Commit f57ecf70 authored by Benni Mack's avatar Benni Mack Committed by Oliver Bartsch
Browse files

[TASK] Deprecate various arguments within AbstractUserAuthentication/BE_USER

A few methods within the *UserAuthentication have arguments deprecated.

* AbstractUserAuthentication->writeUC() - first argument deprecated
* AbstractUserAuthentication->unpack_uc() - first argument deprecated
* BackendUserAuthentication->isInWebMount() - third argument deprecated
* BackendUserAuthentication->backendCheckLogin() - first argument deprecated

Resolves: #95320
Releases: master
Change-Id: Idc62a78d9238a7837770531ad94dcf40988c9d93
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/71182

Tested-by: core-ci's avatarcore-ci <typo3@b13.com>
Tested-by: Wouter Wolters's avatarWouter Wolters <typo3@wouterwolters.nl>
Tested-by: Oliver Bartsch's avatarOliver Bartsch <bo@cedev.de>
Reviewed-by: Wouter Wolters's avatarWouter Wolters <typo3@wouterwolters.nl>
Reviewed-by: Oliver Bartsch's avatarOliver Bartsch <bo@cedev.de>
parent cdfab293
......@@ -76,7 +76,7 @@ class BackendUserConfiguration
$this->backendUser->uc[$key] = $value;
}
$this->backendUser->writeUC($this->backendUser->uc);
$this->backendUser->writeUC();
}
/**
......@@ -134,7 +134,7 @@ class BackendUserConfiguration
{
if (isset($this->backendUser->uc[$key])) {
unset($this->backendUser->uc[$key]);
$this->backendUser->writeUC($this->backendUser->uc);
$this->backendUser->writeUC();
}
}
......
......@@ -69,10 +69,10 @@ class FrontendBackendUserAuthentication extends BackendUserAuthentication
* Implementing the access checks that the TYPO3 CMS bootstrap script does before a user is ever logged in.
* Used in the frontend.
*
* @param bool $proceedIfNoUserIsLoggedIn
* @param bool|null $proceedIfNoUserIsLoggedIn
* @return bool Returns TRUE if access is OK
*/
public function backendCheckLogin($proceedIfNoUserIsLoggedIn = false)
public function backendCheckLogin($proceedIfNoUserIsLoggedIn = null)
{
if (empty($this->user['uid'])) {
return false;
......
......@@ -101,7 +101,8 @@ class BackendUserConfigurationTest extends UnitTestCase
],
];
$this->backendUser->writeUC($expected)->shouldHaveBeenCalled();
$this->backendUser->writeUC()->shouldHaveBeenCalled();
self::assertEquals($expected, $this->backendUser->uc);
}
/**
......@@ -120,28 +121,14 @@ class BackendUserConfigurationTest extends UnitTestCase
$this->backendUserConfiguration->addToList('nested.foo', 'X');
$this->backendUserConfiguration->addToList('nested.foo', 'Z');
$this->backendUserConfiguration->addToList('nested.foo', 'Z');
$expected = [
'foo' => 'A,X',
'nested' => [
'foo' => '',
],
];
$this->backendUser->writeUC($expected)->shouldHaveBeenCalled();
$expected = [
'foo' => 'A,X',
'nested' => [
'foo' => ',X',
],
];
$this->backendUser->writeUC($expected)->shouldHaveBeenCalled();
$expected = [
'foo' => 'A,X',
'nested' => [
'foo' => ',X,Z',
],
];
$this->backendUser->writeUC($expected)->shouldHaveBeenCalled();
$this->backendUser->writeUC()->shouldHaveBeenCalled();
self::assertEquals($expected, $this->backendUser->uc);
}
/**
......@@ -158,22 +145,15 @@ class BackendUserConfigurationTest extends UnitTestCase
$this->backendUserConfiguration->removeFromList('foo', 'B');
$this->backendUserConfiguration->removeFromList('nested.foo', 'B');
$this->backendUserConfiguration->removeFromList('nested.foo', 'B');
$expected = [
'foo' => 'A',
'nested' => [
'foo' => 'A,B,C',
],
];
$this->backendUser->writeUC($expected)->shouldHaveBeenCalled();
$expected = [
'foo' => 'A',
'nested' => [
'foo' => 'A,C',
],
];
$this->backendUser->writeUC($expected)->shouldHaveBeenCalled();
$this->backendUser->writeUC()->shouldHaveBeenCalled();
self::assertEquals($expected, $this->backendUser->uc);
}
/**
......@@ -182,7 +162,6 @@ class BackendUserConfigurationTest extends UnitTestCase
public function clearsConfiguration(): void
{
$this->backendUserConfiguration->clear();
$this->backendUser->resetUC()->shouldHaveBeenCalled();
}
......@@ -202,6 +181,7 @@ class BackendUserConfigurationTest extends UnitTestCase
$expected = [
'bar' => 'B',
];
$this->backendUser->writeUC($expected)->shouldHaveBeenCalled();
$this->backendUser->writeUC()->shouldHaveBeenCalled();
self::assertEquals($expected, $this->backendUser->uc);
}
}
......@@ -984,10 +984,13 @@ abstract class AbstractUserAuthentication implements LoggerAwareInterface
* You can fetch the data again through $this->uc in this class!
* If $variable is not an array, $this->uc is saved!
*
* @param array|string $variable An array you want to store for the user as session data. If $variable is not supplied (is null), the internal variable, ->uc, is stored by default
* @param array|string $variable An array you want to store for the user as session data. If $variable is not supplied (is null), the internal variable, ->uc, is stored by default @deprecated will be removed in TYPO3 v12.0.
*/
public function writeUC($variable = '')
{
if ($variable !== '') {
trigger_error('Calling ' . __CLASS__ . '->writeUC() with an input argument will stop working with TYPO3 12.0. Setting the "uc" as array can be done via $user->uc = $myValue.', E_USER_DEPRECATED);
}
if (is_array($this->user) && $this->user[$this->userid_column]) {
if (!is_array($variable)) {
$variable = $this->uc;
......@@ -1009,10 +1012,13 @@ abstract class AbstractUserAuthentication implements LoggerAwareInterface
* Sets $theUC as the internal variable ->uc IF $theUC is an array.
* If $theUC is FALSE, the 'uc' content from the ->user array will be unserialized and restored in ->uc
*
* @param mixed $theUC If an array, then set as ->uc, otherwise load from user record
* @param mixed $theUC If an array, then set as ->uc, otherwise load from user record @deprecated will be removed in TYPO3 v12.0.
*/
public function unpack_uc($theUC = '')
{
if ($theUC !== '') {
trigger_error('Calling ' . __CLASS__ . '->unpack_uc() with an input argument will stop working with TYPO3 12.0. Setting the "uc" as array can be done via $user->uc = $myValue.', E_USER_DEPRECATED);
}
if (!$theUC && isset($this->user['uc'])) {
$theUC = unserialize($this->user['uc'], ['allowed_classes' => false]);
}
......
......@@ -323,12 +323,17 @@ class BackendUserAuthentication extends AbstractUserAuthentication
*
* @param int|array $idOrRow Page ID or full page record to check
* @param string $readPerms Content of "->getPagePermsClause(1)" (read-permissions). If not set, they will be internally calculated (but if you have the correct value right away you can save that database lookup!)
* @param bool|int $exitOnError If set, then the function will exit with an error message.
* @param bool|int|null $exitOnError If set, then the function will exit with an error message. @deprecated will be removed in TYPO3 v12.0.
* @throws \RuntimeException
* @return int|null The page UID of a page in the rootline that matched a mount point
*/
public function isInWebMount($idOrRow, $readPerms = '', $exitOnError = 0)
public function isInWebMount($idOrRow, $readPerms = '', $exitOnError = null)
{
if ($exitOnError !== null) {
trigger_error('Calling BackendUserAuthentication->isInWebMount() with the third argument $exitOnError will have no effect anymore in TYPO3 v12.0.', E_USER_DEPRECATED);
} else {
$exitOnError = 0;
}
if ($this->isAdmin()) {
return 1;
}
......@@ -379,6 +384,7 @@ class BackendUserAuthentication extends AbstractUserAuthentication
}
}
}
// @deprecated will be removed in TYPO3 v12.0.
if ($exitOnError) {
throw new \RuntimeException('Access Error: This page is not within your DB-mounts', 1294586445);
}
......@@ -2112,23 +2118,28 @@ TCAdefaults.sys_note.email = ' . $this->user['email'];
* If no user is logged in the default behaviour is to exit with an error message.
* This function is called right after ->start() in fx. the TYPO3 Bootstrap.
*
* @param bool $proceedIfNoUserIsLoggedIn if this option is set, then there won't be a redirect to the login screen of the Backend - used for areas in the backend which do not need user rights like the login page.
* @param bool|null $proceedIfNoUserIsLoggedIn if this option is set, then there won't be a redirect to the login screen of the Backend - used for areas in the backend which do not need user rights like the login page.
* @throws \RuntimeException
* @todo deprecate
*/
public function backendCheckLogin($proceedIfNoUserIsLoggedIn = false)
public function backendCheckLogin($proceedIfNoUserIsLoggedIn = null)
{
if (empty($this->user['uid'])) {
if ($proceedIfNoUserIsLoggedIn === null) {
$proceedIfNoUserIsLoggedIn = false;
} else {
trigger_error('Calling $BE_USER->backendCheckLogin() with a first input argument will not work anymore in TYPO3 v12.0.', E_USER_DEPRECATED);
}
// @todo: throw a proper AccessDeniedException in TYPO3 v12.0. and handle this functionality in the calling code
if ($proceedIfNoUserIsLoggedIn === false) {
$url = $GLOBALS['TYPO3_REQUEST']->getAttribute('normalizedParams')->getSiteUrl() . TYPO3_mainDir;
throw new ImmediateResponseException(new RedirectResponse($url, 303), 1607271747);
}
} elseif ($this->isUserAllowedToLogin()) {
$this->initializeBackendLogin();
} else {
if ($this->isUserAllowedToLogin()) {
$this->initializeBackendLogin();
} else {
throw new \RuntimeException('Login Error: TYPO3 is in maintenance mode at the moment. Only administrators are allowed access.', 1294585860);
}
// @todo: throw a proper AccessDeniedException in TYPO3 v12.0.
throw new \RuntimeException('Login Error: TYPO3 is in maintenance mode at the moment. Only administrators are allowed access.', 1294585860);
}
}
......
......@@ -110,9 +110,9 @@ class CommandLineUserAuthentication extends BackendUserAuthentication
/**
* Logs in the TYPO3 Backend user "_cli_"
*
* @param bool $proceedIfNoUserIsLoggedIn if this option is set, then there won't be a redirect to the login screen of the Backend - used for areas in the backend which do not need user rights like the login page.
* @param bool|null $proceedIfNoUserIsLoggedIn if this option is set, then there won't be a redirect to the login screen of the Backend - used for areas in the backend which do not need user rights like the login page.
*/
public function backendCheckLogin($proceedIfNoUserIsLoggedIn = false)
public function backendCheckLogin($proceedIfNoUserIsLoggedIn = null)
{
$this->authenticate();
}
......
.. include:: ../../Includes.txt
========================================================================
Deprecation: #95320 - Various method arguments in Authentication objects
========================================================================
See :issue:`95320`
Description
===========
The following methods have their first argument deprecated:
* :php:`AbstractUserAuthentication->writeUC()`
* :php:`AbstractUserAuthentication->unpack_uc()`
* :php:`BackendUserAuthentication->backendCheckLogin()`
The following method has its third argument deprecated:
* :php:`BackendUserAuthentication->isInWebMount()`
Impact
======
Calling these methods with an explicit argument of the deprecated
arguments given will trigger a PHP deprecation warning.
Affected Installations
======================
TYPO3 installations with custom extensions calling these methods
with the deprecated arguments which is highly unlikely.
Migration
=========
Call :php:`AbstractUserAuthentication->writeUC()` without an
method argument. If you need to explicitly set a custom UC value
which is not :php:`AbstractUserAuthentication->uc`, you can set this via :php:`AbstractUserAuthentication->uc = $myValue;` in the
line before.
Call :php:`AbstractUserAuthentication->unpack_uc()` without an
method argument. If you need to explicitly set a custom UC value
which is not :php:`AbstractUserAuthentication->uc`, you can set this via :php:`AbstractUserAuthentication->uc = $myValue;` in the
line before.
Call :php:`BackendUserAuthentication->backendCheckLogin()` without
an argument but wrap this call in a :php:`try {} catch (\Throwable $e)` if you need the old behavior and want to avoid a deprecation
message.
Call :php:`BackendUserAuthentication->isInWebMount()` without the
third argument and check for the return value of being `null`
which is the equivalent of the expected `RuntimeException` being
thrown when the third argument was set to `true`.
.. index:: Backend, Frontend, PHP-API, FullyScanned, ext:core
\ No newline at end of file
......@@ -315,4 +315,28 @@ return [
'Deprecation-95219-TypoScriptFrontendController-ATagParams.rst',
],
],
'TYPO3\CMS\Core\Authentication\AbstractUserAuthentication->writeUC' => [
'maximumNumberOfArguments' => 0,
'restFiles' => [
'Deprecation-95320-VariousMethodArgumentsInAuthenticationObjects.rst',
],
],
'TYPO3\CMS\Core\Authentication\AbstractUserAuthentication->unpack_uc' => [
'maximumNumberOfArguments' => 0,
'restFiles' => [
'Deprecation-95320-VariousMethodArgumentsInAuthenticationObjects.rst',
],
],
'TYPO3\CMS\Core\Authentication\BackendUserAuthentication->backendCheckLogin' => [
'maximumNumberOfArguments' => 0,
'restFiles' => [
'Deprecation-95320-VariousMethodArgumentsInAuthenticationObjects.rst',
],
],
'TYPO3\CMS\Core\Authentication\BackendUserAuthentication->isInWebMount' => [
'maximumNumberOfArguments' => 2,
'restFiles' => [
'Deprecation-95320-VariousMethodArgumentsInAuthenticationObjects.rst',
],
],
];
......@@ -318,7 +318,7 @@ class SetupModuleController
$save_after = md5(serialize($backendUser->uc));
// If something in the uc-array of the user has changed, we save the array...
if ($save_before != $save_after) {
$backendUser->writeUC($backendUser->uc);
$backendUser->writeUC();
$backendUser->writelog(SystemLogType::SETTING, SystemLogSettingAction::CHANGE, SystemLogErrorClassification::MESSAGE, 1, 'Personal settings changed', []);
$this->setupIsUpdated = true;
}
......
......@@ -357,7 +357,7 @@ class ViewModuleController
}
} else {
$this->getBackendUser()->uc['moduleData']['web_view']['States']['languageSelectorValue'] = $languageId;
$this->getBackendUser()->writeUC($this->getBackendUser()->uc);
$this->getBackendUser()->writeUC();
}
return $languageId;
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment