2 namespace TYPO3\CMS\Backend\Form\FormDataProvider;
22 use TYPO3\CMS\Backend\Form\Exception\AccessDeniedException;
23 use TYPO3\CMS\Backend\Form\Exception\AccessDeniedTableModifyException;
24 use TYPO3\CMS\Backend\Form\Exception\AccessDeniedPageEditException;
25 use TYPO3\CMS\Backend\Form\Exception\AccessDeniedPageNewException;
26 use TYPO3\CMS\Backend\Form\Exception\AccessDeniedContentEditException;
27 use TYPO3\CMS\Backend\Form\Exception\AccessDeniedRootNodeException;
28 use TYPO3\CMS\Backend\Form\Exception\AccessDeniedEditInternalsException;
29 use TYPO3\CMS\Backend\Form\Exception\AccessDeniedHookException;
57 if ($backendUser->isAdmin()) {
62 if (!$backendUser->check(
'tables_modify', $result[
'tableName'])) {
66 'No table modify permission for user ' . $backendUser->user[
'uid'] .
' on table ' . $result[
'tableName'],
72 $userHasAccess =
false;
74 if ($result[
'command'] ===
'new') {
78 if (is_array($result[
'parentPageRow'])) {
80 $userPermissionOnPage = $backendUser->calcPerms($result[
'parentPageRow']);
81 if ($result[
'tableName'] ===
'pages') {
84 $userHasAccess =
true;
87 'No page new permission for user ' . $backendUser->user[
'uid'] .
' on page ' . $result[
'databaseRow'][
'uid'],
94 $userHasAccess =
true;
97 'No content new permission for user ' . $backendUser->user[
'uid'] .
' on page ' . $result[
'parentPageRow'][
'uid'],
106 throw new \RuntimeException(
107 'Not implemented. User ' . $backendUser->user[
'uid'] .
' creats new record ' . $result[
'tableName'] .
' on root node.',
113 if ($result[
'tableName'] ===
'pages') {
115 $userPermissionOnPage = $backendUser->calcPerms($result[
'databaseRow']);
117 $userHasAccess =
true;
120 'No page edit permission for user ' . $backendUser->user[
'uid'] .
' on page ' . $result[
'databaseRow'][
'uid'],
126 if (is_array($result[
'parentPageRow'])) {
128 $userPermissionOnPage = $backendUser->calcPerms($result[
'parentPageRow']);
130 $userHasAccess =
true;
133 'No content edit permission for user ' . $backendUser->user[
'uid'] .
' on page ' . $result[
'parentPageRow'][
'uid'],
139 $userHasAccess =
true;
145 'No content edit permission for user ' . $backendUser->user[
'uid'] .
' on page root node',
150 if ($userHasAccess) {
152 $userHasAccess = $backendUser->recordEditAccessInternals($result[
'tableName'], $result[
'databaseRow']);
153 if (!$userHasAccess) {
155 $backendUser->errorMsg,
162 if ($userHasAccess && $exception) {
165 throw new \LogicException(
166 'Access was TRUE but an exception was raised as well for table ' . $result[
'tableName'] .
' and user ' . $backendUser->user[
'uid'],
171 if (!empty(
$GLOBALS[
'TYPO3_CONF_VARS'][
'SC_OPTIONS'][
'typo3/alt_doc.php'][
'makeEditForm_accessCheck'])
172 && is_array(
$GLOBALS[
'TYPO3_CONF_VARS'][
'SC_OPTIONS'][
'typo3/alt_doc.php'][
'makeEditForm_accessCheck'])
176 $userHasAccessBeforeHook = $userHasAccess;
177 foreach (
$GLOBALS[
'TYPO3_CONF_VARS'][
'SC_OPTIONS'][
'typo3/alt_doc.php'][
'makeEditForm_accessCheck'] as $methodReference) {
179 'table' => $result[
'tableName'],
180 'uid' => $result[
'databaseRow'][
'uid'],
181 'cmd' => $result[
'command'],
182 'hasAccess' => $userHasAccess,
186 if ($userHasAccessBeforeHook && !$userHasAccess) {
188 'Access to table ' . $result[
'tableName'] .
' for user ' . $backendUser->user[
'uid'] .
' was denied by a makeEditForm_accessCheck hook',
192 if (!$userHasAccessBeforeHook && $userHasAccess) {
198 if (!$userHasAccess && !$exception) {
201 throw new \LogicException(
202 'Access to table ' . $result[
'tableName'] .
' denied, but no reason given',
211 $result[
'userPermissionOnPage'] = $userPermissionOnPage;