Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[TASK] Remove public access feature for registration lists #4277

Merged
merged 1 commit into from
Mar 25, 2025
Merged

[TASK] Remove public access feature for registration lists #4277

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -110,6 +110,7 @@ This project adheres to [Semantic Versioning](https://semver.org/).

### Removed

- Remove public access feature for registration lists (#4277)
- Drop `Venue.zip` (#4274)
- Drop `Venue.country` (#4273, #4275)
- Drop `Event.language` (#4271)
Expand Down
2 changes: 1 addition & 1 deletion Classes/Configuration/ListViewConfigurationCheck.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -146,7 +146,7 @@ private function checkAccessToFrontEndRegistrationLists(): void
'This value specifies who is able to see the registered persons an event in the front end .
If this value is incorrect, persons may access the registration lists although they should not be allowed to
(or vice versa).',
['attendees_and_managers', 'login', 'world']
['attendees_and_managers', 'login']
);
}

Expand Down
63 changes: 2 additions & 61 deletions Classes/OldModel/LegacyEvent.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1812,7 +1812,7 @@ public function isUserVip(int $userUid): bool
* @param int<0, max> $registrationsVipListPID
* the value of the registrationsVipListPID parameter
* (only relevant for (seminar_list|my_events|my_vip_events))
* @param 'attendees_and_managers'|'login'|'world' $accessLevel
* @param 'attendees_and_managers'|'login' $accessLevel
*
* @return bool TRUE if a FE user is logged in and the user may view
* the registrations list or may see a link to that
Expand All @@ -1829,13 +1829,6 @@ public function canViewRegistrationsList(
}

switch ($accessLevel) {
case 'world':
$result = $this->canViewRegistrationsListForWorldAccess(
$whichPlugin,
$registrationsListPID,
$registrationsVipListPID
);
break;
case 'login':
$result = $this->canViewRegistrationsListForLoginAccess(
$whichPlugin,
Expand Down Expand Up @@ -1967,63 +1960,14 @@ protected function canViewRegistrationsListForLoginAccess(
return $result;
}

/**
* Checks whether a FE user is logged in and whether he/she may view this
* seminar's registrations list or see a link to it.
*
* This function assumes that the access level for FE registration lists is
* "world".
*
* @param 'seminar_list'|'my_events'|'my_vip_events'|'list_registrations'|'list_vip_registrations' $whichPlugin
* @param int<0, max> $registrationsListPID
* the value of the registrationsListPID parameter
* (only relevant for (seminar_list|my_events|my_vip_events))
* @param int<0, max> $registrationsVipListPID
* the value of the registrationsVipListPID parameter
* (only relevant for (seminar_list|my_events|my_vip_events))
*
* @return bool TRUE if a FE user is logged in and the user may view
* the registrations list or may see a link to that
* page, FALSE otherwise
*/
protected function canViewRegistrationsListForWorldAccess(
string $whichPlugin,
int $registrationsListPID = 0,
int $registrationsVipListPID = 0
): bool {
$currentUserUid = GeneralUtility::makeInstance(Context::class)->getPropertyFromAspect('frontend.user', 'id');
\assert(\is_int($currentUserUid) && $currentUserUid >= 0);
$isLoggedIn = $currentUserUid > 0;

$hasListPid = $registrationsListPID > 0;
$hasVipListPid = $registrationsVipListPID > 0;

switch ($whichPlugin) {
case 'my_vip_events':
$result = $isLoggedIn && $this->isUserVip($currentUserUid)
&& $hasVipListPid;
break;
case 'list_vip_registrations':
$result = $isLoggedIn && $this->isUserVip($currentUserUid);
break;
case 'list_registrations':
$result = true;
break;
default:
$result = $hasListPid;
}

return $result;
}

/**
* Checks whether a FE user is logged in and whether he/she may view this
* seminar's registrations list.
* This function is intended to be used from the registrations list,
* NOT to check whether a link to that list should be shown.
*
* @param 'seminar_list'|'my_events'|'my_vip_events'|'list_registrations'|'list_vip_registrations' $whichPlugin
* @param 'attendees_and_managers'|'login'|'world' $accessLevel
* @param 'attendees_and_managers'|'login' $accessLevel
*
* @return string an empty string if everything is OK, a localized error
* message otherwise
Expand All @@ -2035,9 +1979,6 @@ public function canViewRegistrationsListMessage(
if (!$this->needsRegistration()) {
return $this->translate('message_noRegistrationNecessary');
}
if ($accessLevel === 'world') {
return '';
}
if (!GeneralUtility::makeInstance(Context::class)->getAspect('frontend.user')->isLoggedIn()) {
return $this->translate('message_notLoggedIn');
}
Expand Down
2 changes: 1 addition & 1 deletion Configuration/TypoScript/FrontEnd.typoscript
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,7 @@ plugin.tx_seminars_pi1 {
generalPriceInSingle = 0

# who is allowed to view the list of registrations on the front end:
# "attendees_and_managers", "login" or "world"
# "attendees_and_managers" or "login"
accessToFrontEndRegistrationLists = attendees_and_managers

# whether detailed information for the speakers is shown in the single view
Expand Down
2 changes: 1 addition & 1 deletion ...erence/SetupForTheSeminarManagerFront-endPlug-inInPlugintxSeminarsPi1/Index.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -397,7 +397,7 @@ override the corresponding value from TS Setup.**

Description
who is allowed to view the list of registrations on the front end;
allowed values are: attendees\_and\_managers, login, world
allowed values are: attendees\_and\_managers, login

Default
attendees\_and\_managers
Expand Down
230 changes: 0 additions & 230 deletions Tests/LegacyFunctional/OldModel/LegacyEventTest.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6611,206 +6611,6 @@ public function canViewRegistrationsListWithNeedsRegistrationAndLoginAccess(
);
}

/**
* Data provider for testing the canViewRegistrationsList function
* with world access.
*
* @return mixed[][] test data for canViewRegistrationsList with each row
* having the following elements:
* [expected] boolean: expected value (TRUE or FALSE)
* [loggedIn] boolean: whether a user is logged in
* [isRegistered] boolean: whether the logged-in user is
* registered for that event
* [isVip] boolean: whether the logged-in user is a VIP
* that event
* [whichPlugin] string: value for that parameter
* [registrationsListPID] integer: value for that parameter
* [registrationsVipListPID] integer: value for that parameter
*/
public function canViewRegistrationsListDataProviderForWorld(): array
{
return [
'seminarListWithNothingElse' => [
'expected' => false,
'loggedIn' => false,
'isRegistered' => false,
'isVip' => false,
'whichPlugin' => 'seminar_list',
'registrationsListPID' => 0,
'registrationsVipListPID' => 0,
],
'seminarListWithListPid' => [
'expected' => true,
'loggedIn' => false,
'isRegistered' => false,
'isVip' => false,
'whichPlugin' => 'seminar_list',
'registrationsListPID' => 1,
'registrationsVipListPID' => 0,
],
'seminarListLoggedInWithListPid' => [
'expected' => true,
'loggedIn' => true,
'isRegistered' => false,
'isVip' => false,
'whichPlugin' => 'seminar_list',
'registrationsListPID' => 1,
'registrationsVipListPID' => 0,
],
'seminarListIsRegisteredWithListPid' => [
'expected' => true,
'loggedIn' => true,
'isRegistered' => true,
'isVip' => false,
'whichPlugin' => 'seminar_list',
'registrationsListPID' => 1,
'registrationsVipListPID' => 0,
],
'seminarListIsRegisteredWithoutListPid' => [
'expected' => false,
'loggedIn' => true,
'isRegistered' => true,
'isVip' => false,
'whichPlugin' => 'seminar_list',
'registrationsListPID' => 0,
'registrationsVipListPID' => 0,
],
'seminarListIsVipWithListPid' => [
'expected' => false,
'loggedIn' => true,
'isRegistered' => true,
'isVip' => true,
'whichPlugin' => 'seminar_list',
'registrationsListPID' => 0,
'registrationsVipListPID' => 1,
],
'seminarListIsVipWithoutListPid' => [
'expected' => false,
'loggedIn' => true,
'isRegistered' => false,
'isVip' => true,
'whichPlugin' => 'seminar_list',
'registrationsListPID' => 0,
'registrationsVipListPID' => 0,
],
'myEventsIsRegisteredWithListPid' => [
'expected' => true,
'loggedIn' => true,
'isRegistered' => true,
'isVip' => false,
'whichPlugin' => 'my_events',
'registrationsListPID' => 1,
'registrationsVipListPID' => 1,
],
'myEventsIsVipWithVipListPid' => [
'expected' => true,
'loggedIn' => true,
'isRegistered' => false,
'isVip' => true,
'whichPlugin' => 'my_events',
'registrationsListPID' => 1,
'registrationsVipListPID' => 1,
],
'myVipEventsIsRegisteredWithVipListPid' => [
'expected' => false,
'loggedIn' => true,
'isRegistered' => true,
'isVip' => false,
'whichPlugin' => 'my_vip_events',
'registrationsListPID' => 1,
'registrationsVipListPID' => 1,
],
'myVipEventsIsVipWithVipListPid' => [
'expected' => true,
'loggedIn' => true,
'isRegistered' => false,
'isVip' => true,
'whichPlugin' => 'my_vip_events',
'registrationsListPID' => 1,
'registrationsVipListPID' => 1,
],
'listRegistrationsIsRegistered' => [
'expected' => true,
'loggedIn' => true,
'isRegistered' => true,
'isVip' => false,
'whichPlugin' => 'list_registrations',
'registrationsListPID' => 0,
'registrationsVipListPID' => 0,
],
'listRegistrationsIsVip' => [
'expected' => true,
'loggedIn' => true,
'isRegistered' => false,
'isVip' => true,
'whichPlugin' => 'list_registrations',
'registrationsListPID' => 0,
'registrationsVipListPID' => 0,
],
'listVipRegistrationsIsRegistered' => [
'expected' => false,
'loggedIn' => true,
'isRegistered' => true,
'isVip' => false,
'whichPlugin' => 'list_vip_registrations',
'registrationsListPID' => 0,
'registrationsVipListPID' => 0,
],
'listVipRegistrationsIsVip' => [
'expected' => true,
'loggedIn' => true,
'isRegistered' => false,
'isVip' => true,
'whichPlugin' => 'list_vip_registrations',
'registrationsListPID' => 0,
'registrationsVipListPID' => 0,
],
];
}

/**
* @test
*
* @dataProvider canViewRegistrationsListDataProviderForWorld
*/
public function canViewRegistrationsListWithNeedsRegistrationAndWorldAccess(
bool $expected,
bool $loggedIn,
bool $isRegistered,
bool $isVip,
string $whichPlugin,
int $registrationsListPID,
int $registrationsVipListPID
): void {
$subject = $this->createPartialMock(
LegacyEvent::class,
['needsRegistration', 'isUserRegistered', 'isUserVip']
);
$subject->method('needsRegistration')
->willReturn(true);
$subject->method('isUserRegistered')
->willReturn($isRegistered);
$subject->method('isUserVip')
->willReturn($isVip);

if ($loggedIn) {
$rootPageUid = $this->testingFramework->createFrontEndPage();
$this->testingFramework->changeRecord('pages', $rootPageUid, ['slug' => '/home']);
$this->testingFramework->createFakeFrontEnd($rootPageUid);
$this->testingFramework->createAndLoginFrontEndUser();
}

self::assertSame(
$expected,
$subject->canViewRegistrationsList(
$whichPlugin,
$registrationsListPID,
$registrationsVipListPID,
'world'
)
);
}

// Tests concerning canViewRegistrationsListMessage

/**
Expand Down Expand Up @@ -6855,20 +6655,6 @@ public function canViewRegistrationsListMessageForListAndNoLoginAndLoginAccessRe
);
}

/**
* @test
*/
public function canViewRegistrationsListMessageForListAndNoLoginAndWorldAccessReturnsEmptyString(): void
{
$subject = $this->createPartialMock(LegacyEvent::class, ['needsRegistration']);
$subject->method('needsRegistration')->willReturn(true);

self::assertSame(
'',
$subject->canViewRegistrationsListMessage('list_registrations', 'world')
);
}

/**
* Data provider that returns all possible access level codes for the
* FE registration lists.
Expand Down Expand Up @@ -6900,20 +6686,6 @@ public function canViewRegistrationsListMessageForVipListAndNoLoginReturnsPlease
);
}

/**
* @test
*/
public function canViewRegistrationsListMessageForVipListAndWorldAccessAndNoLoginReturnsEmptyString(): void
{
$subject = $this->createPartialMock(LegacyEvent::class, ['needsRegistration']);
$subject->method('needsRegistration')->willReturn(true);

self::assertSame(
'',
$subject->canViewRegistrationsListMessage('list_vip_registrations', 'world')
);
}

/**
* Data provider that returns all possible parameter combinations for
* canViewRegistrationsList as called from canViewRegistrationsListMessage.
Expand All @@ -6925,10 +6697,8 @@ public function registrationListParametersDataProvider(): array
return [
'attendeesAndManagers' => ['list_registrations', 'attendees_and_managers'],
'login' => ['list_registrations', 'login'],
'world' => ['list_registrations', 'world'],
'attendeesAndManagersVip' => ['list_vip_registrations', 'attendees_and_managers'],
'loginVip' => ['list_vip_registrations', 'login'],
'worldVip' => ['list_vip_registrations', 'world'],
];
}

Expand Down
Loading