public function canRead($userId) { if (!Loader::includeModule("iblock")) { return false; } $iblockId = $this->entityId; return \CIBlockRights::userHasRightTo($iblockId, $iblockId, "element_read") || \CIBlockSectionRights::userHasRightTo($iblockId, 0, "section_element_bind"); }
public function executeComponent() { global $USER, $APPLICATION; $this->setFrameMode(false); if (!CModule::IncludeModule('lists')) { ShowError(Loc::getMessage("CC_BLL_MODULE_NOT_INSTALLED")); return; } $this->arResult["BIZPROC"] = (bool) CModule::includeModule("bizproc"); $this->arResult["DISK"] = (bool) CModule::includeModule("disk"); $this->listsPerm = CListPermissions::CheckAccess($USER, $this->arParams["~IBLOCK_TYPE_ID"], $this->arResult["IBLOCK_ID"], $this->arParams["~SOCNET_GROUP_ID"]); if ($this->listsPerm < 0) { switch ($this->listsPerm) { case CListPermissions::WRONG_IBLOCK_TYPE: ShowError(GetMessage("CC_BLL_WRONG_IBLOCK_TYPE")); return; case CListPermissions::WRONG_IBLOCK: ShowError(GetMessage("CC_BLL_WRONG_IBLOCK")); return; case CListPermissions::LISTS_FOR_SONET_GROUP_DISABLED: ShowError(GetMessage("CC_BLL_LISTS_FOR_SONET_GROUP_DISABLED")); return; default: ShowError(GetMessage("CC_BLL_UNKNOWN_ERROR")); return; } } elseif ($this->listsPerm < CListPermissions::CAN_READ && !(CIBlockRights::UserHasRightTo($this->arResult["IBLOCK_ID"], $this->arResult["IBLOCK_ID"], "element_read") || CIBlockSectionRights::UserHasRightTo($this->arResult["IBLOCK_ID"], $this->arResult["SECTION_ID"], "section_element_bind"))) { ShowError(GetMessage("CC_BLL_ACCESS_DENIED")); return; } if (!(!$this->arResult["IS_SOCNET_GROUP_CLOSED"] && ($this->listsPerm > CListPermissions::CAN_READ || CIBlockSectionRights::UserHasRightTo($this->arResult["IBLOCK_ID"], $this->arResult["SECTION_ID"], "element_read") || CIBlockSectionRights::UserHasRightTo($this->arResult["IBLOCK_ID"], $this->arResult["SECTION_ID"], "section_element_bind")))) { ShowError(GetMessage("CC_BLL_ACCESS_DENIED")); return; } $this->createDataExcel(); $APPLICATION->RestartBuffer(); header("Content-Type: application/vnd.ms-excel"); header("Content-Disposition: filename=list_" . $this->arIBlock["ID"] . ".xls"); $this->IncludeComponentTemplate(); $r = $APPLICATION->EndBufferContentMan(); echo $r; include $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/epilog_after.php"; die; }
public static function CheckSectionOperation($intIBlockID, $intSectionID, $strOperation, $strAccess) { $intIBlockID = intval($intIBlockID); if ($intIBlockID <= 0) { return false; } $intSectionID = intval($intSectionID); if ($intSectionID < 0) { return false; } if (!self::$boolCheck) { self::CheckExtRights(); } if (self::$boolExtRights) { return CIBlockSectionRights::UserHasRightTo($intIBlockID, $intSectionID, $strOperation); } else { return CIBlock::GetPermission($intIBlockID) >= $strAccess; } }
protected function checkPermission() { global $USER; $this->listPerm = CListPermissions::checkAccess($USER, $this->iblockTypeId, $this->iblockId, $this->socnetGroupId); if ($this->listPerm < 0) { switch ($this->listPerm) { case CListPermissions::WRONG_IBLOCK_TYPE: $this->errorCollection->add(array(new Error(Loc::getMessage('LISTS_LAC_WRONG_IBLOCK_TYPE')))); break; case CListPermissions::WRONG_IBLOCK: $this->errorCollection->add(array(new Error(Loc::getMessage('LISTS_LAC_WRONG_IBLOCK')))); break; case CListPermissions::LISTS_FOR_SONET_GROUP_DISABLED: $this->errorCollection->add(array(new Error(Loc::getMessage('LISTS_LAC_SONET_GROUP_DISABLED')))); break; default: $this->errorCollection->add(array(new Error(Loc::getMessage('LISTS_LAC_UNKNOWN_ERROR')))); break; } } elseif ($this->listPerm < CListPermissions::CAN_READ && !(CIBlockRights::userHasRightTo($this->iblockId, $this->iblockId, "element_read") || CIBlockSectionRights::userHasRightTo($this->iblockId, $this->sectionId, "section_element_bind"))) { $this->errorCollection->add(array(new Error(Loc::getMessage('LISTS_LAC_ACCESS_DENIED')))); } }
if($arShowTabs['edit_rights']): $tabControl->BeginNextFormTab(); if($ID > 0) { $obRights = new CIBlockElementRights($IBLOCK_ID, $ID); $htmlHidden = ''; foreach($obRights->GetRights() as $RIGHT_ID => $arRight) $htmlHidden .= ' <input type="hidden" name="RIGHTS[][RIGHT_ID]" value="'.htmlspecialcharsbx($RIGHT_ID).'"> <input type="hidden" name="RIGHTS[][GROUP_CODE]" value="'.htmlspecialcharsbx($arRight["GROUP_CODE"]).'"> <input type="hidden" name="RIGHTS[][TASK_ID]" value="'.htmlspecialcharsbx($arRight["TASK_ID"]).'"> '; } else { $obRights = new CIBlockSectionRights($IBLOCK_ID, $MENU_SECTION_ID); $htmlHidden = ''; } $tabControl->BeginCustomField("RIGHTS", GetMessage("IBEL_E_RIGHTS_FIELD")); IBlockShowRights( 'element', $IBLOCK_ID, $ID, GetMessage("IBEL_E_RIGHTS_SECTION_TITLE"), "RIGHTS", $obRights->GetRightsList(), $obRights->GetRights(array("count_overwrited" => true, "parents" => $str_IBLOCK_ELEMENT_SECTION)), false, /*$bForceInherited=*/($ID <= 0) || $bCopy ); $tabControl->EndCustomField("RIGHTS", $htmlHidden);
} if (!isset($_POST["AJAX_CALL"])) { LocalRedirect($arResult["LIST_SECTION_URL"]); } } $grid_options = new CGridOptions($arResult["GRID_ID"]); $rsSections = CIBlockSection::GetList(array("left_margin" => "asc"), array("IBLOCK_ID" => $arResult["IBLOCK_ID"], "GLOBAL_ACTIVE" => "Y", "SECTION_ID" => $arResult["SECTION_ID"], "CHECK_PERMISSIONS" => $lists_perm >= CListPermissions::IS_ADMIN ? "N" : "Y")); $rsSections->NavStart($grid_options->GetNavParams(), false); $arResult["SECTIONS_ROWS"] = array(); while ($data = $rsSections->GetNext()) { $aCols = array("NAME" => '<a href="' . str_replace(array("#list_id#", "#section_id#", "#group_id#"), array($data["IBLOCK_ID"], $data["ID"], $arParams["SOCNET_GROUP_ID"]), $arParams['LIST_SECTIONS_URL']) . '">' . $data["NAME"] . '</a>'); $aActions = array(); if ($lists_perm >= CListPermissions::CAN_WRITE || CIBlockSectionRights::UserHasRightTo($data["ID"], $data["ID"], "section_edit")) { $aActions[] = array("ICONCLASS" => "edit", "TEXT" => GetMessage("CC_BLS_SECTION_ACTION_MENU_RENAME"), "ONCLICK" => "renameSection('form_section_add', '" . CUtil::JSEscape(GetMessage("CC_BLS_NEW_SECTION_NAME_PROMPT")) . "', " . $data["ID"] . ", '" . CUtil::JSEscape($data["NAME"]) . "');", "DEFAULT" => true); } if ($lists_perm >= CListPermissions::CAN_WRITE || CIBlockSectionRights::UserHasRightTo($data["ID"], $data["ID"], "section_delete")) { $aActions[] = array("ICONCLASS" => "delete", "TEXT" => GetMessage("CC_BLS_SECTION_ACTION_MENU_DELETE"), "ONCLICK" => "bxGrid_" . $arResult["GRID_ID"] . ".DeleteItem('" . $data["ID"] . "', '" . GetMessage("CC_BLS_SECTION_DELETE_PROPMT") . "')"); } $arResult["SECTIONS_ROWS"][] = array("id" => $data["ID"], "data" => $data, "actions" => $aActions, "columns" => $aCols); } $rsSections->bShowAll = false; $arResult["NAV_OBJECT"] = $rsSections; if (defined("BX_AJAX_PARAM_ID")) { $return_url = $APPLICATION->GetCurPageParam("", array(BX_AJAX_PARAM_ID)); } else { $return_url = $APPLICATION->GetCurPageParam(); } $this->IncludeComponentTemplate(); $APPLICATION->SetTitle(GetMessage("CC_BLS_PAGE_TITLE", array("#NAME#" => $arResult["IBLOCK"]["NAME"]))); $APPLICATION->AddChainItem($arResult["IBLOCK"]["NAME"], CHTTP::urlAddParams(str_replace(array("#list_id#", "#section_id#", "#group_id#"), array($arResult["IBLOCK_ID"], 0, $arParams["SOCNET_GROUP_ID"]), $arParams["~LIST_URL"]), array("list_section_id" => ""))); $APPLICATION->AddChainItem(GetMessage("CC_BLS_CHAIN_TITLE", array("#NAME#" => $arResult["IBLOCK"]["NAME"])), str_replace(array("#list_id#", "#section_id#", "#group_id#"), array($arResult["IBLOCK_ID"], 0, $arParams["SOCNET_GROUP_ID"]), $arParams["~LIST_SECTIONS_URL"]));
function IndexIBlockSection($arFields, $entity_id, $entity_type, $feature, $operation, $path_template) { $rSection = CIBlockSection::GetByID($arFields['ID']); $arSection = $rSection->Fetch(); $path = array(); $rsPath = CIBlockSection::GetNavChain($arFields["IBLOCK_ID"], $arFields['ID']); while ($arPath = $rsPath->Fetch()) { $path[] = $arPath['NAME']; } $path = implode("/", array_slice($path, 1)); $ID = intval($arFields["ID"]); $IBLOCK_ID = intval($arFields["IBLOCK_ID"]); $arItem = array(); if ($entity_type == "G") { $url = str_replace(array("#group_id#", "#user_alias#", "#section_id#", "#element_id#", "#action#", "#task_id#", "#name#", "#path#"), array($entity_id, "group_" . $entity_id, $arFields["IBLOCK_SECTION"], $arFields["ID"], "view", $arFields["ID"], urlencode($arFields["NAME"]), $path), $path_template); } else { $url = str_replace(array("#user_id#", "#user_alias#", "#section_id#", "#element_id#", "#action#", "#task_id#", "#path#"), array($entity_id, "user_" . $entity_id, $arFields["IBLOCK_SECTION"], $arFields["ID"], "view", $arFields["ID"], $path), $path_template); } $body = ""; $title = $arFields["NAME"]; $arPermissions = $this->GetSearchGroups($entity_type, $entity_id, $feature, $operation); if (CIBlock::GetArrayByID($IBLOCK_ID, "RIGHTS_MODE") == "E") { $obSectionRights = new CIBlockSectionRights($IBLOCK_ID, $arFields["ID"]); $arPermissions = $obSectionRights->GetGroups(array("section_read")); } $arSearchIndexParams = $this->GetSearchParams($entity_type, $entity_id, $feature, $operation); CSearch::Index("socialnetwork", 'S' . $ID, array("LAST_MODIFIED" => ConvertTimeStamp(time() + CTimeZone::GetOffset(), "FULL"), "TITLE" => $title, "BODY" => $body, "SITE_ID" => array(SITE_ID => $url), "PARAM1" => CIBlock::GetArrayByID($IBLOCK_ID, "IBLOCK_TYPE_ID"), "PARAM2" => $IBLOCK_ID, "PARAM3" => $feature, "TAGS" => "", "PERMISSIONS" => $arPermissions, "PARAMS" => $arSearchIndexParams), true); if (defined("BX_COMP_MANAGED_CACHE")) { $GLOBALS["CACHE_MANAGER"]->ClearByTag("sonet_search_" . $entity_type . "_" . $entity_id); } }
} if ($PRODUCT_ID > 0) { $bReadOnly = !($USER->CanDoOperation('catalog_price') && CIBlockElementRights::UserHasRightTo($IBLOCK_ID, $PRODUCT_ID, "element_edit_price")); if ($arMainCatalog['SUBSCRIPTION'] == 'Y') { $arProductSelect = array('ID', 'QUANTITY', 'QUANTITY_RESERVED', 'QUANTITY_TRACE_ORIG', 'VAT_ID', 'VAT_INCLUDED', 'CAN_BUY_ZERO_ORIG', 'PRICE_TYPE', 'RECUR_SCHEME_TYPE', 'RECUR_SCHEME_LENGTH', 'TRIAL_PRICE_ID', 'WITHOUT_ORDER', 'PURCHASING_PRICE', 'PURCHASING_CURRENCY', 'BARCODE_MULTI', 'SUBSCRIBE_ORIG', 'TYPE'); } else { $arProductSelect = array('ID', 'QUANTITY', 'QUANTITY_RESERVED', 'QUANTITY_TRACE_ORIG', 'WEIGHT', 'WIDTH', 'LENGTH', 'HEIGHT', 'MEASURE', 'VAT_ID', 'VAT_INCLUDED', 'CAN_BUY_ZERO_ORIG', 'PURCHASING_PRICE', 'PURCHASING_CURRENCY', 'BARCODE_MULTI', 'SUBSCRIBE_ORIG', 'TYPE'); } $rsProducts = CCatalogProduct::GetList(array(), array('ID' => $PRODUCT_ID), false, false, $arProductSelect); $arBaseProduct = $rsProducts->Fetch(); if ($bCopy) { $arBaseProduct['QUANTITY'] = ''; $arBaseProduct['QUANTITY_RESERVED'] = ''; } } else { $bReadOnly = !($USER->CanDoOperation('catalog_price') && CIBlockSectionRights::UserHasRightTo($IBLOCK_ID, $MENU_SECTION_ID, "element_edit_price")); } if (empty($arBaseProduct)) { $arBaseProduct = $arDefProduct; } $productIsSet = CBXFeatures::IsFeatureEnabled('CatCompleteSet') && ($arBaseProduct['TYPE'] == CCatalogProduct::TYPE_SET || $arShowTabs['product_set']); $bDiscount = $USER->CanDoOperation('catalog_discount'); $bStore = $USER->CanDoOperation('catalog_store'); $bUseStoreControl = COption::GetOptionString('catalog', 'default_use_store_control') == 'Y'; $bEnableReservation = COption::GetOptionString('catalog', 'enable_reservation') != 'N'; $availQuantityTrace = COption::GetOptionString("catalog", "default_quantity_trace"); $availCanBuyZero = COption::GetOptionString("catalog", "default_can_buy_zero"); $availNegativeAmountGlobal = COption::GetOptionString("catalog", "allow_negative_amount"); $strGlobalSubscribe = COption::GetOptionString("catalog", "default_subscribe"); $arExtraList = array(); $l = CExtra::GetList(array("NAME" => "ASC"));
$arBPStart[] = array("TEXT" => $arWorkflowTemplate["NAME"], "ONCLICK" => "jsUtils.Redirect(arguments, '" . CUtil::JSEscape($url) . "')"); } } } $url = str_replace(array("#list_id#", "#section_id#", "#element_id#", "#group_id#"), array($arIBlock["ID"], intval($arResult["SECTION_ID"]), intval($data["~ID"]), $arParams["SOCNET_GROUP_ID"]), $arParams["LIST_ELEMENT_URL"]); if ($arResult["ANY_SECTION"]) { $url = CHTTP::urlAddParams($url, array("list_section_id" => "")); } $aActions = array(); if (!$arResult["IS_SOCNET_GROUP_CLOSED"] && ($lists_perm >= CListPermissions::CAN_WRITE || CIBlockElementRights::UserHasRightTo($IBLOCK_ID, $data["~ID"], "element_edit"))) { $aActions[] = array("ICONCLASS" => "edit", "TEXT" => GetMessage("CC_BLL_ELEMENT_ACTION_MENU_EDIT"), "ONCLICK" => "jsUtils.Redirect(arguments, '" . CUtil::JSEscape($url) . "')", "DEFAULT" => true); $arResult["ELEMENTS_CAN_MOVE"][] = $data["ID"]; } else { $aActions[] = array("ICONCLASS" => "view", "TEXT" => GetMessage("CC_BLL_ELEMENT_ACTION_MENU_VIEW"), "ONCLICK" => "jsUtils.Redirect(arguments, '" . CUtil::JSEscape($url) . "')", "DEFAULT" => true); } if (!$arResult["IS_SOCNET_GROUP_CLOSED"] && ($lists_perm > CListPermissions::CAN_READ || CIBlockSectionRights::UserHasRightTo($IBLOCK_ID, intval($arResult["SECTION_ID"]), "section_element_bind"))) { $urlCopy = CHTTP::urlAddParams(str_replace(array("#list_id#", "#section_id#", "#element_id#", "#group_id#"), array($arIBlock["ID"], intval($arResult["SECTION_ID"]), 0, $arParams["SOCNET_GROUP_ID"]), $arParams["LIST_ELEMENT_URL"]), array("copy_id" => $data["~ID"]), array("skip_empty" => true, "encode" => true)); $aActions[] = array("TEXT" => GetMessage("CC_BLL_ELEMENT_ACTION_MENU_COPY"), "ONCLICK" => "jsUtils.Redirect(arguments, '" . CUtil::JSEscape($urlCopy) . "')"); } if (count($arBPStart) && !$arResult["IS_SOCNET_GROUP_CLOSED"] && ($lists_perm >= CListPermissions::CAN_BIZPROC || CIBlockElementRights::UserHasRightTo($IBLOCK_ID, $data["~ID"], "element_bizproc_start"))) { $aActions[] = array("TEXT" => GetMessage("CC_BLL_ELEMENT_ACTION_MENU_START_BP"), "MENU" => $arBPStart); } if (CModule::IncludeModule("bizproc")) { if (!empty($documentStates)) { $currentUserGroups = $GLOBALS["USER"]->GetUserGroupArray(); if ($data["CREATED_BY"] == $GLOBALS["USER"]->GetID()) { $currentUserGroups[] = "author"; } $listProcesses = array(); $backUrl = $APPLICATION->GetCurPageParam(); foreach ($documentStates as $documentState) {
static function GroupERights($iblockID) { if (CIBlock::GetArrayByID($iblockID, "RIGHTS_MODE") === "E") { return; } $arGroups = self::GetGroups($iblockID); foreach ($arGroups as $groupID => $group) { foreach (self::$ops as $op => $opTrans) { $arGroups[$groupID]["Operations"][$op] = CSocNetFeaturesPerms::GetOperationPerm(SONET_ENTITY_GROUP, $groupID, 'files', $op); } } $arTasks = CWebDavIblock::GetTasks(); // set e rights $arFields = array('RIGHTS_MODE' => 'E', 'GROUP_ID' => array()); $ib = new CIBlock(); $res = $ib->Update($iblockID, $arFields); $ibr = new CIBlockRights($iblockID); $rights = array(); $rights['n0'] = array('GROUP_CODE' => 'G1', 'DO_CLEAN' => 'Y', 'TASK_ID' => $arTasks['X']); // admins $rights['n1'] = array('GROUP_CODE' => 'G2', 'DO_CLEAN' => 'Y', 'TASK_ID' => $arTasks['D']); // nobody $ibr->SetRights($rights); foreach ($arGroups as $groupID => $group) { $sectionID = $group['SECTION']; $ibrs = new CIBlockSectionRights($iblockID, $sectionID); $rights = array(); $i = 0; foreach ($group["Operations"] as $op => $subj) { // 'Operations' => // array // 'view' => string 'A' (length=1) // 'write_limited' => string 'Z' (length=1) // 'bizproc' => null // 'write' => string 'Z' (length=1) // // A>Только владелец группы // E>Владелец группы и модераторы группы // K>Все члены группы // L>Авторизованные пользователи // N>Все посетители if ($subj) { if ($subj == "N") { $sSubj = "G2"; } elseif ($subj == "L") { $sSubj = "AU"; } else { $sSubj = "SG{$groupID}_{$subj}"; } $rights[$sSubj] = $arTasks[self::$ops[$op]]; if (self::$ops[$op] == 'E') { $rights["CR"] = $arTasks['W']; } } } $rights["SG{$groupID}_A"] = $arTasks["X"]; // admin of group $arRights = array(); $i = 0; foreach ($rights as $subj => $task) { $arRights['n' . $i++] = array('GROUP_CODE' => $subj, 'TASK_ID' => $task, 'DO_CLEAN' => 'NOT'); } $ibrs->SetRights($arRights); } }
function UpdateSearch($ID, $bOverWrite = false) { if (!CModule::IncludeModule("search")) { return; } global $DB; $ID = Intval($ID); static $arGroups = array(); static $arSITE = array(); $strSql = "\n\t\t\tSELECT BS.ID, BS.NAME, BS.DESCRIPTION_TYPE, BS.DESCRIPTION, BS.XML_ID as EXTERNAL_ID,\n\t\t\t\tBS.CODE, BS.IBLOCK_ID, B.IBLOCK_TYPE_ID,\n\t\t\t\t" . $DB->DateToCharFunction("BS.TIMESTAMP_X") . " as LAST_MODIFIED,\n\t\t\t\tB.CODE as IBLOCK_CODE, B.XML_ID as IBLOCK_EXTERNAL_ID, B.SECTION_PAGE_URL,\n\t\t\t\tB.ACTIVE as ACTIVE1,\n\t\t\t\tBS.GLOBAL_ACTIVE as ACTIVE2,\n\t\t\t\tB.INDEX_SECTION, B.RIGHTS_MODE\n\t\t\tFROM b_iblock_section BS, b_iblock B\n\t\t\tWHERE BS.IBLOCK_ID=B.ID\n\t\t\t\tAND BS.ID=" . $ID; $dbrIBlockSection = $DB->Query($strSql); if ($arIBlockSection = $dbrIBlockSection->Fetch()) { $IBLOCK_ID = $arIBlockSection["IBLOCK_ID"]; $SECTION_URL = "=ID=" . $arIBlockSection["ID"] . "&EXTERNAL_ID=" . $arIBlockSection["EXTERNAL_ID"] . "&IBLOCK_TYPE_ID=" . $arIBlockSection["IBLOCK_TYPE_ID"] . "&IBLOCK_ID=" . $arIBlockSection["IBLOCK_ID"] . "&IBLOCK_CODE=" . $arIBlockSection["IBLOCK_CODE"] . "&IBLOCK_EXTERNAL_ID=" . $arIBlockSection["IBLOCK_EXTERNAL_ID"] . "&CODE=" . $arIBlockSection["CODE"]; if ($arIBlockSection["ACTIVE1"] != "Y" || $arIBlockSection["ACTIVE2"] != "Y" || $arIBlockSection["INDEX_SECTION"] != "Y") { CSearch::DeleteIndex("iblock", "S" . $arIBlockSection["ID"]); return; } if (!array_key_exists($IBLOCK_ID, $arGroups)) { $arGroups[$IBLOCK_ID] = array(); $strSql = "SELECT GROUP_ID " . "FROM b_iblock_group " . "WHERE IBLOCK_ID= " . $IBLOCK_ID . " " . "\tAND PERMISSION>='R' " . "ORDER BY GROUP_ID"; $dbrIBlockGroup = $DB->Query($strSql); while ($arIBlockGroup = $dbrIBlockGroup->Fetch()) { $arGroups[$IBLOCK_ID][] = $arIBlockGroup["GROUP_ID"]; if ($arIBlockGroup["GROUP_ID"] == 2) { break; } } } if (!array_key_exists($IBLOCK_ID, $arSITE)) { $arSITE[$IBLOCK_ID] = array(); $strSql = "SELECT SITE_ID " . "FROM b_iblock_site " . "WHERE IBLOCK_ID= " . $IBLOCK_ID; $dbrIBlockSite = $DB->Query($strSql); while ($arIBlockSite = $dbrIBlockSite->Fetch()) { $arSITE[$IBLOCK_ID][] = $arIBlockSite["SITE_ID"]; } } $BODY = $arIBlockSection["DESCRIPTION_TYPE"] == "html" ? CSearch::KillTags($arIBlockSection["DESCRIPTION"]) : $arIBlockSection["DESCRIPTION"]; $BODY .= $GLOBALS["USER_FIELD_MANAGER"]->OnSearchIndex("IBLOCK_" . $arIBlockSection["IBLOCK_ID"] . "_SECTION", $arIBlockSection["ID"]); if ($arIBlockSection["RIGHTS_MODE"] !== "E") { $arPermissions = $arGroups[$IBLOCK_ID]; } else { $obSectionRights = new CIBlockSectionRights($IBLOCK_ID, $arIBlockSection["ID"]); $arPermissions = $obSectionRights->GetGroups(array("section_read")); } CSearch::Index("iblock", "S" . $ID, array("LAST_MODIFIED" => $arIBlockSection["LAST_MODIFIED"], "TITLE" => $arIBlockSection["NAME"], "PARAM1" => $arIBlockSection["IBLOCK_TYPE_ID"], "PARAM2" => $IBLOCK_ID, "SITE_ID" => $arSITE[$IBLOCK_ID], "PERMISSIONS" => $arPermissions, "URL" => $SECTION_URL, "BODY" => $BODY), $bOverWrite); } }
<?php /** @global CUser $USER */ /** @global int $ID */ use Bitrix\Main, Bitrix\Main\Localization\Loc; if ($USER->CanDoOperation('catalog_price')) { $IBLOCK_ID = intval($IBLOCK_ID); if (0 >= $IBLOCK_ID) { return; } $MENU_SECTION_ID = intval($MENU_SECTION_ID); $ID = (int) $ID; $PRODUCT_ID = 0 < $ID ? CIBlockElement::GetRealElement($ID) : 0; $boolPriceRights = $PRODUCT_ID > 0 ? CIBlockElementRights::UserHasRightTo($IBLOCK_ID, $PRODUCT_ID, "element_edit_price") : CIBlockSectionRights::UserHasRightTo($IBLOCK_ID, $MENU_SECTION_ID, "element_edit_price"); if ($boolPriceRights) { Loc::loadMessages($_SERVER['DOCUMENT_ROOT'] . '/bitrix/modules/catalog/templates/product_edit_action.php'); $arCatalogBasePrices = array(); $arCatalogPrices = array(); $CAT_ROW_COUNTER = intval($CAT_ROW_COUNTER); if ($CAT_ROW_COUNTER < 0) { $strWarning .= Loc::getMessage("C2IT_INTERNAL_ERROR") . "<br>"; } $arCatalogBaseGroup = CCatalogGroup::GetBaseGroup(); if (!$arCatalogBaseGroup) { $strWarning .= Loc::getMessage("C2IT_NO_BASE_TYPE") . "<br>"; } $CAT_VAT_ID = intval($CAT_VAT_ID); $CAT_VAT_INCLUDED = !isset($CAT_VAT_INCLUDED) || $CAT_VAT_INCLUDED == 'N' ? 'N' : 'Y'; $bUseExtForm = isset($_POST['price_useextform']) && $_POST['price_useextform'] == 'Y'; if (!$bUseExtForm) { $CAT_ROW_COUNTER = 0;
$aContext = array(); $boolBtnNew = false; if (CIBlockSectionRights::UserHasRightTo($IBLOCK_ID, $find_section_section, "section_element_bind")) { $boolBtnNew = true; if (CModule::IncludeModule('catalog')) { CCatalogAdminTools::setProductFormParams(); $arCatalogBtns = CCatalogAdminTools::getIBlockElementMenu($IBLOCK_ID, $arCatalog, array('IBLOCK_SECTION_ID' => $find_section_section, 'find_section_section' => $find_section_section, 'from' => 'iblock_section_admin')); if (!empty($arCatalogBtns)) { $aContext = $arCatalogBtns; } } if (empty($aContext)) { $aContext[] = array("TEXT" => htmlspecialcharsbx($arIBlock["ELEMENT_ADD"]), "ICON" => "btn_new", "LINK" => CIBlock::GetAdminElementEditLink($IBLOCK_ID, 0, array('IBLOCK_SECTION_ID' => $find_section_section, 'find_section_section' => $find_section_section, 'from' => 'iblock_section_admin')), "TITLE" => GetMessage("IBSEC_A_ADDEL_TITLE")); } } if (CIBlockSectionRights::UserHasRightTo($IBLOCK_ID, $find_section_section, "section_section_bind")) { $aContext[] = array("TEXT" => htmlspecialcharsbx($arIBlock["SECTION_ADD"]), "ICON" => $boolBtnNew ? "" : "btn_new", "LINK" => CIBlock::GetAdminSectionEditLink($IBLOCK_ID, 0, array('IBLOCK_SECTION_ID' => $find_section_section, 'find_section_section' => $find_section_section, 'from' => 'iblock_section_admin')), "TITLE" => GetMessage("IBSEC_A_SECTADD_PRESS")); } if (defined("CATALOG_PRODUCT")) { if ($find_section_section > 0) { $rsParent = CIBlockSection::GetList(array(), array("=ID" => $find_section_section), false, array("ID", "IBLOCK_SECTION_ID")); if ($arParent = $rsParent->Fetch()) { $aContext[] = array("TEXT" => GetMessage("IBSEC_A_UP"), "LINK" => CIBlock::GetAdminSectionListLink($IBLOCK_ID, array('find_section_section' => intval($arParent["IBLOCK_SECTION_ID"]))), "TITLE" => GetMessage("IBSEC_A_UP_TITLE")); } } } else { $aContext[] = array("TEXT" => htmlspecialcharsbx($arIBlock["ELEMENTS_NAME"]), "LINK" => htmlspecialcharsbx(CIBlock::GetAdminElementListLink($IBLOCK_ID, array('find_section_section' => $find_section_section))), "TITLE" => GetMessage("IBSEC_A_LISTEL_TITLE")); if ($_GET["tree"] == "Y") { $aContext[] = array("TEXT" => GetMessage("IBSEC_A_NOT_TREE"), "LINK" => CIBlock::GetAdminSectionListLink($IBLOCK_ID, array('find_section_section' => $find_section_section, 'tree' => 'N')), "TITLE" => GetMessage("IBSEC_A_NOT_TREE_TITLE")); } else { $aContext[] = array("TEXT" => GetMessage("IBSEC_A_TREE"), "LINK" => CIBlock::GetAdminSectionListLink($IBLOCK_ID, array('find_section_section' => $find_section_section, 'tree' => 'Y')), "TITLE" => GetMessage("IBSEC_A_TREE_TITLE"));
<?php if (!defined("B_PROLOG_INCLUDED") || B_PROLOG_INCLUDED !== true) { die; } $arToolbar = array(); if ($arResult["IBLOCK_PERM"] > CListPermissions::CAN_READ || CIBlockSectionRights::UserHasRightTo($arResult["IBLOCK"]["ID"], intval($arResult["SECTION_ID"]), "section_element_bind")) { $arToolbar[] = array("TEXT" => $arResult["IBLOCK"]["ELEMENT_ADD"], "TITLE" => GetMessage("CT_BLL_TOOLBAR_ADD_ELEMENT_TITLE"), "LINK" => $arResult["LIST_NEW_ELEMENT_URL"], "ICON" => "btn-add-element"); } if ($arResult["IBLOCK_PERM"] >= CListPermissions::CAN_WRITE || CIBlockSectionRights::UserHasRightTo($arResult["IBLOCK"]["ID"], intval($arResult["SECTION_ID"]), "section_edit") || CIBlockSectionRights::UserHasRightTo($arResult["IBLOCK"]["ID"], intval($arResult["SECTION_ID"]), "section_section_bind")) { $arToolbar[] = array("TEXT" => GetMessage("CT_BLL_TOOLBAR_EDIT_SECTION"), "TITLE" => GetMessage("CT_BLL_TOOLBAR_EDIT_SECTION_TITLE"), "LINK" => $arResult["LIST_SECTION_URL"], "ICON" => "btn-edit-sections"); } if ($arParams["CAN_EDIT"]) { if (count($arToolbar)) { $arToolbar[] = array("SEPARATOR" => true); } if ($arResult["IBLOCK"]["BIZPROC"] == "Y" && $arParams["CAN_EDIT_BIZPROC"]) { $arToolbar[] = array("TEXT" => GetMessage("CT_BLL_TOOLBAR_BIZPROC"), "TITLE" => GetMessage("CT_BLL_TOOLBAR_BIZPROC_TITLE"), "LINK" => $arResult["BIZPROC_WORKFLOW_ADMIN_URL"], "ICON" => "btn-list-bizproc"); } $arToolbar[] = array("TEXT" => GetMessage("CT_BLL_TOOLBAR_LIST"), "TITLE" => GetMessage("CT_BLL_TOOLBAR_LIST_TITLE"), "LINK" => $arResult["LIST_EDIT_URL"], "ICON" => "btn-edit-list"); } if (IsModuleInstalled('intranet') && CBXFeatures::IsFeatureEnabled('intranet_sharepoint')) { if ($arIcons = $APPLICATION->IncludeComponent('bitrix:sharepoint.link', '', array('IBLOCK_ID' => $arParams['IBLOCK_ID'], 'OUTPUT' => 'N'), null, array('HIDE_ICONS' => 'Y'))) { if (count($arIcons['LINKS']) > 0) { $arMenu = array(); foreach ($arIcons['LINKS'] as $link) { $arMenu[] = array('TEXT' => $link['TEXT'], 'ONCLICK' => $link['ONCLICK'], 'ICONCLASS' => $link['ICON']); } $arToolbar[] = array('TEXT' => 'SharePoint', 'ICON' => 'bx-sharepoint', 'MENU' => $arMenu); } }
$tabControl->BeginNextFormTab(); if($ID > 0) { $obSectionRights = new CIBlockSectionRights($IBLOCK_ID, $ID); $htmlHidden = ''; foreach($obSectionRights->GetRights() as $RIGHT_ID => $arRight) $htmlHidden .= ' <input type="hidden" name="RIGHTS[][RIGHT_ID]" value="'.htmlspecialcharsbx($RIGHT_ID).'"> <input type="hidden" name="RIGHTS[][GROUP_CODE]" value="'.htmlspecialcharsbx($arRight["GROUP_CODE"]).'"> <input type="hidden" name="RIGHTS[][TASK_ID]" value="'.htmlspecialcharsbx($arRight["TASK_ID"]).'"> '; } else { $obSectionRights = new CIBlockSectionRights($IBLOCK_ID, $str_IBLOCK_SECTION_ID); $htmlHidden = ''; } $tabControl->BeginCustomField("RIGHTS", GetMessage("IBSEC_E_RIGHTS_FIELD")); IBlockShowRights( 'section', $IBLOCK_ID, $ID, GetMessage("IBSEC_E_RIGHTS_SECTION_TITLE"), "RIGHTS", $obSectionRights->GetRightsList(), $obSectionRights->GetRights(array("count_overwrited" => true, "parent" => $str_IBLOCK_SECTION_ID)), true, /*$bForceInherited=*/($ID <= 0) ); $tabControl->EndCustomField("RIGHTS", $htmlHidden);
} if (!isset($_POST["AJAX_CALL"])) { LocalRedirect($arResult["LIST_SECTION_URL"]); } } $grid_options = new CGridOptions($arResult["GRID_ID"]); $rsSections = CIBlockSection::GetList(array("left_margin" => "asc"), array("IBLOCK_ID" => $arResult["IBLOCK_ID"], "GLOBAL_ACTIVE" => "Y", "SECTION_ID" => $arResult["SECTION_ID"], "CHECK_PERMISSIONS" => $lists_perm >= CListPermissions::IS_ADMIN ? "N" : "Y")); $rsSections->NavStart($grid_options->GetNavParams(), false); $arResult["SECTIONS_ROWS"] = array(); while ($data = $rsSections->GetNext()) { $aCols = array("NAME" => '<a href="' . str_replace(array("#list_id#", "#section_id#", "#group_id#"), array($data["IBLOCK_ID"], $data["ID"], $arParams["SOCNET_GROUP_ID"]), $arParams['LIST_SECTIONS_URL']) . '">' . $data["NAME"] . '</a>'); $aActions = array(); if (!$arResult["IS_SOCNET_GROUP_CLOSED"] && ($lists_perm >= CListPermissions::CAN_WRITE || CIBlockSectionRights::UserHasRightTo($data["IBLOCK_ID"], $data["ID"], "section_edit"))) { $aActions[] = array("ICONCLASS" => "edit", "TEXT" => GetMessage("CC_BLS_SECTION_ACTION_MENU_RENAME"), "ONCLICK" => "renameSection('form_section_add', '" . CUtil::JSEscape(GetMessage("CC_BLS_NEW_SECTION_NAME_PROMPT")) . "', " . $data["ID"] . ", '" . CUtil::JSEscape($data["NAME"]) . "');", "DEFAULT" => true); } if (!$arResult["IS_SOCNET_GROUP_CLOSED"] && ($lists_perm >= CListPermissions::CAN_WRITE || CIBlockSectionRights::UserHasRightTo($data["IBLOCK_ID"], $data["ID"], "section_delete"))) { $aActions[] = array("ICONCLASS" => "delete", "TEXT" => GetMessage("CC_BLS_SECTION_ACTION_MENU_DELETE"), "ONCLICK" => "bxGrid_" . $arResult["GRID_ID"] . ".DeleteItem('" . $data["ID"] . "', '" . GetMessage("CC_BLS_SECTION_DELETE_PROPMT") . "')"); $canDelete = true; } else { $canDelete = false; } $arResult["SECTIONS_ROWS"][] = array("id" => $data["ID"], "data" => $data, "actions" => $aActions, "columns" => $aCols, "canDelete" => $canDelete); } $rsSections->bShowAll = false; $arResult["NAV_OBJECT"] = $rsSections; if (defined("BX_AJAX_PARAM_ID")) { $return_url = $APPLICATION->GetCurPageParam("", array(BX_AJAX_PARAM_ID)); } else { $return_url = $APPLICATION->GetCurPageParam(); } $this->IncludeComponentTemplate();
if($arShowTabs['edit_rights']): $tabControl->BeginNextFormTab(); if($ID > 0) { $obRights = new CIBlockElementRights($IBLOCK_ID, $ID); $htmlHidden = ''; foreach($obRights->GetRights() as $RIGHT_ID => $arRight) $htmlHidden .= ' <input type="hidden" name="SUB_RIGHTS[][RIGHT_ID]" value="'.htmlspecialcharsbx($RIGHT_ID).'"> <input type="hidden" name="SUB_RIGHTS[][GROUP_CODE]" value="'.htmlspecialcharsbx($arRight["GROUP_CODE"]).'"> <input type="hidden" name="SUB_RIGHTS[][TASK_ID]" value="'.htmlspecialcharsbx($arRight["TASK_ID"]).'"> '; } else { $obRights = new CIBlockSectionRights($IBLOCK_ID, 0); $htmlHidden = ''; } $tabControl->BeginCustomField("RIGHTS", GetMessage("IBEL_E_RIGHTS_FIELD")); IBlockShowRights( 'element', $IBLOCK_ID, $ID, GetMessage("IBEL_E_RIGHTS_SECTION_TITLE"), "SUB_RIGHTS", $obRights->GetRightsList(), $obRights->GetRights(array("count_overwrited" => true, "parents" => array())), false, /*$bForceInherited=*/($ID <= 0) || $bCopy ); $tabControl->EndCustomField("RIGHTS", $htmlHidden);
if ($arParams["SOCNET_GROUP_ID"]) { $arResult["HIGHLIGHT"] = array("socnetgroup" => array("group_id" => $arParams["SOCNET_GROUP_ID"]), "groups" => array("disabled" => true)); } else { $arResult["HIGHLIGHT"] = array("groups" => array("disabled" => true)); } } else { if ($arParams["SOCNET_GROUP_ID"]) { $arResult["HIGHLIGHT"] = array("socnetgroup" => array("group_id" => $arParams["SOCNET_GROUP_ID"])); } else { $arResult["HIGHLIGHT"] = null; } } if ($arResult["ELEMENT_ID"]) { $obRights = new CIBlockElementRights($arResult["IBLOCK_ID"], $arResult["ELEMENT_ID"]); } else { $obRights = new CIBlockSectionRights($arResult["IBLOCK_ID"], intval($data["IBLOCK_SECTION_ID"])); } $arResult["RIGHTS"] = $obRights->GetRights(array("parents" => array($data["IBLOCK_SECTION_ID"]))); $arListsPerm = CLists::GetPermission($arParams["~IBLOCK_TYPE_ID"]); foreach ($arResult["RIGHTS"] as $RIGHT_ID => $arRight) { //1) protect groups from module settings $match = array(); if (preg_match("/^G(\\d)\$/", $arRight["GROUP_CODE"], $match) && is_array($arListsPerm) && in_array($match[1], $arListsPerm)) { unset($arResult["RIGHTS"][$RIGHT_ID]); $arResult["SELECTED"][$arRight["GROUP_CODE"]] = true; } else { //2) protect groups with iblock_% operations $arOperations = CTask::GetOperations($arRight['TASK_ID'], true); foreach ($arOperations as $operation) { if (preg_match("/^iblock_(?!admin)/", $operation)) { unset($arResult["RIGHTS"][$RIGHT_ID]);
public static function OnSearchReindex($NS = array(), $oCallback = NULL, $callback_method = "") { /** @global CUserTypeManager $USER_FIELD_MANAGER */ global $USER_FIELD_MANAGER; /** $global CDatabase $DB */ global $DB; $strNSJoin1 = ""; $strNSFilter1 = ""; $strNSFilter2 = ""; $strNSFilter3 = ""; $arResult = array(); if ($NS["MODULE"] == "iblock" && strlen($NS["ID"]) > 0) { $arrTmp = explode(".", $NS["ID"]); $strNSFilter1 = " AND B.ID>=" . IntVal($arrTmp[0]) . " "; if (substr($arrTmp[1], 0, 1) != 'S') { $strNSFilter2 = " AND BE.ID>" . IntVal($arrTmp[1]) . " "; } else { $strNSFilter2 = false; $strNSFilter3 = " AND BS.ID>" . IntVal(substr($arrTmp[1], 1)) . " "; } } if ($NS["SITE_ID"] != "") { $strNSJoin1 .= " INNER JOIN b_iblock_site BS ON BS.IBLOCK_ID=B.ID "; $strNSFilter1 .= " AND BS.SITE_ID='" . $DB->ForSQL($NS["SITE_ID"]) . "' "; } $strSql = "\n\t\t\tSELECT B.ID, B.IBLOCK_TYPE_ID, B.INDEX_ELEMENT, B.INDEX_SECTION, B.RIGHTS_MODE,\n\t\t\t\tB.IBLOCK_TYPE_ID, B.CODE as IBLOCK_CODE, B.XML_ID as IBLOCK_EXTERNAL_ID\n\t\t\tFROM b_iblock B\n\t\t\t" . $strNSJoin1 . "\n\t\t\tWHERE B.ACTIVE = 'Y'\n\t\t\t\tAND (B.INDEX_ELEMENT='Y' OR B.INDEX_SECTION='Y')\n\t\t\t\t" . $strNSFilter1 . "\n\t\t\tORDER BY B.ID\n\t\t"; $dbrIBlock = $DB->Query($strSql); while ($arIBlock = $dbrIBlock->Fetch()) { $IBLOCK_ID = $arIBlock["ID"]; $arGroups = array(); $strSql = "SELECT GROUP_ID " . "FROM b_iblock_group " . "WHERE IBLOCK_ID= " . $IBLOCK_ID . " " . "\tAND PERMISSION>='R' " . "\tAND GROUP_ID>1 " . "ORDER BY GROUP_ID"; $dbrIBlockGroup = $DB->Query($strSql); while ($arIBlockGroup = $dbrIBlockGroup->Fetch()) { $arGroups[] = $arIBlockGroup["GROUP_ID"]; if ($arIBlockGroup["GROUP_ID"] == 2) { break; } } $arSITE = array(); $strSql = "SELECT SITE_ID " . "FROM b_iblock_site " . "WHERE IBLOCK_ID= " . $IBLOCK_ID; $dbrIBlockSite = $DB->Query($strSql); while ($arIBlockSite = $dbrIBlockSite->Fetch()) { $arSITE[] = $arIBlockSite["SITE_ID"]; } if ($arIBlock["INDEX_ELEMENT"] == 'Y' && $strNSFilter2 !== false) { $strSql = "SELECT BE.ID, BE.NAME, BE.TAGS, " . "\t" . $DB->DateToCharFunction("BE.ACTIVE_FROM") . " as DATE_FROM, " . "\t" . $DB->DateToCharFunction("BE.ACTIVE_TO") . " as DATE_TO, " . "\t" . $DB->DateToCharFunction("BE.TIMESTAMP_X") . " as LAST_MODIFIED, " . "\tBE.PREVIEW_TEXT_TYPE, BE.PREVIEW_TEXT, " . "\tBE.DETAIL_TEXT_TYPE, BE.DETAIL_TEXT, " . "\tBE.XML_ID as EXTERNAL_ID, BE.CODE, " . "\tBE.IBLOCK_SECTION_ID " . "FROM b_iblock_element BE " . "WHERE BE.IBLOCK_ID=" . $IBLOCK_ID . " " . "\tAND BE.ACTIVE='Y' " . CIBlockElement::WF_GetSqlLimit("BE.", "N") . $strNSFilter2 . "ORDER BY BE.ID "; //For MySQL we have to solve client out of memory //problem by limiting the query if ($DB->type == "MYSQL") { $limit = 1000; $strSql .= " LIMIT " . $limit; } else { $limit = false; } $dbrIBlockElement = $DB->Query($strSql); while ($arIBlockElement = $dbrIBlockElement->Fetch()) { $DETAIL_URL = "=ID=" . $arIBlockElement["ID"] . "&EXTERNAL_ID=" . $arIBlockElement["EXTERNAL_ID"] . "&CODE=" . $arIBlockElement["CODE"] . "&IBLOCK_SECTION_ID=" . $arIBlockElement["IBLOCK_SECTION_ID"] . "&IBLOCK_TYPE_ID=" . $arIBlock["IBLOCK_TYPE_ID"] . "&IBLOCK_ID=" . $IBLOCK_ID . "&IBLOCK_CODE=" . $arIBlock["IBLOCK_CODE"] . "&IBLOCK_EXTERNAL_ID=" . $arIBlock["IBLOCK_EXTERNAL_ID"]; $BODY = ($arIBlockElement["PREVIEW_TEXT_TYPE"] == "html" ? CSearch::KillTags($arIBlockElement["PREVIEW_TEXT"]) : $arIBlockElement["PREVIEW_TEXT"]) . "\r\n" . ($arIBlockElement["DETAIL_TEXT_TYPE"] == "html" ? CSearch::KillTags($arIBlockElement["DETAIL_TEXT"]) : $arIBlockElement["DETAIL_TEXT"]); $dbrProperties = CIBlockElement::GetProperty($IBLOCK_ID, $arIBlockElement["ID"], "sort", "asc", array("ACTIVE" => "Y", "SEARCHABLE" => "Y")); while ($arProperties = $dbrProperties->Fetch()) { $BODY .= "\r\n"; if (strlen($arProperties["USER_TYPE"]) > 0) { $UserType = CIBlockProperty::GetUserType($arProperties["USER_TYPE"]); } else { $UserType = array(); } if (array_key_exists("GetSearchContent", $UserType)) { $BODY .= CSearch::KillTags(call_user_func_array($UserType["GetSearchContent"], array($arProperties['ID'], array("VALUE" => $arProperties["VALUE"]), array()))); } elseif (array_key_exists("GetPublicViewHTML", $UserType)) { $BODY .= CSearch::KillTags(call_user_func_array($UserType["GetPublicViewHTML"], array($arProperties['ID'], array("VALUE" => $arProperties["VALUE"]), array()))); } elseif ($arProperties["PROPERTY_TYPE"] == 'L') { $BODY .= $arProperties["VALUE_ENUM"]; } elseif ($arProperties["PROPERTY_TYPE"] == 'F') { $arFile = CIBlockElement::__GetFileContent($arProperties["VALUE"]); if (is_array($arFile)) { $BODY .= $arFile["CONTENT"]; $arIBlockElement["TAGS"] .= "," . $arFile["PROPERTIES"][COption::GetOptionString("search", "page_tag_property")]; } } else { $BODY .= $arProperties["VALUE"]; } } if ($arIBlock["RIGHTS_MODE"] !== "E") { $arPermissions = $arGroups; } else { $obElementRights = new CIBlockElementRights($IBLOCK_ID, $arIBlockElement["ID"]); $arPermissions = $obElementRights->GetGroups(array("element_read")); } $Result = array("ID" => $arIBlockElement["ID"], "LAST_MODIFIED" => strlen($arIBlockElement["DATE_FROM"]) > 0 ? $arIBlockElement["DATE_FROM"] : $arIBlockElement["LAST_MODIFIED"], "TITLE" => $arIBlockElement["NAME"], "BODY" => $BODY, "TAGS" => $arIBlockElement["TAGS"], "SITE_ID" => $arSITE, "PARAM1" => $arIBlock["IBLOCK_TYPE_ID"], "PARAM2" => $IBLOCK_ID, "DATE_FROM" => strlen($arIBlockElement["DATE_FROM"]) > 0 ? $arIBlockElement["DATE_FROM"] : false, "DATE_TO" => strlen($arIBlockElement["DATE_TO"]) > 0 ? $arIBlockElement["DATE_TO"] : false, "PERMISSIONS" => $arPermissions, "URL" => $DETAIL_URL); if ($oCallback) { $res = call_user_func(array($oCallback, $callback_method), $Result); if (!$res) { return $IBLOCK_ID . "." . $arIBlockElement["ID"]; } } else { $arResult[] = $Result; } if ($limit !== false) { $limit--; if ($limit <= 0) { return $IBLOCK_ID . "." . $arIBlockElement["ID"]; } } } } if ($arIBlock["INDEX_SECTION"] == 'Y') { $strSql = "SELECT BS.ID, BS.NAME, " . "\t" . $DB->DateToCharFunction("BS.TIMESTAMP_X") . " as LAST_MODIFIED, " . "\tBS.DESCRIPTION_TYPE, BS.DESCRIPTION, BS.XML_ID as EXTERNAL_ID, BS.CODE, " . "\tBS.IBLOCK_ID " . "FROM b_iblock_section BS " . "WHERE BS.IBLOCK_ID=" . $IBLOCK_ID . " " . "\tAND BS.GLOBAL_ACTIVE='Y' " . $strNSFilter3 . "ORDER BY BS.ID "; $dbrIBlockSection = $DB->Query($strSql); while ($arIBlockSection = $dbrIBlockSection->Fetch()) { $DETAIL_URL = "=ID=" . $arIBlockSection["ID"] . "&EXTERNAL_ID=" . $arIBlockSection["EXTERNAL_ID"] . "&CODE=" . $arIBlockSection["CODE"] . "&IBLOCK_TYPE_ID=" . $arIBlock["IBLOCK_TYPE_ID"] . "&IBLOCK_ID=" . $arIBlockSection["IBLOCK_ID"] . "&IBLOCK_CODE=" . $arIBlock["IBLOCK_CODE"] . "&IBLOCK_EXTERNAL_ID=" . $arIBlock["IBLOCK_EXTERNAL_ID"]; $BODY = $arIBlockSection["DESCRIPTION_TYPE"] == "html" ? CSearch::KillTags($arIBlockSection["DESCRIPTION"]) : $arIBlockSection["DESCRIPTION"]; $BODY .= $USER_FIELD_MANAGER->OnSearchIndex("IBLOCK_" . $arIBlockSection["IBLOCK_ID"] . "_SECTION", $arIBlockSection["ID"]); if ($arIBlock["RIGHTS_MODE"] !== "E") { $arPermissions = $arGroups; } else { $obSectionRights = new CIBlockSectionRights($IBLOCK_ID, $arIBlockSection["ID"]); $arPermissions = $obSectionRights->GetGroups(array("section_read")); } $Result = array("ID" => "S" . $arIBlockSection["ID"], "LAST_MODIFIED" => $arIBlockSection["LAST_MODIFIED"], "TITLE" => $arIBlockSection["NAME"], "BODY" => $BODY, "SITE_ID" => $arSITE, "PARAM1" => $arIBlock["IBLOCK_TYPE_ID"], "PARAM2" => $IBLOCK_ID, "PERMISSIONS" => $arPermissions, "URL" => $DETAIL_URL); if ($oCallback) { $res = call_user_func(array($oCallback, $callback_method), $Result); if (!$res) { return $IBLOCK_ID . ".S" . $arIBlockSection["ID"]; } } else { $arResult[] = $Result; } } } $strNSFilter2 = ""; $strNSFilter3 = ""; } if ($oCallback) { return false; } return $arResult; }
public function GetRights($arOptions = array()) { global $DB; $arResult = array(); if( !isset($arOptions["operations"]) || !is_array($arOptions["operations"]) || empty($arOptions["operations"]) ) { $rs = $DB->Query(" SELECT BR.ID ,BR.GROUP_CODE ,BR.TASK_ID ,BR.DO_INHERIT ,ER.IS_INHERITED ,BR.XML_ID ,BR.ENTITY_TYPE ,BR.ENTITY_ID FROM b_iblock_element_right ER INNER JOIN b_iblock_right BR ON BR.ID = ER.RIGHT_ID WHERE ER.IBLOCK_ID = ".$this->IBLOCK_ID." AND ER.ELEMENT_ID = ".$this->id." ORDER BY BR.ID "); } elseif( isset($arOptions["operations_mode"]) && $arOptions["operations_mode"] == CIBlockRights::ALL_OPERATIONS && count($arOptions["operations"]) > 1 ) { $arOperations = array_map(array($DB, "ForSQL"), $arOptions["operations"]); $rs = $DB->Query(" SELECT BR.ID, BR.GROUP_CODE, BR.TASK_ID, BR.DO_INHERIT, ER.IS_INHERITED, BR.XML_ID FROM b_iblock_element_right ER INNER JOIN b_iblock_right BR ON BR.ID = ER.RIGHT_ID INNER JOIN b_task_operation T ON T.TASK_ID = BR.TASK_ID INNER JOIN b_operation O ON O.ID = T.OPERATION_ID WHERE ER.IBLOCK_ID = ".$this->IBLOCK_ID." AND ER.ELEMENT_ID = ".$this->id." AND O.NAME IN ('".implode("', '", $arOperations)."') GROUP BY BR.ID, BR.GROUP_CODE, BR.TASK_ID, BR.DO_INHERIT, ER.IS_INHERITED HAVING COUNT(DISTINCT O.ID) = ".count($arOperations)." ORDER BY BR.ID "); } else//if($opMode == CIBlockRights::ANY_OPERATION) { $arOperations = array_map(array($DB, "ForSQL"), $arOptions["operations"]); $rs = $DB->Query(" SELECT DISTINCT BR.ID, BR.GROUP_CODE, BR.TASK_ID, BR.DO_INHERIT, ER.IS_INHERITED, BR.XML_ID FROM b_iblock_element_right ER INNER JOIN b_iblock_right BR ON BR.ID = ER.RIGHT_ID INNER JOIN b_task_operation T ON T.TASK_ID = BR.TASK_ID INNER JOIN b_operation O ON O.ID = T.OPERATION_ID WHERE ER.IBLOCK_ID = ".$this->IBLOCK_ID." AND ER.ELEMENT_ID = ".$this->id." AND O.NAME IN ('".implode("', '", $arOperations)."') ORDER BY BR.ID "); } if(isset($arOptions["parents"]) && is_array($arOptions["parents"])) { foreach($arOptions["parents"] as $parent) { $obParentRights = new CIBlockSectionRights($this->IBLOCK_ID, $parent); $arParentRights = $obParentRights->GetRights(); foreach($arParentRights as $RIGHT_ID => $arRight) { $arResult[$RIGHT_ID] = array( "GROUP_CODE" => $arRight["GROUP_CODE"], "DO_INHERIT" => $arRight["DO_INHERIT"], "IS_INHERITED" => "Y", "IS_OVERWRITED" => "Y", "TASK_ID" => $arRight["TASK_ID"], "XML_ID" => $arRight["XML_ID"], ); if(isset($arRight["ENTITY_TYPE"])) $arResult[$RIGHT_ID]["ENTITY_TYPE"] = $arRight["ENTITY_TYPE"]; if(isset($arRight["ENTITY_ID"])) $arResult[$RIGHT_ID]["ENTITY_ID"] = $arRight["ENTITY_ID"]; } } } $obStorage = $this->_storage_object(); while($ar = $rs->Fetch()) { $arResult[$ar["ID"]] = array( "GROUP_CODE" => $ar["GROUP_CODE"], "DO_INHERIT" => $ar["DO_INHERIT"], "IS_INHERITED" => $ar["IS_INHERITED"], "OVERWRITED" => 0, "TASK_ID" => $ar["TASK_ID"], "XML_ID" => $ar["XML_ID"], ); if(isset($ar["ENTITY_TYPE"])) $arResult[$ar["ID"]]["ENTITY_TYPE"] = $ar["ENTITY_TYPE"]; if(isset($ar["ENTITY_ID"])) $arResult[$ar["ID"]]["ENTITY_ID"] = $ar["ENTITY_ID"]; } return $arResult; }
if (strlen($vv["ID"]) > 0) { $arTasks = CBPDocument::GetUserTasksForWorkflow($USER->GetID(), $vv["ID"]); foreach ($arTasks as $arTask) { $arStr[$vv["TEMPLATE_ID"]] .= GetMessage("IBEL_A_BP_TASK") . ":<br /><a href=\"bizproc_task.php?id=" . $arTask["ID"] . "\" title=\"" . $arTask["DESCRIPTION"] . "\">" . $arTask["NAME"] . "</a><br /><br />"; } } } $str = ""; foreach ($arStr as $k => $v) { $row->AddViewField("WF_" . $k, $v); $str .= "<b>" . (strlen($arStr1[$k]) > 0 ? $arStr1[$k] : GetMessage("IBEL_A_BP_PROC")) . "</b>:<br />" . $v . "<br />"; } $row->AddViewField("BIZPROC", $str); } } $boolIBlockElementAdd = CIBlockSectionRights::UserHasRightTo($intSubIBlockID, $find_section_section, "section_element_bind"); $availQuantityTrace = COption::GetOptionString("catalog", "default_quantity_trace", 'N'); $arQuantityTrace = array("D" => GetMessage("IBEL_DEFAULT_VALUE") . " (" . ($availQuantityTrace == 'Y' ? GetMessage("IBEL_YES_VALUE") : GetMessage("IBEL_NO_VALUE")) . ")", "Y" => GetMessage("IBEL_YES_VALUE"), "N" => GetMessage("IBEL_NO_VALUE")); $arElementOps = CIBlockElementRights::UserHasRightTo($intSubIBlockID, array_keys($arRows), "", CIBlockRights::RETURN_OPERATIONS); foreach ($arRows as $f_ID => $row) { $edit_url = '/bitrix/admin/iblock_subelement_edit.php?WF=Y&type=' . urlencode($strSubIBlockType) . '&IBLOCK_ID=' . $intSubIBlockID . '&lang=' . LANGUAGE_ID . '&PRODUCT_ID=' . $ID . '&ID=' . $row->arRes['orig']['ID'] . '&TMP_ID=' . $strSubTMP_ID . $sThisSectionUrl; if (array_key_exists("PREVIEW_PICTURE", $arSelectedFieldsMap)) { $row->AddViewField("PREVIEW_PICTURE", CFile::ShowFile($row->arRes['PREVIEW_PICTURE'], 100000, 50, 50, true)); } if (array_key_exists("DETAIL_PICTURE", $arSelectedFieldsMap)) { $row->AddViewField("DETAIL_PICTURE", CFile::ShowFile($row->arRes['DETAIL_PICTURE'], 100000, 50, 50, true)); } if (array_key_exists("PREVIEW_TEXT", $arSelectedFieldsMap)) { $row->AddViewField("PREVIEW_TEXT", $row->arRes["PREVIEW_TEXT_TYPE"] == "text" ? htmlspecialcharsex($row->arRes["PREVIEW_TEXT"]) : HTMLToTxt($row->arRes["PREVIEW_TEXT"])); } if (array_key_exists("DETAIL_TEXT", $arSelectedFieldsMap)) {
} } if ($bEditRights) { $tabControl->BeginNextFormTab(); if ($ID > 0) { $obSectionRights = new CIBlockSectionRights($IBLOCK_ID, $ID); $htmlHidden = ''; foreach ($obSectionRights->GetRights() as $RIGHT_ID => $arRight) { $htmlHidden .= ' <input type="hidden" name="RIGHTS[][RIGHT_ID]" value="' . htmlspecialcharsbx($RIGHT_ID) . '"> <input type="hidden" name="RIGHTS[][GROUP_CODE]" value="' . htmlspecialcharsbx($arRight["GROUP_CODE"]) . '"> <input type="hidden" name="RIGHTS[][TASK_ID]" value="' . htmlspecialcharsbx($arRight["TASK_ID"]) . '"> '; } } else { $obSectionRights = new CIBlockSectionRights($IBLOCK_ID, $str_IBLOCK_SECTION_ID); $htmlHidden = ''; } $tabControl->BeginCustomField("RIGHTS", GetMessage("IBSEC_E_RIGHTS_FIELD")); IBlockShowRights('section', $IBLOCK_ID, $ID, GetMessage("IBSEC_E_RIGHTS_SECTION_TITLE"), "RIGHTS", $obSectionRights->GetRightsList(), $obSectionRights->GetRights(array("count_overwrited" => true, "parent" => $str_IBLOCK_SECTION_ID)), true, $ID <= 0); $tabControl->EndCustomField("RIGHTS", $htmlHidden); } if ($arIBlock["SECTION_PROPERTY"] === "Y") { $tabControl->BeginNextFormTab(); $tabControl->BeginCustomField("SECTION_PROPERTY", GetMessage("IBSEC_E_SECTION_PROPERTY_FIELD")); ?> <tr><td align="right" colspan="2"> <a id="modeChangeToTree" href="javascript:setMode(BX('table_SECTION_PROPERTY'), 'tree')"><?php echo GetMessage("IBSEC_E_PROP_TREE_MODE"); ?> </a>
if ($object == "user") { $arFilter["CREATED_BY"] = $object_id; } else { $arFilter["SOCNET_GROUP_ID"] = $object_id; } $arLibrary = array(); $db_res = CIBlockSection::GetList(array(), $arFilter, false, array("ID", "UF_USE_BP", 'UF_USE_EXT_SERVICES')); if (!($db_res && ($arLibrary = $db_res->GetNext()))) { $popupWindow->ShowError(GetMessage("SONET_WEBDAV_NOT_EXISTS")); } else { $arLibrary["UF_USE_BP"] = $arLibrary["UF_USE_BP"] == "N" ? "N" : "Y"; $arLibrary["UF_USE_EXT_SERVICES"] = CWebDavIblock::resolveDefaultUseExtServices($arLibrary["UF_USE_EXT_SERVICES"]); } if (CIBlock::GetArrayByID($IBLOCK_ID, "RIGHTS_MODE") === "E") { $sectionID = $arLibrary['ID']; $bSectionPerms = CIBlockSectionRights::UserHasRightTo($IBLOCK_ID, $sectionID, 'section_rights_edit'); } else { $bSectionPerms = $arParams["PERMISSION"] > 'W'; } if (!$bSectionPerms) { return; } //Save permissions if ($_SERVER["REQUEST_METHOD"] == "POST" && !check_bitrix_sessid()) { CUtil::JSPostUnescape(); $strWarning = GetMessage("MAIN_SESSION_EXPIRED"); } elseif ($_SERVER["REQUEST_METHOD"] == "POST") { $arRequestParams = array('SOCNET_GROUP_ID', 'SOCNET_TYPE', 'SOCNET_ID'); foreach ($arRequestParams as $param) { if (isset($_REQUEST[$param])) { $arParams[$param] = $_REQUEST[$param];
$tabControl->EndCustomField("BIZPROC", ""); } if ($arShowTabs['edit_rights']) { $tabControl->BeginNextFormTab(); if ($ID > 0) { $obRights = new CIBlockElementRights($IBLOCK_ID, $ID); $htmlHidden = ''; foreach ($obRights->GetRights() as $RIGHT_ID => $arRight) { $htmlHidden .= ' <input type="hidden" name="SUB_RIGHTS[][RIGHT_ID]" value="' . htmlspecialcharsbx($RIGHT_ID) . '"> <input type="hidden" name="SUB_RIGHTS[][GROUP_CODE]" value="' . htmlspecialcharsbx($arRight["GROUP_CODE"]) . '"> <input type="hidden" name="SUB_RIGHTS[][TASK_ID]" value="' . htmlspecialcharsbx($arRight["TASK_ID"]) . '"> '; } } else { $obRights = new CIBlockSectionRights($IBLOCK_ID, 0); $htmlHidden = ''; } $tabControl->BeginCustomField("RIGHTS", GetMessage("IBEL_E_RIGHTS_FIELD")); IBlockShowRights('element', $IBLOCK_ID, $ID, GetMessage("IBEL_E_RIGHTS_SECTION_TITLE"), "SUB_RIGHTS", $obRights->GetRightsList(), $obRights->GetRights(array("count_overwrited" => true, "parents" => array())), false, $ID <= 0 || $bCopy); $tabControl->EndCustomField("RIGHTS", $htmlHidden); } $bDisabled = $view == "Y" || $bWorkflow && $prn_LOCK_STATUS == "red" || ($ID <= 0 || $bCopy) && !CIBlockSectionRights::UserHasRightTo($IBLOCK_ID, 0, "section_element_bind") || $ID > 0 && !$bCopy && !CIBlockElementRights::UserHasRightTo($IBLOCK_ID, $ID, "element_edit") || $bBizproc && !$canWrite; if ($ID > 0 && !$bSubCopy && BX_SUB_SETTINGS) { if (!$ajaxReload) { $reloadParams = array('bxpublic' => 'Y', 'bxsku' => 'Y', 'WF' => 'Y', 'TMP_ID' => $strSubTMP_ID, 'ajaxReload' => 'Y'); if ($arShowTabs['product_group']) { $reloadParams['groupdel'] = 'Y'; $reloadParams['sessid'] = bitrix_sessid(); $setBtn = "{\n\t\t\t\ttitle: '" . CUtil::JSEscape(GetMessage('IB_SE_SET_PRODUCT_TYPE_GROUP_DELETE')) . "',\n\t\t\t\tname: 'groupdel',\n\t\t\t\tid: 'groupdel',\n\t\t\t\tclassName: 'adm-btn-add',\n\t\t\t\taction: function () {\n\t\t\t\t\tif (confirm('" . CUtil::JSEscape(GetMessage('IB_SE_SET_PRODUCT_TYPE_GROUP_DELETE_CONFIRM')) . "'))\n\t\t\t\t\t{\n\t\t\t\t\t\ttop.BX.showWait();\n\t\t\t\t\t\ttop.BX.ajax.get(\n\t\t\t\t\t\t\t'" . CIBlock::GetAdminSubElementEditLink($IBLOCK_ID, $intProductID, $ID, $reloadParams, '', true) . "',\n\t\t\t\t\t\t\tfunction (result) {\n\t\t\t\t\t\t\t\ttop.BX.closeWait();\n\t\t\t\t\t\t\t\ttop.BX.WindowManager.Get().SetContent(result);\n\t\t\t\t\t\t\t\tif (BX('groupdel'))\n\t\t\t\t\t\t\t\t{\n\t\t\t\t\t\t\t\t\tBX.style(BX('groupdel'), 'display', 'none');\n\t\t\t\t\t\t\t\t}\n\t\t\t\t\t\t\t}\n\t\t\t\t\t\t);\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}"; } else {
} if (empty($aContext)) { $aContext[] = array( "TEXT" => htmlspecialcharsbx($arIBlock["ELEMENT_ADD"]), "ICON" => "btn_new", "LINK" => CIBlock::GetAdminElementEditLink($IBLOCK_ID, 0, array( 'IBLOCK_SECTION_ID'=>$find_section_section, 'find_section_section'=>$find_section_section, 'from' => 'iblock_list_admin' )), ); } } if(CIBlockSectionRights::UserHasRightTo($IBLOCK_ID, $find_section_section, "section_section_bind") && $arIBTYPE["SECTIONS"]!="N") { $aContext[] = array( "TEXT" => htmlspecialcharsbx($arIBlock["SECTION_ADD"]), "ICON" => ($boolBtnNew ? "" : "btn_new"), "LINK" => CIBlock::GetAdminSectionEditLink($IBLOCK_ID, 0, array( 'IBLOCK_SECTION_ID'=>$find_section_section, 'find_section_section'=>$find_section_section, 'from' => 'iblock_list_admin', )), ); } if(strlen($sLastFolder)>0) { $aContext[] = Array(
<?php if ($USER->CanDoOperation('catalog_price')) { $IBLOCK_ID = intval($IBLOCK_ID); if (0 >= $IBLOCK_ID) { return; } $MENU_SECTION_ID = intval($MENU_SECTION_ID); $ID = intval($ID); $PRODUCT_ID = 0 < $ID ? CIBlockElement::GetRealElement($ID) : 0; $boolPriceRights = false; if (0 < $PRODUCT_ID) { $boolPriceRights = CIBlockElementRights::UserHasRightTo($IBLOCK_ID, $PRODUCT_ID, "element_edit_price"); } else { $boolPriceRights = CIBlockSectionRights::UserHasRightTo($IBLOCK_ID, $MENU_SECTION_ID, "element_edit_price"); } if ($boolPriceRights) { include GetLangFileName($_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/catalog/lang/", "/templates/product_edit_action.php"); $arCatalogBasePrices = array(); $arCatalogPrices = array(); $CAT_ROW_COUNTER = IntVal($CAT_ROW_COUNTER); if ($CAT_ROW_COUNTER < 0) { $strWarning .= GetMessage("C2IT_INTERNAL_ERROR") . "<br>"; } $arCatalogBaseGroup = CCatalogGroup::GetBaseGroup(); if (!$arCatalogBaseGroup) { $strWarning .= GetMessage("C2IT_NO_BASE_TYPE") . "<br>"; } $CAT_VAT_ID = intval($CAT_VAT_ID); $CAT_VAT_INCLUDED = !isset($CAT_VAT_INCLUDED) || $CAT_VAT_INCLUDED == 'N' ? 'N' : 'Y'; $bUseExtForm = isset($_POST['price_useextform']) && $_POST['price_useextform'] == 'Y';
ShowError(GetMessage("CC_BLF_WRONG_IBLOCK_TYPE")); return; case CListPermissions::WRONG_IBLOCK: ShowError(GetMessage("CC_BLF_WRONG_IBLOCK")); return; case CListPermissions::LISTS_FOR_SONET_GROUP_DISABLED: ShowError(GetMessage("CC_BLF_LISTS_FOR_SONET_GROUP_DISABLED")); return; default: ShowError(GetMessage("CC_BLF_UNKNOWN_ERROR")); return; } } elseif ($ELEMENT_ID > 0 && $lists_perm <= CListPermissions::CAN_READ && !CIBlockElementRights::UserHasRightTo($IBLOCK_ID, $ELEMENT_ID, "element_read")) { ShowError(GetMessage("CC_BLF_ACCESS_DENIED")); return; } elseif ($SECTION_ID > 0 && $lists_perm <= CListPermissions::CAN_READ && !CIBlockSectionRights::UserHasRightTo($IBLOCK_ID, $SECTION_ID, "section_read")) { ShowError(GetMessage("CC_BLF_ACCESS_DENIED")); return; } $arIBlock = CIBlock::GetArrayByID(intval($arParams["~IBLOCK_ID"])); $arResult["FILES"] = array(); $arResult["ELEMENT"] = false; $arResult["SECTION"] = false; if ($ELEMENT_ID > 0) { $rsElement = CIBlockElement::GetList(array(), array("IBLOCK_ID" => $arIBlock["ID"], "=ID" => $ELEMENT_ID, "CHECK_PERMISSIONS" => "N"), false, false, array("ID", $arParams["FIELD_ID"])); while ($ar = $rsElement->GetNext()) { if (isset($ar[$arParams["FIELD_ID"]])) { $arResult["FILES"][] = $ar[$arParams["FIELD_ID"]]; } elseif (isset($ar[$arParams["FIELD_ID"] . "_VALUE"])) { if (is_array($ar[$arParams["FIELD_ID"] . "_VALUE"])) { $arResult["FILES"] = array_merge($arResult["FILES"], $ar[$arParams["FIELD_ID"] . "_VALUE"]);
} } if (!CModule::IncludeModule('iblock')) { echo GetMessage("INTR_ABSENCE_BITRIX24_MODULE"); } else { if ($_SERVER["REQUEST_METHOD"] === "GET" && isset($_GET["action"]) && $_GET["action"] == "delete" && check_bitrix_sessid()) { if (CIBlockElementRights::UserHasRightTo($iblockID, intval($_GET["absenceID"]), "element_delete")) { DeleteAbsence($_GET["absenceID"]); } die; } $ID = 1; if ($_SERVER["REQUEST_METHOD"] === "POST" && check_bitrix_sessid()) { if (isset($_POST['absence_element_id']) && CIBlockElementRights::UserHasRightTo($iblockID, intval($_POST['absence_element_id']), 'element_edit')) { $ID = EditAbsence($_POST); } elseif (!isset($_POST['absence_element_id']) && CIBlockSectionRights::UserHasRightTo($iblockID, 0, "section_element_bind")) { $ID = AddAbsence($_POST); } else { die('error:<li>' . GetMessage('INTR_USER_ERR_NO_RIGHT') . '</li>'); } if (is_array($ID)) { $arErrors = $ID; foreach ($arErrors as $key => $val) { if (strlen($val) <= 0) { unset($arErrors[$key]); } } $ID = 0; die('error:<li>' . implode('</li><li>', $arErrors)) . '</li>'; } elseif (isset($_POST['absence_element_id'])) { die("close");
function CanUserOperateDocumentType($operation, $userId, $documentType, $parameters = array()) { $documentType = trim($documentType); if (strlen($documentType) <= 0) { return false; } $parameters["IBlockId"] = intval(substr($documentType, strlen("iblock_"))); $parameters['sectionId'] = !empty($parameters['sectionId']) ? (int) $parameters['sectionId'] : 0; if (!array_key_exists("IBlockRightsMode", $parameters)) { $parameters["IBlockRightsMode"] = CIBlock::getArrayByID($parameters["IBlockId"], "RIGHTS_MODE"); } if ($parameters["IBlockRightsMode"] === "E") { if ($operation === CBPCanUserOperateOperation::CreateWorkflow) { return CIBlockRights::userHasRightTo($parameters["IBlockId"], $parameters["IBlockId"], "iblock_rights_edit"); } elseif ($operation === CBPCanUserOperateOperation::WriteDocument) { return CIBlockSectionRights::userHasRightTo($parameters["IBlockId"], $parameters["sectionId"], "section_element_bind"); } elseif ($operation === CBPCanUserOperateOperation::ViewWorkflow || $operation === CBPCanUserOperateOperation::StartWorkflow) { if (!array_key_exists("WorkflowId", $parameters)) { return false; } if ($operation === CBPCanUserOperateOperation::ViewWorkflow) { return CIBlockRights::userHasRightTo($parameters["IBlockId"], 0, "element_read"); } if ($operation === CBPCanUserOperateOperation::StartWorkflow) { return CIBlockSectionRights::userHasRightTo($parameters["IBlockId"], $parameters['sectionId'], "section_element_bind"); } $userId = intval($userId); if (!array_key_exists("AllUserGroups", $parameters)) { if (!array_key_exists("UserGroups", $parameters)) { $parameters["UserGroups"] = CUser::getUserGroup($userId); } $parameters["AllUserGroups"] = $parameters["UserGroups"]; $parameters["AllUserGroups"][] = "Author"; } if (!array_key_exists("DocumentStates", $parameters)) { if ($operation === CBPCanUserOperateOperation::StartWorkflow) { $parameters["DocumentStates"] = CBPWorkflowTemplateLoader::getDocumentTypeStates(array("lists", get_called_class(), "iblock_" . $parameters["IBlockId"])); } else { $parameters["DocumentStates"] = CBPDocument::getDocumentStates(array("lists", get_called_class(), "iblock_" . $parameters["IBlockId"]), null); } } if (array_key_exists($parameters["WorkflowId"], $parameters["DocumentStates"])) { $parameters["DocumentStates"] = array($parameters["WorkflowId"] => $parameters["DocumentStates"][$parameters["WorkflowId"]]); } else { return false; } $allowableOperations = CBPDocument::getAllowableOperations($userId, $parameters["AllUserGroups"], $parameters["DocumentStates"], true); if (!is_array($allowableOperations)) { return false; } if ($operation === CBPCanUserOperateOperation::ViewWorkflow && in_array("read", $allowableOperations) || $operation === CBPCanUserOperateOperation::StartWorkflow && in_array("write", $allowableOperations)) { return true; } $chop = $operation === CBPCanUserOperateOperation::ViewWorkflow ? "element_read" : "section_element_bind"; $tasks = self::getRightsTasks(); foreach ($allowableOperations as $op) { if (isset($tasks[$op])) { $op = $tasks[$op]['ID']; } $ar = CTask::getOperations($op, true); if (in_array($chop, $ar)) { return true; } } } return false; } if (!array_key_exists("IBlockPermission", $parameters)) { if (CModule::includeModule('lists')) { $parameters["IBlockPermission"] = CLists::getIBlockPermission($parameters["IBlockId"], $userId); } else { $parameters["IBlockPermission"] = CIBlock::getPermission($parameters["IBlockId"], $userId); } } if ($parameters["IBlockPermission"] <= "R") { return false; } elseif ($parameters["IBlockPermission"] >= "W") { return true; } $userId = intval($userId); if (!array_key_exists("AllUserGroups", $parameters)) { if (!array_key_exists("UserGroups", $parameters)) { $parameters["UserGroups"] = CUser::getUserGroup($userId); } $parameters["AllUserGroups"] = $parameters["UserGroups"]; $parameters["AllUserGroups"][] = "Author"; } if (!array_key_exists("DocumentStates", $parameters)) { $parameters["DocumentStates"] = CBPDocument::getDocumentStates(array("lists", get_called_class(), "iblock_" . $parameters["IBlockId"]), null); } if (array_key_exists("WorkflowId", $parameters)) { if (array_key_exists($parameters["WorkflowId"], $parameters["DocumentStates"])) { $parameters["DocumentStates"] = array($parameters["WorkflowId"] => $parameters["DocumentStates"][$parameters["WorkflowId"]]); } else { return false; } } $allowableOperations = CBPDocument::getAllowableOperations($userId, $parameters["AllUserGroups"], $parameters["DocumentStates"]); if (!is_array($allowableOperations)) { return false; } $r = false; switch ($operation) { case CBPCanUserOperateOperation::ViewWorkflow: $r = in_array("read", $allowableOperations); break; case CBPCanUserOperateOperation::StartWorkflow: $r = in_array("write", $allowableOperations); break; case CBPCanUserOperateOperation::CreateWorkflow: $r = in_array("write", $allowableOperations); break; case CBPCanUserOperateOperation::WriteDocument: $r = in_array("write", $allowableOperations); break; case CBPCanUserOperateOperation::ReadDocument: $r = false; break; default: $r = false; } return $r; }
<?php if (!defined("B_PROLOG_INCLUDED") || B_PROLOG_INCLUDED !== true) { die; } CUtil::InitJSCore(array("window")); $arToolbar = array(); if (isset($arResult["LIST_COPY_ELEMENT_URL"])) { if ($arResult["IBLOCK_PERM"] > CListPermissions::CAN_READ || CIBlockSectionRights::UserHasRightTo($arResult["IBLOCK"]["ID"], intval($arResult["SECTION_ID"]), "section_element_bind")) { $arToolbar[] = array("TEXT" => GetMessage("CT_BLEE_TOOLBAR_COPY_ELEMENT"), "TITLE" => GetMessage("CT_BLEE_TOOLBAR_COPY_ELEMENT_TITLE"), "LINK" => $arResult["LIST_COPY_ELEMENT_URL"], "ICON" => ""); } } if ($arResult["ELEMENT_ID"] && ($arResult["IBLOCK_PERM"] >= CListPermissions::CAN_WRITE || CIBlockElementRights::UserHasRightTo($arResult["IBLOCK"]["ID"], $arResult["ELEMENT_ID"], "element_delete"))) { $arToolbar[] = array("TEXT" => $arResult["IBLOCK"]["ELEMENT_DELETE"], "TITLE" => GetMessage("CT_BLEE_TOOLBAR_DELETE_TITLE"), "LINK" => "javascript:jsDelete('form_" . $arResult["FORM_ID"] . "', '" . GetMessage("CT_BLEE_TOOLBAR_DELETE_WARNING") . "')", "ICON" => "btn-delete-element"); } if (count($arToolbar)) { $arToolbar[] = array("SEPARATOR" => "Y"); } $arToolbar[] = array("TEXT" => $arResult["IBLOCK"]["ELEMENTS_NAME"], "TITLE" => GetMessage("CT_BLEE_TOOLBAR_LIST_TITLE"), "LINK" => $arResult["LIST_SECTION_URL"], "ICON" => "btn-view-elements"); $APPLICATION->IncludeComponent("bitrix:main.interface.toolbar", "", array("BUTTONS" => $arToolbar), $component, array("HIDE_ICONS" => "Y")); $arTabElement = array(); foreach ($arResult["FIELDS"] as $FIELD_ID => $arField) { if ($FIELD_ID == "ACTIVE_FROM" || $FIELD_ID == "ACTIVE_TO") { $arTabElement[] = array("id" => $FIELD_ID, "name" => $arField["NAME"], "required" => $arField["IS_REQUIRED"] == "Y" ? true : false, "type" => "date"); } elseif ($FIELD_ID == "PREVIEW_PICTURE" || $FIELD_ID == "DETAIL_PICTURE") { $obFile = new CListFile($arResult["IBLOCK_ID"], $arResult["ELEMENT_FIELDS"]["IBLOCK_SECTION_ID"], $arResult["ELEMENT_ID"], $FIELD_ID, $arResult["FORM_DATA"][$FIELD_ID]); $obFile->SetSocnetGroup($arParams["SOCNET_GROUP_ID"]); $obFileControl = new CListFileControl($obFile, $FIELD_ID); $html = $obFileControl->GetHTML(array('max_size' => 102400, 'max_width' => 150, 'max_height' => 150, 'url_template' => $arParams["~LIST_FILE_URL"], 'a_title' => GetMessage("CT_BLEE_ENLARGE"), 'download_text' => GetMessage("CT_BLEE_DOWNLOAD"))); $arTabElement[] = array("id" => $FIELD_ID, "name" => $arField["NAME"], "required" => $arField["IS_REQUIRED"] == "Y" ? true : false, "type" => "custom", "value" => $html); } elseif ($FIELD_ID == "PREVIEW_TEXT" || $FIELD_ID == "DETAIL_TEXT") {