[TASK] Deprecate various arguments within AbstractUserAuthentication/BE_USER

A few methods within the *UserAuthentication have arguments deprecated. * AbstractUserAuthentication->writeUC() - first argument deprecated * AbstractUserAuthentication->unpack_uc() - first argument deprecated * BackendUserAuthentication->isInWebMount() - third argument deprecated * BackendUserAuthentication->backendCheckLogin() - first argument deprecated Resolves: #95320 Releases: master Change-Id: Idc62a78d9238a7837770531ad94dcf40988c9d93 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/71182 Tested-by: core-ci <typo3@b13.com> Tested-by: Wouter Wolters <typo3@wouterwolters.nl> Tested-by: Oliver Bartsch <bo@cedev.de> Reviewed-by: Wouter Wolters <typo3@wouterwolters.nl> Reviewed-by: Oliver Bartsch <bo@cedev.de>

[TASK] Deprecate various arguments within AbstractUserAuthentication/BE_USER
A few methods within the *UserAuthentication have arguments deprecated. * AbstractUserAuthentication->writeUC() - first argument deprecated * AbstractUserAuthentication->unpack_uc() - first argument deprecated * BackendUserAuthentication->isInWebMount() - third argument deprecated * BackendUserAuthentication->backendCheckLogin() - first argument deprecated Resolves: #95320 Releases: master Change-Id: Idc62a78d9238a7837770531ad94dcf40988c9d93 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/71182 Tested-by: core-ci <typo3@b13.com> Tested-by: Wouter Wolters <typo3@wouterwolters.nl> Tested-by: Oliver Bartsch <bo@cedev.de> Reviewed-by: Wouter Wolters <typo3@wouterwolters.nl> Reviewed-by: Oliver Bartsch <bo@cedev.de>
f57ecf70 · Benni Mack · Oliver Bartsch · cdfab293 · f57ecf70 · f57ecf70
Commit f57ecf70 authored Sep 22, 2021 by Benni Mack Committed by Oliver Bartsch Sep 24, 2021
--- a/typo3/sysext/backend/Classes/Configuration/BackendUserConfiguration.php
+++ b/typo3/sysext/backend/Classes/Configuration/BackendUserConfiguration.php
@@ -76,7 +76,7 @@ class BackendUserConfiguration
            $this->backendUser->uc[$key] = $value;
        }

-        $this->backendUser->writeUC($this->backendUser->uc);
+        $this->backendUser->writeUC();
    }

    /**
@@ -134,7 +134,7 @@ class BackendUserConfiguration
    {
        if (isset($this->backendUser->uc[$key])) {
            unset($this->backendUser->uc[$key]);
-            $this->backendUser->writeUC($this->backendUser->uc);
+            $this->backendUser->writeUC();
        }
    }


--- a/typo3/sysext/backend/Classes/FrontendBackendUserAuthentication.php
+++ b/typo3/sysext/backend/Classes/FrontendBackendUserAuthentication.php
@@ -69,10 +69,10 @@ class FrontendBackendUserAuthentication extends BackendUserAuthentication
     * Implementing the access checks that the TYPO3 CMS bootstrap script does before a user is ever logged in.
     * Used in the frontend.
     *
-     * @param bool $proceedIfNoUserIsLoggedIn
+     * @param bool|null $proceedIfNoUserIsLoggedIn
     * @return bool Returns TRUE if access is OK
     */
-    public function backendCheckLogin($proceedIfNoUserIsLoggedIn = false)
+    public function backendCheckLogin($proceedIfNoUserIsLoggedIn = null)
    {
        if (empty($this->user['uid'])) {
            return false;

--- a/typo3/sysext/backend/Tests/Unit/Configuration/BackendUserConfigurationTest.php
+++ b/typo3/sysext/backend/Tests/Unit/Configuration/BackendUserConfigurationTest.php
@@ -101,7 +101,8 @@ class BackendUserConfigurationTest extends UnitTestCase
            ],
        ];

-        $this->backendUser->writeUC($expected)->shouldHaveBeenCalled();
+        $this->backendUser->writeUC()->shouldHaveBeenCalled();
+        self::assertEquals($expected, $this->backendUser->uc);
    }

    /**
@@ -120,28 +121,14 @@ class BackendUserConfigurationTest extends UnitTestCase
        $this->backendUserConfiguration->addToList('nested.foo', 'X');
        $this->backendUserConfiguration->addToList('nested.foo', 'Z');
        $this->backendUserConfiguration->addToList('nested.foo', 'Z');
-
-        $expected = [
-            'foo' => 'A,X',
-            'nested' => [
-                'foo' => '',
-            ],
-        ];
-        $this->backendUser->writeUC($expected)->shouldHaveBeenCalled();
-        $expected = [
-            'foo' => 'A,X',
-            'nested' => [
-                'foo' => ',X',
-            ],
-        ];
-        $this->backendUser->writeUC($expected)->shouldHaveBeenCalled();
        $expected = [
            'foo' => 'A,X',
            'nested' => [
                'foo' => ',X,Z',
            ],
        ];
-        $this->backendUser->writeUC($expected)->shouldHaveBeenCalled();
+        $this->backendUser->writeUC()->shouldHaveBeenCalled();
+        self::assertEquals($expected, $this->backendUser->uc);
    }

    /**
@@ -158,22 +145,15 @@ class BackendUserConfigurationTest extends UnitTestCase

        $this->backendUserConfiguration->removeFromList('foo', 'B');
        $this->backendUserConfiguration->removeFromList('nested.foo', 'B');
-        $this->backendUserConfiguration->removeFromList('nested.foo', 'B');

-        $expected = [
-            'foo' => 'A',
-            'nested' => [
-                'foo' => 'A,B,C',
-            ],
-        ];
-        $this->backendUser->writeUC($expected)->shouldHaveBeenCalled();
        $expected = [
            'foo' => 'A',
            'nested' => [
                'foo' => 'A,C',
            ],
        ];
-        $this->backendUser->writeUC($expected)->shouldHaveBeenCalled();
+        $this->backendUser->writeUC()->shouldHaveBeenCalled();
+        self::assertEquals($expected, $this->backendUser->uc);
    }

    /**
@@ -182,7 +162,6 @@ class BackendUserConfigurationTest extends UnitTestCase
    public function clearsConfiguration(): void
    {
        $this->backendUserConfiguration->clear();
-
        $this->backendUser->resetUC()->shouldHaveBeenCalled();
    }

@@ -202,6 +181,7 @@ class BackendUserConfigurationTest extends UnitTestCase
        $expected = [
            'bar' => 'B',
        ];
-        $this->backendUser->writeUC($expected)->shouldHaveBeenCalled();
+        $this->backendUser->writeUC()->shouldHaveBeenCalled();
+        self::assertEquals($expected, $this->backendUser->uc);
    }
 }
--- a/typo3/sysext/core/Classes/Authentication/AbstractUserAuthentication.php
+++ b/typo3/sysext/core/Classes/Authentication/AbstractUserAuthentication.php
@@ -984,10 +984,13 @@ abstract class AbstractUserAuthentication implements LoggerAwareInterface
     * You can fetch the data again through $this->uc in this class!
     * If $variable is not an array, $this->uc is saved!
     *
-     * @param array|string $variable An array you want to store for the user as session data. If $variable is not supplied (is null), the internal variable, ->uc, is stored by default
+     * @param array|string $variable An array you want to store for the user as session data. If $variable is not supplied (is null), the internal variable, ->uc, is stored by default  @deprecated will be removed in TYPO3 v12.0.
     */
    public function writeUC($variable = '')
    {
+        if ($variable !== '') {
+            trigger_error('Calling ' . __CLASS__ . '->writeUC() with an input argument will stop working with TYPO3 12.0. Setting the "uc" as array can be done via $user->uc = $myValue.', E_USER_DEPRECATED);
+        }
        if (is_array($this->user) && $this->user[$this->userid_column]) {
            if (!is_array($variable)) {
                $variable = $this->uc;
@@ -1009,10 +1012,13 @@ abstract class AbstractUserAuthentication implements LoggerAwareInterface
     * Sets $theUC as the internal variable ->uc IF $theUC is an array.
     * If $theUC is FALSE, the 'uc' content from the ->user array will be unserialized and restored in ->uc
     *
-     * @param mixed $theUC If an array, then set as ->uc, otherwise load from user record
+     * @param mixed $theUC If an array, then set as ->uc, otherwise load from user record @deprecated will be removed in TYPO3 v12.0.
     */
    public function unpack_uc($theUC = '')
    {
+        if ($theUC !== '') {
+            trigger_error('Calling ' . __CLASS__ . '->unpack_uc() with an input argument will stop working with TYPO3 12.0. Setting the "uc" as array can be done via $user->uc = $myValue.', E_USER_DEPRECATED);
+        }
        if (!$theUC && isset($this->user['uc'])) {
            $theUC = unserialize($this->user['uc'], ['allowed_classes' => false]);
        }

--- a/typo3/sysext/core/Classes/Authentication/BackendUserAuthentication.php
+++ b/typo3/sysext/core/Classes/Authentication/BackendUserAuthentication.php
@@ -323,12 +323,17 @@ class BackendUserAuthentication extends AbstractUserAuthentication
     *
     * @param int|array $idOrRow Page ID or full page record to check
     * @param string $readPerms Content of "->getPagePermsClause(1)" (read-permissions). If not set, they will be internally calculated (but if you have the correct value right away you can save that database lookup!)
-     * @param bool|int $exitOnError If set, then the function will exit with an error message.
+     * @param bool|int|null $exitOnError If set, then the function will exit with an error message. @deprecated will be removed in TYPO3 v12.0.
     * @throws \RuntimeException
     * @return int|null The page UID of a page in the rootline that matched a mount point
     */
-    public function isInWebMount($idOrRow, $readPerms = '', $exitOnError = 0)
+    public function isInWebMount($idOrRow, $readPerms = '', $exitOnError = null)
    {
+        if ($exitOnError !== null) {
+            trigger_error('Calling BackendUserAuthentication->isInWebMount() with the third argument $exitOnError will have no effect anymore in TYPO3 v12.0.', E_USER_DEPRECATED);
+        } else {
+            $exitOnError = 0;
+        }
        if ($this->isAdmin()) {
            return 1;
        }
@@ -379,6 +384,7 @@ class BackendUserAuthentication extends AbstractUserAuthentication
                }
            }
        }
+        // @deprecated will be removed in TYPO3 v12.0.
        if ($exitOnError) {
            throw new \RuntimeException('Access Error: This page is not within your DB-mounts', 1294586445);
        }
@@ -2112,23 +2118,28 @@ TCAdefaults.sys_note.email = ' . $this->user['email'];
     * If no user is logged in the default behaviour is to exit with an error message.
     * This function is called right after ->start() in fx. the TYPO3 Bootstrap.
     *
-     * @param bool $proceedIfNoUserIsLoggedIn if this option is set, then there won't be a redirect to the login screen of the Backend - used for areas in the backend which do not need user rights like the login page.
+     * @param bool|null $proceedIfNoUserIsLoggedIn if this option is set, then there won't be a redirect to the login screen of the Backend - used for areas in the backend which do not need user rights like the login page.
     * @throws \RuntimeException
     * @todo deprecate
     */
-    public function backendCheckLogin($proceedIfNoUserIsLoggedIn = false)
+    public function backendCheckLogin($proceedIfNoUserIsLoggedIn = null)
    {
        if (empty($this->user['uid'])) {
+            if ($proceedIfNoUserIsLoggedIn === null) {
+                $proceedIfNoUserIsLoggedIn = false;
+            } else {
+                trigger_error('Calling $BE_USER->backendCheckLogin() with a first input argument will not work anymore in TYPO3 v12.0.', E_USER_DEPRECATED);
+            }
+            // @todo: throw a proper AccessDeniedException in TYPO3 v12.0. and handle this functionality in the calling code
            if ($proceedIfNoUserIsLoggedIn === false) {
                $url = $GLOBALS['TYPO3_REQUEST']->getAttribute('normalizedParams')->getSiteUrl() . TYPO3_mainDir;
                throw new ImmediateResponseException(new RedirectResponse($url, 303), 1607271747);
            }
+        } elseif ($this->isUserAllowedToLogin()) {
+            $this->initializeBackendLogin();
        } else {
-            if ($this->isUserAllowedToLogin()) {
-                $this->initializeBackendLogin();
-            } else {
-                throw new \RuntimeException('Login Error: TYPO3 is in maintenance mode at the moment. Only administrators are allowed access.', 1294585860);
-            }
+            // @todo: throw a proper AccessDeniedException in TYPO3 v12.0.
+            throw new \RuntimeException('Login Error: TYPO3 is in maintenance mode at the moment. Only administrators are allowed access.', 1294585860);
        }
    }


--- a/typo3/sysext/core/Classes/Authentication/CommandLineUserAuthentication.php
+++ b/typo3/sysext/core/Classes/Authentication/CommandLineUserAuthentication.php
@@ -110,9 +110,9 @@ class CommandLineUserAuthentication extends BackendUserAuthentication
    /**
     * Logs in the TYPO3 Backend user "_cli_"
     *
-     * @param bool $proceedIfNoUserIsLoggedIn if this option is set, then there won't be a redirect to the login screen of the Backend - used for areas in the backend which do not need user rights like the login page.
+     * @param bool|null $proceedIfNoUserIsLoggedIn if this option is set, then there won't be a redirect to the login screen of the Backend - used for areas in the backend which do not need user rights like the login page.
     */
-    public function backendCheckLogin($proceedIfNoUserIsLoggedIn = false)
+    public function backendCheckLogin($proceedIfNoUserIsLoggedIn = null)
    {
        $this->authenticate();
    }

--- a/typo3/sysext/core/Documentation/Changelog/master/Deprecation-95320-VariousMethodArgumentsInAuthenticationObjects.rst
+++ b/typo3/sysext/core/Documentation/Changelog/master/Deprecation-95320-VariousMethodArgumentsInAuthenticationObjects.rst
+.. include:: ../../Includes.txt
+
+========================================================================
+Deprecation: #95320 - Various method arguments in Authentication objects
+========================================================================
+
+See :issue:`95320`
+
+Description
+===========
+
+The following methods have their first argument deprecated:
+
+* :php:`AbstractUserAuthentication->writeUC()`
+* :php:`AbstractUserAuthentication->unpack_uc()`
+* :php:`BackendUserAuthentication->backendCheckLogin()`
+
+The following method has its third argument deprecated:
+
+* :php:`BackendUserAuthentication->isInWebMount()`
+
+
+Impact
+======
+
+Calling these methods with an explicit argument of the deprecated
+arguments given will trigger a PHP deprecation warning.
+
+
+Affected Installations
+======================
+
+TYPO3 installations with custom extensions calling these methods
+with the deprecated arguments which is highly unlikely.
+
+
+Migration
+=========
+
+Call :php:`AbstractUserAuthentication->writeUC()` without an
+method argument. If you need to explicitly set a custom UC value
+which is not :php:`AbstractUserAuthentication->uc`, you can set this via :php:`AbstractUserAuthentication->uc = $myValue;` in the
+line before.
+
+Call :php:`AbstractUserAuthentication->unpack_uc()` without an
+method argument. If you need to explicitly set a custom UC value
+which is not :php:`AbstractUserAuthentication->uc`, you can set this via :php:`AbstractUserAuthentication->uc = $myValue;` in the
+line before.
+
+Call :php:`BackendUserAuthentication->backendCheckLogin()` without
+an argument but wrap this call in a :php:`try {} catch (\Throwable $e)` if you need the old behavior and want to avoid a deprecation
+message.
+
+Call :php:`BackendUserAuthentication->isInWebMount()` without the
+third argument and check for the return value of being `null`
+which is the equivalent of the expected `RuntimeException` being
+thrown when the third argument was set to `true`.
+
+.. index:: Backend, Frontend, PHP-API, FullyScanned, ext:core
\ No newline at end of file
--- a/typo3/sysext/install/Configuration/ExtensionScanner/Php/MethodArgumentDroppedMatcher.php
+++ b/typo3/sysext/install/Configuration/ExtensionScanner/Php/MethodArgumentDroppedMatcher.php
@@ -315,4 +315,28 @@ return [
            'Deprecation-95219-TypoScriptFrontendController-ATagParams.rst',
        ],
    ],
+    'TYPO3\CMS\Core\Authentication\AbstractUserAuthentication->writeUC' => [
+        'maximumNumberOfArguments' => 0,
+        'restFiles' => [
+            'Deprecation-95320-VariousMethodArgumentsInAuthenticationObjects.rst',
+        ],
+    ],
+    'TYPO3\CMS\Core\Authentication\AbstractUserAuthentication->unpack_uc' => [
+        'maximumNumberOfArguments' => 0,
+        'restFiles' => [
+            'Deprecation-95320-VariousMethodArgumentsInAuthenticationObjects.rst',
+        ],
+    ],
+    'TYPO3\CMS\Core\Authentication\BackendUserAuthentication->backendCheckLogin' => [
+        'maximumNumberOfArguments' => 0,
+        'restFiles' => [
+            'Deprecation-95320-VariousMethodArgumentsInAuthenticationObjects.rst',
+        ],
+    ],
+    'TYPO3\CMS\Core\Authentication\BackendUserAuthentication->isInWebMount' => [
+        'maximumNumberOfArguments' => 2,
+        'restFiles' => [
+            'Deprecation-95320-VariousMethodArgumentsInAuthenticationObjects.rst',
+        ],
+    ],
 ];
--- a/typo3/sysext/setup/Classes/Controller/SetupModuleController.php
+++ b/typo3/sysext/setup/Classes/Controller/SetupModuleController.php
@@ -318,7 +318,7 @@ class SetupModuleController
            $save_after = md5(serialize($backendUser->uc));
            // If something in the uc-array of the user has changed, we save the array...
            if ($save_before != $save_after) {
-                $backendUser->writeUC($backendUser->uc);
+                $backendUser->writeUC();
                $backendUser->writelog(SystemLogType::SETTING, SystemLogSettingAction::CHANGE, SystemLogErrorClassification::MESSAGE, 1, 'Personal settings changed', []);
                $this->setupIsUpdated = true;
            }

--- a/typo3/sysext/viewpage/Classes/Controller/ViewModuleController.php
+++ b/typo3/sysext/viewpage/Classes/Controller/ViewModuleController.php
@@ -357,7 +357,7 @@ class ViewModuleController
            }
        } else {
            $this->getBackendUser()->uc['moduleData']['web_view']['States']['languageSelectorValue'] = $languageId;
-            $this->getBackendUser()->writeUC($this->getBackendUser()->uc);
+            $this->getBackendUser()->writeUC();
        }
        return $languageId;
    }