Commit 4eee7f08 authored by Oliver Bartsch's avatar Oliver Bartsch Committed by Christian Kuhn
Browse files

[TASK] Do not require sudo mode in development context

The sudo mode, introduced in #92836, is required whenever
the install tool is accessed in the backend.

Especially in development context accessing the install
tool is a frequent task, e.g. for clearing all caches,
to test global configuration or to run the database

Therefore, the sudo mode is now not longer required
while the installations application context is set
to "Development".

Resolves: #93160
Releases: master, 10.4, 9.5
Change-Id: If61fa08847181491c01417d301a6bc1f480bae1b

Tested-by: default avatarTYPO3com <>
Tested-by: core-ci's avatarcore-ci <>
Tested-by: Oliver Bartsch's avatarOliver Bartsch <>
Tested-by: Christian Kuhn's avatarChristian Kuhn <>
Reviewed-by: Oliver Bartsch's avatarOliver Bartsch <>
Reviewed-by: Christian Kuhn's avatarChristian Kuhn <>
parent 964eeb20
......@@ -20,6 +20,7 @@ use Psr\Http\Message\ServerRequestInterface;
use TYPO3\CMS\Backend\Routing\UriBuilder;
use TYPO3\CMS\Core\Authentication\AbstractAuthenticationService;
use TYPO3\CMS\Core\Authentication\BackendUserAuthentication;
use TYPO3\CMS\Core\Core\Environment;
use TYPO3\CMS\Core\Crypto\PasswordHashing\InvalidPasswordHashException;
use TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashFactory;
use TYPO3\CMS\Core\Http\HtmlResponse;
......@@ -176,6 +177,9 @@ class BackendModuleController
if ($this->getSessionService()->isAuthorizedBackendUserSession()) {
return null;
if (Environment::getContext()->isDevelopment()) {
return null;
$redirectUri = $this->getBackendUserConfirmationUri([
'targetController' => $targetController,
'targetHash' => GeneralUtility::hmac($targetController, BackendModuleController::class),
declare(strict_types = 1);
namespace TYPO3\CMS\Install\Tests\Functional\Controller;
* This file is part of the TYPO3 CMS project.
* It is free software; you can redistribute it and/or modify it under
* the terms of the GNU General Public License, either version 2
* of the License, or any later version.
* For the full copyright and license information, please read the
* LICENSE.txt file that was distributed with this source code.
* The TYPO3 project - inspiring people to share!
use TYPO3\CMS\Core\Core\ApplicationContext;
use TYPO3\CMS\Core\Core\Environment;
use TYPO3\CMS\Install\Controller\BackendModuleController;
use TYPO3\TestingFramework\Core\Functional\FunctionalTestCase;
class BackendModuleControllerTest extends FunctionalTestCase
* @test
* @dataProvider environmentContextIsRespectedTestDataProvider
* @param string $module
public function environmentContextIsRespectedTest(string $module): void
$subject = new BackendModuleController();
$action = $module . 'Action';
self::assertIsCallable([$subject, $action]);
// Ensure we are not in development context
// Sudo mode is required
self::assertEquals(403, $subject->{$action}()->getStatusCode());
// Initialize environment with development context
new ApplicationContext('Development'),
Environment::getBackendPath() . '/index.php',
Environment::isWindows() ? 'WINDOWS' : 'UNIX'
// Authorized redirect to the install tool is performed, sudo mode is not required
$response = $subject->{$action}();
self::assertEquals(303, $response->getStatusCode());
'install.php?install[controller]=' . $module . '&install[context]=backend',
public function environmentContextIsRespectedTestDataProvider(): \Generator
yield 'maintenance module' => ['maintenance'];
yield 'settings module' => ['settings'];
yield 'upgrade module' => ['upgrade'];
yield 'environment module' => ['environment'];
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment