rightsmanager.php

<?php
namespace Bitrix\Report;
 
use Bitrix\Main\Loader;
use Bitrix\Socialnetwork\UserToGroupTable;
use CPHPCache;
 
class RightsManager
{
    const ACCESS_READ = 'access_read';
    const ACCESS_EDIT = 'access_edit';
    const ACCESS_FULL = 'access_full';
 
    protected $userId;
 
    public function __construct($userId)
    {
        $this->userId = intval($userId);
    }
 
    public function canRead($reportId)
    {
        if(!$this->isOwner($reportId))
        {
            $listSharing = Sharing::getEntityOfSharing($reportId);
            $listEntity = $this->getGroupsAndDepartments();
            foreach($listSharing as $sharingRow)
            {
                if(in_array($sharingRow['ENTITY'], $listEntity))
                {
                    if($this->compareAccess($sharingRow['RIGHTS'], self::ACCESS_READ) >= 0)
                        return true;
                }
            }
            return false;
        }
        return true;
    }
 
    public function canEdit($reportId)
    {
        if(!$this->isOwner($reportId))
        {
            $listSharing = Sharing::getEntityOfSharing($reportId);
            $listEntity = $this->getGroupsAndDepartments();
            foreach($listSharing as $sharingRow)
            {
                if(in_array($sharingRow['ENTITY'], $listEntity))
                {
                    if($this->compareAccess($sharingRow['RIGHTS'], self::ACCESS_EDIT) >= 0)
                        return true;
                }
            }
            return false;
        }
        return true;
    }
 
    public function canDelete($reportId)
    {
        return $this->isOwner($reportId);
    }
 
    public function canShare($reportId)
    {
        return $this->isOwner($reportId);
    }
 
    public function getGroupsAndDepartments()
    {
        $cacheTime = defined('BX_COMP_MANAGED_CACHE') ? 3153600 : 3600*4;
        $cacheId = 'report-rights-'.$this->userId;
        $cacheDir = '/report/rights/'.$this->userId;
        $cache = new CPHPCache;
        if($cache->initCache($cacheTime, $cacheId, $cacheDir))
        {
            $listEntity = $cache->getVars();
        }
        else
        {
            global $CACHE_MANAGER;
            $cache->startDataCache();
            $listEntity = array(Sharing::CODE_USER.$this->userId);
            $userObject = \CUser::getByID($this->userId);
            if($userData = $userObject->fetch())
            {
                if(Loader::includeModule('socialnetwork'))
                {
                    $queryObject = UserToGroupTable::getList(array(
                        'select' => array('GROUP_ID'),
                        'filter' => array(
                            'USER_ID' => $userData['ID'],
                            'ROLE' => array(
                                UserToGroupTable::ROLE_USER,
                                UserToGroupTable::ROLE_MODERATOR,
                                UserToGroupTable::ROLE_OWNER
                            )
                        )
                    ));
                    while ($groupData = $queryObject->fetch())
                        $listEntity[] = Sharing::CODE_SOCNET_GROUP.$groupData['GROUP_ID'];
                }
 
                if(!empty($userData['UF_DEPARTMENT']))
                {
                    $parentDepartmentList = array();
                    foreach($userData['UF_DEPARTMENT'] as $departmentId)
                        $parentDepartmentList[] = \CIntranetUtils::getIBlockTopSection($departmentId);
 
                    $childrenDepartmentList = \CIntranetUtils::getIBlockSectionChildren($parentDepartmentList);
                    foreach($childrenDepartmentList as $departmentId)
                        $listEntity[] = Sharing::CODE_DEPARTMENT.$departmentId;
                }
            }
            $CACHE_MANAGER->startTagCache($cacheDir);
            $CACHE_MANAGER->registerTag("sonet_user2group_U".$this->userId);
            $CACHE_MANAGER->registerTag("USER_CARD_".intval($this->userId/TAGGED_user_card_size));
            $CACHE_MANAGER->endTagCache();
            $cache->endDataCache($listEntity);
        }
 
        return $listEntity;
    }
 
    private function isOwner($reportId)
    {
        $reportId = intval($reportId);
 
        $hasReport = ReportTable::getCount(
            array('=ID' => $reportId, '=CREATED_BY' => $this->userId));
 
        if($hasReport)
            return true;
        else
            return false;
    }
 
    private function compareAccess($access1, $access2)
    {
        switch($access1)
        {
            case 'access_read':
                self::ACCESS_READ;
                $access1Pos = 2;
                break;
            case 'access_edit':
                self::ACCESS_EDIT;
                $access1Pos = 3;
                break;
            case 'access_full':
                self::ACCESS_FULL;
                $access1Pos = 4;
                break;
            default:
                $access1Pos = -1;
        }
        switch($access2)
        {
            case 'access_read':
                self::ACCESS_READ;
                $access2Pos = 2;
                break;
            case 'access_edit':
                self::ACCESS_EDIT;
                $access2Pos = 3;
                break;
            case 'access_full':
                self::ACCESS_FULL;
                $access2Pos = 4;
                break;
            default:
                $access2Pos = -1;
        }
 
        if($access1Pos == $access2Pos)
            return 0;
 
        return $access1Pos > $access2Pos? 1 : -1;
    }
}