1C-Bitrix 25.700.0
Загрузка...
Поиск...
Не найдено
PermissionConfig.php
См. документацию.
1<?php
2
3namespace Bitrix\Catalog\Access\Component;
4
5use Bitrix\Catalog\Access\Component\PermissionConfig\RoleMembersInfo;
6use Bitrix\Catalog\Access\Permission\PermissionDictionary;
7use Bitrix\Catalog\Access\Permission\PermissionTable;
8use Bitrix\Catalog\Access\Permission\PermissionArticles;
9use Bitrix\Catalog\Store\EnableWizard\Manager;
10use Bitrix\Catalog\Store\EnableWizard\ModeList;
11use Bitrix\Catalog\StoreDocumentTable;
12use Bitrix\Main\Loader;
13use Bitrix\Main\Localization\Loc;
14use Bitrix\Catalog\Access\Role\RoleUtil;
15use Bitrix\Catalog\Access\Role\RoleDictionary;
16use Bitrix\Catalog\Config\State;
17use Bitrix\Main\ModuleManager;
18use Bitrix\Main\SystemException;
19
20Loc::loadMessages(__FILE__);
21
22class PermissionConfig
23{
24 public const SECTION_CATALOG = 'SECTION_CATALOG';
25 public const SECTION_CATALOG_SETTINGS = 'SECTION_CATALOG_SETTINGS';
26 public const SECTION_INVENTORY_MANAGMENT = 'SECTION_INVENTORY_MANAGMENT';
27 public const SECTION_SETTINGS = 'SECTION_SETTINGS';
28 public const SECTION_RESERVATION = 'SECTION_RESERVATION';
29 public const SECTION_STORE_DOCUMENT_ARRIVAL = 'SECTION_STORE_DOCUMENT_ARRIVAL';
30 public const SECTION_STORE_DOCUMENT_STORE_ADJUSTMENT = 'SECTION_STORE_DOCUMENT_STORE_ADJUSTMENT';
31 public const SECTION_STORE_DOCUMENT_MOVING = 'SECTION_STORE_DOCUMENT_MOVING';
32 public const SECTION_STORE_DOCUMENT_DEDUCT = 'SECTION_STORE_DOCUMENT_DEDUCT';
33 public const SECTION_STORE_DOCUMENT_SALES_ORDER = 'SECTION_STORE_DOCUMENT_SALES_ORDER';
34
40 public function getAccessRights(): array
41 {
42 if (State::isUsedInventoryManagement())
43 {
44 if (Manager::getCurrentMode() === ModeList::B24)
45 {
46 return $this->getAccessRightsWithInventoryManagement();
47 }
48 elseif (Manager::getCurrentMode() === ModeList::ONEC && State::isExternalCatalog())
49 {
50 return $this->getAccessRightsWithExternalCatalog();
51 }
52 }
53
54 if (State::isExternalCatalog())
55 {
56 throw new SystemException('Standalone catalog is not supported');
57 }
58
59 return $this->getAccessRightsGeneral();
60 }
61
67 private function getAccessRightsWithInventoryManagement(): array
68 {
69 $res = [];
70
71 $sections = $this->getSections(true);
72 $storeDocumentsMap = $this->getStoreDocumentSectionCodesMap();
73 foreach ($sections as $sectionName => $permissions)
74 {
75 $isStoreSectionName = isset($storeDocumentsMap[$sectionName]);
76 $rights = [];
77 foreach ($permissions as $permissionId)
78 {
79 if ($isStoreSectionName)
80 {
81 [$permissionId, $documentId] = explode('_', $permissionId);
82 $rights[] = PermissionDictionary::getStoreDocumentPermission($permissionId, $documentId);
83 }
84 else
85 {
86 $rights[] = PermissionDictionary::getPermission($permissionId);
87 }
88 }
89
90 $res[] = [
91 'sectionCode' => $sectionName,
92 'sectionTitle' => Loc::getMessage('CATALOG_CONFIG_PERMISSIONS_' . $sectionName) ?? $sectionName,
93 'sectionHint' => Loc::getMessage('HINT_CATALOG_CONFIG_PERMISSIONS_' . $sectionName),
94 'rights' => $rights
95 ];
96 }
97
98 $res = $this->appendArticleLinks($res);
99
100 return $res;
101 }
102
108 private function getAccessRightsWithExternalCatalog(): array
109 {
110 $res = [];
111
112 $sections = $this->getSectionsForExternalCatalog();
113 $realizationSection = [
114 self::SECTION_STORE_DOCUMENT_SALES_ORDER => StoreDocumentTable::TYPE_SALES_ORDERS,
115 ];
116 foreach ($sections as $sectionName => $permissions)
117 {
118 $isStoreSectionName = isset($realizationSection[$sectionName]);
119 $rights = [];
120 foreach ($permissions as $permissionId)
121 {
122 if ($isStoreSectionName)
123 {
124 [$permissionId, $documentId] = explode('_', $permissionId);
125 $rights[] = PermissionDictionary::getStoreDocumentPermission($permissionId, $documentId);
126 }
127 else
128 {
129 $rights[] = PermissionDictionary::getPermission($permissionId);
130 }
131 }
132
133 $res[] = [
134 'sectionCode' => $sectionName,
135 'sectionTitle' => Loc::getMessage('CATALOG_CONFIG_PERMISSIONS_' . $sectionName) ?? $sectionName,
136 'sectionHint' => Loc::getMessage('HINT_CATALOG_CONFIG_PERMISSIONS_' . $sectionName),
137 'rights' => $rights
138 ];
139 }
140
141 $res = $this->appendArticleLinks($res);
142
143 return $res;
144 }
145
153 private function appendArticleLinks(array $res): array
154 {
155 $articles = new PermissionArticles();
156
157 foreach ($res as $i => $info)
158 {
159 if (isset($info['sectionHint']))
160 {
161 $articleLink = $articles->getSectionArticleLink($info['sectionCode']);
162 if ($articleLink)
163 {
164 $res[$i]['sectionHint'] .= " {$articleLink}";
165 }
166 }
167
168 foreach ($info['rights'] as $z => $right)
169 {
170 $permissionId = $right['id'];
171
172 if (isset($right['hint']))
173 {
174 $articleLink = $articles->getPermissionArticleLink($permissionId);
175 if ($articleLink)
176 {
177 $res[$i]['rights'][$z]['hint'] .= " {$articleLink}";
178 }
179 }
180 }
181 }
182
183 return $res;
184 }
185
191 private function getAccessRightsGeneral(): array
192 {
193 $res = [];
194
195 $sections = $this->getSections(false);
196 foreach ($sections as $sectionName => $permissions)
197 {
198 $rights = [];
199 foreach ($permissions as $permissionId)
200 {
201 $rights[] = PermissionDictionary::getPermission($permissionId);
202 }
203
204 $res[] = [
205 'sectionTitle' => Loc::getMessage('CATALOG_CONFIG_PERMISSIONS_' . $sectionName) ?? $sectionName,
206 'rights' => $rights
207 ];
208 }
209
210 return $res;
211 }
212
218 public function getUserGroups(): array
219 {
220 $list = RoleUtil::getRoles();
221
222 $members = $this->getRoleMembersMap();
223 $accessRights = $this->getRoleAccessRightsMap();
224
225 $roles = [];
226 foreach ($list as $row)
227 {
228 $roleId = (int) $row['ID'];
229
230 $roles[] = [
231 'id' => $roleId,
232 'title' => RoleDictionary::getRoleName($row['NAME']),
233 'accessRights' => $accessRights[$roleId] ?? [],
234 'members' => $members[$roleId] ?? [],
235 ];
236 }
237
238 return $roles;
239 }
240
248 private function getSections(bool $withInventoryManagmentSections): array
249 {
250 $sections = [
251 self::SECTION_CATALOG => $this->getCommonCatalogSection(),
252 ];
253
254 if ($withInventoryManagmentSections)
255 {
256 $sections[self::SECTION_INVENTORY_MANAGMENT] = [
257 PermissionDictionary::CATALOG_INVENTORY_MANAGEMENT_ACCESS,
258 PermissionDictionary::CATALOG_STORE_MODIFY,
259 PermissionDictionary::CATALOG_STORE_VIEW,
260 ];
261
262 if (Loader::includeModule('report'))
263 {
264 $sections[self::SECTION_INVENTORY_MANAGMENT][] = PermissionDictionary::CATALOG_STORE_ANALYTIC_VIEW;
265 }
266 $sections[self::SECTION_INVENTORY_MANAGMENT][] = PermissionDictionary::CATALOG_SETTINGS_STORE_DOCUMENT_CARD_EDIT;
267
268 foreach ($this->getStoreDocumentSectionCodesMap() as $code => $typeId)
269 {
270 $sections[$code] = $this->getStoreDocumentsSectionPermissions($typeId);
271 }
272
273 $reservationSection = $this->getReservationSection();
274 if ($reservationSection)
275 {
276 $sections[self::SECTION_RESERVATION] = $reservationSection;
277 }
278 }
279
280 $sections[self::SECTION_CATALOG_SETTINGS] = $this->getCatalogSettingsSection();
281 $sections[self::SECTION_SETTINGS] = [
282 PermissionDictionary::CATALOG_SETTINGS_ACCESS,
283 PermissionDictionary::CATALOG_SETTINGS_EDIT_RIGHTS,
284 PermissionDictionary::CATALOG_SETTINGS_SELL_NEGATIVE_COMMODITIES,
285 ];
286
287 if ($withInventoryManagmentSections)
288 {
289 $sections[self::SECTION_RESERVATION][] = PermissionDictionary::CATALOG_RESERVE_SETTINGS;
290 }
291
292 return $sections;
293 }
294
295 private function getSectionsForExternalCatalog(): array
296 {
297 $sections = [
298 self::SECTION_CATALOG => $this->getCommonCatalogSectionForExternalCatalog(),
299 ];
300
301 $sections[self::SECTION_INVENTORY_MANAGMENT] = [
302 PermissionDictionary::CATALOG_STORE_VIEW,
303 ];
304
305 $sections[self::SECTION_INVENTORY_MANAGMENT][] = PermissionDictionary::CATALOG_SETTINGS_STORE_DOCUMENT_CARD_EDIT;
306
307 $sections[self::SECTION_STORE_DOCUMENT_SALES_ORDER] = $this->getStoreDocumentsSectionPermissions(StoreDocumentTable::TYPE_SALES_ORDERS);
308
309 $reservationSection = $this->getReservationSection();
310 if ($reservationSection)
311 {
312 $sections[self::SECTION_RESERVATION] = $reservationSection;
313 }
314
315 $sections[self::SECTION_CATALOG_SETTINGS] = $this->getCatalogSettingsSectionForExternalCatalog();
316 $sections[self::SECTION_SETTINGS] = [
317 PermissionDictionary::CATALOG_SETTINGS_ACCESS,
318 PermissionDictionary::CATALOG_SETTINGS_EDIT_RIGHTS,
319 PermissionDictionary::CATALOG_SETTINGS_SELL_NEGATIVE_COMMODITIES,
320 ];
321
322 $sections[self::SECTION_RESERVATION][] = PermissionDictionary::CATALOG_RESERVE_SETTINGS;
323
324 return $sections;
325 }
326
327 private function getReservationSection(): array
328 {
329 $result = [];
330
331 if (Loader::includeModule('crm'))
332 {
333 $result[] = PermissionDictionary::CATALOG_RESERVE_DEAL;
334 }
335
336 // TODO: now - not used, maybe in future.
337 //$result[] = PermissionDictionary::CATALOG_STORE_RESERVE;
338
339 return $result;
340 }
341
342 private function getCommonCatalogSection(): array
343 {
344 $result = [
345 PermissionDictionary::CATALOG_PRODUCT_READ,
346 PermissionDictionary::CATALOG_PRODUCT_PURCHASING_PRICE_VIEW,
347 PermissionDictionary::CATALOG_PRODUCT_ADD,
348 PermissionDictionary::CATALOG_PRODUCT_EDIT,
349 PermissionDictionary::CATALOG_PRODUCT_DELETE,
350 PermissionDictionary::CATALOG_PRODUCT_EDIT_CATALOG_PRICE,
351 PermissionDictionary::CATALOG_PRODUCT_EDIT_ENTITY_PRICE,
352 PermissionDictionary::CATALOG_PRODUCT_SET_DISCOUNT,
353 ];
354
355 if (Loader::includeModule('bitrix24'))
356 {
357 $result[] = PermissionDictionary::CATALOG_PRODUCT_PUBLIC_VISIBILITY;
358 }
359
360 $result[] = PermissionDictionary::CATALOG_IMPORT_EXECUTION;
361 $result[] = PermissionDictionary::CATALOG_EXPORT_EXECUTION;
362
363 return $result;
364 }
365
366 private function getCommonCatalogSectionForExternalCatalog(): array
367 {
368 return [
369 PermissionDictionary::CATALOG_PRODUCT_PURCHASING_PRICE_VIEW,
370 PermissionDictionary::CATALOG_PRODUCT_EDIT_ENTITY_PRICE,
371 PermissionDictionary::CATALOG_PRODUCT_SET_DISCOUNT,
372 ];
373 }
374
375 private function getCatalogSettingsSection(): array
376 {
377 $result = [
378 PermissionDictionary::CATALOG_SETTINGS_PRODUCT_CARD_EDIT,
379 PermissionDictionary::CATALOG_SETTINGS_PRODUCT_CARD_SET_PROFILE_FOR_USERS,
380 PermissionDictionary::CATALOG_VAT_MODIFY,
381 PermissionDictionary::CATALOG_MEASURE_MODIFY,
382 PermissionDictionary::CATALOG_PRICE_GROUP_MODIFY,
383 PermissionDictionary::CATALOG_PRODUCT_PRICE_EXTRA_EDIT,
384 ];
385
386 $onlyBox = !ModuleManager::isModuleInstalled('bitrix24');
387 if ($onlyBox)
388 {
389 array_push($result, ...[
390 PermissionDictionary::CATALOG_IMPORT_EDIT,
391 PermissionDictionary::CATALOG_EXPORT_EDIT,
392 ]);
393 }
394
395 return $result;
396 }
397
398 private function getCatalogSettingsSectionForExternalCatalog(): array
399 {
400 return [
401 PermissionDictionary::CATALOG_SETTINGS_PRODUCT_CARD_EDIT,
402 PermissionDictionary::CATALOG_SETTINGS_PRODUCT_CARD_SET_PROFILE_FOR_USERS,
403 ];
404 }
405
406 private function getStoreDocumentSectionCodesMap(): array
407 {
408 return [
409 self::SECTION_STORE_DOCUMENT_ARRIVAL => StoreDocumentTable::TYPE_ARRIVAL,
410 self::SECTION_STORE_DOCUMENT_STORE_ADJUSTMENT => StoreDocumentTable::TYPE_STORE_ADJUSTMENT,
411 self::SECTION_STORE_DOCUMENT_MOVING => StoreDocumentTable::TYPE_MOVING,
412 self::SECTION_STORE_DOCUMENT_DEDUCT => StoreDocumentTable::TYPE_DEDUCT,
413 self::SECTION_STORE_DOCUMENT_SALES_ORDER => StoreDocumentTable::TYPE_SALES_ORDERS,
414 ];
415 }
416
424 private function getStoreDocumentsSectionPermissions(string $typeId): array
425 {
426 if (Manager::isOnecMode())
427 {
428 $permissions = [
429 PermissionDictionary::CATALOG_STORE_DOCUMENT_VIEW,
430 PermissionDictionary::CATALOG_STORE_DOCUMENT_MODIFY,
431 PermissionDictionary::CATALOG_STORE_DOCUMENT_CONDUCT,
432 PermissionDictionary::CATALOG_STORE_DOCUMENT_DELETE,
433 ];
434 }
435 else
436 {
437 $permissions = [
438 PermissionDictionary::CATALOG_STORE_DOCUMENT_VIEW,
439 PermissionDictionary::CATALOG_STORE_DOCUMENT_MODIFY,
440 PermissionDictionary::CATALOG_STORE_DOCUMENT_CONDUCT,
441 PermissionDictionary::CATALOG_STORE_DOCUMENT_CANCEL,
442 PermissionDictionary::CATALOG_STORE_DOCUMENT_DELETE,
443 ];
444 }
445
446 $typesWithNag = [
447 StoreDocumentTable::TYPE_DEDUCT,
448 StoreDocumentTable::TYPE_MOVING,
449 //StoreDocumentTable::TYPE_SALES_ORDERS,
450 ];
451 if (in_array($typeId, $typesWithNag, true) && !State::isProductBatchMethodSelected())
452 {
453 $permissions[] = PermissionDictionary::CATALOG_STORE_DOCUMENT_ALLOW_NEGATION_PRODUCT_QUANTITY;
454 }
455
456 $result = [];
457 foreach ($permissions as $permission)
458 {
459 $result[] = "{$permission}_{$typeId}";
460 }
461
462 return $result;
463 }
464
470 private function getRoleMembersMap(): array
471 {
472 return (new RoleMembersInfo)->getMemberInfos();
473 }
474
480 private function getRoleAccessRightsMap(): array
481 {
482 $result = [];
483
484 $rows = PermissionTable::getList([
485 'select' => [
486 'ROLE_ID',
487 'PERMISSION_ID',
488 'VALUE',
489 ],
490 ]);
491 foreach ($rows as $row)
492 {
493 $roleId = $row['ROLE_ID'];
494
495 $result[$roleId][] = [
496 'id' => $row['PERMISSION_ID'],
497 'value' => $row['VALUE']
498 ];
499 }
500
501 return $result;
502 }
503
509 public function getInventoryManagementPermissions(): array
510 {
511 $result = [];
512
513 $sections = $this->getSections(false);
514 $sectionsWithInventoryManagment = $this->getSections(true);
515
516 foreach ($sectionsWithInventoryManagment as $code => $permissions)
517 {
518 $generalPermissions = $sections[$code] ?? null;
519 if (!isset($generalPermissions))
520 {
521 array_push($result, ... $permissions);
522 continue;
523 }
524
525
526 foreach ($permissions as $permissionId)
527 {
528 if (!in_array($permissionId, $generalPermissions, true))
529 {
530 $result[] = $permissionId;
531 }
532 }
533 }
534
535 return $result;
536 }
537}
Bitrix\Main\Access\Role\RoleUtil\getRoles
static getRoles()
Определения roleutil.php:33
Bitrix\Main\Loader
Определения loader.php:13
Bitrix\Main\ORM\Data\DataManager\getList
static getList(array $parameters=array())
Определения datamanager.php:431
$right
$right
Определения options.php:8
array
</td ></tr ></table ></td ></tr >< tr >< td class="bx-popup-label bx-width30"><?=GetMessage("PAGE_NEW_TAGS")?> array( $site)
Определения file_new.php:804
$res
$res
Определения filter_act.php:7
$result
$result
Определения get_property_values.php:14
$code
if(!is_null($config))($config as $configItem)(! $configItem->isVisible()) $code
Определения options.php:195
$z
$z
Определения options.php:31
$info
if($NS['step']==6) if( $NS[ 'step']==7) if(COption::GetOptionInt('main', 'disk_space', 0) > 0) $info
Определения backup.php:924
elseif
if( $daysToExpire >=0 &&$daysToExpire< 60 elseif)( $daysToExpire< 0)
Определения prolog_main_admin.php:393
$i
$i
Определения factura.php:643
$rows
$rows
Определения options.php:264
$rights
$rights
Определения options.php:4