Commit 263ad4a5 authored by Alexander Schnitzler's avatar Alexander Schnitzler Committed by Anja Leichsenring
Browse files

[TASK] Make Permission class a BitSet instead of Enumeration

The Permission class unnecessarily had been implemented as
Enumeration although the features of the Enumeration base
class hadn't been used.

As the Permission class only handles boolean flags, it is
now implemented as bit set, which improves the performance
in comparison to Enumeration classes.

Releases: master
Resolves: #89465
Change-Id: I73eff34090a7ea8e02f7d538e2db52045c86d438
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61099

Tested-by: default avatarTYPO3com <noreply@typo3.com>
Tested-by: Benni Mack's avatarBenni Mack <benni@typo3.org>
Tested-by: Christian Kuhn's avatarChristian Kuhn <lolli@schwarzbu.ch>
Tested-by: Anja Leichsenring's avatarAnja Leichsenring <aleichsenring@ab-softlab.de>
Reviewed-by: Benni Mack's avatarBenni Mack <benni@typo3.org>
Reviewed-by: Oliver Bartsch's avatarOliver Bartsch <bo@cedev.de>
Reviewed-by: Christian Kuhn's avatarChristian Kuhn <lolli@schwarzbu.ch>
Reviewed-by: Anja Leichsenring's avatarAnja Leichsenring <aleichsenring@ab-softlab.de>
parent a7cd6421
......@@ -277,7 +277,7 @@ class PageProvider extends RecordProvider
*/
protected function initPermissions()
{
$this->pagePermissions = $this->backendUser->calcPerms($this->record);
$this->pagePermissions = new Permission($this->backendUser->calcPerms($this->record));
$this->languageAccess = $this->hasLanguageAccess();
}
......
......@@ -47,9 +47,9 @@ class RecordProvider extends AbstractProvider
/**
* Local cache for the result of BackendUserAuthentication::calcPerms()
*
* @var int
* @var Permission
*/
protected $pagePermissions = 0;
protected $pagePermissions;
/**
* @var array
......@@ -270,7 +270,7 @@ class RecordProvider extends AbstractProvider
protected function initPermissions()
{
$this->pageRecord = BackendUtility::getRecord('pages', $this->record['pid']);
$this->pagePermissions = $this->backendUser->calcPerms($this->pageRecord);
$this->pagePermissions = new Permission($this->backendUser->calcPerms($this->pageRecord));
}
/**
......@@ -282,7 +282,7 @@ class RecordProvider extends AbstractProvider
*/
protected function hasPagePermission(int $permission): bool
{
return $this->backendUser->isAdmin() || ($this->pagePermissions & $permission) == $permission;
return $this->backendUser->isAdmin() || $this->pagePermissions->isGranted($permission);
}
/**
......
......@@ -1110,11 +1110,11 @@ class EditDocumentController
$command === 'edit'
|| $command === 'new'
) {
$permission = $formData['userPermissionOnPage'];
$permission = new Permission($formData['userPermissionOnPage']);
if ($formData['tableName'] === 'pages') {
$deleteAccess = $permission & Permission::PAGE_DELETE ? true : false;
$deleteAccess = $permission->get(Permission::PAGE_DELETE);
} else {
$deleteAccess = $permission & Permission::CONTENT_EDIT ? true : false;
$deleteAccess = $permission->get(Permission::CONTENT_EDIT);
}
}
......
......@@ -100,8 +100,8 @@ class NewMultiplePagesController
'EXT:backend/Resources/Private/Templates/Page/NewPages.html'
));
$calculatedPermissions = $backendUser->calcPerms($pageRecord);
$canCreateNew = $backendUser->isAdmin() || $calculatedPermissions & Permission::PAGE_NEW;
$calculatedPermissions = new Permission($backendUser->calcPerms($pageRecord));
$canCreateNew = $backendUser->isAdmin() || $calculatedPermissions->createPagePermissionIsGranted();
$view->assign('canCreateNew', $canCreateNew);
$view->assign('maxTitleLength', $backendUser->uc['titleLen'] ?? 20);
......@@ -119,8 +119,8 @@ class NewMultiplePagesController
$subPages = $this->getSubPagesOfPage($pageUid);
$visiblePages = [];
foreach ($subPages as $page) {
$calculatedPermissions = $backendUser->calcPerms($page);
if ($backendUser->isAdmin() || $calculatedPermissions & Permission::PAGE_SHOW) {
$calculatedPermissions = new Permission($backendUser->calcPerms($page));
if ($backendUser->isAdmin() || $calculatedPermissions->showPagePermissionIsGranted()) {
$visiblePages[] = $page;
}
}
......
......@@ -121,9 +121,9 @@ class SortSubPagesController
foreach ($pageRecords as $page) {
$pageWithPermissions = [];
$pageWithPermissions['record'] = $page;
$calculatedPermissions = $backendUser->calcPerms($page);
$pageWithPermissions['canEdit'] = $backendUser->isAdmin() || $calculatedPermissions & Permission::PAGE_EDIT;
$canSeePage = $backendUser->isAdmin() || $calculatedPermissions & Permission::PAGE_SHOW;
$calculatedPermissions = new Permission($backendUser->calcPerms($page));
$pageWithPermissions['canEdit'] = $backendUser->isAdmin() || $calculatedPermissions->editPagePermissionIsGranted();
$canSeePage = $backendUser->isAdmin() || $calculatedPermissions->showPagePermissionIsGranted();
if ($canSeePage) {
$subPages[] = $pageWithPermissions;
} else {
......
......@@ -40,14 +40,14 @@ class AbstractWizardController
if (is_array($record)) {
// If pages:
if ($table === 'pages') {
$calculatedPermissions = $this->getBackendUserAuthentication()->calcPerms($record);
$hasAccess = $calculatedPermissions & Permission::PAGE_EDIT;
$calculatedPermissions = new Permission($this->getBackendUserAuthentication()->calcPerms($record));
$hasAccess = $calculatedPermissions->editPagePermissionIsGranted();
} else {
// Fetching pid-record first.
$calculatedPermissions = $this->getBackendUserAuthentication()->calcPerms(
$calculatedPermissions = new Permission($this->getBackendUserAuthentication()->calcPerms(
BackendUtility::getRecord('pages', $record['pid'])
);
$hasAccess = $calculatedPermissions & Permission::CONTENT_EDIT;
));
$hasAccess = $calculatedPermissions->editContentPermissionIsGranted();
}
// Check internals regarding access:
if ($hasAccess) {
......
......@@ -445,14 +445,14 @@ class InlineRecordContainer extends AbstractContainer
$isSysFileReferenceTable = $foreignTable === 'sys_file_reference';
$enableManualSorting = $tcaTableCtrl['sortby'] || $inlineConfig['MM'] || !$data['isOnSymmetricSide']
&& $inlineConfig['foreign_sortby'] || $data['isOnSymmetricSide'] && $inlineConfig['symmetric_sortby'];
$calcPerms = $backendUser->calcPerms(BackendUtility::readPageAccess($rec['pid'], $backendUser->getPagePermsClause(Permission::PAGE_SHOW)));
$calcPerms = new Permission($backendUser->calcPerms(BackendUtility::readPageAccess($rec['pid'], $backendUser->getPagePermsClause(Permission::PAGE_SHOW))));
// If the listed table is 'pages' we have to request the permission settings for each page:
$localCalcPerms = false;
$localCalcPerms = new Permission(Permission::NOTHING);
if ($isPagesTable) {
$localCalcPerms = $backendUser->calcPerms(BackendUtility::getRecord('pages', $rec['uid']));
$localCalcPerms = new Permission($backendUser->calcPerms(BackendUtility::getRecord('pages', $rec['uid'])));
}
// This expresses the edit permissions for this particular element:
$permsEdit = $isPagesTable && $localCalcPerms & Permission::PAGE_EDIT || !$isPagesTable && $calcPerms & Permission::CONTENT_EDIT;
$permsEdit = ($isPagesTable && $localCalcPerms->editPagePermissionIsGranted()) || (!$isPagesTable && $calcPerms->editContentPermissionIsGranted());
// Controls: Defines which controls should be shown
$enabledControls = $inlineConfig['appearance']['enabledControls'];
// Hook: Can disable/enable single controls for specific child records:
......@@ -488,7 +488,7 @@ class InlineRecordContainer extends AbstractContainer
if (!$isParentReadOnly && !$tcaTableCtrl['readOnly'] && !$data['isInlineDefaultLanguageRecordInLocalizedParentContext']) {
// "New record after" link (ONLY if the records in the table are sorted by a "sortby"-row or if default values can depend on previous record):
if ($enabledControls['new'] && ($enableManualSorting || $tcaTableCtrl['useColumnsForDefaultValues'])) {
if (!$isPagesTable && $calcPerms & Permission::CONTENT_EDIT || $isPagesTable && $calcPerms & Permission::PAGE_NEW) {
if (!$isPagesTable && $calcPerms->editContentPermissionIsGranted() || $isPagesTable && $calcPerms->createPagePermissionIsGranted()) {
$style = '';
if ($inlineConfig['inline']['inlineNewButtonStyle']) {
$style = ' style="' . $inlineConfig['inline']['inlineNewButtonStyle'] . '"';
......@@ -563,9 +563,9 @@ class InlineRecordContainer extends AbstractContainer
}
}
// "Delete" link:
if ($enabledControls['delete'] && ($isPagesTable && $localCalcPerms & Permission::PAGE_DELETE
|| !$isPagesTable && $calcPerms & Permission::CONTENT_EDIT
|| $isSysFileReferenceTable && $calcPerms & Permission::PAGE_EDIT)
if ($enabledControls['delete'] && ($isPagesTable && $localCalcPerms->deletePagePermissionIsGranted()
|| !$isPagesTable && $calcPerms->editContentPermissionIsGranted()
|| $isSysFileReferenceTable && $calcPerms->editPagePermissionIsGranted())
) {
$title = htmlspecialchars($languageService->sL('LLL:EXT:core/Resources/Private/Language/locallang_mod_web_list.xlf:delete'));
$icon = $this->iconFactory->getIcon('actions-edit-delete', Icon::SIZE_SMALL)->render();
......
......@@ -71,17 +71,17 @@ class DatabaseUserPermissionCheck implements FormDataProviderInterface
$exception = null;
$userHasAccess = false;
$userPermissionOnPage = Permission::NOTHING;
$userPermissionOnPage = new Permission(Permission::NOTHING);
if ($result['command'] === 'new') {
// A new record is created. Access rights of parent record are important here
// @todo: In case of new inline child, parentPageRow should probably be the
// @todo: "inlineFirstPid" page - Maybe effectivePid and parentPageRow should be calculated differently then?
if (is_array($result['parentPageRow'])) {
// Record is added below an existing page
$userPermissionOnPage = $backendUser->calcPerms($result['parentPageRow']);
$userPermissionOnPage = new Permission($backendUser->calcPerms($result['parentPageRow']));
if ($result['tableName'] === 'pages') {
// New page is created, user needs PAGE_NEW for this
if ((bool)($userPermissionOnPage & Permission::PAGE_NEW)) {
if ($userPermissionOnPage->createPagePermissionIsGranted()) {
$userHasAccess = true;
} else {
$exception = new AccessDeniedPageNewException(
......@@ -91,7 +91,7 @@ class DatabaseUserPermissionCheck implements FormDataProviderInterface
}
} else {
// A regular record is added, not a page. User needs CONTENT_EDIT permission
if ((bool)($userPermissionOnPage & Permission::CONTENT_EDIT)) {
if ($userPermissionOnPage->editContentPermissionIsGranted()) {
$userHasAccess = true;
} else {
$exception = new AccessDeniedContentEditException(
......@@ -103,7 +103,7 @@ class DatabaseUserPermissionCheck implements FormDataProviderInterface
} elseif (BackendUtility::isRootLevelRestrictionIgnored($result['tableName'])) {
// Non admin is creating a record on root node for a table that is actively allowed
$userHasAccess = true;
$userPermissionOnPage = Permission::ALL;
$userPermissionOnPage->set(Permission::ALL);
} else {
// Non admin has no create permission on root node records
$exception = new AccessDeniedRootNodeException(
......@@ -115,8 +115,8 @@ class DatabaseUserPermissionCheck implements FormDataProviderInterface
// A page or a record on a page is edited
if ($result['tableName'] === 'pages') {
// A page record is edited, check edit rights of this record directly
$userPermissionOnPage = $backendUser->calcPerms($result['defaultLanguagePageRow'] ?? $result['databaseRow']);
if ((bool)($userPermissionOnPage & Permission::PAGE_EDIT) && $backendUser->check('pagetypes_select', $result['databaseRow'][$result['processedTca']['ctrl']['type']])) {
$userPermissionOnPage = new Permission($backendUser->calcPerms($result['defaultLanguagePageRow'] ?? $result['databaseRow']));
if ($userPermissionOnPage->editPagePermissionIsGranted() && $backendUser->check('pagetypes_select', $result['databaseRow'][$result['processedTca']['ctrl']['type']])) {
$userHasAccess = true;
} else {
$exception = new AccessDeniedPageEditException(
......@@ -128,8 +128,8 @@ class DatabaseUserPermissionCheck implements FormDataProviderInterface
// A non page record is edited.
if (isset($result['parentPageRow']) && is_array($result['parentPageRow'])) {
// If there is a parent page row, check content edit right of user
$userPermissionOnPage = $backendUser->calcPerms($result['parentPageRow']);
if ((bool)($userPermissionOnPage & Permission::CONTENT_EDIT)) {
$userPermissionOnPage = new Permission($backendUser->calcPerms($result['parentPageRow']));
if ($userPermissionOnPage->editContentPermissionIsGranted()) {
$userHasAccess = true;
} else {
$exception = new AccessDeniedContentEditException(
......@@ -140,7 +140,7 @@ class DatabaseUserPermissionCheck implements FormDataProviderInterface
} elseif (BackendUtility::isRootLevelRestrictionIgnored($result['tableName'])) {
// Non admin is editing a record on root node for a table that is actively allowed
$userHasAccess = true;
$userPermissionOnPage = Permission::ALL;
$userPermissionOnPage->set(Permission::ALL);
} else {
// Non admin has no edit permission on root node records
// @todo: This probably needs further handling, see http://review.typo3.org/40835
......@@ -209,7 +209,7 @@ class DatabaseUserPermissionCheck implements FormDataProviderInterface
throw $exception;
}
$result['userPermissionOnPage'] = $userPermissionOnPage;
$result['userPermissionOnPage'] = $userPermissionOnPage->__toInt();
return $result;
}
......
......@@ -158,10 +158,10 @@ class FrontendBackendUserAuthentication extends BackendUserAuthentication
$mayEdit = true;
}
} else {
$perms = $this->calcPerms($GLOBALS['TSFE']->page);
$perms = new Permission($this->calcPerms($GLOBALS['TSFE']->page));
$types = GeneralUtility::trimExplode(',', strtolower($conf['allow']), true);
$allow = array_flip($types);
$mayEdit = !empty($allow) && $perms & Permission::CONTENT_EDIT;
$mayEdit = !empty($allow) && $perms->editContentPermissionIsGranted();
}
}
}
......@@ -184,7 +184,7 @@ class FrontendBackendUserAuthentication extends BackendUserAuthentication
// Permissions
$types = GeneralUtility::trimExplode(',', strtolower($conf['allow']), true);
$allow = array_flip($types);
$perms = $this->calcPerms($GLOBALS['TSFE']->page);
$perms = new Permission($this->calcPerms($GLOBALS['TSFE']->page));
if ($table === 'pages') {
// Rootpage
if (count($GLOBALS['TSFE']->config['rootLine']) === 1) {
......@@ -192,15 +192,15 @@ class FrontendBackendUserAuthentication extends BackendUserAuthentication
unset($allow['hide']);
unset($allow['delete']);
}
if (!($perms & Permission::PAGE_EDIT) || !$this->checkLanguageAccess(0)) {
if (!$perms->editPagePermissionIsGranted() || !$this->checkLanguageAccess(0)) {
unset($allow['edit']);
unset($allow['move']);
unset($allow['hide']);
}
if (!($perms & Permission::PAGE_DELETE)) {
if (!$perms->deletePagePermissionIsGranted()) {
unset($allow['delete']);
}
if (!($perms & Permission::PAGE_NEW)) {
if (!$perms->createPagePermissionIsGranted()) {
unset($allow['new']);
}
}
......
......@@ -239,13 +239,13 @@ class LiveSearch
protected function getEditLink($tableName, $row)
{
$pageInfo = BackendUtility::readPageAccess($row['pid'], $this->userPermissions);
$calcPerms = $GLOBALS['BE_USER']->calcPerms($pageInfo);
$calcPerms = new Permission($GLOBALS['BE_USER']->calcPerms($pageInfo));
$editLink = '';
if ($tableName === 'pages') {
$localCalcPerms = $GLOBALS['BE_USER']->calcPerms(BackendUtility::getRecord('pages', $row['uid']));
$permsEdit = $localCalcPerms & Permission::PAGE_EDIT;
$localCalcPerms = new Permission($GLOBALS['BE_USER']->calcPerms(BackendUtility::getRecord('pages', $row['uid'])));
$permsEdit = $localCalcPerms->editPagePermissionIsGranted();
} else {
$permsEdit = $calcPerms & Permission::CONTENT_EDIT;
$permsEdit = $calcPerms->editContentPermissionIsGranted();
}
// "Edit" link - Only if permissions to edit the page-record of the content of the parent page ($this->id)
if ($permsEdit) {
......
......@@ -1515,6 +1515,9 @@ TCAdefaults.sys_note.email = ' . $this->user['email'];
while ($row = $res->fetch(\PDO::FETCH_ASSOC)) {
$this->userGroups[$row['uid']] = $row;
}
$permission = new Permission($this->user['options']);
// Traversing records in the correct order
foreach (explode(',', $grList) as $uid) {
// Get row:
......@@ -1531,11 +1534,11 @@ TCAdefaults.sys_note.email = ' . $this->user['email'];
// Add the group uid, current list to the internal arrays.
$this->includeGroupArray[] = $uid;
// Mount group database-mounts
if (($this->user['options'] & Permission::PAGE_SHOW) == 1) {
if ($permission->showPagePermissionIsGranted()) {
$this->dataLists['webmount_list'] .= ',' . $row['db_mountpoints'];
}
// Mount group file-mounts
if (($this->user['options'] & Permission::PAGE_EDIT) == 2) {
if ($permission->editPagePermissionIsGranted()) {
$this->dataLists['filemount_list'] .= ',' . $row['file_mountpoints'];
}
// The lists are made: groupMods, tables_select, tables_modify, pagetypes_select, non_exclude_fields, explicit_allowdeny, allowed_languages, custom_options
......@@ -1774,7 +1777,7 @@ TCAdefaults.sys_note.email = ' . $this->user['email'];
}
// Mount group home-dirs
if ((is_array($this->user) && $this->user['options'] & Permission::PAGE_EDIT) == 2 && $GLOBALS['TYPO3_CONF_VARS']['BE']['groupHomePath'] != '') {
if ((new Permission($this->user['options'] ?? Permission::NOTHING))->editPagePermissionIsGranted() && $GLOBALS['TYPO3_CONF_VARS']['BE']['groupHomePath'] != '') {
// If groupHomePath is set, we attempt to mount it
[$groupHomeStorageUid, $groupHomeFilter] = explode(':', $GLOBALS['TYPO3_CONF_VARS']['BE']['groupHomePath'], 2);
$groupHomeStorageUid = (int)$groupHomeStorageUid;
......@@ -2131,7 +2134,7 @@ TCAdefaults.sys_note.email = ' . $this->user['email'];
}
switch ((string)$wsRec['uid']) {
case '0':
$retVal = $this->groupData['workspace_perms'] & Permission::PAGE_SHOW
$retVal = (new Permission($this->groupData['workspace_perms'] ?? Permission::NOTHING))->showPagePermissionIsGranted()
? array_merge($wsRec, ['_ACCESS' => 'online'])
: false;
break;
......
......@@ -6248,6 +6248,7 @@ class DataHandler implements LoggerAwareInterface
*/
protected function doesRecordExist_pageLookUp($id, $perms, $columns = ['uid'])
{
$permission = new Permission($perms);
$cacheId = md5('doesRecordExist_pageLookUp_' . $id . '_' . $perms . '_' . implode(
'_',
$columns
......@@ -6268,11 +6269,11 @@ class DataHandler implements LoggerAwareInterface
'uid',
$queryBuilder->createNamedParameter($id, \PDO::PARAM_INT)
));
if ($perms && !$this->admin) {
if (!$permission->nothingIsGranted() && !$this->admin) {
$queryBuilder->andWhere($this->BE_USER->getPagePermsClause($perms));
}
if (!$this->admin && $GLOBALS['TCA']['pages']['ctrl']['editlock'] &&
$perms & Permission::PAGE_EDIT + Permission::PAGE_DELETE + Permission::CONTENT_EDIT
($permission->editPagePermissionIsGranted() || $permission->deletePagePermissionIsGranted() || $permission->editContentPermissionIsGranted())
) {
$queryBuilder->andWhere($queryBuilder->expr()->eq(
$GLOBALS['TCA']['pages']['ctrl']['editlock'],
......
......@@ -63,7 +63,7 @@ class BitSet
/**
* @var int
*/
private $set;
protected $set;
/**
* @param int $set
......
<?php
declare(strict_types=1);
/*
* This file is part of the TYPO3 CMS project.
*
......@@ -15,47 +17,47 @@
namespace TYPO3\CMS\Core\Type\Bitmask;
use TYPO3\CMS\Core\Type\Enumeration;
use TYPO3\CMS\Core\Type\BitSet;
/**
* A class providing constants for bitwise operations on page access check
*/
final class Permission extends Enumeration
final class Permission extends BitSet
{
/**
* @var int
*/
const NOTHING = 0;
public const NOTHING = 0;
/**
* @var int
*/
const PAGE_SHOW = 1;
public const PAGE_SHOW = 1;
/**
* @var int
*/
const PAGE_EDIT = 2;
public const PAGE_EDIT = 2;
/**
* @var int
*/
const PAGE_DELETE = 4;
public const PAGE_DELETE = 4;
/**
* @var int
*/
const PAGE_NEW = 8;
public const PAGE_NEW = 8;
/**
* @var int
*/
const CONTENT_EDIT = 16;
public const CONTENT_EDIT = 16;
/**
* @var int
*/
const ALL = 31;
public const ALL = 31;
/**
* Permission mapping
......@@ -78,4 +80,39 @@ final class Permission extends Enumeration
'editcontent' => static::CONTENT_EDIT
];
}
public function isGranted(int $permission): bool
{
return $this->get($permission);
}
public function nothingIsGranted(): bool
{
return $this->set === self::NOTHING;
}
public function showPagePermissionIsGranted(): bool
{
return $this->get(self::PAGE_SHOW);
}
public function editPagePermissionIsGranted(): bool
{
return $this->get(self::PAGE_EDIT);
}
public function createPagePermissionIsGranted(): bool
{
return $this->get(self::PAGE_NEW);
}
public function deletePagePermissionIsGranted(): bool
{
return $this->get(self::PAGE_DELETE);
}
public function editContentPermissionIsGranted(): bool
{
return $this->get(self::CONTENT_EDIT);
}
}
......@@ -136,7 +136,7 @@ class TableListViewHelper extends AbstractBackendViewHelper
$dblist = GeneralUtility::makeInstance(DatabaseRecordList::class);
$dblist->pageRow = $pageinfo;
if ($readOnly === false) {
$dblist->calcPerms = $GLOBALS['BE_USER']->calcPerms($pageinfo);
$dblist->calcPerms = new Permission($GLOBALS['BE_USER']->calcPerms($pageinfo));
}
$dblist->showClipboard = false;
$dblist->disableSingleTableView = true;
......
......@@ -200,7 +200,7 @@ class DatabaseBrowser extends AbstractElementBrowser implements ElementBrowserIn
$dbList = GeneralUtility::makeInstance(ElementBrowserRecordList::class);
$dbList->setOverrideUrlParameters($this->getUrlParameters([]));
$dbList->setIsEditable(false);
$dbList->calcPerms = $backendUser->calcPerms($pageInfo);
$dbList->calcPerms = new Permission($backendUser->calcPerms($pageInfo));
$dbList->noControlPanels = true;
$dbList->clickMenuEnabled = false;
$dbList->tableList = implode(',', $tablesArr);
......
......@@ -248,8 +248,8 @@ class RecordListController
$access = is_array($this->pageinfo);
$this->getPageRenderer()->loadRequireJsModule('TYPO3/CMS/Backend/AjaxDataHandler');
$calcPerms = $backendUser->calcPerms($this->pageinfo);
$userCanEditPage = $calcPerms & Permission::PAGE_EDIT && !empty($this->id) && ($backendUser->isAdmin() || (int)$this->pageinfo['editlock'] === 0);
$calcPerms = new Permission($backendUser->calcPerms($this->pageinfo));
$userCanEditPage = $calcPerms->editPagePermissionIsGranted() && !empty($this->id) && ($backendUser->isAdmin() || (int)$this->pageinfo['editlock'] === 0);
$pageActionsCallback = null;
if ($userCanEditPage) {
$pageActionsCallback = 'function(PageActions) {
......
......@@ -289,9 +289,9 @@ class DatabaseRecordList
/**
* Some permissions...
*
* @var int
* @var Permission
*/
public $calcPerms = 0;
public $calcPerms;
/**
* Mode for what happens when a user clicks the title of a record.
......@@ -491,6 +491,7 @@ class DatabaseRecordList
$this->iconFactory = GeneralUtility::makeInstance(IconFactory::class);
$this->uriBuilder = GeneralUtility::makeInstance(UriBuilder::class);
$this->translateTools = GeneralUtility::makeInstance(TranslationConfigurationProvider::class);
$this->calcPerms = new Permission();
}
/**
......@@ -506,7 +507,7 @@ class DatabaseRecordList
$backendUser = $this->getBackendUserAuthentication();
$lang = $this->getLanguageService();
// Get users permissions for this page record:
$localCalcPerms = $backendUser->calcPerms($this->pageRow);
$localCalcPerms = new Permission($backendUser->calcPerms($this->pageRow));
// CSH
if ((string)$this->id === '') {
$fieldName = 'list_module_noId';
......@@ -550,7 +551,7 @@ class DatabaseRecordList
}
// If edit permissions are set, see
// \TYPO3\CMS\Core\Authentication\BackendUserAuthentication
if ($localCalcPerms & Permission::PAGE_EDIT && !empty($this->id) && $this->editLockPermissions() && $backendUser->checkLanguageAccess(0)) {
if ($localCalcPerms->editPagePermissionIsGranted() && !empty($this->id) && $this->editLockPermissions() && $backendUser->checkLanguageAccess(0)) {
// Edit
$params = '&edit[pages][' . $this->pageRow['uid'] . ']=edit';
$editLink = $this->uriBuilder->buildUriFromRoute('record_edit') . $params . $this->makeReturnUrl();
......@@ -561,7 +562,7 @@ class DatabaseRecordList
$buttonBar->addButton($editButton, ButtonBar::BUTTON_POSITION_LEFT, 20);
}
// Paste
if ($this->showClipboard && ($localCalcPerms & Permission::PAGE_NEW || $localCalcPerms & Permission::CONTENT_EDIT) && $this->editLockPermissions()) {
if ($this->showClipboard && ($localCalcPerms->createPagePermissionIsGranted() || $localCalcPerms->editContentPermissionIsGranted()) && $this->editLockPermissions()) {
$elFromTable = $this->clipObj->elFromTable('');
if (!empty($elFromTable)) {
$confirmMessage = $this->clipObj->confirmMsgText('pages', $this->pageRow, 'into', $elFromTable);
......@@ -1319,7 +1320,13 @@ class DatabaseRecordList
// Traverse the fields:
foreach ($this->fieldArray as $fCol) {
// Calculate users permissions to edit records in the table:
$permsEdit = $this->calcPerms & ($table === 'pages' ? 2 : 16) && $this->overlayEditLockPermissions($table);