Skip to content

Deprecation: #108568 - BackendUserAuthentication::recordEditAccessInternals() and $errorMsg #4820

New issue
New issue
Open
Open
Deprecation: #108568 - BackendUserAuthentication::recordEditAccessInternals() and $errorMsg#4820
Labels
1414.2Deprecationdifficult
@simonschaufi

Description

@simonschaufi
simonschaufi
opened on Jan 30, 2026

Deprecation: #108568 - BackendUserAuthentication::recordEditAccessInternals() and $errorMsg

https://docs.typo3.org/c/typo3/cms-core/main/en-us/Changelog/14.2/Deprecation-108568-BackendUserAuthenticationRecordEditAccessInternals.html

Deprecation: #108568 - BackendUserAuthentication::recordEditAccessInternals() and $errorMsg

See 108568

Description

The method
\TYPO3\CMS\Core\Authentication\BackendUserAuthentication::recordEditAccessInternals()
and the property
\TYPO3\CMS\Core\Authentication\BackendUserAuthentication::$errorMsg
have been deprecated.

These methods and properties represented an anti-pattern where the
method returned a boolean value but communicated error details through a
class property, making the API difficult to use and test.

A new method checkRecordEditAccess() has been introduced that returns
an \TYPO3\CMS\Core\Authentication\AccessCheckResult value object
containing both the access decision and any error message.

Impact

Calling the deprecated method recordEditAccessInternals() or accessing
the deprecated property $errorMsg will trigger a deprecation-level log
entry and will stop working in TYPO3 v15.0.

The extension scanner reports usages as a strong match.

Affected installations

Instances or extensions that directly call recordEditAccessInternals()
or access the $errorMsg property are affected.

Migration

Replace calls to recordEditAccessInternals() with
checkRecordEditAccess(). The new method returns an AccessCheckResult
object with two public properties:

  • isAllowed - boolean indicating if access is granted
  • errorMessage - string containing the error message (empty if access
    is allowed)

Before

use TYPO3\CMS\Core\Authentication\BackendUserAuthentication;

$backendUser = $this->getBackendUser();
if ($backendUser->recordEditAccessInternals($table, $record)) {
    // Access granted
} else {
    // Access denied, error message is in $backendUser->errorMsg
    $errorMessage = $backendUser->errorMsg;
}

After

use TYPO3\CMS\Core\Authentication\BackendUserAuthentication;

$backendUser = $this->getBackendUser();
$accessResult = $backendUser->checkRecordEditAccess($table, $record);
if ($accessResult->isAllowed) {
    // Access granted
} else {
    // Access denied
    $errorMessage = $accessResult->errorMessage;
}

PHP-API, FullyScanned, ext:core

Metadata

Metadata

Assignees

No one assigned

    Labels

    1414.2Deprecationdifficult

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions