[TYPO3-dev] Can user X access record Y?
Oliver Salzburg
oliver.salzburg at googlemail.com
Mon May 28 14:08:51 CEST 2012
On 2012-05-28 06:13, Michael wrote:
> On 2012-05-10 02:08, Oliver Salzburg wrote:
>
>> If I pick an arbitrary user (user id 42) and an arbitrary other record
>> (table tx_news_domain_model_file, uid:123), what is the correct
>> approach to check access permissions set between these object?
>
> I stumbled across this chapter today and remembered your question, so maybe
> this is an option for you?
>
> http://typo3.org/documentation/document-library/core-documentation/doc_core_api/
>
> Chapter 3.6. "Backend User Object".
>
> And then something like:
>
> $BE_USER->check(...);
> $BE_USER->doesUserHaveAccess(...);
>
> But I haven't used these yet, so this is just the way I would
> investigate further.
>
> HTH - Cheers
> Michael
>
Yes, that would be something like I had in mind. But not exactly.
Primarily because I was interested in FE users.
I haven't developed much with TYPO3 yet so some approaches seem very
unnatural to me.
For example, I just couldn't believe that the only place where you can
do access permission checks between FE users and arbitrary data records
is the database itself.
Because, to my understanding, no further abstraction of that concept is
done after that. Which I find irritating and shocking.
Even if you use the abstracted approaches like extbase, this concept is
still lost in it.
Once I retrieve my model object from the database, all access
permission information is no longer present. So access permission
checks, again, have to be done at the database level.
Something like that just seems so strange and alien to me that I
couldn't believe it. I still can't. It makes no sense.
So I posted this, very unspecific, question on the list in the hope
that someone would call me an idiot for not having grasped the true
power of TYPO3 in this regard (and then tell me about that power).
By now, I have rewritten my code to run additional queries against the
database to make sure any access permissions are respected.
Thanks for your mail :)
Oliver
More information about the TYPO3-dev
mailing list