Documentation · ViewHelper reference

XSD schema file | vhs 2.1.3

Security / AllowViewHelper

Security: Allow

Allows access to the child content based on given arguments. The ViewHelper is a condition based ViewHelper which means it supports the f:then and f:else child nodes - you can use this behaviour to invert the access (i.e. use f:else in a check if a frontend user is logged in, if you want to hide content from authenticated users):

<v:security.allow anyFrontendUser="TRUE">
    <f:then><!-- protected information displayed --></f:then>
    <f:else><!-- link to login form displayed --></f:else>

Is the mirror opposite of v:security.deny.

  • Tag usage example

    <v:security.allow then="[mixed]" else="[mixed]" anyFrontendUser="1" anyFrontendUserGroup="1" frontendUser="[\TYPO3\CMS\Extbase\Domain\Model\FrontendUser]" frontendUsers="[<\TYPO3\CMS\Extbase\Persistence\ObjectStorage>\TYPO3\CMS\Extbase\Domain\Model\FrontendUser]" frontendUserGroup="[\TYPO3\CMS\Extbase\Domain\Model\FrontendUserGroup]" frontendUserGroups="[<\TYPO3\CMS\Extbase\Persistence\ObjectStorage>\TYPO3\CMS\Extbase\Domain\Model\FrontendUserGroup]" anyBackendUser="1" backendUser="123" backendUsers="[mixed]" backendUserGroup="123" backendUserGroups="[mixed]" admin="1" evaluationType="'AND'">
    	<!-- tag content - may be ignored! -->
  • Inline usage example

    {v:security.allow(then: [mixed], else: [mixed], anyFrontendUser: 1, anyFrontendUserGroup: 1, frontendUser: [\TYPO3\CMS\Extbase\Domain\Model\FrontendUser], frontendUsers: [<\TYPO3\CMS\Extbase\Persistence\ObjectStorage>\TYPO3\CMS\Extbase\Domain\Model\FrontendUser], frontendUserGroup: [\TYPO3\CMS\Extbase\Domain\Model\FrontendUserGroup], frontendUserGroups: [<\TYPO3\CMS\Extbase\Persistence\ObjectStorage>\TYPO3\CMS\Extbase\Domain\Model\FrontendUserGroup], anyBackendUser: 1, backendUser: 123, backendUsers: [mixed], backendUserGroup: 123, backendUserGroups: [mixed], admin: 1, evaluationType: ''AND'')}


Argument Description Type

If TRUE, a backend user which is also an admin is required


If TRUE, allows any backend user unless other arguments disallows each specific backend user


If TRUE, allows any FrontendUser unless other arguments disallows each specific FrontendUser


If TRUE, allows any FrontendUserGroup unless other arguments disallows each specific FrontendUser


The uid of a backend user to allow/deny


The uid of the backend user group to allow/deny


The backend user groups list to allow/deny. If string, CSV of uids is assumed, if array, array of uids is assumed


The backend users list to allow/deny. If string, CSV of uids is assumed, if array, array of uids is assumed


Value to be returned if the condition if not met.


Specify AND or OR (case sensitive) to determine how arguments must be processed. Default is AND, requiring all arguments to be satisfied if used


The FrontendUser to allow/deny


The FrontendUserGroup to allow/deny


The FrontendUserGroups ObjectStorage to allow/deny


The FrontendUsers ObjectStorage to allow/deny


Value to be returned if the condition if met.

Required attribute

Revision history

commit 3c364e56ef72a7f27cd19dee834ba0edcc315ee1
Author: Claus Due <*****>
Date:   Sat Nov 3 14:23:26 2012 +0100

    [FEATURE] Security ViewHelpers, Allow and Deny with reusable base class

commit 319b89b6bb0fde3e1c3960fcae117597bad3897d
Author: Claus Due <*****>
Date:   Thu Nov 15 22:09:36 2012 +0100

    [BUGFIX] Fix incorrect base after refactor, Security ViewHelpers

commit 9aa5d2f68a203ecfadcd2f29f3426a1664c9ebf3
Author: Claus Due <*****>
Date:   Sat Jan 26 13:46:00 2013 +0100

    [DOC] Doc comment for Security / Allow ViewHelper

commit 3ab7ee2fd7a3d82727688635bca2249e6bc4fe77
Author: Björn Fromme <*****>
Date:   Sun May 26 16:03:15 2013 +0200

    [TASK] Remove superfluous return statement

commit da31bad1d9bb058c072ddb5591e8ed907a1ae8e1
Author: Claus Due <*****>
Date:   Tue Dec 31 23:08:37 2013 +0100

    [TASK] Happy new year!

commit 52bd6e41ccfef3d8193b350153912a9716e6a087
Author: Benjamin Rau <*****>
Date:   Tue Apr 1 21:09:00 2014 +0200

    [TASK] CGL compliance

commit da7677bc74f14e9a9300e4ba4487e52c3cb97642
Author: Claus Due <*****>
Date:   Sun Apr 20 01:13:33 2014 +0200

    [TASK] Switch to namespaces

commit 12ff0ddfb8d36c51f2d3befde7ae812177c80d5d
Author: Xaver Maierhofer <*****>
Date:   Wed Jun 11 00:01:47 2014 +0200

    [TASK] CGL remove use leading backslash
    PHP Docs
    Note that for namespaced names (fully qualified namespace names containing namespace separator, such as Foo\Bar as opposed to global names that do not, such as FooBar),
    the leading backslash is unnecessary and not recommended, as import names must be fully qualified, and are not processed relative to the current namespace.

commit 4981055359c895f3869e5bd878293b3c15ed26e5
Author: Xaver Maierhofer <*****>
Date:   Sun Jan 18 14:01:04 2015 +0100

    [TASK] CGL - Define classes, params, use imports

commit 8bb2fc5ee124ba19b0a0ab8e061c9a153fc4651f
Author: Xaver Maierhofer <*****>
Date:   Sun Jan 18 17:56:13 2015 +0100

    [TASK] Reference Copyright to file