1C-Bitrix 25.700.0
Загрузка...
Поиск...
Не найдено
iblock_rights.php
См. документацию.
1<?php
2
3use Bitrix\Main;
4use Bitrix\Iblock;
5
6class CIBlockRights
7{
8 public const GROUP_CODE = 1;
9 public const RIGHT_ID = 2;
10 public const TASK_ID = 3;
11
12 public const ANY_OPERATION = 1;
13 public const ALL_OPERATIONS = 2;
14 public const RETURN_OPERATIONS = 4;
15
17 public const PUBLIC_READ = 'R';
19 public const EDIT_ACCESS = 'W';
21 public const FULL_ACCESS = 'X';
22
23 protected $IBLOCK_ID = 0;
24 protected $id = 0;
25 protected static $arLetterToTask = null;
26 protected static $arLetterToOperations = null;
27
28 function __construct($IBLOCK_ID)
29 {
30 $this->IBLOCK_ID = (int)$IBLOCK_ID;
31 $this->id = $this->IBLOCK_ID;
32 }
33
34 function GetIBlockID()
35 {
36 return $this->IBLOCK_ID;
37 }
38
39 function GetID()
40 {
41 return $this->id;
42 }
43
44 function _entity_type()
45 {
46 return "iblock";
47 }
48
49 function _self_check()
50 {
51 return $this->IBLOCK_ID == $this->id;
52 }
53
54 public static function Post2Array($ar)
55 {
56 $arRights = array();
57 $RIGHT_ID = "";
58 $i = 0;
59 if (!empty($ar) && is_array($ar))
60 {
61 foreach ($ar as $arRight)
62 {
63 if (isset($arRight["RIGHT_ID"]))
64 {
65 if ($arRight["RIGHT_ID"] <> '')
66 $RIGHT_ID = $arRight["RIGHT_ID"];
67 else
68 $RIGHT_ID = "n".$i++;
69
70 $arRights[$RIGHT_ID] = array(
71 "GROUP_CODE" => "",
72 "DO_CLEAN" => "N",
73 "TASK_ID" => 0,
74 );
75 }
76 elseif (isset($arRight["GROUP_CODE"]))
77 {
78 $arRights[$RIGHT_ID]["GROUP_CODE"] = $arRight["GROUP_CODE"];
79 }
80 elseif (isset($arRight["DO_CLEAN"]))
81 {
82 $arRights[$RIGHT_ID]["DO_CLEAN"] = $arRight["DO_CLEAN"] == "Y" ? "Y" : "N";
83 }
84 elseif (isset($arRight["TASK_ID"]))
85 {
86 $arRights[$RIGHT_ID]["TASK_ID"] = $arRight["TASK_ID"];
87 }
88 }
89 }
90
91 foreach($arRights as $RIGHT_ID => $arRightSet)
92 {
93 if(mb_substr($RIGHT_ID, 0, 1) == "n")
94 {
95 if($arRightSet["GROUP_CODE"] == '')
96 unset($arRights[$RIGHT_ID]);
97 elseif($arRightSet["TASK_ID"] > 0)
98 {
99 //Mark inherited rights to overwrite
100 foreach($arRights as $RIGHT_ID2 => $arRightSet2)
101 {
102 if(
103 (int)$RIGHT_ID2 > 0
104 && $arRightSet2["GROUP_CODE"] === $arRightSet["GROUP_CODE"]
105 )
106 {
107 unset($arRights[$RIGHT_ID2]);
108 }
109 }
110 }
111 }
112 }
113
114 return $arRights;
115 }
116
117 private static function initTaskLetters()
118 {
119 if(!isset(self::$arLetterToTask))
120 {
121 $rs = CTask::GetList(
122 array("LETTER"=>"asc"),
123 array(
124 "MODULE_ID" => "iblock",
125 "BINDING" => "iblock",
126 "SYS" => "Y",
127 )
128 );
129 self::$arLetterToTask = array();
130 while($ar = $rs->Fetch())
131 self::$arLetterToTask[$ar["LETTER"]] = $ar["ID"];
132 }
133 }
134
135 static function LetterToTask($letter = '')
136 {
137 self::initTaskLetters();
138
139 if($letter == '')
140 return self::$arLetterToTask;
141 elseif(array_key_exists($letter, self::$arLetterToTask))
142 return self::$arLetterToTask[$letter];
143 else
144 return 0;
145 }
146
147 static function TaskToLetter($task = 0)
148 {
149 self::initTaskLetters();
150
151 if($task == 0)
152 return array_flip(self::$arLetterToTask);
153 else
154 return array_search($task, self::$arLetterToTask);
155 }
156
157 static function LetterToOperations($letter = '')
158 {
159 if(!isset(self::$arLetterToOperations))
160 {
161 self::$arLetterToOperations = array();
162 foreach(CIBlockRights::LetterToTask() as $l2 => $TASK_ID)
163 {
164 self::$arLetterToOperations[$l2] = array();
165 foreach(CTask::GetOperations($TASK_ID, true) as $op)
166 self::$arLetterToOperations[$l2][$op] = $op;
167 }
168 }
169
170 if($letter == '')
171 return self::$arLetterToOperations;
172 elseif(array_key_exists($letter, self::$arLetterToOperations))
173 return self::$arLetterToOperations[$letter];
174 else
175 return array();
176 }
177
178 function ConvertGroups($arGroups)
179 {
180 $i = 0;
181 $arRights = array();
182 foreach($arGroups as $GROUP_ID => $LETTER)
183 {
184 $TASK_ID = $this->LetterToTask($LETTER);
185 if($TASK_ID > 0)
186 $arRights["n".$i] = array(
187 "GROUP_CODE" => "G".$GROUP_ID,
188 "DO_INHERIT" => "Y",
189 "DO_CLEAN" => "N",
190 "TASK_ID" => $TASK_ID,
191 );
192 $i++;
193 }
194
195 return $arRights;
196 }
197
198 public static function GetRightsList($bTitle = true)
199 {
200 $arResult = array();
201
202 $rs = CTask::GetList(
203 array("LETTER"=>"asc"),
204 array(
205 "MODULE_ID" => "iblock",
206 )
207 );
208
209 while($ar = $rs->Fetch())
210 $arResult[$ar["ID"]] = $bTitle? $ar["TITLE"]: $ar["NAME"];
211
212 return $arResult;
213 }
214
215 function GetGroups($arOperations = false, $opMode = false)
216 {
217 $arResult = array();
218
219 $arRights = $this->GetRights(array("operations" => $arOperations, "operations_mode" => $opMode));
220 foreach($arRights as $arRight)
221 $arResult[$arRight["GROUP_CODE"]] = $arRight["GROUP_CODE"];
222
223 return $arResult;
224 }
225
226 function GetList($arFilter)
227 {
228 global $DB;
229
230 $obQueryWhere = new CSQLWhere;
231 $obQueryWhere->SetFields(array(
232 "IBLOCK_ID" => array(
233 "TABLE_ALIAS" => "BR",
234 "FIELD_NAME" => "BR.IBLOCK_ID",
235 "MULTIPLE" => "N",
236 "FIELD_TYPE" => "int",
237 "JOIN" => false,
238 ),
239 "ITEM_ID" => array(
240 "TABLE_ALIAS" => "BR",
241 "FIELD_NAME" => "BR.IBLOCK_ID",
242 "MULTIPLE" => "N",
243 "FIELD_TYPE" => "int",
244 "JOIN" => false,
245 ),
246 ));
247
248 $strWhere = $obQueryWhere->GetQuery($arFilter);
249
250 return $DB->Query("
251 SELECT
252 BR.IBLOCK_ID ITEM_ID
253 ,BR.ID RIGHT_ID
254 ,BR.GROUP_CODE
255 ,BR.TASK_ID
256 ,BR.DO_INHERIT
257 ,'N' IS_INHERITED
258 ,BR.XML_ID
259 FROM
260 b_iblock_right BR
261 ".($strWhere? "WHERE ".$strWhere: "")."
262 ORDER BY
263 BR.ID
264 ");
265 }
266
267 function GetRights($arOptions = array())
268 {
269 global $DB;
270 $arResult = array();
271
272 if(
273 !isset($arOptions["operations"])
274 || !is_array($arOptions["operations"])
275 || empty($arOptions["operations"])
276 )
277 {
278 $rs = $DB->Query("
279 SELECT
280 BR.ID
281 ,BR.GROUP_CODE
282 ,BR.TASK_ID
283 ,BR.DO_INHERIT
284 ,'N' IS_INHERITED
285 ,BR.XML_ID
286 ,BR.ENTITY_TYPE
287 ,BR.ENTITY_ID
288 FROM
289 b_iblock_right BR
290 WHERE
291 BR.IBLOCK_ID = ".$this->IBLOCK_ID."
292 AND BR.ENTITY_TYPE = 'iblock'
293 ORDER BY
294 BR.ID
295 ");
296 }
297 elseif(
298 isset($arOptions["operations_mode"])
299 && $arOptions["operations_mode"] == CIBlockRights::ALL_OPERATIONS
300 && count($arOptions["operations"]) > 1
301 )
302 {
303 $arOperations = array_map(array($DB, "ForSQL"), $arOptions["operations"]);
304 $rs = $DB->Query("
305 SELECT
306 BR.ID, BR.GROUP_CODE, BR.TASK_ID, BR.DO_INHERIT, 'N' IS_INHERITED, BR.XML_ID
307 FROM
308 b_iblock_right BR
309 INNER JOIN b_task_operation T ON T.TASK_ID = BR.TASK_ID
310 INNER JOIN b_operation O ON O.ID = T.OPERATION_ID
311 WHERE
312 BR.IBLOCK_ID = ".$this->IBLOCK_ID."
313 AND BR.ENTITY_TYPE = 'iblock'
314 AND O.NAME IN ('".implode("', '", $arOperations)."')
315 GROUP BY
316 BR.ID, BR.GROUP_CODE, BR.TASK_ID, BR.DO_INHERIT
317 HAVING
318 COUNT(DISTINCT O.ID) = ".count($arOperations)."
319 ORDER BY
320 BR.ID
321 ");
322 }
323 else//if($opMode == CIBlockRights::ANY_OPERATION)
324 {
325 $arOperations = array_map(array($DB, "ForSQL"), $arOptions["operations"]);
326 $rs = $DB->Query("
327 SELECT DISTINCT
328 BR.ID, BR.GROUP_CODE, BR.TASK_ID, BR.DO_INHERIT, 'N' IS_INHERITED, BR.XML_ID
329 FROM
330 b_iblock_right BR
331 INNER JOIN b_task_operation T ON T.TASK_ID = BR.TASK_ID
332 INNER JOIN b_operation O ON O.ID = T.OPERATION_ID
333 WHERE
334 BR.IBLOCK_ID = ".$this->IBLOCK_ID."
335 AND BR.ENTITY_TYPE = 'iblock'
336 AND O.NAME IN ('".implode("', '", $arOperations)."')
337 ORDER BY
338 BR.ID
339 ");
340 }
341
342 $obStorage = $this->_storage_object();
343 while($ar = $rs->Fetch())
344 {
345 $arResult[$ar["ID"]] = array(
346 "GROUP_CODE" => $ar["GROUP_CODE"],
347 "DO_INHERIT" => $ar["DO_INHERIT"],
348 "IS_INHERITED" => $ar["IS_INHERITED"],
349 "OVERWRITED" => isset($arOptions["count_overwrited"]) && $arOptions["count_overwrited"]? $obStorage->CountOverWrited($ar["GROUP_CODE"]): 0,
350 "TASK_ID" => $ar["TASK_ID"],
351 "XML_ID" => $ar["XML_ID"],
352 );
353 if(isset($ar["ENTITY_TYPE"]))
354 $arResult[$ar["ID"]]["ENTITY_TYPE"] = $ar["ENTITY_TYPE"];
355 if(isset($ar["ENTITY_ID"]))
356 $arResult[$ar["ID"]]["ENTITY_ID"] = $ar["ENTITY_ID"];
357 }
358
359 return $arResult;
360 }
361
362 function DeleteAllRights()
363 {
364 $stor = $this->_storage_object();
365 $stor->CleanUp(/*$bFull=*/true);
366 }
367
368 function Recalculate()
369 {
370 $stor = $this->_storage_object();
371 $stor->Recalculate();
372 }
373
374 function ChangeParents($arOldParents, $arNewParents)
375 {
376 $obStorage = $this->_storage_object();
377
378 foreach($arOldParents as $id)
379 {
380 $ob = $this->_get_parent_object($id);
381 if(is_object($ob))
382 {
383 $arRights = $ob->GetRights();
384 foreach($arRights as $RIGHT_ID => $arRight)
385 {
386 if($arRight["DO_INHERIT"] === "Y")
387 {
388 $obStorage->DeleteSelfSet($RIGHT_ID, CIBlockRights::RIGHT_ID);
389 $obStorage->DeleteChildrenSet($RIGHT_ID, CIBlockRights::RIGHT_ID);
390 }
391 }
392 }
393 }
394
395 $arOwnGroupCodes = array();
396 $arDBRights = $this->GetRights();
397 foreach($arDBRights as $RIGHT_ID => $arOwnRight)
398 $arOwnGroupCodes[$arOwnRight["GROUP_CODE"]] = $RIGHT_ID;
399
400 foreach($arNewParents as $id)
401 {
402 $ob = $this->_get_parent_object($id);
403 if(is_object($ob))
404 {
405 $arRights = $ob->GetRights();
406 foreach($arRights as $RIGHT_ID => $arRight)
407 {
408 if(
409 $arRight["DO_INHERIT"] === "Y"
410 && !array_key_exists($arRight["GROUP_CODE"], $arOwnGroupCodes)
411 )
412 {
413 $obStorage->_set_section($id);
414 $obStorage->AddSelfSet($RIGHT_ID, /*$bInherited=*/true);
415 $obStorage->AddChildrenSet($RIGHT_ID, $arRight["GROUP_CODE"], /*$bInherited=*/true);
416 }
417 }
418 }
419 }
420 }
421
422 function _get_parent_object($id)
423 {
424 if($id <= 0)
425 return new CIBlockRights($this->IBLOCK_ID);
426 else
427 return new CIBlockSectionRights($this->IBLOCK_ID, $id);
428 }
429
430 function SetRights($arRights)
431 {
432 if(!$this->_self_check())
433 return false;
434
435 $arDBRights = $this->GetRights();
436 $arTasks = $this->GetRightsList(false);
437
438 $arAddedCodes = array();
439 $arUniqCodes = array();
440 foreach($arRights as $RIGHT_ID => $arRightSet)
441 {
442 if($arRightSet["GROUP_CODE"] <> '')
443 {
444 if(isset($arUniqCodes[$arRightSet["GROUP_CODE"]]))
445 unset($arRights[$RIGHT_ID]);
446 else
447 $arUniqCodes[$arRightSet["GROUP_CODE"]] = true;
448 }
449 }
450
451 //Fix broken TASK_ID
452 foreach($arRights as $RIGHT_ID => $arRightSet)
453 {
454 if(
455 !is_array($arRightSet["TASK_ID"])
456 && !array_key_exists($arRightSet["TASK_ID"], $arTasks)
457 && array_key_exists($RIGHT_ID, $arDBRights)
458 )
459 $arRights[$RIGHT_ID]["TASK_ID"] = $arDBRights[$RIGHT_ID]["TASK_ID"];
460 }
461
462 $bCleanUp = false;
463 $obStorage = $this->_storage_object();
464 foreach($arRights as $RIGHT_ID => $arRightSet)
465 {
466 $ID = intval($RIGHT_ID);
467 $GROUP_CODE = $arRightSet["GROUP_CODE"];
468 $bInherit = true;//$arRightSet["DO_INHERIT"] == "Y";
469 $bChildrenSet = false;
470
471 if($GROUP_CODE == '' || is_array($arRightSet["TASK_ID"]))
472 continue;
473
474 if(!array_key_exists($arRightSet["TASK_ID"], $arTasks))
475 continue;
476
477 if(
478 array_key_exists($RIGHT_ID, $arDBRights)
479 && isset($arRightSet["DO_CLEAN"])
480 && $arRightSet["DO_CLEAN"] == "Y"
481 )
482 {
483 $obStorage->DeleteChildrenSet($GROUP_CODE, CIBlockRights::GROUP_CODE);
484 $bChildrenSet = true;
485 $bCleanUp = true;
486 }
487
488 if(mb_substr($RIGHT_ID, 0, 1) == "n")
489 {
490 $arAddedCodes[$GROUP_CODE] = $GROUP_CODE;
491 $NEW_RIGHT_ID = $this->_add(
492 $GROUP_CODE,
493 $bInherit,
494 $arRightSet["TASK_ID"],
495 $arRightSet["XML_ID"] ?? false
496 );
497
498 if(!isset($arRightSet["DO_CLEAN"]) || $arRightSet["DO_CLEAN"] !== "NOT")
499 $obStorage->DeleteSelfSet($GROUP_CODE, CIBlockRights::GROUP_CODE);
500 $obStorage->AddSelfSet($NEW_RIGHT_ID);
501
502 if(!isset($arRightSet["DO_CLEAN"]) || $arRightSet["DO_CLEAN"] !== "NOT")
503 $obStorage->DeleteChildrenSet($GROUP_CODE, CIBlockRights::GROUP_CODE);
504 if($bInherit)
505 $obStorage->AddChildrenSet($NEW_RIGHT_ID, $GROUP_CODE, /*$bInherited=*/true);
506 }
507 elseif(
508 array_key_exists($ID, $arDBRights)
509 && $arDBRights[$ID]["IS_INHERITED"] != "Y"
510 )
511 {
512 $this->_update($ID, $GROUP_CODE, $bInherit, $arRightSet["TASK_ID"]);
513
514 if ($bInherit && $bChildrenSet)
515 {
516 $obStorage->AddChildrenSet($ID, $GROUP_CODE, /*$bInherited=*/true);
517 }
518
519 unset($arDBRights[$ID]);
520 }
521 }
522
523 foreach($arDBRights as $RIGHT_ID => $arRightSet)
524 {
525 if($arRightSet["IS_INHERITED"] == "Y")
526 continue;
527
528 $obStorage->DeleteSelfSet($RIGHT_ID, CIBlockRights::RIGHT_ID);
529 if($arRightSet["DO_INHERIT"] == "Y")
530 $obStorage->DeleteChildrenSet($RIGHT_ID, CIBlockRights::RIGHT_ID);
531
532 $this->_delete($RIGHT_ID);
533
534 if(!isset($arAddedCodes[$arRightSet["GROUP_CODE"]]))
535 {
536 foreach($obStorage->FindParentWithInherit($arRightSet["GROUP_CODE"]) as $SECTION_ID => $PARENT_RIGHT)
537 {
538 $obStorage->AddSelfSet($PARENT_RIGHT, /*$bInherited=*/true);
539 $obStorage->AddChildrenSet($PARENT_RIGHT, $arRightSet["GROUP_CODE"], /*$bInherited=*/true);
540 }
541 }
542 }
543
544 if ($bCleanUp)
545 $obStorage->CleanUp();
546
547 CIBlock::clearIblockTagCache($this->IBLOCK_ID);
548
549 return true;
550 }
551
552 function _add($GROUP_CODE, $bInherit, $TASK_ID, $XML_ID)
553 {
554 global $DB;
555 $arOperations = CTask::GetOperations($TASK_ID, /*$return_names=*/true);
556
557 $NEW_RIGHT_ID = $DB->Add("b_iblock_right", array(
558 "IBLOCK_ID" => $this->IBLOCK_ID,
559 "GROUP_CODE" => $GROUP_CODE,
560 "ENTITY_TYPE" => $this->_entity_type(),
561 "ENTITY_ID" => $this->id,
562 "DO_INHERIT" => $bInherit? "Y": "N",
563 "TASK_ID" => $TASK_ID,
564 "OP_SREAD" => in_array("section_read", $arOperations)? "Y": "N",
565 "OP_EREAD" => in_array("element_read", $arOperations)? "Y": "N",
566 "XML_ID" => ($XML_ID <> ''? $XML_ID: false),
567 ));
568
569 return $NEW_RIGHT_ID;
570 }
571
572 function _update($RIGHT_ID, $GROUP_CODE, $bInherit, $TASK_ID)
573 {
574 global $DB;
575 $RIGHT_ID = (int)$RIGHT_ID;
576 $arOperations = CTask::GetOperations($TASK_ID, /*$return_names=*/true);
577
578 $strUpdate = $DB->PrepareUpdate("b_iblock_right", array(
579 //"GROUP_CODE" => $GROUP_CODE,
580 "DO_INHERIT" => $bInherit? "Y": "N",
581 "TASK_ID" => $TASK_ID,
582 "OP_SREAD" => in_array("section_read", $arOperations)? "Y": "N",
583 "OP_EREAD" => in_array("element_read", $arOperations)? "Y": "N",
584 ));
585 $DB->Query("UPDATE b_iblock_right SET ".$strUpdate." WHERE ID = ".$RIGHT_ID);
586 }
587
588 function _delete($RIGHT_ID)
589 {
590 global $DB;
591 $RIGHT_ID = intval($RIGHT_ID);
592 $DB->Query("DELETE FROM b_iblock_right WHERE ID = ".$RIGHT_ID);
593 }
594
595 function _storage_object()
596 {
597 return new CIBlockRightsStorage($this->IBLOCK_ID, 0, 0);
598 }
599
600 public static function UserHasRightTo($IBLOCK_ID, $ID, $permission, $flags = 0)
601 {
602 $acc = new CAccess;
603 $acc->UpdateCodes();
604
605 $obRights = new CIBlockRights($IBLOCK_ID);
606
607 return CIBlockRights::_check_if_user_has_right($obRights, $ID, $permission, $flags);
608 }
609
617 static function _check_if_user_has_right($obRights, $ID, $permission, $flags = 0)
618 {
619 global $USER;
620 $USER_ID = 0;
621
622 if($USER_ID > 0 && (!is_object($USER) || $USER_ID != $USER->GetID()))
623 {
624 $arGroups = CUser::GetUserGroup($USER_ID);
625
626 if(
627 in_array(1, $arGroups)
628 && COption::GetOptionString("main", "controller_member", "N") != "Y"
629 && COption::GetOptionString("main", "~controller_limited_admin", "N") != "Y"
630 )
631 {
632 return CIBlockRights::_mk_result($ID, CIBlockRights::LetterToOperations("X"), true, $flags);
633 }
634 }
635 elseif(!is_object($USER))
636 {
637 return CIBlockRights::_mk_result($ID, array(), false, $flags);
638 }
639 elseif($USER->IsAdmin())
640 {
641 return CIBlockRights::_mk_result($ID, CIBlockRights::LetterToOperations("X"), true, $flags);
642 }
643
644 $user_id = intval($USER->GetID());
645
646 $RIGHTS_MODE = CIBlock::GetArrayByID($obRights->GetIBlockID(), "RIGHTS_MODE");
647 if($RIGHTS_MODE === Iblock\IblockTable::RIGHTS_EXTENDED)
648 {
649 if(is_array($ID))
650 $arOperations = $obRights->GetUserOperations($ID, $user_id);
651 else
652 {
653 static $cache;
654 $cache_id = get_class($obRights).$user_id."|".$ID;
655 if(!isset($cache[$cache_id]))
656 $cache[$cache_id] = $obRights->GetUserOperations($ID, $user_id);
657 $arOperations = $cache[$cache_id];
658 }
659
660 if($flags & CIBlockRights::RETURN_OPERATIONS)
661 return $arOperations;
662 else
663 return isset($arOperations[$permission]);
664 }
665 else//if($RIGHTS_MODE === Iblock\IblockTable::RIGHTS_SIMPLE)
666 {
667 $letter = CIBlock::GetPermission($obRights->GetIBlockID());
668 $arOperations = CIBlockRights::_mk_result($ID, CIBlockRights::LetterToOperations($letter), CIBlockRights::LetterToOperations($letter), $flags);
669
670 if($flags & CIBlockRights::RETURN_OPERATIONS)
671 return $arOperations;
672 else
673 return isset($arOperations[$permission]);
674 }
675 }
676
677 static function _mk_result($ID, $arOperations, $bAllow, $flags)
678 {
679 if($flags & CIBlockRights::RETURN_OPERATIONS)
680 {
681 if(is_array($ID))
682 {
683 $result = array();
684 foreach($ID as $id)
685 $result[$id] = $arOperations;
686 }
687 else
688 {
689 $result = $arOperations;
690 }
691 }
692 else
693 {
694 $result = $bAllow;
695 }
696 return $result;
697 }
698
699 public static function GetUserOperations($arID, $USER_ID = 0)
700 {
701 global $DB, $USER;
702 $USER_ID = intval($USER_ID);
703
704 if(is_object($USER))
705 {
706 if($USER_ID <= 0)
707 $USER_ID = intval($USER->GetID());
708 $bAuthorized = $USER->IsAuthorized();
709 }
710 else
711 {
712 $bAuthorized = false;
713 }
714
715 if(!is_array($arID))
716 $sqlID = array(intval($arID));
717 else
718 $sqlID = array_map('intval', $arID);
719
720 $rs = $DB->Query("
721 SELECT IBR.ENTITY_ID ID, O.NAME
722 FROM b_iblock_right IBR
723 INNER JOIN b_task_operation T ON T.TASK_ID = IBR.TASK_ID
724 INNER JOIN b_operation O ON O.ID = T.OPERATION_ID
725 ".($USER_ID > 0? "LEFT": "INNER")." JOIN b_user_access UA ON UA.ACCESS_CODE = IBR.GROUP_CODE AND UA.USER_ID = ".$USER_ID."
726 WHERE IBR.ENTITY_TYPE = 'iblock'
727 AND IBR.ENTITY_ID in (".implode(", ", $sqlID).")
728 AND (UA.USER_ID IS NOT NULL ".($bAuthorized? "OR IBR.GROUP_CODE = 'AU'": "").")
729 ");
730
731 $arResult = array();
732 while($ar = $rs->Fetch())
733 $arResult[$ar["ID"]][$ar["NAME"]] = $ar["NAME"];
734
735 if(is_array($arID))
736 return $arResult;
737 elseif(array_key_exists($arID, $arResult))
738 return $arResult[$arID];
739 else
740 return array();
741 }
742
743 public static function setGroupRight($groupId, $iblockType, $letter, $iblockId = 0)
744 {
745 $groupId = (int)$groupId;
746 if ($groupId <= 0)
747 return;
748
749 $iblockId = (int)$iblockId;
750 if ($iblockId < 0)
751 return;
752
753 $groupCode = "G".$groupId;
754 $availableLetters = ["E", "R", "S", "T", "U", "W", "X"];
755 if (!in_array($letter, $availableLetters))
756 return;
757 unset($availableLetters);
758
759 $task = Main\TaskTable::getList([
760 "select" => ["ID"],
761 "filter" => ["=LETTER" => $letter, "=MODULE_ID" => "iblock", "=SYS" => "Y"]
762 ])->fetch();
763 $rightId = (!empty($task) ? $task["ID"] : null);
764 unset($task);
765
766 $filter = ["=IBLOCK_TYPE_ID" => $iblockType, "=ACTIVE"=>"Y"];
767 if ($iblockId > 0)
768 $filter["=ID"] = $iblockId;
769 $queryObject = Iblock\IblockTable::getList([
770 'select' => ['ID'],
771 'filter' => $filter
772 ]);
773 while ($iblock = $queryObject->fetch())
774 {
775 $iblockId = $iblock["ID"];
776
777 $rightsMode = CIBlock::getArrayByID($iblockId, "RIGHTS_MODE");
778 if ($rightsMode == Bitrix\Iblock\IblockTable::RIGHTS_SIMPLE)
779 {
780 $rights = \CIBlock::getGroupPermissions($iblockId);
781 $rights[$groupId] = $letter;
782 \CIBlock::SetPermission($iblockId, $rights);
783 unset($rights);
784 }
785 elseif ($rightsMode == Bitrix\Iblock\IblockTable::RIGHTS_EXTENDED && $rightId !== null)
786 {
787 $rightsObject = new \CIBlockRights($iblockId);
788 $rights = $rightsObject->GetRights();
789 $rights["n0"] = [
790 "GROUP_CODE" => $groupCode,
791 "DO_INHERIT" => "Y",
792 "IS_INHERITED" => "N",
793 "OVERWRITED" => 0,
794 "TASK_ID" => $rightId,
795 "XML_ID" => null,
796 "ENTITY_TYPE" => "iblock",
797 "ENTITY_ID" => $iblockId
798 ];
799 $rightsObject->SetRights($rights);
800 unset($rights, $rightsObject);
801 }
802 }
803 unset($rightsMode, $iblockId, $iblock, $queryObject);
804 }
805}
806
807class CIBlockSectionRights extends CIBlockRights
808{
809 function __construct($IBLOCK_ID, $SECTION_ID)
810 {
811 parent::__construct($IBLOCK_ID);
812 $this->id = (int)$SECTION_ID;
813 }
814
815 function _self_check()
816 {
817 global $DB;
818 $rs = $DB->Query("
819 SELECT ID
820 FROM b_iblock_section
821 WHERE IBLOCK_ID = ".$this->IBLOCK_ID."
822 AND ID = ".$this->id."
823 ");
824 return is_array($rs->Fetch());
825 }
826
827 function _entity_type()
828 {
829 return "section";
830 }
831
832 function _storage_object()
833 {
834 return new CIBlockRightsStorage($this->IBLOCK_ID, $this->id, 0);
835 }
836
837 function GetList($arFilter)
838 {
839 global $DB;
840
841 $obQueryWhere = new CSQLWhere;
842 $obQueryWhere->SetFields(array(
843 "IBLOCK_ID" => array(
844 "TABLE_ALIAS" => "SR",
845 "FIELD_NAME" => "SR.IBLOCK_ID",
846 "MULTIPLE" => "N",
847 "FIELD_TYPE" => "int",
848 "JOIN" => false,
849 ),
850 "ITEM_ID" => array(
851 "TABLE_ALIAS" => "SR",
852 "FIELD_NAME" => "SR.SECTION_ID",
853 "MULTIPLE" => "N",
854 "FIELD_TYPE" => "int",
855 "JOIN" => false,
856 ),
857 ));
858
859 $strWhere = $obQueryWhere->GetQuery($arFilter);
860
861 return $DB->Query("
862 SELECT
863 SR.SECTION_ID ITEM_ID
864 ,BR.ID RIGHT_ID
865 ,BR.GROUP_CODE
866 ,BR.TASK_ID
867 ,BR.DO_INHERIT
868 ,SR.IS_INHERITED
869 ,BR.XML_ID
870 FROM
871 b_iblock_section_right SR
872 INNER JOIN b_iblock_right BR ON BR.ID = SR.RIGHT_ID
873 ".($strWhere? "WHERE ".$strWhere: "")."
874 ORDER BY
875 BR.ID
876 ");
877 }
878
879 function GetRights($arOptions = array())
880 {
881 global $DB;
882 $arResult = array();
883
884 if($this->id <= 0)
885 return parent::GetRights($arOptions);
886
887 if(
888 !isset($arOptions["operations"])
889 || !is_array($arOptions["operations"])
890 || empty($arOptions["operations"])
891 )
892 {
893 $rs = $DB->Query("
894 SELECT
895 BR.ID
896 ,BR.GROUP_CODE
897 ,BR.TASK_ID
898 ,BR.DO_INHERIT
899 ,SR.IS_INHERITED
900 ,BR.XML_ID
901 ,BR.ENTITY_TYPE
902 ,BR.ENTITY_ID
903 FROM
904 b_iblock_section_right SR
905 INNER JOIN b_iblock_right BR ON BR.ID = SR.RIGHT_ID
906 WHERE
907 SR.IBLOCK_ID = ".$this->IBLOCK_ID."
908 AND SR.SECTION_ID = ".$this->id."
909 ORDER BY
910 BR.ID
911 ");
912 }
913 elseif(
914 isset($arOptions["operations_mode"])
915 && $arOptions["operations_mode"] == CIBlockRights::ALL_OPERATIONS
916 && count($arOptions["operations"]) > 1
917 )
918 {
919 $arOperations = array_map(array($DB, "ForSQL"), $arOptions["operations"]);
920 $rs = $DB->Query("
921 SELECT
922 BR.ID, BR.GROUP_CODE, BR.TASK_ID, BR.DO_INHERIT, SR.IS_INHERITED, BR.XML_ID
923 FROM
924 b_iblock_section_right SR
925 INNER JOIN b_iblock_right BR ON BR.ID = SR.RIGHT_ID
926 INNER JOIN b_task_operation T ON T.TASK_ID = BR.TASK_ID
927 INNER JOIN b_operation O ON O.ID = T.OPERATION_ID
928 WHERE
929 SR.IBLOCK_ID = ".$this->IBLOCK_ID."
930 AND SR.SECTION_ID = ".$this->id."
931 AND O.NAME IN ('".implode("', '", $arOperations)."')
932 GROUP BY
933 BR.ID, BR.GROUP_CODE, BR.TASK_ID, BR.DO_INHERIT, SR.IS_INHERITED
934 HAVING
935 COUNT(DISTINCT O.ID) = ".count($arOperations)."
936 ORDER BY
937 BR.ID
938 ");
939 }
940 else//if($opMode == CIBlockRights::ANY_OPERATION)
941 {
942 $arOperations = array_map(array($DB, "ForSQL"), $arOptions["operations"]);
943 $rs = $DB->Query("
944 SELECT DISTINCT
945 BR.ID, BR.GROUP_CODE, BR.TASK_ID, BR.DO_INHERIT, SR.IS_INHERITED, BR.XML_ID
946 FROM
947 b_iblock_section_right SR
948 INNER JOIN b_iblock_right BR ON BR.ID = SR.RIGHT_ID
949 INNER JOIN b_task_operation T ON T.TASK_ID = BR.TASK_ID
950 INNER JOIN b_operation O ON O.ID = T.OPERATION_ID
951 WHERE
952 SR.IBLOCK_ID = ".$this->IBLOCK_ID."
953 AND SR.SECTION_ID = ".$this->id."
954 AND O.NAME IN ('".implode("', '", $arOperations)."')
955 ORDER BY
956 BR.ID
957 ");
958 }
959
960 if(isset($arOptions["parent"]))
961 {
962 $obParentRights = new CIBlockSectionRights($this->IBLOCK_ID, $arOptions["parent"]);
963 $arParentRights = $obParentRights->GetRights();
964 foreach($arParentRights as $RIGHT_ID => $arRight)
965 {
966 $arResult[$RIGHT_ID] = array(
967 "GROUP_CODE" => $arRight["GROUP_CODE"],
968 "DO_INHERIT" => $arRight["DO_INHERIT"],
969 "IS_INHERITED" => "Y",
970 "IS_OVERWRITED" => "Y",
971 "TASK_ID" => $arRight["TASK_ID"],
972 "XML_ID" => $arRight["XML_ID"],
973 );
974 if(isset($arRight["ENTITY_TYPE"]))
975 $arResult[$RIGHT_ID]["ENTITY_TYPE"] = $arRight["ENTITY_TYPE"];
976 if(isset($arRight["ENTITY_ID"]))
977 $arResult[$RIGHT_ID]["ENTITY_ID"] = $arRight["ENTITY_ID"];
978 }
979 }
980
981 $obStorage = $this->_storage_object();
982 while($ar = $rs->Fetch())
983 {
984 $arResult[$ar["ID"]] = array(
985 "GROUP_CODE" => $ar["GROUP_CODE"],
986 "DO_INHERIT" => $ar["DO_INHERIT"],
987 "IS_INHERITED" => $ar["IS_INHERITED"],
988 "OVERWRITED" => isset($arOptions["count_overwrited"]) && $arOptions["count_overwrited"]? $obStorage->CountOverWrited($ar["GROUP_CODE"]): 0,
989 "TASK_ID" => $ar["TASK_ID"],
990 "XML_ID" => $ar["XML_ID"],
991 );
992 if(isset($ar["ENTITY_TYPE"]))
993 $arResult[$ar["ID"]]["ENTITY_TYPE"] = $ar["ENTITY_TYPE"];
994 if(isset($ar["ENTITY_ID"]))
995 $arResult[$ar["ID"]]["ENTITY_ID"] = $ar["ENTITY_ID"];
996 }
997
998 return $arResult;
999 }
1000
1001 function DeleteAllRights()
1002 {
1003 $stor = $this->_storage_object();
1004 $stor->DeleteRights();
1005 $stor->CleanUp(/*$bFull=*/false);
1006 }
1007
1008 public static function UserHasRightTo($IBLOCK_ID, $ID, $permission, $flags = 0)
1009 {
1010 $acc = new CAccess;
1011 $acc->UpdateCodes();
1012
1013 if($ID > 0)
1014 {
1015 $obRights = new CIBlockSectionRights($IBLOCK_ID, 0);
1016 $ID2CHECK = $ID;
1017 }
1018 else
1019 {
1020 $obRights = new CIBlockRights($IBLOCK_ID);
1021 $ID2CHECK = $IBLOCK_ID;
1022 }
1023
1024 return CIBlockRights::_check_if_user_has_right($obRights, $ID2CHECK, $permission, $flags);
1025 }
1026
1027 public static function GetUserOperations($arID, $USER_ID = 0)
1028 {
1029 global $DB, $USER;
1030 $USER_ID = intval($USER_ID);
1031
1032 if(is_object($USER))
1033 {
1034 if($USER_ID <= 0)
1035 $USER_ID = intval($USER->GetID());
1036 $bAuthorized = $USER->IsAuthorized();
1037 }
1038 else
1039 {
1040 $bAuthorized = false;
1041 }
1042
1043 if(!is_array($arID))
1044 $sqlID = array(intval($arID));
1045 elseif(empty($arID))
1046 return array();
1047 else
1048 $sqlID = array_map('intval', $arID);
1049
1050 $rs = $DB->Query("
1051 SELECT SR.SECTION_ID ID, O.NAME
1052 FROM b_iblock_section BS
1053 INNER JOIN b_iblock_section_right SR ON SR.SECTION_ID = BS.ID
1054 INNER JOIN b_iblock_right IBR ON IBR.ID = SR.RIGHT_ID
1055 INNER JOIN b_task_operation T ON T.TASK_ID = IBR.TASK_ID
1056 INNER JOIN b_operation O ON O.ID = T.OPERATION_ID
1057 ".($USER_ID > 0? "LEFT": "INNER")." JOIN b_user_access UA ON UA.ACCESS_CODE = IBR.GROUP_CODE AND UA.USER_ID = ".$USER_ID."
1058 WHERE BS.ID in (".implode(", ", $sqlID).")
1059 ".($bAuthorized || $USER_ID > 0? "
1060 AND (UA.USER_ID IS NOT NULL
1061 ".($bAuthorized? "OR IBR.GROUP_CODE = 'AU'": "")."
1062 ".($USER_ID > 0? "OR (IBR.GROUP_CODE = 'CR' AND BS.CREATED_BY = ".$USER_ID.")": "")."
1063 )": "")."
1064 ");
1065
1066 $arResult = array();
1067 while($ar = $rs->Fetch())
1068 $arResult[$ar["ID"]][$ar["NAME"]] = $ar["NAME"];
1069
1070 if(is_array($arID))
1071 return $arResult;
1072 elseif(array_key_exists($arID, $arResult))
1073 return $arResult[$arID];
1074 else
1075 return array();
1076 }
1077}
1078
1079class CIBlockElementRights extends CIBlockRights
1080{
1081 public const OPERATION_READ = 'element_read';
1082 public const OPERATION_EDIT = 'element_edit';
1083 public const OPERATION_RIGHTS_EDIT = 'element_rights_edit';
1084
1085 function __construct($IBLOCK_ID, $ELEMENT_ID)
1086 {
1087 parent::__construct($IBLOCK_ID);
1088 $this->id = (int)$ELEMENT_ID;
1089 }
1090
1091 function _self_check()
1092 {
1093 global $DB;
1094 $rs = $DB->Query("
1095 SELECT ID
1096 FROM b_iblock_element
1097 WHERE IBLOCK_ID = ".$this->IBLOCK_ID."
1098 AND ID = ".$this->id."
1099 ");
1100 return is_array($rs->Fetch());
1101 }
1102
1103 function _entity_type()
1104 {
1105 return "element";
1106 }
1107
1108 function _storage_object()
1109 {
1110 return new CIBlockRightsStorage($this->IBLOCK_ID, 0, $this->id);
1111 }
1112
1113 function GetList($arFilter)
1114 {
1115 global $DB;
1116
1117 $obQueryWhere = new CSQLWhere;
1118 $obQueryWhere->SetFields(array(
1119 "IBLOCK_ID" => array(
1120 "TABLE_ALIAS" => "ER",
1121 "FIELD_NAME" => "ER.IBLOCK_ID",
1122 "MULTIPLE" => "N",
1123 "FIELD_TYPE" => "int",
1124 "JOIN" => false,
1125 ),
1126 "ITEM_ID" => array(
1127 "TABLE_ALIAS" => "ER",
1128 "FIELD_NAME" => "ER.ELEMENT_ID",
1129 "MULTIPLE" => "N",
1130 "FIELD_TYPE" => "int",
1131 "JOIN" => false,
1132 ),
1133 ));
1134
1135 $strWhere = $obQueryWhere->GetQuery($arFilter);
1136
1137 return $DB->Query("
1138 SELECT
1139 ER.ELEMENT_ID ITEM_ID
1140 ,BR.ID RIGHT_ID
1141 ,BR.GROUP_CODE
1142 ,BR.TASK_ID
1143 ,BR.DO_INHERIT
1144 ,ER.IS_INHERITED
1145 ,BR.XML_ID
1146 FROM
1147 b_iblock_element_right ER
1148 INNER JOIN b_iblock_right BR ON BR.ID = ER.RIGHT_ID
1149 ".($strWhere? "WHERE ".$strWhere: "")."
1150 ORDER BY
1151 BR.ID
1152 ");
1153 }
1154
1155 function GetRights($arOptions = array())
1156 {
1157 global $DB;
1158 $arResult = array();
1159
1160 if(
1161 !isset($arOptions["operations"])
1162 || !is_array($arOptions["operations"])
1163 || empty($arOptions["operations"])
1164 )
1165 {
1166 $rs = $DB->Query("
1167 SELECT
1168 BR.ID
1169 ,BR.GROUP_CODE
1170 ,BR.TASK_ID
1171 ,BR.DO_INHERIT
1172 ,ER.IS_INHERITED
1173 ,BR.XML_ID
1174 ,BR.ENTITY_TYPE
1175 ,BR.ENTITY_ID
1176 FROM
1177 b_iblock_element_right ER
1178 INNER JOIN b_iblock_right BR ON BR.ID = ER.RIGHT_ID
1179 WHERE
1180 ER.IBLOCK_ID = ".$this->IBLOCK_ID."
1181 AND ER.ELEMENT_ID = ".$this->id."
1182 ORDER BY
1183 BR.ID
1184 ");
1185 }
1186 elseif(
1187 isset($arOptions["operations_mode"])
1188 && $arOptions["operations_mode"] == CIBlockRights::ALL_OPERATIONS
1189 && count($arOptions["operations"]) > 1
1190 )
1191 {
1192 $arOperations = array_map(array($DB, "ForSQL"), $arOptions["operations"]);
1193 $rs = $DB->Query("
1194 SELECT
1195 BR.ID, BR.GROUP_CODE, BR.TASK_ID, BR.DO_INHERIT, ER.IS_INHERITED, BR.XML_ID
1196 FROM
1197 b_iblock_element_right ER
1198 INNER JOIN b_iblock_right BR ON BR.ID = ER.RIGHT_ID
1199 INNER JOIN b_task_operation T ON T.TASK_ID = BR.TASK_ID
1200 INNER JOIN b_operation O ON O.ID = T.OPERATION_ID
1201 WHERE
1202 ER.IBLOCK_ID = ".$this->IBLOCK_ID."
1203 AND ER.ELEMENT_ID = ".$this->id."
1204 AND O.NAME IN ('".implode("', '", $arOperations)."')
1205 GROUP BY
1206 BR.ID, BR.GROUP_CODE, BR.TASK_ID, BR.DO_INHERIT, ER.IS_INHERITED
1207 HAVING
1208 COUNT(DISTINCT O.ID) = ".count($arOperations)."
1209 ORDER BY
1210 BR.ID
1211 ");
1212 }
1213 else//if($opMode == CIBlockRights::ANY_OPERATION)
1214 {
1215 $arOperations = array_map(array($DB, "ForSQL"), $arOptions["operations"]);
1216 $rs = $DB->Query("
1217 SELECT DISTINCT
1218 BR.ID, BR.GROUP_CODE, BR.TASK_ID, BR.DO_INHERIT, ER.IS_INHERITED, BR.XML_ID
1219 FROM
1220 b_iblock_element_right ER
1221 INNER JOIN b_iblock_right BR ON BR.ID = ER.RIGHT_ID
1222 INNER JOIN b_task_operation T ON T.TASK_ID = BR.TASK_ID
1223 INNER JOIN b_operation O ON O.ID = T.OPERATION_ID
1224 WHERE
1225 ER.IBLOCK_ID = ".$this->IBLOCK_ID."
1226 AND ER.ELEMENT_ID = ".$this->id."
1227 AND O.NAME IN ('".implode("', '", $arOperations)."')
1228 ORDER BY
1229 BR.ID
1230 ");
1231 }
1232
1233 if(isset($arOptions["parents"]) && is_array($arOptions["parents"]))
1234 {
1235 foreach($arOptions["parents"] as $parent)
1236 {
1237 $obParentRights = new CIBlockSectionRights($this->IBLOCK_ID, $parent);
1238 $arParentRights = $obParentRights->GetRights();
1239 foreach($arParentRights as $RIGHT_ID => $arRight)
1240 {
1241 $arResult[$RIGHT_ID] = array(
1242 "GROUP_CODE" => $arRight["GROUP_CODE"],
1243 "DO_INHERIT" => $arRight["DO_INHERIT"],
1244 "IS_INHERITED" => "Y",
1245 "IS_OVERWRITED" => "Y",
1246 "TASK_ID" => $arRight["TASK_ID"],
1247 "XML_ID" => $arRight["XML_ID"],
1248 );
1249 if(isset($arRight["ENTITY_TYPE"]))
1250 $arResult[$RIGHT_ID]["ENTITY_TYPE"] = $arRight["ENTITY_TYPE"];
1251 if(isset($arRight["ENTITY_ID"]))
1252 $arResult[$RIGHT_ID]["ENTITY_ID"] = $arRight["ENTITY_ID"];
1253 }
1254 }
1255 }
1256
1257 $obStorage = $this->_storage_object();
1258 while($ar = $rs->Fetch())
1259 {
1260 $arResult[$ar["ID"]] = array(
1261 "GROUP_CODE" => $ar["GROUP_CODE"],
1262 "DO_INHERIT" => $ar["DO_INHERIT"],
1263 "IS_INHERITED" => $ar["IS_INHERITED"],
1264 "OVERWRITED" => 0,
1265 "TASK_ID" => $ar["TASK_ID"],
1266 "XML_ID" => $ar["XML_ID"],
1267 );
1268 if(isset($ar["ENTITY_TYPE"]))
1269 $arResult[$ar["ID"]]["ENTITY_TYPE"] = $ar["ENTITY_TYPE"];
1270 if(isset($ar["ENTITY_ID"]))
1271 $arResult[$ar["ID"]]["ENTITY_ID"] = $ar["ENTITY_ID"];
1272 }
1273
1274 return $arResult;
1275 }
1276
1277 function DeleteAllRights()
1278 {
1279 $stor = $this->_storage_object();
1280 $stor->DeleteRights();
1281 $stor->CleanUp(/*$bFull=*/false);
1282 }
1283
1284 public static function UserHasRightTo($IBLOCK_ID, $ID, $permission, $flags = 0)
1285 {
1286 $acc = new CAccess;
1287 $acc->UpdateCodes();
1288
1289 $obRights = new CIBlockElementRights($IBLOCK_ID, 0);
1290
1291 return CIBlockRights::_check_if_user_has_right($obRights, $ID, $permission, $flags);
1292 }
1293
1294 public static function GetUserOperations($arID, $USER_ID = 0)
1295 {
1296 global $DB, $USER;
1297 $USER_ID = intval($USER_ID);
1298
1299 if(is_object($USER))
1300 {
1301 if($USER_ID <= 0)
1302 $USER_ID = intval($USER->GetID());
1303 $bAuthorized = $USER->IsAuthorized();
1304 }
1305 else
1306 {
1307 $bAuthorized = false;
1308 }
1309
1310 if ($USER_ID > 0)
1311 {
1312 $acc = new CAccess;
1313 $acc->UpdateCodes(array('USER_ID' => $USER_ID));
1314 }
1315
1316 if(!is_array($arID))
1317 $sqlID = array(intval($arID));
1318 elseif(empty($arID))
1319 return array();
1320 else
1321 $sqlID = array_map('intval', $arID);
1322
1323 $arResult = array();
1324
1325 while (!empty($sqlID))
1326 {
1327 if (count($sqlID) > 1000)
1328 {
1329 $head = array_slice($sqlID, 0, 1000);
1330 array_splice($sqlID, 0, 1000);
1331 }
1332 else
1333 {
1334 $head = $sqlID;
1335 $sqlID = array();
1336 }
1337
1338 $rs = $DB->Query("
1339 SELECT ER.ELEMENT_ID ID, O.NAME
1340 FROM b_iblock_element E
1341 INNER JOIN b_iblock_element_right ER ON ER.ELEMENT_ID = E.ID
1342 INNER JOIN b_iblock_right IBR ON IBR.ID = ER.RIGHT_ID
1343 INNER JOIN b_task_operation T ON T.TASK_ID = IBR.TASK_ID
1344 INNER JOIN b_operation O ON O.ID = T.OPERATION_ID
1345 ".($USER_ID > 0? "LEFT": "INNER")." JOIN b_user_access UA ON UA.ACCESS_CODE = IBR.GROUP_CODE AND UA.USER_ID = ".$USER_ID."
1346 WHERE E.ID in (".implode(", ", $head).")
1347 ".($bAuthorized || $USER_ID > 0? "
1348 AND (UA.USER_ID IS NOT NULL
1349 ".($bAuthorized? "OR IBR.GROUP_CODE = 'AU'": "")."
1350 ".($USER_ID > 0? "OR (IBR.GROUP_CODE = 'CR' AND E.CREATED_BY = ".$USER_ID.")": "")."
1351 )": "")."
1352 ");
1353
1354 while($ar = $rs->Fetch())
1355 $arResult[$ar["ID"]][$ar["NAME"]] = $ar["NAME"];
1356 }
1357
1358 if(is_array($arID))
1359 return $arResult;
1360 elseif(array_key_exists($arID, $arResult))
1361 return $arResult[$arID];
1362 else
1363 return array();
1364 }
1365}
1366
1367class CIBlockRightsStorage
1368{
1369 protected $IBLOCK_ID = 0;
1370 protected $SECTION_ID = 0;
1371 protected $ELEMENT_ID = 0;
1372 protected $arSection = null;
1373
1374 function __construct($IBLOCK_ID, $SECTION_ID, $ELEMENT_ID)
1375 {
1376 $this->IBLOCK_ID = (int)$IBLOCK_ID;
1377 $this->SECTION_ID = (int)$SECTION_ID;
1378 $this->ELEMENT_ID = (int)$ELEMENT_ID;
1379 }
1380
1381 function _set_section($SECTION_ID)
1382 {
1383 $this->SECTION_ID = (int)$SECTION_ID;
1384 $this->arSection = null;
1385 }
1386
1387 function _get_section()
1388 {
1389 if(!isset($this->arSection))
1390 {
1391 if($this->SECTION_ID > 0)
1392 {
1393 $rsSection = CIBlockSection::GetList(array(), array(
1394 "IBLOCK_ID" => $this->IBLOCK_ID,
1395 "=ID" => $this->SECTION_ID,
1396 "CHECK_PERMISSIONS" => "N",
1397 ), false, array("LEFT_MARGIN", "RIGHT_MARGIN"));
1398 $this->arSection = $rsSection->Fetch();
1399
1400 //We have to resort sections in some cases
1401 if(
1402 $this->arSection
1403 && (
1404 $this->arSection["LEFT_MARGIN"] <= 0
1405 || $this->arSection["RIGHT_MARGIN"] <= 0
1406 )
1407 )
1408 {
1409 CIBlockSection::Resort($this->IBLOCK_ID);
1410
1411 $rsSection = CIBlockSection::GetList(array(), array(
1412 "IBLOCK_ID" => $this->IBLOCK_ID,
1413 "=ID" => $this->SECTION_ID,
1414 "CHECK_PERMISSIONS" => "N",
1415 ), false, array("LEFT_MARGIN", "RIGHT_MARGIN"));
1416 $this->arSection = $rsSection->Fetch();
1417 }
1418 }
1419 else
1420 {
1421 $this->arSection = false;
1422 }
1423 }
1424 return $this->arSection;
1425 }
1426
1427 function CountOverWrited($GROUP_CODE)
1428 {
1429 global $DB;
1430 $arResult = array(0,0);
1431
1432 if($this->ELEMENT_ID > 0)
1433 {
1434 }
1435 elseif(is_array($this->_get_section()))
1436 {
1437 //Count subsections
1438 $rs = $DB->Query("
1439 SELECT
1440 COUNT(DISTINCT SR.SECTION_ID) CNT
1441 FROM
1442 b_iblock_right BR
1443 INNER JOIN b_iblock_section_right SR ON SR.RIGHT_ID = BR.ID
1444 INNER JOIN b_iblock_section BS ON BS.ID = SR.SECTION_ID
1445 WHERE
1446 BR.IBLOCK_ID = ".$this->IBLOCK_ID."
1447 AND BR.GROUP_CODE = '".$DB->ForSQL($GROUP_CODE, 32)."'
1448 AND SR.IS_INHERITED = 'N'
1449 AND BS.LEFT_MARGIN > ".$this->arSection["LEFT_MARGIN"]."
1450 AND BS.RIGHT_MARGIN < ".$this->arSection["RIGHT_MARGIN"]."
1451 ");
1452 $ar = $rs->Fetch();
1453 if($ar)
1454 $arResult[0] = $ar["CNT"];
1455
1456 //Count elements in subsections
1457 $rs = $DB->Query("
1458 SELECT
1459 COUNT(DISTINCT ER.ELEMENT_ID) CNT
1460 FROM
1461 b_iblock_right BR
1462 INNER JOIN b_iblock_element_right ER ON ER.RIGHT_ID = BR.ID
1463 INNER JOIN b_iblock_section_element BSE ON BSE.IBLOCK_ELEMENT_ID = ER.ELEMENT_ID AND ADDITIONAL_PROPERTY_ID IS NULL
1464 INNER JOIN b_iblock_section BS ON BS.ID = BSE.IBLOCK_SECTION_ID
1465 WHERE
1466 BR.IBLOCK_ID = ".$this->IBLOCK_ID."
1467 AND BR.GROUP_CODE = '".$DB->ForSQL($GROUP_CODE, 32)."'
1468 AND ER.IS_INHERITED = 'N'
1469 AND BS.LEFT_MARGIN >= ".$this->arSection["LEFT_MARGIN"]."
1470 AND BS.RIGHT_MARGIN <= ".$this->arSection["RIGHT_MARGIN"]."
1471 ");
1472
1473 $ar = $rs->Fetch();
1474 if($ar)
1475 $arResult[1] = $ar["CNT"];
1476 }
1477 else
1478 {
1479 //Count subsections
1480 $rs = $DB->Query("
1481 SELECT
1482 COUNT(DISTINCT SR.SECTION_ID) CNT
1483 FROM
1484 b_iblock_right BR
1485 INNER JOIN b_iblock_section_right SR ON SR.RIGHT_ID = BR.ID
1486 WHERE
1487 BR.IBLOCK_ID = ".$this->IBLOCK_ID."
1488 AND BR.GROUP_CODE = '".$DB->ForSQL($GROUP_CODE, 32)."'
1489 AND SR.IS_INHERITED = 'N'
1490 ");
1491 $ar = $rs->Fetch();
1492 if($ar)
1493 $arResult[0] = $ar["CNT"];
1494
1495 //Count elements in subsections
1496 $rs = $DB->Query("
1497 SELECT
1498 COUNT(DISTINCT ER.ELEMENT_ID) CNT
1499 FROM
1500 b_iblock_right BR
1501 INNER JOIN b_iblock_element_right ER ON ER.RIGHT_ID = BR.ID
1502 WHERE
1503 BR.IBLOCK_ID = ".$this->IBLOCK_ID."
1504 AND BR.GROUP_CODE = '".$DB->ForSQL($GROUP_CODE, 32)."'
1505 AND ER.IS_INHERITED = 'N'
1506 ");
1507 $ar = $rs->Fetch();
1508 if($ar)
1509 $arResult[1] = $ar["CNT"];
1510 }
1511
1512 return $arResult;
1513 }
1514
1515 function DeleteSelfSet($ID, $TYPE)
1516 {
1517 global $DB;
1518
1519 $strRightSubQuery = "
1520 SELECT ID FROM b_iblock_right
1521 WHERE IBLOCK_ID = ".$this->IBLOCK_ID."
1522 ".($TYPE == CIBlockRights::GROUP_CODE?
1523 "AND GROUP_CODE = '".$DB->ForSQL($ID, 32)."'":
1524 "AND ID = ".intval($ID)
1525 )."
1526 ";
1527
1528 if($this->ELEMENT_ID > 0)
1529 {
1530 $DB->Query("
1531 DELETE FROM b_iblock_element_right
1532 WHERE IBLOCK_ID = ".$this->IBLOCK_ID."
1533 AND ELEMENT_ID = ".$this->ELEMENT_ID."
1534 AND RIGHT_ID IN ($strRightSubQuery)
1535 ");
1536 }
1537 elseif(is_array($this->_get_section()))
1538 {
1539 $DB->Query("
1540 DELETE FROM b_iblock_section_right
1541 WHERE IBLOCK_ID = ".$this->IBLOCK_ID."
1542 AND SECTION_ID = ".$this->SECTION_ID."
1543 AND RIGHT_ID IN ($strRightSubQuery)
1544 ");
1545 }
1546 else
1547 {
1548 }
1549 }
1550
1551 function DeleteChildrenSet($ID, $TYPE)
1552 {
1553 global $DB;
1554
1555 $strRightSubQuery = "
1556 SELECT ID FROM b_iblock_right
1557 WHERE IBLOCK_ID = ".$this->IBLOCK_ID."
1558 ".($TYPE == CIBlockRights::GROUP_CODE?
1559 "AND GROUP_CODE = '".$DB->ForSQL($ID, 32)."'":
1560 "AND ID = ".intval($ID)
1561 )."
1562 ";
1563
1564 if($this->ELEMENT_ID > 0)
1565 {
1566 }
1567 elseif(is_array($this->_get_section()))
1568 {
1569 if($DB->type === "MYSQL")
1570 {
1571 $DB->Query("
1572 DELETE b_iblock_section_right.*
1573 FROM b_iblock_section_right
1574 INNER JOIN b_iblock_section BS ON BS.ID = b_iblock_section_right.SECTION_ID
1575 WHERE b_iblock_section_right.IBLOCK_ID = ".$this->IBLOCK_ID."
1576 AND BS.IBLOCK_ID = ".$this->IBLOCK_ID."
1577 AND LEFT_MARGIN > ".$this->arSection["LEFT_MARGIN"]."
1578 AND RIGHT_MARGIN < ".$this->arSection["RIGHT_MARGIN"]."
1579 AND RIGHT_ID IN ($strRightSubQuery)
1580 ");
1581 $DB->Query("
1582 DELETE b_iblock_element_right.*
1583 FROM b_iblock_element_right
1584 INNER JOIN b_iblock_section_element BSE ON BSE.IBLOCK_ELEMENT_ID = b_iblock_element_right.ELEMENT_ID
1585 INNER JOIN b_iblock_section BS ON BSE.IBLOCK_SECTION_ID = BS.ID AND BSE.ADDITIONAL_PROPERTY_ID IS NULL
1586 WHERE b_iblock_element_right.IBLOCK_ID = ".$this->IBLOCK_ID."
1587 AND BS.IBLOCK_ID = ".$this->IBLOCK_ID."
1588 AND BS.LEFT_MARGIN <= ".$this->arSection["RIGHT_MARGIN"]."
1589 AND BS.RIGHT_MARGIN >= ".$this->arSection["LEFT_MARGIN"]."
1590 AND (SECTION_ID IN (
1591 SELECT ID FROM b_iblock_section
1592 WHERE IBLOCK_ID = ".$this->IBLOCK_ID."
1593 AND LEFT_MARGIN >= ".$this->arSection["LEFT_MARGIN"]."
1594 AND RIGHT_MARGIN <= ".$this->arSection["RIGHT_MARGIN"]."
1595 ) OR SECTION_ID = 0)
1596 AND RIGHT_ID IN ($strRightSubQuery)
1597 ");
1598 }
1599 else
1600 {
1601 $DB->Query("
1602 DELETE FROM b_iblock_section_right
1603 WHERE IBLOCK_ID = ".$this->IBLOCK_ID."
1604 AND SECTION_ID IN (
1605 SELECT ID FROM b_iblock_section
1606 WHERE IBLOCK_ID = ".$this->IBLOCK_ID."
1607 AND LEFT_MARGIN > ".$this->arSection["LEFT_MARGIN"]."
1608 AND RIGHT_MARGIN < ".$this->arSection["RIGHT_MARGIN"]."
1609 )
1610 AND RIGHT_ID IN ($strRightSubQuery)
1611 ");
1612 $DB->Query("
1613 DELETE FROM b_iblock_element_right
1614 WHERE IBLOCK_ID = ".$this->IBLOCK_ID."
1615 AND ELEMENT_ID IN (
1616 SELECT BSE.IBLOCK_ELEMENT_ID
1617 FROM b_iblock_section_element BSE
1618 INNER JOIN b_iblock_section BS ON BSE.IBLOCK_SECTION_ID = BS.ID AND BSE.ADDITIONAL_PROPERTY_ID IS NULL
1619 WHERE BS.IBLOCK_ID = ".$this->IBLOCK_ID."
1620 AND BS.LEFT_MARGIN <= ".$this->arSection["RIGHT_MARGIN"]."
1621 AND BS.RIGHT_MARGIN >= ".$this->arSection["LEFT_MARGIN"]."
1622 )
1623 AND (SECTION_ID IN (
1624 SELECT ID FROM b_iblock_section
1625 WHERE IBLOCK_ID = ".$this->IBLOCK_ID."
1626 AND LEFT_MARGIN >= ".$this->arSection["LEFT_MARGIN"]."
1627 AND RIGHT_MARGIN <= ".$this->arSection["RIGHT_MARGIN"]."
1628 ) OR SECTION_ID = 0)
1629 AND RIGHT_ID IN ($strRightSubQuery)
1630 ");
1631 }
1632 }
1633 else
1634 {
1635 $DB->Query("
1636 DELETE FROM b_iblock_section_right
1637 WHERE IBLOCK_ID = ".$this->IBLOCK_ID."
1638 AND RIGHT_ID IN ($strRightSubQuery)
1639 ");
1640
1641 $DB->Query("
1642 DELETE FROM b_iblock_element_right
1643 WHERE IBLOCK_ID = ".$this->IBLOCK_ID."
1644 AND RIGHT_ID IN ($strRightSubQuery)
1645 ");
1646 }
1647 }
1648
1649 function AddSelfSet($RIGHT_ID, $bInherited = false)
1650 {
1651 global $DB;
1652
1653 if($this->ELEMENT_ID > 0)
1654 {
1655 $DB->Query("
1656 INSERT INTO b_iblock_element_right (IBLOCK_ID, SECTION_ID, ELEMENT_ID, RIGHT_ID, IS_INHERITED)
1657 SELECT ".$this->IBLOCK_ID.", ".$this->SECTION_ID.", BE.ID, ".intval($RIGHT_ID).", '".($bInherited? "Y": "N")."'
1658 FROM
1659 b_iblock_element BE
1660 LEFT JOIN b_iblock_element_right ER ON ER.ELEMENT_ID = BE.ID AND ER.SECTION_ID = ".$this->SECTION_ID." AND ER.RIGHT_ID = ".intval($RIGHT_ID)."
1661 WHERE
1662 BE.ID = ".$this->ELEMENT_ID."
1663 AND ER.SECTION_ID IS NULL
1664 ");
1665 }
1666 elseif(is_array($this->_get_section()))
1667 {
1668 $DB->Query("
1669 INSERT INTO b_iblock_section_right (IBLOCK_ID, SECTION_ID, RIGHT_ID, IS_INHERITED)
1670 SELECT ".$this->IBLOCK_ID.", BS.ID, ".intval($RIGHT_ID).", '".($bInherited? "Y": "N")."'
1671 FROM
1672 b_iblock_section BS
1673 LEFT JOIN b_iblock_section_right SR ON SR.SECTION_ID = BS.ID AND SR.RIGHT_ID = ".intval($RIGHT_ID)."
1674 WHERE
1675 BS.ID = ".$this->SECTION_ID."
1676 AND SR.SECTION_ID IS NULL
1677 ");
1678 }
1679 else
1680 {
1681 }
1682 }
1683
1684 function AddChildrenSet($RIGHT_ID, $GROUP_CODE, $bInherited)
1685 {
1686 global $DB;
1687
1688 if($this->ELEMENT_ID > 0)
1689 {
1690 }
1691 elseif(is_array($this->_get_section()))
1692 {
1693 $DB->Query("
1694 INSERT INTO b_iblock_section_right (IBLOCK_ID, SECTION_ID, RIGHT_ID, IS_INHERITED)
1695 SELECT ".$this->IBLOCK_ID.", BS.ID, ".intval($RIGHT_ID).", '".($bInherited? "Y": "N")."'
1696 FROM
1697 b_iblock_section BS
1698 WHERE
1699 BS.IBLOCK_ID = ".$this->IBLOCK_ID."
1700 AND BS.LEFT_MARGIN > ".$this->arSection["LEFT_MARGIN"]."
1701 AND BS.RIGHT_MARGIN < ".$this->arSection["RIGHT_MARGIN"]."
1702 AND BS.ID NOT IN (
1703 SELECT SR.SECTION_ID
1704 FROM
1705 b_iblock_right BR
1706 INNER JOIN b_iblock_section_right SR ON SR.RIGHT_ID = BR.ID
1707 WHERE
1708 BR.GROUP_CODE = '".$DB->ForSQL($GROUP_CODE, 32)."'
1709 AND BR.IBLOCK_ID = ".$this->IBLOCK_ID."
1710 )
1711 ");
1712
1713 $DB->Query("
1714 INSERT INTO b_iblock_element_right (IBLOCK_ID, SECTION_ID, ELEMENT_ID, RIGHT_ID, IS_INHERITED)
1715 SELECT ".$this->IBLOCK_ID.", BSE.IBLOCK_SECTION_ID, BSE.IBLOCK_ELEMENT_ID, ".intval($RIGHT_ID).", '".($bInherited? "Y": "N")."'
1716 FROM
1717 b_iblock_section_element BSE
1718 WHERE
1719 BSE.ADDITIONAL_PROPERTY_ID IS NULL
1720 AND BSE.IBLOCK_SECTION_ID IN (
1721 SELECT SECTION_ID
1722 FROM b_iblock_section_right
1723 WHERE RIGHT_ID = ".intval($RIGHT_ID)."
1724 )
1725 AND BSE.IBLOCK_ELEMENT_ID NOT IN (
1726 SELECT ER.ELEMENT_ID
1727 FROM
1728 b_iblock_right BR
1729 INNER JOIN b_iblock_element_right ER ON ER.RIGHT_ID = BR.ID
1730 WHERE
1731 BR.GROUP_CODE = '".$DB->ForSQL($GROUP_CODE, 32)."'
1732 AND BR.IBLOCK_ID = ".$this->IBLOCK_ID."
1733 AND (ER.SECTION_ID = BSE.IBLOCK_SECTION_ID OR ER.SECTION_ID = 0)
1734 )
1735 ");
1736 }
1737 else
1738 {
1739 $DB->Query("
1740 INSERT INTO b_iblock_section_right (IBLOCK_ID, SECTION_ID, RIGHT_ID, IS_INHERITED)
1741 SELECT ".$this->IBLOCK_ID.", BS.ID, ".intval($RIGHT_ID).", '".($bInherited? "Y": "N")."'
1742 FROM
1743 b_iblock_section BS
1744 WHERE
1745 BS.IBLOCK_ID = ".$this->IBLOCK_ID."
1746 AND BS.ID NOT IN (
1747 SELECT SR.SECTION_ID
1748 FROM
1749 b_iblock_right BR
1750 INNER JOIN b_iblock_section_right SR ON SR.RIGHT_ID = BR.ID
1751 WHERE
1752 BR.GROUP_CODE = '".$DB->ForSQL($GROUP_CODE, 32)."'
1753 AND BR.IBLOCK_ID = ".$this->IBLOCK_ID."
1754 )
1755 ");
1756
1757 $DB->Query("
1758 INSERT INTO b_iblock_element_right (IBLOCK_ID, SECTION_ID, ELEMENT_ID, RIGHT_ID, IS_INHERITED)
1759 SELECT ".$this->IBLOCK_ID.", 0, BE.ID, ".intval($RIGHT_ID).", '".($bInherited? "Y": "N")."'
1760 FROM
1761 b_iblock_element BE
1762 WHERE
1763 BE.IBLOCK_ID = ".$this->IBLOCK_ID."
1764 AND BE.IN_SECTIONS = 'N'
1765 AND BE.ID NOT IN (
1766 SELECT ER.ELEMENT_ID
1767 FROM
1768 b_iblock_right BR
1769 INNER JOIN b_iblock_element_right ER ON ER.RIGHT_ID = BR.ID
1770 WHERE
1771 BR.GROUP_CODE = '".$DB->ForSQL($GROUP_CODE, 32)."'
1772 AND BR.IBLOCK_ID = ".$this->IBLOCK_ID."
1773 AND ER.SECTION_ID = 0
1774 )
1775 ");
1776
1777 $DB->Query("
1778 INSERT INTO b_iblock_element_right (IBLOCK_ID, SECTION_ID, ELEMENT_ID, RIGHT_ID, IS_INHERITED)
1779 SELECT ".$this->IBLOCK_ID.", BSE.IBLOCK_SECTION_ID, BSE.IBLOCK_ELEMENT_ID, ".intval($RIGHT_ID).", '".($bInherited? "Y": "N")."'
1780 FROM
1781 b_iblock_section_element BSE
1782 WHERE
1783 BSE.ADDITIONAL_PROPERTY_ID IS NULL
1784 AND BSE.IBLOCK_SECTION_ID IN (
1785 SELECT SECTION_ID
1786 FROM b_iblock_section_right
1787 WHERE RIGHT_ID = ".intval($RIGHT_ID)."
1788 )
1789 AND BSE.IBLOCK_ELEMENT_ID NOT IN (
1790 SELECT ER.ELEMENT_ID
1791 FROM
1792 b_iblock_right BR
1793 INNER JOIN b_iblock_element_right ER ON ER.RIGHT_ID = BR.ID
1794 WHERE
1795 BR.GROUP_CODE = '".$DB->ForSQL($GROUP_CODE, 32)."'
1796 AND BR.IBLOCK_ID = ".$this->IBLOCK_ID."
1797 AND ER.SECTION_ID in (BSE.IBLOCK_SECTION_ID, 0)
1798 )
1799 ");
1800 }
1801 }
1802
1803 function FindParentWithInherit($GROUP_CODE)
1804 {
1805 global $DB;
1806 $arResult = array();
1807
1808 if($this->ELEMENT_ID > 0)
1809 {
1810 $rs = $DB->Query("
1811 SELECT SR.SECTION_ID, SR.RIGHT_ID
1812 FROM
1813 b_iblock_section_element BSE
1814 INNER JOIN b_iblock_section_right SR ON SR.SECTION_ID = BSE.IBLOCK_SECTION_ID
1815 INNER JOIN b_iblock_right BR ON BR.ID = SR.RIGHT_ID
1816 WHERE
1817 BSE.IBLOCK_ELEMENT_ID = ".$this->ELEMENT_ID."
1818 AND BSE.ADDITIONAL_PROPERTY_ID IS NULL
1819 AND BR.GROUP_CODE = '".$DB->ForSQL($GROUP_CODE)."'
1820 ");
1821 while($ar = $rs->Fetch())
1822 $arResult[$ar["SECTION_ID"]] = $ar["RIGHT_ID"];
1823 }
1824 elseif(is_array($this->_get_section()))
1825 {
1826 $rs = $DB->Query("
1827 SELECT BS.IBLOCK_SECTION_ID, SR.RIGHT_ID
1828 FROM
1829 b_iblock_section BS
1830 INNER JOIN b_iblock_section_right SR ON SR.SECTION_ID = BS.IBLOCK_SECTION_ID
1831 INNER JOIN b_iblock_right BR ON BR.ID = SR.RIGHT_ID
1832 WHERE
1833 BS.ID = ".$this->SECTION_ID."
1834 AND BR.GROUP_CODE = '".$DB->ForSQL($GROUP_CODE)."'
1835 ");
1836 while($ar = $rs->Fetch())
1837 $arResult[$ar["IBLOCK_SECTION_ID"]] = $ar["RIGHT_ID"];
1838 }
1839 else
1840 {
1841 return array(); //iblock does not have parent
1842 }
1843
1844 //Root section or element
1845 if(empty($arResult))
1846 {
1847 $rs = $DB->Query("
1848 SELECT BR.ID
1849 FROM
1850 b_iblock_right BR
1851 WHERE
1852 BR.IBLOCK_ID = ".$this->IBLOCK_ID."
1853 AND BR.GROUP_CODE = '".$DB->ForSQL($GROUP_CODE)."'
1854 AND ENTITY_TYPE = 'iblock'
1855 ");
1856 while($ar = $rs->Fetch())
1857 $arResult[0] = $ar["ID"];
1858 }
1859
1860 return $arResult;
1861 }
1862
1863 function DeleteRights()
1864 {
1865 global $DB;
1866
1867 if($this->ELEMENT_ID > 0)
1868 {
1869 $DB->Query("DELETE FROM b_iblock_element_right WHERE ELEMENT_ID = ".$this->ELEMENT_ID);
1870 }
1871 elseif(is_array($this->_get_section()))
1872 {
1873 $DB->Query("DELETE FROM b_iblock_section_right WHERE SECTION_ID = ".$this->SECTION_ID);
1874 }
1875 else
1876 {
1877 }
1878 }
1879
1880 function CleanUp($bFull = false)
1881 {
1882 $conn = Main\Application::getConnection();
1883 $helper = $conn->getSqlHelper();
1884
1885 $iblockRightsTable = $helper->quote('b_iblock_right');
1886 $sectionRightsTable = $helper->quote('b_iblock_section_right');
1887 $elementRightsTable = $helper->quote('b_iblock_element_right');
1888
1889 $iblockField = $helper->quote('IBLOCK_ID');
1890 $entityField = $helper->quote('ENTITY_TYPE');
1891 $idField = $helper->quote('ID');
1892 $rightIdField = $helper->quote('RIGHT_ID');
1893
1894 if ($bFull)
1895 {
1896 $conn->queryExecute(
1897 'delete from ' . $elementRightsTable . ' where ' . $iblockField . ' = ' . $this->IBLOCK_ID
1898 );
1899 $conn->queryExecute(
1900 'delete from ' . $sectionRightsTable . ' where ' . $iblockField . ' = ' . $this->IBLOCK_ID
1901 );
1902 $conn->queryExecute(
1903 'delete from ' . $iblockRightsTable . ' where ' . $iblockField . ' = ' . $this->IBLOCK_ID
1904 );
1905 }
1906 else
1907 {
1908 $entityExists = $conn->queryScalar(
1909 'select 1 from ' . $iblockRightsTable
1910 . ' where ' . $iblockField . ' = ' . $this->IBLOCK_ID
1911 . ' and ' . $entityField . ' != \'iblock\''
1912 );
1913 if ($entityExists !== null)
1914 {
1915 $subSectionRights =
1916 'select ' . $rightIdField . ' from ' . $sectionRightsTable
1917 . ' where ' . $iblockField . ' = ' . $this->IBLOCK_ID
1918 ;
1919 $subElementRights =
1920 'select ' . $rightIdField . ' from ' . $elementRightsTable
1921 . ' where ' . $iblockField . ' = ' . $this->IBLOCK_ID
1922 ;
1923 $conn->queryExecute(
1924 'delete from ' . $iblockRightsTable
1925 . ' where ' . $iblockField . ' = ' . $this->IBLOCK_ID
1926 . ' and ' . $entityField . ' != \'iblock\''
1927 . ' and ' . $idField . ' not in ('
1928 . $subSectionRights
1929 . ')'
1930 . ' and ' . $idField . ' not in ('
1931 . $subElementRights
1932 . ')'
1933 );
1934 }
1935 }
1936 }
1937
1938 function Recalculate()
1939 {
1940 global $DB;
1941
1942 $DB->Query("DELETE FROM b_iblock_element_right WHERE IBLOCK_ID = ".$this->IBLOCK_ID);
1943 $DB->Query("DELETE FROM b_iblock_section_right WHERE IBLOCK_ID = ".$this->IBLOCK_ID);
1944 //Elements
1945 $DB->Query("
1946 INSERT INTO b_iblock_element_right (IBLOCK_ID, SECTION_ID, ELEMENT_ID, RIGHT_ID, IS_INHERITED)
1947 SELECT BE.IBLOCK_ID, 0, BE.ID, BR.ID, 'N'
1948 FROM
1949 b_iblock_right BR
1950 INNER JOIN b_iblock_element BE ON BE.ID = BR.ENTITY_ID and BE.IBLOCK_ID = BR.IBLOCK_ID
1951 WHERE
1952 BR.IBLOCK_ID = ".$this->IBLOCK_ID."
1953 AND BR.ENTITY_TYPE = 'element'
1954 AND BE.ID NOT IN (
1955 SELECT ER0.ELEMENT_ID
1956 FROM
1957 b_iblock_right BR0
1958 INNER JOIN b_iblock_element_right ER0 ON ER0.RIGHT_ID = BR0.ID
1959 WHERE
1960 BR0.IBLOCK_ID = ".$this->IBLOCK_ID."
1961 AND BR0.ENTITY_TYPE = 'element'
1962 )
1963 ");
1964 //Sections
1965 $rs = $DB->Query("
1966 SELECT BR.ID RIGHT_ID, BS.ID SECTION_ID, BR.GROUP_CODE
1967 FROM
1968 b_iblock_right BR
1969 INNER JOIN b_iblock_section BS ON BS.ID = BR.ENTITY_ID and BS.IBLOCK_ID = BR.IBLOCK_ID
1970 WHERE
1971 BR.IBLOCK_ID = ".$this->IBLOCK_ID."
1972 AND BR.ENTITY_TYPE = 'section'
1973 ORDER BY
1974 BS.DEPTH_LEVEL DESC
1975 ");
1976 while($ar = $rs->Fetch())
1977 {
1978 $this->_set_section($ar["SECTION_ID"]);
1979 $this->AddSelfSet($ar["RIGHT_ID"]);
1980 $this->AddChildrenSet($ar["RIGHT_ID"], $ar["GROUP_CODE"], /*$bInherited=*/true);
1981 }
1982 //IBlock
1983 $this->_set_section(0);
1984 $rs = $DB->Query("
1985 SELECT BR.ID RIGHT_ID, BR.GROUP_CODE
1986 FROM
1987 b_iblock_right BR
1988 WHERE
1989 BR.IBLOCK_ID = ".$this->IBLOCK_ID."
1990 AND BR.ENTITY_TYPE = 'iblock'
1991 ");
1992 while($ar = $rs->Fetch())
1993 {
1994 $this->AddChildrenSet($ar["RIGHT_ID"], $ar["GROUP_CODE"], /*$bInherited=*/true);
1995 }
1996 }
1997
1998 public static function OnTaskOperationsChanged($TASK_ID, $arOld, $arNew)
1999 {
2000 global $DB;
2001 $TASK_ID = (int)$TASK_ID;
2002
2003 if(!in_array("element_read", $arOld) && in_array("element_read", $arNew))
2004 $DB->Query("UPDATE b_iblock_right SET OP_EREAD = 'Y' WHERE TASK_ID = ".$TASK_ID);
2005 elseif(in_array("element_read", $arOld) && !in_array("element_read", $arNew))
2006 $DB->Query("UPDATE b_iblock_right SET OP_EREAD = 'N' WHERE TASK_ID = ".$TASK_ID);
2007
2008 if(!in_array("section_read", $arOld) && in_array("section_read", $arNew))
2009 $DB->Query("UPDATE b_iblock_right SET OP_SREAD = 'Y' WHERE TASK_ID = ".$TASK_ID);
2010 elseif(in_array("section_read", $arOld) && !in_array("section_read", $arNew))
2011 $DB->Query("UPDATE b_iblock_right SET OP_SREAD = 'N' WHERE TASK_ID = ".$TASK_ID);
2012 }
2013
2014 public static function OnGroupDelete($GROUP_ID)
2015 {
2016 $GROUP_ID = (int)$GROUP_ID;
2017 static::deleteRightsByOwner('G'.$GROUP_ID);
2018 }
2019
2020 public static function OnUserDelete($USER_ID)
2021 {
2022 $USER_ID = (int)$USER_ID;
2023 static::deleteRightsByOwner('U'.$USER_ID);
2024 }
2025
2026 protected static function deleteRightsByOwner(string $ownerId): void
2027 {
2028 $ownerId = trim($ownerId);
2029 if ($ownerId === '')
2030 {
2031 return;
2032 }
2033 $conn = Main\Application::getConnection();
2034 if ($conn instanceof Main\DB\MysqlCommonConnection)
2035 {
2036 $conn->queryExecute("
2037 delete r2 from b_iblock_right r
2038 inner join b_iblock_element_right r2 on r2.RIGHT_ID = r.ID and r2.IBLOCK_ID = r.IBLOCK_ID
2039 where r.GROUP_CODE = '" . $ownerId . "'
2040 ");
2041 $conn->queryExecute("
2042 delete r2 from b_iblock_right r
2043 inner join b_iblock_section_right r2 on r2.RIGHT_ID = r.ID and r2.IBLOCK_ID = r.IBLOCK_ID
2044 where r.GROUP_CODE = '" . $ownerId . "'
2045 ");
2046 }
2047 elseif ($conn instanceof Main\DB\PgsqlConnection)
2048 {
2049 $conn->queryExecute("
2050 delete from b_iblock_element_right r2
2051 using b_iblock_right r
2052 where r2.RIGHT_ID = r.ID and r2.IBLOCK_ID = r.IBLOCK_ID
2053 and r.GROUP_CODE = '" . $ownerId . "'
2054 ");
2055 $conn->queryExecute("
2056 delete from b_iblock_section_right r2
2057 using b_iblock_right r
2058 where r2.RIGHT_ID = r.ID and r2.IBLOCK_ID = r.IBLOCK_ID
2059 and r.GROUP_CODE = '" . $ownerId . "'
2060 ");
2061 }
2062
2063 $conn->queryExecute("
2064 delete from b_iblock_right where GROUP_CODE = '" . $ownerId . "'
2065 ");
2066 unset($conn);
2067 }
2068}
$arResult
$arResult
Определения generate_coupon.php:16
Bitrix\Iblock\IblockTable\RIGHTS_EXTENDED
const RIGHTS_EXTENDED
Определения iblocktable.php:88
Bitrix\Iblock\IblockTable\RIGHTS_SIMPLE
const RIGHTS_SIMPLE
Определения iblocktable.php:87
Bitrix\Main\Application\getConnection
static getConnection($name="")
Определения application.php:638
Bitrix\Main\ORM\Data\DataManager\getList
static getList(array $parameters=array())
Определения datamanager.php:431
CAccess
Определения access.php:15
CAllSQLWhere\SetFields
SetFields($arFields)
Определения sqlwhere.php:239
CAllTask\GetOperations
static GetOperations($ID, $return_names=false)
Определения task.php:230
CAllTask\GetList
static GetList($arOrder=['MODULE_ID'=> 'asc', 'LETTER'=> 'asc'], $arFilter=[])
Определения task.php:185
CIBlockElementRights\DeleteAllRights
DeleteAllRights()
Определения iblock_rights.php:1277
CIBlockElementRights\_entity_type
_entity_type()
Определения iblock_rights.php:1103
CIBlockElementRights\GetList
GetList($arFilter)
Определения iblock_rights.php:1113
CIBlockElementRights\GetUserOperations
static GetUserOperations($arID, $USER_ID=0)
Определения iblock_rights.php:1294
CIBlockElementRights\OPERATION_EDIT
const OPERATION_EDIT
Определения iblock_rights.php:1082
CIBlockElementRights\UserHasRightTo
static UserHasRightTo($IBLOCK_ID, $ID, $permission, $flags=0)
Определения iblock_rights.php:1284
CIBlockElementRights\OPERATION_READ
const OPERATION_READ
Определения iblock_rights.php:1081
CIBlockElementRights\__construct
__construct($IBLOCK_ID, $ELEMENT_ID)
Определения iblock_rights.php:1085
CIBlockElementRights\_storage_object
_storage_object()
Определения iblock_rights.php:1108
CIBlockElementRights\_self_check
_self_check()
Определения iblock_rights.php:1091
CIBlockElementRights\GetRights
GetRights($arOptions=array())
Определения iblock_rights.php:1155
CIBlockElementRights\OPERATION_RIGHTS_EDIT
const OPERATION_RIGHTS_EDIT
Определения iblock_rights.php:1083
CIBlockRights
Определения iblock_rights.php:7
CIBlockRights\_get_parent_object
_get_parent_object($id)
Определения iblock_rights.php:422
CIBlockRights\DeleteAllRights
DeleteAllRights()
Определения iblock_rights.php:362
CIBlockRights\SetRights
SetRights($arRights)
Определения iblock_rights.php:430
CIBlockRights\_entity_type
_entity_type()
Определения iblock_rights.php:44
CIBlockRights\GetList
GetList($arFilter)
Определения iblock_rights.php:226
CIBlockRights\ChangeParents
ChangeParents($arOldParents, $arNewParents)
Определения iblock_rights.php:374
CIBlockRights\GetUserOperations
static GetUserOperations($arID, $USER_ID=0)
Определения iblock_rights.php:699
CIBlockRights\EDIT_ACCESS
const EDIT_ACCESS
Определения iblock_rights.php:19
CIBlockRights\$IBLOCK_ID
$IBLOCK_ID
Определения iblock_rights.php:23
CIBlockRights\GetGroups
GetGroups($arOperations=false, $opMode=false)
Определения iblock_rights.php:215
CIBlockRights\ANY_OPERATION
const ANY_OPERATION
Определения iblock_rights.php:12
CIBlockRights\_update
_update($RIGHT_ID, $GROUP_CODE, $bInherit, $TASK_ID)
Определения iblock_rights.php:572
CIBlockRights\$arLetterToTask
static $arLetterToTask
Определения iblock_rights.php:25
CIBlockRights\FULL_ACCESS
const FULL_ACCESS
Определения iblock_rights.php:21
CIBlockRights\Post2Array
static Post2Array($ar)
Определения iblock_rights.php:54
CIBlockRights\PUBLIC_READ
const PUBLIC_READ
Определения iblock_rights.php:17
CIBlockRights\__construct
__construct($IBLOCK_ID)
Определения iblock_rights.php:28
CIBlockRights\_check_if_user_has_right
static _check_if_user_has_right($obRights, $ID, $permission, $flags=0)
Определения iblock_rights.php:617
CIBlockRights\_add
_add($GROUP_CODE, $bInherit, $TASK_ID, $XML_ID)
Определения iblock_rights.php:552
CIBlockRights\LetterToOperations
static LetterToOperations($letter='')
Определения iblock_rights.php:157
CIBlockRights\TASK_ID
const TASK_ID
Определения iblock_rights.php:10
CIBlockRights\UserHasRightTo
static UserHasRightTo($IBLOCK_ID, $ID, $permission, $flags=0)
Определения iblock_rights.php:600
CIBlockRights\_delete
_delete($RIGHT_ID)
Определения iblock_rights.php:588
CIBlockRights\RETURN_OPERATIONS
const RETURN_OPERATIONS
Определения iblock_rights.php:14
CIBlockRights\GROUP_CODE
const GROUP_CODE
Определения iblock_rights.php:8
CIBlockRights\_mk_result
static _mk_result($ID, $arOperations, $bAllow, $flags)
Определения iblock_rights.php:677
CIBlockRights\TaskToLetter
static TaskToLetter($task=0)
Определения iblock_rights.php:147
CIBlockRights\ALL_OPERATIONS
const ALL_OPERATIONS
Определения iblock_rights.php:13
CIBlockRights\LetterToTask
static LetterToTask($letter='')
Определения iblock_rights.php:135
CIBlockRights\Recalculate
Recalculate()
Определения iblock_rights.php:368
CIBlockRights\setGroupRight
static setGroupRight($groupId, $iblockType, $letter, $iblockId=0)
Определения iblock_rights.php:743
CIBlockRights\_storage_object
_storage_object()
Определения iblock_rights.php:595
CIBlockRights\$arLetterToOperations
static $arLetterToOperations
Определения iblock_rights.php:26
CIBlockRights\ConvertGroups
ConvertGroups($arGroups)
Определения iblock_rights.php:178
CIBlockRights\_self_check
_self_check()
Определения iblock_rights.php:49
CIBlockRights\GetID
GetID()
Определения iblock_rights.php:39
CIBlockRights\$id
$id
Определения iblock_rights.php:24
CIBlockRights\GetRights
GetRights($arOptions=array())
Определения iblock_rights.php:267
CIBlockRights\GetRightsList
static GetRightsList($bTitle=true)
Определения iblock_rights.php:198
CIBlockRights\RIGHT_ID
const RIGHT_ID
Определения iblock_rights.php:9
CIBlockRights\GetIBlockID
GetIBlockID()
Определения iblock_rights.php:34
CIBlockRightsStorage\CleanUp
CleanUp($bFull=false)
Определения iblock_rights.php:1880
CIBlockRightsStorage\FindParentWithInherit
FindParentWithInherit($GROUP_CODE)
Определения iblock_rights.php:1803
CIBlockRightsStorage\_get_section
_get_section()
Определения iblock_rights.php:1387
CIBlockRightsStorage\OnUserDelete
static OnUserDelete($USER_ID)
Определения iblock_rights.php:2020
CIBlockRightsStorage\AddChildrenSet
AddChildrenSet($RIGHT_ID, $GROUP_CODE, $bInherited)
Определения iblock_rights.php:1684
CIBlockRightsStorage\CountOverWrited
CountOverWrited($GROUP_CODE)
Определения iblock_rights.php:1427
CIBlockRightsStorage\DeleteRights
DeleteRights()
Определения iblock_rights.php:1863
CIBlockRightsStorage\deleteRightsByOwner
static deleteRightsByOwner(string $ownerId)
Определения iblock_rights.php:2026
CIBlockRightsStorage\__construct
__construct($IBLOCK_ID, $SECTION_ID, $ELEMENT_ID)
Определения iblock_rights.php:1374
CIBlockRightsStorage\DeleteChildrenSet
DeleteChildrenSet($ID, $TYPE)
Определения iblock_rights.php:1551
CIBlockRightsStorage\AddSelfSet
AddSelfSet($RIGHT_ID, $bInherited=false)
Определения iblock_rights.php:1649
CIBlockRightsStorage\Recalculate
Recalculate()
Определения iblock_rights.php:1938
CIBlockRightsStorage\DeleteSelfSet
DeleteSelfSet($ID, $TYPE)
Определения iblock_rights.php:1515
CIBlockRightsStorage\OnTaskOperationsChanged
static OnTaskOperationsChanged($TASK_ID, $arOld, $arNew)
Определения iblock_rights.php:1998
CIBlockRightsStorage\_set_section
_set_section($SECTION_ID)
Определения iblock_rights.php:1381
CIBlockRightsStorage\OnGroupDelete
static OnGroupDelete($GROUP_ID)
Определения iblock_rights.php:2014
CIBlockSectionRights\DeleteAllRights
DeleteAllRights()
Определения iblock_rights.php:1001
CIBlockSectionRights\_entity_type
_entity_type()
Определения iblock_rights.php:827
CIBlockSectionRights\GetList
GetList($arFilter)
Определения iblock_rights.php:837
CIBlockSectionRights\GetUserOperations
static GetUserOperations($arID, $USER_ID=0)
Определения iblock_rights.php:1027
CIBlockSectionRights\UserHasRightTo
static UserHasRightTo($IBLOCK_ID, $ID, $permission, $flags=0)
Определения iblock_rights.php:1008
CIBlockSectionRights\__construct
__construct($IBLOCK_ID, $SECTION_ID)
Определения iblock_rights.php:809
CIBlockSectionRights\_storage_object
_storage_object()
Определения iblock_rights.php:832
CIBlockSectionRights\_self_check
_self_check()
Определения iblock_rights.php:815
CIBlockSectionRights\GetRights
GetRights($arOptions=array())
Определения iblock_rights.php:879
CSQLWhere
Определения sqlwhere.php:1359
array
</td ></tr ></table ></td ></tr >< tr >< td class="bx-popup-label bx-width30"><?=GetMessage("PAGE_NEW_TAGS")?> array( $site)
Определения file_new.php:804
$arGroups
$arGroups
Определения options.php:1766
$result
$result
Определения get_property_values.php:14
$ID
if($ajaxMode) $ID
Определения get_user.php:27
$iblockId
$iblockId
Определения iblock_catalog_edit.php:30
$iblock
if(! $catalogEdit->isSuccess()) $iblock
Определения iblock_catalog_edit.php:38
$filter
$filter
Определения iblock_catalog_list.php:54
$DB
global $DB
Определения cron_frame.php:29
$IBLOCK_ID
$IBLOCK_ID
Определения csv_new_run.php:168
$USER
global $USER
Определения csv_new_run.php:40
$arTasks
$arTasks
Определения options.php:777
$arOptions
$arOptions
Определения structure.php:223
Bitrix\Main\DB
Определения arrayresult.php:2
elseif
if( $daysToExpire >=0 &&$daysToExpire< 60 elseif)( $daysToExpire< 0)
Определения prolog_main_admin.php:393
$ar
$ar
Определения options.php:199
$TYPE
$TYPE
Определения rss.php:27
$i
$i
Определения factura.php:643
count
</p ></td >< td valign=top style='border-top:none;border-left:none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;padding:0cm 2.0pt 0cm 2.0pt;height:9.0pt'>< p class=Normal align=center style='margin:0cm;margin-bottom:.0001pt;text-align:center;line-height:normal'>< a name=ТекстовоеПоле54 ></a ><?=($taxRate > count( $arTaxList) > 0) ? $taxRate."%"
Определения waybill.php:936
$rs
$rs
Определения action.php:82
$arFilter
$arFilter
Определения user_search.php:106
$rights
$rights
Определения options.php:4