/** * Runs rbac check * * Access restrictions to controller actions can be created by * using @rbacNeedsAccess, @rbacObject <rbacObjectName> and @rbacAction <rbacActionName> annotations in your * action comments. */ protected function doRbacCheck() { $accessGranted = false; if (TYPO3_MODE === 'BE') { // We are in backend mode --> no access restriction $accessGranted = true; } else { // We are in frontend --> use RBAC access control $controllerName = $this->request->getControllerObjectName(); $actionName = $this->actionMethodName; $methodTags = $this->reflectionService->getMethodTagsValues($controllerName, $actionName); if (array_key_exists('rbacNeedsAccess', $methodTags)) { // Access control annotation --> we check for access $rbacObject = $methodTags['rbacObject'][0]; $rbacAction = $methodTags['rbacAction'][0]; $accessGranted = $this->rbacAccessControllService->loggedInUserHasAccess($this->extensionName, $rbacObject, $rbacAction); } else { // No access control annotation --> we have access $accessGranted = true; } } if (!$accessGranted) { $this->accessDeniedAction(); } }
/** * @param string $object * @param string $action * @return bool */ protected function hasAccess($object, $action) { return $this->rbacService->loggedInUserHasAccess($this->controllerContext->getRequest()->getControllerExtensionName(), $object, $action); }