PHP download

Download the PHP package liquidlight/typo3-elevate-to-admin without Composer

On this page you can find all versions of the php package liquidlight/typo3-elevate-to-admin. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:

If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.

Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
To use Composer is sometimes complicated. Especially for beginners.
Composer needs much resources. Sometimes they are not available on a simple webspace.
If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.

Please rate this library. Is it a good library?

Example code of liquidlight/typo3-elevate-to-admin

Informations about the package typo3-elevate-to-admin

Elevate to Admin

A TYPO3 extension that removes permanent admin access and lets users elevate to admin only when needed.

Admin users log in without admin privileges. Not only does this satisfy cyber security accreditations*, it allows your admin users to use the website as Editors which means they can quickly see any permissions or UI Bugs, issues and errors

Features

Meets Cyber Essentials and ISO 27001 requirements*
See who is an admin and since when
Resets privileges after 10 minutes of inactivity
Clears admin privileges after logging out
Allows admins to sill log in when backend is locked for editors

Installation

composer require liquidlight/typo3-elevate-to-admin
Edit backend users and enable "Can elevate to admin" where appropriate (existing admins will have this enabled when they login )
Selected users can use the dropdown in the corner to elevate to admin

The user can exit admin mode by using the same dropdown.

How It Works

Login as regular user - Admin users log in without admin privileges
Work normally - Browse, edit content, and perform regular tasks
Elevate when needed - Click the dropdown to become admin for specific tasks
Auto-logout - Admin privileges automatically expire after 10 minutes of inactivity

Events

The extension dispatches PSR-14 events that allow you to customize the behaviour:

BeforeAdminElevationProcessEvent

This event is dispatched before the admin elevation processing begins. You can use it to skip the elevation process entirely based on custom conditions.

Example: Make everyone admin in development mode

Testing

This extension includes comprehensive unit and functional tests with database integration.

Unit Tests

Unit tests can be run with

Functional Tests

Unit tests can be run with

* Cybersecurity requirements

Please check to ensure elevation/re-authentication is acceptable for your require security practices and accreditations. After our research, we have found:

Cyber Essentials

The official requirement states "use separate accounts to perform administrative activities only" - but this is ambiguous. It could mean:

Separate user accounts (strict interpretation)
Separate administrative sessions/activities (flexible interpretation allowing elevation)

Problem: Some certification bodies explicitly state that "account separation" is mandatory and that privilege elevation methods don't meet requirements, while others may accept properly implemented elevation.

Recommendation: Check with your specific certification body, as interpretations vary.

ISO 27001:2022

More flexible approach. The updated standard "does not explicitly require a different user ID for privileged access" and "emphasises the need to re-authenticate prior to receiving privileged access rights."

Elevation with re-authentication is acceptable if it includes:

Proper re-authentication before privilege escalation
Session separation and logging
Clear audit trails

Bottom Line

Cyber Essentials: Unclear - depends on your certification body's interpretation
ISO 27001:2022: Elevation with proper controls is acceptable

Sources

NCSC Cyber Essentials Requirements: Official Documentation v3.2
ISO 27001:2022 Control 8.2: Implementation Guidance
Cyber Essentials Overview: NCSC Website

Always verify requirements with your certification body before implementation

All versions of typo3-elevate-to-admin with dependencies

PHP Build Version

Package Version

Version 1.1.0 Release 28. Sep 2025
create-project require 0 people chose require and
0 people chose create-project.

Download

Download latest version of typo3-elevate-to-admin from vendor liquidlight

Requires typo3/cms-core Version ^11.5

Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package liquidlight/typo3-elevate-to-admin contains the following files

Loading the files please wait ...