[BUGFIX] Always use default language for fetching web mounts

Fixes calculation of the rootline within web mounts for
translated pages to give editors access again.

Change-Id: I2962e3c2a6e1ab9e040824677a53f8c008eaaf3f
Resolves: #87165
Resolves: #87223
Resolves: #87985
Resolves: #86575
Releases: master, 9.5
Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/61253
Tested-by: TYPO3com <noreply@typo3.com>
Tested-by: Andreas Fernandez <a.fernandez@scripting-base.de>
Reviewed-by: Andreas Fernandez <a.fernandez@scripting-base.de>

typo3/sysext/core/Classes/Authentication/BackendUserAuthentication.php

@@ -393,10 +393,21 @@ public function isInWebMount($id, $readPerms = '', $exitOnError = 0)
         }
         $id = (int)$id;
         // Check if input id is an offline version page in which case we will map id to the online version:
-        $checkRec = BackendUtility::getRecord('pages', $id, 'pid,t3ver_oid');
+        $checkRec = BackendUtility::getRecord(
+            'pages',
+            $id,
+            'pid,t3ver_oid,'
+            . $GLOBALS['TCA']['pages']['ctrl']['transOrigPointerField'] . ','
+            . $GLOBALS['TCA']['pages']['ctrl']['languageField']
+        );
         if ($checkRec['pid'] == -1) {
             $id = (int)$checkRec['t3ver_oid'];
         }
+        // if current rec is a translation then get uid from l10n_parent instead
+        // because web mounts point to pages in default language and rootline returns uids of default languages
+        if ((int)$checkRec[$GLOBALS['TCA']['pages']['ctrl']['languageField']] !== 0 && (int)$checkRec[$GLOBALS['TCA']['pages']['ctrl']['transOrigPointerField']] !== 0) {
+            $id = (int)$checkRec[$GLOBALS['TCA']['pages']['ctrl']['transOrigPointerField']];
+        }
         if (!$readPerms) {
             $readPerms = $this->getPagePermsClause(Permission::PAGE_SHOW);
         }

typo3/sysext/core/Tests/Functional/Authentication/BackendUserAuthenticationTest.php

@@ -0,0 +1,74 @@
+<?php
+declare(strict_types = 1);
+
+namespace TYPO3\CMS\Core\Tests\Functional\Authentication;
+
+/*
+ * This file is part of the TYPO3 CMS project.
+ *
+ * It is free software; you can redistribute it and/or modify it under
+ * the terms of the GNU General Public License, either version 2
+ * of the License, or any later version.
+ *
+ * For the full copyright and license information, please read the
+ * LICENSE.txt file that was distributed with this source code.
+ *
+ * The TYPO3 project - inspiring people to share!
+ */
+
+use TYPO3\CMS\Core\Authentication\AuthenticationService;
+use TYPO3\CMS\Core\Authentication\BackendUserAuthentication;
+use TYPO3\TestingFramework\Core\Functional\FunctionalTestCase;
+
+/**
+ * Testcase for class \TYPO3\CMS\Core\Authentication\BackendUserAuthentication
+ */
+class BackendUserAuthenticationTest extends FunctionalTestCase
+{
+    /**
+     * The fixture which is used when initializing a backend user
+     *
+     * @var string
+     */
+    protected $backendUserFixture = __DIR__ . '/Fixtures/be_users.xml';
+
+    /**
+     * @var AuthenticationService
+     */
+    protected $authenticationService;
+
+    /**
+     * @var BackendUserAuthentication
+     */
+    protected $subject;
+
+    /**
+     * @throws \Doctrine\DBAL\DBALException
+     * @throws \TYPO3\TestingFramework\Core\Exception
+     */
+    protected function setUp(): void
+    {
+        $GLOBALS['TYPO3_CONF_VARS']['BE']['lockBeUserToDBmounts'] = 1;
+        $GLOBALS['TYPO3_CONF_VARS']['BE']['cookieName'] = 'be_typo_user';
+        $GLOBALS['TYPO3_CONF_VARS']['BE']['warning_email_addr'] = '';
+        $GLOBALS['TYPO3_CONF_VARS']['BE']['lockIP'] = 4;
+        $GLOBALS['TYPO3_CONF_VARS']['BE']['sessionTimeout'] = 28800;
+
+        $this->subject = new BackendUserAuthentication();
+        parent::setUp();
+        $this->importDataSet(__DIR__ . '/Fixtures/be_groups.xml');
+        $this->importDataSet(__DIR__ . '/Fixtures/pages.xml');
+        $this->setUpBackendUserFromFixture(2);
+        /** @var $GLOBALS['BE_USER'] BackendUserAuthentication */
+        $this->subject = $GLOBALS['BE_USER'];
+    }
+
+    /**
+     * @test
+     */
+    public function getTranslatedPageOnWebMountIsInWebMountForNonAdminUser(): void
+    {
+        $result = $this->subject->isInWebMount(2);
+        $this->assertNotNull($result);
+    }
+}

typo3/sysext/core/Tests/Functional/Authentication/Fixtures/be_groups.xml

@@ -0,0 +1,16 @@
+<?xml version="1.0" encoding="utf-8"?>
+<dataset>
+    <be_groups>
+        <uid>1</uid>
+        <pid>0</pid>
+        <title>editor group</title>
+        <lockToDomain></lockToDomain>
+        <workspace_perms>0</workspace_perms>
+        <db_mountpoints>1</db_mountpoints>
+        <tstamp>1544454571</tstamp>
+        <crdate>1542360853</crdate>
+        <deleted>0</deleted>
+        <hidden>0</hidden>
+        <cruser_id>1</cruser_id>
+    </be_groups>
+</dataset>

typo3/sysext/core/Tests/Functional/Authentication/Fixtures/be_users.xml

@@ -0,0 +1,46 @@
+<?xml version="1.0" encoding="utf-8"?>
+<dataset>
+    <be_users>
+        <uid>1</uid>
+        <pid>0</pid>
+        <tstamp>1366642540</tstamp>
+        <username>admin</username>
+        <password>$1$tCrlLajZ$C0sikFQQ3SWaFAZ1Me0Z/1</password> <!-- password -->
+        <admin>1</admin>
+        <disable>0</disable>
+        <starttime>0</starttime>
+        <endtime>0</endtime>
+        <options>0</options>
+        <crdate>1366642540</crdate>
+        <cruser_id>0</cruser_id>
+        <workspace_perms>1</workspace_perms>
+        <disableIPlock>1</disableIPlock>
+        <deleted>0</deleted>
+        <TSconfig>NULL</TSconfig>
+        <lastlogin>1371033743</lastlogin>
+        <createdByAction>0</createdByAction>
+        <workspace_id>0</workspace_id>
+    </be_users>
+    <be_users>
+        <uid>2</uid>
+        <pid>0</pid>
+        <tstamp>1366642540</tstamp>
+        <username>editor</username>
+        <password>$1$tCrlLajZ$C0sikFQQ3SWaFAZ1Me0Z/1</password> <!-- password -->
+        <admin>0</admin>
+        <disable>0</disable>
+        <starttime>0</starttime>
+        <endtime>0</endtime>
+        <options>3</options>
+        <crdate>1366642540</crdate>
+        <cruser_id>0</cruser_id>
+        <workspace_perms>1</workspace_perms>
+        <disableIPlock>1</disableIPlock>
+        <deleted>0</deleted>
+        <TSconfig>NULL</TSconfig>
+        <lastlogin>1371033743</lastlogin>
+        <createdByAction>0</createdByAction>
+        <workspace_id>0</workspace_id>
+        <usergroup>1</usergroup>
+    </be_users>
+</dataset>

typo3/sysext/core/Tests/Functional/Authentication/Fixtures/pages.xml

@@ -0,0 +1,29 @@
+<?xml version="1.0" encoding="utf-8"?>
+<dataset>
+    <pages>
+        <pid>0</pid>
+        <uid>1</uid>
+        <sys_language_uid>0</sys_language_uid>
+        <l10n_parent>0</l10n_parent>
+        <title>Root page in default language</title>
+        <perms_userid>1</perms_userid>
+        <perms_groupid>1</perms_groupid>
+        <perms_user>31</perms_user>
+        <perms_group>27</perms_group>
+        <perms_everybody>0</perms_everybody>
+        <is_siteroot>1</is_siteroot>
+    </pages>
+    <pages>
+        <pid>0</pid>
+        <uid>2</uid>
+        <sys_language_uid>1</sys_language_uid>
+        <l10n_parent>1</l10n_parent>
+        <title>Root page translated</title>
+        <perms_userid>1</perms_userid>
+        <perms_groupid>1</perms_groupid>
+        <perms_user>31</perms_user>
+        <perms_group>27</perms_group>
+        <perms_everybody>0</perms_everybody>
+        <is_siteroot>1</is_siteroot>
+    </pages>
+</dataset>