1C-Bitrix 25.700.0
Загрузка...
Поиск...
Не найдено
listperm.php
См. документацию.
1<?
2IncludeModuleLangFile(__FILE__);
3
4class CListPermissions
5{
6 const WRONG_IBLOCK_TYPE = -1;
7 const WRONG_IBLOCK = -2;
8 const LISTS_FOR_SONET_GROUP_DISABLED = -3;
9
10 const ACCESS_DENIED = 'D';
11 const CAN_READ = 'R';
12 const CAN_BIZPROC = 'U';
13 const CAN_WRITE = 'W';
14 const IS_ADMIN = 'X';
15
23 static public function CheckAccess($USER, $iblock_type_id, $iblock_id = false, $socnet_group_id = 0)
24 {
25 if($socnet_group_id > 0 && CModule::IncludeModule('socialnetwork'))
26 {
27 if(CSocNetFeatures::IsActiveFeature(SONET_ENTITY_GROUP, $socnet_group_id, "group_lists"))
28 {
29 if($iblock_id !== false)
30 return CListPermissions::_socnet_check($USER, $iblock_type_id, $iblock_id, intval($socnet_group_id));
31 else
32 return CListPermissions::_socnet_type_check($USER, $iblock_type_id, $socnet_group_id);
33 }
34 else
35 {
36 return CListPermissions::LISTS_FOR_SONET_GROUP_DISABLED;
37 }
38 }
39 else
40 {
41 if($iblock_id !== false)
42 return CListPermissions::_lists_check($USER, $iblock_type_id, $iblock_id);
43 else
44 return CListPermissions::_lists_type_check($USER, $iblock_type_id);
45 }
46 }
47
55 static protected function _socnet_check($USER, $iblock_type_id, $iblock_id, $socnet_group_id)
56 {
57 $type_check = CListPermissions::_socnet_type_check($USER, $iblock_type_id, $socnet_group_id);
58 if($type_check < 0)
59 return $type_check;
60
61 $iblock_check = CListPermissions::_iblock_check($iblock_type_id, $iblock_id);
62 if($iblock_check < 0)
63 return $iblock_check;
64
65 $iblock_socnet_group_id = CIBlock::GetArrayByID($iblock_id, "SOCNET_GROUP_ID");
66 if($iblock_socnet_group_id != $socnet_group_id)
67 return CListPermissions::ACCESS_DENIED;
68
69 $socnet_role = CSocNetUserToGroup::GetUserRole($USER->GetID(), $socnet_group_id);
70
71 if (CSocNetUser::IsCurrentUserModuleAdmin())
72 {
73 $socnet_role = "A";
74 }
75
76 if ($socnet_role !== "A" && CIBlock::GetArrayByID($iblock_id, "RIGHTS_MODE") === "E")
77 {
78 return '0';
79 }
80
81 static $roles = array("A", "E", "K", "T");
82 if(!in_array($socnet_role, $roles))
83 {
84 if($USER->IsAuthorized())
85 $socnet_role = "L";
86 else
87 $socnet_role = "N";
88 }
89
90 if (!CSocNetFeaturesPerms::CanPerformOperation($USER->GetID(), SONET_ENTITY_GROUP, $socnet_group_id, "group_lists", "write", CSocNetUser::IsCurrentUserModuleAdmin()))
91 {
92 return "D";
93 }
94 else
95 {
96 $arSocnetPerm = CLists::GetSocnetPermission($iblock_id);
97 return $arSocnetPerm[$socnet_role];
98 }
99 }
100
107 static protected function _socnet_type_check($USER, $iblock_type_id, $socnet_group_id)
108 {
109 if($iblock_type_id === COption::GetOptionString("lists", "socnet_iblock_type_id"))
110 {
111 $socnet_role = CSocNetUserToGroup::GetUserRole($USER->GetID(), $socnet_group_id);
112
113 if (CSocNetUser::IsCurrentUserModuleAdmin())
114 {
115 $socnet_role = "A";
116 }
117
118 if (
119 $socnet_role == "A"
120 && CSocNetFeaturesPerms::CanPerformOperation($USER->GetID(), SONET_ENTITY_GROUP, $socnet_group_id, "group_lists", "write", CSocNetUser::IsCurrentUserModuleAdmin())
121 )
122 {
123 return CListPermissions::IS_ADMIN;
124 }
125 else
126 {
127 return CListPermissions::CAN_READ;
128 }
129 }
130 else
131 {
132 return CListPermissions::WRONG_IBLOCK_TYPE;
133 }
134 }
135
141 static protected function _lists_type_check($USER, $iblockTypeId)
142 {
143 $listsPermission = CLists::GetPermission($iblockTypeId);
144 if (!is_array($listsPermission) || !count($listsPermission))
145 return CListPermissions::ACCESS_DENIED;
146
147 $userGroups = $USER->GetUserGroupArray();
148 if (count(array_intersect($listsPermission, $userGroups)) > 0)
149 return CListPermissions::IS_ADMIN;
150
151 return CListPermissions::CAN_READ;
152 }
153
160 static protected function _lists_check($USER, $iblock_type_id, $iblock_id)
161 {
162 $iblock_check = CListPermissions::_iblock_check($iblock_type_id, $iblock_id);
163 if($iblock_check < 0)
164 return $iblock_check;
165
166 $arListsPerm = CLists::GetPermission($iblock_type_id);
167 if(!$arListsPerm)
168 {
169 return CListPermissions::ACCESS_DENIED;
170 }
171
172 $arUSER_GROUPS = $USER->GetUserGroupArray();
173 if(count(array_intersect($arListsPerm, $arUSER_GROUPS)) > 0)
174 return CListPermissions::IS_ADMIN;
175
176 return CIBlock::GetPermission($iblock_id);
177 }
178
184 static protected function _iblock_check($iblock_type_id, $iblock_id)
185 {
186 $iblock_id = intval($iblock_id);
187 if($iblock_id > 0)
188 {
189 $iblock_type = CIBlock::GetArrayByID($iblock_id, "IBLOCK_TYPE_ID");
190 if($iblock_type_id === $iblock_type)
191 return 0;
192 else
193 return CListPermissions::WRONG_IBLOCK_TYPE;
194 }
195 else
196 {
197 return CListPermissions::WRONG_IBLOCK;
198 }
199 }
200
201 static public function MergeRights($IBLOCK_TYPE_ID, $DB, $POST)
202 {
203 $arResult = array();
204
205 //1) Put into result protected from changes rights
206 $arListsPerm = CLists::GetPermission($IBLOCK_TYPE_ID);
207 foreach($DB as $RIGHT_ID => $arRight)
208 {
209 //1) protect groups from module settings
210 if(
211 preg_match("/^G(\\d)\$/", $arRight["GROUP_CODE"], $match)
212 && is_array($arListsPerm)
213 && in_array($match[1], $arListsPerm)
214 )
215 $arResult[$RIGHT_ID] = $arRight;
216 else
217 {
218 //2) protect groups with iblock_% operations
219 $arOperations = CTask::GetOperations($arRight['TASK_ID'], true);
220 foreach($arOperations as $operation)
221 {
222 if(preg_match("/^iblock_(?!admin)/", $operation))
223 {
224 $arResult[$RIGHT_ID] = $arRight;
225 break;
226 }
227 }
228 }
229 }
230
231 //2) Leave in POST only safe rights
232 foreach($POST as $RIGHT_ID => $arRight)
233 {
234 //1) protect groups from module settings
235 if(
236 preg_match("/^G(\\d)\$/", $arRight["GROUP_CODE"], $match)
237 && is_array($arListsPerm)
238 && in_array($match[1], $arListsPerm)
239 )
240 unset($POST[$RIGHT_ID]);
241 else
242 {
243 //2) protect groups with iblock_% operations
244 $arOperations = CTask::GetOperations($arRight['TASK_ID'], true);
245 foreach($arOperations as $operation)
246 {
247 if(preg_match("/^iblock_(?!admin)/", $operation))
248 {
249 unset($POST[$RIGHT_ID]);
250 break;
251 }
252 }
253 }
254 }
255
256 //3) Join POST to result
257 foreach($POST as $RIGHT_ID => $arRight)
258 {
259 foreach($arResult as $RIGHT_ID2 => $arRight2)
260 {
261 if($arRight["GROUP_CODE"] == $arRight2["GROUP_CODE"])
262 unset($arResult[$RIGHT_ID2]);
263 }
264 $arResult[$RIGHT_ID] = $arRight;
265 }
266
267 return $arResult;
268 }
269
274 public static function CheckFieldId($iblock_id, $field_id)
275 {
276 if ($field_id === "DETAIL_PICTURE")
277 return true;
278 elseif ($field_id === "PREVIEW_PICTURE")
279 return true;
280 elseif ($field_id === "PICTURE")
281 return true;
282 elseif ($iblock_id <= 0)
283 return false;
284 elseif (!preg_match("/^PROPERTY_(.+)\$/", $field_id, $match))
285 return false;
286 else
287 {
288 $db_prop = CIBlockProperty::GetPropertyArray($match[1], $iblock_id);
289 if(is_array($db_prop) && $db_prop["PROPERTY_TYPE"] === "F")
290 return true;
291 }
292 return false;
293 }
294}
295?>
$arResult
$arResult
Определения generate_coupon.php:16
CAllTask\GetOperations
static GetOperations($ID, $return_names=false)
Определения task.php:230
CListPermissions
Определения listperm.php:5
CListPermissions\_lists_type_check
static _lists_type_check($USER, $iblockTypeId)
Определения listperm.php:141
CListPermissions\WRONG_IBLOCK
const WRONG_IBLOCK
Определения listperm.php:7
CListPermissions\CheckFieldId
static CheckFieldId($iblock_id, $field_id)
Определения listperm.php:274
CListPermissions\LISTS_FOR_SONET_GROUP_DISABLED
const LISTS_FOR_SONET_GROUP_DISABLED
Определения listperm.php:8
CListPermissions\CheckAccess
static CheckAccess($USER, $iblock_type_id, $iblock_id=false, $socnet_group_id=0)
Определения listperm.php:23
CListPermissions\_lists_check
static _lists_check($USER, $iblock_type_id, $iblock_id)
Определения listperm.php:160
CListPermissions\_socnet_check
static _socnet_check($USER, $iblock_type_id, $iblock_id, $socnet_group_id)
Определения listperm.php:55
CListPermissions\ACCESS_DENIED
const ACCESS_DENIED
Определения listperm.php:10
CListPermissions\_iblock_check
static _iblock_check($iblock_type_id, $iblock_id)
Определения listperm.php:184
CListPermissions\CAN_READ
const CAN_READ
Определения listperm.php:11
CListPermissions\IS_ADMIN
const IS_ADMIN
Определения listperm.php:14
CListPermissions\CAN_BIZPROC
const CAN_BIZPROC
Определения listperm.php:12
CListPermissions\_socnet_type_check
static _socnet_type_check($USER, $iblock_type_id, $socnet_group_id)
Определения listperm.php:107
CListPermissions\MergeRights
static MergeRights($IBLOCK_TYPE_ID, $DB, $POST)
Определения listperm.php:201
CListPermissions\WRONG_IBLOCK_TYPE
const WRONG_IBLOCK_TYPE
Определения listperm.php:6
CListPermissions\CAN_WRITE
const CAN_WRITE
Определения listperm.php:13
$IBLOCK_TYPE_ID
global $IBLOCK_TYPE_ID
Определения commerceml_run.php:330
array
</td ></tr ></table ></td ></tr >< tr >< td class="bx-popup-label bx-width30"><?=GetMessage("PAGE_NEW_TAGS")?> array( $site)
Определения file_new.php:804
$iblockTypeId
$iblockTypeId
Определения group_lists.php:25
$DB
global $DB
Определения cron_frame.php:29
$USER
global $USER
Определения csv_new_run.php:40
IncludeModuleLangFile
IncludeModuleLangFile($filepath, $lang=false, $bReturnArray=false)
Определения tools.php:3778
elseif
if( $daysToExpire >=0 &&$daysToExpire< 60 elseif)( $daysToExpire< 0)
Определения prolog_main_admin.php:393
count
</p ></td >< td valign=top style='border-top:none;border-left:none;border-bottom:solid windowtext 1.0pt;border-right:solid windowtext 1.0pt;padding:0cm 2.0pt 0cm 2.0pt;height:9.0pt'>< p class=Normal align=center style='margin:0cm;margin-bottom:.0001pt;text-align:center;line-height:normal'>< a name=ТекстовоеПоле54 ></a ><?=($taxRate > count( $arTaxList) > 0) ? $taxRate."%"
Определения waybill.php:936
SONET_ENTITY_GROUP
const SONET_ENTITY_GROUP
Определения include.php:117