ModifyEditFormUserAccessEvent

New in version 12.0: This event serves as a more powerful and flexible alternative for the removed $GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS']['typo3/alt_doc.php']['makeEditForm_accessCheck'] hook.

The PSR-14 event \TYPO3\CMS\Backend\Form\Event\ModifyEditFormUserAccessEvent\ModifyEditFormUserAccessEvent provides the full database row of the record in question next to the exception, which might have been set by the Core. Additionally, the event allows to modify the user access decision in an object-oriented way, using convenience methods.

In case any listener to the new event denies user access, while it was initially allowed by Core, the \TYPO3\CMS\Backend\Form\Exception\AccessDeniedListenerException will be thrown.

Example

Registration of the event listener in the extension's Services.yaml:

EXT:my_extension/Configuration/Services.yaml
services:
  # Place here the default dependency injection configuration

  MyVendor\MyExtension\Backend\EventListener\MyEventListener:
    tags:
      - name: event.listener
        identifier: 'my-extension/backend/modify-edit-form-user-access'

Read how to configure dependency injection in extensions.

The corresponding event listener class:

EXT:my_extension/Classes/Backend/EventListener/MyEventListener.php
<?php

declare(strict_types=1);

namespace MyVendor\MyExtension\Backend\EventListener;

use TYPO3\CMS\Backend\Form\Event\ModifyEditFormUserAccessEvent;

final class MyEventListener
{
    public function __invoke(ModifyEditFormUserAccessEvent $event): void
    {
        // Deny access for creating records of a custom table
        if ($event->getTableName() === 'tx_myext_domain_model_mytable' && $event->getCommand() === 'new') {
            $event->denyUserAccess();
        }
    }
}

API

class TYPO3\CMS\Backend\Form\Event\ModifyEditFormUserAccessEvent

Listeners to this Event will be able to modify the user access decision for using FormEngine to create or edit a record.

allowUserAccess()

Allows user access to the editing form

denyUserAccess()

Denies user access to the editing form

doesUserHaveAccess()

Returns the current user access state

Return type

bool

getAccessDeniedException()

If Core's DataProvider previously denied access, this returns the corresponding exception, null otherwise

Return type

TYPO3\CMS\Backend\Form\Exception\AccessDeniedException

getTableName()

Returns the table name of the record in question

Return type

string

getCommand()

Returns the requested command, either new or edit

Return type

string

getDatabaseRow()

Returns the record's database row

Return type

array