Commit 1a1a6feb authored by Oliver Hader's avatar Oliver Hader Committed by Oliver Hader
Browse files

[BUGFIX] Properly apply system maintainer role to backend admins

The security fix TYPO3-CORE-SA-2022-005 introduced a synchronization
of backend user and admin tool sessions - without considering these
two documented aspects:

+ If no system maintainer is set up, then all administrators are
  assigned the system maintainer role.
+ In Development context, all administrators are system maintainers
  as well.

Resolves: #97768
Releases: main, 11.5, 10.4
Change-Id: I81dbfc5d07a41a4fa254e1fb50210c74f5e6f02c

Tested-by: core-ci's avatarcore-ci <>
Tested-by: Thomas Hohn
Tested-by: Rudy Gnodde's avatarRudy Gnodde <>
Tested-by: Andreas Fernandez's avatarAndreas Fernandez <>
Tested-by: Xavier Perseguers's avatarXavier Perseguers <>
Tested-by: Oliver Hader's avatarOliver Hader <>
Reviewed-by: Thomas Hohn
Reviewed-by: Rudy Gnodde's avatarRudy Gnodde <>
Reviewed-by: Markus Klein's avatarMarkus Klein <>
Reviewed-by: Andreas Fernandez's avatarAndreas Fernandez <>
Reviewed-by: Xavier Perseguers's avatarXavier Perseguers <>
Reviewed-by: Oliver Hader's avatarOliver Hader <>
parent 59238797
......@@ -271,8 +271,12 @@ class SessionService implements SingletonInterface
$isAdmin = (($backendUserRecord['admin'] ?? 0) & 1) === 1;
$systemMaintainers = array_map('intval', $GLOBALS['TYPO3_CONF_VARS']['SYS']['systemMaintainers'] ?? []);
// in case no system maintainers are configured, all admin users are considered to be system maintainers
$isSystemMaintainer = empty($systemMaintainers) || in_array((int)$backendUserRecord['uid'], $systemMaintainers, true);
// in development context, all admin users are considered to be system maintainers
$hasDevelopmentContext = Environment::getContext()->isDevelopment();
// stop here, in case the current admin tool session does not belong to a backend user having admin & maintainer privileges
if (!$isAdmin || !in_array((int)$backendUserRecord['uid'], $systemMaintainers, true)) {
if (!$isAdmin || !$hasDevelopmentContext && !$isSystemMaintainer) {
return false;
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment