Bitrix-D7
23.9
Загрузка...
Поиск...
Не найдено
AccessService.php
1
<?php
2
3
namespace
Bitrix\Lists\Api\Service
;
4
5
use
Bitrix\Lists\Api\Response\CheckPermissionsResponse
;
6
use
Bitrix\Lists\Security\ElementRight
;
7
use
Bitrix\Lists\Security\IblockRight
;
8
use
Bitrix\Lists\Security\Right
;
9
use
Bitrix\Lists\Security\RightParam
;
10
use
Bitrix\Lists\Service\Param
;
11
use
Bitrix\Main\ArgumentException
;
12
use
Bitrix\Main\Error
;
13
use
Bitrix\Main\Localization\Loc
;
14
15
class
AccessService
16
{
17
protected
string
$iBlockTypeId
;
18
protected
int
$iBlockId
= 0;
19
protected
int
$socNetGroupId
= 0;
20
protected
int
$userId
;
21
protected
bool
$isCurrentUser
=
false
;
22
26
public
function
__construct
(
int
$userId
,
Param
$param)
27
{
28
$param->
checkRequiredInputParams
([
'IBLOCK_TYPE_ID'
,
'IBLOCK_ID'
,
'SOCNET_GROUP_ID'
]);
29
if
($param->hasErrors())
30
{
31
$firstError = $param->
getErrors
()[0];
32
33
throw
new
ArgumentException
($firstError->getMessage());
34
}
35
36
$paramValues = $param->
getParams
();
37
$this->iBlockTypeId = (string)$paramValues[
'IBLOCK_TYPE_ID'
];
38
if
((
int
)$paramValues[
'IBLOCK_ID'
] > 0)
39
{
40
$this->iBlockId = (int)$paramValues[
'IBLOCK_ID'
];
41
}
42
if
((
int
)$paramValues[
'SOCNET_GROUP_ID'
] > 0)
43
{
44
$this->socNetGroupId = (int)$paramValues[
'SOCNET_GROUP_ID'
];
45
}
46
47
$this->userId =
$userId
;
48
GLOBAL $USER;
49
if
(
$userId
> 0 &&
$userId
=== (
int
)$USER->GetID())
50
{
51
$this->isCurrentUser =
true
;
52
}
53
}
54
58
public
function
getUserId
(): int
59
{
60
return
$this->userId
;
61
}
62
66
public
function
checkPermissions
():
CheckPermissionsResponse
67
{
68
$response =
new
CheckPermissionsResponse
();
69
if
($this->userId === 0 || !$this->isCurrentUser)
70
{
71
return
$response->addError(static::getNotSupportedUserIdError());
72
}
73
74
GLOBAL $USER;
75
$param =
new
Param
([
76
'IBLOCK_TYPE_ID'
=> $this->iBlockTypeId,
77
'IBLOCK_ID'
=> $this->iBlockId > 0 ? $this->iBlockId :
false
,
78
'SOCNET_GROUP_ID'
=>
$this->socNetGroupId
,
79
]);
80
$rightParam =
new
RightParam
($param);
81
$rightParam->setUser($USER);
82
83
$right =
new
Right
($rightParam,
new
IblockRight
($rightParam));
84
85
$response
86
->setRightParam($rightParam)
87
->setPermission($right->getPermission())
88
;
89
90
if
(!$right->checkPermission())
91
{
92
$response->addErrors($right->getErrors());
93
}
94
95
return
$response;
96
}
97
105
public
function
checkElementPermission
(
106
int
$elementId = 0,
107
int
$sectionId = 0,
108
string
$entityMethod =
null
,
109
int
$iBlockId
=
null
,
110
):
CheckPermissionsResponse
111
{
112
$response =
new
CheckPermissionsResponse
();
113
if
($this->userId === 0 || !$this->isCurrentUser)
114
{
115
return
$response->addError(static::getNotSupportedUserIdError());
116
}
117
118
$iBlockId
= ((int)
$iBlockId
> 0) ? (int)
$iBlockId
:
$this->iBlockId
;
119
120
GLOBAL $USER;
121
$param =
new
Param
([
122
'IBLOCK_TYPE_ID'
=> $this->iBlockTypeId,
123
'IBLOCK_ID'
=>
$iBlockId
> 0 ?
$iBlockId
:
false
,
124
'SOCNET_GROUP_ID'
=>
$this->socNetGroupId
,
125
]);
126
$rightParam =
new
RightParam
($param);
127
$rightParam->setUser($USER);
128
$rightParam->setEntityId($elementId);
129
$rightParam->setSectionId(max($sectionId, 0));
130
131
$elementRight =
new
ElementRight
($rightParam);
132
$right =
new
Right
($rightParam, $elementRight);
133
134
$response
135
->setRightParam($rightParam)
136
->setElementRight($elementRight)
137
->setPermission($right->getPermission())
138
;
139
140
if
(!$right->checkPermission($entityMethod ??
''
))
141
{
142
$response->addErrors($right->getErrors());
143
}
144
145
return
$response;
146
}
147
153
public
function
checkIBlockPermission
(
int
$iBlockId
=
null
,
string
$entityMethod =
null
):
CheckPermissionsResponse
154
{
155
$response =
new
CheckPermissionsResponse
();
156
if
($this->userId === 0 || !$this->isCurrentUser)
157
{
158
return
$response->addError(static::getNotSupportedUserIdError());
159
}
160
161
$iBlockId
=
$iBlockId
??
$this->iBlockId
;
162
163
GLOBAL $USER;
164
$param =
new
Param
([
165
'IBLOCK_TYPE_ID'
=> $this->iBlockTypeId,
166
'IBLOCK_ID'
=>
$iBlockId
> 0 ?
$iBlockId
:
false
,
167
'SOCNET_GROUP_ID'
=>
$this->socNetGroupId
,
168
]);
169
$rightParam =
new
RightParam
($param);
170
$rightParam->setUser($USER);
171
172
$iBlockRight =
new
IblockRight
($rightParam);
173
$right =
new
Right
($rightParam, $iBlockRight);
174
175
$response
176
->setRightParam($rightParam)
177
->setIBlockRight($iBlockRight)
178
->setPermission($right->getPermission())
179
;
180
181
if
(!$right->checkPermission($entityMethod ??
''
))
182
{
183
$response->addErrors($right->getErrors());
184
}
185
186
return
$response;
187
}
188
193
public
function
checkIBlockTypePermission
(
string
$iBlockTypeId
=
null
):
CheckPermissionsResponse
194
{
195
$response =
new
CheckPermissionsResponse
();
196
if
($this->userId === 0 || !$this->isCurrentUser)
197
{
198
return
$response->addError(static::getNotSupportedUserIdError());
199
}
200
201
$iBlockTypeId
=
$iBlockTypeId
??
$this->iBlockTypeId
;
202
203
GLOBAL $USER;
204
$param =
new
Param
([
205
'IBLOCK_TYPE_ID'
=>
$iBlockTypeId
,
206
'IBLOCK_ID'
=>
false
,
207
'SOCNET_GROUP_ID'
=> $this->socNetGroupId,
208
]);
209
$rightParam =
new
RightParam
($param);
210
$rightParam->setUser($USER);
211
212
$right =
new
Right
($rightParam,
new
IblockRight
($rightParam));
// any RightEntity
213
214
$response
215
->setRightParam($rightParam)
216
->setPermission($right->getPermission())
217
;
218
219
if
(!$right->checkPermission())
220
{
221
$response->addErrors($right->getErrors());
222
}
223
224
return
$response;
225
}
226
231
public
function
isAccessDeniedPermission
(
string
|
int
$permission): bool
232
{
233
return
$permission <= \CListPermissions::ACCESS_DENIED;
234
}
235
240
public
function
isAdminPermission
(
string
|
int
$permission): bool
241
{
242
return
$permission >= \CListPermissions::IS_ADMIN;
243
}
244
249
public
function
isCanReadPermission
(
string
|
int
$permission): bool
250
{
251
return
$permission >= \CListPermissions::CAN_READ;
252
}
253
257
public
static
function
getAccessDeniedError
():
Error
258
{
259
return
new
Error
(
Loc::getMessage
(
'LISTS_LIB_API_ACCESS_SERVICE_ERROR_ACCESS_DENIED'
));
260
}
261
265
protected
static
function
getNotSupportedUserIdError
():
Error
266
{
267
return
new
Error
(
Loc::getMessage
(
'LISTS_LIB_API_ACCESS_SERVICE_ERROR_NOT_SUPPORTED_USER_ID'
));
268
}
269
}
Bitrix\Lists\Api\Response\CheckPermissionsResponse
Definition
CheckPermissionsResponse.php:10
Bitrix\Lists\Api\Service\AccessService
Definition
AccessService.php:16
Bitrix\Lists\Api\Service\AccessService\getUserId
getUserId()
Definition
AccessService.php:58
Bitrix\Lists\Api\Service\AccessService\checkPermissions
checkPermissions()
Definition
AccessService.php:66
Bitrix\Lists\Api\Service\AccessService\getAccessDeniedError
static getAccessDeniedError()
Definition
AccessService.php:257
Bitrix\Lists\Api\Service\AccessService\$iBlockId
int $iBlockId
Definition
AccessService.php:18
Bitrix\Lists\Api\Service\AccessService\isAdminPermission
isAdminPermission(string|int $permission)
Definition
AccessService.php:240
Bitrix\Lists\Api\Service\AccessService\$userId
int $userId
Definition
AccessService.php:20
Bitrix\Lists\Api\Service\AccessService\getNotSupportedUserIdError
static getNotSupportedUserIdError()
Definition
AccessService.php:265
Bitrix\Lists\Api\Service\AccessService\__construct
__construct(int $userId, Param $param)
Definition
AccessService.php:26
Bitrix\Lists\Api\Service\AccessService\isCanReadPermission
isCanReadPermission(string|int $permission)
Definition
AccessService.php:249
Bitrix\Lists\Api\Service\AccessService\checkIBlockPermission
checkIBlockPermission(int $iBlockId=null, string $entityMethod=null)
Definition
AccessService.php:153
Bitrix\Lists\Api\Service\AccessService\isAccessDeniedPermission
isAccessDeniedPermission(string|int $permission)
Definition
AccessService.php:231
Bitrix\Lists\Api\Service\AccessService\checkIBlockTypePermission
checkIBlockTypePermission(string $iBlockTypeId=null)
Definition
AccessService.php:193
Bitrix\Lists\Api\Service\AccessService\$socNetGroupId
int $socNetGroupId
Definition
AccessService.php:19
Bitrix\Lists\Api\Service\AccessService\checkElementPermission
checkElementPermission(int $elementId=0, int $sectionId=0, string $entityMethod=null, int $iBlockId=null,)
Definition
AccessService.php:105
Bitrix\Lists\Api\Service\AccessService\$isCurrentUser
bool $isCurrentUser
Definition
AccessService.php:21
Bitrix\Lists\Api\Service\AccessService\$iBlockTypeId
string $iBlockTypeId
Definition
AccessService.php:17
Bitrix\Lists\Security\ElementRight
Definition
elementright.php:11
Bitrix\Lists\Security\IblockRight
Definition
iblockright.php:10
Bitrix\Lists\Security\Right
Definition
right.php:11
Bitrix\Lists\Security\RightParam
Definition
rightparam.php:11
Bitrix\Lists\Service\Param
Definition
param.php:10
Bitrix\Lists\Service\Param\checkRequiredInputParams
checkRequiredInputParams(array $requiredInputParams)
Definition
param.php:39
Bitrix\Lists\Service\Param\getParams
getParams()
Definition
param.php:70
Bitrix\Main\ArgumentException
Definition
exception.php:34
Bitrix\Main\Error
Definition
error.php:14
Bitrix\Main\Localization\Loc
Definition
loc.php:11
Bitrix\Main\Localization\Loc\getMessage
static getMessage($code, $replace=null, $language=null)
Definition
loc.php:29
Bitrix\Main\Errorable\getErrors
getErrors()
Bitrix\Lists\Api\Service
Definition
AccessService.php:3
modules
lists
lib
Api
Service
AccessService.php
Создано системой
1.10.0
1.10.0