Browse Source

Use current BE user for DB operations which need admin privileges

tags/v1.2.0
Sebastian Meyer 10 years ago
parent
commit
535ef0770b
  1. 48
      dlf/common/class.tx_dlf_helper.php
  2. 2
      dlf/common/class.tx_dlf_indexing.php
  3. 2
      dlf/common/class.tx_dlf_list.php
  4. 2
      dlf/common/class.tx_dlf_solr.php
  5. 8
      dlf/hooks/class.tx_dlf_em.php
  6. 84
      dlf/hooks/class.tx_dlf_tcemain.php
  7. 8
      dlf/modules/newclient/index.php

48
dlf/common/class.tx_dlf_helper.php

@ -750,10 +750,11 @@ class tx_dlf_helper {
* @param array $data: Data map
* @param array $cmd: Command map
* @param boolean $reverseOrder: Should the command map be processed first?
* @param boolean $be_user: Use current backend user's rights for processing?
*
* @return array Array of substituted "NEW..." identifiers and their actual UIDs.
*/
public static function processDB(array $data = array (), array $cmd = array (), $reverseOrder = FALSE) {
public static function processDB(array $data = array (), array $cmd = array (), $reverseOrder = FALSE, $be_user = FALSE) {
// Instantiate TYPO3 core engine.
$tce = t3lib_div::makeInstance('t3lib_TCEmain');
@ -762,18 +763,18 @@ class tx_dlf_helper {
$tce->stripslashes_values = FALSE;
// Get backend user for processing.
if (TYPO3_MODE === 'BE' && $GLOBALS['BE_USER']->isAdmin()) {
if ($be_user && isset($GLOBALS['BE_USER'])) {
$be_user = $GLOBALS['BE_USER'];
$user = $GLOBALS['BE_USER'];
} else {
$be_user = self::getBeUser();
$user = self::getBeUser();
}
// Load data and command arrays.
$tce->start($data, $cmd, $be_user);
$tce->start($data, $cmd, $user);
// Process command map first if default order is reversed.
if ($cmd && $reverseOrder) {
@ -801,11 +802,42 @@ class tx_dlf_helper {
}
/**
* Process a data and/or command map with TYPO3 core engine as admin.
*
* @access public
*
* @param array $data: Data map
* @param array $cmd: Command map
* @param boolean $reverseOrder: Should the command map be processed first?
*
* @return array Array of substituted "NEW..." identifiers and their actual UIDs.
*/
public static function processDBasAdmin(array $data = array (), array $cmd = array (), $reverseOrder = FALSE) {
if (TYPO3_MODE === 'BE' && $GLOBALS['BE_USER']->isAdmin()) {
return self::processDB($data, $cmd, $reverseOrder, TRUE);
} else {
if (TYPO3_DLOG) {
t3lib_div::devLog('[tx_dlf_helper->processDBasAdmin([data->data], [data->cmd], ['.($reverseOrder ? 'TRUE' : 'FALSE').'])] Current backend user has no admin privileges', $this->extKey, SYSLOG_SEVERITY_ERROR, array ('data' => $data, 'cmd' => $cmd));
}
return array ();
}
}
/**
* Save given value to user's session.
*
* @access public
*
* @param string $value: Value to save
* @param mixed $value: Value to save
* @param string $key: Session data key for saving
*
* @return boolean TRUE on success, FALSE on failure
@ -822,7 +854,7 @@ class tx_dlf_helper {
if (TYPO3_DLOG) {
t3lib_div::devLog('[tx_dlf_helper->saveToSession('.$value.', '.$_key.')] Invalid key "'.$key.'" for session data saving', $this->extKey, SYSLOG_SEVERITY_WARNING);
t3lib_div::devLog('[tx_dlf_helper->saveToSession([data], '.$_key.')] Invalid key "'.$key.'" for session data saving', $this->extKey, SYSLOG_SEVERITY_WARNING, $value);
}
@ -849,7 +881,7 @@ class tx_dlf_helper {
if (TYPO3_DLOG) {
t3lib_div::devLog('[tx_dlf_helper->saveToSession('.$value.', '.$_key.')] Unexpected TYPO3_MODE "'.TYPO3_MODE.'"', $this->extKey, SYSLOG_SEVERITY_ERROR);
t3lib_div::devLog('[tx_dlf_helper->saveToSession([data], '.$_key.')] Unexpected TYPO3_MODE "'.TYPO3_MODE.'"', $this->extKey, SYSLOG_SEVERITY_ERROR, $data);
}

2
dlf/common/class.tx_dlf_indexing.php

@ -408,7 +408,7 @@ class tx_dlf_indexing {
}
if ($indexing['indexed']) {
if ($indexing['indexed'] || $indexing['autocomplete']) {
self::$fields['indexed'][] = $indexing['index_name'];

2
dlf/common/class.tx_dlf_list.php

@ -466,7 +466,7 @@ class tx_dlf_list implements t3lib_Singleton {
if (TYPO3_DLOG) {
t3lib_div::devLog('[tx_dlf_list->__set('.$var.', '.$value.')] There is no setter function for property "'.$var.'"', $this->extKey, SYSLOG_SEVERITY_WARNING);
t3lib_div::devLog('[tx_dlf_list->__set('.$var.', [data])] There is no setter function for property "'.$var.'"', $this->extKey, SYSLOG_SEVERITY_WARNING, $value);
}

2
dlf/common/class.tx_dlf_solr.php

@ -613,7 +613,7 @@ class tx_dlf_solr {
if (TYPO3_DLOG) {
t3lib_div::devLog('[tx_dlf_solr->__set('.$var.', '.$value.')] There is no setter function for property "'.$var.'"', self::$extKey, SYSLOG_SEVERITY_WARNING);
t3lib_div::devLog('[tx_dlf_solr->__set('.$var.', [data])] There is no setter function for property "'.$var.'"', self::$extKey, SYSLOG_SEVERITY_WARNING, $value);
}

8
dlf/hooks/class.tx_dlf_em.php

@ -197,7 +197,7 @@ class tx_dlf_em {
$GLOBALS['TCA']['be_users']['ctrl']['enablecolumns']['endtime'] => 0
);
tx_dlf_helper::processDB($data);
tx_dlf_helper::processDBasAdmin($data);
// Check if configuration was successful.
if ($this->checkCliUser(TRUE, $groupUid)) {
@ -253,7 +253,7 @@ class tx_dlf_em {
'usergroup' => intval($groupUid)
);
$substUid = tx_dlf_helper::processDB($data);
$substUid = tx_dlf_helper::processDBasAdmin($data);
// Check if creation was successful.
if (!empty($substUid[$tempUid])) {
@ -410,7 +410,7 @@ class tx_dlf_em {
$GLOBALS['TCA']['be_groups']['ctrl']['enablecolumns']['disabled'] => 0
);
tx_dlf_helper::processDB($data);
tx_dlf_helper::processDBasAdmin($data);
// Check if configuration was successful.
if ($this->checkCliGroup(TRUE, $settings)) {
@ -468,7 +468,7 @@ class tx_dlf_em {
'inc_access_lists' => 1
);
$substUid = tx_dlf_helper::processDB($data);
$substUid = tx_dlf_helper::processDBasAdmin($data);
// Check if creation was successful.
if (!empty($substUid[$tempUid])) {

84
dlf/hooks/class.tx_dlf_tcemain.php

@ -68,10 +68,26 @@ class tx_dlf_tcemain {
break;
// Field post-processing for tables "tx_dlf_collections", "tx_dlf_libraries", "tx_dlf_metadata" and "tx_dlf_structures".
// Field post-processing for table "tx_dlf_metadata".
case 'tx_dlf_metadata':
// Store field in index if it should appear in lists.
if (!empty($fieldArray['is_listed'])) {
$fieldArray['stored'] = 1;
}
// Index field in index if it should be used for auto-completion.
if (!empty($fieldArray['autocomplete'])) {
$fieldArray['indexed'] = 1;
}
// Field post-processing for tables "tx_dlf_metadata", "tx_dlf_collections", "tx_dlf_libraries" and "tx_dlf_structures".
case 'tx_dlf_collections':
case 'tx_dlf_libraries':
case 'tx_dlf_metadata':
case 'tx_dlf_structures':
// Set label as index name if empty.
@ -170,8 +186,70 @@ class tx_dlf_tcemain {
switch ($table) {
// Field post-processing for tables "tx_dlf_metadata" and "tx_dlf_structures".
// Field post-processing for table "tx_dlf_metadata".
case 'tx_dlf_metadata':
// Store field in index if it should appear in lists.
if (!empty($fieldArray['is_listed'])) {
$fieldArray['stored'] = 1;
}
if (isset($fieldArray['stored']) && $fieldArray['stored'] == 0 && !isset($fieldArray['is_listed'])) {
// Get current configuration.
$result = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
$table.'.is_listed AS is_listed',
$table,
$table.'.uid='.intval($id).tx_dlf_helper::whereClause($table),
'',
'',
'1'
);
if ($GLOBALS['TYPO3_DB']->sql_num_rows($result)) {
$resArray = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($result);
// Reset index name to current.
$fieldArray['stored'] = $resArray['is_listed'];
}
}
// Index field in index if it should be used for auto-completion.
if (!empty($fieldArray['autocomplete'])) {
$fieldArray['indexed'] = 1;
}
if (isset($fieldArray['indexed']) && $fieldArray['indexed'] == 0 && !isset($fieldArray['autocomplete'])) {
// Get current configuration.
$result = $GLOBALS['TYPO3_DB']->exec_SELECTquery(
$table.'.autocomplete AS autocomplete',
$table,
$table.'.uid='.intval($id).tx_dlf_helper::whereClause($table),
'',
'',
'1'
);
if ($GLOBALS['TYPO3_DB']->sql_num_rows($result)) {
$resArray = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($result);
// Reset index name to current.
$fieldArray['indexed'] = $resArray['autocomplete'];
}
}
// Field post-processing for tables "tx_dlf_metadata" and "tx_dlf_structures".
case 'tx_dlf_structures':
// The index name should not be changed in production.

8
dlf/modules/newclient/index.php

@ -74,7 +74,7 @@ class tx_dlf_modNewclient extends tx_dlf_module {
$data['be_groups'][$resArray['uid']]['db_mountpoints'] = $resArray['db_mountpoints'].','.$this->id;
tx_dlf_helper::processDB($data);
tx_dlf_helper::processDBasAdmin($data);
// Fine.
$_message = t3lib_div::makeInstance(
@ -132,7 +132,7 @@ class tx_dlf_modNewclient extends tx_dlf_module {
}
$_ids = tx_dlf_helper::processDB($data);
$_ids = tx_dlf_helper::processDBasAdmin($data);
// Check for failed inserts.
if (count($_ids) == count($metadata)) {
@ -179,7 +179,7 @@ class tx_dlf_modNewclient extends tx_dlf_module {
'index_name' => '',
);
$_ids = tx_dlf_helper::processDB($data);
$_ids = tx_dlf_helper::processDBasAdmin($data);
// Check for failed inserts.
if (count($_ids) == 1) {
@ -235,7 +235,7 @@ class tx_dlf_modNewclient extends tx_dlf_module {
}
$_ids = tx_dlf_helper::processDB($data);
$_ids = tx_dlf_helper::processDBasAdmin($data);
// Check for failed inserts.
if (count($_ids) == count($structures)) {

Loading…
Cancel
Save