1C-Bitrix 25.700.0
Загрузка...
Поиск...
Не найдено
Permission.php
См. документацию.
1<?php
2
3namespace Bitrix\Im\V2;
4
5use Bitrix\Im\V2\Chat\ExternalChat\ExternalTypeRegistry;
6use Bitrix\Im\V2\Chat\GeneralChannel;
7use Bitrix\Im\V2\Chat\GeneralChat;
8use Bitrix\Im\V2\Chat\ExtendedType;
9use Bitrix\Im\V2\Entity\User\User;
10use Bitrix\Im\V2\Entity\User\UserType;
11use Bitrix\Im\V2\Permission\Action;
12use Bitrix\Im\V2\Permission\ActionGroup;
13use Bitrix\Im\V2\Permission\GlobalAction;
14use Bitrix\Main\Engine\Response\Converter;
15
16class Permission
17{
18 public const TYPE_DEFAULT = 'DEFAULT';
19
20 private static array $permissionsByChatTypes;
21 private static array $permissionsByUserTypes;
22 private static array $groupDefinitions;
23
24 private bool $jsonFormat;
25 private Converter $converter;
26
27 public function __construct(bool $jsonFormat = true)
28 {
29 $this->jsonFormat = $jsonFormat;
30 $this->converter = new Converter(Converter::KEYS | Converter::VALUES | Converter::RECURSIVE | Converter::TO_CAMEL | Converter::LC_FIRST);
31 }
32
33 public function getByChatTypes(): array
34 {
35 if (!isset(self::$permissionsByChatTypes))
36 {
37 $this->loadByChatTypes();
38 }
39
40 if ($this->jsonFormat)
41 {
42 return $this->converter->process(self::$permissionsByChatTypes);
43 }
44
45 return self::$permissionsByChatTypes;
46 }
47
48 private function loadByChatTypes(): void
49 {
50 $this->loadByChatTypesInternal();
51 $this->loadByChatTypesExternal();
52 $default = self::$permissionsByChatTypes[self::TYPE_DEFAULT];
53
54 foreach (self::$permissionsByChatTypes as $code => $value)
55 {
56 self::$permissionsByChatTypes[$code] = array_merge($default, $value);
57 }
58 }
59
60 private function loadByChatTypesInternal(): void
61 {
62 $generalChat = GeneralChat::get();
63 $roleForPostToGeneral = Chat::ROLE_MEMBER;
64 if ($generalChat !== null)
65 {
66 $roleForPostToGeneral = $generalChat->getManageMessages();
67 }
68
69 $generalChannel = GeneralChannel::get();
70 $roleForPostToGeneralChannel = Chat::ROLE_MEMBER;
71 if ($generalChannel !== null)
72 {
73 $roleForPostToGeneralChannel = $generalChannel->getManageMessages();
74 }
75
76 $default = $this->getDefaultByChatTypes();
77
78 self::$permissionsByChatTypes[self::TYPE_DEFAULT] = $default;
79
80 self::$permissionsByChatTypes[ExtendedType::Private->value] = [
81 Action::ChangeAvatar->value => Chat::ROLE_NONE,
82 Action::Rename->value => Chat::ROLE_NONE,
83 Action::Mute->value => Chat::ROLE_NONE,
84 Action::Leave->value => Chat::ROLE_NONE,
85 Action::LeaveOwner->value => Chat::ROLE_NONE,
86 Action::Kick->value => Chat::ROLE_NONE,
87 Action::UserList->value => Chat::ROLE_NONE,
88 Action::ChangeMessagesAutoDeleteDelay->value => Chat::ROLE_MEMBER,
89 Action::ChangeRight->value => Chat::ROLE_NONE,
90 Action::ChangeOwner->value => Chat::ROLE_NONE,
91 Action::ChangeManagers->value => Chat::ROLE_NONE,
92 ];
93
94 self::$permissionsByChatTypes[ExtendedType::General->value] = [
95 Action::ChangeAvatar->value => Chat::ROLE_NONE,
96 Action::Rename->value => Chat::ROLE_NONE,
97 Action::Extend->value => Chat::ROLE_NONE,
98 Action::Leave->value => Chat::ROLE_NONE,
99 Action::LeaveOwner->value => Chat::ROLE_NONE,
100 Action::Send->value => $roleForPostToGeneral,
101 Action::DeleteOthersMessage->value => Chat::ROLE_MANAGER,
102 ];
103
104 self::$permissionsByChatTypes[ExtendedType::GeneralChannel->value] = [
105 Action::ChangeAvatar->value => Chat::ROLE_NONE,
106 Action::Rename->value => Chat::ROLE_NONE,
107 Action::Extend->value => Chat::ROLE_NONE,
108 Action::Leave->value => Chat::ROLE_NONE,
109 Action::LeaveOwner->value => Chat::ROLE_NONE,
110 Action::Send->value => $roleForPostToGeneralChannel,
111 Action::DeleteOthersMessage->value => Chat::ROLE_MANAGER,
112 Action::Call->value => Chat::ROLE_NONE,
113 Action::CreateTask->value => Chat::ROLE_NONE,
114 Action::CreateMeeting->value => Chat::ROLE_NONE,
115 ];
116
117 self::$permissionsByChatTypes[ExtendedType::Copilot->value] = [
118 Action::Call->value => Chat::ROLE_NONE,
119 Action::Delete->value => Chat::ROLE_OWNER,
120 Action::LeaveOwner->value => Chat::ROLE_NONE,
121 ];
122
123 self::$permissionsByChatTypes[ExtendedType::Announcement->value] = [
124 Action::LeaveOwner->value => Chat::ROLE_OWNER,
125 Action::Send->value => Chat::ROLE_MANAGER,
126 ];
127
128 self::$permissionsByChatTypes[ExtendedType::Channel->value] = [
129 Action::Call->value => Chat::ROLE_NONE,
130 Action::CreateTask->value => Chat::ROLE_NONE,
131 Action::CreateMeeting->value => Chat::ROLE_NONE,
132 Action::DeleteOthersMessage->value => Chat::ROLE_MANAGER,
133 Action::Update->value => Chat::ROLE_OWNER,
134 Action::Delete->value => Chat::ROLE_OWNER,
135 ];
136
137 self::$permissionsByChatTypes[ExtendedType::OpenChannel->value] = [
138 Action::Call->value => Chat::ROLE_NONE,
139 Action::CreateTask->value => Chat::ROLE_NONE,
140 Action::CreateMeeting->value => Chat::ROLE_NONE,
141 Action::DeleteOthersMessage->value => Chat::ROLE_MANAGER,
142 Action::Update->value => Chat::ROLE_OWNER,
143 Action::Delete->value => Chat::ROLE_OWNER,
144 ];
145
146 self::$permissionsByChatTypes[ExtendedType::Comment->value] = [
147 Action::Call->value => Chat::ROLE_NONE,
148 Action::Extend->value => Chat::ROLE_NONE,
149 Action::DeleteOthersMessage->value => Chat::ROLE_MANAGER,
150 Action::Delete->value => Chat::ROLE_OWNER,
151 Action::PinChat->value => Chat::ROLE_NONE,
152 Action::HideChat->value => Chat::ROLE_NONE,
153 ];
154
155 self::$permissionsByChatTypes[ExtendedType::Support24Notifier->value] = [
156 Action::ChangeAvatar->value => Chat::ROLE_NONE,
157 Action::Rename->value => Chat::ROLE_NONE,
158 Action::LeaveOwner->value => Chat::ROLE_NONE,
159 ];
160
161 self::$permissionsByChatTypes[ExtendedType::Support24Question->value] = [
162 Action::ChangeAvatar->value => Chat::ROLE_NONE,
163 Action::Extend->value => Chat::ROLE_NONE,
164 Action::Call->value => Chat::ROLE_NONE,
165 Action::Mute->value => Chat::ROLE_NONE,
166 Action::Leave->value => Chat::ROLE_NONE,
167 Action::LeaveOwner->value => Chat::ROLE_NONE,
168 Action::UserList->value => Chat::ROLE_NONE,
169 ];
170
171 self::$permissionsByChatTypes[ExtendedType::NetworkDialog->value] =
172 self::$permissionsByChatTypes[ExtendedType::Support24Question->value]
173 ;
174
175 self::$permissionsByChatTypes[ExtendedType::Sonet->value] = [
176 Action::ChangeAvatar->value => Chat::ROLE_NONE,
177 Action::Rename->value => Chat::ROLE_NONE,
178 Action::Extend->value => Chat::ROLE_NONE,
179 Action::Leave->value => Chat::ROLE_NONE,
180 Action::LeaveOwner->value => Chat::ROLE_NONE,
181 Action::ChangeMessagesAutoDeleteDelay->value => Chat::ROLE_MANAGER,
182 ];
183
184 self::$permissionsByChatTypes[ExtendedType::Collab->value] = [
185 Action::ChangeAvatar->value => Chat::ROLE_NONE,
186 Action::Rename->value => Chat::ROLE_NONE,
187 Action::Update->value => Chat::ROLE_OWNER,
188 Action::Delete->value => Chat::ROLE_OWNER,
189 Action::LeaveOwner->value => Chat::ROLE_NONE,
190 Action::UpdateInviteLink->value => Chat::ROLE_OWNER,
191 Action::CreateDocumentSign->value => Chat::ROLE_MEMBER,
192 Action::CreateCalendarSlots->value => Chat::ROLE_MEMBER,
193 Action::ChangeMessagesAutoDeleteDelay->value => Chat::ROLE_MANAGER,
194 ];
195
196 self::$permissionsByChatTypes[ExtendedType::Tasks->value] = [
197 Action::ChangeMessagesAutoDeleteDelay->value => Chat::ROLE_MANAGER,
198 ];
199
200 self::$permissionsByChatTypes[ExtendedType::Calendar->value] = [
201 Action::ChangeMessagesAutoDeleteDelay->value => Chat::ROLE_MANAGER,
202 ];
203
204 self::$permissionsByChatTypes[ExtendedType::Crm->value] = [
205 Action::ChangeAvatar->value => Chat::ROLE_NONE,
206 Action::Rename->value => Chat::ROLE_NONE,
207 Action::LeaveOwner->value => Chat::ROLE_NONE,
208 ];
209
210 self::$permissionsByChatTypes[ExtendedType::Call->value] = [
211 Action::Extend->value => Chat::ROLE_NONE,
212 Action::Call->value => Chat::ROLE_NONE,
213 Action::Mute->value => Chat::ROLE_NONE,
214 Action::Leave->value => Chat::ROLE_NONE,
215 Action::LeaveOwner->value => Chat::ROLE_NONE,
216 ];
217
218 self::$permissionsByChatTypes[ExtendedType::Chat->value] = [
219 Action::Update->value => Chat::ROLE_OWNER,
220 Action::Delete->value => Chat::ROLE_OWNER,
221 Action::ChangeMessagesAutoDeleteDelay->value => Chat::ROLE_MANAGER,
222 ];
223
224 self::$permissionsByChatTypes[ExtendedType::OpenChat->value] = [
225 Action::Update->value => Chat::ROLE_OWNER,
226 Action::Delete->value => Chat::ROLE_OWNER,
227 Action::ChangeMessagesAutoDeleteDelay->value => Chat::ROLE_MANAGER,
228 ];
229
230 self::$permissionsByChatTypes[ExtendedType::Videoconference->value] = [
231 Action::Update->value => Chat::ROLE_OWNER,
232 Action::Delete->value => Chat::ROLE_OWNER,
233 ];
234
235 self::$permissionsByChatTypes[ExtendedType::Lines->value] = [
236 Action::LeaveOwner->value => Chat::ROLE_NONE,
237 Action::Call->value => Chat::ROLE_NONE,
238 Action::ChangeOwner->value => Chat::ROLE_NONE,
239 Action::ChangeManagers->value => Chat::ROLE_NONE,
240 Action::Mute->value => Chat::ROLE_NONE,
241 Action::PinChat->value => Chat::ROLE_NONE,
242 Action::HideChat->value => Chat::ROLE_NONE,
243 ];
244 }
245
246 private function getDefaultByChatTypes(): array
247 {
248 return [
249 Action::ChangeAvatar->value => Chat::ROLE_MEMBER,
250 Action::Rename->value => Chat::ROLE_MEMBER,
251 Action::Extend->value => Chat::ROLE_MEMBER,
252 Action::Call->value => Chat::ROLE_MEMBER,
253 Action::Mute->value => Chat::ROLE_MEMBER,
254 Action::Leave->value => Chat::ROLE_MEMBER,
255 Action::LeaveOwner->value => Chat::ROLE_MEMBER,
256 Action::Kick->value => Chat::ROLE_GUEST,
257 Action::Send->value => Chat::ROLE_MEMBER,
258 Action::UserList->value => Chat::ROLE_MEMBER,
259 Action::CreateTask->value => Chat::ROLE_MEMBER,
260 Action::CreateMeeting->value => Chat::ROLE_MEMBER,
261 Action::DeleteOthersMessage->value => Chat::ROLE_NONE,
262 Action::Update->value => Chat::ROLE_NONE,
263 Action::Delete->value => Chat::ROLE_NONE,
264 Action::UpdateInviteLink->value => Chat::ROLE_NONE,
265 Action::CreateDocumentSign->value => Chat::ROLE_NONE,
266 Action::CreateCalendarSlots->value => Chat::ROLE_NONE,
267 Action::ChangeMessagesAutoDeleteDelay->value => Chat::ROLE_NONE,
268 Action::PinChat->value => Chat::ROLE_MEMBER,
269 Action::HideChat->value => Chat::ROLE_MEMBER,
270 Action::ChangeRight->value => Chat::ROLE_GUEST,
271 Action::ChangeOwner->value => Chat::ROLE_GUEST,
272 Action::ChangeManagers->value => Chat::ROLE_GUEST,
273 ];
274 }
275
276 private function loadByChatTypesExternal(): void
277 {
278 $externalTypes = ExternalTypeRegistry::getInstance()->getConfigs();
279 foreach ($externalTypes as $externalType => $config)
280 {
281 if (!empty($config->permissions))
282 {
283 self::$permissionsByChatTypes[$externalType] = $config->permissions;
284 }
285 }
286 }
287
288 public function getByUserTypes(): array
289 {
290 if (isset(self::$permissionsByUserTypes))
291 {
292 if ($this->jsonFormat)
293 {
294 return $this->converter->process(self::$permissionsByUserTypes);
295 }
296
297 return self::$permissionsByUserTypes;
298 }
299
300 self::$permissionsByUserTypes = [
301 UserType::USER->value => [
302 GlobalAction::GetChannels->value => true,
303 GlobalAction::CreateChannel->value => true,
304 GlobalAction::CreateConference->value => true,
305 GlobalAction::CreateCopilot->value => true,
306 GlobalAction::CreateAiAssistant->value => true,
307 GlobalAction::CreateChat->value => true,
308 GlobalAction::GetMarket->value => true,
309 GlobalAction::GetOpenlines->value => true,
310 GlobalAction::CreateCollab->value => true,
311 GlobalAction::LeaveCollab->value => true,
312 GlobalAction::ChangeMessagesAutoDeleteDelay->value => true,
313 ],
314 UserType::EXTRANET->value => [
315 GlobalAction::GetChannels->value => false,
316 GlobalAction::CreateChannel->value => false,
317 GlobalAction::CreateConference->value => false,
318 GlobalAction::CreateCopilot->value => false,
319 GlobalAction::CreateAiAssistant->value => false,
320 GlobalAction::CreateChat->value => false,
321 GlobalAction::GetMarket->value => false,
322 GlobalAction::GetOpenlines->value => false,
323 GlobalAction::CreateCollab->value => false,
324 GlobalAction::LeaveCollab->value => false,
325 GlobalAction::ChangeMessagesAutoDeleteDelay->value => false,
326 ],
327 UserType::COLLABER->value => [
328 GlobalAction::GetChannels->value => false,
329 GlobalAction::CreateChannel->value => false,
330 GlobalAction::CreateConference->value => false,
331 GlobalAction::CreateCopilot->value => true,
332 GlobalAction::CreateAiAssistant->value => true,
333 GlobalAction::CreateChat->value => false,
334 GlobalAction::GetMarket->value => false,
335 GlobalAction::GetOpenlines->value => false,
336 GlobalAction::CreateCollab->value => false,
337 GlobalAction::LeaveCollab->value => false,
338 GlobalAction::ChangeMessagesAutoDeleteDelay->value => false,
339 ],
340 ];
341
342 if ($this->jsonFormat)
343 {
344 return $this->converter->process(self::$permissionsByUserTypes);
345 }
346
347 return self::$permissionsByUserTypes;
348 }
349
350 protected static function canDoByUserType(UserType $type, GlobalAction $action): bool
351 {
352 $permissionService = new static(false);
353 $permissions = $permissionService->getByUserTypes();
354
355 return $permissions[$type->value][$action->value] ?? true;
356 }
357
358 public static function canDoGlobalAction(int $userId, GlobalAction $action, mixed $target): bool
359 {
360 $action = self::specifyGlobalAction($action, $target);
361 $user = User::getInstance($userId);
362
363 return self::canDoByUserType($user->getType(), $action);
364 }
365
366 protected static function specifyGlobalAction(GlobalAction $action, mixed $target): GlobalAction
367 {
368 if ($action === GlobalAction::CreateChat && is_array($target))
369 {
370 $type = $target['TYPE'] ?? Chat::IM_TYPE_CHAT;
371 $entityType = $target['ENTITY_ID'] ?? null;
372
373 if ($type === Chat::IM_TYPE_CHAT && $entityType === Chat::ENTITY_TYPE_VIDEOCONF)
374 {
375 return GlobalAction::CreateConference;
376 }
377
378 if ($type === Chat::IM_TYPE_CHANNEL || $type === Chat::IM_TYPE_OPEN_CHANNEL)
379 {
380 return GlobalAction::CreateChannel;
381 }
382
383 if ($type === Chat::IM_TYPE_AI_ASSISTANT)
384 {
385 return GlobalAction::CreateAiAssistant;
386 }
387
388 if ($type === Chat::IM_TYPE_COPILOT)
389 {
390 return GlobalAction::CreateCopilot;
391 }
392
393 return GlobalAction::CreateChat;
394 }
395
396 return $action;
397 }
398
399 public static function getRoleForActionByType(string $type, Action $action): string
400 {
401 $permissionService = new static(false);
402 $permissions = $permissionService->getByChatTypes();
403 $permissionsByType = $permissions[$type] ?? $permissions[self::TYPE_DEFAULT];
404
405 return $permissionsByType[$action->value] ?? Chat::ROLE_GUEST;
406 }
407
408 public static function canDoActionByUserType(int $userId, Action $action, mixed $target): bool
409 {
410 $globalAction = $action->getRelatedGlobalAction();
411
412 if (!isset($globalAction))
413 {
414 return true;
415 }
416
417 return self::canDoGlobalAction($userId, $globalAction, $target);
418 }
419
420 public function getActionGroupDefinitions(): array
421 {
422 if (isset(self::$groupDefinitions))
423 {
424 if ($this->jsonFormat)
425 {
426 return $this->converter->process(self::$groupDefinitions);
427 }
428
429 return self::$groupDefinitions;
430 }
431
432 self::$groupDefinitions = ActionGroup::getDefinitions();
433
434 if ($this->jsonFormat)
435 {
436 return $this->converter->process(self::$groupDefinitions);
437 }
438
439 return self::$groupDefinitions;
440 }
441
442 public function getDefaultPermissionForGroupActions(): array
443 {
444 $channelDefaultPermissions = ActionGroup::getDefaultPermissions();
445 $channelDefaultPermissions[ActionGroup::ManageMessages->value] = Chat::ROLE_MANAGER;
446 $channelDefaultPermissions[ActionGroup::ManageUi->value] = Chat::ROLE_MANAGER;
447
448 $defaultPermissionsByTypes = [
449 self::TYPE_DEFAULT => ActionGroup::getDefaultPermissions(),
450 ExtendedType::Channel->value => $channelDefaultPermissions,
451 ExtendedType::OpenChannel->value => $channelDefaultPermissions,
452 ];
453
454 if ($this->jsonFormat)
455 {
456 return $this->converter->process($defaultPermissionsByTypes);
457 }
458
459 return $defaultPermissionsByTypes;
460 }
461
462 public static function specifyAction(Action $action, Chat $targetChat, mixed $target): Action
463 {
464 if ($action !== Action::Kick)
465 {
466 return $action;
467 }
468
469 if (!is_int($target))
470 {
471 return $action;
472 }
473
474 $currentUserId = $targetChat->getContext()->getUserId();
475
476 if ($target === $currentUserId)
477 {
478 if ($currentUserId === $targetChat->getAuthorId())
479 {
480 return Action::LeaveOwner;
481 }
482
483 return Action::Leave;
484 }
485
486 return Action::Kick;
487 }
488
489 public static function compareRole(string $userRole, string $needRole): bool
490 {
491 if ($needRole === Chat::ROLE_NONE)
492 {
493 return false;
494 }
495
496 $ascendingRoles = [Chat::ROLE_GUEST, Chat::ROLE_MEMBER, Chat::ROLE_MANAGER, Chat::ROLE_OWNER];
497 $userRolePos = array_search($userRole, $ascendingRoles, true);
498 $needRolePos = array_search($needRole, $ascendingRoles, true);
499
500 if ($userRolePos === false || $needRolePos === false)
501 {
502 return false;
503 }
504
505 return $userRolePos >= $needRolePos;
506 }
507}
$type
$type
Определения options.php:106
$userId
if(!is_object($USER)||! $USER->IsAuthorized()) $userId
Определения check_mail.php:18
Bitrix\Im\Alias\ENTITY_TYPE_VIDEOCONF
const ENTITY_TYPE_VIDEOCONF
Определения alias.php:14
Bitrix\Im\User\getInstance
static getInstance($userId=null)
Определения user.php:45
Bitrix\Im\V2\Chat\GeneralChat\get
static get()
Определения GeneralChat.php:108
Bitrix\Im\V2\Permission\specifyAction
static specifyAction(Action $action, Chat $targetChat, mixed $target)
Определения Permission.php:462
Bitrix\Im\V2\Permission\getDefaultPermissionForGroupActions
getDefaultPermissionForGroupActions()
Определения Permission.php:442
Bitrix\Im\V2\Permission\getRoleForActionByType
static getRoleForActionByType(string $type, Action $action)
Определения Permission.php:399
Bitrix\Im\V2\Permission\getActionGroupDefinitions
getActionGroupDefinitions()
Определения Permission.php:420
Bitrix\Im\V2\Permission\TYPE_DEFAULT
const TYPE_DEFAULT
Определения Permission.php:18
Bitrix\Im\V2\Permission\ChangeMessagesAutoDeleteDelay
@ ChangeMessagesAutoDeleteDelay
Определения GlobalAction.php:17
Bitrix\Im\V2\Permission\Action
Action
Определения Action.php:6
Bitrix\Im\V2\Permission\getByChatTypes
getByChatTypes()
Определения Permission.php:33
Bitrix\Im\V2\Permission\canDoActionByUserType
static canDoActionByUserType(int $userId, Action $action, mixed $target)
Определения Permission.php:408
Bitrix\Im\V2\Permission\__construct
__construct(bool $jsonFormat=true)
Определения Permission.php:27
Bitrix\Im\V2\Permission\canDoByUserType
static canDoByUserType(UserType $type, GlobalAction $action)
Определения Permission.php:350
Bitrix\Im\V2\Permission\specifyGlobalAction
static specifyGlobalAction(GlobalAction $action, mixed $target)
Определения Permission.php:366
Bitrix\Im\V2\Permission\canDoGlobalAction
static canDoGlobalAction(int $userId, GlobalAction $action, mixed $target)
Определения Permission.php:358
Bitrix\Im\V2\Permission\compareRole
static compareRole(string $userRole, string $needRole)
Определения Permission.php:489
Bitrix\Im\V2\Permission\getByUserTypes
getByUserTypes()
Определения Permission.php:288
array
</td ></tr ></table ></td ></tr >< tr >< td class="bx-popup-label bx-width30"><?=GetMessage("PAGE_NEW_TAGS")?> array( $site)
Определения file_new.php:804
$code
if(!is_null($config))($config as $configItem)(! $configItem->isVisible()) $code
Определения options.php:195
Bitrix\Main\$user
$user
Определения mysql_to_pgsql.php:33
$config
$config
Определения quickway.php:69
$action
$action
Определения file_dialog.php:21