Beispiel #1
0
 public static function UpdateUFRights($files, $rights, $ufEntity = array())
 {
     static $arTasks = null;
     if (!is_array($rights) || sizeof($rights) <= 0) {
         return false;
     }
     if ($files === null || $files === false) {
         return false;
     }
     if (!is_array($files)) {
         $files = array($files);
     }
     if (sizeof($files) <= 0) {
         return false;
     }
     if (!CModule::IncludeModule('iblock') || !CModule::IncludeModule('webdav')) {
         return false;
     }
     $arFiles = array();
     foreach ($files as $id) {
         $id = intval($id);
         if (intval($id) > 0) {
             $arFiles[] = $id;
         }
     }
     if (sizeof($arFiles) <= 0) {
         return false;
     }
     if ($arTasks == null) {
         $arTasks = CWebDavIblock::GetTasks();
     }
     $arCodes = array();
     foreach ($rights as $value) {
         if (substr($value, 0, 2) === 'SG') {
             $arCodes[] = $value . '_K';
         }
         $arCodes[] = $value;
     }
     $arCodes = array_unique($arCodes);
     $i = 0;
     $arViewRights = $arEditRights = array();
     $curUserID = 'U' . $GLOBALS['USER']->GetID();
     foreach ($arCodes as $right) {
         if ($curUserID == $right) {
             // do not override owner's rights
             continue;
         }
         $key = 'n' . $i++;
         $arViewRights[$key] = array('GROUP_CODE' => $right, 'TASK_ID' => $arTasks['R']);
     }
     $ibe = new CIBlockElement();
     $dbWDFile = $ibe->GetList(array(), array('ID' => $arFiles, 'SHOW_NEW' => 'Y'), false, false, array('ID', 'NAME', 'SECTION_ID', 'IBLOCK_ID', 'WF_NEW'));
     $iblockIds = array();
     if ($dbWDFile) {
         while ($arWDFile = $dbWDFile->Fetch()) {
             $id = $arWDFile['ID'];
             if ($arWDFile['WF_NEW'] == 'Y') {
                 $ibe->Update($id, array('BP_PUBLISHED' => 'Y'));
             }
             if (CIBlock::GetArrayByID($arWDFile['IBLOCK_ID'], "RIGHTS_MODE") === "E") {
                 $ibRights = CWebDavIblock::_get_ib_rights_object('ELEMENT', $id, $arWDFile['IBLOCK_ID']);
                 $ibRights->SetRights(CWebDavTools::appendRights($ibRights, $arViewRights, $arTasks));
                 if (empty($iblockIds[$arWDFile['IBLOCK_ID']])) {
                     $iblockIds[$arWDFile['IBLOCK_ID']] = $arWDFile['IBLOCK_ID'];
                 }
             }
         }
         global $CACHE_MANAGER;
         foreach ($iblockIds as $iblockId) {
             $CACHE_MANAGER->ClearByTag('iblock_id_' . $iblockId);
         }
         unset($iblockId);
     }
 }
Beispiel #2
0
 function _updateRights($files, $rights, $ufEntity = array())
 {
     static $arIBlock = array();
     static $op_X = 'element_rights_edit';
     static $arTasks = null;
     if (!is_array($rights) || sizeof($rights) <= 0) {
         return false;
     }
     if ($files === null || $files === false) {
         return false;
     }
     if (!is_array($files)) {
         $files = array($files);
     }
     if (sizeof($files) <= 0) {
         return false;
     }
     if (!CModule::IncludeModule('iblock')) {
         return false;
     }
     $arFiles = array();
     foreach ($files as $id) {
         $id = intval($id);
         if (intval($id) > 0) {
             $arFiles[] = $id;
         }
     }
     if (sizeof($arFiles) <= 0) {
         return false;
     }
     $arFiles = array_unique($arFiles);
     if ($arTasks == null) {
         $arTasks = CWebDavIblock::GetTasks();
     }
     $i = 0;
     $arViewRights = $arEditRights = array();
     $curUserID = 'U' . $GLOBALS['USER']->GetID();
     foreach ($rights as $right) {
         if ($curUserID == $right) {
             // do not override owner's rights
             continue;
         }
         $key = 'n' . $i++;
         $arViewRights[$key] = array('GROUP_CODE' => $right, 'TASK_ID' => $arTasks['R']);
         $arEditRights[$key] = array('GROUP_CODE' => $right, 'TASK_ID' => $arTasks['W']);
     }
     $ibe = new CIBlockElement();
     $dbWDFile = $ibe->GetList(array(), array('ID' => $arFiles, 'SHOW_NEW' => 'Y'), false, false, array('ID', 'NAME', 'SECTION_ID', 'IBLOCK_ID', 'WF_NEW'));
     $iblockIds = array();
     if ($dbWDFile) {
         if (!empty($ufEntity['ENTITY_VALUE_ID'])) {
             //hack you
             CIBlockWebdavSocnet::storeFileIdsByComment($ufEntity['ENTITY_VALUE_ID'], $arFiles);
         }
         while ($arWDFile = $dbWDFile->Fetch()) {
             $id = $arWDFile['ID'];
             if ($arWDFile['WF_NEW'] == 'Y') {
                 $ibe->Update($id, array('BP_PUBLISHED' => 'Y'));
             }
             if (CIBlock::GetArrayByID($arWDFile['IBLOCK_ID'], "RIGHTS_MODE") === "E") {
                 $dropped = false;
                 $ibRights = CWebDavIblock::_get_ib_rights_object('ELEMENT', $id, $arWDFile['IBLOCK_ID']);
                 // change rights on comment files if they are 'attached to the post'
                 $dropped = static::_isDropped($arWDFile['IBLOCK_ID'], $arWDFile['IBLOCK_SECTION_ID']);
                 $canEditFiles = static::isAllowEditAttachedFiles($ufEntity);
                 if ($dropped || $ibRights->UserHasRightTo($arWDFile['IBLOCK_ID'], $id, 'element_edit')) {
                     $ibRights->SetRights(static::appendRights($ibRights, $canEditFiles ? $arEditRights : $arViewRights, $arTasks));
                 } else {
                     $ibRights->SetRights(static::appendRights($ibRights, $arViewRights, $arTasks));
                 }
                 if (empty($iblockIds[$arWDFile['IBLOCK_ID']])) {
                     $iblockIds[$arWDFile['IBLOCK_ID']] = $arWDFile['IBLOCK_ID'];
                 }
             }
         }
         global $CACHE_MANAGER;
         foreach ($iblockIds as $iblockId) {
             $CACHE_MANAGER->ClearByTag('iblock_id_' . $iblockId);
         }
         unset($iblockId);
     }
 }
Beispiel #3
0
 function SetUFRights($files, $rights)
 {
     static $arTasks = null;
     if (!CModule::IncludeModule('iblock') || !CModule::IncludeModule('webdav')) {
         return;
     }
     if (!is_array($rights) || count($rights) <= 0) {
         return false;
     }
     if ($files === null || $files === false) {
         return false;
     }
     if (!is_array($files)) {
         $files = array($files);
     }
     $arFiles = array();
     foreach ($files as $id) {
         $id = intval($id);
         if (intval($id) > 0) {
             $arFiles[] = $id;
         }
     }
     if (count($arFiles) <= 0) {
         return false;
     }
     if ($arTasks == null) {
         $arTasks = CWebDavIblock::GetTasks();
     }
     $arCodes = array();
     foreach ($rights as $value) {
         if (substr($value, 0, 2) === 'SG') {
             $arCodes[] = $value . '_K';
         }
         $arCodes[] = $value;
     }
     $arCodes = array_unique($arCodes);
     $i = 0;
     $arViewRights = array();
     $curUserID = 'U' . $GLOBALS['USER']->GetID();
     foreach ($arCodes as $right) {
         if ($curUserID == $right) {
             // do not override owner's rights
             continue;
         }
         $key = "n" . $i++;
         $arViewRights[$key] = array("GROUP_CODE" => $right, "TASK_ID" => $arTasks["R"]);
     }
     $ibe = new CIBlockElement();
     $dbWDFile = $ibe->GetList(array(), array("ID" => $arFiles, "SHOW_NEW" => "Y"), false, false, array("ID", "NAME", "SECTION_ID", "IBLOCK_ID", "WF_NEW"));
     $iblockIds = array();
     if ($dbWDFile) {
         while ($arWDFile = $dbWDFile->Fetch()) {
             $id = $arWDFile["ID"];
             if ($arWDFile["WF_NEW"] == "Y") {
                 $ibe->Update($id, array("BP_PUBLISHED" => "Y"));
             }
             if (CIBlock::GetArrayByID($arWDFile['IBLOCK_ID'], "RIGHTS_MODE") === "E") {
                 $ibRights = CWebDavIblock::_get_ib_rights_object("ELEMENT", $id, $arWDFile["IBLOCK_ID"]);
                 $ibRights->SetRights(CWebDavTools::appendRights($ibRights, $arViewRights, $arTasks));
                 if (empty($iblockIds[$arWDFile["IBLOCK_ID"]])) {
                     $iblockIds[$arWDFile["IBLOCK_ID"]] = $arWDFile["IBLOCK_ID"];
                 }
             }
         }
         global $CACHE_MANAGER;
         foreach ($iblockIds as $iblockId) {
             $CACHE_MANAGER->ClearByTag("iblock_id_" . $iblockId);
         }
         unset($iblockId);
     }
 }
Beispiel #4
0
 public static final function removeRightsOnSections(array $sections, array $rights)
 {
     $tasks = CWebDavIblock::GetTasks();
     $reformatRights = array();
     $i = 0;
     foreach ($rights as $letter => $groupCodes) {
         if (!is_array($groupCodes)) {
             $groupCodes = array($groupCodes);
         }
         foreach ($groupCodes as $groupCode) {
             $reformatRights['n' . $i] = array('GROUP_CODE' => $groupCode, 'TASK_ID' => $tasks[$letter]);
             $i++;
         }
         unset($groupCode);
     }
     unset($right);
     foreach ($sections as $section) {
         $sectionId = (int) $section['ID'];
         if ($sectionId <= 0) {
             continue;
         }
         if (CIBlock::GetArrayByID($section['IBLOCK_ID'], "RIGHTS_MODE") === "E") {
             $rightObject = CWebDavIblock::_get_ib_rights_object('SECTION', $sectionId, $section['IBLOCK_ID']);
             $rightObject->SetRights(CWebDavTools::removeRights($rightObject, $reformatRights, $tasks));
         }
     }
     unset($section);
 }
 private static function EnsureSharedFileSectionCreated($blockID, $siteID = SITE_ID)
 {
     $siteID = strval($siteID);
     $blockID = intval($blockID);
     if ($blockID <= 0 || $siteID === '') {
         return 0;
     }
     $blockSection = new CIBlockSection();
     $dbSections = $blockSection->GetList(array(), array('XML_ID' => 'VI_CALLS', 'IBLOCK_ID' => $blockID, 'CHECK_PERMISSIONS' => 'N'), false, array('ID'));
     $arSection = $dbSections->Fetch();
     if (is_array($arSection)) {
         $blockSectionID = intval($arSection['ID']);
     }
     if ($blockSectionID <= 0) {
         $dbSite = CSite::GetByID($siteID);
         $arSite = $dbSite->Fetch();
         IncludeModuleLangFile(__FILE__, $arSite && isset($arSite['LANGUAGE_ID']) ? $arSite['LANGUAGE_ID'] : false);
         $blockSectionID = $blockSection->Add(array('IBLOCK_ID' => $blockID, 'ACTIVE' => 'Y', 'NAME' => GetMessage('VI_DISK_CALL_RECORD_SECTION'), 'IBLOCK_SECTION_ID' => 0, 'CHECK_PERMISSIONS' => 'N', 'XML_ID' => 'VI_CALLS'));
         if (CIBlock::GetArrayByID($blockID, "RIGHTS_MODE") === "E") {
             $rightObject = CWebDavIblock::_get_ib_rights_object('IBLOCK', 0, $blockID);
             $existsRights = $rightObject->GetRights();
             $rs = CTask::GetList(array("LETTER" => "asc"), array("MODULE_ID" => "iblock", "BINDING" => "iblock", "SYS" => "Y"));
             $arTasks = array();
             while ($ar = $rs->Fetch()) {
                 $arTasks[$ar["NAME"]] = $ar["ID"];
             }
             $newRights = array();
             $i = 0;
             foreach ($existsRights as $existsRight) {
                 $newRights['n' . $i] = array('GROUP_CODE' => $existsRight['GROUP_CODE'], 'TASK_ID' => $arTasks['iblock_deny']);
                 $i++;
             }
             $rightObject = CWebDavIblock::_get_ib_rights_object('SECTION', $blockSectionID, $blockID);
             $rightObject->SetRights($newRights);
             $rights['n' . $i] = array('GROUP_CODE' => '', 'TASK_ID' => $arTasks['iblock_deny']);
             CWebDavIblock::appendRightsOnSections(array(array('ID' => $blockSectionID, 'IBLOCK_ID' => $blockID)), array('W' => array('G1')));
         }
     }
     return $blockSectionID;
 }
Beispiel #6
0
function WDUFUserFieldView(&$arParams, &$arResult)
{
    static $DROPPED = null;
    static $OLD_DROPPED = null;
    if (!(CModule::IncludeModule('iblock') && CModule::IncludeModule('webdav'))) {
        return false;
    }
    if ($DROPPED === null) {
        $DROPPED = CWebDavIblock::getDroppedMetaData();
        $DROPPED = $DROPPED['name'];
        $OLD_DROPPED = CWebDavIblock::getOldDroppedMetaData();
        $OLD_DROPPED = $OLD_DROPPED['name'];
    }
    global $APPLICATION, $USER_FIELD_MANAGER, $USER;
    static $arIBlock = array();
    $result = array();
    $arIBlockCacheID = array();
    $arValue = array();
    $isHistoryDocInComment = false;
    //from historical comment
    $versionHistoryDocInComment = $throughVersionComment = 0;
    $EVId = is_array($arParams["arUserField"]) && $arParams["arUserField"]["ENTITY_VALUE_ID"] > 0 ? intval($arParams["arUserField"]["ENTITY_VALUE_ID"]) : 0;
    $arResult['VALUE'] = is_array($arResult['VALUE']) ? $arResult['VALUE'] : array();
    if ($arParams['arUserField']['USER_TYPE_ID'] == 'webdav_element_history') {
        $isHistoryDocInComment = true;
        //not multiple UF
        if (!empty($arResult['VALUE'][0]['id'])) {
            $arValue[] = (int) $arResult['VALUE'][0]['id'];
            $versionHistoryDocInComment = (int) $arResult['VALUE'][0]['v'];
            $throughVersionComment = empty($arResult['VALUE'][1]['t_vers']) ? 0 : (int) $arResult['VALUE'][1]['t_vers'];
        }
        $cacheID = md5(serialize($arResult['VALUE']));
    } else {
        foreach ($arResult['VALUE'] as $val) {
            $val = intval($val);
            if ($val > 0) {
                $arValue[] = $val;
            }
        }
        $cacheID = $EVId > 0 ? $EVId : md5(serialize($arValue));
    }
    if (!empty($arParams["arUserField"]) && !empty($arParams["arUserField"]['ID'])) {
        $cacheID = (string) $cacheID;
        $cacheID = $arParams["arUserField"]['ID'] . '_' . $cacheID;
    }
    if (sizeof($arValue) > 0) {
        // cache
        $obCache = new CPHPCache();
        $cachePath = SITE_ID . "/webdav/inline";
        if ($obCache->InitCache(30 * 86400, $cacheID, $cachePath)) {
            $vars = $obCache->GetVars();
            $result = $vars["RESULT"];
        }
        if (empty($result) && $obCache->StartDataCache()) {
            $ElementID = $arValue;
            if ($EVId > 0) {
                $ElementID = $USER_FIELD_MANAGER->GetUserFieldValue($arParams["arUserField"]["ENTITY_ID"], $arParams["arUserField"]["FIELD_NAME"], $EVId);
                $ElementID = empty($ElementID) ? $arValue : $ElementID;
                if ($isHistoryDocInComment) {
                    $ElementID = $ElementID[0]['id'];
                }
            }
            // check file exists
            $ibe = new CIBlockElement();
            $dbWDFile = $ibe->GetList(array(), array('ID' => $ElementID), false, false, array('ID', 'NAME', 'IBLOCK_SECTION_ID', 'IBLOCK_ID', 'IBLOCK_CODE', 'PROPERTY_' . CWebDavIblock::PROPERTY_VERSION, 'PROPERTY_WEBDAV_SIZE', 'PROPERTY_FILE', 'CREATED_BY', 'CREATED_USER_NAME', 'CREATED_BY_FORMATTED'));
            if ($dbWDFile) {
                $dbWDFile->SetNameTemplate($arParams['NAME_TEMPLATE']);
                while ($arWDFile = $dbWDFile->Fetch()) {
                    $id = intval($arWDFile['ID']);
                    $arNavChain = array();
                    if (!isset($arIBlock[$arWDFile['IBLOCK_ID']])) {
                        $dbWDIBlock = CIBlock::GetList(array(), array('ID' => $arWDFile['IBLOCK_ID'], 'CHECK_PERMISSIONS' => 'N'));
                        if ($dbWDIBlock && ($arWDIBlock = $dbWDIBlock->Fetch())) {
                            $arIBlock[$arWDFile['IBLOCK_ID']] = $arWDIBlock;
                        }
                    }
                    if (isset($arIBlock[$arWDFile['IBLOCK_ID']])) {
                        $arWDIBlock = $arIBlock[$arWDFile['IBLOCK_ID']];
                        $arIBlockCacheID[] = $arWDFile['IBLOCK_ID'];
                        $arNavChain = WDUGetNavChainSections($arWDFile['IBLOCK_ID'], $arWDFile['IBLOCK_SECTION_ID']);
                        if ($arNavChain === false) {
                            continue;
                            // not show items from trash
                        }
                        // get path to document
                        $detailPath = CWebDavIblock::LibOptions('lib_paths', true, $arWDFile['IBLOCK_ID']);
                        $detailPath = !!$detailPath ? $detailPath : $arWDIBlock['DETAIL_PAGE_URL'];
                        $arPaths = WDUFGetPathOptions($detailPath, $arWDFile['IBLOCK_ID'], reset($arNavChain), $arWDFile);
                        $isSocnet = $arPaths["entity"] != "lib";
                        $arWDFile['VIEW'] = $arPaths["path"];
                        $arWDFile['HISTORY'] = CHTTP::urlAddParams($arPaths['view'], array('webdavForm' . $arWDFile['IBLOCK_ID'] . '_active_tab' => 'tab_history'));
                        $arWDFile['EDIT'] = $arPaths["edit"];
                        $arWDFile['DELETE_DROPPED'] = $arPaths["delete_dropped"];
                        $arWDFile['PATH'] = $arPaths["history_get"];
                        // 'breadcrumb'
                        $arSectionsChain = array();
                        //to link on element
                        $userIBlockID = CWebDavIblock::LibOptions('user_files', false, SITE_ID);
                        $groupIBlockID = CWebDavIblock::LibOptions('group_files', false, SITE_ID);
                        $arUrlSectionsChain = array();
                        $i = 0;
                        foreach ($arNavChain as $res) {
                            $name = $res["NAME"];
                            if ($i == 0 && !!$res["SOCNET_GROUP_ID"] && CModule::IncludeModule('socialnetwork') && strlen(GetMessage('SONET_GROUP_PREFIX')) > 0) {
                                if ($name == GetMessage('SONET_GROUP_PREFIX')) {
                                    $arGroup = CSocNetGroup::GetByID($res["SOCNET_GROUP_ID"]);
                                    $name = GetMessage("SONET_GROUP_PREFIX") . $arGroup['NAME'];
                                }
                            }
                            //drop prefix storage name (1st level in section tree) if user or groups file. If shared docs - don't
                            if ($i != 0 || !$isSocnet) {
                                $arUrlSectionsChain[] = $name;
                            }
                            if ($name != $DROPPED) {
                                $arSectionsChain[] = $name;
                                $i++;
                            }
                            if ($name == $DROPPED || $name == $OLD_DROPPED) {
                                //disable local edit if file id .Dropped
                                $arWDFile['IN_PERSONAL_LIB'] = false;
                            }
                        }
                        if ($arSectionsChain[$i] == $DROPPED) {
                            $arWDFile['NAVCHAIN'] = GetMessage('WDUF_ATTACHED_TO_MESSAGE');
                        } else {
                            if ($userIBlockID && $groupIBlockID) {
                                if ($arWDFile['IBLOCK_ID'] != $userIBlockID['id'] && $arWDFile['IBLOCK_ID'] != $groupIBlockID['id']) {
                                    $name = CIBlock::GetArrayByID($arWDFile['IBLOCK_ID'], 'NAME');
                                    array_unshift($arSectionsChain, $name);
                                }
                            }
                            $arWDFile['NAVCHAIN'] = implode("/", $arSectionsChain);
                        }
                        $arUrlSectionsChain[] = $arWDFile["NAME"];
                        $arWDFile['VIEW'] .= implode('/', $arUrlSectionsChain);
                        //non urnencoded
                        $arWDFile['RELATIVE_PATH'] = $arWDFile['VIEW'];
                        $arWDFile['VIEW'] = CHTTP::urnEncode($arWDFile['VIEW']);
                        // extension
                        $name = $arWDFile['NAME'];
                        $ext = '';
                        $dotpos = strrpos($name, ".");
                        if ($dotpos !== false && $dotpos + 1 < strlen($name)) {
                            $ext = substr($name, $dotpos + 1);
                        }
                        if (strlen($ext) < 3 || strlen($ext) > 5) {
                            $ext = '';
                        }
                        $arWDFile['EXTENSION'] = $ext;
                        // size
                        $arWDFile['SIZE'] = 0;
                        if ($arWDFile['PROPERTY_WEBDAV_SIZE_VALUE']) {
                            $arWDFile['SIZE'] = CFile::FormatSize(intval($arWDFile['PROPERTY_WEBDAV_SIZE_VALUE']), 0);
                        }
                        // file
                        $arWDFile['FILE'] = array();
                        if ($arWDFile['PROPERTY_FILE_VALUE']) {
                            $arWDFile['FILE'] = CFile::GetFileArray($arWDFile['PROPERTY_FILE_VALUE']);
                        }
                        if ($isHistoryDocInComment) {
                            $arWDFile['PATH'] = $arWDFile['PATH'] . "?toWDController=1&ncc=1&downloadHistory=1&id={$arWDFile['ID']}&v={$versionHistoryDocInComment}&f={$arWDFile['FILE']['ID']}";
                            $arWDFile['THROUGH_VERSION'] = empty($throughVersionComment) ? -1 : $throughVersionComment;
                        } else {
                            $arWDFile['THROUGH_VERSION'] = (int) $arWDFile['PROPERTY_' . CWebDavIblock::PROPERTY_VERSION . '_VALUE'];
                        }
                        if (strlen($arWDFile['PATH']) > 0) {
                            $arWDFile['PATH'] = CHTTP::urnEncode($arWDFile['PATH']);
                            $result[$id] = $arWDFile;
                        }
                    }
                }
            }
            global $CACHE_MANAGER;
            $CACHE_MANAGER->StartTagCache($cachePath);
            foreach ($arIBlockCacheID as $ibID) {
                $CACHE_MANAGER->RegisterTag("iblock_id_" . $ibID);
            }
            $CACHE_MANAGER->EndTagCache();
            $obCache->EndDataCache(array("RESULT" => $result));
        }
        // not cached
        // check file access rights
        static $op = 'element_read';
        foreach ($result as $id => $arWDFile) {
            if (!in_array($id, $arValue)) {
                unset($result[$id]);
                continue;
            } else {
                if (!isset($arIBlock[$arWDFile['IBLOCK_ID']])) {
                    continue;
                }
            }
            $arWDIBlock = $arIBlock[$arWDFile['IBLOCK_ID']];
            if ($arWDIBlock['RIGHTS_MODE'] == 'E') {
                $ibRights = CWebDavIblock::_get_ib_rights_object('ELEMENT', $id, $arWDIBlock['ID']);
                if (!$ibRights->UserHasRightTo($arWDIBlock['ID'], $id, $op)) {
                    unset($result[$id]);
                    continue;
                }
            } else {
                if (CIBlock::GetPermission($arWDIBlock['ID']) < 'R') {
                    unset($result[$id]);
                    continue;
                }
            }
        }
    }
    //output
    $arResult['FILES'] = $result;
}