/**
* @Flow\Around("method(TYPO3\TYPO3CR\Domain\Model\NodeType->__construct())")
* @return void
*/
public function enrichNodeTypeConfiguration(JoinPointInterface $joinPoint)
{
$configuration = $joinPoint->getMethodArgument('configuration');
$nodeTypeName = $joinPoint->getMethodArgument('name');
$this->addEditorDefaultsToNodeTypeConfiguration($nodeTypeName, $configuration);
$this->addLabelsToNodeTypeConfiguration($nodeTypeName, $configuration);
$joinPoint->setMethodArgument('configuration', $configuration);
$joinPoint->getAdviceChain()->proceed($joinPoint);
}
/**
* This changes how TagBuilder->addAttribute() method works.
* When attribute's value is NULL or FALSE, it does *unset* the value.
* Otherwise addAttribute() method is called as usually.
*
* @param \TYPO3\Flow\Aop\JoinPointInterface $joinPoint
* @Flow\Around("method(TYPO3\Fluid\Core\ViewHelper\TagBuilder->addAttribute())")
* @return void
*/
public function catchAddAttribute(\TYPO3\Flow\Aop\JoinPointInterface $joinPoint)
{
if (null === $joinPoint->getMethodArgument('attributeValue') || false === $joinPoint->getMethodArgument('attributeValue')) {
/** @var \TYPO3\Fluid\Core\ViewHelper\TagBuilder $tagBuilder */
$tagBuilder = $joinPoint->getProxy();
$tagBuilder->removeAttribute($joinPoint->getMethodArgument('attributeName'));
} else {
$joinPoint->getAdviceChain()->proceed($joinPoint);
}
}
/**
* Check if department of logged in User match with department property of page node and hide this node if true
*
* @param \TYPO3\Flow\AOP\JoinPointInterface $joinPoint
* @Flow\After("method(TYPO3\Neos\EventLog\Integrations\TYPO3CRIntegrationService->afterNodePublishing(NodeInterface $node, $propertyName, $oldValue, $newValue))")
* @return boolean
*/
public function departmentNameChanged($joinPoint)
{
if ($joinPoint->getMethodArgument('node')->hasProperty("departmentName")) {
// flush node caches after department change
foreach ($joinPoint->getMethodArgument('node')->getChildNodes() as $childnode) {
$childnode->getContext()->getFirstLevelNodeCache()->flush();
}
$joinPoint->getMethodArgument('node')->getContext()->getFirstLevelNodeCache()->flush();
}
}
/**
* @Flow\Around("method(TYPO3\TYPO3CR\Domain\Model\Workspace->replaceNodeData())")
* @param \TYPO3\Flow\Aop\JoinPointInterface $joinPoint The current join point
* @return string The result of the target method if it has not been intercepted
*/
public function replaceNodeData(JoinPointInterface $joinPoint)
{
/** @var Node $node */
$node = $joinPoint->getMethodArgument('node');
if ($node->isRemoved()) {
// If the node is supposed to be removed, we do not need to do anything as the node will be gone anyways afterwards
return $joinPoint->getAdviceChain()->proceed($joinPoint);
}
/** @var NodeData $targetNodeData */
$targetNodeData = $joinPoint->getMethodArgument('targetNodeData');
$commentsForToBePublishedNode = $this->extractComments($node);
$commentsInTargetWorkspace = $this->extractComments($targetNodeData);
// Call original Method
$result = $joinPoint->getAdviceChain()->proceed($joinPoint);
if (count($commentsForToBePublishedNode) == 0 && count($commentsInTargetWorkspace) == 0) {
return $result;
}
// After publishing the node, we update the published node with the merged comments. We cannot do this
// before publishing, as otherwise the NodeData which is underneath the to-be-published Node will be "dirty"
// and marked as "removed" at the same time, leading to a CR crash. This also is a CR bug which only occurs in
// very rare occasions.
$mergedComments = $this->mergeComments($commentsForToBePublishedNode, $commentsInTargetWorkspace);
$this->writeComments($node, $mergedComments);
return $result;
}
/**
* @Flow\Before("method(TYPO3\Neos\Controller\Backend\ContentController->uploadAssetAction())")
* @param JoinPointInterface $joinPoint The current join point
* @return void
*/
public function rewriteSiteAssetCollection(JoinPointInterface $joinPoint)
{
if ($this->lookupNodeFilter === NULL || $this->lookupPropertyName === NULL) {
return;
}
/** @var ContentController $contentController */
$contentController = $joinPoint->getProxy();
/** @var ActionRequest $actionRequest */
$actionRequest = ObjectAccess::getProperty($contentController, 'request', TRUE);
$nodeContextPath = $actionRequest->getInternalArgument('__node');
if ($nodeContextPath === NULL) {
return;
}
$node = $this->propertyMapper->convert($nodeContextPath, NodeInterface::class);
$flowQuery = new FlowQuery(array($node));
/** @var NodeInterface $documentNode */
$documentNode = $flowQuery->closest($this->lookupNodeFilter)->get(0);
if (!$documentNode->hasProperty($this->lookupPropertyName)) {
return;
}
/** @var AssetCollection $assetCollection */
$assetCollection = $this->assetCollectionRepository->findByIdentifier($documentNode->getProperty($this->lookupPropertyName));
if ($assetCollection === NULL) {
return;
}
/** @var Asset $asset */
$asset = $joinPoint->getMethodArgument('asset');
$assetCollection->addAsset($asset);
$this->assetCollectionRepository->update($assetCollection);
}
/**
* Add the current node and all parent identifiers to be used for cache entry tagging
*
* @Flow\Before("method(TYPO3\Flow\Mvc\Routing\RouterCachingService->extractUuids())")
* @param \TYPO3\Flow\Aop\JoinPointInterface $joinPoint The current join point
* @return void
*/
public function addCurrentNodeIdentifier(JoinPointInterface $joinPoint)
{
$values = $joinPoint->getMethodArgument('values');
if (!isset($values['node']) || strpos($values['node'], '@') === false) {
return;
}
// Build context explicitly without authorization checks because the security context isn't available yet
// anyway and any Entity Privilege targeted on Workspace would fail at this point:
$this->securityContext->withoutAuthorizationChecks(function () use($joinPoint, $values) {
$contextPathPieces = NodePaths::explodeContextPath($values['node']);
$context = $this->contextFactory->create(['workspaceName' => $contextPathPieces['workspaceName'], 'dimensions' => $contextPathPieces['dimensions'], 'invisibleContentShown' => true]);
$node = $context->getNode($contextPathPieces['nodePath']);
if (!$node instanceof NodeInterface) {
return;
}
$values['node-identifier'] = $node->getIdentifier();
$node = $node->getParent();
$values['node-parent-identifier'] = array();
while ($node !== null) {
$values['node-parent-identifier'][] = $node->getIdentifier();
$node = $node->getParent();
}
$joinPoint->setMethodArgument('values', $values);
});
}
/**
* Advice for a disabled content cache (e.g. because an exception was handled)
*
* @Flow\AfterReturning("method(TYPO3\TypoScript\Core\Cache\RuntimeContentCache->setEnableContentCache())")
* @param JoinPointInterface $joinPoint
*/
public function registerDisableContentCache(JoinPointInterface $joinPoint)
{
$enableContentCache = $joinPoint->getMethodArgument('enableContentCache');
if ($enableContentCache !== TRUE) {
$this->evaluatedUncached = TRUE;
}
}
/**
* @Flow\Around("method(TYPO3\Neos\Routing\FrontendNodeRoutePartHandler->convertRequestPathToNode())")
*
* @param \TYPO3\FLOW\AOP\JoinPointInterface $joinPoint the join point
*
* @return mixed
*/
public function aroundConvertRequestPathToNodeAspect($joinPoint)
{
if ($this->nodeNotFoundService->isEnabled()) {
/** @var NodeInterface $node */
$requestPath = $joinPoint->getMethodArgument('requestPath');
try {
return $joinPoint->getAdviceChain()->proceed($joinPoint);
} catch (InvalidRequestPathException $e) {
$defaultUriSegment = $this->nodeNotFoundService->getDefaultUriSegment();
$requestPath = $defaultUriSegment . $this->nodeNotFoundService->get404NodeUriForDimensionUriSegment($defaultUriSegment);
$joinPoint->setMethodArgument("requestPath", $requestPath);
return $joinPoint->getAdviceChain()->proceed($joinPoint);
} catch (NoSuchDimensionValueException $e) {
$defaultUriSegment = $this->nodeNotFoundService->getDefaultUriSegment();
$requestPath = $defaultUriSegment . $this->nodeNotFoundService->get404NodeUriForDimensionUriSegment($defaultUriSegment);
$joinPoint->setMethodArgument("requestPath", $requestPath);
return $joinPoint->getAdviceChain()->proceed($joinPoint);
} catch (NoSuchNodeException $e) {
$dimensionUriSegment = strstr($requestPath, "/", true);
if (count($this->contentDimensionPresetSource->getAllPresets()) > 0) {
$requestPath = $dimensionUriSegment . "/" . $this->nodeNotFoundService->get404NodeUriForDimensionUriSegment($dimensionUriSegment);
} else {
$requestPath = $this->nodeNotFoundService->get404NodeUriForDimensionUriSegment('');
}
$joinPoint->setMethodArgument("requestPath", $requestPath);
return $joinPoint->getAdviceChain()->proceed($joinPoint);
}
} else {
// execute the original code
return $joinPoint->getAdviceChain()->proceed($joinPoint);
}
}
/**
* Check if nodetype is in allowed sites (apply node context by filtering out not allowed node types)
*
* @param \TYPO3\Flow\AOP\JoinPointInterface $joinPoint
* @Flow\Around("method(TYPO3\TYPO3CR\Domain\Factory\NodeFactory->filterNodeByContext(.*))")
* @return \TYPO3\TYPO3CR\Domain\Model\NodeInterface|NULL
*/
public function filterNodeByAllowedSites($joinPoint)
{
if ($this->isNodeTypeInAllowedSite($joinPoint->getMethodArgument('node')->getNodeType()) == FALSE) {
return null;
}
$result = $joinPoint->getAdviceChain()->proceed($joinPoint);
return $result;
}
/**
* Logs calls of destroy()
*
* @Flow\Before("within(TYPO3\Flow\Session\SessionInterface) && method(.*->destroy())")
* @param \TYPO3\Flow\Aop\JoinPointInterface $joinPoint The current joinpoint
* @return mixed The result of the target method if it has not been intercepted
*/
public function logDestroy(\TYPO3\Flow\Aop\JoinPointInterface $joinPoint)
{
$session = $joinPoint->getProxy();
if ($session->isStarted()) {
$reason = $joinPoint->isMethodArgument('reason') ? $joinPoint->getMethodArgument('reason') : 'no reason given';
$this->systemLogger->log(sprintf('%s: Destroyed session with id %s: %s', $this->getClassName($joinPoint), $joinPoint->getProxy()->getId(), $reason), LOG_INFO);
}
}
/**
* @Flow\Around("within(TYPO3\Flow\Property\TypeConverter\MediaTypeConverterInterface) && method(.*->convertMediaType())")
* @param JoinPointInterface $joinPoint The current joinpoint
* @return mixed
*/
public function rewriteJsonApiOrgMediaTypeToJson(JoinPointInterface $joinPoint)
{
$mediaType = $joinPoint->getMethodArgument('mediaType');
if (strpos($mediaType, 'application/vnd.api+json') !== false) {
$joinPoint->setMethodArgument('mediaType', 'application/json');
}
return $joinPoint->getAdviceChain()->proceed($joinPoint);
}
/**
* Advice for a disabled content cache (e.g. because an exception was handled)
*
* @Flow\AfterReturning("method(TYPO3\TypoScript\Core\Cache\RuntimeContentCache->setEnableContentCache())")
* @param JoinPointInterface $joinPoint
*/
public function registerDisableContentCache(JoinPointInterface $joinPoint)
{
$enableContentCache = $joinPoint->getMethodArgument('enableContentCache');
if ($enableContentCache !== TRUE) {
$this->logger->log('Varnish cache disabled due content cache being disabled (e.g. because an exception was handled)', LOG_DEBUG);
$this->evaluatedUncached = TRUE;
}
}
/**
* Makes sure that XML content (such as the RSS feed) is not wrapped with divs.
*
* @param JoinPointInterface $joinPoint
* @return string
* @Flow\Around("method(TYPO3\Neos\Service\ContentElementWrappingService->wrapContentObject())")
*/
public function preventContentElementWraps(JoinPointInterface $joinPoint)
{
$content = $joinPoint->getMethodArgument('content');
if (substr($content, 0, 5) === '<?xml') {
return $content;
}
return $joinPoint->getAdviceChain()->proceed($joinPoint);
}
/**
* Convert the object to its context path, if we deal with TYPO3CR nodes.
*
* @Flow\Around("method(TYPO3\Flow\Persistence\AbstractPersistenceManager->convertObjectToIdentityArray())")
* @param \TYPO3\Flow\Aop\JoinPointInterface $joinPoint the joinpoint
* @return string|array the context path to be used for routing
*/
public function convertNodeToContextPathForRouting(\TYPO3\Flow\Aop\JoinPointInterface $joinPoint)
{
$objectArgument = $joinPoint->getMethodArgument('object');
if ($objectArgument instanceof NodeInterface) {
return $objectArgument->getContextPath();
} else {
return $joinPoint->getAdviceChain()->proceed($joinPoint);
}
}
/**
* @Flow\Around("method(TYPO3\Neos\Controller\Frontend\NodeController->handleShortcutNode())")
* @param \TYPO3\Flow\Aop\JoinPointInterface $joinPoint The current join point
* @return void
*/
public function dontResolveShortcutsInFrontend(JoinPointInterface $joinPoint)
{
$node = $joinPoint->getMethodArgument('node');
if ($node instanceof NodeInterface) {
if (in_array($node->getProperty('targetMode'), $this->legitShortcutTargets)) {
$joinPoint->getAdviceChain()->proceed($joinPoint);
}
}
}
/**
* @Flow\Around("method(Flowpack\Neos\FrontendLogin\Security\NeosRequestPattern->matchRequest())")
* @param JoinPointInterface $joinPoint
* @return boolean
*/
public function enhanceMatchRequest(JoinPointInterface $joinPoint)
{
$request = $joinPoint->getMethodArgument('request');
$requestPath = $request->getHttpRequest()->getUri()->getPath();
if ($joinPoint->getProxy()->getPattern() === NeosRequestPattern::PATTERN_BACKEND) {
if (strpos($requestPath, '/che!') === 0) {
return true;
}
}
return $joinPoint->getAdviceChain()->proceed($joinPoint);
}
/**
* @Flow\Before("method(TYPO3\Neos\Routing\FrontendNodeRoutePartHandler->matchValue())")
* @return void
*/
public function convertRoutePartToLowerCase(\TYPO3\Flow\AOP\JoinPointInterface $joinPoint)
{
$requestPath = $joinPoint->getMethodArgument('requestPath');
if (strpos($requestPath, 'user')) {
$parts = explode("user", $requestPath);
$lowerCaseRequestPath = strtolower($parts[0]) . "user" . $parts[1];
} else {
$lowerCaseRequestPath = strtolower($requestPath);
}
$joinPoint->setMethodArgument('requestPath', $lowerCaseRequestPath);
}
/**
* Returns exit code and output
*
* @Flow\Around("method(TYPO3\Surf\Domain\Service\ShellCommandService->executeProcess())")
* @param \TYPO3\Flow\Aop\JoinPointInterface $joinPoint The current join point
* @return array
*/
public function useSymfonyProcessInsteadOfPopen(\TYPO3\Flow\Aop\JoinPointInterface $joinPoint)
{
$deployment = $joinPoint->getMethodArgument('deployment');
$command = $joinPoint->getMethodArgument('command');
$logOutput = $joinPoint->getMethodArgument('logOutput');
$logPrefix = $joinPoint->getMethodArgument('logPrefix');
$process = new Process($command);
$process->setTimeout(NULL);
$callback = NULL;
if ($logOutput) {
$callback = function ($type, $data) use($deployment, $logPrefix) {
if ($type === Process::OUT) {
$deployment->getLogger()->log($logPrefix . trim($data), LOG_DEBUG);
} elseif ($type === Process::ERR) {
$deployment->getLogger()->log($logPrefix . trim($data), LOG_ERR);
}
};
}
$exitCode = $process->run($callback);
return array($exitCode, trim($process->getOutput()));
}
/**
* @Flow\Around("setting(TYPO3.Neos.typoScript.enableObjectTreeCache) && method(TYPO3\Neos\Domain\Service\TypoScriptService->getMergedTypoScriptObjectTree())")
* @param \TYPO3\Flow\Aop\JoinPointInterface $joinPoint The current join point
* @return mixed
*/
public function cacheGetMergedTypoScriptObjectTree(JoinPointInterface $joinPoint)
{
$currentSiteNode = $joinPoint->getMethodArgument('startNode');
$cacheIdentifier = str_replace('.', '_', $currentSiteNode->getContext()->getCurrentSite()->getSiteResourcesPackageKey());
if ($this->typoScriptCache->has($cacheIdentifier)) {
$typoScriptObjectTree = $this->typoScriptCache->get($cacheIdentifier);
} else {
$typoScriptObjectTree = $joinPoint->getAdviceChain()->proceed($joinPoint);
$this->typoScriptCache->set($cacheIdentifier, $typoScriptObjectTree);
}
return $typoScriptObjectTree;
}
/**
* @Flow\After("method(TYPO3\TYPO3CR\Domain\Repository\NodeDataRepository->remove())")
* @return void
*/
public function indexNodeBeforeRemovingNodeData(JoinPointInterface $joinPoint)
{
$object = $joinPoint->getMethodArgument('object');
if ($object instanceof NodeData) {
$nodeData = $object;
}
if ($object instanceof Node) {
$nodeData = $object->getNodeData();
}
if ($nodeData instanceof NodeData) {
$this->indexService->removeIndex($nodeData);
}
}
/**
* Add the current node identifier to be used for cache entry tagging
*
* @Flow\Before("method(TYPO3\Flow\Mvc\Routing\RouterCachingService->extractUuids())")
* @param \TYPO3\Flow\Aop\JoinPointInterface $joinPoint The current join point
* @return void
*/
public function addCurrentNodeIdentifier(JoinPointInterface $joinPoint)
{
$values = $joinPoint->getMethodArgument('values');
if (!isset($values['node']) || strpos($values['node'], '@') === false) {
return;
}
list($nodePath, $contextArguments) = explode('@', $values['node']);
$context = $this->getContext($contextArguments);
$node = $context->getNode($nodePath);
if ($node instanceof NodeInterface) {
$values['node-identifier'] = $node->getIdentifier();
$joinPoint->setMethodArgument('values', $values);
}
}
/**
* Log signed request pattern failures
*
* @Flow\AfterReturning("setting(Flowpack.SingleSignOn.Client.log.logFailedSignedRequests) && method(Flowpack\SingleSignOn\Client\Security\RequestPattern\SignedRequestPattern->emitSignatureNotVerified())")
* @param \TYPO3\Flow\Aop\JoinPointInterface $joinPoint The current joinpoint
*/
public function logSignedRequestPatternFailures(\TYPO3\Flow\Aop\JoinPointInterface $joinPoint)
{
$request = $joinPoint->getMethodArgument('request');
if ($request instanceof \TYPO3\Flow\Mvc\RequestInterface) {
if ($request->getControllerObjectName() === 'Flowpack\\SingleSignOn\\Client\\Controller\\SessionController') {
$this->securityLogger->log('Signature for call to Session service could not be verified', LOG_NOTICE, array('identifier' => $joinPoint->getMethodArgument('identifier'), 'publicKeyFingerprint' => $joinPoint->getMethodArgument('publicKeyFingerprint'), 'signature' => base64_encode($joinPoint->getMethodArgument('signature')), 'signData' => $joinPoint->getMethodArgument('signData'), 'content' => $joinPoint->getMethodArgument('request')->getHttpRequest()->getContent()));
}
}
}
/**
* @Flow\Around("setting(Ttree.Embedly.logApiRequest) && within(Ttree\Embedly\Embedly) && method(public .*->(oembed|preview|objectify|extract|services)())")
* @param JoinPointInterface $joinPoint The current join point
* @return mixed
*/
public function getResponseFromCache(JoinPointInterface $joinPoint)
{
$proxy = $joinPoint->getProxy();
$key = ObjectAccess::getProperty($proxy, 'key');
$params = $joinPoint->getMethodArgument('params');
$cacheKey = md5($joinPoint->getClassName() . $joinPoint->getMethodName() . $key . json_encode($params));
if ($this->responseCache->has($cacheKey)) {
$this->systemLogger->log(sprintf(' cache hit Embedly::%s', $joinPoint->getMethodName()), LOG_DEBUG);
return $this->responseCache->get($cacheKey);
} else {
$this->systemLogger->log(sprintf(' cache miss Embedly::%s', $joinPoint->getMethodName()), LOG_DEBUG);
}
$response = $joinPoint->getAdviceChain()->proceed($joinPoint);
$this->responseCache->set($cacheKey, $response);
return $response;
}
/**
* An advice which intercepts the original route() method if a widget AJAX request
* was identified.
*
* If the HTTP request contains an argument hinting on an AJAX request directed
* to a widget, this method will create a matching ActionRequest rather than
* invoking the whole routing mechanism.
*
* @Flow\Around("method(TYPO3\Flow\Mvc\Routing\Router->route())")
* @param \TYPO3\Flow\Aop\JoinPointInterface $joinPoint
* @return \TYPO3\Flow\Mvc\ActionRequest
*/
public function routeAjaxWidgetRequestAdvice(JoinPointInterface $joinPoint)
{
$httpRequest = $joinPoint->getMethodArgument('httpRequest');
if ($httpRequest->hasArgument('__widgetId') || $httpRequest->hasArgument('__widgetContext')) {
$actionRequest = $httpRequest->createActionRequest();
$widgetId = $actionRequest->getInternalArgument('__widgetId');
if ($widgetId !== NULL) {
$widgetContext = $this->ajaxWidgetContextHolder->get($widgetId);
} else {
$serializedWidgetContextWithHmac = $actionRequest->getInternalArgument('__widgetContext');
$serializedWidgetContext = $this->hashService->validateAndStripHmac($serializedWidgetContextWithHmac);
$widgetContext = unserialize($serializedWidgetContext);
}
$actionRequest->setArgument('__widgetContext', $widgetContext);
$actionRequest->setControllerObjectName($widgetContext->getControllerObjectName());
return $actionRequest;
} else {
return $joinPoint->getAdviceChain()->proceed($joinPoint);
}
}
/**
* Advices the dispatch method so that illegal action requests are blocked before
* invoking any controller.
*
* The "request" referred to within this method is an ActionRequest or some other
* dispatchable request implementing RequestInterface. Note that we don't deal
* with HTTP requests here.
*
* @Flow\Around("setting(TYPO3.Flow.security.enable) && method(TYPO3\Flow\Mvc\Dispatcher->dispatch())")
* @param \TYPO3\Flow\Aop\JoinPointInterface $joinPoint The current joinpoint
* @return mixed Result of the advice chain
* @throws \Exception|\TYPO3\Flow\Security\Exception\AccessDeniedException
* @throws \Exception|\TYPO3\Flow\Security\Exception\AuthenticationRequiredException
*/
public function blockIllegalRequestsAndForwardToAuthenticationEntryPoints(JoinPointInterface $joinPoint)
{
$request = $joinPoint->getMethodArgument('request');
if (!$request instanceof ActionRequest || $this->securityContext->areAuthorizationChecksDisabled()) {
return $joinPoint->getAdviceChain()->proceed($joinPoint);
}
try {
$this->firewall->blockIllegalRequests($request);
return $joinPoint->getAdviceChain()->proceed($joinPoint);
} catch (AuthenticationRequiredException $exception) {
$response = $joinPoint->getMethodArgument('response');
$entryPointFound = FALSE;
/** @var $token \TYPO3\Flow\Security\Authentication\TokenInterface */
foreach ($this->securityContext->getAuthenticationTokens() as $token) {
$entryPoint = $token->getAuthenticationEntryPoint();
if ($entryPoint !== NULL) {
$entryPointFound = TRUE;
if ($entryPoint instanceof WebRedirect) {
$this->securityLogger->log('Redirecting to authentication entry point', LOG_INFO, $entryPoint->getOptions());
} else {
$this->securityLogger->log('Starting authentication with entry point of type ' . get_class($entryPoint), LOG_INFO);
}
$this->securityContext->setInterceptedRequest($request->getMainRequest());
$entryPoint->startAuthentication($request->getHttpRequest(), $response);
}
}
if ($entryPointFound === FALSE) {
$this->securityLogger->log('No authentication entry point found for active tokens, therefore cannot authenticate or redirect to authentication automatically.', LOG_NOTICE);
throw $exception;
}
} catch (AccessDeniedException $exception) {
$this->securityLogger->log('Access denied', LOG_WARNING);
throw $exception;
}
return NULL;
}
/**
* Check if department of logged in User match with department property of page node and hide this node if true
*
* @param \TYPO3\Flow\AOP\JoinPointInterface $joinPoint
* @Flow\Around("method(TYPO3\TYPO3CR\Security\Authorization\Privilege\Node\___NotUse___EditNodePrivilege->matchesSubject(PrivilegeSubjectInterface $subject))")
* @return boolean
*/
public function checkMatchesSubjectForCreatingNodes($joinPoint)
{
$matchesSubject = $joinPoint->getMethodArgument('subject');
$result = $joinPoint->getAdviceChain()->proceed($joinPoint);
// if ($matchesSubject instanceof \TYPO3\Flow\Security\Authorization\Privilege\Method\CreateNodePrivilegeSubject === false) return false;
if ($result) {
if ($this->securityContext->getParty() instanceof User) {
// get access rights depending on matching users and pages department
if ($this->getPropertyRecursive($matchesSubject->getNode(), 'departmentName') == $this->securityContext->getParty()->getDepartment()) {
return false;
} else {
return true;
}
} else {
$role = $this->policyService->getRole('TYPO3.Neos:Administrator');
if ($role) {
foreach ($this->securityContext->getParty()->getAccounts() as $account) {
if ($account->hasRole($role)) {
return false;
}
}
}
}
}
return $result;
}
/**
* @Flow\Around("method(public TYPO3\Flow\Tests\Functional\Aop\Fixtures\TargetClass01->greet())")
* @param \TYPO3\Flow\Aop\JoinPointInterface $joinPoint
* @return string
*/
public function changeNameArgumentAdvice(\TYPO3\Flow\Aop\JoinPointInterface $joinPoint)
{
if ($joinPoint->getMethodArgument('name') === 'Andi') {
$joinPoint->setMethodArgument('name', 'Robert');
}
return $joinPoint->getAdviceChain()->proceed($joinPoint);
}
/**
* Logs calls and result of isPrivilegeTargetGranted()
*
* @Flow\After("method(TYPO3\Flow\Security\Authorization\PrivilegeManager->isPrivilegeTargetGranted())")
* @param JoinPointInterface $joinPoint
* @return void
*/
public function logPrivilegeAccessDecisions(JoinPointInterface $joinPoint)
{
$decision = $joinPoint->getResult() === true ? 'GRANTED' : 'DENIED';
$message = sprintf('Decided "%s" on privilege "%s".', $decision, $joinPoint->getMethodArgument('privilegeTargetIdentifier'));
$this->securityLogger->log($message, \LOG_INFO);
}
/**
* Logs calls and results of decideOnResource()
*
* @Flow\AfterThrowing("method(TYPO3\Flow\Security\Authorization\AccessDecisionVoterManager->decideOnResource())")
* @param \TYPO3\Flow\Aop\JoinPointInterface $joinPoint
* @throws \Exception
* @return void
*/
public function logResourceAccessDecisions(\TYPO3\Flow\Aop\JoinPointInterface $joinPoint)
{
$exception = $joinPoint->getException();
$message = $exception->getMessage() . ' on resource "' . $joinPoint->getMethodArgument('resource') . '".';
$this->securityLogger->log($message, \LOG_INFO);
throw $exception;
}
/**
* Log a message if a post is deleted
*
* @param \TYPO3\Flow\Aop\JoinPointInterface $joinPoint
* @Flow\Before("method(TYPO3\Neos\View\TypoScriptView->setControllerContext())")
* @return void
*/
public function setControllerContext(\TYPO3\Flow\Aop\JoinPointInterface $joinPoint)
{
$this->controllerContext = $joinPoint->getMethodArgument('controllerContext');
}
