Bitrix-D7 23.9
 
Загрузка...
Поиск...
Не найдено
roleutil.php
1<?php
9namespace Bitrix\Main\Access\Role;
10
11use Bitrix\Main\Access\AccessCode;
12use Bitrix\Main\Access\Exception\PermissionSaveException;
13use Bitrix\Main\Access\Exception\RoleNotFoundException;
14use Bitrix\Main\Access\Exception\RoleRelationSaveException;
15use Bitrix\Main\Access\Exception\RoleSaveException;
16use Bitrix\Main\Access\Permission\PermissionDictionary;
17use Bitrix\Main\Application;
18
19abstract class RoleUtil
20{
21 protected $roleId;
22 protected $role;
23
24 abstract protected static function getRoleTableClass(): string;
25
26 abstract protected static function getRoleRelationTableClass(): string;
27
28 abstract protected static function getPermissionTableClass(): string;
29
30 abstract protected static function getRoleDictionaryClass(): ?string;
31
32 public static function getRoles()
33 {
34 $class = static::getRoleTableClass();
35 return $class::getList()->fetchAll();
36 }
37
38 public static function createRole(string $title): int
39 {
40 $class = static::getRoleTableClass();
41 $res = $class::add([
42 'NAME' => $title
43 ]);
44
45 if (!$res->isSuccess())
46 {
47 throw new RoleSaveException();
48 }
49
50 return (int) $res->getId();
51 }
52
53 public function __construct(int $roleId)
54 {
55 $this->roleId = $roleId;
56 }
57
58 public function getMembers(int $limit = 0)
59 {
60 $filter = [
61 'filter' => [
62 'ROLE_ID' => $this->roleId
63 ],
64 'order' => ['ID' => 'DESC']
65 ];
66 if ($limit)
67 {
68 $filter['limit'] = $limit;
69 }
70
71 $class = static::getRoleRelationTableClass();
72 return $class::getList($filter);
73 }
74
75 public function deleteRole()
76 {
77 if (!$this->roleId)
78 {
79 return;
80 }
81
82 // remove role
83 $roleClass = static::getRoleTableClass();
84 $roleClass::delete($this->roleId);
85
86 // remove role relations
87 $relationClass = static::getRoleRelationTableClass();
88 $relationClass::deleteList([
89 '=ROLE_ID' => $this->roleId
90 ]);
91
92 // remove permissions
93 $permissionClass = static::getPermissionTableClass();
94 $permissionClass::deleteList([
95 '=ROLE_ID' => $this->roleId
96 ]);
97 }
98
99 public function updateTitle(string $title)
100 {
101 $this->loadRole();
102
103 if ($this->role->getName() === $title)
104 {
105 return;
106 }
107
108 $dictionaryClass = static::getRoleDictionaryClass();
109 if (
110 $dictionaryClass
111 && $dictionaryClass::getRoleName($this->role->getName()) === $title
112 )
113 {
114 return;
115 }
116
117 $this->role->setName($title);
118 $result = $this->role->save();
119
120 if (!$result->isSuccess())
121 {
122 throw new RoleNotFoundException();
123 }
124 }
125
126 public function getPermissions(): array
127 {
128 $class = static::getPermissionTableClass();
129 $res = $class::getList([
130 'filter' => [
131 '=ROLE_ID' => $this->roleId
132 ]
133 ])
134 ->fetchAll();
135
136 $permissions = [];
137 foreach ($res as $row)
138 {
139 $permissions[$row['PERMISSION_ID']] = $row['VALUE'];
140 }
141
142 return $permissions;
143 }
144
154 public function updatePermissions(array $permissions)
155 {
156 $this->loadRole();
157
158 if (!$this->validatePermissions($permissions))
159 {
160 throw new RoleNotFoundException();
161 }
162
163 $permissionClass = static::getPermissionTableClass();
164 $permissionClass::deleteList([
165 '=ROLE_ID' => $this->roleId
166 ]);
167
168 $connection = Application::getConnection();
169 $helper = $connection->getSqlHelper();
170
171 $query = [];
172 foreach ($permissions as $id => $value)
173 {
174 $query[] = '('. $this->roleId .', "'. $helper->forSql(trim($id)) .'", '. (int) $value .')';
175 }
176
177 if (empty($query))
178 {
179 return;
180 }
181
182 $query = '
183 INSERT INTO '. $helper->quote($permissionClass::getTableName()) .'
184 (ROLE_ID, PERMISSION_ID, ' . $helper->quote('VALUE') . ')
185 VALUES
186 '. implode(',', $query) .'
187 ';
188
189 try
190 {
191 $connection->query($query);
192 }
193 catch (\Exception $e)
194 {
195 throw new PermissionSaveException();
196 }
197 }
198
204 public function updateRoleRelations(array $roleRelations)
205 {
206 $connection = Application::getConnection();
207 $helper = $connection->getSqlHelper();
208
209 $roleRelationsClass = static::getRoleRelationTableClass();
210 $roleRelationsClass::deleteList([
211 '=ROLE_ID' => $this->roleId
212 ]);
213
214 $query = [];
215 foreach ($roleRelations as $code => $type)
216 {
217 if(!AccessCode::isValid($code))
218 {
219 throw new RoleRelationSaveException();
220 }
221
222 $query[] = '('. $this->roleId .', \''. $helper->forSql(trim($code)) .'\')';
223 }
224
225 if (empty($query))
226 {
227 return;
228 }
229
230 $query = '
231 INSERT INTO '. $helper->quote($roleRelationsClass::getTableName()) .'
232 (ROLE_ID, RELATION)
233 VALUES
234 '. implode(',', $query) .'
235 ';
236
237 try
238 {
239 $connection->query($query);
240 }
241 catch (\Exception $e)
242 {
243 throw new RoleRelationSaveException();
244 }
245 }
246
247 protected function loadRole()
248 {
249 if (!$this->role)
250 {
251 $class = static::getRoleTableClass();
252 $this->role = $class::getById($this->roleId)->fetchObject();
253 }
254 if (!$this->role)
255 {
256 throw new RoleNotFoundException();
257 }
258 return $this->role;
259 }
260
261 protected function validatePermissions(array $permissions): bool
262 {
263 foreach ($permissions as $id => $value)
264 {
265 return PermissionDictionary::recursiveValidatePermission($permissions, $id);
266 }
267
268 return true;
269 }
270}
Bitrix\Main\Access\Role\RoleUtil\updatePermissions
updatePermissions(array $permissions)
Definition roleutil.php:154
Bitrix\Main\Access\Role\RoleUtil\validatePermissions
validatePermissions(array $permissions)
Definition roleutil.php:261
Bitrix\Main\Access\Role\RoleUtil\createRole
static createRole(string $title)
Definition roleutil.php:38
Bitrix\Main\Access\Role\RoleUtil\updateRoleRelations
updateRoleRelations(array $roleRelations)
Definition roleutil.php:204
Bitrix\Main\Application\getConnection
static getConnection($name="")
Definition application.php:611