[BUGFIX] Allow editing of shortcuts for non-admin users 62/41762/2
authorMarkus Klein <markus.klein@typo3.org>
Tue, 21 Jul 2015 07:13:58 +0000 (09:13 +0200)
committerSusanne Moog <typo3@susannemoog.de>
Tue, 21 Jul 2015 07:19:56 +0000 (09:19 +0200)
Resolves: #60254
Releases: master, 6.2
Change-Id: Ie5e65ab761e8ce018a4d71daa39495fae3ad3572
Reviewed-on: http://review.typo3.org/41762
Reviewed-by: Susanne Moog <typo3@susannemoog.de>
Tested-by: Susanne Moog <typo3@susannemoog.de>
typo3/sysext/backend/Classes/Toolbar/ShortcutToolbarItem.php

index f5f94dd..ec8defc 100644 (file)
@@ -542,23 +542,21 @@ class ShortcutToolbarItem implements \TYPO3\CMS\Backend\Toolbar\ToolbarItemHookI
                $shortcutId = (int)GeneralUtility::_POST('shortcutId');
                $shortcutName = strip_tags(GeneralUtility::_POST('value'));
                $shortcutGroupId = (int)GeneralUtility::_POST('shortcut-group');
-               if ($shortcutGroupId > 0 || $GLOBALS['BE_USER']->isAdmin()) {
-                       // Users can delete only their own shortcuts (except admins)
-                       $addUserWhere = !$GLOBALS['BE_USER']->isAdmin() ? ' AND userid=' . (int)$GLOBALS['BE_USER']->user['uid'] : '';
-                       $fieldValues = array(
-                               'description' => $shortcutName,
-                               'sc_group' => $shortcutGroupId
-                       );
-                       if ($fieldValues['sc_group'] < 0 && !$GLOBALS['BE_USER']->isAdmin()) {
-                               $fieldValues['sc_group'] = 0;
-                       }
-                       $GLOBALS['TYPO3_DB']->exec_UPDATEquery('sys_be_shortcuts', 'uid=' . $shortcutId . $addUserWhere, $fieldValues);
-                       $affectedRows = $GLOBALS['TYPO3_DB']->sql_affected_rows();
-                       if ($affectedRows == 1) {
-                               $ajaxObj->addContent('shortcut', $shortcutName);
-                       } else {
-                               $ajaxObj->addContent('shortcut', 'failed');
-                       }
+               // Users can modify only their own shortcuts (except admins)
+               $addUserWhere = !$GLOBALS['BE_USER']->isAdmin() ? ' AND userid=' . (int)$GLOBALS['BE_USER']->user['uid'] : '';
+               $fieldValues = array(
+                       'description' => $shortcutName,
+                       'sc_group' => $shortcutGroupId
+               );
+               if ($fieldValues['sc_group'] < 0 && !$GLOBALS['BE_USER']->isAdmin()) {
+                       $fieldValues['sc_group'] = 0;
+               }
+               $GLOBALS['TYPO3_DB']->exec_UPDATEquery('sys_be_shortcuts', 'uid=' . $shortcutId . $addUserWhere, $fieldValues);
+               $affectedRows = $GLOBALS['TYPO3_DB']->sql_affected_rows();
+               if ($affectedRows == 1) {
+                       $ajaxObj->addContent('shortcut', $shortcutName);
+               } else {
+                       $ajaxObj->addContent('shortcut', 'failed');
                }
                $ajaxObj->setContentFormat('plain');
        }