foreach ($versions as $table => $records) {
$versionArray = array('table' => $table);
+ $isRecordTypeAllowedToModify = $GLOBALS['BE_USER']->check('tables_modify', $table);
foreach ($records as $record) {
$versionArray['icon_Live'] = t3lib_iconWorks::mapRecordTypeToSpriteIconClass($table, $origRecord);
$versionArray['icon_Workspace'] = t3lib_iconWorks::mapRecordTypeToSpriteIconClass($table, $versionRecord);
- $versionArray['allowedAction_nextStage'] = $stagesObj->isNextStageAllowedForUser($versionRecord['t3ver_stage']);
- $versionArray['allowedAction_prevStage'] = $stagesObj->isPrevStageAllowedForUser($versionRecord['t3ver_stage']);
+ $versionArray['allowedAction_nextStage'] = $isRecordTypeAllowedToModify && $stagesObj->isNextStageAllowedForUser($versionRecord['t3ver_stage']);
+ $versionArray['allowedAction_prevStage'] = $isRecordTypeAllowedToModify && $stagesObj->isPrevStageAllowedForUser($versionRecord['t3ver_stage']);
if ($swapAccess && $swapStage != 0 && $versionRecord['t3ver_stage'] == $swapStage) {
- $versionArray['allowedAction_swap'] = $stagesObj->isNextStageAllowedForUser($swapStage);
+ $versionArray['allowedAction_swap'] = $isRecordTypeAllowedToModify && $stagesObj->isNextStageAllowedForUser($swapStage);
} elseif ($swapAccess && $swapStage == 0) {
- $versionArray['allowedAction_swap'] = TRUE;
+ $versionArray['allowedAction_swap'] = $isRecordTypeAllowedToModify;
} else {
$versionArray['allowedAction_swap'] = FALSE;
}
- $versionArray['allowedAction_delete'] = TRUE;
+ $versionArray['allowedAction_delete'] = $isRecordTypeAllowedToModify;
// preview and editing of a deleted page won't work ;)
$versionArray['allowedAction_view'] = !$isDeletedPage && $viewUrl;
- $versionArray['allowedAction_edit'] = !$isDeletedPage;
- $versionArray['allowedAction_editVersionedPage'] = !$isDeletedPage;
+ $versionArray['allowedAction_edit'] = $isRecordTypeAllowedToModify && !$isDeletedPage;
+ $versionArray['allowedAction_editVersionedPage'] = $isRecordTypeAllowedToModify && !$isDeletedPage;
$versionArray['state_Workspace'] = $recordState;
}
// Select all versions to swap:
- $versions = $this->selectVersionsInWorkspace($wsid, 0, $stage, ($pageId ? $pageId : -1));
+ $versions = $this->selectVersionsInWorkspace($wsid, 0, $stage, ($pageId ? $pageId : -1), 0, 'tables_modify');
// Traverse the selection to build CMD array:
foreach ($versions as $table => $records) {
$stage = -99;
// Select all versions to swap:
- $versions = $this->selectVersionsInWorkspace($wsid, 0, $stage, ($pageId ? $pageId : -1));
+ $versions = $this->selectVersionsInWorkspace($wsid, 0, $stage, ($pageId ? $pageId : -1), 0, 'tables_modify');
// Traverse the selection to build CMD array:
foreach ($versions as $table => $records) {
* @param integer Stage filter: -99 means no filtering, otherwise it will be used to select only elements with that stage. For publishing, that would be "10"
* @param integer Page id: Live page for which to find versions in workspace!
* @param integer Recursion Level - select versions recursive - parameter is only relevant if $pageId != -1
+ * @param string How to collect records for "listing" or "modify" these tables. Support the permissions of each type of record (@see t3lib_userAuthGroup::check).
* @return array Array of all records uids etc. First key is table name, second key incremental integer. Records are associative arrays with uid, t3ver_oid and t3ver_swapmode fields. The pid of the online record is found as "livepid" the pid of the offline record is found in "wspid"
*/
- public function selectVersionsInWorkspace($wsid, $filter = 0, $stage = -99, $pageId = -1, $recursionLevel = 0) {
+ public function selectVersionsInWorkspace($wsid, $filter = 0, $stage = -99, $pageId = -1, $recursionLevel = 0, $selectionType = 'tables_select') {
$wsid = intval($wsid);
$filter = intval($filter);
// Traversing all tables supporting versioning:
foreach ($GLOBALS['TCA'] as $table => $cfg) {
+
+ // we do not collect records from tables without permissions on them.
+ if (! $GLOBALS['BE_USER']->check($selectionType, $table)) {
+ continue;
+ }
+
if ($GLOBALS['TCA'][$table]['ctrl']['versioningWS']) {
$recs = $this->selectAllVersionsFromPages($table, $pageList, $wsid, $filter, $stage);