[TYPO3] Building a hook (for access control of content elements)

tapio tapio.markula at dnainternet.net
Sat Mar 11 09:59:29 CET 2006 

>>if(is_array($TYPO3_CONF_VARS['EXTCONF']['tm_contentaccess']['hasAccess']))
>>   {
>>                                                foreach
>>($TYPO3_CONF_VARS['EXTCONF']['tm_contentaccess']['hasAccess'] as
>>$hasAccessControl) {
>>                                                     $_procObj =
>>&t3lib_div::getUserObj($hasAccessControl);
> 
> 
> you will get no access if the variable T3_conf_vars[extconf][...] was set but not to a valid
> class/object ... simply because the if is_array() will succeed but the ::getUserObj will return
> an invalid object ....
> 
> don't you get that you check if the object exists ... you never call any code of your hook-class ... how
> shall something get done/determined ????

Ok.
You wrote in one answer

And this just returns you an object. You also have to call a method out
of it with:

$hasAccess = $_procObj->method();

Where to define?
							
									$_procObj = array();
								 
if(is_array($TYPO3_CONF_VARS['EXTCONF']['tm_contentaccess']['hasAccess'])) 
    {
										foreach 
($TYPO3_CONF_VARS['EXTCONF']['tm_contentaccess']['hasAccess'] as 
$hasAccessControl) {
											$_procObj = &t3lib_div::getUserObj($hasAccessControl);
											$hasAccess=$_procObj->testAccess();
											}
										}

or
							
									$_procObj = array();
								 
if(is_array($TYPO3_CONF_VARS['EXTCONF']['tm_contentaccess']['hasAccess'])) 
    {
										foreach 
($TYPO3_CONF_VARS['EXTCONF']['tm_contentaccess']['hasAccess'] as 
$hasAccessControl) {
											$_procObj = &t3lib_div::getUserObj($_procObj->testAccess());
	$hasAccess=$_procObj;
											}
										}

 >in your case because the hook method shall just decide wheter somebody
has access to something

Yes. I made myself condition to restrict access from user groups or/and
if the BE user is admin or not.

Somebody might like to add control on the base of BE user.

I would put the hook in the *end* of other conditions.

The hook could also reset existing contions by setting
$hasAccess=1.

The access control for content elements, which base on content element 
types could be ignored! Access control could base on just on those 
conditions, which the admin regards as the best.

New conditions could set $hasAccess=0;

In principle the hook is *important* for user defined access control for 
content elements.
I don't know, what parameter to set, but
if the return value is just 0 or 1, I belive that someone could create 
contitions. Necessary variable could at least get by using global variables.

More information about the TYPO3-english mailing list