run method
-        $GLOBALS['TYPO3_CONF_VARS']['BE']['folderCreateMask'] = '0770';
+        $GLOBALS['TYPO3_CONF_VARS']['SYS']['folderCreateMask'] = '0770';
         $fixPermissionsResult = GeneralUtility::fixPermissions($directory . '/');
         // Get actual permissions and clean up
         clearstatcache();
@@ -2904,7 +2904,7 @@ class GeneralUtilityTest extends \TYPO3\CMS\Core\Tests\UnitTestCase
         $this->testFilesToDelete[] = $directory;
         chmod($directory, 1551);
         // Set target permissions and run method
-        $GLOBALS['TYPO3_CONF_VARS']['BE']['folderCreateMask'] = '0770';
+        $GLOBALS['TYPO3_CONF_VARS']['SYS']['folderCreateMask'] = '0770';
         $fixPermissionsResult = GeneralUtility::fixPermissions($directory);
         // Get actual permissions and clean up
         clearstatcache();
@@ -2941,8 +2941,8 @@ class GeneralUtilityTest extends \TYPO3\CMS\Core\Tests\UnitTestCase
         touch($baseDirectory . '/.bar/..file2', '42');
         chmod($baseDirectory . '/.bar/..file2', 482);
         // Set target permissions and run method
-        $GLOBALS['TYPO3_CONF_VARS']['BE']['fileCreateMask'] = '0660';
-        $GLOBALS['TYPO3_CONF_VARS']['BE']['folderCreateMask'] = '0770';
+        $GLOBALS['TYPO3_CONF_VARS']['SYS']['fileCreateMask'] = '0660';
+        $GLOBALS['TYPO3_CONF_VARS']['SYS']['folderCreateMask'] = '0770';
         $fixPermissionsResult = GeneralUtility::fixPermissions($baseDirectory, true);
         // Get actual permissions
         clearstatcache();
@@ -2977,7 +2977,7 @@ class GeneralUtilityTest extends \TYPO3\CMS\Core\Tests\UnitTestCase
         touch($filename);
         chmod($filename, 482);
         // Set target permissions and run method
-        $GLOBALS['TYPO3_CONF_VARS']['BE']['fileCreateMask'] = '0660';
+        $GLOBALS['TYPO3_CONF_VARS']['SYS']['fileCreateMask'] = '0660';
         $fixPermissionsResult = GeneralUtility::fixPermissions($filename);
         clearstatcache();
         $this->testFilesToDelete[] = $filename;
@@ -2997,7 +2997,7 @@ class GeneralUtilityTest extends \TYPO3\CMS\Core\Tests\UnitTestCase
         $this->testFilesToDelete[] = PATH_site . $filename;
         chmod(PATH_site . $filename, 482);
         // Set target permissions and run method
-        $GLOBALS['TYPO3_CONF_VARS']['BE']['fileCreateMask'] = '0660';
+        $GLOBALS['TYPO3_CONF_VARS']['SYS']['fileCreateMask'] = '0660';
         $fixPermissionsResult = GeneralUtility::fixPermissions($filename);
         clearstatcache();
         $this->assertTrue($fixPermissionsResult);
@@ -3016,7 +3016,7 @@ class GeneralUtilityTest extends \TYPO3\CMS\Core\Tests\UnitTestCase
         GeneralUtility::writeFileToTypo3tempDir($filename, '42');
         $this->testFilesToDelete[] = $filename;
         chmod($filename, 482);
-        unset($GLOBALS['TYPO3_CONF_VARS']['BE']['fileCreateMask']);
+        unset($GLOBALS['TYPO3_CONF_VARS']['SYS']['fileCreateMask']);
         $fixPermissionsResult = GeneralUtility::fixPermissions($filename);
         clearstatcache();
         $this->assertTrue($fixPermissionsResult);
@@ -3035,7 +3035,7 @@ class GeneralUtilityTest extends \TYPO3\CMS\Core\Tests\UnitTestCase
         GeneralUtility::mkdir($directory);
         $this->testFilesToDelete[] = $directory;
         chmod($directory, 1551);
-        unset($GLOBALS['TYPO3_CONF_VARS']['BE']['folderCreateMask']);
+        unset($GLOBALS['TYPO3_CONF_VARS']['SYS']['folderCreateMask']);
         $fixPermissionsResult = GeneralUtility::fixPermissions($directory);
         clearstatcache();
         $this->assertTrue($fixPermissionsResult);
@@ -3094,7 +3094,7 @@ class GeneralUtilityTest extends \TYPO3\CMS\Core\Tests\UnitTestCase
         }
         $directory = PATH_site . 'typo3temp/' . $this->getUniqueId('test_');
         $oldUmask = umask(19);
-        $GLOBALS['TYPO3_CONF_VARS']['BE']['folderCreateMask'] = '0772';
+        $GLOBALS['TYPO3_CONF_VARS']['SYS']['folderCreateMask'] = '0772';
         GeneralUtility::mkdir($directory);
         $this->testFilesToDelete[] = $directory;
         clearstatcache();
@@ -3116,7 +3116,7 @@ class GeneralUtilityTest extends \TYPO3\CMS\Core\Tests\UnitTestCase
         }
         $swapGroup = $this->checkGroups(__FUNCTION__);
         if ($swapGroup !== false) {
-            $GLOBALS['TYPO3_CONF_VARS']['BE']['createGroup'] = $swapGroup;
+            $GLOBALS['TYPO3_CONF_VARS']['SYS']['createGroup'] = $swapGroup;
             $directory = $this->getUniqueId('mkdirtest_');
             GeneralUtility::mkdir(PATH_site . 'typo3temp/' . $directory);
             $this->testFilesToDelete[] = PATH_site . 'typo3temp/' . $directory;
@@ -3224,7 +3224,7 @@ class GeneralUtilityTest extends \TYPO3\CMS\Core\Tests\UnitTestCase
         }
         $directory = $this->getUniqueId('mkdirdeeptest_');
         $oldUmask = umask(19);
-        $GLOBALS['TYPO3_CONF_VARS']['BE']['folderCreateMask'] = '0777';
+        $GLOBALS['TYPO3_CONF_VARS']['SYS']['folderCreateMask'] = '0777';
         GeneralUtility::mkdir_deep(PATH_site . 'typo3temp/', $directory);
         $this->testFilesToDelete[] = PATH_site . 'typo3temp/' . $directory;
         clearstatcache();
@@ -3242,7 +3242,7 @@ class GeneralUtilityTest extends \TYPO3\CMS\Core\Tests\UnitTestCase
         }
         $directory = $this->getUniqueId('mkdirdeeptest_');
         $subDirectory = $directory . '/bar';
-        $GLOBALS['TYPO3_CONF_VARS']['BE']['folderCreateMask'] = '0777';
+        $GLOBALS['TYPO3_CONF_VARS']['SYS']['folderCreateMask'] = '0777';
         $oldUmask = umask(19);
         GeneralUtility::mkdir_deep(PATH_site . 'typo3temp/', $subDirectory);
         $this->testFilesToDelete[] = PATH_site . 'typo3temp/' . $directory;
@@ -3276,7 +3276,7 @@ class GeneralUtilityTest extends \TYPO3\CMS\Core\Tests\UnitTestCase
     {
         $swapGroup = $this->checkGroups(__FUNCTION__);
         if ($swapGroup !== false) {
-            $GLOBALS['TYPO3_CONF_VARS']['BE']['createGroup'] = $swapGroup;
+            $GLOBALS['TYPO3_CONF_VARS']['SYS']['createGroup'] = $swapGroup;
             $directory = $this->getUniqueId('mkdirdeeptest_');
             GeneralUtility::mkdir_deep(PATH_site . 'typo3temp/', $directory);
             $this->testFilesToDelete[] = PATH_site . 'typo3temp/' . $directory;
@@ -3294,7 +3294,7 @@ class GeneralUtilityTest extends \TYPO3\CMS\Core\Tests\UnitTestCase
     {
         $swapGroup = $this->checkGroups(__FUNCTION__);
         if ($swapGroup !== false) {
-            $GLOBALS['TYPO3_CONF_VARS']['BE']['createGroup'] = $swapGroup;
+            $GLOBALS['TYPO3_CONF_VARS']['SYS']['createGroup'] = $swapGroup;
             $directory = $this->getUniqueId('mkdirdeeptest_');
             $subDirectory = $directory . '/bar';
             GeneralUtility::mkdir_deep(PATH_site . 'typo3temp/', $subDirectory);
@@ -3313,7 +3313,7 @@ class GeneralUtilityTest extends \TYPO3\CMS\Core\Tests\UnitTestCase
     {
         $swapGroup = $this->checkGroups(__FUNCTION__);
         if ($swapGroup !== false) {
-            $GLOBALS['TYPO3_CONF_VARS']['BE']['createGroup'] = $swapGroup;
+            $GLOBALS['TYPO3_CONF_VARS']['SYS']['createGroup'] = $swapGroup;
             $directory = $this->getUniqueId('mkdirdeeptest_');
             $subDirectory = $directory . '/bar';
             GeneralUtility::mkdir_deep(PATH_site . 'typo3temp/', $subDirectory);
@@ -3873,7 +3873,7 @@ class GeneralUtilityTest extends \TYPO3\CMS\Core\Tests\UnitTestCase
         $directoryName = $this->getUniqueId('test_') . '.com';
         $directoryPath = PATH_site . 'typo3temp/';
         $directory = $directoryPath . $directoryName;
-        mkdir($directory, octdec($GLOBALS['TYPO3_CONF_VARS']['BE']['folderCreateMask']));
+        mkdir($directory, octdec($GLOBALS['TYPO3_CONF_VARS']['SYS']['folderCreateMask']));
         $fileInfo = GeneralUtility::split_fileref($directory);
         $directoryCreated = is_dir($directory);
         rmdir($directory);
@@ -4285,8 +4285,8 @@ class GeneralUtilityTest extends \TYPO3\CMS\Core\Tests\UnitTestCase
             'backslash in path' => array('path\\path'),
             'directory up in path' => array('path/../path'),
             'directory up at the beginning' => array('../path'),
-            'NUL character in path' => array('path\0path'),
-            'BS character in path' => array('path\bpath')
+            'NUL character in path' => array('path' . chr(0) . 'path'),
+            'BS character in path' => array('path' . chr(8) . 'path')
         );
     }
 
@@ -4414,7 +4414,7 @@ class GeneralUtilityTest extends \TYPO3\CMS\Core\Tests\UnitTestCase
         unset($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_div.php']['systemLog']);
         $testLogFilename = PATH_site . 'typo3temp/' . $this->getUniqueId('test_') . '.txt';
         $GLOBALS['TYPO3_CONF_VARS']['SYS']['systemLog'] = 'file,' . $testLogFilename . ',0';
-        $GLOBALS['TYPO3_CONF_VARS']['BE']['fileCreateMask'] = '0777';
+        $GLOBALS['TYPO3_CONF_VARS']['SYS']['fileCreateMask'] = '0777';
         // Call method, get actual permissions and clean up
         GeneralUtility::syslog('testLog', 'test', GeneralUtility::SYSLOG_SEVERITY_NOTICE);
         $this->testFilesToDelete[] = $testLogFilename;
@@ -4434,7 +4434,7 @@ class GeneralUtilityTest extends \TYPO3\CMS\Core\Tests\UnitTestCase
         @mkdir(dirname($filePath));
         $this->testFilesToDelete[] = $filePath;
         $GLOBALS['TYPO3_CONF_VARS']['SYS']['enableDeprecationLog'] = true;
-        $GLOBALS['TYPO3_CONF_VARS']['BE']['fileCreateMask'] = '0777';
+        $GLOBALS['TYPO3_CONF_VARS']['SYS']['fileCreateMask'] = '0777';
         GeneralUtilityFixture::deprecationLog('foo');
         clearstatcache();
         $resultFilePermissions = substr(decoct(fileperms($filePath)), 2);
index f8da450..f44c9e8 100644 (file)
@@ -55,8 +55,8 @@ class DefaultFactory
      */
     protected function getDefaultStructureDefinition()
     {
-        $filePermission = $GLOBALS['TYPO3_CONF_VARS']['BE']['fileCreateMask'];
-        $directoryPermission = $GLOBALS['TYPO3_CONF_VARS']['BE']['folderCreateMask'];
+        $filePermission = $GLOBALS['TYPO3_CONF_VARS']['SYS']['fileCreateMask'];
+        $directoryPermission = $GLOBALS['TYPO3_CONF_VARS']['SYS']['folderCreateMask'];
 
         if (Bootstrap::usesComposerClassLoading()) {
             // In composer mode the links are configurable and might even be actual files
index 4980b50..52aaa09 100644 (file)
@@ -56,7 +56,7 @@ class DefaultPermissionsCheck
      */
     public function getMaskStatus($which)
     {
-        $octal = '0' . $GLOBALS['TYPO3_CONF_VARS']['BE'][$which];
+        $octal = '0' . $GLOBALS['TYPO3_CONF_VARS']['SYS'][$which];
         $dec = octdec($octal);
         $perms = array(
             'ox' => (($dec & 001) == 001),
@@ -97,19 +97,19 @@ class DefaultPermissionsCheck
         } else {
             $permissionStatus = new Status\OkStatus();
         }
-        $permissionStatus->setTitle($this->names[$which] . ' (BE/' . $which . ')');
+        $permissionStatus->setTitle($this->names[$which] . ' (SYS/' . $which . ')');
         $message = 'Recommended: ' . $this->recommended[$which] . '.';
         $message .= ' Currently configured as ';
-        if ($GLOBALS['TYPO3_CONF_VARS']['BE'][$which] === $this->recommended[$which]) {
+        if ($GLOBALS['TYPO3_CONF_VARS']['SYS'][$which] === $this->recommended[$which]) {
             $message .= 'recommended';
         } else {
-            $message .= $GLOBALS['TYPO3_CONF_VARS']['BE'][$which];
+            $message .= $GLOBALS['TYPO3_CONF_VARS']['SYS'][$which];
         }
         $message .= $extraMessage . '.';
         if ($groupPermissions) {
             $message .= ' This is fine as long as the web server\'s group only comprises trusted users.';
-            if (!empty($GLOBALS['TYPO3_CONF_VARS']['BE']['createGroup'])) {
-                $message .= ' Your site is configured (BE/createGroup) to write as group \'' . $GLOBALS['TYPO3_CONF_VARS']['BE']['createGroup'] . '\'.';
+            if (!empty($GLOBALS['TYPO3_CONF_VARS']['SYS']['createGroup'])) {
+                $message .= ' Your site is configured (SYS/createGroup) to write as group \'' . $GLOBALS['TYPO3_CONF_VARS']['SYS']['createGroup'] . '\'.';
             }
         }
         $permissionStatus->setMessage($message);
diff --git a/typo3/sysext/install/Classes/Updates/AccessRightParametersUpdate.php b/typo3/sysext/install/Classes/Updates/AccessRightParametersUpdate.php
new file mode 100644 (file)
index 0000000..d6b4e0d
--- /dev/null
@@ -0,0 +1,92 @@
+<?php
+namespace TYPO3\CMS\Install\Updates;
+
+/*
+ * This file is part of the TYPO3 CMS project.
+ *
+ * It is free software; you can redistribute it and/or modify it under
+ * the terms of the GNU General Public License, either version 2
+ * of the License, or any later version.
+ *
+ * For the full copyright and license information, please read the
+ * LICENSE.txt file that was distributed with this source code.
+ *
+ * The TYPO3 project - inspiring people to share!
+ */
+
+use TYPO3\CMS\Core\Configuration\ConfigurationManager;
+use TYPO3\CMS\Core\Utility\GeneralUtility;
+
+/**
+ * Move access right parameters from "BE" to "SYS" configuration section
+ */
+class AccessRightParametersUpdate extends AbstractUpdate
+{
+    /**
+     * @var string
+     */
+    protected $title = 'Move access right parameters configuration to "SYS" section';
+
+    /**
+     * @var array
+     */
+    protected $movedAccessRightConfigurationSettings = [
+        'BE/fileCreateMask' => 'SYS/fileCreateMask',
+        'BE/folderCreateMask' => 'SYS/folderCreateMask',
+        'BE/createGroup' => 'SYS/createGroup',
+    ];
+
+    /**
+     * Checks if an update is needed
+     *
+     * @param string &$description The description for the update
+     * @return bool Whether an update is needed (TRUE) or not (FALSE)
+     */
+    public function checkForUpdate(&$description)
+    {
+        $updateNeeded = false;
+
+        /** @var ConfigurationManager $configurationManager */
+        $configurationManager = GeneralUtility::makeInstance(ConfigurationManager::class);
+
+        // If the local configuration path can be accessed, the path is valid and the update wizard has to be executed
+        foreach ($this->movedAccessRightConfigurationSettings as $oldPath => $newPath) {
+            try {
+                $configurationManager->getLocalConfigurationValueByPath($oldPath);
+                $updateNeeded = true;
+                break;
+            } catch (\RuntimeException $e) {
+            }
+        }
+
+        $description = 'Some access right parameters were moved from the "BE" to the "SYS" configuration section. ' .
+            'The update wizards moves the settings to the new configuration destination.';
+
+        return $updateNeeded;
+    }
+
+    /**
+     * Performs the configuration update
+     *
+     * @param array &$databaseQueries Queries done in this update
+     * @param mixed &$customMessages Custom messages
+     * @return bool
+     */
+    public function performUpdate(array &$databaseQueries, &$customMessages)
+    {
+        /** @var ConfigurationManager $configurationManager */
+        $configurationManager = GeneralUtility::makeInstance(ConfigurationManager::class);
+        foreach ($this->movedAccessRightConfigurationSettings as $oldPath => $newPath) {
+            try {
+                $value = $configurationManager->getLocalConfigurationValueByPath($oldPath);
+                $configurationManager->setLocalConfigurationValueByPath($newPath, $value);
+            } catch (\RuntimeException $e) {
+            }
+        }
+        $configurationManager->removeLocalConfigurationKeysByPath(array_keys($this->movedAccessRightConfigurationSettings));
+
+        $this->markWizardAsDone();
+        return true;
+    }
+
+}
index 622d23b..e207695 100644 (file)
@@ -2,6 +2,7 @@
 defined('TYPO3_MODE') or die();
 
 // TYPO3 CMS 7
+$GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/install']['update']['accessRightParameters'] = \TYPO3\CMS\Install\Updates\AccessRightParametersUpdate::class;
 $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/install']['update']['backendUserStartModule'] = \TYPO3\CMS\Install\Updates\BackendUserStartModuleUpdate::class;
 $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/install']['update']['languageIsoCode'] = \TYPO3\CMS\Install\Updates\LanguageIsoCodeUpdate::class;
 $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['ext/install']['update']['PageShortcutParent'] = \TYPO3\CMS\Install\Updates\PageShortcutParentUpdate::class;
index c8bc6c3..2356315 100644 (file)
@@ -214,8 +214,8 @@ class ConfigurationStatus implements \TYPO3\CMS\Reports\StatusProviderInterface
         $value = $GLOBALS['LANG']->getLL('status_ok');
         $message = '';
         $severity = \TYPO3\CMS\Reports\Status::OK;
-        if ((int)$GLOBALS['TYPO3_CONF_VARS']['BE']['fileCreateMask'] % 10 & 2) {
-            $value = $GLOBALS['TYPO3_CONF_VARS']['BE']['fileCreateMask'];
+        if ((int)$GLOBALS['TYPO3_CONF_VARS']['SYS']['fileCreateMask'] % 10 & 2) {
+            $value = $GLOBALS['TYPO3_CONF_VARS']['SYS']['fileCreateMask'];
             $severity = \TYPO3\CMS\Reports\Status::WARNING;
             $message = $GLOBALS['LANG']->getLL('status_CreatedFilePermissions.writable');
         }
@@ -232,8 +232,8 @@ class ConfigurationStatus implements \TYPO3\CMS\Reports\StatusProviderInterface
         $value = $GLOBALS['LANG']->getLL('status_ok');
         $message = '';
         $severity = \TYPO3\CMS\Reports\Status::OK;
-        if ((int)$GLOBALS['TYPO3_CONF_VARS']['BE']['folderCreateMask'] % 10 & 2) {
-            $value = $GLOBALS['TYPO3_CONF_VARS']['BE']['folderCreateMask'];
+        if ((int)$GLOBALS['TYPO3_CONF_VARS']['SYS']['folderCreateMask'] % 10 & 2) {
+            $value = $GLOBALS['TYPO3_CONF_VARS']['SYS']['folderCreateMask'];
             $severity = \TYPO3\CMS\Reports\Status::WARNING;
             $message = $GLOBALS['LANG']->getLL('status_CreatedDirectoryPermissions.writable');
         }
index e45f605..d574adc 100644 (file)
                                <source>Permissions of created files</source>
                        </trans-unit>
                        <trans-unit id="status_CreatedFilePermissions.writable">
-                               <source>Files created by TYPO3 are configured to be world writable. Depending on your server configuration, this can be a security risk. It is usually better to configure the create mask to not allow writing to files by "others". A sane default is often '0660' for $GLOBALS['TYPO3_CONF_VARS']['BE']['fileCreateMask']. This can be set in the install tool.</source>
+                               <source>Files created by TYPO3 are configured to be world writable. Depending on your server configuration, this can be a security risk. It is usually better to configure the create mask to not allow writing to files by "others". A sane default is often '0660' for $GLOBALS['TYPO3_CONF_VARS']['SYS']['fileCreateMask']. This can be set in the install tool.</source>
                        </trans-unit>
                        <trans-unit id="status_CreatedDirectoryPermissions">
                                <source>Permissions of created directories</source>
                        </trans-unit>
                        <trans-unit id="status_CreatedDirectoryPermissions.writable">
-                               <source>Directories created by TYPO3 are configured to be world writable. Depending on your server configuration, this can be a security risk. It is usually better to configure the create mask to not allow writing to directories by "others". A sane default is often '2770' for $GLOBALS['TYPO3_CONF_VARS']['BE']['folderCreateMask']. This can be set in the install tool.</source>
+                               <source>Directories created by TYPO3 are configured to be world writable. Depending on your server configuration, this can be a security risk. It is usually better to configure the create mask to not allow writing to directories by "others". A sane default is often '2770' for $GLOBALS['TYPO3_CONF_VARS']['SYS']['folderCreateMask']. This can be set in the install tool.</source>
                        </trans-unit>
                        <trans-unit id="status_trustedHostsPattern">
                                <source>Trusted Hosts Pattern</source>