[TYPO3-mvc] access control & localization: are they killing the idea of extbase by now?
Sebastian Kurfürst
sebastian at typo3.org
Thu Jan 7 07:08:30 CET 2010
Hi,
> - cObj->enableFields()
> from the end of
> http://typo3.org/documentation/document-library/tutorials/doc_tut_frontend/0.0.1/view/3/2/
enableFields is fully respected, but you can disable it for your own
queries if you do:
$query->getQuerySettings()->setRespectEnableFields(FALSE);
> What would be needed is a central configuration posibility to
> allow/disallow access to controllers&actions for users and groups. A
> really nice thing would be a small configuration manager as backend
> module, where you can assign users & groups to the available
> controllers&actions. The resulting configuration files could (?) be
> compatible to FLOW3 or at least the same module could export a FLOW3
> format as well. I'm pretty sure that the part for putting a check
> somewhere in the dispatcher of extbase is not that hard.
Agreed so far.
I'd suggest that if you are interested in trying such thing out, create
a new extension which encapsulates your proposed way of access control.
IMHO it is enough to create an extended version of the ActionController
and put the access control logic into that controller - and you'll use
that one.
So, I'd suggest that if you are interested, just try it out and try to
make a prototype :) I'd like to have some working code which we can
discuss, as this is a lot easier then. Additionally, I think such code
parts should *not* be part of Extbase itself when they are created, as
this is still the "incubation" phase of such a feature - that's why I'd
suggest using a separate extension for now, and if everything is working
nicely, we can then integrate it into extbase.
Greets,
Sebastian
More information about the TYPO3-project-typo3v4mvc
mailing list