[TYPO3-core] Call for help: Migrate core extensions to extbase

Christian Kuhn lolli at schwarzbu.ch
Sun May 6 18:23:38 CEST 2012


On 05/04/2012 11:50 PM, Helmut Hummel wrote:
> * The viewpage module has a DocHeader layout in it's own extension
> folder. Would be good to have a global layout folder for all backend
> modules to reduce duplicate fluid templates.

Mmmh, yes. A generic docheader layout could probably be added to fluid. 
Actually, I'm unsure if it is possible to render a layout from a 
different extension (just change layoutRootPath?) Who knows / wants to 
find out?

> * Get rid of t3lib_div::_GP('id') calls in the controller. In extbase we
> have a request object we should use. If the request namespace should be
> a problem, we need a solution for that.

Yes, possible improvement, shouldn't be too hard. Anyone wants to do that?

> * Backend modules need to take care of a lot of security stuff.
> Permissions, access checks, CSRF protection etc. We should introduce the
> needed security layer(s) with a solid API and put in a good place (maybe
> extbase).

Afaik the access checks are already done (user,group,admin like for 
'old' modules). The CSRF issue is generic and is an issue for extbase. 
We should talk about this one.

> * We should definitely get rid of creating URLs by concatenating
> strings; that's a pain. The UriBuilder must work for backend URLs. By
> using the UriBuilder we could e.g. easily handle adding the CSRF
> protection token on a central place.

I'm unsure on how well the UriBuilder currently works in BE scope, 
especially for things like the viewpage extension. Who wants to find out?


More information about the TYPO3-team-core mailing list