Commit b8350ab2 authored by Nicole Cordes's avatar Nicole Cordes Committed by Philipp Gampe
Browse files

[BUGFIX] Prevent search upload folder in write protected storages

If a storage is marked as non-writeable there isn't any possibility to
have an upload folder in there. So this storage should be skipped in the
lookup of the default upload folder of an user.

Resolves: #69303
Releases: master, 6.2
Change-Id: If53b5545a6af6aa1d333d48bb0856a5de070fd2d
Reviewed-on: http://review.typo3.org/42864

Reviewed-by: default avatarMorton Jonuschat <m.jonuschat@mojocode.de>
Tested-by: default avatarMorton Jonuschat <m.jonuschat@mojocode.de>
Reviewed-by: Nicole Cordes's avatarNicole Cordes <typo3@cordes.co>
Tested-by: Nicole Cordes's avatarNicole Cordes <typo3@cordes.co>
Reviewed-by: Wouter Wolters's avatarWouter Wolters <typo3@wouterwolters.nl>
Reviewed-by: Frans Saris's avatarFrans Saris <franssaris@gmail.com>
Reviewed-by: Andreas Fernandez's avatarAndreas Fernandez <typo3@scripting-base.de>
Reviewed-by: Philipp Gampe's avatarPhilipp Gampe <philipp.gampe@typo3.org>
Tested-by: Philipp Gampe's avatarPhilipp Gampe <philipp.gampe@typo3.org>
parent 5d01c037
......@@ -1787,7 +1787,7 @@ class BackendUserAuthentication extends \TYPO3\CMS\Core\Authentication\AbstractU
$uploadFolder = \TYPO3\CMS\Core\Resource\ResourceFactory::getInstance()->getFolderObjectFromCombinedIdentifier($uploadFolder);
} else {
foreach($this->getFileStorages() as $storage) {
if ($storage->isDefault()) {
if ($storage->isDefault() && $storage->isWritable()) {
try {
$uploadFolder = $storage->getDefaultFolder();
if ($uploadFolder->checkActionPermission('add')) {
......@@ -1803,14 +1803,16 @@ class BackendUserAuthentication extends \TYPO3\CMS\Core\Authentication\AbstractU
if (!$uploadFolder instanceof \TYPO3\CMS\Core\Resource\Folder) {
/** @var ResourceStorage $storage */
foreach ($this->getFileStorages() as $storage) {
try {
$uploadFolder = $storage->getDefaultFolder();
if ($uploadFolder->checkActionPermission('add')) {
break;
if ($storage->isWritable()) {
try {
$uploadFolder = $storage->getDefaultFolder();
if ($uploadFolder->checkActionPermission('add')) {
break;
}
$uploadFolder = NULL;
} catch (\TYPO3\CMS\Core\Resource\Exception $folderAccessException) {
// If the folder is not accessible (no permissions / does not exist) try the next one.
}
$uploadFolder = NULL;
} catch (\TYPO3\CMS\Core\Resource\Exception $folderAccessException) {
// If the folder is not accessible (no permissions / does not exist) try the next one.
}
}
}
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment