function GetSocNetPostPerms($postId = 0, $bNeedFull = false, $userId = false) { if (!$userId) { $userId = IntVal($GLOBALS["USER"]->GetID()); $bByUserId = false; } else { $userId = IntVal($userId); $bByUserId = true; } $postId = IntVal($postId); if ($postId <= 0) { return false; } $perms = BLOG_PERMS_DENY; $arAvailPerms = array_keys($GLOBALS["AR_BLOG_PERMS"]); if (!$bByUserId) { $blogModulePermissions = $GLOBALS["APPLICATION"]->GetGroupRight("blog"); if ($blogModulePermissions >= "W" || CSocNetUser::IsCurrentUserModuleAdmin()) { $perms = $arAvailPerms[count($arAvailPerms) - 1]; } } else { if (CSocNetUser::IsUserModuleAdmin($userId)) { $perms = $arAvailPerms[count($arAvailPerms) - 1]; } } $arPost = CBlogPost::GetByID($postId); if ($arPost["AUTHOR_ID"] == $userId) { $perms = BLOG_PERMS_FULL; } if ($perms <= BLOG_PERMS_DENY) { $arPerms = CBlogPost::GetSocNetPerms($postId); $arEntities = array(); if (isset($GLOBALS["BLOG_POST"]["UAC_CACHE_" . $userId]) && !empty($GLOBALS["BLOG_POST"]["UAC_CACHE_" . $userId])) { $arEntities = $GLOBALS["BLOG_POST"]["UAC_CACHE_" . $userId]; } else { $dbA = CAccess::GetUserCodes($userId); while ($arA = $dbA->Fetch()) { if ($arA["PROVIDER_ID"] == "intranet") { $arEntities["DR"][] = $arA["ACCESS_CODE"]; } elseif ($arA["PROVIDER_ID"] == "socnetgroup") { $g = substr($arA["ACCESS_CODE"], 2); $gId = IntVal($g); $gR = substr($g, strpos($g, "_") + 1); $arEntities["SG"][$gId][] = $gR; } } $GLOBALS["BLOG_POST"]["UAC_CACHE_" . $userId] = $arEntities; } foreach ($arPerms as $t => $val) { foreach ($val as $id => $p) { if ($userId > 0 && $t == "U" && $userId == $id) { $perms = BLOG_PERMS_READ; if (in_array("US" . $userId, $p)) { // if author $perms = BLOG_PERMS_FULL; } break; } if (in_array("G2", $p)) { $perms = BLOG_PERMS_READ; break; } if ($userId > 0 && in_array("AU", $p)) { $perms = BLOG_PERMS_READ; break; } if ($t == "SG") { if (!empty($arEntities["SG"][$id])) { foreach ($arEntities["SG"][$id] as $gr) { if (in_array("SG" . $id . "_" . $gr, $p)) { $perms = BLOG_PERMS_READ; break; } } } } if ($t == "DR") { if (in_array("DR" . $id, $arEntities["DR"])) { $perms = BLOG_PERMS_READ; break; } } } if ($perms > BLOG_PERMS_DENY) { break; } } if ($bNeedFull && $perms <= BLOG_PERMS_FULL) { $arGroupsId = array(); if (!empty($arPerms["SG"])) { foreach ($arPerms["SG"] as $gid => $val) { if (!empty($arEntities["SG"][$gid])) { $arGroupsId[] = $gid; } } } $operation = array("full_post", "moderate_post", "write_post", "premoderate_post"); if (!empty($arGroupsId)) { foreach ($operation as $v) { if ($perms <= BLOG_PERMS_READ) { $f = CSocNetFeaturesPerms::GetOperationPerm(SONET_ENTITY_GROUP, $arGroupsId, "blog", $v); if (!empty($f)) { foreach ($f as $gid => $val) { if (in_array($val, $arEntities["SG"][$gid])) { switch ($v) { case "full_post": $perms = BLOG_PERMS_FULL; break; case "moderate_post": $perms = BLOG_PERMS_MODERATE; break; case "write_post": $perms = BLOG_PERMS_WRITE; break; case "premoderate_post": $perms = BLOG_PERMS_PREMODERATE; break; } } } } } } } } } return $perms; }
} else { $arResult["ERROR_MESSAGE"] .= GetMessage("BLOG_BLOG_BLOG_MES_HIDE_ERROR") . '<br />'; } } else { $arResult["ERROR_MESSAGE"] .= GetMessage("BLOG_BLOG_BLOG_MES_HIDE_NO_RIGHTS") . '<br />'; } } else { $arResult["ERROR_MESSAGE"] .= GetMessage("BLOG_BLOG_SESSID_WRONG") . '<br />'; } } if ($arResult["PostPerm"] > BLOG_PERMS_DENY) { /* share */ if ($_SERVER["REQUEST_METHOD"] == "POST" && $_POST["act"] == "share" && check_bitrix_sessid() && $USER->IsAuthorized()) { $APPLICATION->RestartBuffer(); $spermNew = $_POST["SPERM"]; $spermOld = CBlogPost::GetSocNetPerms($arParams["ID"]); $perms2update = array(); $arNewRights = array(); foreach ($spermOld as $type => $val) { foreach ($val as $id => $values) { if ($type != "U") { $perms2update[] = $type . $id; } else { if (in_array("US" . $id, $values)) { $perms2update[] = "UA"; } else { $perms2update[] = $type . $id; } } } }
function GetSocNetUserPerms($postId = 0, $authorId = 0) { global $APPLICATION, $USER, $AR_BLOG_PERMS; $userId = IntVal($USER->GetID()); $postId = IntVal($postId); $authorId = IntVal($authorId); if ($postId <= 0) { return false; } $perms = BLOG_PERMS_DENY; $blogModulePermissions = $APPLICATION->GetGroupRight("blog"); if ($authorId > 0 && $userId == $authorId) { $perms = BLOG_PERMS_FULL; } elseif ($blogModulePermissions >= "W" || CSocNetUser::IsCurrentUserModuleAdmin()) { end($AR_BLOG_PERMS); $perms = key($AR_BLOG_PERMS); reset($AR_BLOG_PERMS); } if ($perms <= BLOG_PERMS_DENY) { $arPerms = CBlogPost::GetSocNetPerms($postId); $arEntities = array(); if (!empty(CBlogPost::$arUACCache[$userId])) { $arEntities = CBlogPost::$arUACCache[$userId]; } else { $arCodes = CAccess::GetUserCodesArray($userId); foreach ($arCodes as $code) { if (preg_match('/^DR([0-9]+)/', $code, $match) || preg_match('/^D([0-9]+)/', $code, $match) || preg_match('/^IU([0-9]+)/', $code, $match)) { $arEntities["DR"][$code] = $code; } elseif (preg_match('/^SG([0-9]+)_([A-Z])/', $code, $match)) { $arEntities["SG"][$match[1]][$match[2]] = $match[2]; } } CBlogPost::$arUACCache[$userId] = $arEntities; } if (!empty($arEntities["DR"]) && !empty($arPerms["DR"])) { foreach ($arPerms["DR"] as $id => $val) { if (isset($arEntities["DR"]["DR" . $id])) { $perms = BLOG_PERMS_READ; break; } } } if (!empty($arPerms["U"][$userId]) && in_array("US" . $userId, $arPerms["U"][$userId]) || $authorId > 0 && $userId == $authorId) { // if author $perms = BLOG_PERMS_FULL; } else { if ($authorId <= 0) { foreach ($arPerms["U"] as $id => $p) { if (in_array("US" . $id, $p)) { $authorId = $id; break; } } } if (!empty($arPerms["U"][$userId]) || !empty($arPerms["U"][$authorId]) && in_array("US" . $authorId, $arPerms["U"][$authorId]) || $perms == BLOG_PERMS_READ) { if (CSocNetFeaturesPerms::CanPerformOperation($userId, SONET_ENTITY_USER, $authorId, "blog", "write_comment")) { $perms = BLOG_PERMS_WRITE; } elseif (CSocNetFeaturesPerms::CanPerformOperation($userId, SONET_ENTITY_USER, $authorId, "blog", "premoderate_comment")) { $perms = BLOG_PERMS_PREMODERATE; } elseif (CSocNetFeaturesPerms::CanPerformOperation($userId, SONET_ENTITY_USER, $authorId, "blog", "view_comment")) { $perms = BLOG_PERMS_READ; } } } if ($perms <= BLOG_PERMS_FULL) { $arGroupsId = array(); if (!empty($arPerms["SG"])) { foreach ($arPerms["SG"] as $gid => $val) { //if(!empty($arEntities["SG"][$gid])) $arGroupsId[] = $gid; } $operation = array("full_comment", "moderate_comment", "write_comment", "premoderate_comment"); if ($perms < BLOG_PERMS_READ) { $operation[] = "view_comment"; } } if (!empty($arGroupsId)) { foreach ($operation as $v) { if ($perms <= BLOG_PERMS_READ) { $f = CSocNetFeaturesPerms::GetOperationPerm(SONET_ENTITY_GROUP, $arGroupsId, "blog", $v); if (!empty($f)) { foreach ($f as $gid => $val) { if (!empty($arEntities["SG"][$gid]) && in_array($val, $arEntities["SG"][$gid]) || $val == SONET_ROLES_ALL || $userId > 0 && $val == SONET_ROLES_AUTHORIZED) { switch ($v) { case "full_comment": $perms = BLOG_PERMS_FULL; break; case "moderate_comment": $perms = BLOG_PERMS_MODERATE; break; case "write_comment": $perms = BLOG_PERMS_WRITE; break; case "premoderate_comment": $perms = BLOG_PERMS_PREMODERATE; break; case "view_comment": $perms = BLOG_PERMS_READ; break; } } } } } } } } } return $perms; }
public static function GetSocNetUserPerms($postId = 0, $authorId = 0) { global $APPLICATION, $USER, $AR_BLOG_PERMS, $BLOG_POST; $userId = IntVal($USER->GetID()); $postId = IntVal($postId); $authorId = IntVal($authorId); if($postId <= 0) return false; $perms = BLOG_PERMS_DENY; $blogModulePermissions = $APPLICATION->GetGroupRight("blog"); if($authorId > 0 && $userId == $authorId) $perms = BLOG_PERMS_FULL; elseif ($blogModulePermissions >= "W" || CSocNetUser::IsCurrentUserModuleAdmin()) { end($AR_BLOG_PERMS); $perms = key($AR_BLOG_PERMS); reset($AR_BLOG_PERMS); } if($perms <= BLOG_PERMS_DENY) { $arPerms = CBlogPost::GetSocNetPerms($postId); $arEntities = Array(); if (isset($BLOG_POST["UAC_CACHE_".$userId]) && !empty($BLOG_POST["UAC_CACHE_".$userId])) { $arEntities = $BLOG_POST["UAC_CACHE_".$userId]; } else { $dbA = CAccess::GetUserCodes($userId); while($arA = $dbA->Fetch()) { if($arA["PROVIDER_ID"] == "intranet") { $arEntities["DR"][$arA["ACCESS_CODE"]] = $arA["ACCESS_CODE"]; } elseif($arA["PROVIDER_ID"] == "socnetgroup") { $g = substr($arA["ACCESS_CODE"], 2); $gId = IntVal($g); $gR = substr($g, strpos($g, "_")+1); $arEntities["SG"][$gId][$gR] = $gR; } } $BLOG_POST["UAC_CACHE_".$userId] = $arEntities; } if(!empty($arEntities["DR"]) && !empty($arPerms["DR"])) { foreach($arPerms["DR"] as $id => $val) { if(isset($arEntities["DR"]["DR".$id])) { $perms = BLOG_PERMS_READ; break; } } } if((!empty($arPerms["U"][$userId]) && in_array("US".$userId, $arPerms["U"][$userId])) || ($authorId >0 && $userId == $authorId)) // if author $perms = BLOG_PERMS_FULL; else { if($authorId <= 0) { foreach($arPerms["U"] as $id => $p) { if(in_array("US".$id, $p)) { $authorId = $id; break; } } } if(!empty($arPerms["U"][$userId]) || (!empty($arPerms["U"][$authorId]) && in_array("US".$authorId, $arPerms["U"][$authorId])) || $perms == BLOG_PERMS_READ) { if (CSocNetFeaturesPerms::CanPerformOperation($userId, SONET_ENTITY_USER, $authorId, "blog", "write_comment")) $perms = BLOG_PERMS_WRITE; elseif (CSocNetFeaturesPerms::CanPerformOperation($userId, SONET_ENTITY_USER, $authorId, "blog", "premoderate_comment")) $perms = BLOG_PERMS_PREMODERATE; elseif (CSocNetFeaturesPerms::CanPerformOperation($userId, SONET_ENTITY_USER, $authorId, "blog", "view_comment")) $perms = BLOG_PERMS_READ; } } if($perms <= BLOG_PERMS_FULL) { $arGroupsId = Array(); if(!empty($arPerms["SG"])) { foreach($arPerms["SG"] as $gid => $val) { //if(!empty($arEntities["SG"][$gid])) $arGroupsId[] = $gid; } $operation = Array("full_comment", "moderate_comment", "write_comment", "premoderate_comment"); if($perms < BLOG_PERMS_READ) $operation[] = "view_comment"; } if(!empty($arGroupsId)) { foreach($operation as $v) { if($perms <= BLOG_PERMS_READ) { $f = CSocNetFeaturesPerms::GetOperationPerm(SONET_ENTITY_GROUP, $arGroupsId, "blog", $v); if(!empty($f)) { foreach($f as $gid => $val) { if((!empty($arEntities["SG"][$gid]) && in_array($val, $arEntities["SG"][$gid])) || $val == SONET_ROLES_ALL || ($userId > 0 && $val == SONET_ROLES_AUTHORIZED)) { switch($v) { case "full_comment": $perms = BLOG_PERMS_FULL; break; case "moderate_comment": $perms = BLOG_PERMS_MODERATE; break; case "write_comment": $perms = BLOG_PERMS_WRITE; break; case "premoderate_comment": $perms = BLOG_PERMS_PREMODERATE; break; case "view_comment": $perms = BLOG_PERMS_READ; break; } } } } } } } } } return $perms; }
function GetSocNetPostPerms($postId = 0, $bNeedFull = false, $userId = false, $postAuthor = 0) { if (!$userId) { $userId = IntVal($GLOBALS["USER"]->GetID()); $bByUserId = false; } else { $userId = IntVal($userId); $bByUserId = true; } $postId = IntVal($postId); if ($postId <= 0) { return false; } $cId = md5(serialize(func_get_args())); if (isset($GLOBALS["BLOG_BP_SOCNETPOSTPERMS"]) && !empty($GLOBALS["BLOG_BP_SOCNETPOSTPERMS"][$cId])) { return $GLOBALS["BLOG_BP_SOCNETPOSTPERMS"][$cId]; } if (!CModule::IncludeModule("socialnetwork")) { return false; } $perms = BLOG_PERMS_DENY; $arAvailPerms = array_keys($GLOBALS["AR_BLOG_PERMS"]); if (!$bByUserId) { $blogModulePermissions = $GLOBALS["APPLICATION"]->GetGroupRight("blog"); if ($blogModulePermissions >= "W" || CSocNetUser::IsCurrentUserModuleAdmin()) { $perms = $arAvailPerms[count($arAvailPerms) - 1]; } } else { if (CSocNetUser::IsUserModuleAdmin($userId)) { $perms = $arAvailPerms[count($arAvailPerms) - 1]; } } if (IntVal($postAuthor) <= 0) { $dbPost = CBlogPost::GetList(array(), array("ID" => $postId), false, false, array("ID", "AUTHOR_ID")); $arPost = $dbPost->Fetch(); } else { $arPost["AUTHOR_ID"] = $postAuthor; } if ($arPost["AUTHOR_ID"] == $userId) { $perms = BLOG_PERMS_FULL; } if ($perms <= BLOG_PERMS_DENY) { $arPerms = CBlogPost::GetSocNetPerms($postId); $arEntities = array(); if (isset($GLOBALS["BLOG_POST"]["UAC_CACHE_" . $userId]) && !empty($GLOBALS["BLOG_POST"]["UAC_CACHE_" . $userId])) { $arEntities = $GLOBALS["BLOG_POST"]["UAC_CACHE_" . $userId]; } else { $arCodes = CAccess::GetUserCodesArray($userId); foreach ($arCodes as $code) { if (preg_match('/^DR([0-9]+)/', $code, $match) || preg_match('/^D([0-9]+)/', $code, $match) || preg_match('/^IU([0-9]+)/', $code, $match)) { $arEntities["DR"][$code] = $code; } elseif (preg_match('/^SG([0-9]+)_([A-Z])/', $code, $match)) { $arEntities["SG"][$match[1]][$match[2]] = $match[2]; } } $GLOBALS["BLOG_POST"]["UAC_CACHE_" . $userId] = $arEntities; } foreach ($arPerms as $t => $val) { foreach ($val as $id => $p) { if (!is_array($p)) { $p = array(); } if ($userId > 0 && $t == "U" && $userId == $id) { $perms = BLOG_PERMS_READ; if (in_array("US" . $userId, $p)) { // if author $perms = BLOG_PERMS_FULL; } break; } if (in_array("G2", $p)) { $perms = BLOG_PERMS_READ; break; } if ($userId > 0 && in_array("AU", $p)) { $perms = BLOG_PERMS_READ; break; } if ($t == "SG") { if (!empty($arEntities["SG"][$id])) { foreach ($arEntities["SG"][$id] as $gr) { if (in_array("SG" . $id . "_" . $gr, $p)) { $perms = BLOG_PERMS_READ; break; } } } } if ($t == "DR" && !empty($arEntities["DR"])) { if (in_array("DR" . $id, $arEntities["DR"])) { $perms = BLOG_PERMS_READ; break; } } } if ($perms > BLOG_PERMS_DENY) { break; } } if ($bNeedFull && $perms <= BLOG_PERMS_FULL) { $arGroupsId = array(); if (!empty($arPerms["SG"])) { foreach ($arPerms["SG"] as $gid => $val) { if (!empty($arEntities["SG"][$gid])) { $arGroupsId[] = $gid; } } } $operation = array("full_post", "moderate_post", "write_post", "premoderate_post"); if (!empty($arGroupsId)) { foreach ($operation as $v) { if ($perms <= BLOG_PERMS_READ) { $f = CSocNetFeaturesPerms::GetOperationPerm(SONET_ENTITY_GROUP, $arGroupsId, "blog", $v); if (!empty($f)) { foreach ($f as $gid => $val) { if (in_array($val, $arEntities["SG"][$gid])) { switch ($v) { case "full_post": $perms = BLOG_PERMS_FULL; break; case "moderate_post": $perms = BLOG_PERMS_MODERATE; break; case "write_post": $perms = BLOG_PERMS_WRITE; break; case "premoderate_post": $perms = BLOG_PERMS_PREMODERATE; break; } } } } } } } } } $GLOBALS["BLOG_BP_SOCNETPOSTPERMS"][$cId] = $perms; return $perms; }