Revert "[BUGFIX] Draft usergroup access rights are now respected" 39/44639/3
authorOliver Hader <oliver@typo3.org>
Mon, 9 Nov 2015 14:19:14 +0000 (15:19 +0100)
committerHelmut Hummel <helmut.hummel@typo3.org>
Mon, 9 Nov 2015 21:07:06 +0000 (22:07 +0100)
This reverts commit dbb29f3d61051ffbcf7d0ec8770d755b1d33a512.

The mentioned change has been reverted in the 6.2 earlier but
was still remaining in the master branch. Albeit the initial
change seems to be helpful, there are lots of side effects
that have not been considered and cannot be enhanced easily.

Reverts: #33436
Resolves: #71437
Releases: master
Change-Id: I7821e0695a963eb52ed75621e17462ffca3ec2c3
Reviewed-on: https://review.typo3.org/44639
Reviewed-by: Nicole Cordes <typo3@cordes.co>
Tested-by: Nicole Cordes <typo3@cordes.co>
Reviewed-by: Helmut Hummel <helmut.hummel@typo3.org>
Tested-by: Helmut Hummel <helmut.hummel@typo3.org>
typo3/sysext/frontend/Classes/ContentObject/Menu/AbstractMenuContentObject.php
typo3/sysext/frontend/Classes/Page/PageRepository.php
typo3/sysext/frontend/Tests/Unit/Page/PageRepositoryTest.php

index 7efe3ab..596ee67 100644 (file)
@@ -717,9 +717,8 @@ abstract class AbstractMenuContentObject
                 $id = $mount_info['mount_pid'];
             }
             // Get sub-pages:
-            $res = $databaseConnection->exec_SELECTquery('uid', 'pages', 'pid=' . intval($id) . $this->sys_page->where_hid_del, '', $sortingField);
+            $res = $this->parent_cObj->exec_getQuery('pages', array('pidInList' => $id, 'orderBy' => $sortingField));
             while ($row = $databaseConnection->sql_fetch_assoc($res)) {
-                $row = $this->sys_page->getPage($row['uid']);
                 $tsfe->sys_page->versionOL('pages', $row, true);
                 if (!empty($row)) {
                     // Keep mount point?
@@ -743,7 +742,7 @@ abstract class AbstractMenuContentObject
                         if ($MP) {
                             $row['_MP_PARAM'] = $MP . ($row['_MP_PARAM'] ? ',' . $row['_MP_PARAM'] : '');
                         }
-                        $menuItems[$row['uid']] = $row;
+                        $menuItems[$row['uid']] = $this->sys_page->getPageOverlay($row);
                     }
                 }
             }
index 294c8e5..7483787 100644 (file)
@@ -238,20 +238,8 @@ class PageRepository
         if (is_array($this->cache_getPage[$uid][$cacheKey])) {
             return $this->cache_getPage[$uid][$cacheKey];
         }
-        $workspaceVersion = $this->getWorkspaceVersionOfRecord($this->versioningWorkspaceId, 'pages', $uid);
-        $db = $this->getDatabaseConnection();
-        if (is_array($workspaceVersion)) {
-            $workspaceVersionAccess = $db->exec_SELECTgetSingleRow(
-                'uid',
-                'pages',
-                'uid=' . intval($workspaceVersion['uid']) . $this->where_hid_del . $accessCheck
-            );
-            if (is_array($workspaceVersionAccess)) {
-                $accessCheck = '';
-            }
-        }
         $result = array();
-        $row = $db->exec_SELECTgetSingleRow('*', 'pages', 'uid=' . (int)$uid . $this->where_hid_del . $accessCheck);
+        $row = $this->getDatabaseConnection()->exec_SELECTgetSingleRow('*', 'pages', 'uid=' . (int)$uid . $this->where_hid_del . $accessCheck);
         if ($row) {
             $this->versionOL('pages', $row);
             if (is_array($row)) {
@@ -623,28 +611,6 @@ class PageRepository
             . ' '
             . $additionalWhereClause;
 
-        // Check the user group access for draft pages in preview
-        if ($this->versioningWorkspaceId != 0) {
-            $databaseResource = $db->exec_SELECTquery(
-                'uid',
-                'pages',
-                $relationField . ' IN (' . implode(',', $db->cleanIntArray($pageIds)) . ')'
-                    . $this->where_hid_del . ' ' . $additionalWhereClause,
-                '',
-                $sortField
-            );
-
-            $draftUserGroupAccessWhereStatement = $this->getDraftUserGroupAccessWhereStatement(
-                $databaseResource,
-                $sortField,
-                $additionalWhereClause
-            );
-
-            if ($draftUserGroupAccessWhereStatement !== false) {
-                $whereStatement = $draftUserGroupAccessWhereStatement;
-            }
-        };
-
         $databaseResource = $db->exec_SELECTquery(
             $fields,
             'pages',
@@ -680,49 +646,6 @@ class PageRepository
     }
 
     /**
-     * Prevent pages being shown in menu's for preview which contain usergroup access rights in a draft workspace
-     *
-     * Returns an adapted "WHERE" statement if pages are in draft
-     *
-     * @param bool|\mysqli_result|object $databaseResource MySQLi result object / DBAL object
-     * @param string $sortField The field to sort by
-     * @param string $addWhere Optional additional where clauses. Like "AND title like '%blabla%'" for instance.
-     * @return bool|string FALSE if no records are available in draft, a WHERE statement with the uid's if available
-     */
-    protected function getDraftUserGroupAccessWhereStatement($databaseResource, $sortField, $addWhere)
-    {
-        $draftUserGroupAccessWhereStatement = false;
-        $recordArray = [];
-
-        while ($row = $this->getDatabaseConnection()->sql_fetch_assoc($databaseResource)) {
-            $workspaceRow = $this->getWorkspaceVersionOfRecord($this->versioningWorkspaceId, 'pages', $row['uid']);
-
-            $realUid = is_array($workspaceRow) ? $workspaceRow['uid'] : $row['uid'];
-
-            $result = $this->getDatabaseConnection()->exec_SELECTgetSingleRow(
-                'uid',
-                'pages',
-                'uid=' . intval($realUid)
-                . $this->where_hid_del
-                . $this->where_groupAccess
-                . ' ' . $addWhere,
-                '',
-                $sortField
-            );
-
-            if (is_array($result)) {
-                $recordArray[] = $row['uid'];
-            }
-        }
-
-        if (!empty($recordArray)) {
-            $draftUserGroupAccessWhereStatement = 'uid IN (' . implode(',', $recordArray) . ')';
-        }
-
-        return $draftUserGroupAccessWhereStatement;
-    }
-
-    /**
      * Add the mount point parameter to the page if needed
      *
      * @param array $page The page to check
index 65290c0..960ec4e 100644 (file)
@@ -48,7 +48,7 @@ class PageRepositoryTest extends \TYPO3\CMS\Core\Tests\UnitTestCase
      */
     protected function setUp()
     {
-        $GLOBALS['TYPO3_DB'] = $this->getMock(\TYPO3\CMS\Core\Database\DatabaseConnection::class, array('exec_SELECTquery', 'sql_fetch_assoc', 'sql_free_result', 'exec_SELECTgetSingleRow'));
+        $GLOBALS['TYPO3_DB'] = $this->getMock(\TYPO3\CMS\Core\Database\DatabaseConnection::class, array('sql_fetch_assoc', 'sql_free_result', 'exec_SELECTgetSingleRow'));
         $this->pageSelectObject = $this->getAccessibleMock(\TYPO3\CMS\Frontend\Page\PageRepository::class, array('getMultipleGroupsWhereClause'));
         $this->pageSelectObject->expects($this->any())->method('getMultipleGroupsWhereClause')->will($this->returnValue(' AND 1=1'));
     }