<td> <? echo SelectBoxFromArray("TASKS_".$value["ID"], $arTasks, $v, GetMessage("MAIN_DEFAULT"), 'onchange="taskSelectOnchange(this)"'); $show_subord = (in_array($v,$arSubordTasks)); ?> <div<?echo $show_subord? '' : ' style="display:none"';?>> <div style="padding:6px 0 6px 0"><?php echo GetMessage('SUBORDINATE_GROUPS'); ?> :</div> <select name="subordinate_groups_<?php echo $value["ID"]; ?> []" multiple size="6"> <? $arSubordinateGroups = CGroup::GetSubordinateGroups($value["ID"]); foreach($arGROUPS as $v_gr) { if ($v_gr['ID'] == $value["ID"]) continue; ?><option value="<?php echo $v_gr['ID']; ?> " <?echo (in_array($v_gr['ID'],$arSubordinateGroups) || $v_gr['ID'] == 2) ? 'selected' : ''?>><? echo $v_gr['NAME'].' ['.$v_gr['ID'].']'?></option><? } ?> </select> </div> </td> </tr> <?endforeach;?>
"LAST_LOGIN_2" => $find_last_login_2, "ACTIVE" => $find_active, "LOGIN" => ($find!='' && $find_type == "login"? $find: $find_login), "NAME" => ($find!='' && $find_type == "name"? $find: $find_name), "EMAIL" => ($find!='' && $find_type == "email"? $find: $find_email), "KEYWORDS" => $find_keywords, "GROUPS_ID" => $find_group_id ); } if(!$USER->CanDoOperation('view_all_users')) { $arUserSubordinateGroups = array(); $arUserGroups = CUser::GetUserGroup($USER->GetID()); foreach($arUserGroups as $grp) $arUserSubordinateGroups = array_merge($arUserSubordinateGroups, CGroup::GetSubordinateGroups($grp)); $arFilter["CHECK_SUBORDINATE"] = array_unique($arUserSubordinateGroups); } $rsData = CUser::GetList($by, $order, $arFilter, array( "NAV_PARAMS"=> array("nPageSize"=>CAdminResult::GetNavSize($sTableID)), )); $rsData = new CAdminResult($rsData, $sTableID); $rsData->NavStart(); $lAdmin->NavText($rsData->GetNavPrint(GetMessage("PAGES")));
function InitUserPerms($currentUserID, $userID, $bCurrentUserIsAdmin) { global $arSocNetUserOperations, $USER; $arReturn = array(); $currentUserID = IntVal($currentUserID); $userID = IntVal($userID); if ($userID <= 0) { return false; } $arReturn["Operations"] = array(); if ($currentUserID <= 0) { $arReturn["IsCurrentUser"] = false; $arReturn["Relation"] = false; $arReturn["Operations"]["modifyuser"] = false; $arReturn["Operations"]["viewcontacts"] = false; foreach ($arSocNetUserOperations as $operation => $defPerm) { $arReturn["Operations"][$operation] = CSocNetUserPerms::CanPerformOperation($currentUserID, $userID, $operation, false); } } else { $arReturn["IsCurrentUser"] = $currentUserID == $userID; if ($arReturn["IsCurrentUser"]) { $arReturn["Relation"] = false; } else { $arReturn["Relation"] = CSocNetUserRelations::GetRelation($currentUserID, $userID); } if ($bCurrentUserIsAdmin || $arReturn["IsCurrentUser"]) { $arReturn["Operations"]["modifyuser"] = true; $arReturn["Operations"]["viewcontacts"] = true; foreach ($arSocNetUserOperations as $operation => $defPerm) { $arReturn["Operations"][$operation] = true; } } else { $arReturn["Operations"]["modifyuser"] = false; if (CSocNetUser::IsFriendsAllowed()) { $arReturn["Operations"]["viewcontacts"] = $arReturn["Relation"] == SONET_RELATIONS_FRIEND; } else { $arReturn["Operations"]["viewcontacts"] = true; } foreach ($arSocNetUserOperations as $operation => $defPerm) { $arReturn["Operations"][$operation] = CSocNetUserPerms::CanPerformOperation($currentUserID, $userID, $operation, false); } } $arReturn["Operations"]["modifyuser_main"] = false; if ($arReturn["IsCurrentUser"]) { if ($USER->CanDoOperation('edit_own_profile')) { $arReturn["Operations"]["modifyuser_main"] = true; } } elseif ($USER->CanDoOperation('edit_all_users')) { $arReturn["Operations"]["modifyuser_main"] = true; } elseif ($USER->CanDoOperation('edit_subordinate_users')) { $arUserGroups = CUser::GetUserGroup($userID); if (array_key_exists("SONET_SUBORD_GROUPS_BY_USER_ID", $GLOBALS) && !array_key_exists("SONET_ALLOW_FRIENDS_CACHE", $_REQUEST)) { $arUserSubordinateGroups = $GLOBALS["SONET_SUBORD_GROUPS_BY_USER_ID"][$currentUserID]; } else { $arUserSubordinateGroups = array(2); $arUserGroups_u = CUser::GetUserGroup($currentUserID); for ($j = 0, $len = count($arUserGroups_u); $j < $len; $j++) { $arSubordinateGroups = CGroup::GetSubordinateGroups($arUserGroups_u[$j]); $arUserSubordinateGroups = array_merge($arUserSubordinateGroups, $arSubordinateGroups); } $arUserSubordinateGroups = array_unique($arUserSubordinateGroups); if (!array_key_exists("SONET_SUBORD_GROUPS_BY_USER_ID", $GLOBALS)) { $GLOBALS["SONET_SUBORD_GROUPS_BY_USER_ID"] = array(); } $GLOBALS["SONET_SUBORD_GROUPS_BY_USER_ID"][$currentUserID] = $arUserSubordinateGroups; } if (count(array_diff($arUserGroups, $arUserSubordinateGroups)) <= 0) { $arReturn["Operations"]["modifyuser_main"] = true; } } } return $arReturn; }
function SetGroupSecurity($group_code, $arPermissions, $arSubGroups = false) { if (($group_id = CGroup::GetIDByCode($group_code)) <= 0) { return false; } $arBackup = CControllerClient::GetBackup(); foreach ($arPermissions as $module_id => $level) { if (!is_set($arBackup["security"][$group_code], $module_id)) { $arBackup["security"][$group_code][$module_id] = CGroup::GetModulePermission($group_id, $module_id); } CGroup::SetModulePermission($group_id, $module_id, $level); } if (is_array($arSubGroups)) { $arSubordGroupID = array(); foreach ($arSubGroups as $sub_group_id) { $sub_group_id = CGroup::GetIDByCode($sub_group_id); if ($sub_group_id > 0) { $arSubordGroupID[] = $sub_group_id; } } if (!is_set($arBackup["security_subord_groups"], $group_code)) { $arBackup["security_subord_groups"][$group_code] = CGroup::GetSubordinateGroups($group_id); } CGroup::SetSubordinateGroups($group_id, $arSubordGroupID); } CControllerClient::SetBackup($arBackup); }
$inh_taskId = 'NOT_REF'; if ($inh_taskId != 'NOT_REF') { $z = CTask::GetById($inh_taskId); if (!($r = $z->Fetch())) $inh_taskId = 'NOT_REF'; } // ***************************** // If user can manage only subordinate groups if (false && $USER->CanDoOperation('edit_subordinate_users') && !$USER->CanDoOperation('edit_all_users')) { $arSubordGroups = Array(); $arGroups = explode(',',$USER->GetGroups()); for ($i = 0,$l = count($arGroups);$i < $l;$i++) $arSubordGroups = array_merge($arSubordGroups,CGroup::GetSubordinateGroups($arGroups[$i])); $arSubordGroups = array_values(array_unique($arSubordGroups)); $hide_groups = ''; } //for each groups $db_groups = CGroup::GetList($order="sort", $by="asc", array("ACTIVE" => "Y", "ADMIN" => "N")); while($db_groups->ExtractFields("g_")): if($g_ANONYMOUS=="Y") $anonym = $g_NAME; if($path=="/") $perm = $CUR_PERM["/"][$g_ID]; else $perm = $CUR_PERM[$arParsedPath["LAST"]][$g_ID]; if (substr($perm,0,2) == 'T_')
$rsSections = CIBlockSection::GetList(array("left_margin" => "asc"), $arFilter); $arSectionUsers = array(); while ($arSection = $rsSections->GetNext()) { $arSectionUsers[] = $arSection['ID']; } $rsUsers = CUser::GetList($by = "id", $order = "asc", array("UF_DEPARTMENT" => $arSectionUsers)); while ($arUsers = $rsUsers->Fetch()) { $arGroups = CUser::GetUserGroup($arUsers["ID"]); $arGroups[] = $groupID; CUser::SetUserGroup($arUsers["ID"], $arGroups); } } $dbResult = CGroup::GetList($by, $order, array("STRING_ID" => "PERSONNEL_DEPARTMENT", "STRING_ID_EXACT_MATCH" => "Y")); if ($arExistsGroup = $dbResult->Fetch()) { $groupID = $arExistsGroup["ID"]; $arSubordinateGroups = CGroup::GetSubordinateGroups($groupID); $arSubordinateGroups[] = $SiteGroups["EMPLOYEES_" . WIZARD_SITE_ID]; $arSubordinateGroups[] = $SiteGroups["RATING_VOTE"]; $arSubordinateGroups[] = $SiteGroups["RATING_VOTE_AUTHORITY"]; CGroup::SetSubordinateGroups($groupID, $arSubordinateGroups); } CGroup::SetSubordinateGroups($SiteGroups["PORTAL_ADMINISTRATION_" . WIZARD_SITE_ID], array($SiteGroups["EMPLOYEES_" . WIZARD_SITE_ID])); } /*$allowGuests = COption::GetOptionString("main", "wizard_allow_group", "N", WIZARD_SITE_ID); if($allowGuests == "Y") { $dbResult = CGroup::GetList($by, $order, Array("STRING_ID_EXACT_MATCH" => "Y")); while ($arExistsGroup = $dbResult->Fetch()) { if($arExistsGroup["ID"] != 1 && $arExistsGroup["ID"] !=2) {
$message = null; $strError = ''; $res = true; if ($COPY_ID <= 0) { $arUserGroups = CUser::GetUserGroup($ID); } else { $arUserGroups = array(); $ID = $COPY_ID; } $selfEdit = $USER->CanDoOperation('edit_own_profile') && $ID == $uid; $arUserSubordinateGroups = array(); if ($USER->CanDoOperation('edit_subordinate_users') && !$USER->CanDoOperation('edit_all_users')) { $arUserSubordinateGroups = array(2); $arUserGroups_u = CUser::GetUserGroup($uid); for ($j = 0, $len = count($arUserGroups_u); $j < $len; $j++) { $arSubordinateGroups = CGroup::GetSubordinateGroups($arUserGroups_u[$j]); $arUserSubordinateGroups = array_merge($arUserSubordinateGroups, $arSubordinateGroups); } $arUserSubordinateGroups = array_unique($arUserSubordinateGroups); if (count(array_diff($arUserGroups, $arUserSubordinateGroups)) > 0 && !$selfEdit) { LocalRedirect(BX_ROOT . "/admin/user_admin.php?lang=" . LANG); } } $editable = $USER->IsAdmin() || $selfEdit || $USER->CanDoOperation('edit_subordinate_users') && !in_array(1, $arUserGroups) || $USER->CanDoOperation('edit_all_users') && !in_array(1, $arUserGroups); $canSelfEdit = true; if ($ID == $uid && !($USER->CanDoOperation('edit_php') || $USER->CanDoOperation('edit_all_users') && $USER->CanDoOperation('edit_groups'))) { $canSelfEdit = false; } $showGroupTabs = ($USER->CanDoOperation('view_subordinate_users') || $USER->CanDoOperation('view_all_users')) && $canSelfEdit; $aTabs = array(); $aTabs[] = array("DIV" => "edit1", "TAB" => GetMessage("MAIN_USER_TAB1"), "ICON" => "main_user_edit", "TITLE" => GetMessage("MAIN_USER_TAB1_TITLE"));
public static function GetSubordinateGroups($userID = false) { static $arSubordinateGroupsByUser = array(); $userID = intval($userID); if ($userID <= 0) { $userID = $GLOBALS["USER"]->GetID(); } if ($userID <= 0) { return array(); } if (isset($arSubordinateGroupsByUser[$userID])) { $arUserSubordinateGroups = $arSubordinateGroupsByUser[$userID]; } else { $arUserSubordinateGroups = Array(2); $arUserGroups_u = CUser::GetUserGroup($userID); for ($j = 0,$len = count($arUserGroups_u); $j < $len; $j++) { $arSubordinateGroups = CGroup::GetSubordinateGroups($arUserGroups_u[$j]); $arUserSubordinateGroups = array_merge ($arUserSubordinateGroups, $arSubordinateGroups); } $arUserSubordinateGroups = array_unique($arUserSubordinateGroups); $arSubordinateGroupsByUser[$userID] = $arUserSubordinateGroups; } return $arUserSubordinateGroups; }
function IsExtranetAdmin() { global $USER; if (is_object($USER) && $USER->IsAdmin()) { return true; } if (is_object($USER) && !$USER->IsAuthorized()) { return false; } static $isExtAdmin = 'no'; if ($isExtAdmin === 'no') { $arGroups = $USER->GetUserGroupArray(); $iExtGroups = CExtranet::GetExtranetUserGroupID(); $arSubGroups = CGroup::GetSubordinateGroups($arGroups); if (in_array($iExtGroups, $arSubGroups)) { $isExtAdmin = true; return true; } if (CModule::IncludeModule("socialnetwork") && CSocNetUser::IsCurrentUserModuleAdmin()) { $isExtAdmin = true; return true; } $isExtAdmin = false; return false; } else { return $isExtAdmin; } return false; }