Project

General

Profile

Actions
Copy link

Task #76306

closed

Secure Backend Controllers with access check in __construct

Added by Helmut Hummel over 8 years ago. Updated over 4 years ago.

Status:
Closed
Priority:
Should have
Assignee:
-
Category:
Security
Target version:
-
Start date:
2016-05-26
Due date:
% Done:

0%

Estimated time:
TYPO3 Version:
7
PHP Version:
Tags:
Complexity:
Sprint Focus:

Description

In order to harden backend controllers, they should implement an access check in a constructor

Actions
Copy link
 #1

Updated by Helmut Hummel over 8 years ago

  • Category set to Security
Actions
Copy link
 #2

Updated by Benni Mack over 4 years ago

  • Status changed from New to Needs Feedback

Can you define a bit clearer what you would want to achieve with this?

We use this via middlewares and routes now. One controller could be used in various modules etc. If you#re referrring to the "Check if admin / access to page" concept, I'd rather move this to a PSR-15 middleware, where we are currently checking for access.

Actions
Copy link
 #3

Updated by Helmut Hummel over 4 years ago

Yeah, I think as well this can be closed now.

Actions
Copy link
 #4

Updated by Benni Mack over 4 years ago

  • Status changed from Needs Feedback to Closed

Thanks!

Actions
Copy link

Also available in: Atom PDF