コード例 #1
0
ファイル: file_proxy.php プロジェクト: DarneoStudio/bitrix
 public static function WriteDiskFileToResponse($ownerTypeID, $ownerID, $fileID, &$errors, $options = array())
 {
     $ownerTypeID = (int) $ownerTypeID;
     $ownerTypeName = CCrmOwnerType::ResolveName($ownerTypeID);
     $ownerID = (int) $ownerID;
     $fileID = (int) $fileID;
     $options = is_array($options) ? $options : array();
     if (!CCrmOwnerType::IsDefined($ownerTypeID) || $ownerID <= 0 || $fileID <= 0) {
         $errors[] = 'Invalid data ownerTypeID = ' . $ownerTypeID . ', ownerID = ' . $ownerID . ', fileID = ' . $fileID;
         return false;
     }
     if ($ownerTypeID !== CCrmOwnerType::Activity) {
         $errors[] = "The owner type '{$ownerTypeName}' is not supported in current context";
         return false;
     }
     $authToken = isset($options['oauth_token']) ? $options['oauth_token'] : '';
     if ($authToken !== '') {
         $authData = array();
         if (!(CModule::IncludeModule('rest') && CRestUtil::checkAuth($authToken, CCrmRestService::SCOPE_NAME, $authData) && CRestUtil::makeAuth($authData))) {
             $errors[] = 'Access denied.';
             return false;
         }
     }
     if (!CCrmActivity::CheckStorageElementExists($ownerID, CCrmActivityStorageType::Disk, $fileID)) {
         $errors[] = 'File not found';
         return false;
     }
     $isPermitted = false;
     if (CCrmPerms::IsAdmin()) {
         $isPermitted = true;
     } else {
         $userPermissions = CCrmPerms::GetCurrentUserPermissions();
         $bindings = CCrmActivity::GetBindings($ownerID);
         foreach ($bindings as $binding) {
             if (CCrmAuthorizationHelper::CheckReadPermission($binding['OWNER_TYPE_ID'], $binding['OWNER_ID'], $userPermissions)) {
                 $isPermitted = true;
                 break;
             }
         }
     }
     if (!$isPermitted) {
         $errors[] = 'Access denied.';
         return false;
     }
     Bitrix\Crm\Integration\DiskManager::writeFileToResponse($fileID);
     return true;
 }