function InstallDB($arParams = array()) { global $DB, $DBType, $APPLICATION; $this->errors = false; // Database tables creation $bDBInstall = !$DB->Query("SELECT 'x' FROM b_workflow_document WHERE 1=0", true); if ($bDBInstall) { $this->errors = $DB->RunSQLBatch($_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/workflow/install/db/" . $DBType . "/install.sql"); } if ($this->errors !== false) { $APPLICATION->ThrowException(implode("<br>", $this->errors)); return false; } else { RegisterModule("workflow"); CModule::IncludeModule("workflow"); if ($bDBInstall) { $obWorkflowStatus = new CWorkflowStatus(); $obWorkflowStatus->Add(array("~TIMESTAMP_X" => $DB->GetNowFunction(), "C_SORT" => 300, "ACTIVE" => "Y", "TITLE" => GetMessage("FLOW_INSTALL_PUBLISHED"), "IS_FINAL" => "Y", "NOTIFY" => "N")); $obWorkflowStatus->Add(array("~TIMESTAMP_X" => $DB->GetNowFunction(), "C_SORT" => 100, "ACTIVE" => "Y", "TITLE" => GetMessage("FLOW_INSTALL_DRAFT"), "IS_FINAL" => "N", "NOTIFY" => "N")); $obWorkflowStatus->Add(array("~TIMESTAMP_X" => $DB->GetNowFunction(), "C_SORT" => 200, "ACTIVE" => "Y", "TITLE" => GetMessage("FLOW_INSTALL_READY"), "IS_FINAL" => "N", "NOTIFY" => "Y")); } RegisterModuleDependences("main", "OnPanelCreate", "workflow", "CWorkflow", "OnPanelCreate", "200"); RegisterModuleDependences("main", "OnChangeFile", "workflow", "CWorkflow", "OnChangeFile"); //agents CAgent::RemoveAgent("CWorkflow::CleanUp();", "workflow"); CAgent::AddAgent("CWorkflow::CleanUp();", "workflow", "N"); return true; } }
function GetByFilename($FILENAME, $SITE_ID, $arFilter = false) { if (!is_array($arFilter)) { $arFilter = array("!STATUS_ID" => 1); } $obQueryWhere = new CSQLWhere(); $obQueryWhere->SetFields(array("STATUS_ID" => array("TABLE_ALIAS" => "D", "FIELD_NAME" => "D.STATUS_ID", "FIELD_TYPE" => "int", "JOIN" => false))); $strSqlWhere = $obQueryWhere->GetQuery($arFilter); $err_mess = CWorkflowStatus::err_mess() . "<br>Function: GetByFilename<br>Line: "; global $DB, $USER; $MAX_LOCK = intval(COption::GetOptionString("workflow", "MAX_LOCK_TIME", "60")); $uid = intval($USER->GetID()); $strSql = "\n\t\t\tSELECT\n\t\t\t\tD.*,\n\t\t\t\t" . $DB->DateToCharFunction("D.DATE_ENTER") . " DATE_ENTER,\n\t\t\t\t" . $DB->DateToCharFunction("D.DATE_MODIFY") . " DATE_MODIFY,\n\t\t\t\t" . $DB->DateToCharFunction("D.DATE_LOCK") . " DATE_LOCK,\n\t\t\t\tconcat('(',UM.LOGIN,') ',ifnull(UM.NAME,''),' ',ifnull(UM.LAST_NAME,'')) MUSER_NAME,\n\t\t\t\tconcat('(',UE.LOGIN,') ',ifnull(UE.NAME,''),' ',ifnull(UE.LAST_NAME,'')) EUSER_NAME,\n\t\t\t\tconcat('(',UL.LOGIN,') ',ifnull(UL.NAME,''),' ',ifnull(UL.LAST_NAME,'')) LUSER_NAME,\n\t\t\t\tS.TITLE STATUS_TITLE,\n\t\t\t\tif (D.DATE_LOCK is null, 'green',\n\t\t\t\t\tif(DATE_ADD(D.DATE_LOCK, interval {$MAX_LOCK} MINUTE)<now(), 'green',\n\t\t\t\t\t\tif(D.LOCKED_BY={$uid}, 'yellow', 'red'))) LOCK_STATUS\n\t\t\tFROM\n\t\t\t\tb_workflow_document D\n\t\t\t\tLEFT JOIN b_user UM ON (UM.ID = D.MODIFIED_BY)\n\t\t\t\tLEFT JOIN b_user UE ON (UE.ID = D.ENTERED_BY)\n\t\t\t\tLEFT JOIN b_user UL ON (UL.ID = D.LOCKED_BY)\n\t\t\t\tLEFT JOIN b_workflow_status S ON (S.ID = D.STATUS_ID)\n\t\t\tWHERE\n\t\t\t\tSITE_ID = '" . $DB->ForSql($SITE_ID, 2) . "'\n\t\t\t\tAND D.FILENAME = '" . $DB->ForSql($FILENAME, 255) . "'\n\t\t\t\t" . ($strSqlWhere ? "AND " . $strSqlWhere : "") . "\n\t\t"; $res = $DB->Query($strSql, false, $err_mess . __LINE__); return $res; }
function CheckFields() { global $DB, $strError, $FILENAME, $APPLICATION, $ID, $BODY, $USER, $SITE_ID, $STATUS_ID, $DOC_ROOT; $str = ""; $arMsg = array(); $SCRIPT_FILE_TYPE = GetFileType($FILENAME); $FILENAME = trim($FILENAME); $FILENAME = "/" . ltrim(_normalizePath($FILENAME), "/"); $io = CBXVirtualIo::GetInstance(); if (strlen($FILENAME) <= 0) { $arMsg[] = array("id" => "FILENAME", "text" => GetMessage("FLOW_FORGOT_FILENAME")); } elseif (!$io->ValidatePathString($FILENAME)) { $arMsg[] = array("id" => "FILENAME", "text" => GetMessage("FLOW_FILE_NAME_NOT_VALID")); } elseif ($SCRIPT_FILE_TYPE != "SOURCE") { $arMsg[] = array("id" => "FILENAME", "text" => GetMessage("FLOW_INCORRECT_FILETYPE")); } else { $SITE_ID = CWorkflow::__CheckSite($SITE_ID); if (!$SITE_ID) { $SITE_ID = CSite::GetSiteByFullPath($_SERVER['DOCUMENT_ROOT'] . $FILENAME); } if (!$USER->CanDoFileOperation('fm_edit_in_workflow', array($SITE_ID, $FILENAME))) { $s = str_replace("#FILENAME#", "{$FILENAME}", GetMessage("FLOW_ACCESS_DENIED")); $arMsg[] = array("id" => "FILENAME", "text" => $s . ": " . GetMessage("FLOW_MIN_RIGHTS")); } elseif ($STATUS_ID == 1 && !($USER->CanDoFileOperation('fm_edit_existent_file', array($SITE_ID, $FILENAME)) && $USER->CanDoFileOperation('fm_create_new_file', array($SITE_ID, $FILENAME)))) { $arMsg[] = array("id" => "FILENAME", "text" => GetMessage("FLOW_ACCESS_DENIED_FOR_FILE_WRITE", array("#FILENAME#" => $FILENAME))); } else { $z = CWorkflow::GetByFilename($FILENAME, $SITE_ID); if ($zr = $z->Fetch()) { if ($zr["ID"] != $ID && $zr["STATUS_ID"] != 1) { $arMsg[] = array("id" => "FILENAME", "text" => str_replace("#FILENAME#", $FILENAME, GetMessage("FLOW_FILENAME_EXIST"))); } } } } if (!CWorkflow::IsAdmin()) { $arGroups = $USER->GetUserGroupArray(); if (!is_array($arGroups)) { $arGroups = array(2); } $arFilter = array("GROUP_ID" => $arGroups, "PERMISSION_TYPE_1" => 1, "ID_EXACT_MATCH" => "Y", "ID" => $STATUS_ID); $rsStatuses = CWorkflowStatus::GetList($by = "s_c_sort", $strOrder, $arFilter, $is_filtered, array("ID")); if (!$rsStatuses->Fetch()) { $arMsg[] = array("id" => "STATUS_ID", "text" => GetMessage("FLOW_ERROR_WRONG_STATUS")); } } $bIsPhp = IsPHP($BODY); if ($bIsPhp) { if ($USER->CanDoFileOperation('fm_lpa', array($SITE_ID, $FILENAME)) && !$USER->CanDoOperation('edit_php')) { if (CModule::IncludeModule("fileman")) { $old_res = CFileman::ParseFileContent($APPLICATION->GetFileContent($DOC_ROOT . $FILENAME), true); $old_BODY = $old_res["CONTENT"]; $BODY = CMain::ProcessLPA($BODY, $old_BODY); } else { $arMsg[] = array("id" => "BODY", "text" => "Error! Fileman is not included!"); } } else { if (!$USER->CanDoOperation('edit_php')) { $arMsg[] = array("id" => "BODY", "text" => GetMessage("FLOW_PHP_IS_NOT_AVAILABLE")); } } } if (!empty($arMsg)) { $e = new CAdminException($arMsg); $GLOBALS["APPLICATION"]->ThrowException($e); return false; } return true; }
<tr id="tr_WF_STATUS_ID"> <td><?echo $tabControl->GetCustomLabelHTML()?></td> <td> <?if($ID > 0 && !$bCopy):?> <?echo SelectBox("WF_STATUS_ID", CWorkflowStatus::GetDropDownList("N", "desc"), "", $str_WF_STATUS_ID);?> <?else:?> <?echo SelectBox("WF_STATUS_ID", CWorkflowStatus::GetDropDownList("N", "desc"), "", "");?> <?endif?> </td> </tr> <? if($ID > 0 && !$bCopy) $hidden = '<input type="hidden" name="WF_STATUS_ID" value="'.$str_WF_STATUS_ID.'">'; else { $rsStatus = CWorkflowStatus::GetDropDownList("N", "desc"); $arDefaultStatus = $rsStatus->Fetch(); if($arDefaultStatus) $def_WF_STATUS_ID = intval($arDefaultStatus["REFERENCE_ID"]); else $def_WF_STATUS_ID = ""; $hidden = '<input type="hidden" name="WF_STATUS_ID" value="'.$def_WF_STATUS_ID.'">'; } $tabControl->EndCustomField("WF_STATUS_ID", $hidden); endif; $tabControl->BeginCustomField("WF_COMMENTS", GetMessage("IBLOCK_COMMENTS")); ?> <tr class="heading" id="tr_WF_COMMENTS_LABEL"> <td colspan="2"><b><?echo $tabControl->GetCustomLabelHTML()?></b></td> </tr> <tr id="tr_WF_COMMENTS">
} /************** Paths **********************************************/ $arResult["ELEMENT"]["URL"] += array("~DOWNLOAD_ORIGINAL" => CComponentEngine::MakePathFromTemplate($arParams["~ELEMENT_HISTORY_GET_URL"], array("ELEMENT_ID" => $arResult["ELEMENT_ORIGINAL"]["ID"], "ID" => $arResult["ELEMENT_ORIGINAL"]["ID"], "ELEMENT_NAME" => $arResult["ELEMENT_ORIGINAL"]["NAME"])), "DOWNLOAD_ORIGINAL" => CComponentEngine::MakePathFromTemplate($arParams["ELEMENT_HISTORY_GET_URL"], array("ELEMENT_ID" => $arResult["ELEMENT_ORIGINAL"]["ID"], "ID" => $arResult["ELEMENT_ORIGINAL"]["ID"], "ELEMENT_NAME" => $arResult["ELEMENT_ORIGINAL"]["NAME"])), "DOWNLOAD" => CComponentEngine::MakePathFromTemplate($arParams["ELEMENT_HISTORY_GET_URL"], array("ELEMENT_ID" => $arResult["ELEMENT"]["ID"], "ID" => $arResult["ELEMENT"]["ID"], "ELEMENT_NAME" => $arResult["ELEMENT"]["NAME"]))); $arResult["ELEMENT"]["URL"]["FILE"] = $arResult["ELEMENT"]["URL"]["THIS"]; $arResult["ELEMENT"]["URL"]["UPLOAD"] = CComponentEngine::MakePathFromTemplate($arParams["ELEMENT_UPLOAD_URL"], array("PATH" => $path, "SECTION_ID" => $arParams["SECTION_ID"])); $arResult["URL"] = array("WEBDAV_START_BIZPROC" => $arResult["ELEMENT"]["URL"]["BP_START"], "BP" => $arResult["ELEMENT"]["URL"]["BP"]); $arResult["~ELEMENT"] = $arResult["ELEMENT"]; /******************************************************************** /Data ********************************************************************/ /******************************************************************** Data ********************************************************************/ $arResult["SECTION_LIST"] = $ob->GetSectionsTree(array("path" => "/")); if ($arParams["USE_WORKFLOW"] == "Y") { $db_res = CWorkflowStatus::GetDropDownList($arParams["PERMISSION"] < "W" ? "N" : "Y", "desc"); if ($db_res && ($res = $db_res->Fetch())) { do { $arResult["WF_STATUSES"][intVal($res["REFERENCE_ID"])] = $res["REFERENCE"]; $arResult["WF_STATUSES_PERMISSION"][intVal($res["REFERENCE_ID"])] = $arParams["PERMISSION"] < "W" ? CIBlockElement::WF_GetStatusPermission($res["REFERENCE_ID"]) : 2; if ($arResult["WF_STATUSES_PERMISSION"][intVal($res["REFERENCE_ID"])] == 2) { $iEditStatus = intVal($res["REFERENCE_ID"]); } } while ($res = $db_res->Fetch()); } } /******************************************************************** /Data ********************************************************************/ /******************************************************************** Actions
if (check_bitrix_sessid() && $_REQUEST["delete"] == "Y" && $arResult["CAN_DELETE"]) { $arParams["ID"] = intval($_REQUEST["CODE"]); // try to get element with id, for user and for iblock $rsElement = CIBLockElement::GetList(array(), array_merge($arFilter, array("ID" => $arParams["ID"]))); if ($arElement = $rsElement->GetNext()) { // delete one $DB->StartTransaction(); if (!CIBlockElement::Delete($arElement["ID"])) { $DB->Rollback(); } else { $DB->Commit(); } } } if ($bWorkflowIncluded) { $rsWFStatus = CWorkflowStatus::GetList($by = "c_sort", $order = "asc", array("ACTIVE" => "Y"), $is_filtered); $arResult["WF_STATUS"] = array(); while ($arStatus = $rsWFStatus->GetNext()) { $arResult["WF_STATUS"][$arStatus["ID"]] = $arStatus["TITLE"]; } } else { $arResult["ACTIVE_STATUS"] = array("Y" => GetMessage("IBLOCK_FORM_STATUS_ACTIVE"), "N" => GetMessage("IBLOCK_FORM_STATUS_INACTIVE")); } // get elements list using generated filter //echo "<pre>"; print_r($arParams); echo "</pre>"; //echo "<pre>"; print_r($arFilter); echo "</pre>"; $rsIBlockElements = CIBlockElement::GetList(array("SORT" => "ASC"), $arFilter); $arResult["ELEMENTS_COUNT"] = $rsIBlockElements->SelectedRowsCount(); //$page_split = intval(COption::GetOptionString("iblock", "RESULTS_PAGEN")); $arParams["NAV_ON_PAGE"] = intval($arParams["NAV_ON_PAGE"]); $arParams["NAV_ON_PAGE"] = $arParams["NAV_ON_PAGE"] > 0 ? $arParams["NAV_ON_PAGE"] : 10;
public static function GetEditLink($FILENAME, &$status_id, &$status_title, $template = "", $lang = LANGUAGE_ID, $return_url = "") { $err_mess = CAllWorkflow::err_mess() . "<br>Function: GetEditLink<br>Line: "; global $DB, $APPLICATION, $USER; $link = ''; CMain::InitPathVars($SITE_ID, $FILENAME); if ($USER->CanDoFileOperation('fm_edit_in_workflow', array($SITE_ID, $FILENAME))) { //Check if user have access at least to one status if (!CWorkflow::IsAdmin()) { $arGroups = $USER->GetUserGroupArray(); if (!is_array($arGroups)) { $arGroups = array(2); } $arFilter = array("GROUP_ID" => $arGroups, "PERMISSION_TYPE_1" => 1); $rsStatuses = CWorkflowStatus::GetList($by = "s_c_sort", $strOrder, $arFilter, $is_filtered, array("ID")); if (!$rsStatuses->Fetch()) { return ""; } } $link = "/bitrix/admin/workflow_edit.php?lang=" . $lang . "&site=" . $SITE_ID . "&fname=" . $FILENAME; if (strlen($template) > 0) { $link .= "&template=" . urlencode($template); } if (strlen($return_url) > 0) { $link .= "&return_url=" . urlencode($return_url); } $z = CWorkflow::GetByFilename($FILENAME, $SITE_ID); if ($zr = $z->Fetch()) { $status_id = $zr["STATUS_ID"]; $status_title = $zr["STATUS_TITLE"]; if ($status_id != 1) { $DOCUMENT_ID = $zr["ID"]; if (CWorkflow::IsHaveEditRights($DOCUMENT_ID)) { $link .= "&ID=" . $DOCUMENT_ID; } else { return ""; } } } } return $link; }
echo GetMessage("IBLOCK_VALUE_ANY"); ?> </option><?php while ($arr = $res->Fetch()) { echo "<option value='" . $arr["ID"] . "'" . ($find_modified_by == $arr["ID"] ? " selected" : "") . ">(" . htmlspecialcharsbx($arr["LOGIN"] . ") " . $arr["NAME"] . " " . $arr["LAST_NAME"]) . "</option>"; } ?> </select> </td> </tr> <tr> <td><?php echo GetMessage("IBLOCK_FIELD_STATUS"); ?> :</td> <td><input type="text" name="find_status_id" value="<?php echo htmlspecialcharsbx($find_status_id); ?> " size="3"> <?php echo SelectBox("find_status", CWorkflowStatus::GetDropDownList("Y"), GetMessage("IBLOCK_ALL"), htmlspecialcharsbx($find_status)); ?> </td> </tr> <?php $oFilter->Buttons(array("table_id" => $sTableID, "url" => $APPLICATION->GetCurPage() . "?type=" . htmlspecialcharsbx($type) . "&IBLOCK_ID=" . intval($IBLOCK_ID) . "&ELEMENT_ID=" . $ELEMENT_ID, "form" => "find_form")); $oFilter->End(); ?> </form> <?php $lAdmin->DisplayList(); require $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/epilog_admin.php";
$arDocumentStates = array(); $arResult["CurrentUserGroups"] = array_merge(array("Author"), $ob->USER["GROUPS"]); /******************************************************************** /Default params ********************************************************************/ /******************************************************************** Data ********************************************************************/ if ($ob->workflow == "workflow") { if ($ob->e_rights) { $arSectionRights = $ob->GetPermission('SECTION', $arParams['SECTION_ID']); $perms = isset($arSectionRights['section_rights_edit']) ? 'Y' : 'N'; } else { $perms = $arParams["PERMISSION"] < "W" ? "N" : "Y"; } $db_res = CWorkflowStatus::GetDropDownList($perms); $iEditStatus = 0; if ($db_res && ($res = $db_res->Fetch())) { do { $arResult["WF_STATUSES"][intVal($res["REFERENCE_ID"])] = $res["REFERENCE"]; $arResult["WF_STATUSES_PERMISSION"][intVal($res["REFERENCE_ID"])] = $perms < "W" ? CIBlockElement::WF_GetStatusPermission($res["REFERENCE_ID"]) : 2; if ($arResult["WF_STATUSES_PERMISSION"][intVal($res["REFERENCE_ID"])] == 2) { $iEditStatus = intVal($res["REFERENCE_ID"]); } } while ($res = $db_res->Fetch()); } if (empty($arResult["WF_STATUSES"])) { __WDShowError(GetMessage("WD_ACCESS_DENIED")); return 0; } elseif (empty($_REQUEST["WF_STATUS_ID"]) && $iEditStatus > 0) { if (array_key_exists(1, $arResult["WF_STATUSES"])) {
function CheckWebRights($method = "", $arParams = array(), $simple = true) { if ($this->withoutAuthorization) { return true; } $strong = $method !== ""; $path = ''; if (is_array($arParams['arElement'])) { $path = isset($arParams['arElement']['item_id']) ? $arParams['arElement']['item_id'] : ''; } elseif (is_string($arParams['arElement'])) { $path = $arParams['arElement']; } $result = $this->CheckRights($method, $strong, $path); if (!$result || $simple) { return $result; } $arError = array(); $action = strtolower(is_set($arParams, "action") ? $arParams["action"] : $arParams["ACTION"]); $arElement = is_set($arParams, "arElement") ? $arParams["arElement"] : array(); static $arErrors = array(); $static_id = md5(serialize(array($action, $arElement["ID"], $GLOBALS["USER"]->GetID()))); if (array_key_exists($static_id, $arErrors)) { $arError = $arErrors[$static_id]; } else { if ($this->e_rights) { foreach (array('arElement', 'from', 'to') as $elm) { if (is_set($arParams, $elm)) { if ((!isset($arParams[$elm]['not_found']) || $arParams[$elm]['not_found'] === true) && !in_array($action, array('create', 'copy', 'move', 'mkcol'))) { $arError[] = array("id" => "bad_element", "text" => GetMessage("WD_FILE_ERROR105")); } } } if (empty($arError)) { if ($action == 'copy') { //from[] //to[] $arTo = isset($arParams['to']) ? $arParams['to'] : array(); $arFrom = isset($arParams['from']) ? $arParams['from'] : array(); $nCount = min(sizeof($arTo), sizeof($arFrom)); for ($i = 0; $i < $nCount; $i++) { $To = $arTo[$i]; $From = $arFrom[$i]; $type = $To['is_file'] ? 'ELEMENT' : 'SECTION'; $id = $To['not_found'] ? $To['parent_id'] : $To['item_id']; $op = $From['is_file'] ? 'section_element_bind' : 'section_section_bind'; if (!$this->GetPermission($type, $id, $op)) { $arError[] = array("id" => "", "text" => GetMessage("WD_ACCESS_DENIED")); } } } elseif ($action == 'create' || $action == 'mkcol') { //arElement //null if (empty($arElement)) { $arParent = $this->GetObject(); $bAllowEdit = false; if ($arParent['not_found'] === false) { $bAllowEdit = $this->GetPermission($arParent['is_file'] ? 'ELEMENT' : 'SECTION', $arParent['item_id'], 'element_edit'); } return $bAllowEdit; } else { $type = 'SECTION'; if (isset($arElement['parent_id']) && $arElement['parent_id'] > 0) { $id = $arElement['parent_id']; } else { $id = $this->IBLOCK_ID; $type = 'IBLOCK'; } if ($action == 'mkcol') { return $this->GetPermission($type, $id, 'section_section_bind'); } if ($arElement['is_dir']) { if (!$this->GetPermission($type, $id, 'section_section_bind')) { $arError[] = array("id" => "", "text" => GetMessage("WD_ACCESS_DENIED")); } } else { if (!empty($arParams['create_element_in_section']) || $this->workflow != "workflow" && $this->workflow != "bizproc") { if (!$this->GetPermission($type, $id, 'section_element_bind')) { $arError[] = array("id" => "cannot_create", "text" => GetMessage("WD_ACCESS_DENIED")); } } elseif ($this->workflow == "workflow") { $db_res = CWorkflowStatus::GetDropDownList("N", "desc"); if (!($db_res && ($res = $db_res->Fetch()))) { $arError[] = array("id" => "bad_wf_statuses", "text" => GetMessage("WD_ACCESS_DENIED")); } } elseif ($this->workflow == 'bizproc') { $arDocumentStates = CBPDocument::GetDocumentStates($this->wfParams['DOCUMENT_TYPE'], null); $arUserGroups = $this->USER["GROUPS"]; $arUserGroups[] = "Author"; $canWrite = false; if (!CBPDocument::CanUserOperateDocumentType(CBPCanUserOperateOperation::WriteDocument, $GLOBALS["USER"]->GetID(), $this->wfParams['DOCUMENT_TYPE'], array("IBlockPermission" => $this->permission, "AllUserGroups" => $arUserGroups, "DocumentStates" => $arDocumentStates))) { $arError[] = array("id" => "bad_bizproc_permision", "text" => GetMessage("WD_ACCESS_DENIED")); } } } } } elseif ($action == 'delete' || $action == 'undelete') { //arElement $type = $arElement['is_dir'] ? 'SECTION' : 'ELEMENT'; if ($type == 'ELEMENT') { $res = $this->GetPermission($type, $arElement['item_id'], 'element_delete'); if (!$res) { $arError[] = array("id" => "", "text" => GetMessage("WD_ACCESS_DENIED")); } } else { $res = $this->GetPermission($type, $arElement['item_id'], 'section_delete', false); if (!$res) { $arError[] = array("id" => "", "text" => GetMessage("WD_ACCESS_DENIED")); } } } elseif ($action == 'destroy') { //arElement $id = $arElement['item_id']; $type = $arElement['is_dir'] ? 'SECTION' : 'ELEMENT'; $op = $arElement['is_dir'] ? 'section_delete' : 'element_delete'; if (!$this->GetPermission($type, $id, $op, false)) { $arError[] = array("id" => "", "text" => GetMessage("WD_ACCESS_DENIED")); } } elseif ($action == 'edit' || $action == 'lock' || $action == 'proppatch' || $action == 'delete_dropped') { //arElement $id = $arElement['item_id']; $type = $arElement['is_dir'] ? 'SECTION' : 'ELEMENT'; if ($arElement['is_dir']) { if (!$this->GetPermission($type, $id, 'section_edit')) { $arError[] = array("id" => "", "text" => GetMessage("WD_ACCESS_DENIED")); } } else { if ($arElement["LOCK_STATUS_BP"] == "red") { $arError[] = array("id" => "locked", "text" => GetMessage("WD_FILE_ERROR107")); } elseif ($this->check_creator && $arElement["CREATED_BY"] != $GLOBALS["USER"]->GetID()) { $arError[] = array("id" => "bad_author", "text" => GetMessage("WD_FILE_ERROR108")); } elseif ($this->GetPermission($type, $id, 'element_edit_any_wf_status')) { true; } elseif ($this->workflow == "workflow" && $this->GetPermission($type, $id, 'element_edit')) { $arWorkFlow = array("LAST_ID" => CIBlockElement::WF_GetLast($arElement["item_id"])); $arWorkFlow["STATUS_ID"] = CIBlockElement::WF_GetCurrentStatus($arWorkFlow["LAST_ID"], $arWorkFlow["STATUS_TITLE"]); $arWorkFlow["STATUS_PERMISSION"] = CIBlockElement::WF_GetStatusPermission($arWorkFlow["STATUS_ID"]); if ($arWorkFlow["STATUS_ID"] > 1 && $arWorkFlow["STATUS_PERMISSION"] < 2) { $arError[] = array("id" => "bad_wf_status_permission", "text" => GetMessage("WD_FILE_ERROR109")); } } elseif ($this->workflow == 'bizproc' && $this->GetPermission($type, $id, 'element_edit')) { $documentId = $this->wfParams['DOCUMENT_TYPE']; $documentId[2] = $arElement["item_id"]; $arDocumentStates = CBPDocument::GetDocumentStates($this->wfParams['DOCUMENT_TYPE'], $documentId); $arUserGroups = $this->USER["GROUPS"]; if ($arElement["CREATED_BY"] == $GLOBALS["USER"]->GetID()) { $arUserGroups[] = "Author"; } if (!CBPDocument::CanUserOperateDocument(CBPCanUserOperateOperation::WriteDocument, $GLOBALS["USER"]->GetID(), $documentId, array("IBlockPermission" => $this->permission, "AllUserGroups" => $arUserGroups, "DocumentStates" => $arDocumentStates))) { $arError[] = array("id" => "bad_bizproc_permision", "text" => GetMessage("WD_ACCESS_DENIED")); } } else { $arError[] = array("id" => "bad_permision", "text" => GetMessage("WD_ACCESS_DENIED")); } } } elseif ($action == 'read' || $action == 'propfind') { //arElement, null if ($arElement) { $id = $arElement['item_id']; $type = $arElement['is_dir'] ? 'SECTION' : 'ELEMENT'; $op = $arElement['is_dir'] ? 'section_read' : 'element_read'; if (!$this->GetPermission($type, $id, $op)) { $arError[] = array("id" => "bad_permision", "text" => GetMessage("WD_ACCESS_DENIED")); } if ($type == 'SECTION' && $id == $this->GetMetaID('TRASH')) { if (!$this->GetPermission($type, $id, 'section_delete')) { $arError[] = array("id" => "bad_permision", "text" => GetMessage("WD_ACCESS_DENIED")); } } } else { if (!$this->GetPermission('IBLOCK', $this->IBLOCK_ID, 'section_read')) { $arError[] = array("id" => "bad_permision", "text" => GetMessage("WD_ACCESS_DENIED")); } } } elseif ($action == 'move') { //from // auto recusive //to // auto recusive $arTo = isset($arParams['to']) ? $arParams['to'] : array(); $arFrom = isset($arParams['from']) ? $arParams['from'] : array(); $nCount = min(sizeof($arTo), sizeof($arFrom)); for ($i = 0; $i < $nCount; $i++) { $To = $arTo[$i]; $From = $arFrom[$i]; $type = $From['is_dir'] ? 'SECTION' : 'ELEMENT'; $id = $From['item_id']; $op = $From['is_dir'] ? 'section_edit' : 'element_edit'; if (!$this->GetPermission($type, $id, $op)) { $arError[] = array("id" => "bad_permision", "text" => GetMessage("WD_ACCESS_DENIED")); } if ($To['not_found']) { $type = 'SECTION'; $id = $To['parent_id']; $op = $arFrom['is_dir'] ? 'section_section_bind' : 'section_element_bind'; // TODO: bizproc ? if (!$this->GetPermission($type, $id, $op)) { $arError[] = array("id" => "bad_permision", "text" => GetMessage("WD_ACCESS_DENIED")); } } else { $type = $To['is_dir'] ? 'SECTION' : 'ELEMENT'; $id = $To['item_id']; $op = $To['is_dir'] ? $arFrom['is_dir'] ? 'section_section_bind' : 'section_element_bind' : 'element_edit'; // TODO: bizproc ? if (!$this->GetPermission($type, $id, $op)) { $arError[] = array("id" => "bad_permision", "text" => GetMessage("WD_ACCESS_DENIED")); } } } } } } else { // check iblock rights if ($this->permission < "R") { $arError[] = array("id" => "cannot_read", "text" => GetMessage("WD_ACCESS_DENIED")); } elseif ($this->permission > "U") { true; } elseif ($action == "read" || $action == "propfind") { true; } elseif ($this->permission < "U") { $arError[] = array("id" => "cannot_workflow", "text" => GetMessage("WD_ACCESS_DENIED")); } elseif ($action == "create") { if ($this->workflow != "workflow" && $this->workflow != "bizproc") { $arError[] = array("id" => "cannot_write", "text" => GetMessage("WD_ACCESS_DENIED")); } elseif ($this->workflow == "workflow") { $db_res = CWorkflowStatus::GetDropDownList("N", "desc"); if (!($db_res && ($res = $db_res->Fetch()))) { $arError[] = array("id" => "bad_wf_statuses", "text" => GetMessage("WD_ACCESS_DENIED")); } } elseif ($this->workflow == 'bizproc') { $arDocumentStates = CBPDocument::GetDocumentStates($this->wfParams['DOCUMENT_TYPE'], null); $arUserGroups = $this->USER["GROUPS"]; $arUserGroups[] = "Author"; $canWrite = false; if (!CBPDocument::CanUserOperateDocumentType(CBPCanUserOperateOperation::WriteDocument, $GLOBALS["USER"]->GetID(), $this->wfParams['DOCUMENT_TYPE'], array("IBlockPermission" => $this->permission, "AllUserGroups" => $arUserGroups, "DocumentStates" => $arDocumentStates))) { $arError[] = array("id" => "bad_bizproc_permision", "text" => GetMessage("WD_ACCESS_DENIED")); } } } elseif (!is_array($arElement) || empty($arElement)) { $arError[] = array("id" => "bad_element", "text" => GetMessage("WD_FILE_ERROR105")); } elseif ($action == "clone") { if ($this->workflow != "bizproc") { $arError[] = array("id" => "bad_workflow", "text" => GetMessage("WD_FILE_ERROR106")); } else { // User has to have permissions to read parent document && to create new document $arDocumentStates = CBPDocument::GetDocumentStates($this->wfParams['DOCUMENT_TYPE'], null); if (!($arElement["PERMISSION"] >= "R" && CBPDocument::CanUserOperateDocumentType(CBPCanUserOperateOperation::WriteDocument, $GLOBALS["USER"]->GetID(), $this->wfParams['DOCUMENT_TYPE'], array("IBlockPermission" => $this->permission, "AllUserGroups" => array_merge($this->USER["GROUPS"], array("author")), "DocumentStates" => $arDocumentStates)))) { $arError[] = array("id" => "bad_permission", "text" => GetMessage("WD_ACCESS_DENIED")); } } } elseif (!in_array($action, array("delete", "move", "edit", "unlock", "lock"))) { $arError[] = array("id" => "bad_action", "text" => GetMessage("WD_ERROR_BAD_ACTION")); } else { if ($arElement["LOCK_STATUS_BP"] == "red") { $arError[] = array("id" => "locked", "text" => GetMessage("WD_FILE_ERROR107")); } elseif ($arElement["LOCK_STATUS"] == "red" && ($action != "unlock" || $arElement["SHOW"]["UNLOCK"] != "Y")) { $arError[] = array("id" => "locked", "text" => str_replace(array("#ID#", "#DATE#"), array($arElement["locked_by"], $arElement["date_lock"]), GetMessage("WD_ERROR_ELEMENT_LOCKED"))); } elseif ($this->check_creator && $arElement["CREATED_BY"] != $GLOBALS["USER"]->GetID()) { $arError[] = array("id" => "bad_author", "text" => GetMessage("WD_FILE_ERROR108")); } elseif ($this->workflow == "workflow") { $arWorkFlow = array("LAST_ID" => CIBlockElement::WF_GetLast($arElement["item_id"])); $arWorkFlow["STATUS_ID"] = CIBlockElement::WF_GetCurrentStatus($arWorkFlow["LAST_ID"], $arWorkFlow["STATUS_TITLE"]); $arWorkFlow["STATUS_PERMISSION"] = CIBlockElement::WF_GetStatusPermission($arWorkFlow["STATUS_ID"]); if ($arWorkFlow["STATUS_ID"] > 1 && $arWorkFlow["STATUS_PERMISSION"] < 2) { $arError[] = array("id" => "bad_wf_status_permission", "text" => GetMessage("WD_FILE_ERROR109")); } } elseif ($this->workflow == 'bizproc') { $documentId = $this->wfParams['DOCUMENT_TYPE']; $documentId[2] = $arElement["item_id"]; $arDocumentStates = CBPDocument::GetDocumentStates($this->wfParams['DOCUMENT_TYPE'], $documentId); $arUserGroups = $this->USER["GROUPS"]; if ($arElement["CREATED_BY"] == $GLOBALS["USER"]->GetID()) { $arUserGroups[] = "Author"; } if (!CBPDocument::CanUserOperateDocument(CBPCanUserOperateOperation::WriteDocument, $GLOBALS["USER"]->GetID(), $documentId, array("IBlockPermission" => $this->permission, "AllUserGroups" => $arUserGroups, "DocumentStates" => $arDocumentStates))) { $arError[] = array("id" => "bad_bizproc_permision", "text" => GetMessage("WD_ACCESS_DENIED")); } } } } $arErrors[$static_id] = $arError; } if (empty($arError)) { $e = new CAdminException($arError); $this->LAST_ERROR = $e->GetString(); if ($this->LAST_ERROR == '<br>') { $this->LAST_ERROR = ''; } return true; } else { $e = new CAdminException($arError); $this->LAST_ERROR = $e->GetString(); if ($this->LAST_ERROR == '<br>') { $this->LAST_ERROR = ''; } return false; } }
if ($arFileTypes !== false) { foreach ($arFileTypes as $arFileType) { $arFilterFileTypes[$arFileType["ID"]] = $arFileType["NAME"]; } $arResult["FILTER"][] = array("id" => "doctype", "default" => true, "name" => GetMessage("WD_DOCTYPE"), "type" => "list", "items" => $arFilterFileTypes); } $arResult["FILTER"][] = array("id" => "?TAGS", "name" => GetMessage("WD_TITLE_TAGS"), "type" => "tags"); $arResult["FILTER"][] = array("id" => "user", "enable_settings" => false, "name" => GetMessage("WD_WHO"), "type" => "user"); $arResult["FILTER"][] = array("id" => "FILE_SIZE", "name" => GetMessage("WD_TITLE_FILE_SIZE"), "type" => "number"); $arResult["FILTER"][] = array("id" => "WF_LOCK_STATUS", "name" => GetMessage("WD_LOCK_STATUS"), "type" => "list", "items" => array("" => "", "yellow" => GetMessage("WD_DOCSTATUS_YELLOW"), "red" => GetMessage("WD_DOCSTATUS_RED"), "green" => GetMessage("WD_DOCSTATUS_GREEN"))); if (isset($_REQUEST['?TAGS'])) { $_REQUEST['?TAGS'] = str_replace("\\'", "'", htmlspecialcharsBack(urldecode($_REQUEST['?TAGS']))); } /************** Workflow *******************************************/ if ($arParams["WORKFLOW"] == "workflow") { $db_res = CWorkflowStatus::GetDropDownList("Y", "desc"); if ($db_res && ($res = $db_res->Fetch())) { do { $res["REFERENCE"] = preg_replace("/^(\\[\\d+\\] )/", "", $res["REFERENCE"]); $arResult["WF_STATUSES"][$res["REFERENCE_ID"]] = htmlspecialcharsbx($res["REFERENCE"]); $arResult["WF_STATUSES_PERMISSION"][$res["REFERENCE_ID"]] = $arParams["PERMISSION"] < "W" ? CIBlockElement::WF_GetStatusPermission($res["REFERENCE_ID"]) : 2; } while ($res = $db_res->Fetch()); } $arResult["STATUSES"] = $arResult["WF_STATUSES"]; } elseif ($arParams["WORKFLOW"] == "bizproc") { $arParams["BIZPROC_START"] = false; $arTemplates = array(); if ($arParams["PERMISSION"] >= "U") { $cache_id = '/bizproc/' . $arParams['IBLOCK_ID'] . "/bizproc_templates"; if ($arParams["CACHE_TIME"] > 0 && $cache->InitCache($arParams["CACHE_TIME"], $cache_id, $cache_path_main)) { $arTemplates = $cache->GetVars();
<tr valign="center"> <td nowrap valign="top"><?php echo GetMessage("FLOW_F_STATUS"); ?> :</td> <td nowrap><input type="text" name="find_status" value="<?php echo htmlspecialcharsbx($find_status); ?> " size="47"><?php echo ShowExactMatchCheckbox("find_status"); ?> <?php echo ShowFilterLogicHelp(); ?> <br><?php echo SelectBox("find_status_id", CWorkflowStatus::GetDropDownList("Y"), GetMessage("MAIN_ALL"), htmlspecialcharsbx($find_status_id)); ?> </td> </tr> <?php echo ShowLogicRadioBtn(); $filter->Buttons(array("table_id" => $sTableID, "url" => $APPLICATION->GetCurPage(), "form" => "form1")); $filter->End(); ?> </form> <?php $lAdmin->DisplayList(); ?> <?php
require_once $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/prolog_admin_before.php"; require_once $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/workflow/prolog.php"; $WORKFLOW_RIGHT = $APPLICATION->GetGroupRight("workflow"); if ($WORKFLOW_RIGHT == "D") { $APPLICATION->AuthForm(GetMessage("ACCESS_DENIED")); } require_once $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/workflow/include.php"; IncludeModuleLangFile(__FILE__); define("HELP_FILE", "workflow_status_list.php"); $ID = intval($ID); $message = false; $aTabs = array(array("DIV" => "edit1", "TAB" => GetMessage("FLOW_EDIT_RECORD"), "ICON" => "workflow_edit", "TITLE" => GetMessage("FLOW_EDIT_RECORD"))); $tabControl = new CAdminTabControl("tabControl", $aTabs); if ((strlen($save) > 0 || strlen($apply) > 0) && $REQUEST_METHOD == "POST" && $WORKFLOW_RIGHT == "W" && check_bitrix_sessid()) { $obWorkflowStatus = new CWorkflowStatus(); $arFields = array("~TIMESTAMP_X" => $DB->GetNowFunction(), "C_SORT" => $C_SORT, "ACTIVE" => $ACTIVE != "Y" ? "N" : "Y", "TITLE" => $TITLE, "DESCRIPTION" => $DESCRIPTION, "NOTIFY" => $NOTIFY != "Y" ? "N" : "Y"); if ($ID > 0) { $res = $obWorkflowStatus->Update($ID, $arFields); } else { $ID = $obWorkflowStatus->Add($arFields); $res = $ID > 0; } if ($res) { $obWorkflowStatus->SetPermissions($ID, $arPERMISSION_M, 1); $obWorkflowStatus->SetPermissions($ID, $arPERMISSION_E, 2); if ($apply != "") { LocalRedirect("/bitrix/admin/workflow_status_edit.php?ID=" . $ID . "&lang=" . LANG . "&" . $tabControl->ActiveTabParam()); } else { LocalRedirect("/bitrix/admin/workflow_status_list.php?lang=" . LANG); }
function SetPermissions($STATUS_ID, $arGroups, $PERMISSION_TYPE = 1) { global $DB; $STATUS_ID = intval($STATUS_ID); $PERMISSION_TYPE = intval($PERMISSION_TYPE); $err_mess = CWorkflowStatus::err_mess() . "<br>Function: SetPermissions<br>Line: "; $DB->Query("DELETE FROM b_workflow_status2group WHERE STATUS_ID = " . $STATUS_ID . " AND PERMISSION_TYPE = " . $PERMISSION_TYPE, false, $err_mess . __LINE__); if (is_array($arGroups) && ($PERMISSION_TYPE == 1 || $PERMISSION_TYPE == 2)) { foreach ($arGroups as $GROUP_ID) { $GROUP_ID = intval($GROUP_ID); $arFields = array("STATUS_ID" => $STATUS_ID, "GROUP_ID" => $GROUP_ID, "PERMISSION_TYPE" => $PERMISSION_TYPE); $DB->Insert("b_workflow_status2group", $arFields, $err_mess . __LINE__); } } }
$rsElement = CIBLockElement::GetList(array(), array_merge($arFilter, array("ID" => $arParams["ID"]))); if ($arElement = $rsElement->GetNext()) { // delete one $DB->StartTransaction(); if (!CIBlockElement::Delete($arElement["ID"])) { $DB->Rollback(); } else { $DB->Commit(); } } } if ($bWorkflowIncluded) { $by = "c_sort"; $order = "asc"; $is_filtered = false; $rsWFStatus = CWorkflowStatus::GetList($by, $order, array("ACTIVE" => "Y"), $is_filtered); $arResult["WF_STATUS"] = array(); while ($arStatus = $rsWFStatus->GetNext()) { $arResult["WF_STATUS"][$arStatus["ID"]] = $arStatus["TITLE"]; } } else { $arResult["ACTIVE_STATUS"] = array("Y" => GetMessage("IBLOCK_FORM_STATUS_ACTIVE"), "N" => GetMessage("IBLOCK_FORM_STATUS_INACTIVE")); } // get elements list using generated filter $rsIBlockElements = CIBlockElement::GetList(array("SORT" => "ASC"), $arFilter); $arResult["ELEMENTS_COUNT"] = $rsIBlockElements->SelectedRowsCount(); //$page_split = intval(COption::GetOptionString("iblock", "RESULTS_PAGEN")); $arParams["NAV_ON_PAGE"] = intval($arParams["NAV_ON_PAGE"]); $arParams["NAV_ON_PAGE"] = $arParams["NAV_ON_PAGE"] > 0 ? $arParams["NAV_ON_PAGE"] : 10; $rsIBlockElements->NavStart($arParams["NAV_ON_PAGE"]); // get paging to component result
$arGroupActions["delete"] = GetMessage("MAIN_ADMIN_LIST_DELETE"); break; } } foreach ($arElementOps as $id => $arOps) { if (isset($arOps["element_edit"])) { $arGroupActions["activate"] = GetMessage("MAIN_ADMIN_LIST_ACTIVATE"); $arGroupActions["deactivate"] = GetMessage("MAIN_ADMIN_LIST_DEACTIVATE"); break; } } $arParams = array('disable_action_sub_target' => true); if ($bWorkFlow) { $arGroupActions["unlock"] = GetMessage("IBEL_A_UNLOCK_ACTION"); $arGroupActions["lock"] = GetMessage("IBEL_A_LOCK_ACTION"); $statuses = '<div id="wf_status_id" style="display:none">' . SelectBox("wf_status_id", CWorkflowStatus::GetDropDownList("N", "desc")) . '</div>'; $arGroupActions["wf_status"] = GetMessage("IBEL_A_WF_STATUS_CHANGE"); $arGroupActions["wf_status_chooser"] = array("type" => "html", "value" => $statuses); $arParams["select_onchange"] .= "BX('wf_status_id').style.display = (this.value == 'wf_status'? 'block':'none');"; } elseif ($bBizproc) { $arGroupActions["unlock"] = GetMessage("IBEL_A_UNLOCK_ACTION"); } $lAdmin->AddGroupActionTable($arGroupActions, $arParams); ?> <script type="text/javascript"> function CheckProductName(id) { if (!id) return false; var obj = BX(id); if (!obj)
function GetNextSort() { $err_mess = CWorkflowStatus::err_mess() . "<br>Function: GetNextSort<br>Line: "; global $DB; $strSql = "SELECT max(C_SORT) MAX_SORT FROM b_workflow_status"; $z = $DB->Query($strSql, false, $err_mess . __LINE__); $zr = $z->Fetch(); return intval($zr["MAX_SORT"]) + 100; }
</tr> <?if($bWorkFlow):?> <tr> <td><?php echo GetMessage("IBLIST_A_STATUS"); ?> :</td> <td><input type="text" name="find_status_id" value="<?echo htmlspecialcharsex($find_status_id)?>" size="3"> <select name="find_status"> <option value=""><?php echo GetMessage("IBLOCK_VALUE_ANY"); ?> </option> <? $rs = CWorkflowStatus::GetDropDownList("Y"); while($arRs = $rs->GetNext()) { ?><option value="<?php echo $arRs["REFERENCE_ID"]; ?> "<?if($find_status == $arRs["~REFERENCE_ID"])echo " selected"?>><?php echo $arRs["REFERENCE"]; ?> </option><? } ?> </select></td> </tr> <?endif?> <tr>
if (CModule::IncludeModule("iblock")) { $res = CIBlockElement::GetList(array(), array("WF_STATUS_ID" => $ID, "SHOW_HISTORY" => "Y")); if ($res->Fetch()) { $lAdmin->AddGroupError(GetMessage("FLOW_CANNOT_DELETE_STATUS_IBLOCK"), $ID); } else { $DB->StartTransaction(); $DB->Query("DELETE FROM b_workflow_status WHERE ID='" . $ID . "'", false, $err_mess . __LINE__); $DB->Query("DELETE FROM b_workflow_status2group WHERE STATUS_ID='" . $ID . "'", false, $err_mess . __LINE__); $DB->Commit(); } } } break; case "activate": case "deactivate": $obWorkflowStatus = new CWorkflowStatus(); $arFields = array("~TIMESTAMP_X" => $DB->GetNowFunction(), "ACTIVE" => $_REQUEST['action'] == "activate" ? "Y" : "N"); $obWorkflowStatus->Update($ID, $arFields); break; } } } $rsData = CWorkflowStatus::GetList($by, $order, $arFilter, $is_filtered); $rsData = new CAdminResult($rsData, $sTableID); $rsData->NavStart(50); // navigation setup $lAdmin->NavText($rsData->GetNavPrint(GetMessage("FLOW_PAGES"))); $arHeaders = array(); $arHeaders[] = array("id" => "ID", "content" => "ID", "default" => true, "sort" => "s_id"); $arHeaders[] = array("id" => "TIMESTAMP_X", "content" => GetMessage("FLOW_TIMESTAMP"), "default" => true, "sort" => "s_timestamp"); $arHeaders[] = array("id" => "ACTIVE", "content" => GetMessage("FLOW_ACTIVE"), "default" => true, "sort" => "s_active");