Commit 7d09e999 authored by Benni Mack's avatar Benni Mack Committed by Georg Ringer
Browse files

[CLEANUP] Use Permission constants consistently

Instead of integers, the permission constants
should be used throughout the TYPO3 Core.

Resolves: #83383
Releases: master
Change-Id: I00c10f97fc800d9533866c98284bbd22cd1bb575
Reviewed-on: https://review.typo3.org/55156


Tested-by: default avatarTYPO3com <no-reply@typo3.com>
Reviewed-by: Tymoteusz Motylewski's avatarTymoteusz Motylewski <t.motylewski@gmail.com>
Tested-by: Tymoteusz Motylewski's avatarTymoteusz Motylewski <t.motylewski@gmail.com>
Reviewed-by: Georg Ringer's avatarGeorg Ringer <georg.ringer@gmail.com>
Tested-by: Georg Ringer's avatarGeorg Ringer <georg.ringer@gmail.com>
parent 2cd01388
......@@ -430,7 +430,7 @@ class BackendController
$editId = preg_replace('/[^[:alnum:]_]/', '', GeneralUtility::_GET('edit'));
if ($editId) {
// Looking up the page to edit, checking permissions:
$where = ' AND (' . $beUser->getPagePermsClause(2) . ' OR ' . $beUser->getPagePermsClause(16) . ')';
$where = ' AND (' . $beUser->getPagePermsClause(Permission::PAGE_EDIT) . ' OR ' . $beUser->getPagePermsClause(Permission::CONTENT_EDIT) . ')';
if (MathUtility::canBeInterpretedAsInteger($editId)) {
$editRecord = BackendUtility::getRecordWSOL('pages', $editId, '*', $where);
} else {
......
......@@ -22,6 +22,7 @@ use TYPO3\CMS\Backend\Template\ModuleTemplate;
use TYPO3\CMS\Backend\Utility\BackendUtility;
use TYPO3\CMS\Core\History\RecordHistoryStore;
use TYPO3\CMS\Core\Imaging\Icon;
use TYPO3\CMS\Core\Type\Bitmask\Permission;
use TYPO3\CMS\Core\Utility\DiffUtility;
use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Fluid\View\StandaloneView;
......@@ -128,7 +129,7 @@ class ElementHistoryController
if ($elementData[0] !== 'pages') {
$this->view->assign('singleElement', true);
$parentPage = BackendUtility::getRecord($elementData[0], $elementData[1], '*', '', false);
if ($parentPage['pid'] > 0 && BackendUtility::readPageAccess($parentPage['pid'], $this->getBackendUser()->getPagePermsClause(1))) {
if ($parentPage['pid'] > 0 && BackendUtility::readPageAccess($parentPage['pid'], $this->getBackendUser()->getPagePermsClause(Permission::PAGE_SHOW))) {
$this->view->assign('fullHistoryUrl', $this->buildUrl([
'element' => 'pages:' . $parentPage['pid'],
'historyEntry' => '',
......@@ -166,7 +167,7 @@ class ElementHistoryController
$pageId = $record['pid'];
}
$pageAccess = BackendUtility::readPageAccess($pageId, $this->getBackendUser()->getPagePermsClause(1));
$pageAccess = BackendUtility::readPageAccess($pageId, $this->getBackendUser()->getPagePermsClause(Permission::PAGE_SHOW));
if (is_array($pageAccess)) {
$this->moduleTemplate->getDocHeaderComponent()->setMetaInformation($pageAccess);
}
......
......@@ -25,6 +25,7 @@ use TYPO3\CMS\Core\Imaging\IconFactory;
use TYPO3\CMS\Core\Resource\AbstractFile;
use TYPO3\CMS\Core\Resource\Folder;
use TYPO3\CMS\Core\Resource\ResourceFactory;
use TYPO3\CMS\Core\Type\Bitmask\Permission;
use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Fluid\View\StandaloneView;
......@@ -121,7 +122,7 @@ class ElementInformationController
$this->table = GeneralUtility::_GET('table');
$this->uid = GeneralUtility::_GET('uid');
$this->permsClause = $this->getBackendUser()->getPagePermsClause(1);
$this->permsClause = $this->getBackendUser()->getPagePermsClause(Permission::PAGE_SHOW);
$this->moduleTemplate = GeneralUtility::makeInstance(ModuleTemplate::class);
$this->moduleTemplate->getDocHeaderComponent()->disable();
......
......@@ -21,6 +21,7 @@ use TYPO3\CMS\Backend\Tree\View\ContentMovingPagePositionMap;
use TYPO3\CMS\Backend\Tree\View\PageMovingPagePositionMap;
use TYPO3\CMS\Backend\Utility\BackendUtility;
use TYPO3\CMS\Core\Imaging\Icon;
use TYPO3\CMS\Core\Type\Bitmask\Permission;
use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Fluid\View\StandaloneView;
......@@ -110,7 +111,7 @@ class MoveElementController
$this->moveUid = $this->input_moveUid ? $this->input_moveUid : $this->page_id;
$this->makeCopy = GeneralUtility::_GP('makeCopy');
// Select-pages where clause for read-access:
$this->perms_clause = $this->getBackendUser()->getPagePermsClause(1);
$this->perms_clause = $this->getBackendUser()->getPagePermsClause(Permission::PAGE_SHOW);
}
/**
......
......@@ -23,6 +23,7 @@ use TYPO3\CMS\Backend\View\BackendLayoutView;
use TYPO3\CMS\Backend\Wizard\NewContentElementWizardHookInterface;
use TYPO3\CMS\Core\Imaging\Icon;
use TYPO3\CMS\Core\Service\DependencyOrderingService;
use TYPO3\CMS\Core\Type\Bitmask\Permission;
use TYPO3\CMS\Core\Utility\ArrayUtility;
use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Fluid\View\StandaloneView;
......@@ -172,7 +173,7 @@ class NewContentElementController
// Setting up the context sensitive menu:
$this->moduleTemplate->getPageRenderer()->loadRequireJsModule('TYPO3/CMS/Backend/ContextMenu');
// Getting the current page and receiving access information (used in main())
$perms_clause = $this->getBackendUser()->getPagePermsClause(1);
$perms_clause = $this->getBackendUser()->getPagePermsClause(Permission::PAGE_SHOW);
$this->pageInfo = BackendUtility::readPageAccess($this->id, $perms_clause);
$this->access = is_array($this->pageInfo);
}
......
......@@ -25,6 +25,7 @@ use TYPO3\CMS\Backend\Utility\BackendUtility;
use TYPO3\CMS\Core\Database\ConnectionPool;
use TYPO3\CMS\Core\Database\Query\Restriction\DeletedRestriction;
use TYPO3\CMS\Core\Imaging\Icon;
use TYPO3\CMS\Core\Type\Bitmask\Permission;
use TYPO3\CMS\Core\Utility\ExtensionManagementUtility;
use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Core\Utility\HttpUtility;
......@@ -172,7 +173,7 @@ class NewRecordController
{
$beUser = $this->getBackendUserAuthentication();
// Page-selection permission clause (reading)
$this->perms_clause = $beUser->getPagePermsClause(1);
$this->perms_clause = $beUser->getPagePermsClause(Permission::PAGE_SHOW);
// This will hide records from display - it has nothing to do with user rights!!
if ($pidList = $beUser->getTSConfigVal('options.hideRecords.pages')) {
if (!empty($pidList)) {
......
......@@ -257,7 +257,7 @@ class PageLayoutController
$this->getLanguageService()->includeLLFile('EXT:backend/Resources/Private/Language/locallang_layout.xlf');
// Setting module configuration / page select clause
$this->MCONF['name'] = $this->moduleName;
$this->perms_clause = $this->getBackendUser()->getPagePermsClause(1);
$this->perms_clause = $this->getBackendUser()->getPagePermsClause(Permission::PAGE_SHOW);
// Get session data
$sessionData = $this->getBackendUser()->getSessionData(RecordList::class);
$this->search_field = !empty($sessionData['search_field']) ? $sessionData['search_field'] : '';
......
......@@ -27,6 +27,7 @@ use TYPO3\CMS\Core\Authentication\BackendUserAuthentication;
use TYPO3\CMS\Core\Imaging\Icon;
use TYPO3\CMS\Core\Localization\LanguageService;
use TYPO3\CMS\Core\Service\DependencyOrderingService;
use TYPO3\CMS\Core\Type\Bitmask\Permission;
use TYPO3\CMS\Core\Utility\ArrayUtility;
use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Fluid\View\StandaloneView;
......@@ -188,7 +189,7 @@ class NewContentElementWizardController
$configuration = BackendUtility::getPagesTSconfig($this->id);
$this->configuration = $configuration['mod.']['wizards.']['newContentElement.'];
// Getting the current page and receiving access information (used in main())
$permissionsClause = $this->getBackendUser()->getPagePermsClause(1);
$permissionsClause = $this->getBackendUser()->getPagePermsClause(Permission::PAGE_SHOW);
$this->pageInfo = BackendUtility::readPageAccess($this->id, $permissionsClause);
$this->access = is_array($this->pageInfo);
}
......
......@@ -411,7 +411,7 @@ class InlineRecordContainer extends AbstractContainer
$nameObject = $this->inlineStackProcessor->getCurrentStructureDomObjectIdPrefix($data['inlineFirstPid']);
$nameObjectFt = $nameObject . '-' . $foreignTable;
$nameObjectFtId = $nameObjectFt . '-' . $rec['uid'];
$calcPerms = $backendUser->calcPerms(BackendUtility::readPageAccess($rec['pid'], $backendUser->getPagePermsClause(1)));
$calcPerms = $backendUser->calcPerms(BackendUtility::readPageAccess($rec['pid'], $backendUser->getPagePermsClause(Permission::PAGE_SHOW)));
// If the listed table is 'pages' we have to request the permission settings for each page:
$localCalcPerms = false;
if ($isPagesTable) {
......
......@@ -19,6 +19,7 @@ use TYPO3\CMS\Core\Authentication\BackendUserAuthentication;
use TYPO3\CMS\Core\Imaging\Icon;
use TYPO3\CMS\Core\Imaging\IconFactory;
use TYPO3\CMS\Core\Localization\LanguageService;
use TYPO3\CMS\Core\Type\Bitmask\Permission;
use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Fluid\View\StandaloneView;
......@@ -58,7 +59,7 @@ class OuterWrapContainer extends AbstractContainer
$recordPath = '';
// @todo: what is this >= 0 check for? wsol cases?!
if ($this->data['effectivePid'] >= 0) {
$permissionsClause = $backendUser->getPagePermsClause(1);
$permissionsClause = $backendUser->getPagePermsClause(Permission::PAGE_SHOW);
$recordPath = BackendUtility::getRecordPath($this->data['effectivePid'], $permissionsClause, 15);
}
......
......@@ -33,6 +33,7 @@ use TYPO3\CMS\Core\Messaging\FlashMessage;
use TYPO3\CMS\Core\Messaging\FlashMessageQueue;
use TYPO3\CMS\Core\Messaging\FlashMessageService;
use TYPO3\CMS\Core\Resource\FileRepository;
use TYPO3\CMS\Core\Type\Bitmask\Permission;
use TYPO3\CMS\Core\Utility\ArrayUtility;
use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Core\Utility\MathUtility;
......@@ -1014,7 +1015,7 @@ abstract class AbstractItemProvider
)
);
} else {
$queryBuilder->andWhere($backendUser->getPagePermsClause(1));
$queryBuilder->andWhere($backendUser->getPagePermsClause(Permission::PAGE_SHOW));
if ($foreignTableName !== 'pages') {
$queryBuilder
->from('pages')
......
......@@ -24,6 +24,7 @@ use TYPO3\CMS\Core\Database\Query\Restriction\DeletedRestriction;
use TYPO3\CMS\Core\Imaging\Icon;
use TYPO3\CMS\Core\Imaging\IconFactory;
use TYPO3\CMS\Core\Localization\LanguageService;
use TYPO3\CMS\Core\Type\Bitmask\Permission;
use TYPO3\CMS\Core\Utility\GeneralUtility;
/**
......@@ -119,7 +120,7 @@ class SuggestWizardDefaultReceiver
}
if ($this->table === 'pages') {
$this->queryBuilder->andWhere(
QueryHelper::stripLogicalOperatorPrefix($GLOBALS['BE_USER']->getPagePermsClause(1))
QueryHelper::stripLogicalOperatorPrefix($GLOBALS['BE_USER']->getPagePermsClause(Permission::PAGE_SHOW))
);
}
if (isset($config['addWhere'])) {
......@@ -322,13 +323,13 @@ class SuggestWizardDefaultReceiver
$retValue = true;
$table = $this->mmForeignTable ?: $this->table;
if ($table === 'pages') {
if (!BackendUtility::readPageAccess($uid, $GLOBALS['BE_USER']->getPagePermsClause(1))) {
if (!BackendUtility::readPageAccess($uid, $GLOBALS['BE_USER']->getPagePermsClause(Permission::PAGE_SHOW))) {
$retValue = false;
}
} elseif (isset($GLOBALS['TCA'][$table]['ctrl']['is_static']) && (bool)$GLOBALS['TCA'][$table]['ctrl']['is_static']) {
$retValue = true;
} else {
if (!is_array(BackendUtility::readPageAccess($row['pid'], $GLOBALS['BE_USER']->getPagePermsClause(1)))) {
if (!is_array(BackendUtility::readPageAccess($row['pid'], $GLOBALS['BE_USER']->getPagePermsClause(Permission::PAGE_SHOW)))) {
$retValue = false;
}
}
......
......@@ -20,6 +20,7 @@ use TYPO3\CMS\Core\Localization\LanguageService;
use TYPO3\CMS\Core\Messaging\FlashMessage;
use TYPO3\CMS\Core\Messaging\FlashMessageService;
use TYPO3\CMS\Core\Page\PageRenderer;
use TYPO3\CMS\Core\Type\Bitmask\Permission;
use TYPO3\CMS\Core\Utility\GeneralUtility;
/**
......@@ -198,7 +199,7 @@ class BaseScriptClass
}
$this->id = (int)GeneralUtility::_GP('id');
$this->CMD = GeneralUtility::_GP('CMD');
$this->perms_clause = $this->getBackendUser()->getPagePermsClause(1);
$this->perms_clause = $this->getBackendUser()->getPagePermsClause(Permission::PAGE_SHOW);
$this->menuConfig();
$this->handleExternalFunctionValue();
}
......
......@@ -82,7 +82,7 @@ class LiveSearch
*/
public function __construct()
{
$this->userPermissions = $GLOBALS['BE_USER']->getPagePermsClause(1);
$this->userPermissions = $GLOBALS['BE_USER']->getPagePermsClause(Permission::PAGE_SHOW);
$this->queryParser = GeneralUtility::makeInstance(\TYPO3\CMS\Backend\Search\LiveSearch\QueryParser::class);
}
......
......@@ -16,6 +16,7 @@ namespace TYPO3\CMS\Backend\Tree\View;
use TYPO3\CMS\Backend\Utility\BackendUtility;
use TYPO3\CMS\Core\Database\ConnectionPool;
use TYPO3\CMS\Core\Type\Bitmask\Permission;
use TYPO3\CMS\Core\Utility\GeneralUtility;
/**
......@@ -88,7 +89,7 @@ class BrowseTreeView extends AbstractTreeView
}
}
// This is very important for making trees of pages: Filtering out deleted pages, pages with no access to and sorting them correctly:
parent::init(' AND ' . $this->getBackendUser()->getPagePermsClause(1) . ' ' . $clause . $clauseExcludePidList, 'sorting');
parent::init(' AND ' . $this->getBackendUser()->getPagePermsClause(Permission::PAGE_SHOW) . ' ' . $clause . $clauseExcludePidList, 'sorting');
$this->title = $GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename'];
$this->MOUNTS = $this->getBackendUser()->returnWebmounts();
if ($pidList) {
......
......@@ -715,7 +715,7 @@ class PageLayoutView implements LoggerAwareInterface
->from('pages')
->where(
$queryBuilder->expr()->eq('uid', $queryBuilder->createNamedParameter($id, \PDO::PARAM_INT)),
$this->getBackendUser()->getPagePermsClause(1)
$this->getBackendUser()->getPagePermsClause(Permission::PAGE_SHOW)
)
->execute()
->fetch();
......@@ -1664,7 +1664,7 @@ class PageLayoutView implements LoggerAwareInterface
->where(
$queryBuilder->expr()->eq('pid', $queryBuilder->createNamedParameter($pid, \PDO::PARAM_INT)),
$queryBuilder->expr()->eq('sys_language_uid', $queryBuilder->createNamedParameter(0, \PDO::PARAM_INT)),
$this->getBackendUser()->getPagePermsClause(1)
$this->getBackendUser()->getPagePermsClause(Permission::PAGE_SHOW)
);
if (!empty($GLOBALS['TCA']['pages']['ctrl']['sortby'])) {
......@@ -3000,7 +3000,7 @@ class PageLayoutView implements LoggerAwareInterface
$expressionBuilder = GeneralUtility::makeInstance(ConnectionPool::class)
->getQueryBuilderForTable('pages')
->expr();
$permsClause = $expressionBuilder->andX($backendUser->getPagePermsClause(1));
$permsClause = $expressionBuilder->andX($backendUser->getPagePermsClause(Permission::PAGE_SHOW));
// This will hide records from display - it has nothing to do with user rights!!
if ($pidList = $backendUser->getTSConfigVal('options.hideRecords.pages')) {
$pidList = GeneralUtility::intExplode(',', $pidList, true);
......
......@@ -15,6 +15,7 @@ namespace TYPO3\CMS\Belog\Domain\Repository;
*/
use TYPO3\CMS\Belog\Domain\Model\LogEntry;
use TYPO3\CMS\Core\Database\ConnectionPool;
use TYPO3\CMS\Core\Type\Bitmask\Permission;
use TYPO3\CMS\Core\Utility\GeneralUtility;
/**
......@@ -108,7 +109,7 @@ class LogEntryRepository extends \TYPO3\CMS\Extbase\Persistence\Repository
if ($constraint->getDepth() > 0) {
/** @var $pageTree \TYPO3\CMS\Backend\Tree\View\PageTreeView */
$pageTree = \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance(\TYPO3\CMS\Backend\Tree\View\PageTreeView::class);
$pageTree->init('AND ' . $GLOBALS['BE_USER']->getPagePermsClause(1));
$pageTree->init('AND ' . $GLOBALS['BE_USER']->getPagePermsClause(Permission::PAGE_SHOW));
$pageTree->makeHTML = 0;
$pageTree->fieldArray = ['uid'];
$pageTree->getTree($constraint->getPageId(), $constraint->getDepth());
......
......@@ -383,7 +383,7 @@ class BackendUserAuthentication extends AbstractUserAuthentication
$id = (int)$checkRec['t3ver_oid'];
}
if (!$readPerms) {
$readPerms = $this->getPagePermsClause(1);
$readPerms = $this->getPagePermsClause(Permission::PAGE_SHOW);
}
if ($id > 0) {
$wM = $this->returnWebmounts();
......@@ -1413,7 +1413,7 @@ class BackendUserAuthentication extends AbstractUserAuthentication
->from('pages')
// @todo DOCTRINE: check how to make getPagePermsClause() portable
->where(
$this->getPagePermsClause(1),
$this->getPagePermsClause(Permission::PAGE_SHOW),
$queryBuilder->expr()->in(
'uid',
$queryBuilder->createNamedParameter(
......
......@@ -20,6 +20,7 @@ use TYPO3\CMS\Core\Authentication\BackendUserAuthentication;
use TYPO3\CMS\Core\Database\Query\QueryHelper;
use TYPO3\CMS\Core\Database\Query\Restriction\DeletedRestriction;
use TYPO3\CMS\Core\Localization\LanguageService;
use TYPO3\CMS\Core\Type\Bitmask\Permission;
use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Core\Utility\StringUtility;
......@@ -936,7 +937,7 @@ class QueryGenerator
->orderBy('uid');
if (!$backendUserAuthentication->isAdmin() && $GLOBALS['TYPO3_CONF_VARS']['BE']['lockBeUserToDBmounts']) {
$webMounts = $backendUserAuthentication->returnWebmounts();
$perms_clause = $backendUserAuthentication->getPagePermsClause(1);
$perms_clause = $backendUserAuthentication->getPagePermsClause(Permission::PAGE_SHOW);
$webMountPageTree = '';
$webMountPageTreePrefix = '';
foreach ($webMounts as $webMount) {
......@@ -1615,7 +1616,7 @@ class QueryGenerator
if (!$backendUserAuthentication->isAdmin() && $GLOBALS['TYPO3_CONF_VARS']['BE']['lockBeUserToDBmounts']) {
$webMounts = $backendUserAuthentication->returnWebmounts();
$perms_clause = $backendUserAuthentication->getPagePermsClause(1);
$perms_clause = $backendUserAuthentication->getPagePermsClause(Permission::PAGE_SHOW);
$webMountPageTree = '';
$webMountPageTreePrefix = '';
foreach ($webMounts as $webMount) {
......
......@@ -24,6 +24,7 @@ use TYPO3\CMS\Core\Imaging\IconFactory;
use TYPO3\CMS\Core\Localization\LanguageService;
use TYPO3\CMS\Core\Messaging\FlashMessage;
use TYPO3\CMS\Core\Messaging\FlashMessageRendererResolver;
use TYPO3\CMS\Core\Type\Bitmask\Permission;
use TYPO3\CMS\Core\Utility\CsvUtility;
use TYPO3\CMS\Core\Utility\DebugUtility;
use TYPO3\CMS\Core\Utility\ExtensionManagementUtility;
......@@ -1072,7 +1073,7 @@ class QueryView
->orderBy('uid');
if (!$this->backendUserAuthentication->isAdmin() && $GLOBALS['TYPO3_CONF_VARS']['BE']['lockBeUserToDBmounts']) {
$webMounts = $this->backendUserAuthentication->returnWebmounts();
$perms_clause = $this->backendUserAuthentication->getPagePermsClause(1);
$perms_clause = $this->backendUserAuthentication->getPagePermsClause(Permission::PAGE_SHOW);
$webMountPageTree = '';
$webMountPageTreePrefix = '';
foreach ($webMounts as $webMount) {
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment