public function __construct($arFilter) { $loggedUserId = false; // Skip checking permissions? if (isset($arFilter['CHECK_PERMISSIONS']) && $arFilter['CHECK_PERMISSIONS'] === 'N') { return; } // Determine requested operations $this->requestedOperations = self::ParseRequestedOperations($arFilter); // Determine logged in user global $USER; if (is_object($USER) && method_exists($USER, 'GetID')) { $loggedUserId = (int) $USER->GetID(); } $this->requestedUserId = self::DetermineRequestedUserId($arFilter, $loggedUserId); // If user_id === current logged user_id, and he is admin => skip checking permissions if ($this->requestedUserId === $loggedUserId && $USER->IsAdmin()) { return; } // skip checking permissions $this->oAccess = CLearnAccess::GetInstance($this->requestedUserId); // If base (shared) user rights covers requested operations => nothing to check. if ($this->oAccess->IsBaseAccess($this->requestedOperations)) { return; } // skip checking permissions // Checking of permissions must be. $this->bCheckPerm = true; }
public function CheckFields(&$arFields, $ID = false) { global $DB, $USER; $arMsg = array(); if ((is_set($arFields, "NAME") || $ID === false) && strlen(trim($arFields["NAME"])) <= 0) { $arMsg[] = array("id" => "NAME", "text" => GetMessage("LEARNING_BAD_NAME")); } if (is_set($arFields, "FILE_ID")) { $error = CFile::CheckImageFile($arFields["FILE_ID"]); if (strlen($error) > 0) { $arMsg[] = array("id" => "FILE_ID", "text" => $error); } } if (strlen($this->LAST_ERROR) <= 0) { if ($ID === false && !is_set($arFields, "LESSON_ID") || is_set($arFields, "LESSON_ID") && intval($arFields["LESSON_ID"]) < 1) { $arMsg[] = array("id" => "LESSON_ID", "text" => GetMessage("LEARNING_BAD_LESSON_ID")); } elseif (is_set($arFields, "LESSON_ID")) { $res = CLearnLesson::GetByID($arFields["LESSON_ID"]); if ($arRes = $res->Fetch()) { $oAccess = CLearnAccess::GetInstance($USER->GetID()); $bAccessLessonModify = $oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_WRITE) || $oAccess->IsLessonAccessible($arFields["LESSON_ID"], CLearnAccess::OP_LESSON_WRITE); if (!$bAccessLessonModify) { $arMsg[] = array("id" => "LESSON_ID", "text" => GetMessage("LEARNING_BAD_LESSON_ID_EX")); } } else { $arMsg[] = array("id" => "LESSON_ID", "text" => GetMessage("LEARNING_BAD_LESSON_ID_EX")); } } } if (!empty($arMsg)) { $e = new CAdminException($arMsg); $GLOBALS["APPLICATION"]->ThrowException($e); return false; } if (is_set($arFields, "QUESTION_TYPE") && !in_array($arFields["QUESTION_TYPE"], array("S", "M", "T", "R"))) { $arFields["QUESTION_TYPE"] = "S"; } if (is_set($arFields, "DESCRIPTION_TYPE") && $arFields["DESCRIPTION_TYPE"] != "html") { $arFields["DESCRIPTION_TYPE"] = "text"; } if (is_set($arFields, "DIRECTION") && $arFields["DIRECTION"] != "H") { $arFields["DIRECTION"] = "V"; } if (is_set($arFields, "SELF") && $arFields["SELF"] != "Y") { $arFields["SELF"] = "N"; } if (is_set($arFields, "ACTIVE") && $arFields["ACTIVE"] != "Y") { $arFields["ACTIVE"] = "N"; } if (is_set($arFields, "EMAIL_ANSWER") && $arFields["EMAIL_ANSWER"] != "Y") { $arFields["EMAIL_ANSWER"] = "N"; } if (is_set($arFields, "CORRECT_REQUIRED") && $arFields["CORRECT_REQUIRED"] != "Y") { $arFields["CORRECT_REQUIRED"] = "N"; } return true; }
public static function RenderLessonRightsTab($userId, $POSTName = 'LESSON_RIGHTS', $lessonId, $readOnly) { $oAccess = CLearnAccess::GetInstance($userId); $arPossibleRights = $oAccess->ListAllPossibleRights(); $arBaseRights = $oAccess->GetBasePermissions(); // is it base permissions request? if ($lessonId === false) { $arActualRights = $arBaseRights; } elseif ($lessonId == 0) { // is new lesson? $arActualRights = array(); } else { $arActualRights = $oAccess->GetLessonPermissions($lessonId); } CLearnRenderRightsEdit::LearningShowRights($lessonId, $POSTName, $arBaseRights, $arPossibleRights, $arActualRights, array(), array(), $readOnly); }
if ($arQuestionData) { $LESSON_ID = $arQuestionData['LESSON_ID']; if (isset($_POST['LESSON_ID']) && $_POST['LESSON_ID'] >= 1 && $_POST['LESSON_ID'] != $LESSON_ID) { $NEW_LESSON_ID = (int) $_POST['LESSON_ID']; } } } if ($LESSON_ID === false) { require $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/prolog_admin_after.php"; CAdminMessage::ShowMessage(GetMessage('LEARNING_BAD_LESSON')); require $_SERVER['DOCUMENT_ROOT'] . '/bitrix/modules/main/include/epilog_admin.php'; exit; } $uriParentLessonPath = $oPath->ExportUrlencoded(); unset($lessonPath); $oAccess = CLearnAccess::GetInstance($USER->GetID()); if ($oAccess->IsLessonAccessible($LESSON_ID, CLearnAccess::OP_LESSON_WRITE)) { $bBadCourse = false; } else { $bBadCourse = true; } if ($NEW_LESSON_ID !== false) { if ($oAccess->IsLessonAccessible($NEW_LESSON_ID, CLearnAccess::OP_LESSON_WRITE)) { $bBadCourse = false; } else { $bBadCourse = true; } } $aTabs = array(array("DIV" => "edit1", "TAB" => GetMessage("LEARNING_ADMIN_TAB1"), "ICON" => "main_user_edit", "TITLE" => GetMessage("LEARNING_ADMIN_TAB1_EX")), array("DIV" => "edit2", "TAB" => GetMessage("LEARNING_ADMIN_TAB2"), "ICON" => "main_user_edit", "TITLE" => GetMessage("LEARNING_ADMIN_TAB2_EX")), array("DIV" => "edit3", "TAB" => GetMessage("LEARNING_ADMIN_TAB3"), "ICON" => "main_user_edit", "TITLE" => GetMessage("LEARNING_ADMIN_TAB3_EX"))); $aTabs[] = $USER_FIELD_MANAGER->EditFormTab('LEARNING_QUESTIONS'); $tabControl = new CAdminForm("questionTabControl", $aTabs);
public static final function Delete($lesson_id) { global $USER_FIELD_MANAGER; list($lesson_id, $simulate, $check_permissions, $user_id) = self::_funcDelete_ParseOptions($lesson_id); if ($check_permissions) { $oAccess = CLearnAccess::GetInstance($user_id); if (!$oAccess->IsLessonAccessible($lesson_id, CLearnAccess::OP_LESSON_REMOVE)) { throw new LearnException('EA_ACCESS_DENIED', LearnException::EXC_ERR_ALL_ACCESS_DENIED); } } // Parents and childs of the lesson $arNeighboursEdges = self::ListImmediateNeighbours($lesson_id); // precache rights for lesson if ($check_permissions) { $IsLessonAccessibleFor_OP_LESSON_UNLINK_DESCENDANTS = $oAccess->IsLessonAccessible($lesson_id, CLearnAccess::OP_LESSON_UNLINK_DESCENDANTS); $IsLessonAccessibleFor_OP_LESSON_UNLINK_FROM_PARENTS = $oAccess->IsLessonAccessible($lesson_id, CLearnAccess::OP_LESSON_UNLINK_FROM_PARENTS); } foreach (GetModuleEvents('learning', 'OnBeforeLessonDelete', true) as $arEvent) { ExecuteModuleEventEx($arEvent, array($lesson_id)); } foreach ($arNeighboursEdges as $arEdge) { $child_lesson_id = (int) $arEdge['CHILD_LESSON']; $parent_lesson_id = (int) $arEdge['PARENT_LESSON']; if ($check_permissions) { $IsLessonAccessible = false; if ($child_lesson_id === $lesson_id) { // if we will be remove edge to parent - use precached rights for OP_LESSON_UNLINK_FROM_PARENTS $IsLessonAccessible = $IsLessonAccessibleFor_OP_LESSON_UNLINK_FROM_PARENTS && $oAccess->IsLessonAccessible($parent_lesson_id, CLearnAccess::OP_LESSON_UNLINK_DESCENDANTS); } elseif ($parent_lesson_id === $lesson_id) { // if we will be remove edge to child - use precached rights for OP_LESSON_UNLINK_DESCENDANTS $IsLessonAccessible = $IsLessonAccessibleFor_OP_LESSON_UNLINK_DESCENDANTS && $oAccess->IsLessonAccessible($child_lesson_id, CLearnAccess::OP_LESSON_UNLINK_FROM_PARENTS); } else { throw new LearnException('EA_FATAL: $lesson_id (' . $lesson_id . ') not equal to one of: $child_lesson_id (' . $child_lesson_id . '), $parent_lesson_id (' . $parent_lesson_id . ')', LearnException::EXC_ERR_ALL_LOGIC | LearnException::EXC_ERR_ALL_GIVEUP); } if (!$IsLessonAccessible) { throw new LearnException('EA_ACCESS_DENIED', LearnException::EXC_ERR_ALL_ACCESS_DENIED); } if ($simulate === false) { self::RelationRemove($parent_lesson_id, $child_lesson_id); } } } $linkedCourseId = self::GetLinkedCourse($lesson_id); // If lesson is course, remove course if ($linkedCourseId !== false) { global $DB; if ($simulate === false) { if (!$DB->Query("DELETE FROM b_learn_course_site WHERE COURSE_ID = " . (int) $linkedCourseId, true)) { throw new LearnException('EA_SQLERROR', LearnException::EXC_ERR_ALL_GIVEUP); } $rc = self::CourseBecomeLesson($linkedCourseId); // if course cannot be converted to lesson - don't remove lesson if ($rc === false) { throw new LearnException('EA_OTHER: lesson is unremovable because linked course is in use.', LearnException::EXC_ERR_LL_UNREMOVABLE_CL); } // reload cache of LINKED_LESSON_ID -> COURSE_ID self::GetCourseToLessonMap_ReloadCache(); if (CModule::IncludeModule("search")) { CSearch::DeleteIndex("learning", false, "C" . $linkedCourseId); CSearch::DeleteIndex("learning", "C" . $linkedCourseId); } } } // And remove lesson if ($simulate === false) { global $DB; $r = $DB->Query("SELECT PREVIEW_PICTURE, DETAIL_PICTURE \n\t\t\t\tFROM b_learn_lesson \n\t\t\t\tWHERE ID = " . (int) $lesson_id, true); if ($r === false) { throw new LearnException('EA_SQLERROR', LearnException::EXC_ERR_ALL_GIVEUP); } $arRes = $r->Fetch(); if (!$arRes) { throw new LearnException('EA_SQLERROR', LearnException::EXC_ERR_ALL_GIVEUP); } CFile::Delete($arRes['PREVIEW_PICTURE']); CFile::Delete($arRes['DETAIL_PICTURE']); // Remove questions $q = CLQuestion::GetList(array(), array('LESSON_ID' => $lesson_id)); while ($arQ = $q->Fetch()) { if (!CLQuestion::Delete($arQ['ID'])) { throw new LearnException('EA_QUESTION_NOT_REMOVED', LearnException::EXC_ERR_ALL_GIVEUP); } } CLearnGraphNode::Remove($lesson_id); $USER_FIELD_MANAGER->delete('LEARNING_LESSONS', $lesson_id); CLearnCacheOfLessonTreeComponent::MarkAsDirty(); CEventLog::add(array('AUDIT_TYPE_ID' => 'LEARNING_REMOVE_ITEM', 'MODULE_ID' => 'learning', 'ITEM_ID' => 'L #' . $lesson_id, 'DESCRIPTION' => 'lesson removed')); if (CModule::IncludeModule('search')) { CSearch::DeleteIndex('learning', false, 'L' . $lesson_id); CSearch::DeleteIndex('learning', 'L' . $lesson_id); } } if ($simulate === false) { foreach (GetModuleEvents('learning', 'OnAfterLessonDelete', true) as $arEvent) { ExecuteModuleEventEx($arEvent, array($lesson_id)); } } }
/** * If user logged in - get hash for of access symbols for user. * If user isn't logged in - get hash of access symbols for not authorized users. */ public static function GetAccessSymbolsHashForSiteUser() { global $USER; $userId = $USER->GetID(); $arCodes = array(); if ($userId > 0) { $oAccess = CLearnAccess::GetInstance($userId); $arCodes = $oAccess->GetAccessCodes(); } else { $arCodes = array('G2'); } // G2 - is group included all users (not authorized too) $hash = base64_encode(serialize($arCodes)); return $hash; }
/** * <p>Возвращает право доступа к учебному курсу с идентификатором <i>courseId</i> для текущего пользователя.</p> * * * * * @param int $courseId Идентификатор курса. <br><br> До версии 12.0.0 параметр назывался COURSE_ID. * * * * @return string <p>Символ права доступа: "D" - запрещён, "R" - чтение, "W" - изменение, "X" - * полный доступ (изменение + право изменять права доступа). </p> * * * <h4>Example</h4> * <pre> * <? * $permission = CCourse::GetPermission($id); * if ($permission<"X") * return false; * ?> * </pre> * * * * <h4>See Also</h4> * <ul> <li> <a href="http://dev.1c-bitrix.ru/api_help/learning/classes/ccourse/index.php">CCourse</a>::<a * href="http://dev.1c-bitrix.ru/api_help/learning/classes/ccourse/setpermission.php">SetPermission</a> </li> <li> <a * href="http://dev.1c-bitrix.ru/api_help/learning/classes/ccourse/index.php">CCourse</a>::<a * href="http://dev.1c-bitrix.ru/api_help/learning/classes/ccourse/getgrouppermissions.php">GetGroupPermissions</a> </li> * </ul><a name="examples"></a> * * * @static * @link http://dev.1c-bitrix.ru/api_help/learning/classes/ccourse/getpermission.php * @author Bitrix */ public static function GetPermission($courseId) { global $USER; static $accessMatrix = false; $courseId = (int) $courseId; if (!($courseId > 0)) { return 'D'; } // access denied $linkedLessonId = CCourse::CourseGetLinkedLesson($courseId); if (!($linkedLessonId > 0)) { return 'D'; } // some troubles, access denied $oAccess = CLearnAccess::GetInstance($USER->GetID()); if ($accessMatrix === false) { $accessMatrix = array('X' => CLearnAccess::OP_LESSON_READ | CLearnAccess::OP_LESSON_CREATE | CLearnAccess::OP_LESSON_WRITE | CLearnAccess::OP_LESSON_REMOVE | CLearnAccess::OP_LESSON_LINK_TO_PARENTS | CLearnAccess::OP_LESSON_UNLINK_FROM_PARENTS | CLearnAccess::OP_LESSON_LINK_DESCENDANTS | CLearnAccess::OP_LESSON_UNLINK_DESCENDANTS | CLearnAccess::OP_LESSON_MANAGE_RIGHTS, 'W' => CLearnAccess::OP_LESSON_READ | CLearnAccess::OP_LESSON_CREATE | CLearnAccess::OP_LESSON_WRITE | CLearnAccess::OP_LESSON_REMOVE, 'R' => CLearnAccess::OP_LESSON_READ); } foreach ($accessMatrix as $oldAccessSymbol => $operations) { if ($oAccess->IsBaseAccess($operations) || $oAccess->IsLessonAccessible($linkedLessonId, $operations)) { return $oldAccessSymbol; } } // by default, access denied return 'D'; }
public static function CanUserEditLessonRights($arParams) { // Parse options (user_id from $arParams will be automaticaly resolved) $options = self::ParseParamsWithUser($arParams, array('lesson_id' => array('type' => 'strictly_castable_to_integer', 'mandatory' => true))); $oAccess = CLearnAccess::GetInstance($options['user_id']); $isAccessGranted = $oAccess->IsLessonAccessible($options['lesson_id'], CLearnAccess::OP_LESSON_MANAGE_RIGHTS); return $isAccessGranted; }
protected function EnsureLessonDeactivateAccess($lessonID) { global $USER; if ($USER->IsAdmin()) { return $this; } $oAccess = CLearnAccess::GetInstance($USER->GetID()); if (!$oAccess->IsLessonAccessible($lessonID, CLearnAccess::OP_LESSON_WRITE)) { throw new CLearnRenderAdminUnilessonListException('', CLearnRenderAdminUnilessonListException::C_ACCESS_DENIED); } return $this; }
public static function CanViewAdminMenu() { global $USER; if ($USER->IsAdmin()) { return true; } $oAccess = CLearnAccess::GetInstance($USER->GetID()); if ($oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_READ) && ($oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_CREATE) || $oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_WRITE) || $oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_REMOVE) || $oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_CREATE) || $oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_LINK_TO_PARENTS) || $oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_UNLINK_FROM_PARENTS) || $oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_LINK_DESCENDANTS) || $oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_UNLINK_DESCENDANTS) || $oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_MANAGE_RIGHTS))) { return true; } if ($oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_CREATE)) { return true; } $db = CCourse::GetList(array(), array("CHECK_PERMISSIONS" => "Y", "ACCESS_OPERATIONS" => CLearnAccess::OP_LESSON_CREATE | CLearnAccess::OP_LESSON_WRITE | CLearnAccess::OP_LESSON_REMOVE | CLearnAccess::OP_LESSON_LINK_TO_PARENTS | CLearnAccess::OP_LESSON_UNLINK_FROM_PARENTS | CLearnAccess::OP_LESSON_LINK_DESCENDANTS | CLearnAccess::OP_LESSON_UNLINK_DESCENDANTS | CLearnAccess::OP_LESSON_MANAGE_RIGHTS), array("nTopCount" => 1)); return $db->Fetch() !== false; }