[TASK] Clean up ext:beuser permission module access checks 69/36169/5
authorChristian Kuhn <lolli@schwarzbu.ch>
Wed, 21 Jan 2015 23:41:15 +0000 (00:41 +0100)
committerMathias Schreiber <mathias.schreiber@wmdb.de>
Thu, 22 Jan 2015 08:39:17 +0000 (09:39 +0100)
The access module is restricted to admin users since core 6.0.
The patch removes left over code checks for non admin users.

Resolves: #64416
Related: #41229
Releases: master
Change-Id: I6fddc2eb1ae8a720c3d157993621fe201bd692e7
Reviewed-on: http://review.typo3.org/36169
Reviewed-by: Georg Ringer <georg.ringer@gmail.com>
Tested-by: Georg Ringer <georg.ringer@gmail.com>
Reviewed-by: Mathias Schreiber <mathias.schreiber@wmdb.de>
Tested-by: Mathias Schreiber <mathias.schreiber@wmdb.de>
typo3/sysext/beuser/Classes/Controller/PermissionController.php
typo3/sysext/beuser/Resources/Private/Templates/Permission/Index.html

index e6ab801..9f8eeb4 100644 (file)
@@ -15,6 +15,7 @@ namespace TYPO3\CMS\Beuser\Controller;
  */
 
 use TYPO3\CMS\Backend\Template\DocumentTemplate;
+use TYPO3\CMS\Backend\Tree\View\PageTreeView;
 use TYPO3\CMS\Backend\Utility\IconUtility;
 use TYPO3\CMS\Core\Database\DatabaseConnection;
 use TYPO3\CMS\Core\Messaging\FlashMessage;
@@ -24,6 +25,7 @@ use TYPO3\CMS\Extbase\Mvc\Controller\ActionController;
 use TYPO3\CMS\Backend\Utility\BackendUtility;
 use TYPO3\CMS\Extbase\Mvc\View\ViewInterface;
 use TYPO3\CMS\Extbase\Utility\LocalizationUtility;
+use TYPO3\CMS\Version\View\VersionView;
 
 /**
  * Backend module page permissions
@@ -58,11 +60,6 @@ class PermissionController extends ActionController {
        protected $lastEdited;
 
        /**
-        * @var string
-        */
-       protected $permissionsClause;
-
-       /**
         * Number of levels to enable recursive settings for
         *
         * @var int
@@ -87,16 +84,16 @@ class PermissionController extends ActionController {
                }
 
                // determine depth parameter
-               $this->depth = ((int)GeneralUtility::_GP('depth') > 0) ? (int) GeneralUtility::_GP('depth') :
-                       $this->getBackendUser()->getSessionData(self::SESSION_PREFIX . 'depth');
+               $this->depth = ((int)GeneralUtility::_GP('depth') > 0)
+                       ? (int) GeneralUtility::_GP('depth')
+                       : $this->getBackendUser()->getSessionData(self::SESSION_PREFIX . 'depth');
                if ($this->request->hasArgument('depth')) {
                        $this->depth = (int)$this->request->getArgument('depth');
                }
                $this->getBackendUser()->setAndSaveSessionData(self::SESSION_PREFIX . 'depth', $this->depth);
                $this->lastEdited = GeneralUtility::_GP('lastEdited');
                $this->returnId = GeneralUtility::_GP('returnId');
-               $this->permissionsClause = $this->getBackendUser()->getPagePermsClause(1);
-               $this->pageInfo = BackendUtility::readPageAccess($this->id, $this->permissionsClause);
+               $this->pageInfo = BackendUtility::readPageAccess($this->id, ' 1=1');
        }
 
        /**
@@ -107,12 +104,12 @@ class PermissionController extends ActionController {
         */
        protected function initializeView(ViewInterface $view) {
                $view->assign(
-                               'previewUrl',
-                               BackendUtility::viewonclick(
-                                       $this->pageInfo['uid'], $GLOBALS['BACK_PATH'],
-                                       BackendUtility::BEgetRootLine($this->pageInfo['uid'])
-                               )
-                       );
+                       'previewUrl',
+                       BackendUtility::viewonclick(
+                               $this->pageInfo['uid'], $GLOBALS['BACK_PATH'],
+                               BackendUtility::BEgetRootLine($this->pageInfo['uid'])
+                       )
+               );
        }
 
        /**
@@ -121,147 +118,130 @@ class PermissionController extends ActionController {
         * @return void
         */
        public function indexAction() {
-               // Checking access:
-               if ($this->checkAccess()) {
-                       if ($this->getBackendUser()->isAdmin() && !$this->id) {
-                               $this->pageInfo = array('title' => '[root-level]', 'uid' => 0, 'pid' => 0);
-                       }
-
-                       $this->view->assign('versionSelector', $this->getVersionSelector($this->id, TRUE));
-                       if ($this->getBackendUser()->workspace != 0) {
-                               // Adding section with the permission setting matrix:
-                               $this->addFlashMessage(
-                                       LocalizationUtility::translate('LLL:EXT:beuser/Resources/Private/Language/locallang_mod_permission.xlf:WorkspaceWarningText', 'beuser'),
-                                       LocalizationUtility::translate('LLL:EXT:beuser/Resources/Private/Language/locallang_mod_permission.xlf:WorkspaceWarning', 'beuser'),
-                                       FlashMessage::WARNING
-                               );
-                       }
+               if (!$this->id) {
+                       $this->pageInfo = array('title' => '[root-level]', 'uid' => 0, 'pid' => 0);
+               }
 
-                       // depth options
-                       $depthOptions = array();
-                       $url = $this->uriBuilder->reset()->setArguments(array(
-                               'action' => 'index',
-                               'depth' => '__DEPTH__',
-                               'id' => $this->id
-                       ))->buildBackendUri();
-                       foreach (array(1, 2, 3, 4, 10) as $depthLevel) {
-                               $depthOptions[$depthLevel] = $depthLevel . ' ' . LocalizationUtility::translate('LLL:EXT:beuser/Resources/Private/Language/locallang_mod_permission.xlf:levels', 'beuser');
-                       }
-                       $this->view->assign('depthBaseUrl', $url);
-                       $this->view->assign('depth', $this->depth);
-                       $this->view->assign('depthOptions', $depthOptions);
-
-                       // Get usernames and groupnames: The arrays we get in return contains only
-                       // 1) users which are members of the groups of the current user,
-                       // 2) groups that the current user is member of
-                       $beGroupKeys = $this->getBackendUser()->userGroupsUID;
-                       $beUserArray = BackendUtility::getUserNames();
-                       if (!$this->getBackendUser()->isAdmin()) {
-                               $beUserArray = BackendUtility::blindUserNames($beUserArray, $beGroupKeys, 0);
-                       }
-                       $beGroupArray = BackendUtility::getGroupNames();
-                       if (!$this->getBackendUser()->isAdmin()) {
-                               $beGroupArray = BackendUtility::blindGroupNames($beGroupArray, $beGroupKeys, 0);
-                       }
+               $this->view->assign('versionSelector', $this->getVersionSelector($this->id, TRUE));
+               if ($this->getBackendUser()->workspace != 0) {
+                       // Adding section with the permission setting matrix:
+                       $this->addFlashMessage(
+                               LocalizationUtility::translate('LLL:EXT:beuser/Resources/Private/Language/locallang_mod_permission.xlf:WorkspaceWarningText', 'beuser'),
+                               LocalizationUtility::translate('LLL:EXT:beuser/Resources/Private/Language/locallang_mod_permission.xlf:WorkspaceWarning', 'beuser'),
+                               FlashMessage::WARNING
+                       );
+               }
 
-                       /** @var \TYPO3\CMS\Backend\Tree\View\PageTreeView */
-                       $tree = GeneralUtility::makeInstance(\TYPO3\CMS\Backend\Tree\View\PageTreeView::class);
-                       $tree->init('AND ' . $this->permissionsClause);
-                       $tree->addField('perms_user', TRUE);
-                       $tree->addField('perms_group', TRUE);
-                       $tree->addField('perms_everybody', TRUE);
-                       $tree->addField('perms_userid', TRUE);
-                       $tree->addField('perms_groupid', TRUE);
-                       $tree->addField('hidden');
-                       $tree->addField('fe_group');
-                       $tree->addField('starttime');
-                       $tree->addField('endtime');
-                       $tree->addField('editlock');
-
-                       // Creating top icon; the current page
-                       $html = IconUtility::getSpriteIconForRecord('pages', $this->pageInfo);
-                       $tree->tree[] = array('row' => $this->pageInfo, 'HTML' => $html);
-
-                       // Create the tree from $this->id:
-                       $tree->getTree($this->id, $this->depth, '');
-
-                       // Traverse tree:
-                       $treeData = array();
-                       foreach ($tree->tree as $data) {
-                               $viewDataRow = array();
-                               $pageId = $data['row']['uid'];
-                               $viewData['pageId'] = $pageId;
-
-                               // User/Group names:
-                               if ($beUserArray[$data['row']['perms_userid']]) {
-                                       $userName = $beUserArray[$data['row']['perms_userid']]['username'];
-                               } else {
-                                       $userName = ($data['row']['perms_userid'] ? $data['row']['perms_userid'] : '');
-                               }
+               // depth options
+               $depthOptions = array();
+               $url = $this->uriBuilder->reset()->setArguments(array(
+                       'action' => 'index',
+                       'depth' => '__DEPTH__',
+                       'id' => $this->id
+               ))->buildBackendUri();
+               foreach (array(1, 2, 3, 4, 10) as $depthLevel) {
+                       $depthOptions[$depthLevel] = $depthLevel . ' ' . LocalizationUtility::translate('LLL:EXT:beuser/Resources/Private/Language/locallang_mod_permission.xlf:levels', 'beuser');
+               }
+               $this->view->assign('depthBaseUrl', $url);
+               $this->view->assign('depth', $this->depth);
+               $this->view->assign('depthOptions', $depthOptions);
 
-                               if ($data['row']['perms_userid'] && !$beUserArray[$data['row']['perms_userid']]) {
-                                       $userName = PermissionAjaxController::renderOwnername(
-                                               $pageId,
-                                               $data['row']['perms_userid'],
-                                               htmlspecialchars(GeneralUtility::fixed_lgd_cs($userName, 20)),
-                                               FALSE
-                                       );
-                               } else {
-                                       $userName = PermissionAjaxController::renderOwnername(
-                                               $pageId,
-                                               $data['row']['perms_userid'],
-                                               htmlspecialchars(GeneralUtility::fixed_lgd_cs($userName, 20))
-                                       );
-                               }
-                               $viewDataRow['userName'] = $userName;
+               $beUserArray = BackendUtility::getUserNames();
+               $beGroupArray = BackendUtility::getGroupNames();
 
-                               if ($beGroupArray[$data['row']['perms_groupid']]) {
-                                       $groupName = $beGroupArray[$data['row']['perms_groupid']]['title'];
-                               } else {
-                                       $groupName = $data['row']['perms_groupid'] ? $data['row']['perms_groupid'] : '';
-                               }
+               /** @var PageTreeView */
+               $tree = GeneralUtility::makeInstance(PageTreeView::class);
+               $tree->init('AND ' . $this->permissionsClause);
+               $tree->addField('perms_user', TRUE);
+               $tree->addField('perms_group', TRUE);
+               $tree->addField('perms_everybody', TRUE);
+               $tree->addField('perms_userid', TRUE);
+               $tree->addField('perms_groupid', TRUE);
+               $tree->addField('hidden');
+               $tree->addField('fe_group');
+               $tree->addField('starttime');
+               $tree->addField('endtime');
+               $tree->addField('editlock');
+
+               // Creating top icon; the current page
+               $html = IconUtility::getSpriteIconForRecord('pages', $this->pageInfo);
+               $tree->tree[] = array('row' => $this->pageInfo, 'HTML' => $html);
+
+               // Create the tree from $this->id:
+               $tree->getTree($this->id, $this->depth, '');
+
+               // Traverse tree:
+               $treeData = array();
+               foreach ($tree->tree as $data) {
+                       $viewDataRow = array();
+                       $pageId = $data['row']['uid'];
+                       $viewData['pageId'] = $pageId;
+
+                       // User/Group names:
+                       if ($beUserArray[$data['row']['perms_userid']]) {
+                               $userName = $beUserArray[$data['row']['perms_userid']]['username'];
+                       } else {
+                               $userName = ($data['row']['perms_userid'] ? $data['row']['perms_userid'] : '');
+                       }
 
-                               if ($data['row']['perms_groupid'] && !$beGroupArray[$data['row']['perms_groupid']]) {
-                                       $groupName = PermissionAjaxController::renderGroupname(
-                                               $pageId,
-                                               $data['row']['perms_groupid'],
-                                               htmlspecialchars(GeneralUtility::fixed_lgd_cs($groupName, 20)),
-                                               FALSE
-                                       );
-                               } else {
-                                       $groupName = PermissionAjaxController::renderGroupname(
-                                               $pageId, $data['row']['perms_groupid'],
-                                               htmlspecialchars(GeneralUtility::fixed_lgd_cs($groupName, 20))
-                                       );
-                               }
-                               $viewDataRow['groupName'] = $groupName;
+                       if ($data['row']['perms_userid'] && !$beUserArray[$data['row']['perms_userid']]) {
+                               $userName = PermissionAjaxController::renderOwnername(
+                                       $pageId,
+                                       $data['row']['perms_userid'],
+                                       htmlspecialchars(GeneralUtility::fixed_lgd_cs($userName, 20)),
+                                       FALSE
+                               );
+                       } else {
+                               $userName = PermissionAjaxController::renderOwnername(
+                                       $pageId,
+                                       $data['row']['perms_userid'],
+                                       htmlspecialchars(GeneralUtility::fixed_lgd_cs($userName, 20))
+                               );
+                       }
+                       $viewDataRow['userName'] = $userName;
 
-                               // Seeing if editing of permissions are allowed for that page:
-                               $viewData['editPermsAllowed'] = ($data['row']['perms_userid'] == $this->getBackendUser()->user['uid']
-                                       || $this->getBackendUser()->isAdmin());
+                       if ($beGroupArray[$data['row']['perms_groupid']]) {
+                               $groupName = $beGroupArray[$data['row']['perms_groupid']]['title'];
+                       } else {
+                               $groupName = $data['row']['perms_groupid'] ? $data['row']['perms_groupid'] : '';
+                       }
 
-                               $viewData['html'] = $this->getControllerDocumentTemplate()->wrapClickMenuOnIcon($data['HTML'], 'pages', $data['row']['uid'])
-                                       . htmlspecialchars(GeneralUtility::fixed_lgd_cs($data['row']['title'], 20));
-                               $viewData['id'] = $data['row']['_ORIG_uid'] ? $data['row']['_ORIG_uid'] : $pageId;
+                       if ($data['row']['perms_groupid'] && !$beGroupArray[$data['row']['perms_groupid']]) {
+                               $groupName = PermissionAjaxController::renderGroupname(
+                                       $pageId,
+                                       $data['row']['perms_groupid'],
+                                       htmlspecialchars(GeneralUtility::fixed_lgd_cs($groupName, 20)),
+                                       FALSE
+                               );
+                       } else {
+                               $groupName = PermissionAjaxController::renderGroupname(
+                                       $pageId, $data['row']['perms_groupid'],
+                                       htmlspecialchars(GeneralUtility::fixed_lgd_cs($groupName, 20))
+                               );
+                       }
+                       $viewDataRow['groupName'] = $groupName;
 
-                               $viewData['userPermissions'] = ($pageId ?
-                                       PermissionAjaxController::renderPermissions($data['row']['perms_user'], $pageId, 'user') .
-                                       ' ' . $userName : '');
-                               $viewData['groupPermissions'] = ($pageId ?
-                                       PermissionAjaxController::renderPermissions($data['row']['perms_group'], $pageId, 'group') .
-                                       ' ' . $groupName : '');
-                               $viewData['otherPermissions'] = ($pageId ? ' ' .
-                                       PermissionAjaxController::renderPermissions($data['row']['perms_everybody'], $pageId, 'everybody') : '');
+                       $viewData['html'] = $this->getControllerDocumentTemplate()->wrapClickMenuOnIcon($data['HTML'], 'pages', $data['row']['uid'])
+                               . htmlspecialchars(GeneralUtility::fixed_lgd_cs($data['row']['title'], 20));
+                       $viewData['id'] = $data['row']['_ORIG_uid'] ? $data['row']['_ORIG_uid'] : $pageId;
 
-                               $viewData['editLock'] = ($data['row']['editlock']) ? TRUE : FALSE;
+                       $viewData['userPermissions'] = ($pageId ?
+                               PermissionAjaxController::renderPermissions($data['row']['perms_user'], $pageId, 'user') .
+                               ' ' . $userName : '');
+                       $viewData['groupPermissions'] = ($pageId ?
+                               PermissionAjaxController::renderPermissions($data['row']['perms_group'], $pageId, 'group') .
+                               ' ' . $groupName : '');
+                       $viewData['otherPermissions'] = ($pageId ? ' ' .
+                               PermissionAjaxController::renderPermissions($data['row']['perms_everybody'], $pageId, 'everybody') : '');
 
-                               $treeData[] = $viewData;
-                       }
-                       $this->view->assign('viewTree', $treeData);
+                       $viewData['editLock'] = ($data['row']['editlock']) ? TRUE : FALSE;
 
-                       // CSH for permissions setting
-                       $this->view->assign('cshItem', BackendUtility::cshItem('xMOD_csh_corebe', 'perm_module', $GLOBALS['BACK_PATH']));
+                       $treeData[] = $viewData;
                }
+               $this->view->assign('viewTree', $treeData);
+
+               // CSH for permissions setting
+               $this->view->assign('cshItem', BackendUtility::cshItem('xMOD_csh_corebe', 'perm_module', $GLOBALS['BACK_PATH']));
        }
 
        /**
@@ -273,52 +253,41 @@ class PermissionController extends ActionController {
                $this->view->assign('id', $this->id);
                $this->view->assign('depth', $this->depth);
 
-               // Checking access:
-               if ($this->checkAccess()) {
-                       if ($this->getBackendUser()->isAdmin() && !$this->id) {
-                               $this->pageInfo = array('title' => '[root-level]', 'uid' => 0, 'pid' => 0);
-                       }
-                       if ($this->getBackendUser()->workspace != 0) {
-                               // Adding FlashMessage with the permission setting matrix:
-                               $this->addFlashMessage(
-                                       LocalizationUtility::translate('LLL:EXT:beuser/Resources/Private/Language/locallang_mod_permission.xlf:WorkspaceWarningText', 'beuser'),
-                                       LocalizationUtility::translate('LLL:EXT:beuser/Resources/Private/Language/locallang_mod_permission.xlf:WorkspaceWarning', 'beuser'),
-                                       FlashMessage::WARNING
-                               );
-                       }
-                       // Get usernames and groupnames
-                       $beGroupArray = BackendUtility::getListGroupNames('title,uid');
-                       $beGroupKeys  = array_keys($beGroupArray);
-                       $beUserArray  = BackendUtility::getUserNames();
-                       if (!$this->getBackendUser()->isAdmin()) {
-                               $beUserArray = BackendUtility::blindUserNames($beUserArray, $beGroupKeys, 1);
-                       }
-                       $beGroupArrayO = ($beGroupArray = BackendUtility::getGroupNames());
-                       if (!$this->getBackendUser()->isAdmin()) {
-                               $beGroupArray = BackendUtility::blindGroupNames($beGroupArrayO, $beGroupKeys, 1);
-                       }
-
-                       // Owner selector
-                       $beUserDataArray = array(0 => LocalizationUtility::translate('LLL:EXT:beuser/Resources/Private/Language/locallang_mod_permission.xlf:selectNone', 'beuser'));
-                       foreach ($beUserArray as $uid => &$row) {
-                               $beUserDataArray[$uid] = $row['username'];
-                       }
-                       $beUserDataArray[-1] = LocalizationUtility::translate('LLL:EXT:beuser/Resources/Private/Language/locallang_mod_permission.xlf:selectUnchanged', 'beuser');
-                       $this->view->assign('currentBeUser', $this->pageInfo['perms_userid']);
-                       $this->view->assign('beUserData', $beUserDataArray);
-
-                       // Group selector
-                       $beGroupDataArray = array(0 => LocalizationUtility::translate('LLL:EXT:beuser/Resources/Private/Language/locallang_mod_permission.xlf:selectNone', 'beuser'));
-                       foreach ($beGroupArray as $uid => $row) {
-                               $beGroupDataArray[$uid] = $row['title'];
-                       }
-                       $beGroupDataArray[-1] = LocalizationUtility::translate('LLL:EXT:beuser/Resources/Private/Language/locallang_mod_permission.xlf:selectUnchanged', 'beuser');
-                       $this->view->assign('currentBeGroup', $this->pageInfo['perms_groupid']);
-                       $this->view->assign('beGroupData', $beGroupDataArray);
-                       $this->view->assign('pageInfo', $this->pageInfo);
-                       $this->view->assign('returnId', $this->returnId);
-                       $this->view->assign('recursiveSelectOptions', $this->getRecursiveSelectOptions());
+               if (!$this->id) {
+                       $this->pageInfo = array('title' => '[root-level]', 'uid' => 0, 'pid' => 0);
+               }
+               if ($this->getBackendUser()->workspace != 0) {
+                       // Adding FlashMessage with the permission setting matrix:
+                       $this->addFlashMessage(
+                               LocalizationUtility::translate('LLL:EXT:beuser/Resources/Private/Language/locallang_mod_permission.xlf:WorkspaceWarningText', 'beuser'),
+                               LocalizationUtility::translate('LLL:EXT:beuser/Resources/Private/Language/locallang_mod_permission.xlf:WorkspaceWarning', 'beuser'),
+                               FlashMessage::WARNING
+                       );
                }
+               // Get usernames and groupnames
+               $beGroupArray = BackendUtility::getListGroupNames('title,uid');
+               $beUserArray  = BackendUtility::getUserNames();
+
+               // Owner selector
+               $beUserDataArray = array(0 => LocalizationUtility::translate('LLL:EXT:beuser/Resources/Private/Language/locallang_mod_permission.xlf:selectNone', 'beuser'));
+               foreach ($beUserArray as $uid => &$row) {
+                       $beUserDataArray[$uid] = $row['username'];
+               }
+               $beUserDataArray[-1] = LocalizationUtility::translate('LLL:EXT:beuser/Resources/Private/Language/locallang_mod_permission.xlf:selectUnchanged', 'beuser');
+               $this->view->assign('currentBeUser', $this->pageInfo['perms_userid']);
+               $this->view->assign('beUserData', $beUserDataArray);
+
+               // Group selector
+               $beGroupDataArray = array(0 => LocalizationUtility::translate('LLL:EXT:beuser/Resources/Private/Language/locallang_mod_permission.xlf:selectNone', 'beuser'));
+               foreach ($beGroupArray as $uid => $row) {
+                       $beGroupDataArray[$uid] = $row['title'];
+               }
+               $beGroupDataArray[-1] = LocalizationUtility::translate('LLL:EXT:beuser/Resources/Private/Language/locallang_mod_permission.xlf:selectUnchanged', 'beuser');
+               $this->view->assign('currentBeGroup', $this->pageInfo['perms_groupid']);
+               $this->view->assign('beGroupData', $beGroupDataArray);
+               $this->view->assign('pageInfo', $this->pageInfo);
+               $this->view->assign('returnId', $this->returnId);
+               $this->view->assign('recursiveSelectOptions', $this->getRecursiveSelectOptions());
        }
 
        /**
@@ -329,31 +298,28 @@ class PermissionController extends ActionController {
         * @return void
         */
        protected function updateAction(array $data, array $mirror) {
-               // Checking access:
-               if ($this->checkAccess()) {
-                       if (!empty($data['pages'])) {
-                               foreach ($data['pages'] as $pageUid => $properties) {
-                                       // if the owner and group field shouldn't be touched, unset the option
-                                       if ((int)$properties['perms_userid'] === -1) {
-                                               unset($properties['perms_userid']);
-                                       }
-                                       if ((int)$properties['perms_groupid'] === -1) {
-                                               unset($properties['perms_groupid']);
-                                       }
-                                       $this->getDatabaseConnection()->exec_UPDATEquery(
-                                               'pages',
-                                               'uid = ' . (int)$pageUid,
-                                               $properties
-                                       );
-                                       if (!empty($mirror['pages'][$pageUid])) {
-                                               $mirrorPages = GeneralUtility::trimExplode(',', $mirror['pages'][$pageUid]);
-                                               foreach ($mirrorPages as $mirrorPageUid) {
-                                                       $this->getDatabaseConnection()->exec_UPDATEquery(
-                                                               'pages',
-                                                               'uid = ' . (int)$mirrorPageUid,
-                                                               $properties
-                                                       );
-                                               }
+               if (!empty($data['pages'])) {
+                       foreach ($data['pages'] as $pageUid => $properties) {
+                               // if the owner and group field shouldn't be touched, unset the option
+                               if ((int)$properties['perms_userid'] === -1) {
+                                       unset($properties['perms_userid']);
+                               }
+                               if ((int)$properties['perms_groupid'] === -1) {
+                                       unset($properties['perms_groupid']);
+                               }
+                               $this->getDatabaseConnection()->exec_UPDATEquery(
+                                       'pages',
+                                       'uid = ' . (int)$pageUid,
+                                       $properties
+                               );
+                               if (!empty($mirror['pages'][$pageUid])) {
+                                       $mirrorPages = GeneralUtility::trimExplode(',', $mirror['pages'][$pageUid]);
+                                       foreach ($mirrorPages as $mirrorPageUid) {
+                                               $this->getDatabaseConnection()->exec_UPDATEquery(
+                                                       'pages',
+                                                       'uid = ' . (int)$mirrorPageUid,
+                                                       $properties
+                                               );
                                        }
                                }
                        }
@@ -389,7 +355,7 @@ class PermissionController extends ActionController {
         */
        protected function getRecursiveSelectOptions() {
                // Initialize tree object:
-               $tree = GeneralUtility::makeInstance(\TYPO3\CMS\Backend\Tree\View\PageTreeView::class);
+               $tree = GeneralUtility::makeInstance(PageTreeView::class);
                $tree->init('AND ' . $this->permissionsClause);
                $tree->addField('perms_userid', TRUE);
                $tree->makeHTML = 0;
@@ -410,9 +376,7 @@ class PermissionController extends ActionController {
                        for ($a = $this->getLevels; $a > 0; $a--) {
                                if (is_array($tree->orig_ids_hierarchy[$a])) {
                                        foreach ($tree->orig_ids_hierarchy[$a] as $theId) {
-                                               if ($this->getBackendUser()->isAdmin() || $this->getBackendUser()->user['uid'] == $tree->recs[$theId]['perms_userid']) {
-                                                       $theIdListArr[] = $theId;
-                                               }
+                                               $theIdListArr[] = $theId;
                                        }
                                        $lKey = $this->getLevels - $a + 1;
                                        $options[implode(',', $theIdListArr)] = $labelRecursive . ' ' . $lKey . ' ' . $labelLevels .
@@ -436,24 +400,10 @@ class PermissionController extends ActionController {
                        ExtensionManagementUtility::isLoaded('version') &&
                        !ExtensionManagementUtility::isLoaded('workspaces')
                ) {
-                       $versionView = GeneralUtility::makeInstance(\TYPO3\CMS\Version\View\VersionView::class);
+                       $versionView = GeneralUtility::makeInstance(VersionView::class);
                        return $versionView->getVersionSelector($id, $noAction);
                }
                return '';
        }
 
-       /**
-        * Check access
-        *
-        * @return bool check access
-        */
-       protected function checkAccess() {
-               $access = is_array($this->pageInfo);
-               // Checking access:
-               if ($this->id && $access || $this->getBackendUser()->isAdmin() && !$this->id) {
-                       return TRUE;
-               }
-               return FALSE;
-       }
-
 }
index 0b829de..e05a1c3 100644 (file)
                                                                </td>
                                                        </f:else>
                                                </f:if>
-                                               <f:if condition="{data.editPermsAllowed}">
-                                                       <f:then>
-                                                               <td>
-                                                                       <f:if condition="{data.id} > 0">
-                                                                               <f:link.action action="edit" arguments="{id: data.id, depth: depth}" title="{f:translate(key: 'LLL:EXT:beuser/Resources/Private/Language/locallang_mod_permission.xlf:ch_permissions')}">
-                                                                                       <bu:spriteManagerIcon iconName="actions-document-open" />
-                                                                               </f:link.action>
-                                                                       </f:if>
-                                                               </td>
-                                                       </f:then>
-                                                       <f:else>
-                                                               <td></td>
-                                                       </f:else>
-                                               </f:if>
+                                               <td>
+                                                       <f:if condition="{data.id} > 0">
+                                                               <f:link.action action="edit" arguments="{id: data.id, depth: depth}" title="{f:translate(key: 'LLL:EXT:beuser/Resources/Private/Language/locallang_mod_permission.xlf:ch_permissions')}">
+                                                                       <bu:spriteManagerIcon iconName="actions-document-open" />
+                                                               </f:link.action>
+                                                       </f:if>
+                                               </td>
                                                <td nowrap="nowrap"><f:format.raw>{data.userPermissions}</f:format.raw></td>
                                                <td nowrap="nowrap"><f:format.raw>{data.groupPermissions}</f:format.raw></td>
                                                <td nowrap="nowrap"><f:format.raw>{data.otherPermissions}</f:format.raw></td>