ModifyEditFormUserAccessEvent¶

New in version 12.0: This event serves as a more powerful and flexible alternative for the removed $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/alt_doc.php']['makeEditForm_accessCheck'] hook.

The PSR-14 event \TYPO3\CMS\Backend\Form\Event\ModifyEditFormUserAccessEvent\ModifyEditFormUserAccessEvent provides the full database row of the record in question next to the exception, which might have been set by the Core. Additionally, the event allows to modify the user access decision in an object-oriented way, using convenience methods.

In case any listener to the new event denies user access, while it was initially allowed by Core, the \TYPO3\CMS\Backend\Form\Exception\AccessDeniedListenerException will be thrown.

Example¶

EXT:my_extension/Classes/Backend/EventListener/MyEventListener.php¶

<?php

declare(strict_types=1);

namespace MyVendor\MyExtension\Backend\EventListener;

use TYPO3\CMS\Backend\Form\Event\ModifyEditFormUserAccessEvent;
use TYPO3\CMS\Core\Attribute\AsEventListener;

#[AsEventListener(
    identifier: 'my-extension/backend/modify-edit-form-user-access'
)]
final class MyEventListener
{
    public function __invoke(ModifyEditFormUserAccessEvent $event): void
    {
        // Deny access for creating records of a custom table
        if ($event->getTableName() === 'tx_myext_domain_model_mytable' && $event->getCommand() === 'new') {
            $event->denyUserAccess();
        }
    }
}

New in version 13.0: The PHP attribute \TYPO3\CMS\Core\Attribute\AsEventListener has been introduced to tag a PHP class as an event listener. Alternatively, or if you need to be compatible with older TYPO3 versions, you can also register an event listener via the Configuration/Services.yaml file. Switch to an older version of this page for an example or have a look at the section Implementing an event listener in your extension.

API¶

class TYPO3\CMS\Backend\Form\Event\ModifyEditFormUserAccessEvent¶

Listeners to this Event will be able to modify the user access decision for using FormEngine to create or edit a record.

allowUserAccess()¶: Allows user access to the editing form

denyUserAccess()¶: Denies user access to the editing form

doesUserHaveAccess()¶

Returns the current user access state

Return type: bool

getAccessDeniedException()¶

If Core's DataProvider previously denied access, this returns the corresponding exception, null otherwise

Return type: TYPO3\CMS\Backend\Form\Exception\AccessDeniedException

getTableName()¶

Returns the table name of the record in question

Return type: string

getCommand()¶

Returns the requested command, either new or edit

Return type: string
Returns: "new"|"edit"

getDatabaseRow()¶

Returns the record's database row

Return type: array