« Previous | Next » 

Revision 34345d0c


Added by Sebastian Kurfuerst over 10 years ago

[BUGFIX] Modify queries in persistence only when Security Context is available

The Security context is only available as soon as the Request is built; so it
is not available f.e. in Routing. Thus, one needs to be aware that access
checks are only done as soon as the MVC layer starts, and not before.

For TYPO3, this does not impose a security risk as the PropertyMapper then
takes the strings from the routing and rebuilds the object, this time with
proper permission checking.

Change-Id: Iabd7d9c127b16ba921327a1a58f8d5b449ba622c

  • added
  • modified
  • copied
  • renamed
  • deleted