Project

General

Profile

Actions
Copy link

Bug #88118

closed

Loose reference while remove items from a tree based on a callback in PageTreeRepository

Added by Steve Lenz over 5 years ago. Updated 6 months ago.

Status:
Closed
Priority:
Must have
Assignee:
-
Category:
Authentication
Target version:
-
Start date:
2019-04-09
Due date:
% Done:

0%

Estimated time:
TYPO3 Version:
9
PHP Version:
7.2
Tags:
Complexity:
Is Regression:
Sprint Focus:

Description

Hook "$GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_userauthgroup.php']['calcPerms']" in BackendUserAuthentication has no effect.

The bug is in PageTreeRepository::applyCallbackToChildren in line 145:

/**
     * Removes items from a tree based on a callback, usually used for permission checks
     *
     * @param array $tree
     * @param callable $callback
     */
    protected function applyCallbackToChildren(array &$tree, callable $callback)
    {
        if (!isset($tree['_children'])) {
            return;
        }
        foreach ($tree['_children'] as $k => $childPage) {
            if (!call_user_func_array($callback, [$childPage])) {
                unset($tree['_children'][$k]);
                continue;
            }
            $this->applyCallbackToChildren($childPage, $callback);
        }
    }

The unset does not effect on _children array, because the iteration ignores the reference.

The solution to set reference for $childPage:

foreach ($tree['_children'] as $k => &$childPage) {
...
}

Related issues 1 (0 open1 closed)

Has duplicate TYPO3 Core - Bug #88257: Pages below first menu level visible in pagetree even if the backend user has no permissionsClosed2019-05-02

Actions
Actions
Copy link
 #1

Updated by Gerrit Code Review over 5 years ago

  • Status changed from New to Under Review

Patch set 1 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/60425

Actions
Copy link
 #3

Updated by Oliver Hader over 5 years ago

  • Has duplicate Bug #88257: Pages below first menu level visible in pagetree even if the backend user has no permissions added
Actions
Copy link
 #4

Updated by Susanne Moog almost 5 years ago

  • Status changed from Under Review to Closed

This has been fixed with 9.5.6 and v10 (see https://review.typo3.org/c/Packages/TYPO3.CMS/+/60701).

Actions
Copy link
 #5

Updated by Gerrit Code Review over 1 year ago

  • Status changed from Closed to Under Review

Patch set 2 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/60425

Actions
Copy link
 #6

Updated by Riccardo De Contardi 6 months ago

  • Status changed from Under Review to Closed
  • Assignee deleted (Steve Lenz)

This has been already fixed; I therefore close it

If you think that this is the wrong decision or experience the issue again please reopen it or open a new issue with a reference to this one.

Thank you

Actions
Copy link

Also available in: Atom PDF