Commit 7d09e999 authored by Benni Mack's avatar Benni Mack Committed by Georg Ringer
Browse files

[CLEANUP] Use Permission constants consistently

Instead of integers, the permission constants
should be used throughout the TYPO3 Core.

Resolves: #83383
Releases: master
Change-Id: I00c10f97fc800d9533866c98284bbd22cd1bb575
Reviewed-on: https://review.typo3.org/55156

Tested-by: default avatarTYPO3com <no-reply@typo3.com>
Reviewed-by: Tymoteusz Motylewski's avatarTymoteusz Motylewski <t.motylewski@gmail.com>
Tested-by: Tymoteusz Motylewski's avatarTymoteusz Motylewski <t.motylewski@gmail.com>
Reviewed-by: Georg Ringer's avatarGeorg Ringer <georg.ringer@gmail.com>
Tested-by: Georg Ringer's avatarGeorg Ringer <georg.ringer@gmail.com>
parent 2cd01388
...@@ -430,7 +430,7 @@ class BackendController ...@@ -430,7 +430,7 @@ class BackendController
$editId = preg_replace('/[^[:alnum:]_]/', '', GeneralUtility::_GET('edit')); $editId = preg_replace('/[^[:alnum:]_]/', '', GeneralUtility::_GET('edit'));
if ($editId) { if ($editId) {
// Looking up the page to edit, checking permissions: // Looking up the page to edit, checking permissions:
$where = ' AND (' . $beUser->getPagePermsClause(2) . ' OR ' . $beUser->getPagePermsClause(16) . ')'; $where = ' AND (' . $beUser->getPagePermsClause(Permission::PAGE_EDIT) . ' OR ' . $beUser->getPagePermsClause(Permission::CONTENT_EDIT) . ')';
if (MathUtility::canBeInterpretedAsInteger($editId)) { if (MathUtility::canBeInterpretedAsInteger($editId)) {
$editRecord = BackendUtility::getRecordWSOL('pages', $editId, '*', $where); $editRecord = BackendUtility::getRecordWSOL('pages', $editId, '*', $where);
} else { } else {
......
...@@ -22,6 +22,7 @@ use TYPO3\CMS\Backend\Template\ModuleTemplate; ...@@ -22,6 +22,7 @@ use TYPO3\CMS\Backend\Template\ModuleTemplate;
use TYPO3\CMS\Backend\Utility\BackendUtility; use TYPO3\CMS\Backend\Utility\BackendUtility;
use TYPO3\CMS\Core\History\RecordHistoryStore; use TYPO3\CMS\Core\History\RecordHistoryStore;
use TYPO3\CMS\Core\Imaging\Icon; use TYPO3\CMS\Core\Imaging\Icon;
use TYPO3\CMS\Core\Type\Bitmask\Permission;
use TYPO3\CMS\Core\Utility\DiffUtility; use TYPO3\CMS\Core\Utility\DiffUtility;
use TYPO3\CMS\Core\Utility\GeneralUtility; use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Fluid\View\StandaloneView; use TYPO3\CMS\Fluid\View\StandaloneView;
...@@ -128,7 +129,7 @@ class ElementHistoryController ...@@ -128,7 +129,7 @@ class ElementHistoryController
if ($elementData[0] !== 'pages') { if ($elementData[0] !== 'pages') {
$this->view->assign('singleElement', true); $this->view->assign('singleElement', true);
$parentPage = BackendUtility::getRecord($elementData[0], $elementData[1], '*', '', false); $parentPage = BackendUtility::getRecord($elementData[0], $elementData[1], '*', '', false);
if ($parentPage['pid'] > 0 && BackendUtility::readPageAccess($parentPage['pid'], $this->getBackendUser()->getPagePermsClause(1))) { if ($parentPage['pid'] > 0 && BackendUtility::readPageAccess($parentPage['pid'], $this->getBackendUser()->getPagePermsClause(Permission::PAGE_SHOW))) {
$this->view->assign('fullHistoryUrl', $this->buildUrl([ $this->view->assign('fullHistoryUrl', $this->buildUrl([
'element' => 'pages:' . $parentPage['pid'], 'element' => 'pages:' . $parentPage['pid'],
'historyEntry' => '', 'historyEntry' => '',
...@@ -166,7 +167,7 @@ class ElementHistoryController ...@@ -166,7 +167,7 @@ class ElementHistoryController
$pageId = $record['pid']; $pageId = $record['pid'];
} }
$pageAccess = BackendUtility::readPageAccess($pageId, $this->getBackendUser()->getPagePermsClause(1)); $pageAccess = BackendUtility::readPageAccess($pageId, $this->getBackendUser()->getPagePermsClause(Permission::PAGE_SHOW));
if (is_array($pageAccess)) { if (is_array($pageAccess)) {
$this->moduleTemplate->getDocHeaderComponent()->setMetaInformation($pageAccess); $this->moduleTemplate->getDocHeaderComponent()->setMetaInformation($pageAccess);
} }
......
...@@ -25,6 +25,7 @@ use TYPO3\CMS\Core\Imaging\IconFactory; ...@@ -25,6 +25,7 @@ use TYPO3\CMS\Core\Imaging\IconFactory;
use TYPO3\CMS\Core\Resource\AbstractFile; use TYPO3\CMS\Core\Resource\AbstractFile;
use TYPO3\CMS\Core\Resource\Folder; use TYPO3\CMS\Core\Resource\Folder;
use TYPO3\CMS\Core\Resource\ResourceFactory; use TYPO3\CMS\Core\Resource\ResourceFactory;
use TYPO3\CMS\Core\Type\Bitmask\Permission;
use TYPO3\CMS\Core\Utility\GeneralUtility; use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Fluid\View\StandaloneView; use TYPO3\CMS\Fluid\View\StandaloneView;
...@@ -121,7 +122,7 @@ class ElementInformationController ...@@ -121,7 +122,7 @@ class ElementInformationController
$this->table = GeneralUtility::_GET('table'); $this->table = GeneralUtility::_GET('table');
$this->uid = GeneralUtility::_GET('uid'); $this->uid = GeneralUtility::_GET('uid');
$this->permsClause = $this->getBackendUser()->getPagePermsClause(1); $this->permsClause = $this->getBackendUser()->getPagePermsClause(Permission::PAGE_SHOW);
$this->moduleTemplate = GeneralUtility::makeInstance(ModuleTemplate::class); $this->moduleTemplate = GeneralUtility::makeInstance(ModuleTemplate::class);
$this->moduleTemplate->getDocHeaderComponent()->disable(); $this->moduleTemplate->getDocHeaderComponent()->disable();
......
...@@ -21,6 +21,7 @@ use TYPO3\CMS\Backend\Tree\View\ContentMovingPagePositionMap; ...@@ -21,6 +21,7 @@ use TYPO3\CMS\Backend\Tree\View\ContentMovingPagePositionMap;
use TYPO3\CMS\Backend\Tree\View\PageMovingPagePositionMap; use TYPO3\CMS\Backend\Tree\View\PageMovingPagePositionMap;
use TYPO3\CMS\Backend\Utility\BackendUtility; use TYPO3\CMS\Backend\Utility\BackendUtility;
use TYPO3\CMS\Core\Imaging\Icon; use TYPO3\CMS\Core\Imaging\Icon;
use TYPO3\CMS\Core\Type\Bitmask\Permission;
use TYPO3\CMS\Core\Utility\GeneralUtility; use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Fluid\View\StandaloneView; use TYPO3\CMS\Fluid\View\StandaloneView;
...@@ -110,7 +111,7 @@ class MoveElementController ...@@ -110,7 +111,7 @@ class MoveElementController
$this->moveUid = $this->input_moveUid ? $this->input_moveUid : $this->page_id; $this->moveUid = $this->input_moveUid ? $this->input_moveUid : $this->page_id;
$this->makeCopy = GeneralUtility::_GP('makeCopy'); $this->makeCopy = GeneralUtility::_GP('makeCopy');
// Select-pages where clause for read-access: // Select-pages where clause for read-access:
$this->perms_clause = $this->getBackendUser()->getPagePermsClause(1); $this->perms_clause = $this->getBackendUser()->getPagePermsClause(Permission::PAGE_SHOW);
} }
/** /**
......
...@@ -23,6 +23,7 @@ use TYPO3\CMS\Backend\View\BackendLayoutView; ...@@ -23,6 +23,7 @@ use TYPO3\CMS\Backend\View\BackendLayoutView;
use TYPO3\CMS\Backend\Wizard\NewContentElementWizardHookInterface; use TYPO3\CMS\Backend\Wizard\NewContentElementWizardHookInterface;
use TYPO3\CMS\Core\Imaging\Icon; use TYPO3\CMS\Core\Imaging\Icon;
use TYPO3\CMS\Core\Service\DependencyOrderingService; use TYPO3\CMS\Core\Service\DependencyOrderingService;
use TYPO3\CMS\Core\Type\Bitmask\Permission;
use TYPO3\CMS\Core\Utility\ArrayUtility; use TYPO3\CMS\Core\Utility\ArrayUtility;
use TYPO3\CMS\Core\Utility\GeneralUtility; use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Fluid\View\StandaloneView; use TYPO3\CMS\Fluid\View\StandaloneView;
...@@ -172,7 +173,7 @@ class NewContentElementController ...@@ -172,7 +173,7 @@ class NewContentElementController
// Setting up the context sensitive menu: // Setting up the context sensitive menu:
$this->moduleTemplate->getPageRenderer()->loadRequireJsModule('TYPO3/CMS/Backend/ContextMenu'); $this->moduleTemplate->getPageRenderer()->loadRequireJsModule('TYPO3/CMS/Backend/ContextMenu');
// Getting the current page and receiving access information (used in main()) // Getting the current page and receiving access information (used in main())
$perms_clause = $this->getBackendUser()->getPagePermsClause(1); $perms_clause = $this->getBackendUser()->getPagePermsClause(Permission::PAGE_SHOW);
$this->pageInfo = BackendUtility::readPageAccess($this->id, $perms_clause); $this->pageInfo = BackendUtility::readPageAccess($this->id, $perms_clause);
$this->access = is_array($this->pageInfo); $this->access = is_array($this->pageInfo);
} }
......
...@@ -25,6 +25,7 @@ use TYPO3\CMS\Backend\Utility\BackendUtility; ...@@ -25,6 +25,7 @@ use TYPO3\CMS\Backend\Utility\BackendUtility;
use TYPO3\CMS\Core\Database\ConnectionPool; use TYPO3\CMS\Core\Database\ConnectionPool;
use TYPO3\CMS\Core\Database\Query\Restriction\DeletedRestriction; use TYPO3\CMS\Core\Database\Query\Restriction\DeletedRestriction;
use TYPO3\CMS\Core\Imaging\Icon; use TYPO3\CMS\Core\Imaging\Icon;
use TYPO3\CMS\Core\Type\Bitmask\Permission;
use TYPO3\CMS\Core\Utility\ExtensionManagementUtility; use TYPO3\CMS\Core\Utility\ExtensionManagementUtility;
use TYPO3\CMS\Core\Utility\GeneralUtility; use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Core\Utility\HttpUtility; use TYPO3\CMS\Core\Utility\HttpUtility;
...@@ -172,7 +173,7 @@ class NewRecordController ...@@ -172,7 +173,7 @@ class NewRecordController
{ {
$beUser = $this->getBackendUserAuthentication(); $beUser = $this->getBackendUserAuthentication();
// Page-selection permission clause (reading) // Page-selection permission clause (reading)
$this->perms_clause = $beUser->getPagePermsClause(1); $this->perms_clause = $beUser->getPagePermsClause(Permission::PAGE_SHOW);
// This will hide records from display - it has nothing to do with user rights!! // This will hide records from display - it has nothing to do with user rights!!
if ($pidList = $beUser->getTSConfigVal('options.hideRecords.pages')) { if ($pidList = $beUser->getTSConfigVal('options.hideRecords.pages')) {
if (!empty($pidList)) { if (!empty($pidList)) {
......
...@@ -257,7 +257,7 @@ class PageLayoutController ...@@ -257,7 +257,7 @@ class PageLayoutController
$this->getLanguageService()->includeLLFile('EXT:backend/Resources/Private/Language/locallang_layout.xlf'); $this->getLanguageService()->includeLLFile('EXT:backend/Resources/Private/Language/locallang_layout.xlf');
// Setting module configuration / page select clause // Setting module configuration / page select clause
$this->MCONF['name'] = $this->moduleName; $this->MCONF['name'] = $this->moduleName;
$this->perms_clause = $this->getBackendUser()->getPagePermsClause(1); $this->perms_clause = $this->getBackendUser()->getPagePermsClause(Permission::PAGE_SHOW);
// Get session data // Get session data
$sessionData = $this->getBackendUser()->getSessionData(RecordList::class); $sessionData = $this->getBackendUser()->getSessionData(RecordList::class);
$this->search_field = !empty($sessionData['search_field']) ? $sessionData['search_field'] : ''; $this->search_field = !empty($sessionData['search_field']) ? $sessionData['search_field'] : '';
......
...@@ -27,6 +27,7 @@ use TYPO3\CMS\Core\Authentication\BackendUserAuthentication; ...@@ -27,6 +27,7 @@ use TYPO3\CMS\Core\Authentication\BackendUserAuthentication;
use TYPO3\CMS\Core\Imaging\Icon; use TYPO3\CMS\Core\Imaging\Icon;
use TYPO3\CMS\Core\Localization\LanguageService; use TYPO3\CMS\Core\Localization\LanguageService;
use TYPO3\CMS\Core\Service\DependencyOrderingService; use TYPO3\CMS\Core\Service\DependencyOrderingService;
use TYPO3\CMS\Core\Type\Bitmask\Permission;
use TYPO3\CMS\Core\Utility\ArrayUtility; use TYPO3\CMS\Core\Utility\ArrayUtility;
use TYPO3\CMS\Core\Utility\GeneralUtility; use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Fluid\View\StandaloneView; use TYPO3\CMS\Fluid\View\StandaloneView;
...@@ -188,7 +189,7 @@ class NewContentElementWizardController ...@@ -188,7 +189,7 @@ class NewContentElementWizardController
$configuration = BackendUtility::getPagesTSconfig($this->id); $configuration = BackendUtility::getPagesTSconfig($this->id);
$this->configuration = $configuration['mod.']['wizards.']['newContentElement.']; $this->configuration = $configuration['mod.']['wizards.']['newContentElement.'];
// Getting the current page and receiving access information (used in main()) // Getting the current page and receiving access information (used in main())
$permissionsClause = $this->getBackendUser()->getPagePermsClause(1); $permissionsClause = $this->getBackendUser()->getPagePermsClause(Permission::PAGE_SHOW);
$this->pageInfo = BackendUtility::readPageAccess($this->id, $permissionsClause); $this->pageInfo = BackendUtility::readPageAccess($this->id, $permissionsClause);
$this->access = is_array($this->pageInfo); $this->access = is_array($this->pageInfo);
} }
......
...@@ -411,7 +411,7 @@ class InlineRecordContainer extends AbstractContainer ...@@ -411,7 +411,7 @@ class InlineRecordContainer extends AbstractContainer
$nameObject = $this->inlineStackProcessor->getCurrentStructureDomObjectIdPrefix($data['inlineFirstPid']); $nameObject = $this->inlineStackProcessor->getCurrentStructureDomObjectIdPrefix($data['inlineFirstPid']);
$nameObjectFt = $nameObject . '-' . $foreignTable; $nameObjectFt = $nameObject . '-' . $foreignTable;
$nameObjectFtId = $nameObjectFt . '-' . $rec['uid']; $nameObjectFtId = $nameObjectFt . '-' . $rec['uid'];
$calcPerms = $backendUser->calcPerms(BackendUtility::readPageAccess($rec['pid'], $backendUser->getPagePermsClause(1))); $calcPerms = $backendUser->calcPerms(BackendUtility::readPageAccess($rec['pid'], $backendUser->getPagePermsClause(Permission::PAGE_SHOW)));
// If the listed table is 'pages' we have to request the permission settings for each page: // If the listed table is 'pages' we have to request the permission settings for each page:
$localCalcPerms = false; $localCalcPerms = false;
if ($isPagesTable) { if ($isPagesTable) {
......
...@@ -19,6 +19,7 @@ use TYPO3\CMS\Core\Authentication\BackendUserAuthentication; ...@@ -19,6 +19,7 @@ use TYPO3\CMS\Core\Authentication\BackendUserAuthentication;
use TYPO3\CMS\Core\Imaging\Icon; use TYPO3\CMS\Core\Imaging\Icon;
use TYPO3\CMS\Core\Imaging\IconFactory; use TYPO3\CMS\Core\Imaging\IconFactory;
use TYPO3\CMS\Core\Localization\LanguageService; use TYPO3\CMS\Core\Localization\LanguageService;
use TYPO3\CMS\Core\Type\Bitmask\Permission;
use TYPO3\CMS\Core\Utility\GeneralUtility; use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Fluid\View\StandaloneView; use TYPO3\CMS\Fluid\View\StandaloneView;
...@@ -58,7 +59,7 @@ class OuterWrapContainer extends AbstractContainer ...@@ -58,7 +59,7 @@ class OuterWrapContainer extends AbstractContainer
$recordPath = ''; $recordPath = '';
// @todo: what is this >= 0 check for? wsol cases?! // @todo: what is this >= 0 check for? wsol cases?!
if ($this->data['effectivePid'] >= 0) { if ($this->data['effectivePid'] >= 0) {
$permissionsClause = $backendUser->getPagePermsClause(1); $permissionsClause = $backendUser->getPagePermsClause(Permission::PAGE_SHOW);
$recordPath = BackendUtility::getRecordPath($this->data['effectivePid'], $permissionsClause, 15); $recordPath = BackendUtility::getRecordPath($this->data['effectivePid'], $permissionsClause, 15);
} }
......
...@@ -33,6 +33,7 @@ use TYPO3\CMS\Core\Messaging\FlashMessage; ...@@ -33,6 +33,7 @@ use TYPO3\CMS\Core\Messaging\FlashMessage;
use TYPO3\CMS\Core\Messaging\FlashMessageQueue; use TYPO3\CMS\Core\Messaging\FlashMessageQueue;
use TYPO3\CMS\Core\Messaging\FlashMessageService; use TYPO3\CMS\Core\Messaging\FlashMessageService;
use TYPO3\CMS\Core\Resource\FileRepository; use TYPO3\CMS\Core\Resource\FileRepository;
use TYPO3\CMS\Core\Type\Bitmask\Permission;
use TYPO3\CMS\Core\Utility\ArrayUtility; use TYPO3\CMS\Core\Utility\ArrayUtility;
use TYPO3\CMS\Core\Utility\GeneralUtility; use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Core\Utility\MathUtility; use TYPO3\CMS\Core\Utility\MathUtility;
...@@ -1014,7 +1015,7 @@ abstract class AbstractItemProvider ...@@ -1014,7 +1015,7 @@ abstract class AbstractItemProvider
) )
); );
} else { } else {
$queryBuilder->andWhere($backendUser->getPagePermsClause(1)); $queryBuilder->andWhere($backendUser->getPagePermsClause(Permission::PAGE_SHOW));
if ($foreignTableName !== 'pages') { if ($foreignTableName !== 'pages') {
$queryBuilder $queryBuilder
->from('pages') ->from('pages')
......
...@@ -24,6 +24,7 @@ use TYPO3\CMS\Core\Database\Query\Restriction\DeletedRestriction; ...@@ -24,6 +24,7 @@ use TYPO3\CMS\Core\Database\Query\Restriction\DeletedRestriction;
use TYPO3\CMS\Core\Imaging\Icon; use TYPO3\CMS\Core\Imaging\Icon;
use TYPO3\CMS\Core\Imaging\IconFactory; use TYPO3\CMS\Core\Imaging\IconFactory;
use TYPO3\CMS\Core\Localization\LanguageService; use TYPO3\CMS\Core\Localization\LanguageService;
use TYPO3\CMS\Core\Type\Bitmask\Permission;
use TYPO3\CMS\Core\Utility\GeneralUtility; use TYPO3\CMS\Core\Utility\GeneralUtility;
/** /**
...@@ -119,7 +120,7 @@ class SuggestWizardDefaultReceiver ...@@ -119,7 +120,7 @@ class SuggestWizardDefaultReceiver
} }
if ($this->table === 'pages') { if ($this->table === 'pages') {
$this->queryBuilder->andWhere( $this->queryBuilder->andWhere(
QueryHelper::stripLogicalOperatorPrefix($GLOBALS['BE_USER']->getPagePermsClause(1)) QueryHelper::stripLogicalOperatorPrefix($GLOBALS['BE_USER']->getPagePermsClause(Permission::PAGE_SHOW))
); );
} }
if (isset($config['addWhere'])) { if (isset($config['addWhere'])) {
...@@ -322,13 +323,13 @@ class SuggestWizardDefaultReceiver ...@@ -322,13 +323,13 @@ class SuggestWizardDefaultReceiver
$retValue = true; $retValue = true;
$table = $this->mmForeignTable ?: $this->table; $table = $this->mmForeignTable ?: $this->table;
if ($table === 'pages') { if ($table === 'pages') {
if (!BackendUtility::readPageAccess($uid, $GLOBALS['BE_USER']->getPagePermsClause(1))) { if (!BackendUtility::readPageAccess($uid, $GLOBALS['BE_USER']->getPagePermsClause(Permission::PAGE_SHOW))) {
$retValue = false; $retValue = false;
} }
} elseif (isset($GLOBALS['TCA'][$table]['ctrl']['is_static']) && (bool)$GLOBALS['TCA'][$table]['ctrl']['is_static']) { } elseif (isset($GLOBALS['TCA'][$table]['ctrl']['is_static']) && (bool)$GLOBALS['TCA'][$table]['ctrl']['is_static']) {
$retValue = true; $retValue = true;
} else { } else {
if (!is_array(BackendUtility::readPageAccess($row['pid'], $GLOBALS['BE_USER']->getPagePermsClause(1)))) { if (!is_array(BackendUtility::readPageAccess($row['pid'], $GLOBALS['BE_USER']->getPagePermsClause(Permission::PAGE_SHOW)))) {
$retValue = false; $retValue = false;
} }
} }
......
...@@ -20,6 +20,7 @@ use TYPO3\CMS\Core\Localization\LanguageService; ...@@ -20,6 +20,7 @@ use TYPO3\CMS\Core\Localization\LanguageService;
use TYPO3\CMS\Core\Messaging\FlashMessage; use TYPO3\CMS\Core\Messaging\FlashMessage;
use TYPO3\CMS\Core\Messaging\FlashMessageService; use TYPO3\CMS\Core\Messaging\FlashMessageService;
use TYPO3\CMS\Core\Page\PageRenderer; use TYPO3\CMS\Core\Page\PageRenderer;
use TYPO3\CMS\Core\Type\Bitmask\Permission;
use TYPO3\CMS\Core\Utility\GeneralUtility; use TYPO3\CMS\Core\Utility\GeneralUtility;
/** /**
...@@ -198,7 +199,7 @@ class BaseScriptClass ...@@ -198,7 +199,7 @@ class BaseScriptClass
} }
$this->id = (int)GeneralUtility::_GP('id'); $this->id = (int)GeneralUtility::_GP('id');
$this->CMD = GeneralUtility::_GP('CMD'); $this->CMD = GeneralUtility::_GP('CMD');
$this->perms_clause = $this->getBackendUser()->getPagePermsClause(1); $this->perms_clause = $this->getBackendUser()->getPagePermsClause(Permission::PAGE_SHOW);
$this->menuConfig(); $this->menuConfig();
$this->handleExternalFunctionValue(); $this->handleExternalFunctionValue();
} }
......
...@@ -82,7 +82,7 @@ class LiveSearch ...@@ -82,7 +82,7 @@ class LiveSearch
*/ */
public function __construct() public function __construct()
{ {
$this->userPermissions = $GLOBALS['BE_USER']->getPagePermsClause(1); $this->userPermissions = $GLOBALS['BE_USER']->getPagePermsClause(Permission::PAGE_SHOW);
$this->queryParser = GeneralUtility::makeInstance(\TYPO3\CMS\Backend\Search\LiveSearch\QueryParser::class); $this->queryParser = GeneralUtility::makeInstance(\TYPO3\CMS\Backend\Search\LiveSearch\QueryParser::class);
} }
......
...@@ -16,6 +16,7 @@ namespace TYPO3\CMS\Backend\Tree\View; ...@@ -16,6 +16,7 @@ namespace TYPO3\CMS\Backend\Tree\View;
use TYPO3\CMS\Backend\Utility\BackendUtility; use TYPO3\CMS\Backend\Utility\BackendUtility;
use TYPO3\CMS\Core\Database\ConnectionPool; use TYPO3\CMS\Core\Database\ConnectionPool;
use TYPO3\CMS\Core\Type\Bitmask\Permission;
use TYPO3\CMS\Core\Utility\GeneralUtility; use TYPO3\CMS\Core\Utility\GeneralUtility;
/** /**
...@@ -88,7 +89,7 @@ class BrowseTreeView extends AbstractTreeView ...@@ -88,7 +89,7 @@ class BrowseTreeView extends AbstractTreeView
} }
} }
// This is very important for making trees of pages: Filtering out deleted pages, pages with no access to and sorting them correctly: // This is very important for making trees of pages: Filtering out deleted pages, pages with no access to and sorting them correctly:
parent::init(' AND ' . $this->getBackendUser()->getPagePermsClause(1) . ' ' . $clause . $clauseExcludePidList, 'sorting'); parent::init(' AND ' . $this->getBackendUser()->getPagePermsClause(Permission::PAGE_SHOW) . ' ' . $clause . $clauseExcludePidList, 'sorting');
$this->title = $GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename']; $this->title = $GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename'];
$this->MOUNTS = $this->getBackendUser()->returnWebmounts(); $this->MOUNTS = $this->getBackendUser()->returnWebmounts();
if ($pidList) { if ($pidList) {
......
...@@ -715,7 +715,7 @@ class PageLayoutView implements LoggerAwareInterface ...@@ -715,7 +715,7 @@ class PageLayoutView implements LoggerAwareInterface
->from('pages') ->from('pages')
->where( ->where(
$queryBuilder->expr()->eq('uid', $queryBuilder->createNamedParameter($id, \PDO::PARAM_INT)), $queryBuilder->expr()->eq('uid', $queryBuilder->createNamedParameter($id, \PDO::PARAM_INT)),
$this->getBackendUser()->getPagePermsClause(1) $this->getBackendUser()->getPagePermsClause(Permission::PAGE_SHOW)
) )
->execute() ->execute()
->fetch(); ->fetch();
...@@ -1664,7 +1664,7 @@ class PageLayoutView implements LoggerAwareInterface ...@@ -1664,7 +1664,7 @@ class PageLayoutView implements LoggerAwareInterface
->where( ->where(
$queryBuilder->expr()->eq('pid', $queryBuilder->createNamedParameter($pid, \PDO::PARAM_INT)), $queryBuilder->expr()->eq('pid', $queryBuilder->createNamedParameter($pid, \PDO::PARAM_INT)),
$queryBuilder->expr()->eq('sys_language_uid', $queryBuilder->createNamedParameter(0, \PDO::PARAM_INT)), $queryBuilder->expr()->eq('sys_language_uid', $queryBuilder->createNamedParameter(0, \PDO::PARAM_INT)),
$this->getBackendUser()->getPagePermsClause(1) $this->getBackendUser()->getPagePermsClause(Permission::PAGE_SHOW)
); );
if (!empty($GLOBALS['TCA']['pages']['ctrl']['sortby'])) { if (!empty($GLOBALS['TCA']['pages']['ctrl']['sortby'])) {
...@@ -3000,7 +3000,7 @@ class PageLayoutView implements LoggerAwareInterface ...@@ -3000,7 +3000,7 @@ class PageLayoutView implements LoggerAwareInterface
$expressionBuilder = GeneralUtility::makeInstance(ConnectionPool::class) $expressionBuilder = GeneralUtility::makeInstance(ConnectionPool::class)
->getQueryBuilderForTable('pages') ->getQueryBuilderForTable('pages')
->expr(); ->expr();
$permsClause = $expressionBuilder->andX($backendUser->getPagePermsClause(1)); $permsClause = $expressionBuilder->andX($backendUser->getPagePermsClause(Permission::PAGE_SHOW));
// This will hide records from display - it has nothing to do with user rights!! // This will hide records from display - it has nothing to do with user rights!!
if ($pidList = $backendUser->getTSConfigVal('options.hideRecords.pages')) { if ($pidList = $backendUser->getTSConfigVal('options.hideRecords.pages')) {
$pidList = GeneralUtility::intExplode(',', $pidList, true); $pidList = GeneralUtility::intExplode(',', $pidList, true);
......
...@@ -15,6 +15,7 @@ namespace TYPO3\CMS\Belog\Domain\Repository; ...@@ -15,6 +15,7 @@ namespace TYPO3\CMS\Belog\Domain\Repository;
*/ */
use TYPO3\CMS\Belog\Domain\Model\LogEntry; use TYPO3\CMS\Belog\Domain\Model\LogEntry;
use TYPO3\CMS\Core\Database\ConnectionPool; use TYPO3\CMS\Core\Database\ConnectionPool;
use TYPO3\CMS\Core\Type\Bitmask\Permission;
use TYPO3\CMS\Core\Utility\GeneralUtility; use TYPO3\CMS\Core\Utility\GeneralUtility;
/** /**
...@@ -108,7 +109,7 @@ class LogEntryRepository extends \TYPO3\CMS\Extbase\Persistence\Repository ...@@ -108,7 +109,7 @@ class LogEntryRepository extends \TYPO3\CMS\Extbase\Persistence\Repository
if ($constraint->getDepth() > 0) { if ($constraint->getDepth() > 0) {
/** @var $pageTree \TYPO3\CMS\Backend\Tree\View\PageTreeView */ /** @var $pageTree \TYPO3\CMS\Backend\Tree\View\PageTreeView */
$pageTree = \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance(\TYPO3\CMS\Backend\Tree\View\PageTreeView::class); $pageTree = \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance(\TYPO3\CMS\Backend\Tree\View\PageTreeView::class);
$pageTree->init('AND ' . $GLOBALS['BE_USER']->getPagePermsClause(1)); $pageTree->init('AND ' . $GLOBALS['BE_USER']->getPagePermsClause(Permission::PAGE_SHOW));
$pageTree->makeHTML = 0; $pageTree->makeHTML = 0;
$pageTree->fieldArray = ['uid']; $pageTree->fieldArray = ['uid'];
$pageTree->getTree($constraint->getPageId(), $constraint->getDepth()); $pageTree->getTree($constraint->getPageId(), $constraint->getDepth());
......
...@@ -383,7 +383,7 @@ class BackendUserAuthentication extends AbstractUserAuthentication ...@@ -383,7 +383,7 @@ class BackendUserAuthentication extends AbstractUserAuthentication
$id = (int)$checkRec['t3ver_oid']; $id = (int)$checkRec['t3ver_oid'];
} }
if (!$readPerms) { if (!$readPerms) {
$readPerms = $this->getPagePermsClause(1); $readPerms = $this->getPagePermsClause(Permission::PAGE_SHOW);
} }
if ($id > 0) { if ($id > 0) {
$wM = $this->returnWebmounts(); $wM = $this->returnWebmounts();
...@@ -1413,7 +1413,7 @@ class BackendUserAuthentication extends AbstractUserAuthentication ...@@ -1413,7 +1413,7 @@ class BackendUserAuthentication extends AbstractUserAuthentication
->from('pages') ->from('pages')
// @todo DOCTRINE: check how to make getPagePermsClause() portable // @todo DOCTRINE: check how to make getPagePermsClause() portable
->where( ->where(
$this->getPagePermsClause(1), $this->getPagePermsClause(Permission::PAGE_SHOW),
$queryBuilder->expr()->in( $queryBuilder->expr()->in(
'uid', 'uid',
$queryBuilder->createNamedParameter( $queryBuilder->createNamedParameter(
......
...@@ -20,6 +20,7 @@ use TYPO3\CMS\Core\Authentication\BackendUserAuthentication; ...@@ -20,6 +20,7 @@ use TYPO3\CMS\Core\Authentication\BackendUserAuthentication;
use TYPO3\CMS\Core\Database\Query\QueryHelper; use TYPO3\CMS\Core\Database\Query\QueryHelper;
use TYPO3\CMS\Core\Database\Query\Restriction\DeletedRestriction; use TYPO3\CMS\Core\Database\Query\Restriction\DeletedRestriction;
use TYPO3\CMS\Core\Localization\LanguageService; use TYPO3\CMS\Core\Localization\LanguageService;
use TYPO3\CMS\Core\Type\Bitmask\Permission;
use TYPO3\CMS\Core\Utility\GeneralUtility; use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Core\Utility\StringUtility; use TYPO3\CMS\Core\Utility\StringUtility;
...@@ -936,7 +937,7 @@ class QueryGenerator ...@@ -936,7 +937,7 @@ class QueryGenerator
->orderBy('uid'); ->orderBy('uid');
if (!$backendUserAuthentication->isAdmin() && $GLOBALS['TYPO3_CONF_VARS']['BE']['lockBeUserToDBmounts']) { if (!$backendUserAuthentication->isAdmin() && $GLOBALS['TYPO3_CONF_VARS']['BE']['lockBeUserToDBmounts']) {
$webMounts = $backendUserAuthentication->returnWebmounts(); $webMounts = $backendUserAuthentication->returnWebmounts();
$perms_clause = $backendUserAuthentication->getPagePermsClause(1); $perms_clause = $backendUserAuthentication->getPagePermsClause(Permission::PAGE_SHOW);
$webMountPageTree = ''; $webMountPageTree = '';
$webMountPageTreePrefix = ''; $webMountPageTreePrefix = '';
foreach ($webMounts as $webMount) { foreach ($webMounts as $webMount) {
...@@ -1615,7 +1616,7 @@ class QueryGenerator ...@@ -1615,7 +1616,7 @@ class QueryGenerator
if (!$backendUserAuthentication->isAdmin() && $GLOBALS['TYPO3_CONF_VARS']['BE']['lockBeUserToDBmounts']) { if (!$backendUserAuthentication->isAdmin() && $GLOBALS['TYPO3_CONF_VARS']['BE']['lockBeUserToDBmounts']) {
$webMounts = $backendUserAuthentication->returnWebmounts(); $webMounts = $backendUserAuthentication->returnWebmounts();
$perms_clause = $backendUserAuthentication->getPagePermsClause(1); $perms_clause = $backendUserAuthentication->getPagePermsClause(Permission::PAGE_SHOW);
$webMountPageTree = ''; $webMountPageTree = '';
$webMountPageTreePrefix = ''; $webMountPageTreePrefix = '';
foreach ($webMounts as $webMount) { foreach ($webMounts as $webMount) {
......
...@@ -24,6 +24,7 @@ use TYPO3\CMS\Core\Imaging\IconFactory; ...@@ -24,6 +24,7 @@ use TYPO3\CMS\Core\Imaging\IconFactory;
use TYPO3\CMS\Core\Localization\LanguageService; use TYPO3\CMS\Core\Localization\LanguageService;
use TYPO3\CMS\Core\Messaging\FlashMessage; use TYPO3\CMS\Core\Messaging\FlashMessage;
use TYPO3\CMS\Core\Messaging\FlashMessageRendererResolver; use TYPO3\CMS\Core\Messaging\FlashMessageRendererResolver;
use TYPO3\CMS\Core\Type\Bitmask\Permission;
use TYPO3\CMS\Core\Utility\CsvUtility; use TYPO3\CMS\Core\Utility\CsvUtility;
use TYPO3\CMS\Core\Utility\DebugUtility; use TYPO3\CMS\Core\Utility\DebugUtility;
use TYPO3\CMS\Core\Utility\ExtensionManagementUtility; use TYPO3\CMS\Core\Utility\ExtensionManagementUtility;
...@@ -1072,7 +1073,7 @@ class QueryView ...@@ -1072,7 +1073,7 @@ class QueryView
->orderBy('uid'); ->orderBy('uid');
if (!$this->backendUserAuthentication->isAdmin() && $GLOBALS['TYPO3_CONF_VARS']['BE']['lockBeUserToDBmounts']) { if (!$this->backendUserAuthentication->isAdmin() && $GLOBALS['TYPO3_CONF_VARS']['BE']['lockBeUserToDBmounts']) {
$webMounts = $this->backendUserAuthentication->returnWebmounts(); $webMounts = $this->backendUserAuthentication->returnWebmounts();
$perms_clause = $this->backendUserAuthentication->getPagePermsClause(1); $perms_clause = $this->backendUserAuthentication->getPagePermsClause(Permission::