TYPO3: Custom CE backend permissions - typo3

I created several content elements, some of them with the help of the "mask" extension.
The issue is that backend users in the "editor" user group are unable to edit custom content elements.
Where can I edit those permissions ?

Open the configuration of the backend user group.
Open the tab "Access Lists"
Add the tables which are needed for inline elements in "Tables (listing)"-section and "Tables (modify)"-section
Allow the fields needed in this tables and tt_content (Page Content) in the "Allowed excludefields"-Section
Allow the usage of the elements in the "Explicitly allow/deny field values"-section
This should do the job.

Related

Permission problem in TYPO3 v8 for non admin users

Users in the editor group ("Redakteure") are not allowed to edit two content elements, the two bottom ones, which were created by me, the admin. The users in the group are allowed to edit their own content element, the top one. The creator of the page is a member of the editor group and the permissions say they should be allowed to edit it, but the edit button is not visible for them. "Restrict editing by non-Admins" is not active on these two elements.
How can I give a user or group edit permissions to all content elements on one page?
Admin view:
User view:
Permissions:
User is in the group:
You are missing some permissions in the backend usergroup «Redakteure». Use the list module on page [0] and edit the backend usergroup «Redakteure».
In tab «Access Lists» at bottom allow the content elements «Table» and «Regular Text Element»:
Explicitly allow/deny field values: Page Content: Type: Text
allow/deny field values: Page Content: Type: Table

How to add permission to editor user on Record Storage Page?

I am using TYPO3 version 9.5, and I am trying to show (enable) Record Storage Page for editor users inside plugin.
So what I want to do is to show this input for a Used - Editor
TCEMAIN {
permissions.group = show,edit,delete,new,editcontent
permissions.groupid = 1
}
Thanks
The permissions on the fields of tables (like pages, tt_content, etc) are set at usergroup level, so you should edit the backend usergroup of your User Editor (located in the "root" folder) and go to the "Access List" tab.
Here you can set for the editors that belong to that group:
allowed modules
read and write permissions for the tables
allowed page types
allowed fields for every table (fields that are set with exclude=>true in TCA)
allowed content types
allowed languages

Typo3 user rights are inherited incorrectly

I am trying to create user rights in Typo3 7.6 so that a user can simply work as an editor. He has, for his department, a section of the page tree. In that he can almost exclusively create text & media. For a single subpage of this whole tree, it also requires the ability to create an HTML element.
From my personal logic, it would be sufficient to create a user group (A), with all the usual rights would be covered. So creating pages, texts and media. A second user group (B) then only with the explicit permission to create HTML elements. Under Access, I have selected the group in the entire page tree as a simple editor (A), under which one page may be on the HTML, but the second user group (B).
But now it seems that as soon as the user receives the group B, it is not only allowed to create HTML for the one page, but the entire page tree.
What am I doing wrong? How is that otherwise thought?
This doesn't work this way. The permissions of all groups are combined and are the same on any page.
A possible solution could be to use the extension content_defender and a different backend layout for those pages where the HTML element is allowed.
Just as a side note: Allowing an editor the HTML element is a security risk as the editor can also create JavaScript and with that can get admin permissions and other stuff. So I would be very careful with that and would avoid allowing this element for admins.

TYPO3: how to show the field in BE only for its owner?

TCA offers the possibility for conditional displaying fields using displayCond. for an instance HIDE_FOR_NON_ADMINS allows to display field only for admin, but is there a way to display given field only for its creator, determined by cruser_id field?
Not out of the box. You can hook into TCEMAIN (DataHandler) or TCEFORM (FormEngine) to archive this.
You can however use access rights and set the rights to show the page (storage folder) only the the given backend user. Check out the access module.

TYPO3: Divider element is missing

I have here a TYPO3 4.2.10 and I want do add a divider element (special element) in the content. But there is no divider element. Has anybody an idea what is wrong?
You might not have admin rights, or the user is not allowed to insert the page or content type "divider". Check the permissions at the user groups or users Access Lists.
For groups:
Module list > Page root > Backend usergroup
Edit the group you belong to.
Go to the tab Access Lists (check if necessary):
Scroll down and check if any options are explicitely denied:
Another way is to check the TSconfig for the user group, at the tab Options. The content element can also be disabled in the Page TSconfig, which can be found at the page settings, tab Resources. In both cases, check for this code:
TCEFORM.tt_content.CType.removeItems = div
and replace it by something suitable, e.g.:
TCEFORM.tt_content.CType.removeItems >
Source