/** * Check files accessibility by user. * * @param array $arFilesIds * @param integer $userId * * @return array $arAccessMap, such as $arAccessMap = array('f' . $fileId => true/false, ...) */ public static function checkFilesAccessibilityByUser($arFilesIds, $userId) { $arAccessMap = array(); $arFilesIds = array_unique($arFilesIds); $arMustBeCheckedFilesIds = $arFilesIds; // for preventing check again already checked file id // Admin and B24-admin can view any file if (CTasksTools::IsAdmin($userId) || CTasksTools::IsPortalB24Admin($userId)) { foreach ($arFilesIds as $fileId) { $arAccessMap['f' . $fileId] = true; } return $arAccessMap; } // init access map to FALSE (access denied) by default foreach ($arFilesIds as $fileId) { $arAccessMap['f' . $fileId] = false; } // files that are temporary saved by user $arAccessibleFilesIds = self::getRegisteredTemporaryFilesList($userId); $arTmp = $arMustBeCheckedFilesIds; foreach ($arTmp as $key => $fileId) { if (in_array((int) $fileId, $arAccessibleFilesIds, true)) { $arAccessMap['f' . $fileId] = true; unset($arMustBeCheckedFilesIds[$key]); } } // user can access files, that are already attached to tasks, accessibly by user $arAccessibleFilesIds = self::getFilesAttachedInAccessibleTasks($userId, $arMustBeCheckedFilesIds); $arTmp = $arMustBeCheckedFilesIds; foreach ($arTmp as $key => $fileId) { if (in_array((int) $fileId, $arAccessibleFilesIds, true)) { $arAccessMap['f' . $fileId] = true; unset($arMustBeCheckedFilesIds[$key]); } } // check if file is in tasks' templates, that are accessible for this user if (!empty($arMustBeCheckedFilesIds)) { $arAccessibleFilesIds = self::getFilesAttachedInAccessibleTemplates($userId); foreach ($arMustBeCheckedFilesIds as $fileId) { if (in_array((int) $fileId, $arAccessibleFilesIds, true)) { $arAccessMap['f' . $fileId] = true; } } } return $arAccessMap; }
public static function tasks_extended_meta_occurInLogsAs($args) { $arMessages = array(); $parsedReturnValue = null; $withoutExceptions = false; try { if (!(CTasksTools::IsAdmin() || CTasksTools::IsPortalB24Admin())) { throw new TasksException('Only root can do this', TasksException::TE_ACCESS_DENIED); } CTaskAssert::assert(is_array($args) && count($args) == 1); $userId = array_pop($args); CTasksTools::setOccurAsUserId($userId); $parsedReturnValue = CTasksTools::getOccurAsUserId(); $withoutExceptions = true; } catch (CTaskAssertException $e) { $arMessages[] = array('id' => 'TASKS_ERROR_ASSERT_EXCEPTION', 'text' => 'TASKS_ERROR_ASSERT_EXCEPTION'); } catch (TasksException $e) { $errCode = $e->getCode(); $errMsg = $e->getMessage(); if ($e->GetCode() & TasksException::TE_FLAG_SERIALIZED_ERRORS_IN_MESSAGE) { $arMessages = unserialize($errMsg); } else { $arMessages[] = array('id' => 'TASKS_ERROR_EXCEPTION_#' . $errCode, 'text' => 'TASKS_ERROR_EXCEPTION_#' . $errCode . '; ' . $errMsg . '; ' . TasksException::renderErrorCode($e)); } } catch (Exception $e) { $errMsg = $e->getMessage(); if ($errMsg !== '') { $arMessages[] = array('text' => $errMsg, 'id' => 'TASKS_ERROR'); } } if ($withoutExceptions) { return $parsedReturnValue; } else { self::_emitError($arMessages); throw new Exception(); } }
private static function getAllowedActionsArrayInternal($executiveUserId, array $arTaskData, $bmUserRoles) { $arBaseAllowedActions = self::getBaseAllowedActions(); $arActualBaseAllowedActions = $arBaseAllowedActions[$arTaskData['REAL_STATUS']]; // actions allowed on read-access $arAllowedActions = array(self::ACTION_TOGGLE_FAVORITE); if ($arTaskData['FAVORITE'] == 'Y') { $arAllowedActions[] = self::ACTION_DELETE_FAVORITE; } else { $arAllowedActions[] = self::ACTION_ADD_FAVORITE; } $mergesCount = 0; if (is_array($arActualBaseAllowedActions)) { foreach ($arActualBaseAllowedActions as $userRole => $arActions) { if ($userRole & $bmUserRoles) { $arAllowedActions = array_merge($arAllowedActions, $arActions); ++$mergesCount; } } } if ($mergesCount > 1) { $arAllowedActions = array_unique($arAllowedActions); } $isAdmin = CTasksTools::IsAdmin($executiveUserId) || CTasksTools::IsPortalB24Admin($executiveUserId); if (self::$bSocialNetworkModuleIncluded === null) { self::$bSocialNetworkModuleIncluded = CModule::IncludeModule('socialnetwork'); } // Admin always can edit and remove, also implement rights from task group if (!in_array(self::ACTION_REMOVE, $arAllowedActions, true)) { /** @noinspection PhpDynamicAsStaticMethodCallInspection */ if ($isAdmin || $arTaskData['GROUP_ID'] > 0 && self::$bSocialNetworkModuleIncluded && CSocNetFeaturesPerms::CanPerformOperation($executiveUserId, SONET_ENTITY_GROUP, $arTaskData['GROUP_ID'], 'tasks', 'delete_tasks')) { $arAllowedActions[] = self::ACTION_REMOVE; } } if (!in_array(self::ACTION_EDIT, $arAllowedActions, true)) { /** @noinspection PhpDynamicAsStaticMethodCallInspection */ if ($isAdmin || $arTaskData['GROUP_ID'] > 0 && self::$bSocialNetworkModuleIncluded && CSocNetFeaturesPerms::CanPerformOperation($executiveUserId, SONET_ENTITY_GROUP, $arTaskData['GROUP_ID'], 'tasks', 'edit_tasks')) { $arAllowedActions[] = self::ACTION_EDIT; } } // Precache result of slow 'in_array' function $bCanEdit = in_array(self::ACTION_EDIT, $arAllowedActions, true); // User can change deadline, if ... if ($isAdmin || $bCanEdit || $arTaskData['ALLOW_CHANGE_DEADLINE'] === 'Y' && self::ROLE_RESPONSIBLE & $bmUserRoles) { $arAllowedActions[] = self::ACTION_CHANGE_DEADLINE; } // If user can edit task, he can also add elapsed time and checklist items if ($isAdmin || $bCanEdit) { $arAllowedActions[] = self::ACTION_ELAPSED_TIME_ADD; $arAllowedActions[] = self::ACTION_CHECKLIST_ADD_ITEMS; } // Director can change director, and user who can edit can if ($isAdmin || $bCanEdit || self::ROLE_DIRECTOR & $bmUserRoles) { $arAllowedActions[] = self::ACTION_CHANGE_DIRECTOR; } if ($arTaskData['ALLOW_TIME_TRACKING'] === 'Y') { // User can do time tracking, if he is participant in the task if ($executiveUserId == $arTaskData['RESPONSIBLE_ID'] || !empty($arTaskData['ACCOMPLICES']) && in_array($executiveUserId, $arTaskData['ACCOMPLICES'])) { $arAllowedActions[] = self::ACTION_START_TIME_TRACKING; } } return array_values(array_unique($arAllowedActions)); }
public function isActionAllowed($actionId) { $isActionAllowed = false; CTaskAssert::assertLaxIntegers($actionId); $actionId = (int) $actionId; $isAdmin = CTasksTools::IsAdmin($this->executiveUserId) || CTasksTools::IsPortalB24Admin($this->executiveUserId); if ($actionId === self::ACTION_ADD) { $isActionAllowed = $this->oTaskItem->isActionAllowed(CTaskItem::ACTION_CHECKLIST_ADD_ITEMS); } elseif (in_array((int) $actionId, array(self::ACTION_MODIFY, self::ACTION_REMOVE, self::ACTION_TOGGLE), true)) { $arItemData = $this->getData($bEscape = false); if ($isAdmin || $arItemData['CREATED_BY'] == $this->executiveUserId) { $isActionAllowed = true; } elseif ($actionId == self::ACTION_TOGGLE) { // This can do director, responsible and accomplices if ($this->oTaskItem->isUserRole(CTaskItem::ROLE_DIRECTOR | CTaskItem::ROLE_RESPONSIBLE | CTaskItem::ROLE_ACCOMPLICE)) { $isActionAllowed = true; } } elseif ($actionId == self::ACTION_MODIFY || $actionId == self::ACTION_REMOVE) { // This can do director or user who can edit task if ($this->oTaskItem->isUserRole(CTaskItem::ROLE_DIRECTOR) || $this->oTaskItem->isActionAllowed(CTaskItem::ACTION_EDIT)) { $isActionAllowed = true; } } } return $isActionAllowed; }
$arParams["PATH_TO_USER_TEMPLATES_TEMPLATE"] = trim($arParams["PATH_TO_USER_TEMPLATES_TEMPLATE"]); if (strlen($arParams["PATH_TO_USER_TEMPLATES_TEMPLATE"]) <= 0) { $arParams["PATH_TO_USER_TEMPLATES_TEMPLATE"] = htmlspecialcharsbx($APPLICATION->GetCurPage() . "?" . $arParams["PAGE_VAR"] . "=user_templates_template&" . $arParams["USER_VAR"] . "=#user_id#&" . $arParams["TEMPLATE_VAR"] . "=#template_id#&" . $arParams["ACTION_VAR"] . "=#action#"); } $arParams["PATH_TO_TASKS"] = str_replace("#user_id#", $arParams["USER_ID"], $arParams["PATH_TO_USER_TASKS"]); $arParams["PATH_TO_TASKS_TASK"] = str_replace("#user_id#", $arParams["USER_ID"], $arParams["PATH_TO_USER_TASKS_TASK"]); $arParams["PATH_TO_TASKS_TEMPLATES"] = str_replace("#user_id#", $arParams["USER_ID"], $arParams["PATH_TO_USER_TASKS_TEMPLATES"]); $arParams["PATH_TO_TEMPLATES_TEMPLATE"] = str_replace("#user_id#", $arParams["USER_ID"], $arParams["PATH_TO_USER_TEMPLATES_TEMPLATE"]); $arParams['NAME_TEMPLATE'] = empty($arParams['NAME_TEMPLATE']) ? CSite::GetNameFormat(false) : str_replace(array("#NOBR#", "#/NOBR#"), array("", ""), $arParams["NAME_TEMPLATE"]); $rsUser = CUser::GetByID($arParams["USER_ID"]); if ($user = $rsUser->GetNext()) { $arResult["USER"] = $user; } else { return; } $arResult['USER_IS_ADMIN'] = CTasksTools::IsAdmin() || CTasksTools::IsPortalB24Admin(); if (array_key_exists("back_url", $_REQUEST) && strlen($_REQUEST["back_url"]) > 0) { $arResult["RETURN_URL"] = htmlspecialcharsbx(trim($_REQUEST["back_url"])); } else { $arResult["RETURN_URL"] = $arParams["PATH_TO_TASKS_TEMPLATES"]; } ################## ### dispatchAction $arData = array(); if (($arResult["ACTION"] == "edit" || $arResult["ACTION"] == "delete") && intval($arParams["TEMPLATE_ID"])) { $rsTemplate = CTaskTemplates::GetList(array(), array("ID" => $arParams["TEMPLATE_ID"]), array(), array('USER_ID' => $USER->getId()), array('*', 'UF_*', 'BASE_TEMPLATE_ID', 'TEMPLATE_CHILDREN_COUNT')); if (!($arData = $rsTemplate->GetNext())) { ShowError(GetMessage("TASKS_TEMPLATE_NOT_FOUND")); return; } else { $arData["ACCOMPLICES"] = $arData["~ACCOMPLICES"] ? unserialize($arData["~ACCOMPLICES"]) : array();
public function isActionAllowed($actionId) { $isActionAllowed = false; CTaskAssert::assertLaxIntegers($actionId); $actionId = (int) $actionId; $isAdmin = CTasksTools::IsAdmin($this->executiveUserId) || CTasksTools::IsPortalB24Admin($this->executiveUserId); if ($actionId === self::ACTION_ELAPSED_TIME_ADD) { $isActionAllowed = $this->oTaskItem->isActionAllowed(CTaskItem::ACTION_ELAPSED_TIME_ADD); } elseif ($actionId === self::ACTION_ELAPSED_TIME_MODIFY || $actionId === self::ACTION_ELAPSED_TIME_REMOVE) { $arItemData = $this->getData($bEscape = false); if ($isAdmin || $arItemData['USER_ID'] == $this->executiveUserId) { $isActionAllowed = true; } } return $isActionAllowed; }
/** * @param $arOrder * @param $arFilter * @param array $arNavParams * @param array $arParams * @param array $arSelect * @return bool|CDBResult * * @global $DB CDatabase * @global $DBType string */ public static function GetList($arOrder, $arFilter, $arNavParams = array(), $arParams = array(), $arSelect = array()) { global $DB, $DBType, $USER_FIELD_MANAGER; $arSqlSearch = CTaskTemplates::GetFilter($arFilter, $arParams); // check permissions if (isset($arParams['USER_ID'])) { $executiveUserId = (int) $arParams['USER_ID']; $isAdmin = CTasksTools::IsAdmin($executiveUserId) || CTasksTools::IsPortalB24Admin($executiveUserId); if (!$isAdmin) { $sql = 'TT.CREATED_BY = ' . (int) $executiveUserId; if ($executiveUserId && ($arDepsIDs = CTasks::GetSubordinateDeps($executiveUserId))) { if (!is_array($arDepsIDs)) { $arDepsIDs = array(intval($arDepsIDs)); } /** @noinspection PhpDynamicAsStaticMethodCallInspection */ $rsDepartmentField = CUserTypeEntity::GetList(array(), array("ENTITY_ID" => "USER", "FIELD_NAME" => "UF_DEPARTMENT")); $cntOfDepartments = count($arDepsIDs); if ($cntOfDepartments && ($arDepartmentField = $rsDepartmentField->Fetch())) { if (strtolower($DBType) === 'oracle' && ($valuesLimit = 1000) && $cntOfDepartments > $valuesLimit) { $arConstraints = array(); $sliceIndex = 0; while ($sliceIndex < $cntOfDepartments) { $arConstraints[] = 'BUF1.VALUE_INT IN (' . implode(',', array_slice($arDepsIDs, $sliceIndex, $valuesLimit)) . ')'; $sliceIndex += $valuesLimit; } $strConstraint = '(' . implode(' OR ', $arConstraints) . ')'; } else { $strConstraint = "BUF1.VALUE_INT IN (" . implode(",", $arDepsIDs) . ")"; } $sql .= "\n\t\t\t\t\t\t\tOR EXISTS (\n\t\t\t\t\t\t\t\tSELECT\n\t\t\t\t\t\t\t\t\t'x'\n\t\t\t\t\t\t\t\tFROM\n\t\t\t\t\t\t\t\t\tb_utm_user BUF1\n\t\t\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\t\t\tBUF1.FIELD_ID = " . $arDepartmentField["ID"] . "\n\t\t\t\t\t\t\t\tAND BUF1.VALUE_ID = TT.CREATED_BY\n\t\t\t\t\t\t\t\tAND " . $strConstraint . "\n\t\t\t\t\t\t\t) "; } } $arSqlSearch[] = ' (' . $sql . ') '; } } $obUserFieldsSql = new CUserTypeSQL(); $obUserFieldsSql->SetEntity("TASKS_TASK_TEMPLATE", "TT.ID"); $obUserFieldsSql->SetSelect($arSelect); $obUserFieldsSql->SetFilter($arFilter); $obUserFieldsSql->SetOrder($arOrder); $r = $obUserFieldsSql->GetFilter(); if (strlen($r) > 0) { $arSqlSearch[] = "(" . $r . ")"; } $arFields = array('ID' => array('FIELD' => 'TT.ID', 'DEFAULT' => true), 'TITLE' => array('FIELD' => 'TT.TITLE', 'DEFAULT' => true), 'DESCRIPTION' => array('FIELD' => 'TT.DESCRIPTION', 'DEFAULT' => true), 'DESCRIPTION_IN_BBCODE' => array('FIELD' => 'TT.DESCRIPTION_IN_BBCODE', 'DEFAULT' => true), 'PRIORITY' => array('FIELD' => 'TT.PRIORITY', 'DEFAULT' => true), 'STATUS' => array('FIELD' => 'TT.STATUS', 'DEFAULT' => true), 'RESPONSIBLE_ID' => array('FIELD' => 'TT.RESPONSIBLE_ID', 'DEFAULT' => true), 'DEADLINE_AFTER' => array('FIELD' => 'TT.DEADLINE_AFTER', 'DEFAULT' => true), 'REPLICATE' => array('FIELD' => 'TT.REPLICATE', 'DEFAULT' => true), 'REPLICATE_PARAMS' => array('FIELD' => 'TT.REPLICATE_PARAMS', 'DEFAULT' => true), 'CREATED_BY' => array('FIELD' => 'TT.CREATED_BY', 'DEFAULT' => true), 'XML_ID' => array('FIELD' => 'TT.XML_ID', 'DEFAULT' => true), 'ALLOW_CHANGE_DEADLINE' => array('FIELD' => 'TT.ALLOW_CHANGE_DEADLINE', 'DEFAULT' => true), 'ALLOW_TIME_TRACKING' => array('FIELD' => 'TT.ALLOW_TIME_TRACKING', 'DEFAULT' => true), 'TASK_CONTROL' => array('FIELD' => 'TT.TASK_CONTROL', 'DEFAULT' => true), 'ADD_IN_REPORT' => array('FIELD' => 'TT.ADD_IN_REPORT', 'DEFAULT' => true), 'GROUP_ID' => array('FIELD' => 'TT.GROUP_ID', 'DEFAULT' => true), 'PARENT_ID' => array('FIELD' => 'TT.PARENT_ID', 'DEFAULT' => true), 'MULTITASK' => array('FIELD' => 'TT.MULTITASK', 'DEFAULT' => true), 'SITE_ID' => array('FIELD' => 'TT.SITE_ID', 'DEFAULT' => true), 'ACCOMPLICES' => array('FIELD' => 'TT.ACCOMPLICES', 'DEFAULT' => true), 'AUDITORS' => array('FIELD' => 'TT.AUDITORS', 'DEFAULT' => true), 'RESPONSIBLES' => array('FIELD' => 'TT.RESPONSIBLES', 'DEFAULT' => true), 'FILES' => array('FIELD' => 'TT.FILES', 'DEFAULT' => true), 'TAGS' => array('FIELD' => 'TT.TAGS', 'DEFAULT' => true), 'DEPENDS_ON' => array('FIELD' => 'TT.DEPENDS_ON', 'DEFAULT' => true), 'TASK_ID' => array('FIELD' => 'TT.TASK_ID', 'DEFAULT' => true), 'TPARAM_TYPE' => array('FIELD' => 'TT.TPARAM_TYPE', 'DEFAULT' => true), 'BASE_TEMPLATE_ID' => array('FIELD' => 'CASE WHEN TDD.' . Template\DependencyTable::getPARENTIDColumnName() . ' IS NULL THEN 0 ELSE TDD.' . Template\DependencyTable::getPARENTIDColumnName() . ' END', 'DEFAULT' => false), 'TEMPLATE_CHILDREN_COUNT' => array('FIELD' => 'CASE WHEN TEMPLATE_CHILDREN_COUNT IS NULL THEN 0 ELSE TEMPLATE_CHILDREN_COUNT END', 'DEFAULT' => false), 'CREATED_BY_NAME' => array('FIELD' => 'CU.NAME', 'DEFAULT' => true, 'ALWAYS' => true), 'CREATED_BY_LAST_NAME' => array('FIELD' => 'CU.LAST_NAME ', 'DEFAULT' => true, 'ALWAYS' => true), 'CREATED_BY_SECOND_NAME' => array('FIELD' => 'CU.SECOND_NAME', 'DEFAULT' => true, 'ALWAYS' => true), 'CREATED_BY_LOGIN' => array('FIELD' => 'CU.LOGIN', 'DEFAULT' => true, 'ALWAYS' => true), 'CREATED_BY_WORK_POSITION' => array('FIELD' => 'CU.WORK_POSITION', 'DEFAULT' => true, 'ALWAYS' => true), 'CREATED_BY_PHOTO' => array('FIELD' => 'CU.PERSONAL_PHOTO', 'DEFAULT' => true, 'ALWAYS' => true), 'RESPONSIBLE_NAME' => array('FIELD' => 'RU.NAME', 'DEFAULT' => true, 'ALWAYS' => true), 'RESPONSIBLE_LAST_NAME' => array('FIELD' => 'RU.LAST_NAME', 'DEFAULT' => true, 'ALWAYS' => true), 'RESPONSIBLE_SECOND_NAME' => array('FIELD' => 'RU.SECOND_NAME', 'DEFAULT' => true, 'ALWAYS' => true), 'RESPONSIBLE_LOGIN' => array('FIELD' => 'RU.LOGIN', 'DEFAULT' => true, 'ALWAYS' => true), 'RESPONSIBLE_WORK_POSITION' => array('FIELD' => 'RU.WORK_POSITION', 'DEFAULT' => true, 'ALWAYS' => true), 'RESPONSIBLE_PHOTO' => array('FIELD' => 'RU.PERSONAL_PHOTO', 'DEFAULT' => true, 'ALWAYS' => true)); $filterByBaseTemplate = false; $selectBaseTemplateId = false; $useChildrenCount = false; if (!is_array($arSelect)) { $arSelect = array(); } $defaultSelect = array(); $alwaysSelect = array(); foreach ($arFields as $field => $rule) { if ($rule['DEFAULT']) { $defaultSelect[] = $field; } if ($rule['ALWAYS']) { $alwaysSelect[] = $field; } } if (count($arSelect) <= 0) { $arSelect = $defaultSelect; } elseif (in_array("*", $arSelect)) { $arSelect = array_diff(array_merge($defaultSelect, $arSelect), array("*")); } $arSelect = array_merge($arSelect, $alwaysSelect); $selectBaseTemplateId = in_array('BASE_TEMPLATE_ID', $arSelect); $useChildrenCount = in_array('TEMPLATE_CHILDREN_COUNT', $arSelect); if (!is_array($arOrder)) { $arOrder = array(); } foreach ($arOrder as $field => $direction) { if ($field == 'BASE_TEMPLATE_ID') { $selectBaseTemplateId = true; } if ($field == 'TEMPLATE_CHILDREN_COUNT') { $useChildrenCount = true; } } if (!is_array($arFilter)) { $arFilter = array(); } if (!is_array($arParams)) { $arParams = array(); } foreach ($arFilter as $key => $value) { $keyParsed = CTasks::MkOperationFilter($key); if ($keyParsed['FIELD'] == 'BASE_TEMPLATE_ID') { $filterByBaseTemplate = true; } if ($keyParsed['FIELD'] == 'TEMPLATE_CHILDREN_COUNT') { $useChildrenCount = true; } } $includeSubtree = $arParams['INCLUDE_TEMPLATE_SUBTREE'] === true || $arParams['INCLUDE_TEMPLATE_SUBTREE'] === 'Y'; $excludeSubtree = $arParams['EXCLUDE_TEMPLATE_SUBTREE'] === true || $arParams['EXCLUDE_TEMPLATE_SUBTREE'] === 'Y'; $treeJoin = ''; if ($excludeSubtree) { $treeJoin = ""; } else { $treeJoin = "LEFT JOIN " . Template\DependencyTable::getTableName() . " TD on TT.ID = TD.TEMPLATE_ID" . ($includeSubtree ? "" : " AND TD.DIRECT = '1'"); } $temporalTableName = \Bitrix\Tasks\DB\Helper::getTemporaryTableNameSql(); $strFrom = "FROM\n\t\t\t\tb_tasks_template TT\n\n\t\t\t" . $treeJoin . "\n\n\t\t\t" . ($selectBaseTemplateId ? "\n\t\t\tLEFT JOIN\n\t\t\t\t" . Template\DependencyTable::getTableName() . " TDD ON TT.ID = TDD.TEMPLATE_ID AND TDD.DIRECT = '1'\n\t\t\t" : "\n\t\t\t") . "\n\n\t\t\t" . ($useChildrenCount ? "\n\t\t\t\tLEFT JOIN (\n\t\t\t\t\tSELECT TTI.ID, COUNT(TDDC.TEMPLATE_ID) AS TEMPLATE_CHILDREN_COUNT\n\t\t\t\t\tfrom\n\t\t\t\t\t\tb_tasks_template TTI\n\t\t\t\t\t\tINNER JOIN " . Template\DependencyTable::getTableName() . " TDDC ON TTI.ID = TDDC.PARENT_TEMPLATE_ID AND TDDC.DIRECT = '1'\n\t\t\t\t\tGROUP BY TTI.ID\n\t\t\t\t) " . $temporalTableName . " on " . $temporalTableName . ".ID = TT.ID\n\t\t\t" : "\n\t\t\t") . "\n\n\t\t\tLEFT JOIN\n\t\t\t\tb_user CU ON CU.ID = TT.CREATED_BY\n\t\t\tLEFT JOIN\n\t\t\t\tb_user RU ON RU.ID = TT.RESPONSIBLE_ID\n\t\t\t\n\t\t\t" . $obUserFieldsSql->GetJoin("TT.ID") . "\n\n\t\t\t" . (sizeof($arSqlSearch) ? "WHERE " . implode(" AND ", $arSqlSearch) : "") . " "; foreach ($arOrder as $by => $order) { $by = strtolower($by); $order = strtolower($order); if ($order != "asc") { $order = "desc"; } if ($by == "task") { $arSqlOrder[] = " TT " . $order . " "; } elseif ($by == "title") { $arSqlOrder[] = " TT.TITLE " . $order . " "; } elseif ($by == "depends_on") { $arSqlOrder[] = " TT.DEPENDS_ON " . $order . " "; } elseif ($by == "rand") { $arSqlOrder[] = CTasksTools::getRandFunction(); } elseif ($by === 'responsible_last_name') { $arSqlOrder[] = " RU.LAST_NAME " . $order . " "; } elseif ($by === 'tparam_type') { $arSqlOrder[] = " TT.TPARAM_TYPE " . $order . " "; } elseif ($by === 'template_children_count') { $arSqlOrder[] = " TEMPLATE_CHILDREN_COUNT " . $order . " "; } elseif ($by === 'base_template_id') { $arSqlOrder[] = " BASE_TEMPLATE_ID " . $order . " "; } elseif (substr($by, 0, 3) === 'uf_') { if ($s = $obUserFieldsSql->GetOrder($by)) { $arSqlOrder[$by] = " " . $s . " " . $order . " "; } } else { $arSqlOrder[] = " TT.ID " . $order . " "; $by = "id"; } if ($by !== 'rand' && !in_array(strtoupper($by), $arSelect)) { $arSelect[] = strtoupper($by); } } $strSqlOrder = ""; DelDuplicateSort($arSqlOrder); $arSqlOrderCnt = count($arSqlOrder); for ($i = 0; $i < $arSqlOrderCnt; $i++) { if ($i == 0) { $strSqlOrder = " ORDER BY "; } else { $strSqlOrder .= ","; } $strSqlOrder .= $arSqlOrder[$i]; } if (!in_array("ID", $arSelect)) { $arSelect[] = "ID"; } $arSqlSelect = array(); foreach ($arSelect as $field) { $field = strtoupper($field); if (array_key_exists($field, $arFields)) { $arSqlSelect[$field] = \Bitrix\Tasks\DB\Helper::wrapColumnWithFunction($arFields[$field]['FIELD'], $arFields[$field]['WRAP']) . " AS " . $field; } } if (!sizeof($arSqlSelect)) { $arSqlSelect = "TT.ID AS ID"; } else { $arSqlSelect = implode(",\n", $arSqlSelect); } $ufSelect = $obUserFieldsSql->GetSelect(); if (strlen($ufSelect)) { $arSqlSelect .= $ufSelect; } $strSql = "\n\t\t\tSELECT \n\t\t\t\t" . $arSqlSelect . "\n\t\t\t\t" . $strFrom . "\n\t\t\t\t" . $strSqlOrder; if (isset($arNavParams["NAV_PARAMS"]) && is_array($arNavParams["NAV_PARAMS"])) { $nTopCount = (int) $arNavParams['NAV_PARAMS']['nTopCount']; if ($nTopCount > 0) { $strSql = $DB->TopSql($strSql, $nTopCount); $res = $DB->Query($strSql, false, "File: " . __FILE__ . "<br>Line: " . __LINE__); $res->SetUserFields($USER_FIELD_MANAGER->GetUserFields("TASKS_TASK_TEMPLATE")); } else { $res_cnt = $DB->Query("SELECT COUNT(TT.ID) as C " . $strFrom); $res_cnt = $res_cnt->Fetch(); $res = new CDBResult(); $res->SetUserFields($USER_FIELD_MANAGER->GetUserFields("TASKS_TASK_TEMPLATE")); $res->NavQuery($strSql, $res_cnt["C"], $arNavParams["NAV_PARAMS"]); } } else { $res = $DB->Query($strSql, false, "File: " . __FILE__ . "<br>Line: " . __LINE__); $res->SetUserFields($USER_FIELD_MANAGER->GetUserFields("TASKS_TASK_TEMPLATE")); } return $res; }
public static function CanGivenUserEdit($userId, $taskCreatedBy, $taskGroupId, $site_id = SITE_ID) { $userId = (int) $userId; $taskGroupId = (int) $taskGroupId; $site_id = null; // not used, left in function declaration for backward compatibility /** @noinspection PhpUnusedParameterInspection */ if ($userId <= 0) { throw new TasksException(); } if (CTasksTools::IsAdmin($userId) || CTasksTools::IsPortalB24Admin($userId) || $userId == $taskCreatedBy) { return true; } elseif ($taskGroupId > 0 && CModule::IncludeModule('socialnetwork')) { return (bool) CSocNetFeaturesPerms::CanPerformOperation($userId, SONET_ENTITY_GROUP, $taskGroupId, "tasks", "edit_tasks"); } return false; }
protected static function getRuntimeFieldMixinsCheckRights($parameters) { $result = false; $parameters['USER_ID'] = Assert::expectIntegerPositive($parameters['USER_ID'], '$parameters[USER_ID]'); $rf = $parameters['REF_FIELD']; if (!\CTasksTools::IsAdmin($userId) && !\CTasksTools::IsPortalB24Admin($userId)) { list($conditions, $expression) = \CTasks::getPermissionFilterConditions($parameters, array('USE_PLACEHOLDERS' => true)); $conditions = "(case when (" . implode(' OR ', $conditions) . ") then '1' else '0' end)"; array_unshift($expression, $conditions); $query = new \Bitrix\Main\Entity\Query('Bitrix\\Tasks\\Task'); $query->registerRuntimeField('F', array('data_type' => 'string', 'expression' => $expression)); $query->setFilter(array('=F' => '1')); $query->setSelect(array('TASK_ID' => 'ID')); $result = new Entity\ReferenceField($parameters['NAME'], \Bitrix\Main\Entity\Base::getInstanceByQuery($query), array('=this.' . ((string) $rf != '' ? $rf : 'ID') => 'ref.TASK_ID'), array('join_type' => 'inner')); } return $result; }