Project

General

Profile

Actions

Feature #89983

closed

Allow comma separated list of roles in f:security.ifHasRole

Added by Dieter Porth almost 5 years ago. Updated 5 months ago.

Status:
Rejected
Priority:
Should have
Assignee:
-
Category:
-
Start date:
2019-12-18
Due date:
% Done:

0%

Estimated time:
PHP Version:
Tags:
Complexity:
Sprint Focus:

Description

Instead of


 protected static function evaluateCondition($arguments = null)
    {
        $role = $arguments['role'];
        /** @var UserAspect $userAspect */
        $userAspect = GeneralUtility::makeInstance(Context::class)->getAspect('frontend.user');
        if (!$userAspect->isLoggedIn()) {
            return false;
        }
        if (is_numeric($role)) {
            $groupIds = $userAspect->getGroupIds();
            return in_array((int)$role, $groupIds, true);
        }
        return in_array($role, $userAspect->getGroupNames(), true);
    }

use
// Code ist not tested.
 protected static function evaluateCondition($arguments = null)
    {
        $role = $arguments['role'];
        /** @var UserAspect $userAspect */
        $userAspect = GeneralUtility::makeInstance(Context::class)->getAspect('frontend.user');
        if (!$userAspect->isLoggedIn()) {
            return false;
        }
        if (is_numeric($role)) {
            $groupIds = $userAspect->getGroupIds();
            $roles = array_filter( array_map('intval',explode(',',$role)));
            return ((array_sect(($roles, $groupIds) >0);
        }
        $roles = array_filter( array_map('trim',explode(',',$role)));
        return (array_sect($roles, $userAspect->getGroupNames())>0);
    }


Related issues 1 (0 open1 closed)

Related to TYPO3 Core - Feature #95175: security.ifByRoles-Viewhelper, which allows to check different groups and allowes mixed use of usergruop-IDs and -names Rejected2021-09-10

Actions
Actions #1

Updated by Bastian Bringenberg almost 5 years ago

  • Project changed from 9 to TYPO3 Core

Moved right Project.

Actions #2

Updated by Dieter Porth almost 5 years ago

Better (Tested for list of Ints)

    protected static function evaluateCondition($arguments = null)
    {
        $role = $arguments['role'];
        /** @var UserAspect $userAspect */
        $userAspect = GeneralUtility::makeInstance(Context::class)->getAspect('frontend.user');
        if (!$userAspect->isLoggedIn()) {
            return false;
        }
        if ((int)trim($role) >0) {
            $groupIds = array_filter( array_map('intval',$userAspect->getGroupIds()));
            $roles = array_filter( array_map('intval',explode(',',$role)));
            return  (count(array_intersect($roles, $groupIds)) >0);;
        }
        $roles = array_filter( array_map('trim',explode(',',$role)));
        return (count(array_intersect($roles, $userAspect->getGroupNames()))>0);
    }

Actions #3

Updated by Georg Ringer over 4 years ago

  • Status changed from New to Accepted
  • Target version set to Candidate for Major Version
Actions #4

Updated by Georg Ringer 5 months ago

  • Related to Feature #95175: security.ifByRoles-Viewhelper, which allows to check different groups and allowes mixed use of usergruop-IDs and -names added
Actions #5

Updated by Georg Ringer 5 months ago

  • Status changed from Accepted to Rejected

hey!

thanks for sharing your ideas. just as with #95175 this looks like this is code which should be in your extension. there can be a lot of edge cases like "a user needs to be long to every group" or "a user needs to belong to at least 2 groups", .. which are all related to your extension and very hard to make every usecase possible with one viewhelper.

feel free to contact me on slack to discuss it further if you want to.

Actions

Also available in: Atom PDF