authMode_enforce¶
Changed in version 12.0: Handling of TCA config option authMode_enforce
has been removed.
Migration¶
Using authMode_enforce='strict'¶
Extensions with select fields using authMode
previously had different handling
if authMode_enforce => 'strict'
has been set: Let us say an editor accesses a record
with an authMode
field being set to a value it has no access to. With authMode_enforce
not being set to strict
, the editor was still able to edit the record and set the value
to something it had access to. With authMode_enforce
being set to strict
, the editor
was not allowed to access the record. This has been streamlined: The backend interface no longer
renders those records for the editor and an "access denied" message is rendered instead. To
prevent this, a group this editor is member of needs to be adapted to allow access to this
particular value in the "Explicitly allow field values" (explicit_allowdeny
) field.