Feature #90778

Integrate sudo mode for user tables

Added by Oliver Hader over 1 year ago. Updated about 1 year ago.

Status:
Rejected
Priority:
Should have
Assignee:
Category:
Security
Target version:
-
Start date:
2020-03-18
Due date:
% Done:

0%

Estimated time:
PHP Version:
7.2
Tags:
Complexity:
Sprint Focus:

Description

Brief description

  • in TYPO3 backend
  • before modifications to user-related records are persisted, the system shall request a password confirmation ("sudo mode")
  • this procedure currently focuses on user-permissions only, but could be extended for data-privacy aspects as well

Components

  • modifications of TYPO3 v10 and v9 in order to support replaying a request based on a server request instruction (see patch)
  • actual implementation as TYPO3 extension at https://github.com/FriendsOfTYPO3/sudo-mode (experimental currently)

References

Screenshots

Backend admin is editing another backend user - before changes are persisted the following password confirmation dialog needs to be completed.


Files

sudo-1.png (121 KB) sudo-1.png Oliver Hader, 2020-03-18 13:46
sudo-2.png (88.2 KB) sudo-2.png Oliver Hader, 2020-03-18 13:46
#1

Updated by Oliver Hader over 1 year ago

  • Description updated (diff)
#2

Updated by Gerrit Code Review over 1 year ago

  • Status changed from New to Under Review

Patch set 2 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/63763

#3

Updated by Markus Klein over 1 year ago

  • Subject changed from Integrate sudo modo for user tables to Integrate sudo mode for user tables
#4

Updated by Gerrit Code Review over 1 year ago

Patch set 3 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/63763

#5

Updated by Gerrit Code Review over 1 year ago

Patch set 4 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/63763

#6

Updated by Gerrit Code Review over 1 year ago

Patch set 5 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/63763

#7

Updated by Gerrit Code Review over 1 year ago

Patch set 6 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/63763

#8

Updated by Gerrit Code Review about 1 year ago

Patch set 7 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/63763

#9

Updated by Oliver Hader about 1 year ago

  • Description updated (diff)
#10

Updated by Gerrit Code Review about 1 year ago

Patch set 8 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/63763

#11

Updated by Gerrit Code Review about 1 year ago

Patch set 9 for branch master of project Packages/TYPO3.CMS has been pushed to the review server.
It is available at https://review.typo3.org/c/Packages/TYPO3.CMS/+/63763

#12

Updated by Oliver Hader about 1 year ago

  • Status changed from Under Review to Rejected

No core changes required, sudo-mode handling happens in extension https://github.com/FriendsOfTYPO3/sudo-mode

Also available in: Atom PDF