Commit eb274401 authored by Benjamin Franzke's avatar Benjamin Franzke Committed by Benni Mack
Browse files

[BUGFIX] Fix PHP 8.1 warning in StoragePermissionsAspect

BackendUserAuthentication isn't an injectable service,
therefore the (unused) dependency injection is dropped
and $GLOBALS['BE_USER'] usage is moved to be scoped
by the isBackend() check.

Also fix the same DI-anti-pattern in CategoryPermissionsAspect.
No user facing error is currently known for this case,
as the ModifyTreeDataEvent is only executed in backend
context, so this is just to streamline both aspects.

Releases: main, 11.5
Resolves: #96960
Change-Id: I7b9f49ef82eeffcf369f471b5d031311aa5007b4
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/73597

Tested-by: core-ci's avatarcore-ci <typo3@b13.com>
Tested-by: Christian Kuhn's avatarChristian Kuhn <lolli@schwarzbu.ch>
Tested-by: Benni Mack's avatarBenni Mack <benni@typo3.org>
Reviewed-by: Christian Kuhn's avatarChristian Kuhn <lolli@schwarzbu.ch>
Reviewed-by: Benni Mack's avatarBenni Mack <benni@typo3.org>
parent 84ceebc2
......@@ -18,7 +18,6 @@ namespace TYPO3\CMS\Backend\Security;
use Psr\Http\Message\ServerRequestInterface;
use TYPO3\CMS\Backend\Tree\TreeNode;
use TYPO3\CMS\Backend\Tree\TreeNodeCollection;
use TYPO3\CMS\Core\Authentication\BackendUserAuthentication;
use TYPO3\CMS\Core\Database\ConnectionPool;
use TYPO3\CMS\Core\Http\ApplicationType;
use TYPO3\CMS\Core\Tree\Event\ModifyTreeDataEvent;
......@@ -39,19 +38,6 @@ final class CategoryPermissionsAspect
*/
private $categoryTableName = 'sys_category';
/**
* @var BackendUserAuthentication
*/
private $backendUserAuthentication;
/**
* @param BackendUserAuthentication|null $backendUserAuthentication
*/
public function __construct($backendUserAuthentication = null)
{
$this->backendUserAuthentication = $backendUserAuthentication ?: $GLOBALS['BE_USER'];
}
/**
* The listener for the event in DatabaseTreeDataProvider, which only affects the TYPO3 Backend
*
......@@ -69,10 +55,10 @@ final class CategoryPermissionsAspect
$dataProvider = $event->getProvider();
$treeData = $event->getTreeData();
if (!$this->backendUserAuthentication->isAdmin() && $dataProvider->getTableName() === $this->categoryTableName) {
if (!$GLOBALS['BE_USER']->isAdmin() && $dataProvider->getTableName() === $this->categoryTableName) {
// Get User permissions related to category
$categoryMountPoints = $this->backendUserAuthentication->getCategoryMountPoints();
$categoryMountPoints = $GLOBALS['BE_USER']->getCategoryMountPoints();
// Backup child nodes to be processed.
$treeNodeCollection = $treeData->getChildNodes();
......
......@@ -16,7 +16,6 @@
namespace TYPO3\CMS\Core\Resource\Security;
use Psr\Http\Message\ServerRequestInterface;
use TYPO3\CMS\Core\Authentication\BackendUserAuthentication;
use TYPO3\CMS\Core\Http\ApplicationType;
use TYPO3\CMS\Core\Resource\Event\AfterResourceStorageInitializationEvent;
use TYPO3\CMS\Core\Resource\Exception\FolderDoesNotExistException;
......@@ -33,19 +32,6 @@ use TYPO3\CMS\Core\Resource\ResourceStorage;
*/
final class StoragePermissionsAspect
{
/**
* @var BackendUserAuthentication
*/
protected $backendUserAuthentication;
/**
* @param BackendUserAuthentication|null $backendUserAuthentication
*/
public function __construct($backendUserAuthentication = null)
{
$this->backendUserAuthentication = $backendUserAuthentication ?: $GLOBALS['BE_USER'];
}
/**
* The event listener for the event where storage objects are created
* @param AfterResourceStorageInitializationEvent $event
......@@ -55,11 +41,11 @@ final class StoragePermissionsAspect
$storage = $event->getStorage();
if (($GLOBALS['TYPO3_REQUEST'] ?? null) instanceof ServerRequestInterface
&& ApplicationType::fromRequest($GLOBALS['TYPO3_REQUEST'])->isBackend()
&& !$this->backendUserAuthentication->isAdmin()
&& !$GLOBALS['BE_USER']->isAdmin()
) {
$storage->setEvaluatePermissions(true);
if ($storage->getUid() > 0) {
$storage->setUserPermissions($this->backendUserAuthentication->getFilePermissionsForStorage($storage));
$storage->setUserPermissions($GLOBALS['BE_USER']->getFilePermissionsForStorage($storage));
} else {
$storage->setEvaluatePermissions(false);
}
......@@ -74,7 +60,7 @@ final class StoragePermissionsAspect
*/
private function addFileMountsToStorage(ResourceStorage $storage)
{
foreach ($this->backendUserAuthentication->getFileMountRecords() as $fileMountRow) {
foreach ($GLOBALS['BE_USER']->getFileMountRecords() as $fileMountRow) {
if ((int)$fileMountRow['base'] === (int)$storage->getUid()) {
try {
$storage->addFileMount($fileMountRow['path'], $fileMountRow);
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment