API tools faq
paste
Advertisement
BenjaminS

TYPO3: Core bug - isRootLevelRestrictionIgnored() missing

BenjaminS
Sep 30th, 2013
158
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 2.44 KB | None | 0 0
raw download clone embed print report
  1. /**
  2.  * Checks if user may insert a record from $insertTable on $pid
  3.  * Does not check for workspace, use BE_USER->workspaceAllowLiveRecordsInPID for this in addition to this function call.
  4.  *
  5.  * @param string $insertTable Tablename to check
  6.  * @param integer $pid Integer PID
  7.  * @param integer $action For logging: Action number.
  8.  * @return boolean Returns TRUE if the user may insert a record from table $insertTable on page $pid
  9.  * @todo Define visibility
  10.  */
  11. public function checkRecordInsertAccess($insertTable, $pid, $action = 1) {
  12.     $res = 0;
  13.     $pid = intval($pid);
  14.     if ($pid >= 0) {
  15.         // If information is cached, return it
  16.         if (isset($this->recInsertAccessCache[$insertTable][$pid])) {
  17.             return $this->recInsertAccessCache[$insertTable][$pid];
  18.         } else {
  19.             // If either admin and root-level or if page record exists and 1) if 'pages' you may create new ones 2) if page-content, new content items may be inserted on the $pid page
  20.             if (!$pid && $this->admin || $this->doesRecordExist('pages', $pid, ($insertTable == 'pages' ? $this->pMap['new'] : $this->pMap['editcontent']))) {
  21.                 // Check permissions
  22.                 if ($this->isTableAllowedForThisPage($pid, $insertTable)) {
  23.                     $res = 1;
  24.                     // Cache the result
  25.                     $this->recInsertAccessCache[$insertTable][$pid] = $res;
  26.                 } else {
  27.                     $propArr = $this->getRecordProperties('pages', $pid);
  28.                     $this->log($insertTable, $pid, $action, 0, 1, 'Attempt to insert record on page \'%s\' (%s) where this table, %s, is not allowed', 11, array($propArr['header'], $pid, $insertTable), $propArr['event_pid']);
  29.                 }
  30.             } else {
  31.                 if ($pid === 0 && \TYPO3\CMS\Backend\Utility\BackendUtility::isRootLevelRestrictionIgnored($insertTable)) {
  32.                     $res = 1;
  33.                     // Cache the result
  34.                     $this->recInsertAccessCache[$insertTable][$pid] = $res;
  35.                 } else {
  36.                     $propArr = $this->getRecordProperties('pages', $pid);
  37.                     $this->log($insertTable, $pid, $action, 0, 1, 'Attempt to insert a record on page \'%s\' (%s) from table \'%s\' without permissions. Or non-existing page.', 12, array($propArr['header'], $pid, $insertTable), $propArr['event_pid']);
  38.                 }
  39.             }
  40.         }
  41.     }
  42.     return $res;
  43. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!