Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[FEATURE] Reintroduce option to modify FE groups w/o auth
In TYPO3 v11.0 the "getGroupsFE" Authentication chain was removed for FrontendUserAuthentication, so it is not possible for extensions to add groups to anonymous user sessions anymore. A newly introduced Event is now introduced to replace the getGroupsFE authentication subservice. Resolves: #95364 Related: #93108 Releases: master Change-Id: Ib981f4c53041f014932df5575cae79446e6fbf34 Reviewed-on: https://review.typo3.org/c/Packages/TYPO3.CMS/+/71235 Tested-by: core-ci <typo3@b13.com> Tested-by: Helmut Hummel <typo3@helhum.io> Tested-by: Benjamin Franzke <bfr@qbus.de> Reviewed-by: Helmut Hummel <typo3@helhum.io> Reviewed-by: Georg Ringer <georg.ringer@gmail.com> Reviewed-by: Benjamin Franzke <bfr@qbus.de>
- Loading branch information
Showing
4 changed files
with
101 additions
and
2 deletions.
There are no files selected for viewing
33 changes: 33 additions & 0 deletions
33
...g/master/Feature-95364-EventToModifyFrontendUserGroupsWithoutAuthentication.rst
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
.. include:: ../../Includes.txt | ||
|
||
============================================================================= | ||
Feature: #95364 - Event to modify frontend user groups without authentication | ||
============================================================================= | ||
|
||
See :issue:`95364` | ||
|
||
Description | ||
=========== | ||
|
||
Prior to TYPO3 v11.0, the "getGroupsFE" authentication service | ||
allowed to add and manipulate Frontend User Groups to be attached | ||
to a FrontendUserAuthentication request during runtime. | ||
|
||
Extensions use this approach to attach certain properties for | ||
customization (e.g. country or region of a website user) dynamically for a specific request. | ||
|
||
This functionality was removed during the refactoring of the | ||
authentication services (see #93108). | ||
|
||
A new Event "ModifyResolvedFrontendGroupsEvent" has now been | ||
introduced to modify user groups, even if there is no | ||
authenticated user in place. | ||
|
||
|
||
Impact | ||
====== | ||
|
||
Use the new PSR-14 event to attach Frontend User Groups dynamically | ||
during a frontend request. | ||
|
||
.. index:: Frontend, PHP-API, ext:frontend |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
58 changes: 58 additions & 0 deletions
58
typo3/sysext/frontend/Classes/Authentication/ModifyResolvedFrontendGroupsEvent.php
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,58 @@ | ||
<?php | ||
|
||
declare(strict_types=1); | ||
|
||
/* | ||
* This file is part of the TYPO3 CMS project. | ||
* | ||
* It is free software; you can redistribute it and/or modify it under | ||
* the terms of the GNU General Public License, either version 2 | ||
* of the License, or any later version. | ||
* | ||
* For the full copyright and license information, please read the | ||
* LICENSE.txt file that was distributed with this source code. | ||
* | ||
* The TYPO3 project - inspiring people to share! | ||
*/ | ||
|
||
namespace TYPO3\CMS\Frontend\Authentication; | ||
|
||
use Psr\Http\Message\ServerRequestInterface; | ||
|
||
/** | ||
* Event listener to allow to add custom Frontend Groups to a (frontend) request | ||
* regardless if a user is logged in or not. | ||
*/ | ||
final class ModifyResolvedFrontendGroupsEvent | ||
{ | ||
private FrontendUserAuthentication $user; | ||
private array $groups; | ||
private ?ServerRequestInterface $request; | ||
|
||
public function __construct(FrontendUserAuthentication $user, array $groups, ?ServerRequestInterface $request) | ||
{ | ||
$this->user = $user; | ||
$this->groups = $groups; | ||
$this->request = $request; | ||
} | ||
|
||
public function getRequest(): ?ServerRequestInterface | ||
{ | ||
return $this->request; | ||
} | ||
|
||
public function getUser(): FrontendUserAuthentication | ||
{ | ||
return $this->user; | ||
} | ||
|
||
public function getGroups(): array | ||
{ | ||
return $this->groups; | ||
} | ||
|
||
public function setGroups(array $groups): void | ||
{ | ||
$this->groups = $groups; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters