hda-ppl / hda-rights-management-check
TYPO3 12.4/13.4 backend module for checking imported HDA rights schemas against PPL Rights Management data.
Maintainers
Package info
code.fbi.h-da.de/hda-ppl/hda-rights-management-check.git
Type:typo3-cms-extension
pkg:composer/hda-ppl/hda-rights-management-check
Requires
- php: >=8.2
- ppl/ppl_rights_management: ^12.4 || ^13.4
- typo3/cms-backend: ^12.4 || ^13.4
- typo3/cms-core: ^12.4 || ^13.4
This package is not auto-updated.
Last update: 2026-06-02 05:33:36 UTC
README
TYPO3 12.4/13.4 backend module for checking imported HDA user and group data against reusable rights import schemas.
The extension builds on ppl/ppl_rights_management and reuses its backend module, access checks, save handling and history. It adds the HDA-specific import matching workflow on top of the PPL rights management base.
Package data
- Extension key:
hda_rights_management - Composer package:
hda-ppl/hda-rights-management-check - TYPO3 compatibility:
12.4.0-13.4.99 - Base extension:
ppl/ppl_rights_management^12.4 || ^13.4 - License:
GPL-2.0-or-later - Author:
Pawel Pliousnin - Email:
pawel.pliousnin@h-da.de - Company:
Hochschule Darmstadt
What it does
- Registers the HDA rights management backend module under System.
- Extends the PPL Rights Management module with the HDA-specific tab
HDA Import Matching. - Stores reusable import schemas in
tx_hdarightsmanagement_import_schema. - Compares locally imported user and group data against an expected rights schema.
- Uses Department/Role data and optional filter overrides to derive expected groups, modules, DB mounts and file mounts.
- Reuses the PPL save and history logic instead of creating a separate rights system.
HDA Import Matching
The matching reads local import data from be_users.tx_igldapssoauth_dn, be_users.tx_igldapssoauth_id and LDAP configuration records from tx_igldapssoauth_config. LDAP is not queried live during the check. Filters such as department=IT Dienste und Anwendungen* are evaluated against local TYPO3 data and DN parts.
An import schema stores the expected state for a role or department: LDAP configuration, optional BE/FE filter overrides, expected backend groups, expected modules, expected DB mounts and expected file mounts. The matching view compares the current rights of matching backend users with that schema.
Access control
The backend module uses access = user, so TYPO3 backend groups still control who can open it. The extension configuration remains in ppl_rights_management; this extension does not introduce a second rights-management configuration.
Install
composer require hda-ppl/hda-rights-management-check:@dev
vendor/bin/typo3 extension:setup
After installation, run the TYPO3 database analyzer or deployment command so the table tx_hdarightsmanagement_import_schema is present.