TYPO3  7.6
Public Member Functions | Protected Member Functions | List of all members
FileMetadataPermissionsAspect Class Reference
Inheritance diagram for FileMetadataPermissionsAspect:
DataHandlerCheckModifyAccessListHookInterface SingletonInterface

Public Member Functions

 checkRecordUpdateAccess ($table, $id, $fileMetadataRecord, $otherHookGrantedAccess, DataHandler $dataHandler)
 
 checkModifyAccessList (&$accessAllowed, $table, DataHandler $parent)
 
 isAllowedToShowEditForm (array $parameters)
 
- Public Member Functions inherited from DataHandlerCheckModifyAccessListHookInterface
 checkModifyAccessList (&$accessAllowed, $table,\TYPO3\CMS\Core\DataHandling\DataHandler $parent)
 

Protected Member Functions

 checkFileWriteAccessForFileMetaData ($fileMetadataRecord)
 

Detailed Description

We do not have AOP in TYPO3 for now, thus the aspect which deals with file metadata data security is an assembly of hooks to check permissions on files belonging to file meta data records

Definition at line 29 of file FileMetadataPermissionsAspect.php.

Member Function Documentation

checkFileWriteAccessForFileMetaData (   $fileMetadataRecord)
protected

Checks write access to the file belonging to a metadata entry

Parameters
array$fileMetadataRecord
Returns
bool

Definition at line 157 of file FileMetadataPermissionsAspect.php.

References ResourceFactory\getInstance().

Referenced by FileMetadataPermissionsAspect\checkModifyAccessList(), FileMetadataPermissionsAspect\checkRecordUpdateAccess(), and FileMetadataPermissionsAspect\isAllowedToShowEditForm().

checkModifyAccessList ( $accessAllowed,
  $table,
DataHandler  $parent 
)

Hook that determines whether a user has access to modify a table. We "abuse" it here to actually check if access is allowed to sys_file_metadata.

Parameters
int&$accessAllowedWhether the user has access to modify a table
string$tableThe name of the table to be modified
DataHandler$parentThe calling parent object
Exceptions
\UnexpectedValueException
Returns
void

Definition at line 66 of file FileMetadataPermissionsAspect.php.

References MathUtility\canBeInterpretedAsInteger(), FileMetadataPermissionsAspect\checkFileWriteAccessForFileMetaData(), elseif, and BackendUtility\getRecord().

checkRecordUpdateAccess (   $table,
  $id,
  $fileMetadataRecord,
  $otherHookGrantedAccess,
DataHandler  $dataHandler 
)

This hook is called before any write operation by DataHandler

Parameters
string$table
int$id
array$fileMetadataRecord
int | NULL$otherHookGrantedAccess
\TYPO3\CMS\Core\DataHandling\DataHandler$dataHandler
Returns
int|null

Definition at line 41 of file FileMetadataPermissionsAspect.php.

References FileMetadataPermissionsAspect\checkFileWriteAccessForFileMetaData(), and BackendUtility\getRecord().

isAllowedToShowEditForm ( array  $parameters)

Deny access to the edit form. This is not mandatory, but better to show this right away that access is denied.

Parameters
array$parameters
Returns
bool

Definition at line 137 of file FileMetadataPermissionsAspect.php.

References FileMetadataPermissionsAspect\checkFileWriteAccessForFileMetaData(), and BackendUtility\getRecord().