Bug #17161
Access rights where checked by two functions
| Status: | Needs Feedback | Start date: | 2007-03-27 | |
|---|---|---|---|---|
| Priority: | Should have | Due date: | ||
| Assignee: | - | % Done: | 0% |
|
| Category: | - | |||
| Target version: | - | |||
| TYPO3 Version: | 4.1 | Complexity: | ||
| PHP Version: | 5.2 | |||
| Votes: | 0 |
Description
I would like to extend the user access rights, so I used the hook in the function "calcPerms" (which is called by "doesUserHaveAccess) to do this.
Not all actions where affected by this, and I found out that in "class.t3lib_tcemain.php" the function "doesRecordExist" uses another function ("doesRecordExist_pageLookUp") to check the access rights. Is this function needed anymore?
I have changed the function "doesRecordExist" to use "doesUserHaveAccess" (see .diff). That works for me, but I don't know if this have any negative effects.
(issue imported from #M5308)
History
Updated by Robert Heel about 4 years ago
If a function of the hook ['t3lib/class.t3lib_userauthgroup.php']['calcPerms'] returns 0 (attached extension "calcpermstest.tar.bz2"), a BE User can't create new pages, but he can copy a page with drag'n'drop (and so create a new page...). "checkaccess.diff" fix this.
Updated by Alexander Opitz 14 days ago
- Status changed from New to Needs Feedback
- Target version deleted (
0)
The issue is very old, does this issue exists in newer versions of TYPO3 CMS (4.5 or 6.1)?