Beispiel #1
0
$allowedStatusesView = array();
$order = Bitrix\Sale\Order::load($_REQUEST["ID"]);
if ($order) {
    $allowedStatusesView = \Bitrix\Sale\OrderStatus::getStatusesUserCanDoOperations($USER->GetID(), array('view'));
}
if (!$order || !in_array($order->getField("STATUS_ID"), $allowedStatusesView)) {
    LocalRedirect("/bitrix/admin/sale_order.php?lang=" . LANGUAGE_ID . GetFilterParams("filter_", false));
}
$allowedStatusesEdit = \Bitrix\Sale\OrderStatus::getStatusesUserCanDoOperations($USER->GetID(), array('edit'));
if (!in_array($order->getField("STATUS_ID"), $allowedStatusesEdit)) {
    LocalRedirect("/bitrix/admin/sale_order_view.php?ID=" . $ID . "&lang=" . LANGUAGE_ID . GetFilterParams("filter_"));
}
$userId = isset($_POST["USER_ID"]) ? intval($_POST["USER_ID"]) : $order->getUserId();
OrderEdit::initCouponsData($userId, $ID, isset($_POST["OLD_USER_ID"]) ? intval($_POST["USER_ID"]) : $userId);
if (!$boolLocked) {
    \Bitrix\Sale\Order::lock($ID);
}
$isSavingOperation = $_SERVER["REQUEST_METHOD"] == "POST" && (isset($_POST["apply"]) || isset($_POST["save"]));
$isRefreshDataAndSaveOperation = $_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST["refresh_data_and_save"]) && $_POST["refresh_data_and_save"] == "Y";
$isNeedFieldsRestore = $_SERVER["REQUEST_METHOD"] == "POST" && !$isSavingOperation && !$isRefreshDataAndSaveOperation;
//save order params
if (($isSavingOperation || $isNeedFieldsRestore || $isRefreshDataAndSaveOperation) && $saleModulePermissions >= "U" && check_bitrix_sessid() && $result->isSuccess()) {
    if ($isSavingOperation || $isRefreshDataAndSaveOperation) {
        $order = OrderEdit::editOrderByFormData($_POST, $order, $USER->GetID(), true, $_FILES, $result);
    }
    if ($isRefreshDataAndSaveOperation) {
        /** @var \Bitrix\Sale\Basket $basket */
        if (!($basket = $order->getBasket())) {
            throw new \Bitrix\Main\ObjectNotFoundException('Entity "Basket" not found');
        }
        $res = $basket->refreshData(array('PRICE', 'QUANTITY', 'COUPONS'));