/** * Pre-processing of the whole TCEform * * @param string $table * @param array $row * @param \TYPO3\CMS\Backend\Form\FormEngine $parentObject */ public function getMainFields_preProcess($table, $row, $parentObject) { if ($table !== 'tx_news_domain_model_news') { return; } if (!\Tx_News_Service_AccessControlService::userHasCategoryPermissionsForRecord($row)) { $parentObject->renderReadonly = TRUE; $flashMessageContent = $GLOBALS['LANG']->sL(self::LLPATH . 'record.savingdisabled.content', TRUE); $flashMessageContent .= '<ul>'; $accessDeniedCategories = \Tx_News_Service_AccessControlService::getAccessDeniedCategories($row); foreach ($accessDeniedCategories as $accessDeniedCategory) { $flashMessageContent .= '<li>' . htmlspecialchars($accessDeniedCategory['title']) . ' [' . $accessDeniedCategory['uid'] . ']</li>'; } $flashMessageContent .= '</ul>'; /** @var \TYPO3\CMS\Core\Messaging\FlashMessage $flashMessage */ $flashMessage = \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance('TYPO3\\CMS\\Core\\Messaging\\FlashMessage', $flashMessageContent, $GLOBALS['LANG']->sL(self::LLPATH . 'record.savingdisabled.header', TRUE), TYPO3\CMS\Core\Messaging\FlashMessage::WARNING); TYPO3\CMS\Core\Messaging\FlashMessageQueue::addMessage($flashMessage); } }
/** * Prevent deleting/moving of a news record if the editor doesn't have access to all categories of the news recird * * @param string $command * @param string $table * @param int $id * @param string $value * @param $parentObject \TYPO3\CMS\Core\DataHandling\DataHandler */ public function processCmdmap_preProcess($command, &$table, $id, $value, $parentObject) { if ($table === 'tx_news_domain_model_news' && !$GLOBALS['BE_USER']->isAdmin() && is_integer($id)) { $newsRecord = \TYPO3\CMS\Backend\Utility\BackendUtility::getRecord($table, $id); if (!\Tx_News_Service_AccessControlService::userHasCategoryPermissionsForRecord($newsRecord)) { $parentObject->log($table, $id, 2, 0, 1, "processCmdmap: Attempt to " . $command . " a record from table '%s' without permission. Reason: the record has one or more categories assigned that are not defined in the BE usergroup.", 1, array($table)); // unset table to prevent saving $table = ''; } } }