[TYPO3-core] Call for help: Migrate core extensions to extbase
Christian Kuhn
lolli at schwarzbu.ch
Sun May 6 18:23:38 CEST 2012
Hey,
On 05/04/2012 11:50 PM, Helmut Hummel wrote:
> * The viewpage module has a DocHeader layout in it's own extension
> folder. Would be good to have a global layout folder for all backend
> modules to reduce duplicate fluid templates.
Mmmh, yes. A generic docheader layout could probably be added to fluid.
Actually, I'm unsure if it is possible to render a layout from a
different extension (just change layoutRootPath?) Who knows / wants to
find out?
> * Get rid of t3lib_div::_GP('id') calls in the controller. In extbase we
> have a request object we should use. If the request namespace should be
> a problem, we need a solution for that.
Yes, possible improvement, shouldn't be too hard. Anyone wants to do that?
> * Backend modules need to take care of a lot of security stuff.
> Permissions, access checks, CSRF protection etc. We should introduce the
> needed security layer(s) with a solid API and put in a good place (maybe
> extbase).
Afaik the access checks are already done (user,group,admin like for
'old' modules). The CSRF issue is generic and is an issue for extbase.
We should talk about this one.
> * We should definitely get rid of creating URLs by concatenating
> strings; that's a pain. The UriBuilder must work for backend URLs. By
> using the UriBuilder we could e.g. easily handle adding the CSRF
> protection token on a central place.
I'm unsure on how well the UriBuilder currently works in BE scope,
especially for things like the viewpage extension. Who wants to find out?
Regards
Christian
More information about the TYPO3-team-core
mailing list