public function __construct($arFilter) { $loggedUserId = false; // Skip checking permissions? if (isset($arFilter['CHECK_PERMISSIONS']) && $arFilter['CHECK_PERMISSIONS'] === 'N') { return; } // Determine requested operations $this->requestedOperations = self::ParseRequestedOperations($arFilter); // Determine logged in user global $USER; if (is_object($USER) && method_exists($USER, 'GetID')) { $loggedUserId = (int) $USER->GetID(); } $this->requestedUserId = self::DetermineRequestedUserId($arFilter, $loggedUserId); // If user_id === current logged user_id, and he is admin => skip checking permissions if ($this->requestedUserId === $loggedUserId && $USER->IsAdmin()) { return; } // skip checking permissions $this->oAccess = CLearnAccess::GetInstance($this->requestedUserId); // If base (shared) user rights covers requested operations => nothing to check. if ($this->oAccess->IsBaseAccess($this->requestedOperations)) { return; } // skip checking permissions // Checking of permissions must be. $this->bCheckPerm = true; }
public function CheckFields(&$arFields, $ID = false) { global $DB, $USER; $arMsg = array(); if ((is_set($arFields, "NAME") || $ID === false) && strlen(trim($arFields["NAME"])) <= 0) { $arMsg[] = array("id" => "NAME", "text" => GetMessage("LEARNING_BAD_NAME")); } if (is_set($arFields, "FILE_ID")) { $error = CFile::CheckImageFile($arFields["FILE_ID"]); if (strlen($error) > 0) { $arMsg[] = array("id" => "FILE_ID", "text" => $error); } } if (strlen($this->LAST_ERROR) <= 0) { if ($ID === false && !is_set($arFields, "LESSON_ID") || is_set($arFields, "LESSON_ID") && intval($arFields["LESSON_ID"]) < 1) { $arMsg[] = array("id" => "LESSON_ID", "text" => GetMessage("LEARNING_BAD_LESSON_ID")); } elseif (is_set($arFields, "LESSON_ID")) { $res = CLearnLesson::GetByID($arFields["LESSON_ID"]); if ($arRes = $res->Fetch()) { $oAccess = CLearnAccess::GetInstance($USER->GetID()); $bAccessLessonModify = $oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_WRITE) || $oAccess->IsLessonAccessible($arFields["LESSON_ID"], CLearnAccess::OP_LESSON_WRITE); if (!$bAccessLessonModify) { $arMsg[] = array("id" => "LESSON_ID", "text" => GetMessage("LEARNING_BAD_LESSON_ID_EX")); } } else { $arMsg[] = array("id" => "LESSON_ID", "text" => GetMessage("LEARNING_BAD_LESSON_ID_EX")); } } } if (!empty($arMsg)) { $e = new CAdminException($arMsg); $GLOBALS["APPLICATION"]->ThrowException($e); return false; } if (is_set($arFields, "QUESTION_TYPE") && !in_array($arFields["QUESTION_TYPE"], array("S", "M", "T", "R"))) { $arFields["QUESTION_TYPE"] = "S"; } if (is_set($arFields, "DESCRIPTION_TYPE") && $arFields["DESCRIPTION_TYPE"] != "html") { $arFields["DESCRIPTION_TYPE"] = "text"; } if (is_set($arFields, "DIRECTION") && $arFields["DIRECTION"] != "H") { $arFields["DIRECTION"] = "V"; } if (is_set($arFields, "SELF") && $arFields["SELF"] != "Y") { $arFields["SELF"] = "N"; } if (is_set($arFields, "ACTIVE") && $arFields["ACTIVE"] != "Y") { $arFields["ACTIVE"] = "N"; } if (is_set($arFields, "EMAIL_ANSWER") && $arFields["EMAIL_ANSWER"] != "Y") { $arFields["EMAIL_ANSWER"] = "N"; } if (is_set($arFields, "CORRECT_REQUIRED") && $arFields["CORRECT_REQUIRED"] != "Y") { $arFields["CORRECT_REQUIRED"] = "N"; } return true; }
// access denied } if (!$isAccessible) { ShowError(GetMessage('LEARNING_COURSE_DENIED')); return; exit; } } $ratingTransistor = ''; if ($arParams['CHAPTER_ID'] > 0) { $arRatingData = CRatings::GetRatingVoteResult('LEARN_LESSON', $arParams['CHAPTER_ID']); $ratingTransistor = serialize($arRatingData); } $lastDirtyCacheTS = COption::GetOptionString('learning', CLearnCacheOfLessonTreeComponent::OPTION_TS, time()); // was: if($this->StartResultCache(false, $USER->GetGroups())) $additionalCacheID = CLearnAccess::GetAccessSymbolsHashForSiteUser() . '|' . $ratingTransistor . '|' . $lastDirtyCacheTS; if ($this->StartResultCache(false, $additionalCacheID)) { //Module if (!CModule::IncludeModule("learning")) { $this->AbortResultCache(); ShowError(GetMessage("LEARNING_MODULE_NOT_FOUND")); return; } //Course $rsCourse = CCourse::GetList(array(), array("ID" => $arParams["COURSE_ID"], "ACTIVE" => "Y", "ACTIVE_DATE" => "Y", "SITE_ID" => LANG, "CHECK_PERMISSIONS" => 'N')); if (!($arCourse = $rsCourse->GetNext())) { $this->AbortResultCache(); ShowError(GetMessage("LEARNING_COURSE_DENIED")); return; } // Resolve links "?COURSE_ID={SELF}". Don't relay on it, this behaviour
if ($arQuestionData) { $LESSON_ID = $arQuestionData['LESSON_ID']; if (isset($_POST['LESSON_ID']) && $_POST['LESSON_ID'] >= 1 && $_POST['LESSON_ID'] != $LESSON_ID) { $NEW_LESSON_ID = (int) $_POST['LESSON_ID']; } } } if ($LESSON_ID === false) { require $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/prolog_admin_after.php"; CAdminMessage::ShowMessage(GetMessage('LEARNING_BAD_LESSON')); require $_SERVER['DOCUMENT_ROOT'] . '/bitrix/modules/main/include/epilog_admin.php'; exit; } $uriParentLessonPath = $oPath->ExportUrlencoded(); unset($lessonPath); $oAccess = CLearnAccess::GetInstance($USER->GetID()); if ($oAccess->IsLessonAccessible($LESSON_ID, CLearnAccess::OP_LESSON_WRITE)) { $bBadCourse = false; } else { $bBadCourse = true; } if ($NEW_LESSON_ID !== false) { if ($oAccess->IsLessonAccessible($NEW_LESSON_ID, CLearnAccess::OP_LESSON_WRITE)) { $bBadCourse = false; } else { $bBadCourse = true; } } $aTabs = array(array("DIV" => "edit1", "TAB" => GetMessage("LEARNING_ADMIN_TAB1"), "ICON" => "main_user_edit", "TITLE" => GetMessage("LEARNING_ADMIN_TAB1_EX")), array("DIV" => "edit2", "TAB" => GetMessage("LEARNING_ADMIN_TAB2"), "ICON" => "main_user_edit", "TITLE" => GetMessage("LEARNING_ADMIN_TAB2_EX")), array("DIV" => "edit3", "TAB" => GetMessage("LEARNING_ADMIN_TAB3"), "ICON" => "main_user_edit", "TITLE" => GetMessage("LEARNING_ADMIN_TAB3_EX"))); $aTabs[] = $USER_FIELD_MANAGER->EditFormTab('LEARNING_QUESTIONS'); $tabControl = new CAdminForm("questionTabControl", $aTabs);
public static final function Delete($lesson_id) { global $USER_FIELD_MANAGER; list($lesson_id, $simulate, $check_permissions, $user_id) = self::_funcDelete_ParseOptions($lesson_id); if ($check_permissions) { $oAccess = CLearnAccess::GetInstance($user_id); if (!$oAccess->IsLessonAccessible($lesson_id, CLearnAccess::OP_LESSON_REMOVE)) { throw new LearnException('EA_ACCESS_DENIED', LearnException::EXC_ERR_ALL_ACCESS_DENIED); } } // Parents and childs of the lesson $arNeighboursEdges = self::ListImmediateNeighbours($lesson_id); // precache rights for lesson if ($check_permissions) { $IsLessonAccessibleFor_OP_LESSON_UNLINK_DESCENDANTS = $oAccess->IsLessonAccessible($lesson_id, CLearnAccess::OP_LESSON_UNLINK_DESCENDANTS); $IsLessonAccessibleFor_OP_LESSON_UNLINK_FROM_PARENTS = $oAccess->IsLessonAccessible($lesson_id, CLearnAccess::OP_LESSON_UNLINK_FROM_PARENTS); } foreach (GetModuleEvents('learning', 'OnBeforeLessonDelete', true) as $arEvent) { ExecuteModuleEventEx($arEvent, array($lesson_id)); } foreach ($arNeighboursEdges as $arEdge) { $child_lesson_id = (int) $arEdge['CHILD_LESSON']; $parent_lesson_id = (int) $arEdge['PARENT_LESSON']; if ($check_permissions) { $IsLessonAccessible = false; if ($child_lesson_id === $lesson_id) { // if we will be remove edge to parent - use precached rights for OP_LESSON_UNLINK_FROM_PARENTS $IsLessonAccessible = $IsLessonAccessibleFor_OP_LESSON_UNLINK_FROM_PARENTS && $oAccess->IsLessonAccessible($parent_lesson_id, CLearnAccess::OP_LESSON_UNLINK_DESCENDANTS); } elseif ($parent_lesson_id === $lesson_id) { // if we will be remove edge to child - use precached rights for OP_LESSON_UNLINK_DESCENDANTS $IsLessonAccessible = $IsLessonAccessibleFor_OP_LESSON_UNLINK_DESCENDANTS && $oAccess->IsLessonAccessible($child_lesson_id, CLearnAccess::OP_LESSON_UNLINK_FROM_PARENTS); } else { throw new LearnException('EA_FATAL: $lesson_id (' . $lesson_id . ') not equal to one of: $child_lesson_id (' . $child_lesson_id . '), $parent_lesson_id (' . $parent_lesson_id . ')', LearnException::EXC_ERR_ALL_LOGIC | LearnException::EXC_ERR_ALL_GIVEUP); } if (!$IsLessonAccessible) { throw new LearnException('EA_ACCESS_DENIED', LearnException::EXC_ERR_ALL_ACCESS_DENIED); } if ($simulate === false) { self::RelationRemove($parent_lesson_id, $child_lesson_id); } } } $linkedCourseId = self::GetLinkedCourse($lesson_id); // If lesson is course, remove course if ($linkedCourseId !== false) { global $DB; if ($simulate === false) { if (!$DB->Query("DELETE FROM b_learn_course_site WHERE COURSE_ID = " . (int) $linkedCourseId, true)) { throw new LearnException('EA_SQLERROR', LearnException::EXC_ERR_ALL_GIVEUP); } $rc = self::CourseBecomeLesson($linkedCourseId); // if course cannot be converted to lesson - don't remove lesson if ($rc === false) { throw new LearnException('EA_OTHER: lesson is unremovable because linked course is in use.', LearnException::EXC_ERR_LL_UNREMOVABLE_CL); } // reload cache of LINKED_LESSON_ID -> COURSE_ID self::GetCourseToLessonMap_ReloadCache(); if (CModule::IncludeModule("search")) { CSearch::DeleteIndex("learning", false, "C" . $linkedCourseId); CSearch::DeleteIndex("learning", "C" . $linkedCourseId); } } } // And remove lesson if ($simulate === false) { global $DB; $r = $DB->Query("SELECT PREVIEW_PICTURE, DETAIL_PICTURE \n\t\t\t\tFROM b_learn_lesson \n\t\t\t\tWHERE ID = " . (int) $lesson_id, true); if ($r === false) { throw new LearnException('EA_SQLERROR', LearnException::EXC_ERR_ALL_GIVEUP); } $arRes = $r->Fetch(); if (!$arRes) { throw new LearnException('EA_SQLERROR', LearnException::EXC_ERR_ALL_GIVEUP); } CFile::Delete($arRes['PREVIEW_PICTURE']); CFile::Delete($arRes['DETAIL_PICTURE']); // Remove questions $q = CLQuestion::GetList(array(), array('LESSON_ID' => $lesson_id)); while ($arQ = $q->Fetch()) { if (!CLQuestion::Delete($arQ['ID'])) { throw new LearnException('EA_QUESTION_NOT_REMOVED', LearnException::EXC_ERR_ALL_GIVEUP); } } CLearnGraphNode::Remove($lesson_id); $USER_FIELD_MANAGER->delete('LEARNING_LESSONS', $lesson_id); CLearnCacheOfLessonTreeComponent::MarkAsDirty(); CEventLog::add(array('AUDIT_TYPE_ID' => 'LEARNING_REMOVE_ITEM', 'MODULE_ID' => 'learning', 'ITEM_ID' => 'L #' . $lesson_id, 'DESCRIPTION' => 'lesson removed')); if (CModule::IncludeModule('search')) { CSearch::DeleteIndex('learning', false, 'L' . $lesson_id); CSearch::DeleteIndex('learning', 'L' . $lesson_id); } } if ($simulate === false) { foreach (GetModuleEvents('learning', 'OnAfterLessonDelete', true) as $arEvent) { ExecuteModuleEventEx($arEvent, array($lesson_id)); } } }
/** * If user logged in - get hash for of access symbols for user. * If user isn't logged in - get hash of access symbols for not authorized users. */ public static function GetAccessSymbolsHashForSiteUser() { global $USER; $userId = $USER->GetID(); $arCodes = array(); if ($userId > 0) { $oAccess = CLearnAccess::GetInstance($userId); $arCodes = $oAccess->GetAccessCodes(); } else { $arCodes = array('G2'); } // G2 - is group included all users (not authorized too) $hash = base64_encode(serialize($arCodes)); return $hash; }
<?php if (!defined("B_PROLOG_INCLUDED") || B_PROLOG_INCLUDED !== true) { die; } if (!CModule::IncludeModule('learning')) { return false; } //Params $arParams["CHECK_PERMISSIONS"] = isset($arParams["CHECK_PERMISSIONS"]) && $arParams["CHECK_PERMISSIONS"] == "N" ? "N" : "Y"; $arParams["COURSE_ID"] = isset($arParams["COURSE_ID"]) && intval($arParams["COURSE_ID"]) > 0 ? intval($arParams["COURSE_ID"]) : intval($_REQUEST["COURSE_ID"]); // was: if($this->StartResultCache(false, $USER->GetGroups())) if ($this->StartResultCache(false, CLearnAccess::GetAccessSymbolsHashForSiteUser())) { //Module if (!CModule::IncludeModule("learning")) { $this->AbortResultCache(); ShowError(GetMessage("LEARNING_MODULE_NOT_FOUND")); return; } if ($arParams['CHECK_PERMISSIONS'] !== 'N') { $isAccessible = false; $linkedLessonId = CCourse::CourseGetLinkedLesson($arParams["COURSE_ID"]); if ($linkedLessonId !== false) { try { $isAccessible = CLearnAccessMacroses::CanUserViewLessonContent(array('lesson_id' => $linkedLessonId)); } catch (Exception $e) { $isAccessible = false; // access denied } } if (!$isAccessible) {
protected static function LearningShowRights($lessonId, $variable_name, $arBaseRights, $arPossibleRights, $arActualRights, $arSelected = array(), $arHighLight = array(), $readOnly) { $js_var_name = preg_replace("/[^a-zA-Z0-9_]/", "_", $variable_name); $html_var_name = htmlspecialcharsbx($variable_name); $sSelect = '<select name="' . $html_var_name . '[][TASK_ID]" style="vertical-align:middle">'; foreach ($arPossibleRights as $taskId => $arRightsData) { $selected = ''; if (strtoupper($arRightsData['name']) === 'LEARNING_LESSON_ACCESS_DENIED') { $selected = ' selected="selected" '; } $sSelect .= '<option value="' . (int) $taskId . '" ' . $selected . '>' . htmlspecialcharsex($arRightsData['name_human']) . '</option>'; } $sSelect .= '</select>'; $table_id = $variable_name . "_table"; $href_id = $variable_name . "_href"; CJSCore::Init(array('access')); ?> <tr> <td colspan="2" align="center"> <input type="hidden" name="<?php echo $variable_name . '_marker'; ?> " value='yeah!'> <script type="text/javascript"> var obLearningJSRightsAccess_<?php echo $js_var_name; ?> = new LearningJSRightsAccess( <?php echo intval($lessonId); ?> , <?php echo CUtil::PhpToJsObject($arSelected); ?> , '<?php echo CUtil::JSEscape($variable_name); ?> ', '<?php echo CUtil::JSEscape($table_id); ?> ', '<?php echo CUtil::JSEscape($href_id); ?> ', '<?php echo CUtil::JSEscape($sSelect); ?> ', <?php echo CUtil::PhpToJsObject($arHighLight); ?> ); </script> <h3><?php echo GetMessage('LEARNING_RIGHTS_FOR_ADMINISTRATION'); ?> </h3> <table width="100%" cellpadding="0" cellspacing="10" border="0" id="<?php echo htmlspecialcharsbx($table_id); ?> " align="center"> <?php $access = new CAccess(); // If rights are for lesson => show base rights if ($lessonId !== false) { $arBaseNames = $access->GetNames(array_keys($arBaseRights)); foreach ($arBaseRights as $symbol => $taskId) { if ($taskId <= 0) { continue; } ?> <tr valign="top"> <td align="right"><?php echo htmlspecialcharsex($arBaseNames[$symbol]['provider'] . ' ' . $arBaseNames[$symbol]['name']); ?> : </td> <td align="left"> <?php echo htmlspecialcharsex(CLearnAccess::GetNameForTask($taskId)); ?> </td> </tr> <?php } } $arNames = $access->GetNames(array_keys($arActualRights)); foreach ($arActualRights as $symbol => $taskId) { if ($taskId <= 0) { continue; } ?> <tr valign="top"> <td align="right"> <div style="padding-top:8px;"> <span href="javascript:void(0);" onclick="LearningJSRightsAccess.DeleteRow( this, '<?php echo htmlspecialcharsbx(CUtil::addslashes($symbol)); ?> ', '<?php echo CUtil::JSEscape($html_var_name); ?> ')" class="access-delete" style="position:relative; top:1px; margin-right:3px;" ></span><?php if (strlen($arNames[$symbol]['provider'])) { echo htmlspecialcharsex($arNames[$symbol]['provider'] . ' ' . $arNames[$symbol]['name']); } else { echo htmlspecialcharsex($arNames[$symbol]['name']); } ?> : </div> </td> <td align="left"> <?php if ($readOnly) { echo htmlspecialcharsex(CLearnAccess::GetNameForTask($taskId)); } else { ?> <input type="hidden" name="<?php echo $html_var_name; ?> [][GROUP_CODE]" value="<?php echo htmlspecialcharsbx($symbol); ?> "> <div style="min-width:720px;"> <select name="<?php echo $html_var_name; ?> [][TASK_ID]" style="vertical-align:middle"> <?php foreach ($arPossibleRights as $id => $arRightsData) { ?> <option value="<?php echo (int) $id; ?> " <?php if ($id == $taskId) { echo "selected"; } ?> ><?php echo htmlspecialcharsex(CLearnAccess::GetNameForTask($id)); ?> </option> <?php } ?> </select> </div> <?php } ?> </td> </tr> <?php } if (!$readOnly) { ?> <tr> <td width="40%" align="right"> </td> <td width="60%" align="left"> <a href="javascript:void(0)" id="<?php echo htmlspecialcharsbx($href_id); ?> " class="bx-action-href"><?php echo GetMessage("LEARNING_RIGHTS_ADD"); ?> </a> </td> </tr> <?php } ?> </table> <br> <strong><?php echo GetMessage('LEARNING_RIGHTS_NOTE'); ?> </strong> </td> </tr> <?php }
public static function CanUserEditLessonRights($arParams) { // Parse options (user_id from $arParams will be automaticaly resolved) $options = self::ParseParamsWithUser($arParams, array('lesson_id' => array('type' => 'strictly_castable_to_integer', 'mandatory' => true))); $oAccess = CLearnAccess::GetInstance($options['user_id']); $isAccessGranted = $oAccess->IsLessonAccessible($options['lesson_id'], CLearnAccess::OP_LESSON_MANAGE_RIGHTS); return $isAccessGranted; }
/** * <p>Возвращает право доступа к учебному курсу с идентификатором <i>courseId</i> для текущего пользователя.</p> * * * * * @param int $courseId Идентификатор курса. <br><br> До версии 12.0.0 параметр назывался COURSE_ID. * * * * @return string <p>Символ права доступа: "D" - запрещён, "R" - чтение, "W" - изменение, "X" - * полный доступ (изменение + право изменять права доступа). </p> * * * <h4>Example</h4> * <pre> * <? * $permission = CCourse::GetPermission($id); * if ($permission<"X") * return false; * ?> * </pre> * * * * <h4>See Also</h4> * <ul> <li> <a href="http://dev.1c-bitrix.ru/api_help/learning/classes/ccourse/index.php">CCourse</a>::<a * href="http://dev.1c-bitrix.ru/api_help/learning/classes/ccourse/setpermission.php">SetPermission</a> </li> <li> <a * href="http://dev.1c-bitrix.ru/api_help/learning/classes/ccourse/index.php">CCourse</a>::<a * href="http://dev.1c-bitrix.ru/api_help/learning/classes/ccourse/getgrouppermissions.php">GetGroupPermissions</a> </li> * </ul><a name="examples"></a> * * * @static * @link http://dev.1c-bitrix.ru/api_help/learning/classes/ccourse/getpermission.php * @author Bitrix */ public static function GetPermission($courseId) { global $USER; static $accessMatrix = false; $courseId = (int) $courseId; if (!($courseId > 0)) { return 'D'; } // access denied $linkedLessonId = CCourse::CourseGetLinkedLesson($courseId); if (!($linkedLessonId > 0)) { return 'D'; } // some troubles, access denied $oAccess = CLearnAccess::GetInstance($USER->GetID()); if ($accessMatrix === false) { $accessMatrix = array('X' => CLearnAccess::OP_LESSON_READ | CLearnAccess::OP_LESSON_CREATE | CLearnAccess::OP_LESSON_WRITE | CLearnAccess::OP_LESSON_REMOVE | CLearnAccess::OP_LESSON_LINK_TO_PARENTS | CLearnAccess::OP_LESSON_UNLINK_FROM_PARENTS | CLearnAccess::OP_LESSON_LINK_DESCENDANTS | CLearnAccess::OP_LESSON_UNLINK_DESCENDANTS | CLearnAccess::OP_LESSON_MANAGE_RIGHTS, 'W' => CLearnAccess::OP_LESSON_READ | CLearnAccess::OP_LESSON_CREATE | CLearnAccess::OP_LESSON_WRITE | CLearnAccess::OP_LESSON_REMOVE, 'R' => CLearnAccess::OP_LESSON_READ); } foreach ($accessMatrix as $oldAccessSymbol => $operations) { if ($oAccess->IsBaseAccess($operations) || $oAccess->IsLessonAccessible($linkedLessonId, $operations)) { return $oldAccessSymbol; } } // by default, access denied return 'D'; }
WizardServices::SetFilePermission(array(WIZARD_SITE_ID, WIZARD_SITE_DIR), array("*" => 'D')); WizardServices::SetFilePermission(array(WIZARD_SITE_ID, WIZARD_SITE_DIR), array($groupID => 'R')); } if (WIZARD_IS_RERUN === false) { if ($arGroup["STRING_ID"] == "EMPLOYEES_" . WIZARD_SITE_ID) { COption::SetOptionString("main", "new_user_registration_def_group", $groupID); } } } if (!WIZARD_IS_RERUN) { if (CModule::IncludeModule("learning")) { //learning rights $oAccess = CLearnAccess::GetInstance($USER->GetID()); $perms = $oAccess->GetBasePermissions(); CLearnAccess::ListAllPossibleRights(); $arRights = CLearnAccess::ListAllPossibleRights(); foreach ($arRights as $id => $right) { if ($right["name"] == "learning_lesson_access_manage_dual") { $taskId = $id; break; } } $perms["G" . $SiteGroups["PORTAL_ADMINISTRATION_" . WIZARD_SITE_ID]] = $taskId; $oAccess->SetBasePermissions($perms); } } WizardServices::SetFilePermission(array(WIZARD_SITE_ID, WIZARD_SITE_DIR . "upload/"), array("*" => "R")); //admin security policy $z = CGroup::GetByID(1); if ($res = $z->Fetch()) { if ($res["SECURITY_POLICY"] == "") {
protected function EnsureLessonDeactivateAccess($lessonID) { global $USER; if ($USER->IsAdmin()) { return $this; } $oAccess = CLearnAccess::GetInstance($USER->GetID()); if (!$oAccess->IsLessonAccessible($lessonID, CLearnAccess::OP_LESSON_WRITE)) { throw new CLearnRenderAdminUnilessonListException('', CLearnRenderAdminUnilessonListException::C_ACCESS_DENIED); } return $this; }
$tzOffset = CTimeZone::getOffset(); if ($bTzWasDisabled) { CTimeZone::disable(); } // Adjust unix timestamp to bitrix-timestamp for correct comparision below $nowTimestamp = time() + $tzOffset; if ($nowTimestamp < MakeTimeStamp($activeFrom)) { $delayed = $activeFrom; } } } } } $lastDirtyCacheTS = COption::GetOptionString('learning', CLearnCacheOfLessonTreeComponent::OPTION_TS, time()); // was: if($this->StartResultCache(false, $USER->GetGroups())) $additionalCacheID = CLearnAccess::GetAccessSymbolsHashForSiteUser() . '|' . $ratingTransistor . '|' . $lastDirtyCacheTS . '|' . ($delayed === false ? 'ND' : 'D'); if ($this->StartResultCache(false, $additionalCacheID)) { // Module if (!CModule::IncludeModule("learning")) { $this->AbortResultCache(); ShowError(GetMessage("LEARNING_MODULE_NOT_FOUND")); return; } if ($arParams["CHECK_PERMISSIONS"] !== 'N') { try { $arPermissionsParams = array('COURSE_ID' => $arParams['COURSE_ID'], 'LESSON_ID' => $arParams['LESSON_ID']); $isAccessible = CLearnAccessMacroses::CanUserViewLessonAsPublic($arPermissionsParams); } catch (Exception $e) { $isAccessible = false; // access denied }
:</td> <td>/learning/course/index.php?COURSE_ID=#COURSE_ID#&CHAPTER_ID=#CHAPTER_ID#</td> </tr> <tr> <td align="right"><?php echo GetMessage("LEARNING_SITE_PATH_SITE_LESSON"); ?> :</td> <td>/learning/course/index.php?COURSE_ID=#COURSE_ID#&LESSON_ID=#LESSON_ID#</td> </tr> </table> </td> </tr> <?php if (CLearnAccess::IsLoggedUserCanAccessModuleSettings()) { $tabControl->BeginNextTab(); CLearnRenderRightsEdit::RenderBaseRightsTab($USER->GetID(), 'BASE_RIGHTS'); } ?> <?php $tabControl->Buttons(); ?> <script language="JavaScript"> function RestoreDefaults() { if(confirm('<?php echo AddSlashes(GetMessage("MAIN_HINT_RESTORE_DEFAULTS_WARNING")); ?> '))
public static function CanViewAdminMenu() { global $USER; if ($USER->IsAdmin()) { return true; } $oAccess = CLearnAccess::GetInstance($USER->GetID()); if ($oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_READ) && ($oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_CREATE) || $oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_WRITE) || $oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_REMOVE) || $oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_CREATE) || $oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_LINK_TO_PARENTS) || $oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_UNLINK_FROM_PARENTS) || $oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_LINK_DESCENDANTS) || $oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_UNLINK_DESCENDANTS) || $oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_MANAGE_RIGHTS))) { return true; } if ($oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_CREATE)) { return true; } $db = CCourse::GetList(array(), array("CHECK_PERMISSIONS" => "Y", "ACCESS_OPERATIONS" => CLearnAccess::OP_LESSON_CREATE | CLearnAccess::OP_LESSON_WRITE | CLearnAccess::OP_LESSON_REMOVE | CLearnAccess::OP_LESSON_LINK_TO_PARENTS | CLearnAccess::OP_LESSON_UNLINK_FROM_PARENTS | CLearnAccess::OP_LESSON_LINK_DESCENDANTS | CLearnAccess::OP_LESSON_UNLINK_DESCENDANTS | CLearnAccess::OP_LESSON_MANAGE_RIGHTS), array("nTopCount" => 1)); return $db->Fetch() !== false; }