public function onPrepareComponentParams($arParams) { $arParams['ERROR'] = array(); if (!Loader::includeModule('lists') || !Loader::includeModule('bizproc')) { $arParams['ERROR'][] = Loc::getMessage('CC_BLL_MODULE_NOT_INSTALLED'); return $arParams; } global $USER; $arParams['LIST_PERM'] = CListPermissions::CheckAccess($USER, COption::GetOptionString("lists", "livefeed_iblock_type_id"), false); if ($arParams['LIST_PERM'] < 0) { switch ($arParams['LIST_PERM']) { case CListPermissions::WRONG_IBLOCK_TYPE: $arParams['ERROR'][] = Loc::getMessage("CC_BLL_WRONG_IBLOCK_TYPE"); break; case CListPermissions::WRONG_IBLOCK: $arParams['ERROR'][] = Loc::getMessage("CC_BLL_WRONG_IBLOCK"); break; case CListPermissions::LISTS_FOR_SONET_GROUP_DISABLED: $arParams['ERROR'][] = Loc::getMessage("CC_BLL_LISTS_FOR_SONET_GROUP_DISABLED"); break; default: $arParams['ERROR'][] = Loc::getMessage("CC_BLL_UNKNOWN_ERROR"); break; } } elseif ($arParams['LIST_PERM'] <= CListPermissions::ACCESS_DENIED) { $arParams['ERROR'][] = Loc::getMessage("CC_BLL_ACCESS_DENIED"); } $arParams['IBLOCK_TYPE_ID'] = COption::GetOptionString("lists", "livefeed_iblock_type_id"); return $arParams; }
public function canRead($userId) { if (!Loader::includeModule("lists")) { return false; } $elementId = $this->entityId; $elementQuery = \CIBlockElement::getList(array(), array('ID' => $elementId), false, false, array('IBLOCK_TYPE_ID', 'IBLOCK_ID')); $element = $elementQuery->fetch(); $listPerm = \CListPermissions::checkAccess($this->getUser(), $element['IBLOCK_TYPE_ID'], $element['IBLOCK_ID']); if ($listPerm < 0) { return false; } elseif ($listPerm < \CListPermissions::CAN_READ && !\CIBlockElementRights::userHasRightTo($element['IBLOCK_ID'], $elementId, "element_read")) { return false; } else { return true; } }
public function checkUserReadAccess($parameters) { global $USER; $parameters['listId'] = (int) $parameters['listId']; $parameters['elementId'] = (int) $parameters['elementId']; if ($parameters['listId'] == 0 || $parameters['elementId'] == 0) { return false; } $userPermission = \CListPermissions::CheckAccess($USER, $parameters["IBLOCK_TYPE_ID"], $parameters['listId']); if ($userPermission < 0) { return false; } else { if ($userPermission < \CListPermissions::CAN_READ && !\CIBlockElementRights::UserHasRightTo($parameters['listId'], $parameters['elementId'], "element_read")) { return false; } } return true; }
public function executeComponent() { global $USER, $APPLICATION; $this->setFrameMode(false); if (!CModule::IncludeModule('lists')) { ShowError(Loc::getMessage("CC_BLL_MODULE_NOT_INSTALLED")); return; } $this->arResult["BIZPROC"] = (bool) CModule::includeModule("bizproc"); $this->arResult["DISK"] = (bool) CModule::includeModule("disk"); $this->listsPerm = CListPermissions::CheckAccess($USER, $this->arParams["~IBLOCK_TYPE_ID"], $this->arResult["IBLOCK_ID"], $this->arParams["~SOCNET_GROUP_ID"]); if ($this->listsPerm < 0) { switch ($this->listsPerm) { case CListPermissions::WRONG_IBLOCK_TYPE: ShowError(GetMessage("CC_BLL_WRONG_IBLOCK_TYPE")); return; case CListPermissions::WRONG_IBLOCK: ShowError(GetMessage("CC_BLL_WRONG_IBLOCK")); return; case CListPermissions::LISTS_FOR_SONET_GROUP_DISABLED: ShowError(GetMessage("CC_BLL_LISTS_FOR_SONET_GROUP_DISABLED")); return; default: ShowError(GetMessage("CC_BLL_UNKNOWN_ERROR")); return; } } elseif ($this->listsPerm < CListPermissions::CAN_READ && !(CIBlockRights::UserHasRightTo($this->arResult["IBLOCK_ID"], $this->arResult["IBLOCK_ID"], "element_read") || CIBlockSectionRights::UserHasRightTo($this->arResult["IBLOCK_ID"], $this->arResult["SECTION_ID"], "section_element_bind"))) { ShowError(GetMessage("CC_BLL_ACCESS_DENIED")); return; } if (!(!$this->arResult["IS_SOCNET_GROUP_CLOSED"] && ($this->listsPerm > CListPermissions::CAN_READ || CIBlockSectionRights::UserHasRightTo($this->arResult["IBLOCK_ID"], $this->arResult["SECTION_ID"], "element_read") || CIBlockSectionRights::UserHasRightTo($this->arResult["IBLOCK_ID"], $this->arResult["SECTION_ID"], "section_element_bind")))) { ShowError(GetMessage("CC_BLL_ACCESS_DENIED")); return; } $this->createDataExcel(); $APPLICATION->RestartBuffer(); header("Content-Type: application/vnd.ms-excel"); header("Content-Disposition: filename=list_" . $this->arIBlock["ID"] . ".xls"); $this->IncludeComponentTemplate(); $r = $APPLICATION->EndBufferContentMan(); echo $r; include $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/epilog_after.php"; die; }
protected function checkPermission() { $this->listPerm = CListPermissions::checkAccess($this->getUser(), $this->iblockTypeId); if ($this->listPerm < 0) { switch ($this->listPerm) { case CListPermissions::WRONG_IBLOCK_TYPE: $this->errorCollection->add(array(new Error(Loc::getMessage('CC_BLL_MODULE_NOT_INSTALLED')))); break; case CListPermissions::WRONG_IBLOCK: $this->errorCollection->add(array(new Error(Loc::getMessage('CC_BLL_WRONG_IBLOCK_TYPE')))); break; case CListPermissions::LISTS_FOR_SONET_GROUP_DISABLED: $this->errorCollection->add(array(new Error(Loc::getMessage('CC_BLL_LISTS_FOR_SONET_GROUP_DISABLED')))); break; default: $this->errorCollection->add(array(new Error(Loc::getMessage('CC_BLL_UNKNOWN_ERROR')))); break; } } elseif ($this->listPerm < CListPermissions::IS_ADMIN) { $this->errorCollection->add(array(new Error(Loc::getMessage('CC_BLL_ACCESS_DENIED')))); } }
protected function checkPermission() { global $USER; $this->listPerm = CListPermissions::checkAccess($USER, $this->iblockTypeId, $this->iblockId, $this->socnetGroupId); if ($this->listPerm < 0) { switch ($this->listPerm) { case CListPermissions::WRONG_IBLOCK_TYPE: $this->errorCollection->add(array(new Error(Loc::getMessage('LISTS_LAC_WRONG_IBLOCK_TYPE')))); break; case CListPermissions::WRONG_IBLOCK: $this->errorCollection->add(array(new Error(Loc::getMessage('LISTS_LAC_WRONG_IBLOCK')))); break; case CListPermissions::LISTS_FOR_SONET_GROUP_DISABLED: $this->errorCollection->add(array(new Error(Loc::getMessage('LISTS_LAC_SONET_GROUP_DISABLED')))); break; default: $this->errorCollection->add(array(new Error(Loc::getMessage('LISTS_LAC_UNKNOWN_ERROR')))); break; } } elseif ($this->listPerm < CListPermissions::CAN_READ && !(CIBlockRights::userHasRightTo($this->iblockId, $this->iblockId, "element_read") || CIBlockSectionRights::userHasRightTo($this->iblockId, $this->sectionId, "section_element_bind"))) { $this->errorCollection->add(array(new Error(Loc::getMessage('LISTS_LAC_ACCESS_DENIED')))); } }
protected function checkPermission() { global $USER; $this->listPerm = CListPermissions::checkAccess($USER, $this->iblockTypeId); if ($this->listPerm < 0) { switch ($this->listPerm) { case CListPermissions::WRONG_IBLOCK_TYPE: $this->errorCollection->add(array(new Error(Loc::getMessage('LISTS_CPAC_WRONG_IBLOCK_TYPE')))); break; case CListPermissions::WRONG_IBLOCK: $this->errorCollection->add(array(new Error(Loc::getMessage('LISTS_CPAC_WRONG_IBLOCK')))); break; case CListPermissions::LISTS_FOR_SONET_GROUP_DISABLED: $this->errorCollection->add(array(new Error(Loc::getMessage('LISTS_CPAC_SONET_GROUP_DISABLED')))); break; default: $this->errorCollection->add(array(new Error(Loc::getMessage('LISTS_CPAC_UNKNOWN_ERROR')))); break; } } elseif ($this->listPerm < CListPermissions::IS_ADMIN) { $this->errorCollection->add(array(new Error(Loc::getMessage('LISTS_CPAC_ACCESS_DENIED')))); } }
if (isset($_POST["nt"])) { preg_match_all("/(#NAME#)|(#LAST_NAME#)|(#SECOND_NAME#)|(#NAME_SHORT#)|(#SECOND_NAME_SHORT#)|\\s|\\,/", urldecode($_REQUEST["nt"]), $matches); $nameTemplate = implode("", $matches[0]); } else { $nameTemplate = CSite::GetNameFormat(false); } if ($_POST['LD_SEARCH'] == 'Y') { CUtil::decodeURIComponent($_POST); echo CUtil::PhpToJsObject(array('USERS' => CSocNetLogDestination::SearchUsers($_POST['SEARCH'], $nameTemplate, false, IsModuleInstalled("extranet")))); } elseif ($_POST['LD_DEPARTMENT_RELATION'] == 'Y' && IsModuleInstalled("intranet")) { echo CUtil::PhpToJsObject(array('USERS' => CSocNetLogDestination::GetUsers(array('deportament_id' => $_POST['DEPARTMENT_ID'], "NAME_TEMPLATE" => $nameTemplate), false))); } elseif (isset($_POST["bitrix_processes"])) { if (CModule::IncludeModule('lists')) { IncludeModuleLangFile(__FILE__); global $USER; $listsPerm = CListPermissions::CheckAccess($USER, COption::GetOptionString("lists", "livefeed_iblock_type_id"), false); if ($listsPerm < 0) { switch ($listsPerm) { case CListPermissions::WRONG_IBLOCK_TYPE: echo CUtil::PhpToJsObject(array('success' => false, 'error' => GetMessage("CC_BLL_WRONG_IBLOCK_TYPE"))); die; case CListPermissions::WRONG_IBLOCK: echo CUtil::PhpToJsObject(array('success' => false, 'error' => GetMessage("CC_BLL_WRONG_IBLOCK"))); die; case CListPermissions::LISTS_FOR_SONET_GROUP_DISABLED: echo CUtil::PhpToJsObject(array('success' => false, 'error' => GetMessage("CC_BLL_LISTS_FOR_SONET_GROUP_DISABLED"))); die; default: echo CUtil::PhpToJsObject(array('success' => false, 'error' => GetMessage("CC_BLL_UNKNOWN_ERROR"))); die; }
/** @var string $componentName */ /** @var string $componentPath */ /** @var string $componentTemplate */ /** @var string $parentComponentName */ /** @var string $parentComponentPath */ /** @var string $parentComponentTemplate */ $this->setFrameMode(false); if (!CModule::IncludeModule('lists')) { ShowError(GetMessage("CC_BLF_MODULE_NOT_INSTALLED")); return; } $IBLOCK_ID = is_array($arParams["~IBLOCK_ID"]) ? 0 : intval($arParams["~IBLOCK_ID"]); $ELEMENT_ID = is_array($arParams["~ELEMENT_ID"]) ? 0 : intval($arParams["~ELEMENT_ID"]); $SECTION_ID = is_array($arParams["~SECTION_ID"]) ? 0 : intval($arParams["~SECTION_ID"]); $lists_perm = CListPermissions::CheckAccess($USER, $arParams["~IBLOCK_TYPE_ID"], $IBLOCK_ID, $arParams["~SOCNET_GROUP_ID"]); if (!CListPermissions::CheckFieldId($IBLOCK_ID, $arParams["FIELD_ID"])) { ShowError(GetMessage("CC_BLF_UNKNOWN_ERROR")); return; } elseif ($lists_perm < 0) { switch ($lists_perm) { case CListPermissions::WRONG_IBLOCK_TYPE: ShowError(GetMessage("CC_BLF_WRONG_IBLOCK_TYPE")); return; case CListPermissions::WRONG_IBLOCK: ShowError(GetMessage("CC_BLF_WRONG_IBLOCK")); return; case CListPermissions::LISTS_FOR_SONET_GROUP_DISABLED: ShowError(GetMessage("CC_BLF_LISTS_FOR_SONET_GROUP_DISABLED")); return; default: ShowError(GetMessage("CC_BLF_UNKNOWN_ERROR"));
/** @var array $arParams */ /** @var array $arResult */ /** @var string $componentName */ /** @var string $componentPath */ /** @var string $componentTemplate */ /** @var string $parentComponentName */ /** @var string $parentComponentPath */ /** @var string $parentComponentTemplate */ $this->setFrameMode(false); /** @var CCacheManager $CACHE_MANAGER */ global $CACHE_MANAGER; if (!CModule::IncludeModule('lists')) { ShowError(GetMessage("CC_BLF_MODULE_NOT_INSTALLED")); return; } $lists_perm = CListPermissions::CheckAccess($USER, $arParams["~IBLOCK_TYPE_ID"], intval($arParams["~IBLOCK_ID"]), $arParams["~SOCNET_GROUP_ID"]); if ($lists_perm < 0) { switch ($lists_perm) { case CListPermissions::WRONG_IBLOCK_TYPE: ShowError(GetMessage("CC_BLF_WRONG_IBLOCK_TYPE")); return; case CListPermissions::WRONG_IBLOCK: ShowError(GetMessage("CC_BLF_WRONG_IBLOCK")); return; case CListPermissions::LISTS_FOR_SONET_GROUP_DISABLED: ShowError(GetMessage("CC_BLF_LISTS_FOR_SONET_GROUP_DISABLED")); return; default: ShowError(GetMessage("CC_BLF_UNKNOWN_ERROR")); return; }
<?php define("STOP_STATISTICS", true); define("BX_SECURITY_SHOW_MESSAGE", true); require_once $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/prolog_before.php"; __IncludeLang(dirname(__FILE__) . '/lang/' . LANGUAGE_ID . '/' . basename(__FILE__)); if (!CModule::IncludeModule('lists')) { ShowError(GetMessage("CT_BMTS_MODULE_NOT_INSTALLED")); die; } CUtil::JSPostUnescape(); $iblock_id = intval($_REQUEST["IBLOCK_ID"]); $lists_perm = CListPermissions::CheckAccess($USER, $_REQUEST["IBLOCK_TYPE_ID"], $iblock_id, $_REQUEST["SOCNET_GROUP_ID"]); if ($lists_perm < 0) { switch ($lists_perm) { case CListPermissions::WRONG_IBLOCK_TYPE: ShowError(GetMessage("CT_BMTS_WRONG_IBLOCK_TYPE")); die; case CListPermissions::WRONG_IBLOCK: ShowError(GetMessage("CT_BMTS_WRONG_IBLOCK")); die; default: ShowError(GetMessage("CT_BMTS_UNKNOWN_ERROR")); die; } } elseif ($lists_perm < CListPermissions::CAN_READ && !CIBlockRights::UserHasRightTo($iblock_id, $iblock_id, "element_read")) { ShowError(GetMessage("CT_BMTS_ACCESS_DENIED")); die; } $arIBlock = CIBlock::GetArrayByID($iblock_id); if ($_REQUEST['MODE'] == 'section') {
} } } if ($arResult["IBLOCK"]["RIGHTS_MODE"] === 'E' && $arResult["CAN_EDIT_RIGHTS"]) { if (is_array($_POST["RIGHTS"])) { $arPOSTRights = CIBlockRights::Post2Array($_POST["RIGHTS"]); } else { $arPOSTRights = array(); } if ($ELEMENT_ID) { $obRights = new CIBlockElementRights($arResult["IBLOCK_ID"], $ELEMENT_ID); } else { $obRights = new CIBlockSectionRights($arResult["IBLOCK_ID"], $SECTION_ID); } $arDBRights = $obRights->GetRights(); $arElement["RIGHTS"] = CListPermissions::MergeRights($arParams["~IBLOCK_TYPE_ID"], $arDBRights, $arPOSTRights); } //---BP--- $arResult["isConstantsTuned"] = false; if ($bBizproc) { $documentType = BizProcDocument::generateDocumentComplexType($arParams["IBLOCK_TYPE_ID"], $arResult["IBLOCK_ID"]); $arDocumentStates = CBPDocument::GetDocumentStates($documentType, $arResult["ELEMENT_ID"] > 0 ? BizProcDocument::getDocumentComplexId($arParams["IBLOCK_TYPE_ID"], $arResult["ELEMENT_ID"]) : null, "Y"); $templatesOnStartup = false; $arCurrentUserGroups = $USER->GetUserGroupArray(); if (!$arResult["ELEMENT_FIELDS"] || $arResult["ELEMENT_FIELDS"]["CREATED_BY"] == $USER->GetID()) { $arCurrentUserGroups[] = "author"; } if ($arResult["ELEMENT_ID"]) { $canWrite = CBPDocument::CanUserOperateDocument(CBPCanUserOperateOperation::WriteDocument, $USER->GetID(), BizProcDocument::getDocumentComplexId($arParams["IBLOCK_TYPE_ID"], $arResult["ELEMENT_ID"]), array("AllUserGroups" => $arCurrentUserGroups, "DocumentStates" => $arDocumentStates)); } else { $canWrite = CBPDocument::CanUserOperateDocumentType(CBPCanUserOperateOperation::WriteDocument, $USER->GetID(), $documentType, array("AllUserGroups" => $arCurrentUserGroups, "DocumentStates" => $arDocumentStates));
protected static function _lists_check($USER, $iblock_type_id, $iblock_id) { $iblock_check = CListPermissions::_iblock_check($iblock_type_id, $iblock_id); if ($iblock_check < 0) { return $iblock_check; } $arListsPerm = CLists::GetPermission($iblock_type_id); if (!count($arListsPerm)) { return CListPermissions::ACCESS_DENIED; } $arUSER_GROUPS = $USER->GetUserGroupArray(); if (count(array_intersect($arListsPerm, $arUSER_GROUPS)) > 0) { return CListPermissions::IS_ADMIN; } return CIBlock::GetPermission($iblock_id); }
/** * @param $userId * @return bool */ public function canRead($userId) { if ($this->canRead !== null) { return $this->canRead; } if (($res = $this->getDataToCheck($this->entityId)) && !empty($res)) { list($message, $topic) = $res; if (!empty($topic["XML_ID"])) { $entityId = substr($topic["XML_ID"], strrpos($topic["XML_ID"], "_") + 1); $entityType = substr($topic["XML_ID"], 0, strrpos($topic["XML_ID"], "_")); switch ($entityType) { case "TASK": if (Loader::includeModule("tasks")) { $connector = new TaskConnector($entityId, $this->attachedObject); $this->canRead = $connector->canRead($userId); return $this->canRead; } break; case "EVENT": if (Loader::includeModule("calendar")) { $connector = new CalendarEventConnector($entityId, $this->attachedObject); $this->canRead = $connector->canRead($userId); return $this->canRead; } break; case "IBLOCK": if ((int) $topic["USER_ID"] > 0 && Loader::includeModule("socialnetwork")) { $codes = array(); if (($res = \CSocNetLog::getList(array(), array("SOURCE_ID" => $entityId, "EVENT_ID" => array("photo_photo", "news", "wiki")), false, false, array("ID"))->fetch()) && $res) { $db_res = \CSocNetLogRights::getList(array(), array("LOG_ID" => $res["ID"])); while ($res = $db_res->fetch()) { $codes[] = $res["GROUP_CODE"]; } } $this->canRead = $this->canAccess($userId, $codes); return $this->canRead; } $this->canRead = true; return $this->canRead; case "MEETING": $this->canRead = (int) $message["FORUM_ID"] == (int) \COption::getOptionInt('meeting', 'comments_forum_id', 0, SITE_ID); return $this->canRead; case "TIMEMAN_ENTRY": if (Loader::includeModule("timeman")) { $dbEntry = \CTimeManEntry::getList(array(), array("ID" => $entityId), false, false, array("ID", "USER_ID")); if ($arEntry = $dbEntry->fetch()) { if ($arEntry["USER_ID"] == $userId) { $this->canRead = true; return $this->canRead; } else { $arManagers = \CTimeMan::getUserManagers($arEntry["USER_ID"]); $this->canRead = in_array($userId, $arManagers); return $this->canRead; } } } $this->canRead = false; return $this->canRead; case "TIMEMAN_REPORT": if (Loader::includeModule("timeman")) { $dbReport = \CTimeManReportFull::getList(array(), array("ID" => $entityId), false, false, array("ID", "USER_ID")); if ($arReport = $dbReport->fetch()) { if ($arReport["USER_ID"] == $userId) { $this->canRead = true; return $this->canRead; } else { $arManagers = \CTimeMan::getUserManagers($arReport["USER_ID"]); $this->canRead = in_array($userId, $arManagers); return $this->canRead; } } } $this->canRead = false; return $this->canRead; case "WF": $this->canRead = false; if (Loader::includeModule("bizproc") && Loader::includeModule("lists")) { $documentId = \CBPStateService::getStateDocumentId($entityId); $elementId = intval($documentId[2]); $elementObject = \CIBlockElement::getList(array(), array('ID' => $elementId), false, false, array('IBLOCK_TYPE_ID', 'IBLOCK_ID')); $element = $elementObject->fetch(); $listPerm = \CListPermissions::checkAccess($this->getUser(), $element['IBLOCK_TYPE_ID'], $element['IBLOCK_ID']); if ($listPerm < 0) { $this->canRead = false; } elseif ($listPerm < \CListPermissions::CAN_READ && !\CIBlockElementRights::UserHasRightTo($element['IBLOCK_ID'], $elementId, "element_read")) { $this->canRead = false; } else { $this->canRead = true; } } return $this->canRead; } } else { if ((!empty($topic["SOCNET_GROUP_ID"]) || !empty($topic["OWNER_ID"])) && Loader::includeModule("socialnetwork")) { if (!empty($topic["SOCNET_GROUP_ID"])) { $this->canRead = \CSocNetFeatures::isActiveFeature(SONET_ENTITY_GROUP, $topic["SOCNET_GROUP_ID"], "forum") && \CSocNetFeaturesPerms::canPerformOperation($userId, SONET_ENTITY_GROUP, $topic["SOCNET_GROUP_ID"], "forum", "view"); return $this->canRead; } else { $this->canRead = \CSocNetFeatures::isActiveFeature(SONET_ENTITY_USER, $topic["OWNER_ID"], "forum") && \CSocNetFeaturesPerms::canPerformOperation($userId, SONET_ENTITY_USER, $topic["OWNER_ID"], "forum", "view"); return $this->canRead; } } } if ($message) { $user = $this->getUser(); if ($user && $userId == $user->getId()) { $userGroups = $user->getUserGroupArray(); } else { $userGroups = array(2); } /** @noinspection PhpDynamicAsStaticMethodCallInspection */ if (\CForumUser::isAdmin($userId, $userGroups)) { $this->canRead = true; return $this->canRead; } /** @noinspection PhpDynamicAsStaticMethodCallInspection */ $perms = \CForumNew::getUserPermission($message["FORUM_ID"], $userGroups); if ($perms >= "Y") { $this->canRead = true; return $this->canRead; } if ($perms < "E" || $perms < "Q" && $message["APPROVED"] != "Y") { $this->canRead = false; return $this->canRead; } /** @noinspection PhpDynamicAsStaticMethodCallInspection */ $forum = \CForumNew::getByID($message["FORUM_ID"]); $this->canRead = $forum["ACTIVE"] == "Y"; return $this->canRead; } } $this->canRead = false; return $this->canRead; }