Actions
Bug #43429
closed
editPanel / editIcons: ts setting 'onlyCurrentPid = 1' ignored
Status:
Closed
Priority:
Should have
Assignee:
-
Category:
Frontend
Target version:
-
Start date:
2012-11-29
Due date:
% Done:
100%
Estimated time:
TYPO3 Version:
4.5
PHP Version:
Tags:
Complexity:
Is Regression:
No
Sprint Focus:
Description
The sub setting 'onlyCurrentPid = 1' for editPanel / editIcons is ignored.
class.t3lib_frontendedit.php / function allowedToEdit:
if ($editAccessInternals) {
if ($table == 'pages') {
// 2 = permission to edit the page
if ($GLOBALS['BE_USER']->isAdmin() || $GLOBALS['BE_USER']->doesUserHaveAccess($dataArray, 2)) {
$mayEdit = TRUE;
}
} else {
// 16 = permission to edit content on the page
if ($GLOBALS['BE_USER']->isAdmin() || $GLOBALS['BE_USER']->doesUserHaveAccess(t3lib_BEfunc::getRecord('pages', $dataArray['pid']), 16)) {
$mayEdit = TRUE;
}
}
if (!$conf['onlyCurrentPid'] || ($dataArray['pid'] == $GLOBALS['TSFE']->id)) {
// Permissions:
$types = t3lib_div::trimExplode(',', t3lib_div::strtolower($conf['allow']), 1);
$allow = array_flip($types);
$perms = $GLOBALS['BE_USER']->calcPerms($GLOBALS['TSFE']->page);
if ($table == 'pages') {
$allow = $this->getAllowedEditActions($table, $conf, $dataArray['pid'], $allow);
// Can only display editbox if there are options in the menu
if (count($allow)) {
$mayEdit = TRUE;
}
} else {
$mayEdit = count($allow) && ($perms & 16);
}
}
}
return $mayEdit;
Maybe I don't understand the concept, but im my opinion
$GLOBALS['BE_USER']->doesUserHaveAccess(t3lib_BEfunc::getRecord('pages', $dataArray['pid']), 16) is a necessary but not sufficient condition to set $mayEdit to TRUE. My suggestion:
if ($GLOBALS['BE_USER']->isAdmin() || ($GLOBALS['BE_USER']->doesUserHaveAccess(t3lib_BEfunc::getRecord('pages', $dataArray['pid']), 16) && !$conf['onlyCurrentPid'])) {
$mayEdit = TRUE;
}
Updated by 
Updated by 
Updated by 
Updated by
Actions