Inheritance diagram for MvcPropertyMappingConfigurationService:

Public Member Functions
	injectHashService (\TYPO3\CMS\Extbase\Security\Cryptography\HashService $hashService)

	generateTrustedPropertiesToken ($formFieldNames, $fieldNamePrefix= '')

	initializePropertyMappingConfigurationFromRequest (\TYPO3\CMS\Extbase\Mvc\Request $request,\TYPO3\CMS\Extbase\Mvc\Controller\Arguments $controllerArguments)

Protected Member Functions
	serializeAndHashFormFieldArray (array $formFieldArray)

	modifyPropertyMappingConfiguration ($propertyConfiguration,\TYPO3\CMS\Extbase\Property\PropertyMappingConfiguration $propertyMappingConfiguration)

Protected Attributes
	$hashService

Detailed Description

This is a Service which can generate a request hash and check whether the currently given arguments fit to the request hash.

It is used when forms are generated and submitted: After a form has been generated, the method "generateRequestHash" is called with the names of all form fields. It cleans up the array of form fields and creates another representation of it, which is then serialized and hashed.

Both serialized form field list and the added hash form the request hash, which will be sent over the wire (as an argument __hmac).

On the validation side, the validation happens in two steps: 1) Check if the request hash is consistent (the hash value fits to the serialized string) 2) Check that all GET/POST parameters submitted occur inside the form field list of the request hash.

Note: It is crucially important that a private key is computed into the hash value! This is done inside the HashService.

Definition at line 33 of file MvcPropertyMappingConfigurationService.php.

Member Function Documentation

generateTrustedPropertiesToken	(	$formFieldNames,
		$fieldNamePrefix = `''`
	)

Generate a request hash for a list of form fields

Parameters

array	$formFieldNames	Array of form fields
string	$fieldNamePrefix

Returns: string trusted properties token

Exceptions

\TYPO3\CMS\EXTBASE\Security\Exception\InvalidArgumentForHashGenerationException

Definition at line 59 of file MvcPropertyMappingConfigurationService.php.

References MvcPropertyMappingConfigurationService\serializeAndHashFormFieldArray().

initializePropertyMappingConfigurationFromRequest	(	\TYPO3\CMS\Extbase\Mvc\Request	$request,
		\TYPO3\CMS\Extbase\Mvc\Controller\Arguments	$controllerArguments
	)

Initialize the property mapping configuration in $controllerArguments if the trusted properties are set inside the request.

Parameters

\TYPO3\CMS\Extbase\Mvc\Request	$request
\TYPO3\CMS\Extbase\Mvc\Controller\Arguments	$controllerArguments

Returns: void

Definition at line 121 of file MvcPropertyMappingConfigurationService.php.

References MvcPropertyMappingConfigurationService\modifyPropertyMappingConfiguration().

injectHashService ( \TYPO3\CMS\Extbase\Security\Cryptography\HashService $hashService )

Parameters

\TYPO3\CMS\Extbase\Security\Cryptography\HashService $hashService

Definition at line 45 of file MvcPropertyMappingConfigurationService.php.

References MvcPropertyMappingConfigurationService\$hashService.

modifyPropertyMappingConfiguration	(		$propertyConfiguration,
		\TYPO3\CMS\Extbase\Property\PropertyMappingConfiguration	$propertyMappingConfiguration
	)

protected

Modify the passed $propertyMappingConfiguration according to the $propertyConfiguration which has been generated by Fluid. In detail, if the $propertyConfiguration contains an __identity field, we allow modification of objects; else we allow creation.

All other properties are specified as allowed properties.

Parameters