Task #56611
closedEpic #55070: Workpackages
Epic #55066: WP: Security enhancements
Story #56431: Use new wizard registration and remove wizard entry points
new reference error with non-admin user
100%
Description
When logging in with a non-admin user and trying to create a reference results in the error attached to this issue
i made sure all file permissions are checked for the group.
I am allready in production, please fix asap.
As admin user everything works as expected
Files
Updated by Philipp Wrann almost 11 years ago
You dont have the possibility to allow the module
wizard_element_browser
to a group
So its not possible to enable the element browser except for admin users
trace
1)
$moduleUrl = BackendUtility::getModuleUrl('wizard_element_browser') . '&mode=';
2)
if (!$GLOBALS['BE_USER']->check('modules', $moduleName)) {
return FALSE;
}
3)
if (isset($this->groupData[$type])) {
if ($this->isAdmin() || GeneralUtility::inList($this->groupData[$type], $value)) {
return TRUE;
}
}
return FALSE;
Either you dont return false if the key is no actual module OR you add the wizard_element_browser to the modList, i wouldnt do that, you allready have so much to configure for backend users to be actual able to do SOMEthing.
####
BTW:
when adding wizard_element_browser to the list of allowed modules (be_groups::groupsMods) you can workaround this bug.
Updated by Markus Klein almost 11 years ago
- Category changed from File Abstraction Layer (FAL) to Backend API
- Status changed from New to Accepted
- Complexity changed from no-brainer to easy
- Is Regression changed from No to Yes
Updated by Gerrit Code Review almost 11 years ago
- Status changed from Accepted to Under Review
Patch set 1 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/28118
Updated by Gerrit Code Review almost 11 years ago
Patch set 2 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/28118
Updated by Helmut Hummel almost 11 years ago
- Status changed from Under Review to Resolved
- % Done changed from 0 to 100
Applied in changeset 11ea20441bf58791bd9a266d118ebaff39622a66.