From b73618172d8eedadf8adceb2ab7f542a5775b22e Mon Sep 17 00:00:00 2001
From: Richard Haeser <richard@maxserv.com>
Date: Thu, 10 Dec 2020 08:02:50 +0100
Subject: [PATCH] [TASK] Remove access check when generating preview URL (#395)

---
 CHANGELOG.md                   |  4 ++
 Classes/Service/UrlService.php | 88 ++++++++++++++++------------------
 ext_emconf.php                 |  2 +-
 3 files changed, 46 insertions(+), 48 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 0fc581e3..f950ca79 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -8,6 +8,10 @@ We will follow [Semantic Versioning](http://semver.org/).
 ## Yoast SEO Premium for TYPO3
 Besides the free version of our plugin, we also have a premium version. The free version enables you to do all necessary optimizations. With the premium version, we make it even easier to do! More information can be found on https://www.maxserv.com/yoast.
 
+## 7.0.7 December 9, 2020
+### Fixed
+* It should not matter if a backend user has backend access to the page which is used to preview. This is mainly when using Yoast SEO for records other than pages and the detail page itself is not accessible for the backend user. 
+
 ## 7.0.6 November 20, 2020
 ### Fixed
 * The script adding additional information for the preview now checks if the getWebsiteTitle method exists before calling it. This prevents errors in TYPO3 v9 as this method is not availalbe there.
diff --git a/Classes/Service/UrlService.php b/Classes/Service/UrlService.php
index 48cd4631..10cd6e91 100644
--- a/Classes/Service/UrlService.php
+++ b/Classes/Service/UrlService.php
@@ -8,7 +8,6 @@
 use TYPO3\CMS\Core\Routing\RouteNotFoundException;
 use TYPO3\CMS\Core\Site\Entity\Site;
 use TYPO3\CMS\Core\Site\SiteFinder;
-use TYPO3\CMS\Core\Type\Bitmask\Permission;
 use TYPO3\CMS\Core\Utility\GeneralUtility;
 use TYPO3\CMS\Frontend\Page\PageRepository;
 use YoastSeoForTypo3\YoastSeo\Utility\YoastUtility;
@@ -54,58 +53,53 @@ public function getPreviewUrl(
         int $languageId,
         $additionalGetVars = ''
     ): string {
-        $permissionClause = $this->getBackendUser()->getPagePermsClause(Permission::PAGE_SHOW);
-        $pageRecord = BackendUtility::readPageAccess($pageId, $permissionClause);
-        if ($pageRecord) {
-            $rootLine = BackendUtility::BEgetRootLine($pageId);
-            // Mount point overlay: Set new target page id and mp parameter
-            $pageRepository = GeneralUtility::makeInstance(PageRepository::class);
-            $finalPageIdToShow = $pageId;
-            $mountPointInformation = $pageRepository->getMountPointInfo($pageId);
-            if ($mountPointInformation && $mountPointInformation['overlay']) {
-                // New page id
-                $finalPageIdToShow = $mountPointInformation['mount_pid'];
-                $additionalGetVars .= '&MP=' . $mountPointInformation['MPvar'];
-            }
+        $rootLine = BackendUtility::BEgetRootLine($pageId);
+        // Mount point overlay: Set new target page id and mp parameter
+        $pageRepository = GeneralUtility::makeInstance(PageRepository::class);
+        $finalPageIdToShow = $pageId;
+        $mountPointInformation = $pageRepository->getMountPointInfo($pageId);
+        if ($mountPointInformation && $mountPointInformation['overlay']) {
+            // New page id
+            $finalPageIdToShow = $mountPointInformation['mount_pid'];
+            $additionalGetVars .= '&MP=' . $mountPointInformation['MPvar'];
+        }
 
-            if (version_compare(TYPO3_branch, '9.5', '>=')) {
-                $siteFinder = GeneralUtility::makeInstance(SiteFinder::class);
-                $site = $siteFinder->getSiteByPageId($finalPageIdToShow, $rootLine);
-                if ($site instanceof Site) {
-                    $this->checkRouteEnhancers($site);
-
-                    $additionalQueryParams = [];
-                    parse_str($additionalGetVars, $additionalQueryParams);
-                    $additionalQueryParams['_language'] = $site->getLanguageById($languageId);
-                    $uriToCheck = YoastUtility::fixAbsoluteUrl(
-                        (string)$site->getRouter()->generateUri($finalPageIdToShow, $additionalQueryParams)
-                    );
-
-                    if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS'][self::class]['urlToCheck'])) {
-                        foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS'][self::class]['urlToCheck'] as $_funcRef) {
-                            $_params = [
-                                'urlToCheck' => $uriToCheck,
-                                'site' => $site,
-                                'finalPageIdToShow' => $finalPageIdToShow,
-                                'languageId' => $languageId
-                            ];
-
-                            $uriToCheck = GeneralUtility::callUserFunction($_funcRef, $_params, $this);
-                        }
+        if (version_compare(TYPO3_branch, '9.5', '>=')) {
+            $siteFinder = GeneralUtility::makeInstance(SiteFinder::class);
+            $site = $siteFinder->getSiteByPageId($finalPageIdToShow, $rootLine);
+            if ($site instanceof Site) {
+                $this->checkRouteEnhancers($site);
+
+                $additionalQueryParams = [];
+                parse_str($additionalGetVars, $additionalQueryParams);
+                $additionalQueryParams['_language'] = $site->getLanguageById($languageId);
+                $uriToCheck = YoastUtility::fixAbsoluteUrl(
+                    (string)$site->getRouter()->generateUri($finalPageIdToShow, $additionalQueryParams)
+                );
+
+                if (is_array($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS'][self::class]['urlToCheck'])) {
+                    foreach ($GLOBALS['TYPO3_CONF_VARS']['SC_OPTIONS'][self::class]['urlToCheck'] as $_funcRef) {
+                        $_params = [
+                            'urlToCheck' => $uriToCheck,
+                            'site' => $site,
+                            'finalPageIdToShow' => $finalPageIdToShow,
+                            'languageId' => $languageId
+                        ];
+
+                        $uriToCheck = GeneralUtility::callUserFunction($_funcRef, $_params, $this);
                     }
-                    $uri = (string)$this->uriBuilder->buildUriFromRoute('ajax_yoast_preview', [
-                        'uriToCheck' => $uriToCheck, 'pageId' => $finalPageIdToShow
-                    ]);
-                } else {
-                    $uri = BackendUtility::getPreviewUrl($finalPageIdToShow, '', $rootLine, '', '', $additionalGetVars);
                 }
+                $uri = (string)$this->uriBuilder->buildUriFromRoute('ajax_yoast_preview', [
+                    'uriToCheck' => $uriToCheck, 'pageId' => $finalPageIdToShow
+                ]);
             } else {
-                $uri = $this->getUrlForType(self::FE_PREVIEW_TYPE, '&pageIdToCheck=' . $pageId . '&languageIdToCheck=' . $languageId);
+                $uri = BackendUtility::getPreviewUrl($finalPageIdToShow, '', $rootLine, '', '', $additionalGetVars);
             }
-
-            return $uri;
+        } else {
+            $uri = $this->getUrlForType(self::FE_PREVIEW_TYPE, '&pageIdToCheck=' . $pageId . '&languageIdToCheck=' . $languageId);
         }
-        return '#';
+
+        return (string)$uri;
     }
 
     /**
diff --git a/ext_emconf.php b/ext_emconf.php
index 6d7a6a31..df012532 100644
--- a/ext_emconf.php
+++ b/ext_emconf.php
@@ -10,7 +10,7 @@
     'dependencies' => '',
     'state' => 'stable',
     'uploadfolder' => 0,
-    'version' => '7.0.6',
+    'version' => '7.0.7',
     'constraints' => [
         'depends' => [
             'typo3' => '8.7.0-10.4.99',