Ejemplo n.º 1
0
 protected function processBeforeAction($actionName)
 {
     parent::processBeforeAction($actionName);
     if (!CBPDocument::canUserOperateDocumentType(CBPCanUserOperateOperation::CreateWorkflow, $this->getUser()->getID(), $this->arParams['DOCUMENT_DATA']['DISK']['DOCUMENT_TYPE'], array())) {
         $this->showAccessDenied();
         return false;
     }
     return true;
 }
Ejemplo n.º 2
0
 protected function processBeforeAction($actionName)
 {
     parent::processBeforeAction($actionName);
     if (strlen($this->arParams['STORAGE_ID']) <= 0) {
         ShowError(Loc::getMessage('ACCESS_DENIED') . ' ' . Loc::getMessage('BIZPROC_WFEDIT_ERROR_TYPE'));
         return false;
     }
     if ($this->arResult['ID'] > 0) {
         $templatesList = CBPWorkflowTemplateLoader::getList(array(), array('ID' => $this->arResult['ID']));
         if ($template = $templatesList->fetch()) {
             if (!CBPDocument::canUserOperateDocumentType(CBPCanUserOperateOperation::CreateWorkflow, $this->getUser()->getID(), $template['DOCUMENT_TYPE'])) {
                 $this->showAccessDenied();
                 return false;
             }
             $this->arResult['TEMPLATE_NAME'] = $template['NAME'];
             $this->arResult['TEMPLATE_DESC'] = $template['DESCRIPTION'];
             $this->arResult['TEMPLATE_AUTOSTART'] = $template['AUTO_EXECUTE'];
             $this->arResult['TEMPLATE'] = $template['TEMPLATE'];
             $this->arResult['PARAMETERS'] = $template['PARAMETERS'];
             $this->arResult['VARIABLES'] = $template['VARIABLES'];
             $this->arResult['CONSTANTS'] = $template['CONSTANTS'];
         } else {
             $this->arResult['ID'] = 0;
         }
         if ($template["ENTITY"] == Bitrix\Disk\BizProcDocument::className()) {
             $this->arResult['DOCUMENT_COMPLEX_TYPE'] = \Bitrix\Disk\BizProcDocument::generateDocumentComplexType($this->arParams['STORAGE_ID']);
             $this->arResult['ENTITY'] = $template['ENTITY'];
         } else {
             $this->arResult['DOCUMENT_COMPLEX_TYPE'] = \Bitrix\Disk\BizProcDocumentCompatible::generateDocumentComplexType($this->arParams['STORAGE_ID']);
             $this->arResult['ENTITY'] = $template['ENTITY'];
         }
     } else {
         $this->arResult['ENTITY'] = Bitrix\Disk\BizProcDocument::className();
         $this->arResult['DOCUMENT_COMPLEX_TYPE'] = \Bitrix\Disk\BizProcDocument::generateDocumentComplexType($this->arParams['STORAGE_ID']);
         if (!CBPDocument::canUserOperateDocumentType(CBPCanUserOperateOperation::CreateWorkflow, $this->getUser()->getID(), $this->arResult['DOCUMENT_COMPLEX_TYPE'])) {
             $this->showAccessDenied();
             return false;
         }
         $this->arResult['TEMPLATE_NAME'] = Loc::getMessage("BIZPROC_WFEDIT_DEFAULT_TITLE");
         $this->arResult['TEMPLATE_DESC'] = '';
         $this->arResult['TEMPLATE_AUTOSTART'] = 1;
         $this->arResult['PARAMETERS'] = array();
         $this->arResult['VARIABLES'] = array();
         $this->arResult['CONSTANTS'] = array();
         if ($this->request->getQuery('init') == 'statemachine') {
             $this->arResult['TEMPLATE'] = array(array('Type' => 'StateMachineWorkflowActivity', 'Name' => 'Template', 'Properties' => array(), 'Children' => array()));
         } else {
             $this->arResult['TEMPLATE'] = array(array('Type' => 'SequentialWorkflowActivity', 'Name' => 'Template', 'Properties' => array(), 'Children' => array()));
         }
     }
     return true;
 }
Ejemplo n.º 3
0
 function CanUserOperateDocument($operation, $userId, $documentId, $parameters = array())
 {
     $documentId = trim($documentId);
     if (strlen($documentId) <= 0) {
         return false;
     }
     if (!array_key_exists("IBlockId", $parameters) && (!array_key_exists("IBlockPermission", $parameters) || !array_key_exists("DocumentStates", $parameters) || !array_key_exists("IBlockRightsMode", $parameters) || array_key_exists("IBlockRightsMode", $parameters) && $parameters["IBlockRightsMode"] === "E") || !array_key_exists("CreatedBy", $parameters) && !array_key_exists("AllUserGroups", $parameters)) {
         $elementListQuery = CIBlockElement::getList(array(), array("ID" => $documentId, "SHOW_NEW" => "Y", "SHOW_HISTORY" => "Y"), false, false, array("ID", "IBLOCK_ID", "CREATED_BY"));
         $elements = $elementListQuery->fetch();
         if (!$elements) {
             return false;
         }
         $parameters["IBlockId"] = $elements["IBLOCK_ID"];
         $parameters["CreatedBy"] = $elements["CREATED_BY"];
     }
     if (!array_key_exists("IBlockRightsMode", $parameters)) {
         $parameters["IBlockRightsMode"] = CIBlock::getArrayByID($parameters["IBlockId"], "RIGHTS_MODE");
     }
     if ($parameters["IBlockRightsMode"] === "E") {
         if ($operation === CBPCanUserOperateOperation::ReadDocument) {
             return CIBlockElementRights::userHasRightTo($parameters["IBlockId"], $documentId, "element_read");
         } elseif ($operation === CBPCanUserOperateOperation::WriteDocument) {
             return CIBlockElementRights::userHasRightTo($parameters["IBlockId"], $documentId, "element_edit");
         } elseif ($operation === CBPCanUserOperateOperation::StartWorkflow || $operation === CBPCanUserOperateOperation::ViewWorkflow) {
             if (CIBlockElementRights::userHasRightTo($parameters["IBlockId"], $documentId, "element_edit")) {
                 return true;
             }
             if (!array_key_exists("WorkflowId", $parameters)) {
                 return false;
             }
             if (!CIBlockElementRights::userHasRightTo($parameters["IBlockId"], $documentId, "element_read")) {
                 return false;
             }
             $userId = intval($userId);
             if (!array_key_exists("AllUserGroups", $parameters)) {
                 if (!array_key_exists("UserGroups", $parameters)) {
                     $parameters["UserGroups"] = CUser::getUserGroup($userId);
                 }
                 $parameters["AllUserGroups"] = $parameters["UserGroups"];
                 if ($userId == $parameters["CreatedBy"]) {
                     $parameters["AllUserGroups"][] = "Author";
                 }
             }
             if (!array_key_exists("DocumentStates", $parameters)) {
                 if ($operation === CBPCanUserOperateOperation::StartWorkflow) {
                     $parameters["DocumentStates"] = CBPWorkflowTemplateLoader::getDocumentTypeStates(array('lists', get_called_class(), self::generateDocumentType($parameters["IBlockId"])));
                 } else {
                     $parameters["DocumentStates"] = CBPDocument::getDocumentStates(array('lists', get_called_class(), self::generateDocumentType($parameters["IBlockId"])), array('lists', get_called_class(), $documentId));
                 }
             }
             if (array_key_exists($parameters["WorkflowId"], $parameters["DocumentStates"])) {
                 $parameters["DocumentStates"] = array($parameters["WorkflowId"] => $parameters["DocumentStates"][$parameters["WorkflowId"]]);
             } else {
                 return false;
             }
             $allowableOperations = CBPDocument::getAllowableOperations($userId, $parameters["AllUserGroups"], $parameters["DocumentStates"], true);
             if (!is_array($allowableOperations)) {
                 return false;
             }
             if ($operation === CBPCanUserOperateOperation::ViewWorkflow && in_array("read", $allowableOperations) || $operation === CBPCanUserOperateOperation::StartWorkflow && in_array("write", $allowableOperations)) {
                 return true;
             }
             $chop = $operation === CBPCanUserOperateOperation::ViewWorkflow ? "element_read" : "element_edit";
             $tasks = self::getRightsTasks();
             foreach ($allowableOperations as $op) {
                 if (isset($tasks[$op])) {
                     $op = $tasks[$op]['ID'];
                 }
                 $ar = CTask::getOperations($op, true);
                 if (in_array($chop, $ar)) {
                     return true;
                 }
             }
         } elseif ($operation === CBPCanUserOperateOperation::CreateWorkflow) {
             return CBPDocument::canUserOperateDocumentType(CBPCanUserOperateOperation::CreateWorkflow, $userId, array('lists', get_called_class(), $documentId), $parameters);
         }
         return false;
     }
     if (!array_key_exists("IBlockPermission", $parameters)) {
         if (CModule::includeModule('lists')) {
             $parameters["IBlockPermission"] = CLists::getIBlockPermission($parameters["IBlockId"], $userId);
         } else {
             $parameters["IBlockPermission"] = CIBlock::getPermission($parameters["IBlockId"], $userId);
         }
     }
     if ($parameters["IBlockPermission"] <= "R") {
         return false;
     } elseif ($parameters["IBlockPermission"] >= "W") {
         return true;
     }
     $userId = intval($userId);
     if (!array_key_exists("AllUserGroups", $parameters)) {
         if (!array_key_exists("UserGroups", $parameters)) {
             $parameters["UserGroups"] = CUser::getUserGroup($userId);
         }
         $parameters["AllUserGroups"] = $parameters["UserGroups"];
         if ($userId == $parameters["CreatedBy"]) {
             $parameters["AllUserGroups"][] = "Author";
         }
     }
     if (!array_key_exists("DocumentStates", $parameters)) {
         $parameters["DocumentStates"] = CBPDocument::getDocumentStates(array("lists", get_called_class(), "iblock_" . $parameters["IBlockId"]), array('lists', get_called_class(), $documentId));
     }
     if (array_key_exists("WorkflowId", $parameters)) {
         if (array_key_exists($parameters["WorkflowId"], $parameters["DocumentStates"])) {
             $parameters["DocumentStates"] = array($parameters["WorkflowId"] => $parameters["DocumentStates"][$parameters["WorkflowId"]]);
         } else {
             return false;
         }
     }
     $allowableOperations = CBPDocument::getAllowableOperations($userId, $parameters["AllUserGroups"], $parameters["DocumentStates"]);
     if (!is_array($allowableOperations)) {
         return false;
     }
     $r = false;
     switch ($operation) {
         case CBPCanUserOperateOperation::ViewWorkflow:
             $r = in_array("read", $allowableOperations);
             break;
         case CBPCanUserOperateOperation::StartWorkflow:
             $r = in_array("write", $allowableOperations);
             break;
         case CBPCanUserOperateOperation::CreateWorkflow:
             $r = false;
             break;
         case CBPCanUserOperateOperation::WriteDocument:
             $r = in_array("write", $allowableOperations);
             break;
         case CBPCanUserOperateOperation::ReadDocument:
             $r = in_array("read", $allowableOperations) || in_array("write", $allowableOperations);
             break;
         default:
             $r = false;
     }
     return $r;
 }