Actions
Bug #103530
openImageViewHelper breaks a BE login provider page with "You cannot read folders"
Status:
New
Priority:
Should have
Assignee:
-
Category:
Fluid
Target version:
-
Start date:
2024-04-03
Due date:
% Done:
0%
Estimated time:
TYPO3 Version:
11
PHP Version:
8.1
Tags:
Complexity:
Is Regression:
Sprint Focus:
Description
Overview¶
I have a backend login provider that displays images using f:image
tag with a property height=20
. The images are uploaded into fileadmin
storage using Filelist
module. Loading the page (if no BE user is logged in) results in 503 error and the log contains the message:
component="TYPO3.CMS.Core.Error.ProductionExceptionHandler": Core: Exception handler (WEB: BE): TYPO3\CMS\Core\Resource\Exception\InsufficientFolderAccessPermissionsException, code #1430657869, file /var/www/typo3_src/typo3/sysext/core/Classes/Resource/ResourceStorage.php, line 874: You are not allowed to read folders - {"mode":"WEB","application_mode":"BE","exception_class":"TYPO3\\CMS\\Core\\Resource\\Exception\\InsufficientFolderAccessPermissionsException","exception_code":1430657869,"file":"/var/www/typo3_src/typo3/sysext/core/Classes/Resource/ResourceStorage.php","line":874,"message":"You are not allowed to read folders","request_url":"http://....../typo3?loginProvider=1706879181","exception":null}
After the same images are displayed elsewhere, the above mentioned login provider page loads successfully.
Steps to reproduce¶
- Failed attempt
- Upload an image to
fileadmin
and store a reference to it somewhere - Create a backend login provider that uses a
f:image
tag withwidth
parameter to display the uploaded image using its reference - Select this provider on the backend login page - this results in a 503 error.
- Upload an image to
- Successful attempt
- Add the same
f:image
tag to any template that can be displayed on a frontend - Load the page with this template
- Go back to the backend login page and select the problematic login provider - now the page loads.
- Add the same
Results of an investigation¶
Using a debugger I've been able to localize the problem to ImageViewHelper::render()
method, line 182 in ImageViewHelper.php:
$processedImage = $this->imageService->applyProcessingInstructions($image, $processingInstructions);
and further to
FileProcessingService::processFile()
, lines 109-111 in FileProcessingService.php:if (!$processedFile->isProcessed()) { $this->process($processedFile, $targetStorage); }
Unless the file is already processed, the
process()
method calls exists()
that requires read permission for the fileadmin
storage. However, as no user is logged in, all permissions are revoked and the exception is raised.
To confirm, I've forced the processing of the images by displaying them on the frontend (using the same f:image
tag), after which the login provider page loads with no problem. In this case the line $processedFile->isProcessed()
returned true, so that $this->process(...)
was not invoked.
No data to display
Actions