Skip to content

Commit

Permalink
Add access check for backend users
Browse files Browse the repository at this point in the history
  • Loading branch information
@magicsunday
magicsunday committed May 14, 2024
1 parent 78e3c69 commit 3f82771
Show file tree
Hide file tree
Showing 3 changed files with 76 additions and 4 deletions.
60 changes: 58 additions & 2 deletions Classes/Controller/UniversalMessengerController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,11 @@
use TYPO3\CMS\Backend\Template\ModuleTemplateFactory;
use TYPO3\CMS\Backend\Utility\BackendUtility;
use TYPO3\CMS\Core\Authentication\BackendUserAuthentication;
use TYPO3\CMS\Core\Localization\LanguageService;
use TYPO3\CMS\Core\Type\Bitmask\Permission;
use TYPO3\CMS\Core\Type\ContextualFeedbackSeverity;
use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Extbase\Http\ForwardResponse;
use TYPO3\CMS\Extbase\Mvc\Controller\ActionController;
use TYPO3\CMS\Extbase\Utility\DebuggerUtility;

Expand Down Expand Up @@ -89,6 +93,14 @@ private function getBackendUserAuthentication(): BackendUserAuthentication
return $GLOBALS['BE_USER'];
}

/**
* @return LanguageService
*/
private function getLanguageService(): LanguageService
{
return $GLOBALS['LANG'];
}

/**
* Returns the module template instance.
*
Expand Down Expand Up @@ -120,7 +132,27 @@ private function moduleResponse(): ResponseInterface

// Show button only at pages matching our page type.
if ($contentPage['doktype'] !== Configuration::getNewsletterPageDokType()) {
return $this->moduleTemplate->renderResponse('Backend/UniversalMessenger.html');
$this->moduleTemplate->addFlashMessage(
$this->translate('error.page_not_allowed'),
'Universal Messenger',
ContextualFeedbackSeverity::INFO
);

return new ForwardResponse('error');
}

// Check if backend user is allowed to access this newsletter
if (!GeneralUtility::inList(
$this->getBackendUserAuthentication()->user['universal_messenger_channels'],
$contentPage['universal_messenger_channel']
)) {
$this->moduleTemplate->addFlashMessage(
$this->translate('error.access_not_allowed'),
'Universal Messenger',
ContextualFeedbackSeverity::ERROR
);

return new ForwardResponse('error');
}

DebuggerUtility::var_dump($contentPage['title']);
Expand All @@ -129,7 +161,21 @@ private function moduleResponse(): ResponseInterface
}

/**
* Shows the textDB entires.
* Returns the translated language label for the given identifier.
*
* @param string $key
*
* @return string
*/
private function translate(string $key): string
{
return $this->getLanguageService()->sL(
'LLL:EXT:nrc_universal_messenger/Resources/Private/Language/locallang.xlf:' . $key
);
}

/**
* The main entry point.
*
* @return ResponseInterface
*/
Expand All @@ -139,4 +185,14 @@ public function indexAction(): ResponseInterface

return $this->moduleResponse();
}

/**
* The error entry point.
*
* @return ResponseInterface
*/
public function errorAction(): ResponseInterface
{
return $this->moduleTemplate->renderResponse('Backend/UniversalMessenger.html');
}
}
8 changes: 8 additions & 0 deletions Resources/Private/Language/de.locallang.xlf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,14 @@
<target>Universal Messenger</target>
</trans-unit>

<!-- errors -->
<trans-unit id="error.page_not_allowed">
<target>Bitte wählen Sie eine Seite mit dem Seiten-Typ "Newsletter" aus.</target>
</trans-unit>
<trans-unit id="error.access_not_allowed">
<target>Sie verfügen nicht über die notwendigen Rechte, um diesen Newsletter zu versenden.</target>
</trans-unit>

<!-- be_users -->
<trans-unit id="be_users.universal_messenger_channels">
<target>Newsletter-Kanäle</target>
Expand Down
12 changes: 10 additions & 2 deletions Resources/Private/Language/locallang.xlf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,12 +8,20 @@
<source>Universal Messenger</source>
</trans-unit>

<!-- errors -->
<trans-unit id="error.page_not_allowed">
<source>Please select a page with the page type "Newsletter".</source>
</trans-unit>
<trans-unit id="error.access_not_allowed">
<source>You do not have the necessary rights to send this newsletter.</source>
</trans-unit>

<!-- be_users -->
<trans-unit id="be_users.universal_messenger_channels">
<target>Newsletter channels</target>
<source>Newsletter channels</source>
</trans-unit>
<trans-unit id="be_users.universal_messenger_channels.description">
<target>Here select the newsletter channels for which this user is allowed to send newsletters.</target>
<source>Here select the newsletter channels for which this user is allowed to send newsletters.</source>
</trans-unit>

<!-- pages -->
Expand Down

0 comments on commit 3f82771

Please sign in to comment.