Project

General

Profile

Actions
Copy link

Bug #17161

closed

Access rights where checked by two functions

Added by Robert Heel over 17 years ago. Updated about 11 years ago.

Status:
Closed
Priority:
Should have
Assignee:
-
Category:
-
Target version:
-
Start date:
2007-03-27
Due date:
% Done:

0%

Estimated time:
TYPO3 Version:
4.1
PHP Version:
5.2
Tags:
Complexity:
Is Regression:
Sprint Focus:

Description

I would like to extend the user access rights, so I used the hook in the function "calcPerms" (which is called by "doesUserHaveAccess) to do this.

Not all actions where affected by this, and I found out that in "class.t3lib_tcemain.php" the function "doesRecordExist" uses another function ("doesRecordExist_pageLookUp") to check the access rights. Is this function needed anymore?

I have changed the function "doesRecordExist" to use "doesUserHaveAccess" (see .diff). That works for me, but I don't know if this have any negative effects.

(issue imported from #M5308)

Files

Download all files
checkaccess.diff (1.37 KB) checkaccess.diff Administrator Admin, 2007-03-27 15:36
calcpermstest.tar.bz2 (955 Bytes) calcpermstest.tar.bz2 Administrator Admin, 2009-02-27 12:36
Actions
Copy link
 #1

Updated by Robert Heel over 15 years ago

If a function of the hook ['t3lib/class.t3lib_userauthgroup.php']['calcPerms'] returns 0 (attached extension "calcpermstest.tar.bz2"), a BE User can't create new pages, but he can copy a page with drag'n'drop (and so create a new page...). "checkaccess.diff" fix this.

Actions
Copy link
 #2

Updated by Alexander Opitz over 11 years ago

  • Status changed from New to Needs Feedback
  • Target version deleted (0)

The issue is very old, does this issue exists in newer versions of TYPO3 CMS (4.5 or 6.1)?

Actions
Copy link
 #3

Updated by Alexander Opitz about 11 years ago

  • Status changed from Needs Feedback to Closed

No feedback for over 90 days.

Actions
Copy link

Also available in: Atom PDF