Bug #86542

Override admin panel settings does nothing

Added by Florian Rival about 1 year ago. Updated 6 months ago.

Status:
Needs Feedback
Priority:
Should have
Assignee:
-
Category:
AdminPanel
Target version:
-
Start date:
2018-10-02
Due date:
% Done:

0%

TYPO3 Version:
8
PHP Version:
Tags:
Complexity:
easy
Is Regression:
Sprint Focus:
On Location Sprint

Description

If you try to set user TSConfig to hide some settings in FE admin panel, that doesn't work.

Example (see attached file) :

admPanel {
enable.preview = 1
override.preview.showFluidDebug = 0
override.preview.simulateDate= 0
}

It seems that this configuration doesn't work :

admPanel.override.[modulename].[propertyname]

I didn't test for panels other than 'preview'.

The code involved is here : \TYPO3\CMS\Frontend\View\AdminPanelView->getPreviewModule
You can see that everything is hard coded ignoring TS Config.

Admin panel.jpg View (23.2 KB) Florian Rival, 2018-10-02 10:57


Related issues

Related to TYPO3 Core - Bug #87895: ViewHelper <f:be.security.ifAuthenticated> does not work for editors New 2019-03-13

History

#1 Updated by Florian Rival about 1 year ago

  • Category set to AdminPanel
  • Complexity set to easy

#2 Updated by Susanne Moog about 1 year ago

  • Sprint Focus set to On Location Sprint

#3 Updated by Susanne Moog 8 months ago

  • Status changed from New to Needs Feedback

As the adminPanel was rewritten in v9 can you check again if it's working ok for you there? Thanks!

#4 Updated by Florian Rival 8 months ago

Ok the configuration works in version V9.

#5 Updated by Riccardo De Contardi 7 months ago

Either I am doing something wrong, or for me the issue is still present on 9.5.5 or 10.0.0-dev

admPanel.override.[modulename].[propertyname]

Does not seem to have any effect. I tried with putting the TSConfig code both in the tsconfig field of a be usergroup and of a be user (non-admin).

#6 Updated by Christian Eßl 6 months ago

Testing with the TSConfig:

admPanel {
 enable.preview = 1
 override.preview.showFluidDebug = 0
 override.preview.simulateDate= 0
}

A few scenarios:
  • pasting this in the page TSConfig and viewing the adminpanel as admin, the settings are ignored
  • pasting this in the admin users TSConfig and viewing the adminpanel as admin, the settings are applied
  • pasting this in the TSConfig of a non-admin beuser and viewing the adminpanel as this user, the settings are ignored

So we have a few problems here:
Apparently the adminpanel currently only loads in User TSConfig, not Page TSConfig. Is this supposed to be the case? Then this statement can be ignored.

Second, when logging in as non-admin user which has activated the adminpanel in TSConfig, it can happen that the adminpanel is not shown at all. This is because in StateUtility::isActivatedForUser() the $GLOBALS['BE_USER'] is empty in this case.
I checked around what could explain this behaviour and found a few lines in the PageResolver middleware:

// No access? Then remove user and re-evaluate the page id
        if ($this->controller->isBackendUserLoggedIn() && !$GLOBALS['BE_USER']->doesUserHaveAccess($this->controller->page, Permission::PAGE_SHOW)) {
            unset($GLOBALS['BE_USER']);
            // Register an empty backend user as aspect
            $this->setBackendUserAspect(GeneralUtility::makeInstance(Context::class), null);
            $this->controller->determineId();
        }

This code checks if the logged in beuser has SHOW permissions on the currently viewed page, if not, the beuser object is unset.
So this means, for the adminpanel to work for non-admin beusers, you would alway have to go to the acces module in the backend and set page access permissions for a group the beuser belongs to. In my opinion, the page access permissions are not related to the adminpanel, so I would handle this as a BUG.

#7 Updated by Riccardo De Contardi 3 months ago

  • Related to Bug #87895: ViewHelper <f:be.security.ifAuthenticated> does not work for editors added

Also available in: Atom PDF