[Typo3-dev] Deny field list

Kasper Skårhøj kasper2004 at typo3.com
Fri Dec 17 15:08:26 CET 2004 

I wonder if anyone could want to fix this and provide the fix to CVS?

Let me see (from memory);

- The configuration of each element in the wizard is in an array
- The parameters defining each type is passed as plain GET variable
presets.

This could be changed in this way:
- Function calls build the array
- A paraemter to the function call is an array with field-default values
as field/value pairs.
- The function adding the entry calls the auth API inside BE_USER for
each field/value pair and checks that value. If any of them fails the
entry is not added.

I can't remember how you check for a single of these values but surely
that would only take a few minutes browsing to figure out since it is
used at other places, eg. in tcemain/alt_doc.php


Now, this small change is not something that can push TYPO3 over and out
of function, hence someone else could be trusted to do this.
I'm just trying to extend my hand with a chance to tamper with the core
in and important and annoying but not critical matter.


- kasper




On Fri, 2004-12-17 at 14:49, Peter Niederlag wrote:
> Hi,
> 
> Lars Houmark schrieb:
> > Hey guys,
> > 
> > I am sorry if this has been covered before, but I cannot find it on the 
> > bugtracker.
> > 
> > I've been testing the new "Deny field list with Pagecontent: type:" feature 
> > in the user/group settings, running 3.7.0 stable.
> > 
> > I am setting numerous fields to deny, ie. Bullet list. Trying to change an 
> > existing element to Bullet list is not possible. That's all fine and dandy. 
> > But using the "New content element wizard" shows all of the elements still. 
> > Clicking on bullet list, makes the element type dropdown throw an error, 
> > because it is not in the list.
> > 
> > Is this suppose to be this way? Isn't the Bullet list supposed to be all 
> > hidden, everywhere in the backend (excluding the RTE ofcourse)?
> > 
> > Should I go forward and put this on the bugtracker?
> 
> mmhhh.
> 
> it is a known "feature" that the "content-element-wizard" doesn't 
> reflect/take into account TSConfig-Settings yet(same goes for explicit 
> deny/allow). It is however easily adoptable via own php/extension.
> 
> I have noticed the problem with allow/deny for existing CE. I think that 
> could(!) be considered a bug. Actually those CE shouldn't get a 
> editPanel/editIcons at all. I think it might be tough to implement it, 
> don't know...
> 
> Cheers,
> Peter
-- 
- kasper

----------------
Man søger fred i rigdom, glans og ære
og tænker: Hvad kan hjertet mer begære?
men dybt derinde bor den samme længsel,
og hjertet græder i sit gyldne fængsel.

More information about the TYPO3-dev mailing list