[TYPO3-core] [Fwd: RFC: hook request in t3lib/t3lib_userauthgroup.php]
Dmitry Dulepov
9f4eetb02 at sneakemail.com
Thu Mar 8 12:12:37 CET 2007
Martin Kutschker wrote:
> Because it's hard to check out everything and I don't want to wave hooks
> through. Hooks may be dangerous or misplaced or wrong and are - as
> everything else - hard to remove.
How hooks can be dangerous? This hooks is used only to restrict access
to record by extension. It cannot enable access if access is already
restricted. How this can be dangerous?
Currently if extension wants to implement its own access control for
records, it can do it only through TCEMain hooks. But this has
disadvantage. User goes to edit record, spends half an hour doing it,
clicks "Save" and... gets a message that he has no rights for it.
The hook that I proposed, allows extension to show "no edit access"
message to user before he starts editing record.
How this could be dangerous? It is only the advantage!
We had much more significant and non-trivial things reviewed and applied.
I start thinking that I should simply supply a list of core patches with
templavoila if I cannot get even such simple things through. Our
approval process definitely needs improvements or development will stop
at some point completely...
--
Dmitry Dulepov
Web: http://typo3bloke.net/
Skype: callto:liels_bugs
"It is our choices, that show what we truly are,
far more than our abilities." (A.P.W.B.D.)
More information about the TYPO3-team-core
mailing list