public static function GetFilter($arFilter, $sAliasPrefix = "", $arParams = false)
{
global $USER;
if (!is_array($arFilter)) {
$arFilter = array();
}
$arSqlSearch = array();
if (is_array($arParams) && array_key_exists('USER_ID', $arParams) && $arParams['USER_ID'] > 0) {
$userID = (int) $arParams['USER_ID'];
} else {
$userID = is_object($USER) ? intval($USER->GetID()) : 0;
}
$bGetZombie = false;
if (isset($arParams['bGetZombie'])) {
$bGetZombie = (bool) $arParams['bGetZombie'];
}
// if TRUE will be generated constraint for members
$bMembersTableJoined = false;
if (isset($arParams['bMembersTableJoined'])) {
$bMembersTableJoined = (bool) $arParams['bMembersTableJoined'];
}
$sql = self::GetSqlByFilter($arFilter, $userID, $sAliasPrefix, $bGetZombie, $bMembersTableJoined);
if (strlen($sql)) {
$arSqlSearch[] = $sql;
}
if (!CTasksTools::IsAdmin($userID) && !CTasksTools::IsPortalB24Admin($userID) && $arFilter["CHECK_PERMISSIONS"] != "N" && $arFilter["SUBORDINATE_TASKS"] != "Y") {
$arSubSqlSearch = array($sAliasPrefix . "T.CREATED_BY = " . $userID, $sAliasPrefix . "T.RESPONSIBLE_ID = " . $userID, "EXISTS(SELECT 'x' FROM b_tasks_member " . $sAliasPrefix . "TM WHERE " . $sAliasPrefix . "TM.TASK_ID = " . $sAliasPrefix . "T.ID AND " . $sAliasPrefix . "TM.USER_ID = " . $userID . ")");
// subordinate check
if ($strSql = CTasks::GetSubordinateSql($sAliasPrefix, $arParams)) {
$arSubSqlSearch[] = "EXISTS(" . $strSql . ")";
}
// group permission check
if ($arAllowedGroups = CTasks::GetAllowedGroups($arParams)) {
$arSubSqlSearch[] = "(" . $sAliasPrefix . "T.GROUP_ID IN (" . implode(",", $arAllowedGroups) . "))";
}
$arSqlSearch[] = " \n -- permissions check: start\n (" . implode(" OR ", $arSubSqlSearch) . ") \n -- permissions check: end\n";
}
return $arSqlSearch;
}
public static function beforeViewDataQuery(&$select, &$filter, &$group, &$order, &$limit, &$options, &$runtime)
{
parent::beforeViewDataQuery($select, $filter, $group, $order, $limit, $options, $runtime);
global $USER, $DB, $DBType;
$permFilter = array('LOGIC' => 'OR');
// owner permission
if (isset($_GET['select_my_tasks']) || !isset($_GET['select_my_tasks']) && !isset($_GET['select_depts_tasks']) && !isset($_GET['select_group_tasks'])) {
$runtime['IS_TASK_COWORKER'] = array('data_type' => 'integer', 'expression' => array("(CASE WHEN EXISTS(" . "SELECT 'x' FROM b_tasks_member TM " . "WHERE TM.TASK_ID = " . $DB->escL . (ToUpper($DBType) === "ORACLE" ? "TASKS_TASK" : "tasks_task") . $DB->escR . ".ID AND TM.USER_ID = " . $USER->GetID() . " AND TM.TYPE = 'A'" . ") THEN 1 ELSE 0 END)"));
$permFilter[] = array('LOGIC' => 'OR', '=RESPONSIBLE_ID' => $USER->GetID(), '=IS_TASK_COWORKER' => 1);
}
// own departments permission
if (isset($_GET['select_depts_tasks'])) {
$permFilterDepts = array('LOGIC' => 'OR', '=CREATED_BY' => $USER->GetID());
$deptsPermSql = CTasks::GetSubordinateSql('__ULTRAUNIQUEPREFIX__');
if (strlen($deptsPermSql)) {
$deptsPermSql = "EXISTS(" . $deptsPermSql . ")";
$deptsPermSql = str_replace('__ULTRAUNIQUEPREFIX__T.', $DB->escL . (ToUpper($DBType) === "ORACLE" ? "TASKS_TASK" : "tasks_task") . $DB->escR . '.', $deptsPermSql);
$deptsPermSql = str_replace('__ULTRAUNIQUEPREFIX__', '', $deptsPermSql);
$runtime['IS_SUBORDINATED_TASK'] = array('data_type' => 'integer', 'expression' => array("(CASE WHEN " . $deptsPermSql . " THEN 1 ELSE 0 END)"));
$permFilterDepts[] = array('!RESPONSIBLE_ID' => $USER->GetID(), '=IS_SUBORDINATED_TASK' => 1);
}
$permFilter[] = $permFilterDepts;
}
// group permission
if (isset($_GET['select_group_tasks'])) {
$allowedGroups = CTasks::GetAllowedGroups();
$permFilter[] = array('=GROUP_ID' => $allowedGroups);
}
// re-aggregate aggregated subquery in DURATION for mssql
if (\Bitrix\Main\Application::getConnection() instanceof \Bitrix\Main\DB\MssqlConnection) {
foreach ($select as $k => $v) {
if (substr($k, -9) == '_DURATION') {
// we have aggregated duration
$subQuery = new \Bitrix\Main\Entity\Query(\Bitrix\Tasks\ElapsedTimeTable::getEntity());
$subQuery->addSelect('TASK_ID');
$subQuery->addSelect(new \Bitrix\Main\Entity\ExpressionField('DURATION', 'ROUND(SUM(%s)/60, 0)', 'SECONDS'));
$subEntity = \Bitrix\Main\Entity\Base::getInstanceByQuery($subQuery);
// make reference
$subReferenceName = $k . '_REF';
$runtime[$subReferenceName] = array('data_type' => $subEntity, 'reference' => array('=this.ID' => 'ref.TASK_ID'));
// rewrite aggregated duration (put it in the end, after refence)
$runtimeField = $runtime[$k];
unset($runtime[$k]);
$runtimeField['expression'][1] = $subReferenceName . '.DURATION';
$runtime[$k] = $runtimeField;
} else {
if (substr($k, -20) == '_DURATION_FOR_PERIOD' && isset($options['SQL_TIME_INTERVAL'])) {
// we have aggregated DURATION_FOR_PERIOD field
$subQuery = new \Bitrix\Main\Entity\Query(\Bitrix\Tasks\ElapsedTimeTable::getEntity());
$subQuery->addSelect('TASK_ID');
$subQuery->addSelect(new \Bitrix\Main\Entity\ExpressionField('DURATION_FOR_PERIOD', 'ROUND((SUM(CASE WHEN CREATED_DATE ' . $options['SQL_TIME_INTERVAL'] . ' THEN %s ELSE 0 END)/60),0)', 'SECONDS'));
$subEntity = \Bitrix\Main\Entity\Base::getInstanceByQuery($subQuery);
// make reference
$subReferenceName = $k . '_REF';
$runtime[$subReferenceName] = array('data_type' => $subEntity, 'reference' => array('=this.ID' => 'ref.TASK_ID'));
// rewrite aggregated duration (put it in the end, after refence)
$runtimeField = $runtime[$k];
unset($runtime[$k]);
$runtimeField['expression'][1] = $subReferenceName . '.DURATION_FOR_PERIOD';
$runtime[$k] = $runtimeField;
}
}
}
}
// concat permissions with common filter
$filter[] = $permFilter;
}
public static function getPermissionFilterConditions($arParams, $behaviour = array('ALIAS' => '', 'USE_PLACEHOLDERS' => false))
{
global $USER;
if (!is_array($behaviour)) {
$behaviour = array();
}
if (!isset($behaviour['ALIAS'])) {
$behaviour['ALIAS'] = '';
}
if (!isset($behaviour['USE_PLACEHOLDERS'])) {
$behaviour['USE_PLACEHOLDERS'] = false;
}
$arSubSqlSearch = array();
$fields = array();
$a = $behaviour['ALIAS'];
$b = $behaviour;
$f =& $fields;
if (is_array($arParams) && array_key_exists('USER_ID', $arParams) && $arParams['USER_ID'] > 0) {
$userID = (int) $arParams['USER_ID'];
} else {
$userID = is_object($USER) ? intval($USER->GetID()) : 0;
}
if (!CTasksTools::IsAdmin($userID) && !CTasksTools::IsPortalB24Admin($userID)) {
$arSubSqlSearch = array(static::placeFieldSql('CREATED_BY', $b, $f) . " = '" . $userID . "'", static::placeFieldSql('RESPONSIBLE_ID', $b, $f) . " = '" . $userID . "'", "EXISTS(\n\t\t\t\t\tSELECT 'x' \n\t\t\t\t\tFROM b_tasks_member " . $a . "TM \n\t\t\t\t\tWHERE \n\t\t\t\t\t\t" . $a . "TM.TASK_ID = " . static::placeFieldSql('ID', $b, $f) . " AND " . $a . "TM.USER_ID = '" . $userID . "'\n\t\t\t\t)");
// subordinate check
$arParams['FIELDS'] =& $fields;
if ($strSql = CTasks::GetSubordinateSql($a, $arParams, $behaviour)) {
$arSubSqlSearch[] = "EXISTS(" . $strSql . ")";
}
// group permission check
if ($arAllowedGroups = CTasks::GetAllowedGroups($arParams)) {
$arSubSqlSearch[] = "(" . static::placeFieldSql('GROUP_ID', $b, $f) . " IN (" . implode(",", $arAllowedGroups) . "))";
}
}
return array($arSubSqlSearch, $fields);
}