public function canRead($userId)
{
if (!Loader::includeModule("iblock")) {
return false;
}
$elementId = $this->entityId;
$elementQuery = \CIBlockElement::getList(array(), array('ID' => $elementId), false, false, array('IBLOCK_ID'));
$element = $elementQuery->fetch();
if (!$element['IBLOCK_ID']) {
return false;
}
return \CIBlockElementRights::userHasRightTo($element['IBLOCK_ID'], $elementId, "element_read");
}
public function canRead($userId)
{
if (!Loader::includeModule("lists")) {
return false;
}
$elementId = $this->entityId;
$elementQuery = \CIBlockElement::getList(array(), array('ID' => $elementId), false, false, array('IBLOCK_TYPE_ID', 'IBLOCK_ID'));
$element = $elementQuery->fetch();
$listPerm = \CListPermissions::checkAccess($this->getUser(), $element['IBLOCK_TYPE_ID'], $element['IBLOCK_ID']);
if ($listPerm < 0) {
return false;
} elseif ($listPerm < \CListPermissions::CAN_READ && !\CIBlockElementRights::userHasRightTo($element['IBLOCK_ID'], $elementId, "element_read")) {
return false;
} else {
return true;
}
}
protected function terminateWorkflow($workflowId, $elementId)
{
$this->checkPermission();
if (!CBPDocument::canUserOperateDocument(CBPCanUserOperateOperation::StartWorkflow, $this->getUser(), BizProcDocument::getDocumentComplexId($this->iblockTypeId, $elementId), array("DocumentStates" => $this->documentStates))) {
$this->errorCollection->add(array(new Error(Loc::getMessage('LISTS_LAC_ACCESS_DENIED'))));
}
if ($this->errorCollection->hasErrors()) {
$this->sendJsonErrorResponse();
}
if (CIBlockElementRights::userHasRightTo($this->iblockId, $elementId, "element_rights_edit")) {
$errors = array();
CBPDocument::terminateWorkflow($workflowId, BizProcDocument::getDocumentComplexId($this->iblockTypeId, $elementId), $errors);
foreach ($errors as $error) {
$this->errorCollection->add(array(new Error($error["message"])));
}
} else {
$this->errorCollection->add(array(new Error(Loc::getMessage('LISTS_LAC_ACCESS_DENIED'))));
}
if ($this->errorCollection->hasErrors()) {
$this->sendJsonErrorResponse();
}
}
function CanUserOperateDocument($operation, $userId, $documentId, $parameters = array())
{
$documentId = trim($documentId);
if (strlen($documentId) <= 0) {
return false;
}
if (!array_key_exists("IBlockId", $parameters) && (!array_key_exists("IBlockPermission", $parameters) || !array_key_exists("DocumentStates", $parameters) || !array_key_exists("IBlockRightsMode", $parameters) || array_key_exists("IBlockRightsMode", $parameters) && $parameters["IBlockRightsMode"] === "E") || !array_key_exists("CreatedBy", $parameters) && !array_key_exists("AllUserGroups", $parameters)) {
$elementListQuery = CIBlockElement::getList(array(), array("ID" => $documentId, "SHOW_NEW" => "Y", "SHOW_HISTORY" => "Y"), false, false, array("ID", "IBLOCK_ID", "CREATED_BY"));
$elements = $elementListQuery->fetch();
if (!$elements) {
return false;
}
$parameters["IBlockId"] = $elements["IBLOCK_ID"];
$parameters["CreatedBy"] = $elements["CREATED_BY"];
}
if (!array_key_exists("IBlockRightsMode", $parameters)) {
$parameters["IBlockRightsMode"] = CIBlock::getArrayByID($parameters["IBlockId"], "RIGHTS_MODE");
}
if ($parameters["IBlockRightsMode"] === "E") {
if ($operation === CBPCanUserOperateOperation::ReadDocument) {
return CIBlockElementRights::userHasRightTo($parameters["IBlockId"], $documentId, "element_read");
} elseif ($operation === CBPCanUserOperateOperation::WriteDocument) {
return CIBlockElementRights::userHasRightTo($parameters["IBlockId"], $documentId, "element_edit");
} elseif ($operation === CBPCanUserOperateOperation::StartWorkflow || $operation === CBPCanUserOperateOperation::ViewWorkflow) {
if (CIBlockElementRights::userHasRightTo($parameters["IBlockId"], $documentId, "element_edit")) {
return true;
}
if (!array_key_exists("WorkflowId", $parameters)) {
return false;
}
if (!CIBlockElementRights::userHasRightTo($parameters["IBlockId"], $documentId, "element_read")) {
return false;
}
$userId = intval($userId);
if (!array_key_exists("AllUserGroups", $parameters)) {
if (!array_key_exists("UserGroups", $parameters)) {
$parameters["UserGroups"] = CUser::getUserGroup($userId);
}
$parameters["AllUserGroups"] = $parameters["UserGroups"];
if ($userId == $parameters["CreatedBy"]) {
$parameters["AllUserGroups"][] = "Author";
}
}
if (!array_key_exists("DocumentStates", $parameters)) {
if ($operation === CBPCanUserOperateOperation::StartWorkflow) {
$parameters["DocumentStates"] = CBPWorkflowTemplateLoader::getDocumentTypeStates(array('lists', get_called_class(), self::generateDocumentType($parameters["IBlockId"])));
} else {
$parameters["DocumentStates"] = CBPDocument::getDocumentStates(array('lists', get_called_class(), self::generateDocumentType($parameters["IBlockId"])), array('lists', get_called_class(), $documentId));
}
}
if (array_key_exists($parameters["WorkflowId"], $parameters["DocumentStates"])) {
$parameters["DocumentStates"] = array($parameters["WorkflowId"] => $parameters["DocumentStates"][$parameters["WorkflowId"]]);
} else {
return false;
}
$allowableOperations = CBPDocument::getAllowableOperations($userId, $parameters["AllUserGroups"], $parameters["DocumentStates"], true);
if (!is_array($allowableOperations)) {
return false;
}
if ($operation === CBPCanUserOperateOperation::ViewWorkflow && in_array("read", $allowableOperations) || $operation === CBPCanUserOperateOperation::StartWorkflow && in_array("write", $allowableOperations)) {
return true;
}
$chop = $operation === CBPCanUserOperateOperation::ViewWorkflow ? "element_read" : "element_edit";
$tasks = self::getRightsTasks();
foreach ($allowableOperations as $op) {
if (isset($tasks[$op])) {
$op = $tasks[$op]['ID'];
}
$ar = CTask::getOperations($op, true);
if (in_array($chop, $ar)) {
return true;
}
}
} elseif ($operation === CBPCanUserOperateOperation::CreateWorkflow) {
return CBPDocument::canUserOperateDocumentType(CBPCanUserOperateOperation::CreateWorkflow, $userId, array('lists', get_called_class(), $documentId), $parameters);
}
return false;
}
if (!array_key_exists("IBlockPermission", $parameters)) {
if (CModule::includeModule('lists')) {
$parameters["IBlockPermission"] = CLists::getIBlockPermission($parameters["IBlockId"], $userId);
} else {
$parameters["IBlockPermission"] = CIBlock::getPermission($parameters["IBlockId"], $userId);
}
}
if ($parameters["IBlockPermission"] <= "R") {
return false;
} elseif ($parameters["IBlockPermission"] >= "W") {
return true;
}
$userId = intval($userId);
if (!array_key_exists("AllUserGroups", $parameters)) {
if (!array_key_exists("UserGroups", $parameters)) {
$parameters["UserGroups"] = CUser::getUserGroup($userId);
}
$parameters["AllUserGroups"] = $parameters["UserGroups"];
if ($userId == $parameters["CreatedBy"]) {
$parameters["AllUserGroups"][] = "Author";
}
}
if (!array_key_exists("DocumentStates", $parameters)) {
$parameters["DocumentStates"] = CBPDocument::getDocumentStates(array("lists", get_called_class(), "iblock_" . $parameters["IBlockId"]), array('lists', get_called_class(), $documentId));
}
if (array_key_exists("WorkflowId", $parameters)) {
if (array_key_exists($parameters["WorkflowId"], $parameters["DocumentStates"])) {
$parameters["DocumentStates"] = array($parameters["WorkflowId"] => $parameters["DocumentStates"][$parameters["WorkflowId"]]);
} else {
return false;
}
}
$allowableOperations = CBPDocument::getAllowableOperations($userId, $parameters["AllUserGroups"], $parameters["DocumentStates"]);
if (!is_array($allowableOperations)) {
return false;
}
$r = false;
switch ($operation) {
case CBPCanUserOperateOperation::ViewWorkflow:
$r = in_array("read", $allowableOperations);
break;
case CBPCanUserOperateOperation::StartWorkflow:
$r = in_array("write", $allowableOperations);
break;
case CBPCanUserOperateOperation::CreateWorkflow:
$r = false;
break;
case CBPCanUserOperateOperation::WriteDocument:
$r = in_array("write", $allowableOperations);
break;
case CBPCanUserOperateOperation::ReadDocument:
$r = in_array("read", $allowableOperations) || in_array("write", $allowableOperations);
break;
default:
$r = false;
}
return $r;
}
