Bug #72582
closed
feedit does not work when logged in as feuser: Invalid request for route "/record/edit"
100%
Description
As soon as you are logged in with a frontend user, frontend editing (feedit) does not work anymore.
When clicking on the "Edit" icon in the frontend, the popup opens and an exception is thrown:
#1425389455: Invalid request for route "/record/edit" (More information)
TYPO3\CMS\Backend\Routing\Exception\RouteNotFoundException thrown in file
/typo3_src-7.6.2/typo3/sysext/backend/Classes/Http/RouteDispatcher.php in line 49.
Steps to reproduce:
- Install fresh TYPO3 7.6.2 with introduction package
- Enable admin panel (frontend editing works)
- Create frontend user sysfolder, add frontend group, add frontend user
- Put login form on a page, point it to frontend user sysfolder
- Login with frontend user, click the edit icon and see the exception message in the popup.
What still works after logging in with a frontend user is: deleting, hiding and moving elements up and down.
Updated by Christian Weiske almost 9 years ago
The problem is that BackendUriBuilder::buildUriFromRoute() uses FormProtectionFactory::get() without parameters. It uses FrontendFormProtection because it detects TYPO3_MODE === 'FE'.
When opening the link, BackendFormProtection is used to validate the token - and this fails.
The correct solution would probably be to make BackendUriBuilder request BackendFormProtection, instead of relying on autodetection.
Updated by Gerrit Code Review almost 9 years ago
- Status changed from New to Under Review
Patch set 1 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/45687
Updated by Gerrit Code Review almost 9 years ago
Patch set 2 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/45687
Updated by Gerrit Code Review almost 9 years ago
Patch set 3 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/45687
Updated by Gerrit Code Review almost 9 years ago
Patch set 4 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/45687
Updated by Gerrit Code Review almost 9 years ago
Patch set 5 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/45687
Updated by Gerrit Code Review almost 9 years ago
Patch set 6 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/45687
Updated by Gerrit Code Review almost 9 years ago
Patch set 7 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/45687
Updated by Gerrit Code Review almost 9 years ago
Patch set 8 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/45687
Updated by Gerrit Code Review almost 9 years ago
Patch set 1 for branch TYPO3_7-6 of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/45934
Updated by Anonymous almost 9 years ago
- Status changed from Under Review to Resolved
- % Done changed from 0 to 100
Applied in changeset cf3a72a7ee0a0f776eb5d8cc33452891dce3ade6.
Updated by Gerrit Code Review almost 9 years ago
- Status changed from Resolved to Under Review
Patch set 2 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/46107
Updated by Wouter Wolters almost 9 years ago
- Status changed from Under Review to Closed
Updated by Christian Weiske almost 9 years ago
@Wouter: You're closing this ticket as a duplicate of itself?
Updated by Wouter Wolters almost 9 years ago
- Status changed from Closed to Under Review
I don't know why that happened. I entered this message in the other ticket :S
Updated by Paul A. Auwehla almost 9 years ago
Applied the patch for the two files and I am happy ;-))
FEediting with logged in FEuser is possible now again.
Updated by Ian Solo over 8 years ago
Instead I applied Patch set 2 and when I try to login in the BE I get:
#1285067843: A back-end form protection may only be instantiated if there is an active back-end session. (More information)
Updated by Christian Weiske over 8 years ago
Christian Toffolo: Use the first patch (comment#10), not the second (comment#12).
Updated by Ian Solo over 8 years ago
Christian Weiske: I already have the edits of patch 1 in my source code, no need to apply that one.
I came to this bug report cause I had the same problem of #72865 that has been closed as duplicate of this one, while it's not a duplicate, it's just (maybe) related.
That is...
when I try to create new content using the second button under "Editing" in the admPanel I get:
Invalid request for route "/record/content/new"
Can you confirm/deny this please?
Actually I have to sadly tell the editors: "FE editing it's working except that if you need to create a new content on a empty page you have to use the BE"
Updated by Christian Weiske over 8 years ago
Christian Toffolo: I can confirm that the "Create new content element" button on the edit panel still causes the exception.
We've hidden the admin panel and only use the "+" buttons below the actual content elements, this is why we did not notice this problem.
Updated by Anja Leichsenring over 6 years ago
- Status changed from Under Review to Resolved
Updated by