Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/benjaminkott/ext-rights-and-roles
https://github.com/benjaminkott/ext-rights-and-roles
Last synced: about 1 month ago
JSON representation
- Host: GitHub
- URL: https://github.com/benjaminkott/ext-rights-and-roles
- Owner: benjaminkott
- License: gpl-2.0
- Created: 2019-08-22T07:42:15.000Z (over 5 years ago)
- Default Branch: master
- Last Pushed: 2023-08-09T12:24:00.000Z (over 1 year ago)
- Last Synced: 2024-11-18T07:01:13.820Z (about 2 months ago)
- Language: PHP
- Size: 40 KB
- Stars: 1
- Watchers: 3
- Forks: 2
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# DO NOT USE IN PRODUCTION YET
# Rights and Roles
This Extension handles several improvements for TYPO3 permission system.
- Prefix Groups with `[G]`
- Prefix Roles with `[R]`
## 1. Rights and Roles Matrix
It provides a Backend Module for a list of all Groups starting with [G].
It shows a Matrix of assigned or not assigned rights in table with the information about assignment of right to group (or to role).
## 2. Overload the access to pages etc
In the default you can only assign a single user or a single group to the access for pages.
This is sometimes not the correct way (see https://de.wikipedia.org/wiki/Access_Control_List).
So ACLs are not implemented in TYPO3. The solution is this extension.
You can implement the two following hooks in your code to archive this goal:
```
$GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_userauthgroup.php']['getPagePermsClause'][] = function ($params) use ($configuration)
{
// Call the hook from RightsAndRoles Extension
$hook = new \BK2K\RightsAndRoles\Hook\BackendUserGroupRightsHook($configuration);
return $hook->getPagePermsClause($params);
};
$GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['t3lib/class.t3lib_userauthgroup.php']['calcPerms'][] = function ($params) use ($configuration)
{
// Call the hook from RightsAndRoles Extension
$hook = new \BK2K\RightsAndRoles\Hook\BackendUserGroupRightsHook($configuration);
return $hook->calcPerms($params);
};
```
Now you are able to configure your permissions.
You have to add the following structure in your configuration:
```
EXT
page:
debug: 1 # Debug mode flag
access: # the Access configuration
13:
0: 1
```
This means, that the group "13" (in this example a base group for simple editor) can read (decimal 1, binary 1)
all pages (0). The rights are calulated by standard binary additions (see \TYPO3\CMS\Core\Type\Bitmask\Permission):
```
NOTHING: 0 (@see \TYPO3\CMS\Core\Type\Bitmask\Permission::NOTHING)
PAGE_SHOW: 1 (@see \TYPO3\CMS\Core\Type\Bitmask\Permission::PAGE_SHOW)
PAGE_EDIT: 2 (@see \TYPO3\CMS\Core\Type\Bitmask\Permission::PAGE_EDIT)
PAGE_DELETE: 4 (@see \TYPO3\CMS\Core\Type\Bitmask\Permission::PAGE_DELETE)
PAGE_NEW: 8 (@see \TYPO3\CMS\Core\Type\Bitmask\Permission::PAGE_NEW)
CONTENT_EDIT: 16 (@see \TYPO3\CMS\Core\Type\Bitmask\Permission::CONTENT_EDIT)
ALL: 31 (@see \TYPO3\CMS\Core\Type\Bitmask\Permission::ALL)
```
If a usergroup can view the page and should be able to edit the content, the correct binary value should be
"PAGE_SHOW | CONTENT_EDIT", which is calculated in decimal 17.
If a usergroup should have a specific access of a single page, you can add this page ID in the group block:
```
EXT
page:
access:
13:
25: 19
```
With this configuration the usergroup "13" can "PAGE_SHOW && PAGE_EDIT && CONTENT_EDIT" for the Page with ID "25".
You can also combine the default page "0" (every page) with specific Page ID like:
```
EXT
page:
access:
13:
0: 1
25: 19
```