/** * @test */ public function addDataSetsUserPermissionsOnPageForNewContentRecord() { $input = ['tableName' => 'tt_content', 'command' => 'new', 'vanillaUid' => 123, 'parentPageRow' => ['uid' => 123, 'pid' => 321]]; $this->beUserProphecy->isAdmin()->willReturn(false); $this->beUserProphecy->check('tables_modify', $input['tableName'])->willReturn(true); $this->beUserProphecy->calcPerms($input['parentPageRow'])->willReturn(Permission::CONTENT_EDIT); $this->beUserProphecy->recordEditAccessInternals($input['tableName'], Argument::cetera())->willReturn(true); $result = $this->subject->addData($input); $this->assertSame(Permission::CONTENT_EDIT, $result['userPermissionOnPage']); }
/** * @test */ public function addDataSetsPermissionsToAllIfRootLevelRestrictionForTableIsIgnoredForNewContentRecord() { $input = ['tableName' => 'pages', 'command' => 'new', 'vanillaUid' => 123, 'parentPageRow' => null]; $this->beUserProphecy->isAdmin()->willReturn(false); $this->beUserProphecy->check('tables_modify', $input['tableName'])->willReturn(true); $this->beUserProphecy->recordEditAccessInternals($input['tableName'], Argument::cetera())->willReturn(true); $GLOBALS['TCA'][$input['tableName']]['ctrl']['security']['ignoreRootLevelRestriction'] = true; $result = $this->subject->addData($input); $this->assertSame(Permission::ALL, $result['userPermissionOnPage']); }
/** * Used to evaluate if a page can be deleted * * @param int $uid Page id * @return array|string If array: List of page uids to traverse and delete (means OK), if string: error message. */ public function canDeletePage($uid) { // If we may at all delete this page if (!$this->doesRecordExist('pages', $uid, 'delete')) { return 'Attempt to delete page without permissions'; } if ($this->deleteTree) { // Returns the branch $brExist = $this->doesBranchExist('', $uid, $this->pMap['delete'], 1); // Checks if we had permissions if ($brExist == -1) { return 'Attempt to delete pages in branch without permissions'; } if (!$this->noRecordsFromUnallowedTables($brExist . $uid)) { return 'Attempt to delete records from disallowed tables'; } $pagesInBranch = GeneralUtility::trimExplode(',', $brExist . $uid, true); foreach ($pagesInBranch as $pageInBranch) { if (!$this->BE_USER->recordEditAccessInternals('pages', $pageInBranch, false, false, true)) { return 'Attempt to delete page which has prohibited localizations.'; } } return $pagesInBranch; } else { // returns the branch $brExist = $this->doesBranchExist('', $uid, $this->pMap['delete'], 1); // Checks if branch exists if ($brExist != '') { return 'Attempt to delete page which has subpages'; } if (!$this->noRecordsFromUnallowedTables($uid)) { return 'Attempt to delete records from disallowed tables'; } if ($this->BE_USER->recordEditAccessInternals('pages', $uid, false, false, true)) { return array($uid); } else { return 'Attempt to delete page which has prohibited localizations.'; } } }