Project

General

Profile

Actions

Feature #90778

closed

Integrate sudo mode for user tables

Added by Oliver Hader about 4 years ago. Updated almost 4 years ago.

Status:
Rejected
Priority:
Should have
Assignee:
Category:
Security
Target version:
-
Start date:
2020-03-18
Due date:
% Done:

0%

Estimated time:
PHP Version:
7.2
Tags:
Complexity:
Sprint Focus:

Description

Brief description

  • in TYPO3 backend
  • before modifications to user-related records are persisted, the system shall request a password confirmation ("sudo mode")
  • this procedure currently focuses on user-permissions only, but could be extended for data-privacy aspects as well

Components

  • modifications of TYPO3 v10 and v9 in order to support replaying a request based on a server request instruction (see patch)
  • actual implementation as TYPO3 extension at https://github.com/FriendsOfTYPO3/sudo-mode (experimental currently)

References

Screenshots

Backend admin is editing another backend user - before changes are persisted the following password confirmation dialog needs to be completed.


Files

sudo-1.png (121 KB) sudo-1.png Oliver Hader, 2020-03-18 13:46
sudo-2.png (88.2 KB) sudo-2.png Oliver Hader, 2020-03-18 13:46
Actions #1

Updated by Oliver Hader about 4 years ago

  • Description updated (diff)
Actions #2

Updated by Gerrit Code Review about 4 years ago

  • Status changed from New to Under Review

Patch set 2 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/63763

Actions #3

Updated by Markus Klein about 4 years ago

  • Subject changed from Integrate sudo modo for user tables to Integrate sudo mode for user tables
Actions #4

Updated by Gerrit Code Review almost 4 years ago

Patch set 3 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/63763

Actions #5

Updated by Gerrit Code Review almost 4 years ago

Patch set 4 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/63763

Actions #6

Updated by Gerrit Code Review almost 4 years ago

Patch set 5 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/63763

Actions #7

Updated by Gerrit Code Review almost 4 years ago

Patch set 6 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/63763

Actions #8

Updated by Gerrit Code Review almost 4 years ago

Patch set 7 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/63763

Actions #9

Updated by Oliver Hader almost 4 years ago

  • Description updated (diff)
Actions #10

Updated by Gerrit Code Review almost 4 years ago

Patch set 8 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/63763

Actions #11

Updated by Gerrit Code Review almost 4 years ago

Patch set 9 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/63763

Actions #12

Updated by Oliver Hader almost 4 years ago

  • Status changed from Under Review to Rejected

No core changes required, sudo-mode handling happens in extension https://github.com/FriendsOfTYPO3/sudo-mode

Actions

Also available in: Atom PDF