/**
* [Describe function...]
*
* @param [type] $SPaddWhere: ...
* @return [type] ...
*/
function getNotAllowedItems($SPaddWhere)
{
if ($this->row['category']) {
$treeIDs = tx_ttnews_div::getAllowedTreeIDs();
if (!$this->row['sys_language_uid'] && !$this->row['l18n_parent']) {
$catvals = explode(',', $this->row['category']);
// get categories from the current record
$notAllowedCats = array();
foreach ($catvals as $k) {
$c = explode('|', $k);
if ($c[0] && !in_array($c[0], $treeIDs)) {
$notAllowedCats[] = '<p style="padding:0px;color:red;font-weight:bold;">- ' . $c[1] . ' <span class="typo3-dimmed"><em>[' . $c[0] . ']</em></span></p>';
}
}
if (count($notAllowedCats)) {
$this->NA_Items = $this->printError($notAllowedCats, array());
}
}
}
}
/**
* This method is called by a hook in the TYPO3 Core Engine (TCEmain) when a command was executed (copy,move,delete...).
* For tt_news it is used to disable saving of the current record if it has an editlock or if it has categories assigned that are not allowed for the current BE user.
*
* @param string $command: The TCEmain command, fx. 'delete'
* @param string $table: The table TCEmain is currently processing
* @param string $id: The records id (if any)
* @param array $value: The new value of the field which has been changed
* @param object $pObj: Reference to the parent object (TCEmain)
* @return void
* @access public
*/
function processCmdmap_preProcess($command, &$table, &$id, $value, &$pObj)
{
if ($table == 'tt_news' && !$GLOBALS['BE_USER']->isAdmin()) {
$rec = \TYPO3\CMS\Backend\Utility\BackendUtility::getRecord($table, $id, 'editlock');
// get record to check if it has an editlock
if ($rec['editlock']) {
$pObj->log($table, $id, 2, 0, 1, "processCmdmap [editlock]: Attempt to " . $command . " a record from table '%s' which is locked by an 'editlock' (= record can only be edited by admins).", 1, array($table));
$error = true;
}
if (is_int($id)) {
// get categories from the (untranslated) record in db
$res = $GLOBALS['TYPO3_DB']->exec_SELECT_mm_query('tt_news_cat.uid, tt_news_cat.deleted, tt_news_cat_mm.sorting AS mmsorting', 'tt_news', 'tt_news_cat_mm', 'tt_news_cat', ' AND tt_news_cat.deleted=0 AND tt_news_cat_mm.uid_local=' . (is_int($id) ? $id : 0) . \TYPO3\CMS\Backend\Utility\BackendUtility::BEenableFields('tt_news_cat'));
$categories = array();
while ($row = $GLOBALS['TYPO3_DB']->sql_fetch_assoc($res)) {
$categories[] = $row['uid'];
}
$GLOBALS['TYPO3_DB']->sql_free_result($res);
$notAllowedItems = array();
if ($categories[0]) {
// original record has no categories
$treeIDs = tx_ttnews_div::getAllowedTreeIDs();
if (count($treeIDs)) {
$allowedItems = $treeIDs;
} else {
$allowedItems = \TYPO3\CMS\Core\Utility\GeneralUtility::intExplode(',', $GLOBALS['BE_USER']->getTSConfigVal('tt_newsPerms.tt_news_cat.allowedItems'));
}
foreach ($categories as $k) {
if (!in_array($k, $allowedItems)) {
$notAllowedItems[] = $k;
}
}
}
if ($notAllowedItems[0]) {
$pObj->log($table, $id, 2, 0, 1, "tt_news processCmdmap: Attempt to " . $command . " a record from table '%s' without permission. Reason: the record has one or more categories assigned that are not defined in your BE usergroup (tablename.allowedItems).", 1, array($table));
$error = true;
}
if ($error) {
$table = '';
// unset table to prevent saving
}
}
}
}
