PHP Authentication\BackendUserAuthentication类代码示例

 /**
  * Switch backen user session
  *
  * @param array $params
  * @param \TYPO3\CMS\Core\Authentication\AbstractUserAuthentication $that
  * @see t3lib_userauth::logoff()
  * @todo Define visibility
  */
 public function switchBack($params, $that)
 {
     // Is a backend session handled?
     if ($that->session_table !== 'be_sessions' || !$that->user['uid'] || !$that->user['ses_backuserid']) {
         return;
     }
     // @TODO: Move update functionality to Tx_Beuser_Domain_Repository_BackendUserSessionRepository
     $updateData = array('ses_userid' => $that->user['ses_backuserid'], 'ses_backuserid' => 0);
     $GLOBALS['TYPO3_DB']->exec_UPDATEquery('be_sessions', 'ses_id = ' . $GLOBALS['TYPO3_DB']->fullQuoteStr($GLOBALS['BE_USER']->id, 'be_sessions') . ' AND ses_name = ' . $GLOBALS['TYPO3_DB']->fullQuoteStr(\TYPO3\CMS\Core\Authentication\BackendUserAuthentication::getCookieName(), 'be_sessions') . ' AND ses_userid=' . intval($GLOBALS['BE_USER']->user['uid']), $updateData);
     $redirectUrl = $GLOBALS['BACK_PATH'] . 'index.php' . ($GLOBALS['TYPO3_CONF_VARS']['BE']['interfaces'] ? '' : '?commandLI=1');
     \TYPO3\CMS\Core\Utility\HttpUtility::redirect($redirectUrl);
 }

 /**
  * Creates the backend user object and returns it.
  *
  * @return \TYPO3\CMS\Backend\FrontendBackendUserAuthentication the backend user object
  */
 public function initializeBackendUser()
 {
     // PRE BE_USER HOOK
     if (is_array($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/index_ts.php']['preBeUser'])) {
         foreach ($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/index_ts.php']['preBeUser'] as $_funcRef) {
             $_params = array();
             \TYPO3\CMS\Core\Utility\GeneralUtility::callUserFunction($_funcRef, $_params, $this);
         }
     }
     /** @var $BE_USER \TYPO3\CMS\Backend\FrontendBackendUserAuthentication */
     $BE_USER = NULL;
     // If the backend cookie is set,
     // we proceed and check if a backend user is logged in.
     if ($_COOKIE[\TYPO3\CMS\Core\Authentication\BackendUserAuthentication::getCookieName()]) {
         $GLOBALS['TYPO3_MISC']['microtime_BE_USER_start'] = microtime(TRUE);
         $GLOBALS['TT']->push('Back End user initialized', '');
         // TODO: validate the comment below: is this necessary? if so,
         // formfield_status should be set to "" in t3lib_tsfeBeUserAuth
         // which is a subclass of t3lib_beUserAuth
         // ----
         // the value this->formfield_status is set to empty in order to
         // disable login-attempts to the backend account through this script
         // New backend user object
         $BE_USER = \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance('TYPO3\\CMS\\Backend\\FrontendBackendUserAuthentication');
         $BE_USER->OS = TYPO3_OS;
         $BE_USER->lockIP = $this->TYPO3_CONF_VARS['BE']['lockIP'];
         // Object is initialized
         $BE_USER->start();
         $BE_USER->unpack_uc('');
         if ($BE_USER->user['uid']) {
             $BE_USER->fetchGroupData();
             $this->beUserLogin = 1;
         }
         // Unset the user initialization.
         if (!$BE_USER->checkLockToIP() || !$BE_USER->checkBackendAccessSettingsFromInitPhp() || !$BE_USER->user['uid']) {
             $BE_USER = NULL;
             $this->beUserLogin = 0;
             $_SESSION['TYPO3-TT-start'] = FALSE;
         }
         $GLOBALS['TT']->pull();
         $GLOBALS['TYPO3_MISC']['microtime_BE_USER_end'] = microtime(TRUE);
     }
     // POST BE_USER HOOK
     if (is_array($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/index_ts.php']['postBeUser'])) {
         $_params = array('BE_USER' => &$BE_USER);
         foreach ($this->TYPO3_CONF_VARS['SC_OPTIONS']['tslib/index_ts.php']['postBeUser'] as $_funcRef) {
             \TYPO3\CMS\Core\Utility\GeneralUtility::callUserFunction($_funcRef, $_params, $this);
         }
     }
     return $BE_USER;
 }

 /**
  * Update current session to move back to the original user.
  *
  * @param \TYPO3\CMS\Core\Authentication\AbstractUserAuthentication $authentication
  * @return void
  */
 public function switchBackToOriginalUser(\TYPO3\CMS\Core\Authentication\AbstractUserAuthentication $authentication)
 {
     $updateData = array('ses_userid' => $authentication->user['ses_backuserid'], 'ses_backuserid' => 0);
     $GLOBALS['TYPO3_DB']->exec_UPDATEquery('be_sessions', 'ses_id = ' . $GLOBALS['TYPO3_DB']->fullQuoteStr($GLOBALS['BE_USER']->id, 'be_sessions') . ' AND ses_name = ' . $GLOBALS['TYPO3_DB']->fullQuoteStr(\TYPO3\CMS\Core\Authentication\BackendUserAuthentication::getCookieName(), 'be_sessions') . ' AND ses_userid=' . (int) $GLOBALS['BE_USER']->user['uid'], $updateData);
 }

 /**
  * The slot for the signal in DatabaseTreeDataProvider.
  *
  * @param DatabaseTreeDataProvider $dataProvider
  * @param TreeNode $treeData
  * @return void
  */
 public function addUserPermissionsToCategoryTreeData(DatabaseTreeDataProvider $dataProvider, $treeData)
 {
     if (!$this->backendUserAuthentication->isAdmin() && $dataProvider->getTableName() === $this->categoryTableName) {
         // Get User permissions related to category
         $categoryMountPoints = $this->backendUserAuthentication->getCategoryMountPoints();
         // Backup child nodes to be processed.
         $treeNodeCollection = $treeData->getChildNodes();
         if (!empty($categoryMountPoints) && !empty($treeNodeCollection)) {
             // First, remove all child nodes which must be analysed to be considered as "secure".
             // The nodes were backed up in variable $treeNodeCollection beforehand.
             $treeData->removeChildNodes();
             // Create an empty tree node collection to receive the secured nodes.
             /** @var TreeNodeCollection $securedTreeNodeCollection */
             $securedTreeNodeCollection = \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance('TYPO3\\CMS\\Backend\\Tree\\TreeNodeCollection');
             foreach ($categoryMountPoints as $categoryMountPoint) {
                 $treeNode = $this->lookUpCategoryMountPointInTreeNodes((int) $categoryMountPoint, $treeNodeCollection);
                 if (!is_null($treeNode)) {
                     $securedTreeNodeCollection->append($treeNode);
                 }
             }
             // Reset child nodes.
             $treeData->setChildNodes($securedTreeNodeCollection);
         }
     }
 }

 /**
  * @test
  */
 public function logoffCleansFormProtection()
 {
     $formProtection = $this->getMock('TYPO3\\CMS\\Core\\FormProtection\\BackendFormProtection', array('clean'));
     $formProtection->expects($this->atLeastOnce())->method('clean');
     \TYPO3\CMS\Core\FormProtection\FormProtectionFactory::set('TYPO3\\CMS\\Core\\FormProtection\\BackendFormProtection', $formProtection);
     $this->fixture->logoff();
 }

 /**
  * @test
  */
 public function addDataWithInlineTypeAndModifyRightsWillAddChildren()
 {
     $input = ['processedTca' => ['columns' => ['aField' => ['config' => ['type' => 'inline', 'foreign_table' => 'aForeignTableName']]]]];
     $this->beUserProphecy->check('tables_modify', $input['processedTca']['columns']['aField']['config']['foreign_table'])->shouldBeCalled()->willReturn(true);
     $expected = $this->defaultConfig;
     $expected['processedTca']['columns']['aField']['children'] = [];
     $this->assertEquals($expected, $this->subject->addData($input));
 }

 /**
  * Returns the session contents
  *
  * @param string $key
  * @return mixed
  */
 public function getSessionContents($key)
 {
     $sessionData = $this->backendUserAuthentication->getSessionData($key);
     if ($sessionData !== null) {
         $content = unserialize($sessionData);
         if (isset($content['contents'])) {
             return $content['contents'];
         }
     }
     return false;
 }

 /**
  * Adds file mounts from the user's file mount records
  *
  * @param ResourceStorage $storage
  * @return void
  */
 protected function addFileMountsToStorage(ResourceStorage $storage)
 {
     foreach ($this->backendUserAuthentication->getFileMountRecords() as $fileMountRow) {
         if ((int) $fileMountRow['base'] === (int) $storage->getUid()) {
             try {
                 $storage->addFileMount($fileMountRow['path'], $fileMountRow);
             } catch (FolderDoesNotExistException $e) {
                 // That file mount does not seem to be valid, fail silently
             }
         }
     }
 }

 /**
  * Executes the modules configured via Extbase
  *
  * @param string $moduleName
  * @return Response A PSR-7 response object
  * @throws \RuntimeException
  */
 protected function dispatchModule($moduleName)
 {
     $moduleConfiguration = $this->getModuleConfiguration($moduleName);
     // Check permissions and exit if the user has no permission for entry
     $this->backendUserAuthentication->modAccess($moduleConfiguration, true);
     $id = isset($this->request->getQueryParams()['id']) ? $this->request->getQueryParams()['id'] : $this->request->getParsedBody()['id'];
     if ($id && MathUtility::canBeInterpretedAsInteger($id)) {
         // Check page access
         $permClause = $this->backendUserAuthentication->getPagePermsClause(true);
         $access = is_array(BackendUtility::readPageAccess((int) $id, $permClause));
         if (!$access) {
             throw new \RuntimeException('You don\'t have access to this page', 1289917924);
         }
     }
     /** @var Response $response */
     $response = GeneralUtility::makeInstance(Response::class);
     // Use Core Dispatching
     if (isset($moduleConfiguration['routeTarget'])) {
         $dispatcher = GeneralUtility::makeInstance(Dispatcher::class);
         $this->request = $this->request->withAttribute('target', $moduleConfiguration['routeTarget']);
         $response = $dispatcher->dispatch($this->request, $response);
     } else {
         // extbase module
         $configuration = array('extensionName' => $moduleConfiguration['extensionName'], 'pluginName' => $moduleName);
         if (isset($moduleConfiguration['vendorName'])) {
             $configuration['vendorName'] = $moduleConfiguration['vendorName'];
         }
         // Run Extbase
         $bootstrap = GeneralUtility::makeInstance(\TYPO3\CMS\Extbase\Core\Bootstrap::class);
         $content = $bootstrap->run('', $configuration);
         $response->getBody()->write($content);
     }
     return $response;
 }

 /**
  * Returns a comma-separeted list of mounts.
  *
  * @return string item1, item2, ..., itemN
  */
 protected function getMounts()
 {
     $mounts = '';
     // Set mount to 0 if the User is a admin
     if (!$this->byGroup && $this->user->isAdmin()) {
         $mounts = '0';
     } else {
         $database = $this->getDatabaseConnection();
         // Read usermounts - if none are set, mounts are set to NULL
         if (!$this->byGroup) {
             $result = $database->exec_SELECTquery($this->field . ',' . $this->usergroupField, $this->table, 'uid = ' . $this->user_uid, $this->where);
             $row = $database->sql_fetch_assoc($result);
             $mounts = $row[$this->field];
             // Read Usergroup mounts
             $groups = \TYPO3\CMS\Core\Utility\GeneralUtility::uniqueList($row[$this->usergroupField]);
         } else {
             $groups = $this->group;
         }
         if (trim($groups)) {
             $result = $database->exec_SELECTquery($this->field, $this->grouptable, 'uid IN (' . $groups . ')');
             // Walk the groups and add the mounts
             while ($row = $database->sql_fetch_assoc($result)) {
                 $mounts .= ',' . $row[$this->field];
             }
             // Make nicely formated list
             $mounts = \TYPO3\CMS\Core\Utility\GeneralUtility::uniqueList($mounts);
         }
     }
     return $mounts;
 }

 /**
  * Returns TRUE if the internal BE_USER has access to the module $name with $MCONF (based on security level set for that module)
  *
  * @param string $name Module name
  * @param array $MCONF MCONF array (module configuration array) from the modules conf.php file (contains settings about what access level the module has)
  * @return boolean TRUE if access is granted for $this->BE_USER
  * @todo Define visibility
  */
 public function checkModAccess($name, $MCONF)
 {
     if ($MCONF['access']) {
         $access = strtolower($MCONF['access']);
         // Checking if admin-access is required
         // If admin-permissions is required then return TRUE if user is admin
         if (strstr($access, 'admin')) {
             if ($this->BE_USER->isAdmin()) {
                 return TRUE;
             }
         }
         // This will add modules to the select-lists of user and groups
         if (strstr($access, 'user')) {
             $this->modListUser[] = $name;
         }
         if (strstr($access, 'group')) {
             $this->modListGroup[] = $name;
         }
         // This checks if a user is permitted to access the module
         if ($this->BE_USER->isAdmin() || $this->BE_USER->check('modules', $name)) {
             return TRUE;
         }
     } else {
         return TRUE;
     }
 }

 /**
  * Check if given category is allowed by the access rights
  *
  * @param \TYPO3\CMS\Backend\Tree\TreeNode $child
  * @return bool
  */
 protected function isCategoryAllowed($child)
 {
     $mounts = $this->backendUserAuthentication->getCategoryMountPoints();
     if (empty($mounts)) {
         return TRUE;
     }
     return in_array($child->getId(), $mounts);
 }

 /**
  * @test
  */
 public function addDataThrowsExceptionForNewRecordsOnRootLevelWithoutAdminPermissions()
 {
     $input = ['tableName' => 'pages', 'command' => 'new', 'vanillaUid' => 123, 'parentPageRow' => null];
     $this->beUserProphecy->isAdmin()->willReturn(false);
     $this->beUserProphecy->check('tables_modify', $input['tableName'])->willReturn(true);
     $this->setExpectedException(\RuntimeException::class, $this->anything(), 1437745221);
     $this->subject->addData($input);
 }

 /**
  * Adding CM element for Delete
  *
  * @param	string	$table	Table name
  * @param	integer	$uid	UID for the current record.
  * @param	array	$elInfo	Label for including in the confirmation message, EXT:lang/locallang_core.php:mess.delete
  * @return	array		Item array, element in $menuItems
  * @internal
  */
 function DB_delete($table, $uid, $elInfo)
 {
     $loc = 'top.content.list_frame';
     if ($this->beUser->jsConfirmation(4)) {
         $conf = "confirm(" . GeneralUtility::quoteJSvalue(sprintf($this->LANG->sL('LLL:EXT:lang/locallang_core.php:mess.delete'), $elInfo[0]) . BackendUtility::referenceCount($table, $uid, ' (There are %s reference(s) to this record!)')) . ")";
     } else {
         $conf = '1==1';
     }
     $editOnClick = 'if(' . $loc . " && " . $conf . " ){" . $loc . ".location.href=top.TS.PATH_typo3+'tce_db.php?redirect='+top.rawurlencode(" . $this->backRef->frameLocation($loc . '.document') . ")+'" . "&cmd[" . $table . '][' . $uid . '][DDdelete]=1&prErr=1&vC=' . $this->beUser->veriCode() . BackendUtility::getUrlToken('tceAction') . "';hideCM();}";
     return $this->backRef->linkItem($this->LANG->getLLL('delete', $this->LL), $this->backRef->excludeIcon(IconUtility::getSpriteIcon('actions-edit-delete')), $editOnClick . 'return false;');
 }

 /**
  * Create the panel of buttons for submitting the form or otherwise perform operations.
  *
  * @return array All available buttons as an assoc. array
  */
 protected function getButtons()
 {
     $buttons = array('csh' => '', 'view' => '', 'shortcut' => '');
     // CSH
     $buttons['csh'] = BackendUtility::cshItem('_MOD_web_info', '');
     // View page
     $buttons['view'] = '<a href="#" ' . 'onclick="' . htmlspecialchars(BackendUtility::viewOnClick($this->pageinfo['uid'], $GLOBALS['BACK_PATH'], BackendUtility::BEgetRootLine($this->pageinfo['uid']))) . '" ' . 'title="' . $this->languageService->sL('LLL:EXT:lang/locallang_core.xlf:labels.showPage', TRUE) . '">' . IconUtility::getSpriteIcon('actions-document-view') . '</a>';
     // Shortcut
     if ($this->backendUser->mayMakeShortcut()) {
         $buttons['shortcut'] = $this->doc->makeShortcutIcon('id, edit_record, pointer, new_unique_uid, search_field, search_levels, showLimit', implode(',', array_keys($this->MOD_MENU)), $this->moduleName);
     }
     return $buttons;
 }