Commit adaf7e5e authored by Benni Mack's avatar Benni Mack Committed by Christian Kuhn
Browse files

[!!!][TASK] Remove deprecated code from Authentication

Most deprecated code within authentication related
classes, a last place will have a dedicated patch.

Resolves: #96248
Related: #93023
Related: #95320
Releases: master
Change-Id: I482a3dcd3c31c8625993ebff883b8b557e8967ed
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/72476


Tested-by: core-ci's avatarcore-ci <typo3@b13.com>
Tested-by: Stefan Bürk's avatarStefan Bürk <stefan@buerk.tech>
Tested-by: Christian Kuhn's avatarChristian Kuhn <lolli@schwarzbu.ch>
Reviewed-by: Stefan Bürk's avatarStefan Bürk <stefan@buerk.tech>
Reviewed-by: Christian Kuhn's avatarChristian Kuhn <lolli@schwarzbu.ch>
parent 975056a0
......@@ -23,7 +23,6 @@ use Symfony\Component\HttpFoundation\Cookie;
use TYPO3\CMS\Core\Authentication\Mfa\MfaProviderRegistry;
use TYPO3\CMS\Core\Authentication\Mfa\MfaRequiredException;
use TYPO3\CMS\Core\Core\Environment;
use TYPO3\CMS\Core\Crypto\Random;
use TYPO3\CMS\Core\Database\Connection;
use TYPO3\CMS\Core\Database\ConnectionPool;
use TYPO3\CMS\Core\Database\Query\Restriction\DefaultRestrictionContainer;
......@@ -36,7 +35,6 @@ use TYPO3\CMS\Core\Database\Query\Restriction\StartTimeRestriction;
use TYPO3\CMS\Core\Exception;
use TYPO3\CMS\Core\Http\CookieHeaderTrait;
use TYPO3\CMS\Core\Http\ServerRequestFactory;
use TYPO3\CMS\Core\Session\Backend\Exception\SessionNotFoundException;
use TYPO3\CMS\Core\Session\UserSession;
use TYPO3\CMS\Core\Session\UserSessionManager;
use TYPO3\CMS\Core\SysLog\Action\Login as SystemLogLoginAction;
......@@ -714,17 +712,6 @@ abstract class AbstractUserAuthentication implements LoggerAwareInterface
}
}
/**
* Creates a new session ID.
*
* @return string The new session ID
* @deprecated since TYPO3 v11.0, will be removed in TYPO3 v12, is kept because it is used in Testing Framework
*/
public function createSessionId()
{
return GeneralUtility::makeInstance(Random::class)->generateRandomHexString(32);
}
/**
* Initializes authentication services to be used in a foreach loop
*
......@@ -802,31 +789,6 @@ abstract class AbstractUserAuthentication implements LoggerAwareInterface
}
}
/**
* Read the user session from db.
*
* @param bool $skipSessionUpdate
* @return array|bool User session data, false if $userSession->getIdentifier() does not represent valid session
* @deprecated since TYPO3 v11, will be removed in TYPO3 v12.
*/
public function fetchUserSession($skipSessionUpdate = false)
{
try {
$session = $this->userSessionManager->createSessionFromStorage($this->userSession->getIdentifier());
} catch (SessionNotFoundException $e) {
return false;
}
$this->userSession = $session;
// Session is anonymous so no need to fetch user
if ($session->isAnonymous()) {
return $session->toArray();
}
// Fetch the user from the DB
$userRecord = $this->fetchValidUserFromSessionOrDestroySession($skipSessionUpdate);
return is_array($userRecord) ? $userRecord : false;
}
/**
* If the session is bound to a user, this method fetches the user record, and returns it.
* If the session has a timeout, the session date is extended if needed. Also the ìs_online
......@@ -990,28 +952,19 @@ abstract class AbstractUserAuthentication implements LoggerAwareInterface
*
*************************/
/**
* This writes $variable to the user-record. This is a way of providing session-data.
* This writes $this->>uc to the user-record. This is a way of providing session-data.
* You can fetch the data again through $this->uc in this class!
* If $variable is not an array, $this->uc is saved!
*
* @param array|string $variable An array you want to store for the user as session data. If $variable is not supplied (is null), the internal variable, ->uc, is stored by default @deprecated will be removed in TYPO3 v12.0.
*/
public function writeUC($variable = '')
public function writeUC()
{
if ($variable !== '') {
trigger_error('Calling ' . __CLASS__ . '->writeUC() with an input argument will stop working with TYPO3 12.0. Setting the "uc" as array can be done via $user->uc = $myValue.', E_USER_DEPRECATED);
}
if (is_array($this->user) && $this->user[$this->userid_column]) {
if (!is_array($variable)) {
$variable = $this->uc;
}
$this->logger->debug('writeUC: {userid_column}={value}', [
'userid_column' => $this->userid_column,
'value' => $this->user[$this->userid_column],
]);
GeneralUtility::makeInstance(ConnectionPool::class)->getConnectionForTable($this->user_table)->update(
$this->user_table,
['uc' => serialize($variable)],
['uc' => serialize($this->uc)],
[$this->userid_column => (int)$this->user[$this->userid_column]],
['uc' => Connection::PARAM_LOB]
);
......@@ -1019,21 +972,15 @@ abstract class AbstractUserAuthentication implements LoggerAwareInterface
}
/**
* Sets $theUC as the internal variable ->uc IF $theUC is an array.
* If $theUC is FALSE, the 'uc' content from the ->user array will be unserialized and restored in ->uc
*
* @param mixed $theUC If an array, then set as ->uc, otherwise load from user record @deprecated will be removed in TYPO3 v12.0.
* Unserializes the user configuration from the user record into $this->>uc
*/
public function unpack_uc($theUC = '')
public function unpack_uc()
{
if ($theUC !== '') {
trigger_error('Calling ' . __CLASS__ . '->unpack_uc() with an input argument will stop working with TYPO3 12.0. Setting the "uc" as array can be done via $user->uc = $myValue.', E_USER_DEPRECATED);
}
if (!$theUC && isset($this->user['uc'])) {
if (isset($this->user['uc'])) {
$theUC = unserialize($this->user['uc'], ['allowed_classes' => false]);
}
if (is_array($theUC)) {
$this->uc = $theUC;
if (is_array($theUC)) {
$this->uc = $theUC;
}
}
}
......@@ -1333,55 +1280,8 @@ abstract class AbstractUserAuthentication implements LoggerAwareInterface
return $query->execute()->fetchAssociative();
}
/**
* @return UserSession
*/
public function getSession(): UserSession
{
return $this->userSession;
}
public function __isset(string $propertyName): bool
{
switch ($propertyName) {
case 'id':
trigger_error('Property id is removed in v11.', E_USER_DEPRECATED);
return isset($this->userSession);
}
return isset($this->propertyName);
}
public function __set(string $propertyName, $propertyValue)
{
switch ($propertyName) {
case 'id':
if (!isset($this->userSessionManager)) {
$this->initializeUserSessionManager();
}
$this->userSession = UserSession::createNonFixated($propertyValue);
// No deprecation due to adaptions in testing framework to remove ->id = ...
break;
}
$this->$propertyName = $propertyValue;
}
public function __get(string $propertyName)
{
switch ($propertyName) {
case 'id':
trigger_error('Property id is marked as protected now. Use ->getSession()->getIdentifier().', E_USER_DEPRECATED);
return $this->getSession()->getIdentifier();
}
return $this->$propertyName;
}
public function __unset(string $propertyName): void
{
switch ($propertyName) {
case 'id':
trigger_error('Property id is marked as protected now. Use ->getSession()->getIdentifier().', E_USER_DEPRECATED);
return;
}
unset($this->$propertyName);
}
}
......@@ -323,17 +323,11 @@ class BackendUserAuthentication extends AbstractUserAuthentication
*
* @param int|array $idOrRow Page ID or full page record to check
* @param string $readPerms Content of "->getPagePermsClause(1)" (read-permissions). If not set, they will be internally calculated (but if you have the correct value right away you can save that database lookup!)
* @param bool|int|null $exitOnError If set, then the function will exit with an error message. @deprecated will be removed in TYPO3 v12.0.
* @throws \RuntimeException
* @return int|null The page UID of a page in the rootline that matched a mount point
*/
public function isInWebMount($idOrRow, $readPerms = '', $exitOnError = null)
public function isInWebMount($idOrRow, $readPerms = '')
{
if ($exitOnError !== null) {
trigger_error('Calling BackendUserAuthentication->isInWebMount() with the third argument $exitOnError will have no effect anymore in TYPO3 v12.0.', E_USER_DEPRECATED);
} else {
$exitOnError = 0;
}
if ($this->isAdmin()) {
return 1;
}
......@@ -384,10 +378,6 @@ class BackendUserAuthentication extends AbstractUserAuthentication
}
}
}
// @deprecated will be removed in TYPO3 v12.0.
if ($exitOnError) {
throw new \RuntimeException('Access Error: This page is not within your DB-mounts', 1294586445);
}
return null;
}
......@@ -2200,12 +2190,6 @@ TCAdefaults.sys_note.email = ' . $this->user['email'];
$this->overrideUC();
$updated = true;
}
// Setting default lang from be_user record, also update for backwards-compatibility
// @deprecated This will be removed in TYPO3 v12
if (!isset($this->uc['lang']) || $this->uc['lang'] !== $this->user['lang']) {
$this->uc['lang'] = $this->user['lang'];
$updated = true;
}
// Setting the time of the first login:
if (!isset($this->uc['firstLoginTimeStamp'])) {
$this->uc['firstLoginTimeStamp'] = $GLOBALS['EXEC_TIME'];
......
......@@ -82,6 +82,8 @@ The following PHP class methods that have previously been marked as deprecated f
- :php:`\TYPO3\CMS\Backend\Domain\Module\BackendModule->getOnClick()`
- :php:`\TYPO3\CMS\Backend\View\Event\AbstractSectionMarkupGeneratedEvent->getPageLayoutView()`
- :php:`\TYPO3\CMS\Backend\View\Event\AbstractSectionMarkupGeneratedEvent->getLanguageId()`
- :php:`\TYPO3\CMS\Core\Authentication\AbstractUserAuthentication->createSessionId()`
- :php:`\TYPO3\CMS\Core\Authentication\AbstractUserAuthentication->fetchUserSession()`
- :php:`\TYPO3\CMS\Core\Configuration\FlexForm\FlexFormTools->getArrayValueByPath()`
- :php:`\TYPO3\CMS\Core\Configuration\FlexForm\FlexFormTools->setArrayValueByPath()`
- :php:`\TYPO3\CMS\Core\Database\ReferenceIndex->disableRuntimeCache()`
......@@ -150,6 +152,9 @@ The following PHP static class methods that have previously been marked as depre
The following PHP class methods changed signature according to previous deprecations in v11 at the end of the argument list:
- :php:`\TYPO3\CMS\Core\Authentication\AbstractUserAuthentication->unpack_uc()` (argument 1 removed)
- :php:`\TYPO3\CMS\Core\Authentication\AbstractUserAuthentication->writeUC()` (argument 1 removed)
- :php:`\TYPO3\CMS\Core\Authentication\BackendUserAuthentication->isInWebMount()` (argument 3 removed)
- :php:`\TYPO3\CMS\Core\Core\ApplicationInterface->run()` (argument 1 is removed)
- :php:`\TYPO3\CMS\Core\Database\RelationHandler->writeForeignField()` (argument 4 removed)
- :php:`\TYPO3\CMS\Core\Resource\AbstractFile->getPublicUrl()` (argument 1 is removed)
......
......@@ -363,12 +363,14 @@ return [
'maximumNumberOfArguments' => 0,
'restFiles' => [
'Deprecation-95320-VariousMethodArgumentsInAuthenticationObjects.rst',
'Breaking-96107-DeprecatedFunctionalityRemoved.rst',
],
],
'TYPO3\CMS\Core\Authentication\AbstractUserAuthentication->unpack_uc' => [
'maximumNumberOfArguments' => 0,
'restFiles' => [
'Deprecation-95320-VariousMethodArgumentsInAuthenticationObjects.rst',
'Breaking-96107-DeprecatedFunctionalityRemoved.rst',
],
],
'TYPO3\CMS\Core\Authentication\BackendUserAuthentication->backendCheckLogin' => [
......@@ -381,6 +383,7 @@ return [
'maximumNumberOfArguments' => 2,
'restFiles' => [
'Deprecation-95320-VariousMethodArgumentsInAuthenticationObjects.rst',
'Breaking-96107-DeprecatedFunctionalityRemoved.rst',
],
],
'TYPO3\CMS\Backend\Backend\Avatar\Image->getUrl' => [
......
......@@ -4642,6 +4642,7 @@ return [
'maximumNumberOfArguments' => 0,
'restFiles' => [
'Deprecation-93023-ReworkedSessionHandling.rst',
'Breaking-96107-DeprecatedFunctionalityRemoved.rst',
],
],
'TYPO3\CMS\Core\Authentication\AbstractUserAuthentication->fetchUserSession' => [
......@@ -4649,6 +4650,7 @@ return [
'maximumNumberOfArguments' => 1,
'restFiles' => [
'Deprecation-93023-ReworkedSessionHandling.rst',
'Breaking-96107-DeprecatedFunctionalityRemoved.rst',
],
],
'TYPO3\CMS\Core\Database\RelationHandler->getWorkspaceId' => [
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment