Fixed bug #15189: Frontend Editing edit panels are shown for content element types...
authorJeff Segars <jsegars@alumni.rice.edu>
Mon, 29 Nov 2010 21:41:44 +0000 (21:41 +0000)
committerJeff Segars <jsegars@alumni.rice.edu>
Mon, 29 Nov 2010 21:41:44 +0000 (21:41 +0000)
git-svn-id: https://svn.typo3.org/TYPO3v4/Core/branches/TYPO3_4-4@9678 709f56b5-9817-0410-a4d7-c38de5d9e867

ChangeLog
t3lib/class.t3lib_frontendedit.php

index 646e88b..97b02b7 100755 (executable)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+2010-11-29  Jeff Segars  <jeff@webempoweredchurch.org>
+
+       * Fixed bug #15189: Frontend Editing edit panels are shown for content element types that cannot be edited
+
 2010-11-29  Francois Suter  <francois@typo3.org>
 
        * Fixed bug #16583: Localization overview has no color-coded status anymore
index 995d8c3..b187aa2 100644 (file)
@@ -84,6 +84,9 @@ class t3lib_frontendedit {
                if ($conf['newRecordFromTable']) {
                        $currentRecord = $conf['newRecordFromTable'] . ':NEW';
                        $conf['allow'] = 'new';
+                       $checkEditAccessInternals = FALSE;
+               } else {
+                       $checkEditAccessInternals = TRUE;
                }
 
                list($table, $uid) = explode(':', $currentRecord);
@@ -105,7 +108,7 @@ class t3lib_frontendedit {
                        }
                }
 
-               if ($GLOBALS['TSFE']->displayEditIcons && $table && $this->allowedToEdit($table, $dataArray, $conf) && $this->allowedToEditLanguage($table, $dataArray)) {
+               if ($GLOBALS['TSFE']->displayEditIcons && $table && $this->allowedToEdit($table, $dataArray, $conf, $checkEditAccessInternals) && $this->allowedToEditLanguage($table, $dataArray)) {
                        $editClass = $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/classes/class.frontendedit.php']['edit'];
                        if ($editClass) {
                                $edit = t3lib_div::getUserObj($editClass, false);
@@ -497,40 +500,50 @@ class t3lib_frontendedit {
         * @param       string  The name of the table.
         * @param       array   The data array.
         * @param       array   The configuration array for the edit panel.
+        * @param       boolean Boolean indicating whether recordEditAccessInternals should not be checked. Defaults
+        *                                      to true but doesn't makes sense when creating new records on a page.
         * @return      boolean
         */
-       protected function allowedToEdit($table, array $dataArray, array $conf) {
+       protected function allowedToEdit($table, array $dataArray, array $conf, $checkEditAccessInternals = TRUE) {
 
                        // Unless permissions specifically allow it, editing is not allowed.
-               $mayEdit = false;
+               $mayEdit = FALSE;
 
-               if ($table=='pages') {
-                               // 2 = permission to edit the page
-                       if ($GLOBALS['BE_USER']->isAdmin() || $GLOBALS['BE_USER']->doesUserHaveAccess($dataArray, 2)) {
-                               $mayEdit = true;
-                       }
+               if ($checkEditAccessInternals) {
+                       $editAccessInternals = $GLOBALS['BE_USER']->recordEditAccessInternals($table, $dataArray, FALSE, FALSE);
                } else {
-                               // 16 = permission to edit content on the page
-                       if ($GLOBALS['BE_USER']->isAdmin() || $GLOBALS['BE_USER']->doesUserHaveAccess(t3lib_BEfunc::getRecord('pages', $dataArray['pid']), 16)) {
-                               $mayEdit = true;
-                       }
+                       $editAccessInternals = TRUE;
                }
+               
+               if ($editAccessInternals) {
+                       if ($table=='pages') {
+                                       // 2 = permission to edit the page
+                               if ($GLOBALS['BE_USER']->isAdmin() || $GLOBALS['BE_USER']->doesUserHaveAccess($dataArray, 2)) {
+                                       $mayEdit = true;
+                               }
+                       } else {
+                                       // 16 = permission to edit content on the page
+                               if ($GLOBALS['BE_USER']->isAdmin() || $GLOBALS['BE_USER']->doesUserHaveAccess(t3lib_BEfunc::getRecord('pages', $dataArray['pid']), 16)) {
+                                       $mayEdit = true;
+                               }
+                       }
 
-               if (!$conf['onlyCurrentPid'] || ($dataArray['pid'] == $GLOBALS['TSFE']->id)) {
-                               // Permissions:
-                       $types = t3lib_div::trimExplode(',', t3lib_div::strtolower($conf['allow']),1);
-                       $allow = array_flip($types);
+                       if (!$conf['onlyCurrentPid'] || ($dataArray['pid'] == $GLOBALS['TSFE']->id)) {
+                                       // Permissions:
+                               $types = t3lib_div::trimExplode(',', t3lib_div::strtolower($conf['allow']),1);
+                               $allow = array_flip($types);
 
-                       $perms = $GLOBALS['BE_USER']->calcPerms($GLOBALS['TSFE']->page);
-                       if ($table == 'pages') {
-                               $allow = $this->getAllowedEditActions($table, $conf, $dataArray['pid'], $allow);
+                               $perms = $GLOBALS['BE_USER']->calcPerms($GLOBALS['TSFE']->page);
+                               if ($table == 'pages') {
+                                       $allow = $this->getAllowedEditActions($table, $conf, $dataArray['pid'], $allow);
 
-                                       // Can only display editbox if there are options in the menu
-                               if (count($allow)) {
-                                       $mayEdit = true;
+                                               // Can only display editbox if there are options in the menu
+                                       if (count($allow)) {
+                                               $mayEdit = true;
+                                       }
+                               } else {
+                                       $mayEdit = count($allow) && ($perms & 16);
                                }
-                       } else {
-                               $mayEdit = count($allow) && ($perms & 16);
                        }
                }