From 8a9f9fe390d42399cbe377d4f56a04bda8bf5dca Mon Sep 17 00:00:00 2001
From: MarkRS-UK <mark@stantoncentral.co.uk>
Date: Mon, 27 Jun 2022 16:17:50 +0100
Subject: [PATCH 01/14] Update ExceptionHandler.php

---
 libraries/src/Exception/ExceptionHandler.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libraries/src/Exception/ExceptionHandler.php b/libraries/src/Exception/ExceptionHandler.php
index 561adfe8e3f43..f97e84f806771 100644
--- a/libraries/src/Exception/ExceptionHandler.php
+++ b/libraries/src/Exception/ExceptionHandler.php
@@ -41,7 +41,7 @@ public static function handleUserDeprecatedErrors(int $errorNumber, string $erro
 		{
 			try
 			{
-				Log::add($errorMessage, Log::WARNING, 'deprecated');
+				Log::add("$errorMessage - $errorFile - Line $errorLine", Log::WARNING, 'deprecated');
 			}
 			catch (\Exception $e)
 			{

From 0b07115a62eeb407dcffd240b366af783bb130db Mon Sep 17 00:00:00 2001
From: MarkRS-UK <mark@stantoncentral.co.uk>
Date: Mon, 28 Aug 2023 11:56:19 +0100
Subject: [PATCH 02/14] Update HtmlView.php

Add finer control of preference tabs by ACL
---
 .../src/View/Component/HtmlView.php           | 21 +++++++++++++++----
 1 file changed, 17 insertions(+), 4 deletions(-)

diff --git a/administrator/components/com_config/src/View/Component/HtmlView.php b/administrator/components/com_config/src/View/Component/HtmlView.php
index 34f8273bc457a..081b4dc7293fb 100644
--- a/administrator/components/com_config/src/View/Component/HtmlView.php
+++ b/administrator/components/com_config/src/View/Component/HtmlView.php
@@ -82,10 +82,23 @@ public function display($tpl = null)
         $this->fieldsets   = $form ? $form->getFieldsets() : null;
         $this->formControl = $form ? $form->getFormControl() : null;
 
-        // Don't show permissions fieldset if not authorised.
-        if (!$user->authorise('core.admin', $component->option) && isset($this->fieldsets['permissions'])) {
-            unset($this->fieldsets['permissions']);
-        }
+        // Remove unauthorised preference tabs.
+		foreach($this->fieldsets as $key => $value)
+		{
+			if($key == 'permissions')
+			{
+				if ((!$user->authorise('core.admin', $component->option) || !$user->authorise('core.options.permission', $component->option) )
+						&& isset($this->fieldsets['permissions'])) {
+					unset($this->fieldsets['permissions']);
+				}
+			}
+			else
+			{
+				if (!$user->authorise("core.options.$key", $component->option) && isset($this->fieldsets[$key])) {
+					unset($this->fieldsets[$key]);
+				}
+			}
+		}
 
         $this->form      = &$form;
         $this->component = &$component;

From 15d1f7487a977ff7df6ecfd3b1ed7b01c42dea60 Mon Sep 17 00:00:00 2001
From: MarkRS-UK <mark@stantoncentral.co.uk>
Date: Mon, 28 Aug 2023 21:12:37 +0100
Subject: [PATCH 03/14] Update HtmlView.php

Fix code style errors
---
 .../src/View/Component/HtmlView.php           | 34 ++++++++++---------
 1 file changed, 18 insertions(+), 16 deletions(-)

diff --git a/administrator/components/com_config/src/View/Component/HtmlView.php b/administrator/components/com_config/src/View/Component/HtmlView.php
index 081b4dc7293fb..38eaa2cf08797 100644
--- a/administrator/components/com_config/src/View/Component/HtmlView.php
+++ b/administrator/components/com_config/src/View/Component/HtmlView.php
@@ -83,22 +83,24 @@ public function display($tpl = null)
         $this->formControl = $form ? $form->getFormControl() : null;
 
         // Remove unauthorised preference tabs.
-		foreach($this->fieldsets as $key => $value)
-		{
-			if($key == 'permissions')
-			{
-				if ((!$user->authorise('core.admin', $component->option) || !$user->authorise('core.options.permission', $component->option) )
-						&& isset($this->fieldsets['permissions'])) {
-					unset($this->fieldsets['permissions']);
-				}
-			}
-			else
-			{
-				if (!$user->authorise("core.options.$key", $component->option) && isset($this->fieldsets[$key])) {
-					unset($this->fieldsets[$key]);
-				}
-			}
-		}
+        foreach($this->fieldsets as $key => $value)
+        {
+            if($key == 'permissions')
+            {
+                if ((!$user->authorise('core.admin', $component->option) || !$user->authorise('core.options.permission', $component->option) )
+                    && isset($this->fieldsets['permissions']))
+                {
+                    unset($this->fieldsets['permissions']);
+                }
+            }
+            else
+            {
+                if (!$user->authorise("core.options.$key", $component->option) && isset($this->fieldsets[$key]))
+                {
+                    unset($this->fieldsets[$key]);
+                }
+            }
+        }
 
         $this->form      = &$form;
         $this->component = &$component;

From 188e6e40cef8caef3cb52f8f00de0f2f25f6c9b4 Mon Sep 17 00:00:00 2001
From: MarkRS-UK <mark@stantoncentral.co.uk>
Date: Mon, 28 Aug 2023 21:46:38 +0100
Subject: [PATCH 04/14] Update
 administrator/components/com_config/src/View/Component/HtmlView.php

Co-authored-by: Richard Fath <richard67@users.noreply.github.com>
---
 .../components/com_config/src/View/Component/HtmlView.php      | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/administrator/components/com_config/src/View/Component/HtmlView.php b/administrator/components/com_config/src/View/Component/HtmlView.php
index 38eaa2cf08797..fada8b91b7322 100644
--- a/administrator/components/com_config/src/View/Component/HtmlView.php
+++ b/administrator/components/com_config/src/View/Component/HtmlView.php
@@ -83,8 +83,7 @@ public function display($tpl = null)
         $this->formControl = $form ? $form->getFormControl() : null;
 
         // Remove unauthorised preference tabs.
-        foreach($this->fieldsets as $key => $value)
-        {
+        foreach($this->fieldsets as $key => $value) {
             if($key == 'permissions')
             {
                 if ((!$user->authorise('core.admin', $component->option) || !$user->authorise('core.options.permission', $component->option) )

From f75609ef620ac7cd0ad6b9f8c5eebe3f78cfad36 Mon Sep 17 00:00:00 2001
From: MarkRS-UK <mark@stantoncentral.co.uk>
Date: Mon, 28 Aug 2023 21:46:56 +0100
Subject: [PATCH 05/14] Update
 administrator/components/com_config/src/View/Component/HtmlView.php

Co-authored-by: Richard Fath <richard67@users.noreply.github.com>
---
 .../components/com_config/src/View/Component/HtmlView.php      | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/administrator/components/com_config/src/View/Component/HtmlView.php b/administrator/components/com_config/src/View/Component/HtmlView.php
index fada8b91b7322..062f51da737d8 100644
--- a/administrator/components/com_config/src/View/Component/HtmlView.php
+++ b/administrator/components/com_config/src/View/Component/HtmlView.php
@@ -84,8 +84,7 @@ public function display($tpl = null)
 
         // Remove unauthorised preference tabs.
         foreach($this->fieldsets as $key => $value) {
-            if($key == 'permissions')
-            {
+            if ($key == 'permissions') {
                 if ((!$user->authorise('core.admin', $component->option) || !$user->authorise('core.options.permission', $component->option) )
                     && isset($this->fieldsets['permissions']))
                 {

From e41f642730b2dc88be36019f3150cff049af187e Mon Sep 17 00:00:00 2001
From: MarkRS-UK <mark@stantoncentral.co.uk>
Date: Mon, 28 Aug 2023 21:47:12 +0100
Subject: [PATCH 06/14] Update
 administrator/components/com_config/src/View/Component/HtmlView.php

Co-authored-by: Richard Fath <richard67@users.noreply.github.com>
---
 .../components/com_config/src/View/Component/HtmlView.php    | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/administrator/components/com_config/src/View/Component/HtmlView.php b/administrator/components/com_config/src/View/Component/HtmlView.php
index 062f51da737d8..35a4055375632 100644
--- a/administrator/components/com_config/src/View/Component/HtmlView.php
+++ b/administrator/components/com_config/src/View/Component/HtmlView.php
@@ -85,9 +85,8 @@ public function display($tpl = null)
         // Remove unauthorised preference tabs.
         foreach($this->fieldsets as $key => $value) {
             if ($key == 'permissions') {
-                if ((!$user->authorise('core.admin', $component->option) || !$user->authorise('core.options.permission', $component->option) )
-                    && isset($this->fieldsets['permissions']))
-                {
+                if ((!$user->authorise('core.admin', $component->option) || !$user->authorise('core.options.permission', $component->option))
+                    && isset($this->fieldsets['permissions'])) {
                     unset($this->fieldsets['permissions']);
                 }
             }

From ef6dead0ef86d6fe61b72cd6c5e071983d4a87dd Mon Sep 17 00:00:00 2001
From: MarkRS-UK <mark@stantoncentral.co.uk>
Date: Mon, 28 Aug 2023 21:47:47 +0100
Subject: [PATCH 07/14] Update
 administrator/components/com_config/src/View/Component/HtmlView.php

Co-authored-by: Richard Fath <richard67@users.noreply.github.com>
---
 .../components/com_config/src/View/Component/HtmlView.php     | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/administrator/components/com_config/src/View/Component/HtmlView.php b/administrator/components/com_config/src/View/Component/HtmlView.php
index 35a4055375632..fafb444d177b0 100644
--- a/administrator/components/com_config/src/View/Component/HtmlView.php
+++ b/administrator/components/com_config/src/View/Component/HtmlView.php
@@ -89,9 +89,7 @@ public function display($tpl = null)
                     && isset($this->fieldsets['permissions'])) {
                     unset($this->fieldsets['permissions']);
                 }
-            }
-            else
-            {
+            } else {
                 if (!$user->authorise("core.options.$key", $component->option) && isset($this->fieldsets[$key]))
                 {
                     unset($this->fieldsets[$key]);

From 757dbdc5982bf56bb335e344fc4e4ee53bd7df7d Mon Sep 17 00:00:00 2001
From: MarkRS-UK <mark@stantoncentral.co.uk>
Date: Mon, 28 Aug 2023 21:48:08 +0100
Subject: [PATCH 08/14] Update
 administrator/components/com_config/src/View/Component/HtmlView.php

Co-authored-by: Richard Fath <richard67@users.noreply.github.com>
---
 .../components/com_config/src/View/Component/HtmlView.php      | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/administrator/components/com_config/src/View/Component/HtmlView.php b/administrator/components/com_config/src/View/Component/HtmlView.php
index fafb444d177b0..e06e5f08bb558 100644
--- a/administrator/components/com_config/src/View/Component/HtmlView.php
+++ b/administrator/components/com_config/src/View/Component/HtmlView.php
@@ -90,8 +90,7 @@ public function display($tpl = null)
                     unset($this->fieldsets['permissions']);
                 }
             } else {
-                if (!$user->authorise("core.options.$key", $component->option) && isset($this->fieldsets[$key]))
-                {
+                if (!$user->authorise("core.options.$key", $component->option) && isset($this->fieldsets[$key])) {
                     unset($this->fieldsets[$key]);
                 }
             }

From ddef3a8e8687371a4c0ab810b9637e7eded7bee0 Mon Sep 17 00:00:00 2001
From: MarkRS-UK <mark@stantoncentral.co.uk>
Date: Mon, 28 Aug 2023 23:19:26 +0100
Subject: [PATCH 09/14] Update
 administrator/components/com_config/src/View/Component/HtmlView.php

Co-authored-by: Richard Fath <richard67@users.noreply.github.com>
---
 .../components/com_config/src/View/Component/HtmlView.php       | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/administrator/components/com_config/src/View/Component/HtmlView.php b/administrator/components/com_config/src/View/Component/HtmlView.php
index e06e5f08bb558..4227985e0e823 100644
--- a/administrator/components/com_config/src/View/Component/HtmlView.php
+++ b/administrator/components/com_config/src/View/Component/HtmlView.php
@@ -83,7 +83,7 @@ public function display($tpl = null)
         $this->formControl = $form ? $form->getFormControl() : null;
 
         // Remove unauthorised preference tabs.
-        foreach($this->fieldsets as $key => $value) {
+        foreach ($this->fieldsets as $key => $value) {
             if ($key == 'permissions') {
                 if ((!$user->authorise('core.admin', $component->option) || !$user->authorise('core.options.permission', $component->option))
                     && isset($this->fieldsets['permissions'])) {

From 2c03800e23c7ca4e0e741db6b4eeb065470fbbae Mon Sep 17 00:00:00 2001
From: MarkRS-UK <mark@stantoncentral.co.uk>
Date: Tue, 29 Aug 2023 08:36:21 +0100
Subject: [PATCH 10/14] Update
 administrator/components/com_config/src/View/Component/HtmlView.php

Co-authored-by: Richard Fath <richard67@users.noreply.github.com>
---
 .../components/com_config/src/View/Component/HtmlView.php   | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/administrator/components/com_config/src/View/Component/HtmlView.php b/administrator/components/com_config/src/View/Component/HtmlView.php
index 4227985e0e823..421b3a1fbe2c7 100644
--- a/administrator/components/com_config/src/View/Component/HtmlView.php
+++ b/administrator/components/com_config/src/View/Component/HtmlView.php
@@ -85,8 +85,10 @@ public function display($tpl = null)
         // Remove unauthorised preference tabs.
         foreach ($this->fieldsets as $key => $value) {
             if ($key == 'permissions') {
-                if ((!$user->authorise('core.admin', $component->option) || !$user->authorise('core.options.permission', $component->option))
-                    && isset($this->fieldsets['permissions'])) {
+                if (
+                    (!$user->authorise('core.admin', $component->option) || !$user->authorise('core.options.permission', $component->option))
+                    && isset($this->fieldsets['permissions'])
+                ) {
                     unset($this->fieldsets['permissions']);
                 }
             } else {

From 7285ec25cd85833ea89daa37ebd2536ee1cecd02 Mon Sep 17 00:00:00 2001
From: MarkRS-UK <mark@stantoncentral.co.uk>
Date: Tue, 29 Aug 2023 16:00:01 +0100
Subject: [PATCH 11/14] Update ComponentModel.php

---
 .../com_config/src/Model/ComponentModel.php         | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/administrator/components/com_config/src/Model/ComponentModel.php b/administrator/components/com_config/src/Model/ComponentModel.php
index 372c6e9f03b73..a23b289060511 100644
--- a/administrator/components/com_config/src/Model/ComponentModel.php
+++ b/administrator/components/com_config/src/Model/ComponentModel.php
@@ -160,11 +160,12 @@ public function save($data)
         $context    = $this->option . '.' . $this->name;
         PluginHelper::importPlugin('extension');
 
-        // Check super user group.
+        // Check super user group and individual preference tab access
         if (isset($data['params']) && !$this->getCurrentUser()->authorise('core.admin')) {
             $form = $this->getForm([], false);
 
             foreach ($form->getFieldsets() as $fieldset) {
+                $hasAccess = $this->getCurrentUser()->authorise("core.options.$fieldset");
                 foreach ($form->getFieldset($fieldset->name) as $field) {
                     if (
                         $field->type === 'UserGroupList' && isset($data['params'][$field->fieldname])
@@ -173,6 +174,9 @@ public function save($data)
                     ) {
                         throw new \RuntimeException(Text::_('JLIB_APPLICATION_ERROR_SAVE_NOT_PERMITTED'));
                     }
+                    if (!$hasAccess && isset($data['params'][$field->fieldname])) {
+                        unset($data['params'][$field->fieldname]);
+                    }
                 }
             }
         }
@@ -212,6 +216,13 @@ public function save($data)
 
         unset($data['id']);
 
+        // If the user only has access to a subset of preferences, 
+        // merge these with the full preference set
+        $previous = (array)\json_decode($table->params);
+        if (\count($data['params'], COUNT_RECURSIVE) != \count($previous, COUNT_RECURSIVE)) {
+            $data['params'] = \array_merge($previous, $data['params']);
+        }
+
         // Bind the data.
         if (!$table->bind($data)) {
             throw new \RuntimeException($table->getError());

From a0fd5ecc8df7e3c3b43049cf58e869c576040617 Mon Sep 17 00:00:00 2001
From: MarkRS-UK <mark@stantoncentral.co.uk>
Date: Tue, 29 Aug 2023 17:46:27 +0100
Subject: [PATCH 12/14] Update ComponentModel.php

---
 .../components/com_config/src/Model/ComponentModel.php          | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/administrator/components/com_config/src/Model/ComponentModel.php b/administrator/components/com_config/src/Model/ComponentModel.php
index a23b289060511..b8125d5c58632 100644
--- a/administrator/components/com_config/src/Model/ComponentModel.php
+++ b/administrator/components/com_config/src/Model/ComponentModel.php
@@ -216,7 +216,7 @@ public function save($data)
 
         unset($data['id']);
 
-        // If the user only has access to a subset of preferences, 
+        // If the user only has access to a subset of preferences,
         // merge these with the full preference set
         $previous = (array)\json_decode($table->params);
         if (\count($data['params'], COUNT_RECURSIVE) != \count($previous, COUNT_RECURSIVE)) {

From 2fe9b183732958f365bce785965ec632b13a0145 Mon Sep 17 00:00:00 2001
From: MarkRS-UK <mark@stantoncentral.co.uk>
Date: Mon, 4 Sep 2023 11:54:54 +0100
Subject: [PATCH 13/14] Update
 administrator/components/com_config/src/View/Component/HtmlView.php

Co-authored-by: Quy <quy@nomonkeybiz.com>
---
 .../components/com_config/src/View/Component/HtmlView.php       | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/administrator/components/com_config/src/View/Component/HtmlView.php b/administrator/components/com_config/src/View/Component/HtmlView.php
index 210e271d8537e..1c04c8931e5fd 100644
--- a/administrator/components/com_config/src/View/Component/HtmlView.php
+++ b/administrator/components/com_config/src/View/Component/HtmlView.php
@@ -84,7 +84,7 @@ public function display($tpl = null)
 
         // Remove unauthorised preference tabs.
         foreach ($this->fieldsets as $key => $value) {
-            if ($key == 'permissions') {
+            if ($key === 'permissions') {
                 if (
                     (!$user->authorise('core.admin', $component->option) || !$user->authorise('core.options.permission', $component->option))
                     && isset($this->fieldsets['permissions'])

From e9adbe5d0f830247d4a866186a41dd6d6c1a27e8 Mon Sep 17 00:00:00 2001
From: Richard Fath <richard67@users.noreply.github.com>
Date: Sun, 15 Sep 2024 14:23:52 +0200
Subject: [PATCH 14/14] Fix PHPCS

---
 .../components/com_config/src/Model/ComponentModel.php        | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/administrator/components/com_config/src/Model/ComponentModel.php b/administrator/components/com_config/src/Model/ComponentModel.php
index 634149a2c2111..3fc3691d3b383 100644
--- a/administrator/components/com_config/src/Model/ComponentModel.php
+++ b/administrator/components/com_config/src/Model/ComponentModel.php
@@ -218,9 +218,9 @@ public function save($data)
 
         // If the user only has access to a subset of preferences,
         // merge these with the full preference set
-        $previous = (array)\json_decode($table->params);
+        $previous = (array)json_decode($table->params);
         if (\count($data['params'], COUNT_RECURSIVE) != \count($previous, COUNT_RECURSIVE)) {
-            $data['params'] = \array_merge($previous, $data['params']);
+            $data['params'] = array_merge($previous, $data['params']);
         }
 
         // Bind the data.