コード例 #1
0
 public function __construct($arFilter)
 {
     $loggedUserId = false;
     // Skip checking permissions?
     if (isset($arFilter['CHECK_PERMISSIONS']) && $arFilter['CHECK_PERMISSIONS'] === 'N') {
         return;
     }
     // Determine requested operations
     $this->requestedOperations = self::ParseRequestedOperations($arFilter);
     // Determine logged in user
     global $USER;
     if (is_object($USER) && method_exists($USER, 'GetID')) {
         $loggedUserId = (int) $USER->GetID();
     }
     $this->requestedUserId = self::DetermineRequestedUserId($arFilter, $loggedUserId);
     // If user_id === current logged user_id, and he is admin => skip checking permissions
     if ($this->requestedUserId === $loggedUserId && $USER->IsAdmin()) {
         return;
     }
     // skip checking permissions
     $this->oAccess = CLearnAccess::GetInstance($this->requestedUserId);
     // If base (shared) user rights covers requested operations => nothing to check.
     if ($this->oAccess->IsBaseAccess($this->requestedOperations)) {
         return;
     }
     // skip checking permissions
     // Checking of permissions must be.
     $this->bCheckPerm = true;
 }
コード例 #2
0
ファイル: question.php プロジェクト: andy-profi/bxApiDocs
 public function CheckFields(&$arFields, $ID = false)
 {
     global $DB, $USER;
     $arMsg = array();
     if ((is_set($arFields, "NAME") || $ID === false) && strlen(trim($arFields["NAME"])) <= 0) {
         $arMsg[] = array("id" => "NAME", "text" => GetMessage("LEARNING_BAD_NAME"));
     }
     if (is_set($arFields, "FILE_ID")) {
         $error = CFile::CheckImageFile($arFields["FILE_ID"]);
         if (strlen($error) > 0) {
             $arMsg[] = array("id" => "FILE_ID", "text" => $error);
         }
     }
     if (strlen($this->LAST_ERROR) <= 0) {
         if ($ID === false && !is_set($arFields, "LESSON_ID") || is_set($arFields, "LESSON_ID") && intval($arFields["LESSON_ID"]) < 1) {
             $arMsg[] = array("id" => "LESSON_ID", "text" => GetMessage("LEARNING_BAD_LESSON_ID"));
         } elseif (is_set($arFields, "LESSON_ID")) {
             $res = CLearnLesson::GetByID($arFields["LESSON_ID"]);
             if ($arRes = $res->Fetch()) {
                 $oAccess = CLearnAccess::GetInstance($USER->GetID());
                 $bAccessLessonModify = $oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_WRITE) || $oAccess->IsLessonAccessible($arFields["LESSON_ID"], CLearnAccess::OP_LESSON_WRITE);
                 if (!$bAccessLessonModify) {
                     $arMsg[] = array("id" => "LESSON_ID", "text" => GetMessage("LEARNING_BAD_LESSON_ID_EX"));
                 }
             } else {
                 $arMsg[] = array("id" => "LESSON_ID", "text" => GetMessage("LEARNING_BAD_LESSON_ID_EX"));
             }
         }
     }
     if (!empty($arMsg)) {
         $e = new CAdminException($arMsg);
         $GLOBALS["APPLICATION"]->ThrowException($e);
         return false;
     }
     if (is_set($arFields, "QUESTION_TYPE") && !in_array($arFields["QUESTION_TYPE"], array("S", "M", "T", "R"))) {
         $arFields["QUESTION_TYPE"] = "S";
     }
     if (is_set($arFields, "DESCRIPTION_TYPE") && $arFields["DESCRIPTION_TYPE"] != "html") {
         $arFields["DESCRIPTION_TYPE"] = "text";
     }
     if (is_set($arFields, "DIRECTION") && $arFields["DIRECTION"] != "H") {
         $arFields["DIRECTION"] = "V";
     }
     if (is_set($arFields, "SELF") && $arFields["SELF"] != "Y") {
         $arFields["SELF"] = "N";
     }
     if (is_set($arFields, "ACTIVE") && $arFields["ACTIVE"] != "Y") {
         $arFields["ACTIVE"] = "N";
     }
     if (is_set($arFields, "EMAIL_ANSWER") && $arFields["EMAIL_ANSWER"] != "Y") {
         $arFields["EMAIL_ANSWER"] = "N";
     }
     if (is_set($arFields, "CORRECT_REQUIRED") && $arFields["CORRECT_REQUIRED"] != "Y") {
         $arFields["CORRECT_REQUIRED"] = "N";
     }
     return true;
 }
コード例 #3
0
ファイル: component.php プロジェクト: webgksupport/alpina
        // access denied
    }
    if (!$isAccessible) {
        ShowError(GetMessage('LEARNING_COURSE_DENIED'));
        return;
        exit;
    }
}
$ratingTransistor = '';
if ($arParams['CHAPTER_ID'] > 0) {
    $arRatingData = CRatings::GetRatingVoteResult('LEARN_LESSON', $arParams['CHAPTER_ID']);
    $ratingTransistor = serialize($arRatingData);
}
$lastDirtyCacheTS = COption::GetOptionString('learning', CLearnCacheOfLessonTreeComponent::OPTION_TS, time());
// was: if($this->StartResultCache(false, $USER->GetGroups()))
$additionalCacheID = CLearnAccess::GetAccessSymbolsHashForSiteUser() . '|' . $ratingTransistor . '|' . $lastDirtyCacheTS;
if ($this->StartResultCache(false, $additionalCacheID)) {
    //Module
    if (!CModule::IncludeModule("learning")) {
        $this->AbortResultCache();
        ShowError(GetMessage("LEARNING_MODULE_NOT_FOUND"));
        return;
    }
    //Course
    $rsCourse = CCourse::GetList(array(), array("ID" => $arParams["COURSE_ID"], "ACTIVE" => "Y", "ACTIVE_DATE" => "Y", "SITE_ID" => LANG, "CHECK_PERMISSIONS" => 'N'));
    if (!($arCourse = $rsCourse->GetNext())) {
        $this->AbortResultCache();
        ShowError(GetMessage("LEARNING_COURSE_DENIED"));
        return;
    }
    // Resolve links "?COURSE_ID={SELF}". Don't relay on it, this behaviour
コード例 #4
0
    if ($arQuestionData) {
        $LESSON_ID = $arQuestionData['LESSON_ID'];
        if (isset($_POST['LESSON_ID']) && $_POST['LESSON_ID'] >= 1 && $_POST['LESSON_ID'] != $LESSON_ID) {
            $NEW_LESSON_ID = (int) $_POST['LESSON_ID'];
        }
    }
}
if ($LESSON_ID === false) {
    require $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/prolog_admin_after.php";
    CAdminMessage::ShowMessage(GetMessage('LEARNING_BAD_LESSON'));
    require $_SERVER['DOCUMENT_ROOT'] . '/bitrix/modules/main/include/epilog_admin.php';
    exit;
}
$uriParentLessonPath = $oPath->ExportUrlencoded();
unset($lessonPath);
$oAccess = CLearnAccess::GetInstance($USER->GetID());
if ($oAccess->IsLessonAccessible($LESSON_ID, CLearnAccess::OP_LESSON_WRITE)) {
    $bBadCourse = false;
} else {
    $bBadCourse = true;
}
if ($NEW_LESSON_ID !== false) {
    if ($oAccess->IsLessonAccessible($NEW_LESSON_ID, CLearnAccess::OP_LESSON_WRITE)) {
        $bBadCourse = false;
    } else {
        $bBadCourse = true;
    }
}
$aTabs = array(array("DIV" => "edit1", "TAB" => GetMessage("LEARNING_ADMIN_TAB1"), "ICON" => "main_user_edit", "TITLE" => GetMessage("LEARNING_ADMIN_TAB1_EX")), array("DIV" => "edit2", "TAB" => GetMessage("LEARNING_ADMIN_TAB2"), "ICON" => "main_user_edit", "TITLE" => GetMessage("LEARNING_ADMIN_TAB2_EX")), array("DIV" => "edit3", "TAB" => GetMessage("LEARNING_ADMIN_TAB3"), "ICON" => "main_user_edit", "TITLE" => GetMessage("LEARNING_ADMIN_TAB3_EX")));
$aTabs[] = $USER_FIELD_MANAGER->EditFormTab('LEARNING_QUESTIONS');
$tabControl = new CAdminForm("questionTabControl", $aTabs);
コード例 #5
0
ファイル: clearnlesson.php プロジェクト: DarneoStudio/bitrix
 public static final function Delete($lesson_id)
 {
     global $USER_FIELD_MANAGER;
     list($lesson_id, $simulate, $check_permissions, $user_id) = self::_funcDelete_ParseOptions($lesson_id);
     if ($check_permissions) {
         $oAccess = CLearnAccess::GetInstance($user_id);
         if (!$oAccess->IsLessonAccessible($lesson_id, CLearnAccess::OP_LESSON_REMOVE)) {
             throw new LearnException('EA_ACCESS_DENIED', LearnException::EXC_ERR_ALL_ACCESS_DENIED);
         }
     }
     // Parents and childs of the lesson
     $arNeighboursEdges = self::ListImmediateNeighbours($lesson_id);
     // precache rights for lesson
     if ($check_permissions) {
         $IsLessonAccessibleFor_OP_LESSON_UNLINK_DESCENDANTS = $oAccess->IsLessonAccessible($lesson_id, CLearnAccess::OP_LESSON_UNLINK_DESCENDANTS);
         $IsLessonAccessibleFor_OP_LESSON_UNLINK_FROM_PARENTS = $oAccess->IsLessonAccessible($lesson_id, CLearnAccess::OP_LESSON_UNLINK_FROM_PARENTS);
     }
     foreach (GetModuleEvents('learning', 'OnBeforeLessonDelete', true) as $arEvent) {
         ExecuteModuleEventEx($arEvent, array($lesson_id));
     }
     foreach ($arNeighboursEdges as $arEdge) {
         $child_lesson_id = (int) $arEdge['CHILD_LESSON'];
         $parent_lesson_id = (int) $arEdge['PARENT_LESSON'];
         if ($check_permissions) {
             $IsLessonAccessible = false;
             if ($child_lesson_id === $lesson_id) {
                 // if we will be remove edge to parent - use precached rights for OP_LESSON_UNLINK_FROM_PARENTS
                 $IsLessonAccessible = $IsLessonAccessibleFor_OP_LESSON_UNLINK_FROM_PARENTS && $oAccess->IsLessonAccessible($parent_lesson_id, CLearnAccess::OP_LESSON_UNLINK_DESCENDANTS);
             } elseif ($parent_lesson_id === $lesson_id) {
                 // if we will be remove edge to child - use precached rights for OP_LESSON_UNLINK_DESCENDANTS
                 $IsLessonAccessible = $IsLessonAccessibleFor_OP_LESSON_UNLINK_DESCENDANTS && $oAccess->IsLessonAccessible($child_lesson_id, CLearnAccess::OP_LESSON_UNLINK_FROM_PARENTS);
             } else {
                 throw new LearnException('EA_FATAL: $lesson_id (' . $lesson_id . ') not equal to one of: $child_lesson_id (' . $child_lesson_id . '), $parent_lesson_id (' . $parent_lesson_id . ')', LearnException::EXC_ERR_ALL_LOGIC | LearnException::EXC_ERR_ALL_GIVEUP);
             }
             if (!$IsLessonAccessible) {
                 throw new LearnException('EA_ACCESS_DENIED', LearnException::EXC_ERR_ALL_ACCESS_DENIED);
             }
             if ($simulate === false) {
                 self::RelationRemove($parent_lesson_id, $child_lesson_id);
             }
         }
     }
     $linkedCourseId = self::GetLinkedCourse($lesson_id);
     // If lesson is course, remove course
     if ($linkedCourseId !== false) {
         global $DB;
         if ($simulate === false) {
             if (!$DB->Query("DELETE FROM b_learn_course_site WHERE COURSE_ID = " . (int) $linkedCourseId, true)) {
                 throw new LearnException('EA_SQLERROR', LearnException::EXC_ERR_ALL_GIVEUP);
             }
             $rc = self::CourseBecomeLesson($linkedCourseId);
             // if course cannot be converted to lesson - don't remove lesson
             if ($rc === false) {
                 throw new LearnException('EA_OTHER: lesson is unremovable because linked course is in use.', LearnException::EXC_ERR_LL_UNREMOVABLE_CL);
             }
             // reload cache of LINKED_LESSON_ID -> COURSE_ID
             self::GetCourseToLessonMap_ReloadCache();
             if (CModule::IncludeModule("search")) {
                 CSearch::DeleteIndex("learning", false, "C" . $linkedCourseId);
                 CSearch::DeleteIndex("learning", "C" . $linkedCourseId);
             }
         }
     }
     // And remove lesson
     if ($simulate === false) {
         global $DB;
         $r = $DB->Query("SELECT PREVIEW_PICTURE, DETAIL_PICTURE \n\t\t\t\tFROM b_learn_lesson \n\t\t\t\tWHERE ID = " . (int) $lesson_id, true);
         if ($r === false) {
             throw new LearnException('EA_SQLERROR', LearnException::EXC_ERR_ALL_GIVEUP);
         }
         $arRes = $r->Fetch();
         if (!$arRes) {
             throw new LearnException('EA_SQLERROR', LearnException::EXC_ERR_ALL_GIVEUP);
         }
         CFile::Delete($arRes['PREVIEW_PICTURE']);
         CFile::Delete($arRes['DETAIL_PICTURE']);
         // Remove questions
         $q = CLQuestion::GetList(array(), array('LESSON_ID' => $lesson_id));
         while ($arQ = $q->Fetch()) {
             if (!CLQuestion::Delete($arQ['ID'])) {
                 throw new LearnException('EA_QUESTION_NOT_REMOVED', LearnException::EXC_ERR_ALL_GIVEUP);
             }
         }
         CLearnGraphNode::Remove($lesson_id);
         $USER_FIELD_MANAGER->delete('LEARNING_LESSONS', $lesson_id);
         CLearnCacheOfLessonTreeComponent::MarkAsDirty();
         CEventLog::add(array('AUDIT_TYPE_ID' => 'LEARNING_REMOVE_ITEM', 'MODULE_ID' => 'learning', 'ITEM_ID' => 'L #' . $lesson_id, 'DESCRIPTION' => 'lesson removed'));
         if (CModule::IncludeModule('search')) {
             CSearch::DeleteIndex('learning', false, 'L' . $lesson_id);
             CSearch::DeleteIndex('learning', 'L' . $lesson_id);
         }
     }
     if ($simulate === false) {
         foreach (GetModuleEvents('learning', 'OnAfterLessonDelete', true) as $arEvent) {
             ExecuteModuleEventEx($arEvent, array($lesson_id));
         }
     }
 }
コード例 #6
0
 /**
  * If user logged in - get hash for of access symbols for user.
  * If user isn't logged in - get hash of access symbols for not authorized users.
  */
 public static function GetAccessSymbolsHashForSiteUser()
 {
     global $USER;
     $userId = $USER->GetID();
     $arCodes = array();
     if ($userId > 0) {
         $oAccess = CLearnAccess::GetInstance($userId);
         $arCodes = $oAccess->GetAccessCodes();
     } else {
         $arCodes = array('G2');
     }
     // G2 - is group included all users (not authorized too)
     $hash = base64_encode(serialize($arCodes));
     return $hash;
 }
コード例 #7
0
ファイル: component.php プロジェクト: Satariall/izurit
<?php

if (!defined("B_PROLOG_INCLUDED") || B_PROLOG_INCLUDED !== true) {
    die;
}
if (!CModule::IncludeModule('learning')) {
    return false;
}
//Params
$arParams["CHECK_PERMISSIONS"] = isset($arParams["CHECK_PERMISSIONS"]) && $arParams["CHECK_PERMISSIONS"] == "N" ? "N" : "Y";
$arParams["COURSE_ID"] = isset($arParams["COURSE_ID"]) && intval($arParams["COURSE_ID"]) > 0 ? intval($arParams["COURSE_ID"]) : intval($_REQUEST["COURSE_ID"]);
// was: if($this->StartResultCache(false, $USER->GetGroups()))
if ($this->StartResultCache(false, CLearnAccess::GetAccessSymbolsHashForSiteUser())) {
    //Module
    if (!CModule::IncludeModule("learning")) {
        $this->AbortResultCache();
        ShowError(GetMessage("LEARNING_MODULE_NOT_FOUND"));
        return;
    }
    if ($arParams['CHECK_PERMISSIONS'] !== 'N') {
        $isAccessible = false;
        $linkedLessonId = CCourse::CourseGetLinkedLesson($arParams["COURSE_ID"]);
        if ($linkedLessonId !== false) {
            try {
                $isAccessible = CLearnAccessMacroses::CanUserViewLessonContent(array('lesson_id' => $linkedLessonId));
            } catch (Exception $e) {
                $isAccessible = false;
                // access denied
            }
        }
        if (!$isAccessible) {
コード例 #8
0
    protected static function LearningShowRights($lessonId, $variable_name, $arBaseRights, $arPossibleRights, $arActualRights, $arSelected = array(), $arHighLight = array(), $readOnly)
    {
        $js_var_name = preg_replace("/[^a-zA-Z0-9_]/", "_", $variable_name);
        $html_var_name = htmlspecialcharsbx($variable_name);
        $sSelect = '<select name="' . $html_var_name . '[][TASK_ID]" style="vertical-align:middle">';
        foreach ($arPossibleRights as $taskId => $arRightsData) {
            $selected = '';
            if (strtoupper($arRightsData['name']) === 'LEARNING_LESSON_ACCESS_DENIED') {
                $selected = ' selected="selected" ';
            }
            $sSelect .= '<option value="' . (int) $taskId . '" ' . $selected . '>' . htmlspecialcharsex($arRightsData['name_human']) . '</option>';
        }
        $sSelect .= '</select>';
        $table_id = $variable_name . "_table";
        $href_id = $variable_name . "_href";
        CJSCore::Init(array('access'));
        ?>
		<tr>
			<td colspan="2" align="center">
				<input type="hidden" name="<?php 
        echo $variable_name . '_marker';
        ?>
" value='yeah!'>
				<script type="text/javascript">
					var obLearningJSRightsAccess_<?php 
        echo $js_var_name;
        ?>
 = new LearningJSRightsAccess(
						<?php 
        echo intval($lessonId);
        ?>
,
						<?php 
        echo CUtil::PhpToJsObject($arSelected);
        ?>
,
						'<?php 
        echo CUtil::JSEscape($variable_name);
        ?>
',
						'<?php 
        echo CUtil::JSEscape($table_id);
        ?>
',
						'<?php 
        echo CUtil::JSEscape($href_id);
        ?>
',
						'<?php 
        echo CUtil::JSEscape($sSelect);
        ?>
',
						<?php 
        echo CUtil::PhpToJsObject($arHighLight);
        ?>
					);
				</script>
				<h3><?php 
        echo GetMessage('LEARNING_RIGHTS_FOR_ADMINISTRATION');
        ?>
</h3>
				<table width="100%" cellpadding="0" cellspacing="10" border="0" id="<?php 
        echo htmlspecialcharsbx($table_id);
        ?>
" align="center">
				<?php 
        $access = new CAccess();
        // If rights are for lesson => show base rights
        if ($lessonId !== false) {
            $arBaseNames = $access->GetNames(array_keys($arBaseRights));
            foreach ($arBaseRights as $symbol => $taskId) {
                if ($taskId <= 0) {
                    continue;
                }
                ?>
					<tr valign="top">
						<td align="right"><?php 
                echo htmlspecialcharsex($arBaseNames[$symbol]['provider'] . ' ' . $arBaseNames[$symbol]['name']);
                ?>
:&nbsp;</td>
						<td align="left">
							<?php 
                echo htmlspecialcharsex(CLearnAccess::GetNameForTask($taskId));
                ?>
						</td>
					</tr>
					<?php 
            }
        }
        $arNames = $access->GetNames(array_keys($arActualRights));
        foreach ($arActualRights as $symbol => $taskId) {
            if ($taskId <= 0) {
                continue;
            }
            ?>
				<tr valign="top">
					<td align="right">
						<div style="padding-top:8px;">
						<span href="javascript:void(0);" 
							onclick="LearningJSRightsAccess.DeleteRow(
								this, 
								'<?php 
            echo htmlspecialcharsbx(CUtil::addslashes($symbol));
            ?>
', 
								'<?php 
            echo CUtil::JSEscape($html_var_name);
            ?>
')" 
							class="access-delete"
							style="position:relative; top:1px; margin-right:3px;"
						></span><?php 
            if (strlen($arNames[$symbol]['provider'])) {
                echo htmlspecialcharsex($arNames[$symbol]['provider'] . ' ' . $arNames[$symbol]['name']);
            } else {
                echo htmlspecialcharsex($arNames[$symbol]['name']);
            }
            ?>
:&nbsp;
					</div>
					</td>
					<td align="left">
						<?php 
            if ($readOnly) {
                echo htmlspecialcharsex(CLearnAccess::GetNameForTask($taskId));
            } else {
                ?>
						<input type="hidden" name="<?php 
                echo $html_var_name;
                ?>
[][GROUP_CODE]" value="<?php 
                echo htmlspecialcharsbx($symbol);
                ?>
">
						<div style="min-width:720px;">
							<select name="<?php 
                echo $html_var_name;
                ?>
[][TASK_ID]" style="vertical-align:middle">
						<?php 
                foreach ($arPossibleRights as $id => $arRightsData) {
                    ?>
							<option value="<?php 
                    echo (int) $id;
                    ?>
" <?php 
                    if ($id == $taskId) {
                        echo "selected";
                    }
                    ?>
><?php 
                    echo htmlspecialcharsex(CLearnAccess::GetNameForTask($id));
                    ?>
</option>
							<?php 
                }
                ?>
						</select>
						</div>
						<?php 
            }
            ?>
					</td>
				</tr>
				<?php 
        }
        if (!$readOnly) {
            ?>
					<tr>
						<td width="40%" align="right">&nbsp;</td>
						<td width="60%" align="left">
							<a href="javascript:void(0)"  id="<?php 
            echo htmlspecialcharsbx($href_id);
            ?>
" class="bx-action-href"><?php 
            echo GetMessage("LEARNING_RIGHTS_ADD");
            ?>
</a>
						</td>
					</tr>
				<?php 
        }
        ?>
				</table>
				<br>
				<strong><?php 
        echo GetMessage('LEARNING_RIGHTS_NOTE');
        ?>
</strong>
			</td>
		</tr>
		<?php 
    }
コード例 #9
0
 public static function CanUserEditLessonRights($arParams)
 {
     // Parse options (user_id from $arParams will be automaticaly resolved)
     $options = self::ParseParamsWithUser($arParams, array('lesson_id' => array('type' => 'strictly_castable_to_integer', 'mandatory' => true)));
     $oAccess = CLearnAccess::GetInstance($options['user_id']);
     $isAccessGranted = $oAccess->IsLessonAccessible($options['lesson_id'], CLearnAccess::OP_LESSON_MANAGE_RIGHTS);
     return $isAccessGranted;
 }
コード例 #10
0
ファイル: course.php プロジェクト: rasuldev/torino
 /**
  * <p>Возвращает право доступа к учебному курсу с идентификатором <i>courseId</i> для текущего пользователя.</p>
  *
  *
  *
  *
  * @param int $courseId  Идентификатор курса. <br><br> До версии 12.0.0 параметр назывался COURSE_ID.
  *
  *
  *
  * @return string <p>Символ права доступа: "D" - запрещён, "R" - чтение, "W" - изменение, "X" -
  * полный доступ (изменение + право изменять права доступа). </p>
  *
  *
  * <h4>Example</h4> 
  * <pre>
  * &lt;?
  * $permission = CCourse::GetPermission($id);
  * if ($permission&lt;"X")
  *     return false;
  * ?&gt;
  * </pre>
  *
  *
  *
  * <h4>See Also</h4> 
  * <ul> <li> <a href="http://dev.1c-bitrix.ru/api_help/learning/classes/ccourse/index.php">CCourse</a>::<a
  * href="http://dev.1c-bitrix.ru/api_help/learning/classes/ccourse/setpermission.php">SetPermission</a> </li> <li> <a
  * href="http://dev.1c-bitrix.ru/api_help/learning/classes/ccourse/index.php">CCourse</a>::<a
  * href="http://dev.1c-bitrix.ru/api_help/learning/classes/ccourse/getgrouppermissions.php">GetGroupPermissions</a> </li>
  * </ul><a name="examples"></a>
  *
  *
  * @static
  * @link http://dev.1c-bitrix.ru/api_help/learning/classes/ccourse/getpermission.php
  * @author Bitrix
  */
 public static function GetPermission($courseId)
 {
     global $USER;
     static $accessMatrix = false;
     $courseId = (int) $courseId;
     if (!($courseId > 0)) {
         return 'D';
     }
     // access denied
     $linkedLessonId = CCourse::CourseGetLinkedLesson($courseId);
     if (!($linkedLessonId > 0)) {
         return 'D';
     }
     // some troubles, access denied
     $oAccess = CLearnAccess::GetInstance($USER->GetID());
     if ($accessMatrix === false) {
         $accessMatrix = array('X' => CLearnAccess::OP_LESSON_READ | CLearnAccess::OP_LESSON_CREATE | CLearnAccess::OP_LESSON_WRITE | CLearnAccess::OP_LESSON_REMOVE | CLearnAccess::OP_LESSON_LINK_TO_PARENTS | CLearnAccess::OP_LESSON_UNLINK_FROM_PARENTS | CLearnAccess::OP_LESSON_LINK_DESCENDANTS | CLearnAccess::OP_LESSON_UNLINK_DESCENDANTS | CLearnAccess::OP_LESSON_MANAGE_RIGHTS, 'W' => CLearnAccess::OP_LESSON_READ | CLearnAccess::OP_LESSON_CREATE | CLearnAccess::OP_LESSON_WRITE | CLearnAccess::OP_LESSON_REMOVE, 'R' => CLearnAccess::OP_LESSON_READ);
     }
     foreach ($accessMatrix as $oldAccessSymbol => $operations) {
         if ($oAccess->IsBaseAccess($operations) || $oAccess->IsLessonAccessible($linkedLessonId, $operations)) {
             return $oldAccessSymbol;
         }
     }
     // by default, access denied
     return 'D';
 }
コード例 #11
0
ファイル: groups.php プロジェクト: mrdeadmouse/u136006
         WizardServices::SetFilePermission(array(WIZARD_SITE_ID, WIZARD_SITE_DIR), array("*" => 'D'));
         WizardServices::SetFilePermission(array(WIZARD_SITE_ID, WIZARD_SITE_DIR), array($groupID => 'R'));
     }
     if (WIZARD_IS_RERUN === false) {
         if ($arGroup["STRING_ID"] == "EMPLOYEES_" . WIZARD_SITE_ID) {
             COption::SetOptionString("main", "new_user_registration_def_group", $groupID);
         }
     }
 }
 if (!WIZARD_IS_RERUN) {
     if (CModule::IncludeModule("learning")) {
         //learning rights
         $oAccess = CLearnAccess::GetInstance($USER->GetID());
         $perms = $oAccess->GetBasePermissions();
         CLearnAccess::ListAllPossibleRights();
         $arRights = CLearnAccess::ListAllPossibleRights();
         foreach ($arRights as $id => $right) {
             if ($right["name"] == "learning_lesson_access_manage_dual") {
                 $taskId = $id;
                 break;
             }
         }
         $perms["G" . $SiteGroups["PORTAL_ADMINISTRATION_" . WIZARD_SITE_ID]] = $taskId;
         $oAccess->SetBasePermissions($perms);
     }
 }
 WizardServices::SetFilePermission(array(WIZARD_SITE_ID, WIZARD_SITE_DIR . "upload/"), array("*" => "R"));
 //admin security policy
 $z = CGroup::GetByID(1);
 if ($res = $z->Fetch()) {
     if ($res["SECURITY_POLICY"] == "") {
コード例 #12
0
 protected function EnsureLessonDeactivateAccess($lessonID)
 {
     global $USER;
     if ($USER->IsAdmin()) {
         return $this;
     }
     $oAccess = CLearnAccess::GetInstance($USER->GetID());
     if (!$oAccess->IsLessonAccessible($lessonID, CLearnAccess::OP_LESSON_WRITE)) {
         throw new CLearnRenderAdminUnilessonListException('', CLearnRenderAdminUnilessonListException::C_ACCESS_DENIED);
     }
     return $this;
 }
コード例 #13
0
ファイル: component.php プロジェクト: mrdeadmouse/u136006
                $tzOffset = CTimeZone::getOffset();
                if ($bTzWasDisabled) {
                    CTimeZone::disable();
                }
                // Adjust unix timestamp to bitrix-timestamp for correct comparision below
                $nowTimestamp = time() + $tzOffset;
                if ($nowTimestamp < MakeTimeStamp($activeFrom)) {
                    $delayed = $activeFrom;
                }
            }
        }
    }
}
$lastDirtyCacheTS = COption::GetOptionString('learning', CLearnCacheOfLessonTreeComponent::OPTION_TS, time());
// was: if($this->StartResultCache(false, $USER->GetGroups()))
$additionalCacheID = CLearnAccess::GetAccessSymbolsHashForSiteUser() . '|' . $ratingTransistor . '|' . $lastDirtyCacheTS . '|' . ($delayed === false ? 'ND' : 'D');
if ($this->StartResultCache(false, $additionalCacheID)) {
    // Module
    if (!CModule::IncludeModule("learning")) {
        $this->AbortResultCache();
        ShowError(GetMessage("LEARNING_MODULE_NOT_FOUND"));
        return;
    }
    if ($arParams["CHECK_PERMISSIONS"] !== 'N') {
        try {
            $arPermissionsParams = array('COURSE_ID' => $arParams['COURSE_ID'], 'LESSON_ID' => $arParams['LESSON_ID']);
            $isAccessible = CLearnAccessMacroses::CanUserViewLessonAsPublic($arPermissionsParams);
        } catch (Exception $e) {
            $isAccessible = false;
            // access denied
        }
コード例 #14
0
ファイル: options.php プロジェクト: DarneoStudio/bitrix
:</td>
				<td>/learning/course/index.php?COURSE_ID=#COURSE_ID#&CHAPTER_ID=#CHAPTER_ID#</td>
			</tr>
			<tr>
				<td align="right"><?php 
echo GetMessage("LEARNING_SITE_PATH_SITE_LESSON");
?>
:</td>
				<td>/learning/course/index.php?COURSE_ID=#COURSE_ID#&LESSON_ID=#LESSON_ID#</td>
			</tr>
			</table>
		</td>
	</tr>

<?php 
if (CLearnAccess::IsLoggedUserCanAccessModuleSettings()) {
    $tabControl->BeginNextTab();
    CLearnRenderRightsEdit::RenderBaseRightsTab($USER->GetID(), 'BASE_RIGHTS');
}
?>

<?php 
$tabControl->Buttons();
?>
<script language="JavaScript">
function RestoreDefaults()
{
	if(confirm('<?php 
echo AddSlashes(GetMessage("MAIN_HINT_RESTORE_DEFAULTS_WARNING"));
?>
'))
コード例 #15
0
 public static function CanViewAdminMenu()
 {
     global $USER;
     if ($USER->IsAdmin()) {
         return true;
     }
     $oAccess = CLearnAccess::GetInstance($USER->GetID());
     if ($oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_READ) && ($oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_CREATE) || $oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_WRITE) || $oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_REMOVE) || $oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_CREATE) || $oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_LINK_TO_PARENTS) || $oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_UNLINK_FROM_PARENTS) || $oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_LINK_DESCENDANTS) || $oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_UNLINK_DESCENDANTS) || $oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_MANAGE_RIGHTS))) {
         return true;
     }
     if ($oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_CREATE)) {
         return true;
     }
     $db = CCourse::GetList(array(), array("CHECK_PERMISSIONS" => "Y", "ACCESS_OPERATIONS" => CLearnAccess::OP_LESSON_CREATE | CLearnAccess::OP_LESSON_WRITE | CLearnAccess::OP_LESSON_REMOVE | CLearnAccess::OP_LESSON_LINK_TO_PARENTS | CLearnAccess::OP_LESSON_UNLINK_FROM_PARENTS | CLearnAccess::OP_LESSON_LINK_DESCENDANTS | CLearnAccess::OP_LESSON_UNLINK_DESCENDANTS | CLearnAccess::OP_LESSON_MANAGE_RIGHTS), array("nTopCount" => 1));
     return $db->Fetch() !== false;
 }