public function checkUserReadAccess($parameters) { global $USER; $parameters['listId'] = (int) $parameters['listId']; $parameters['elementId'] = (int) $parameters['elementId']; if ($parameters['listId'] == 0 || $parameters['elementId'] == 0) { return false; } $userPermission = \CListPermissions::CheckAccess($USER, $parameters["IBLOCK_TYPE_ID"], $parameters['listId']); if ($userPermission < 0) { return false; } else { if ($userPermission < \CListPermissions::CAN_READ && !\CIBlockElementRights::UserHasRightTo($parameters['listId'], $parameters['elementId'], "element_read")) { return false; } } return true; }
public static function CheckElementOperation($intIBlockID, $intElementID, $strOperation, $strAccess) { $intIBlockID = intval($intIBlockID); if ($intIBlockID <= 0) { return false; } $intElementID = intval($intElementID); if ($intElementID <= 0) { return false; } if (!self::$boolCheck) { self::CheckExtRights(); } if (self::$boolExtRights) { return CIBlockElementRights::UserHasRightTo($intIBlockID, $intElementID, $strOperation); } else { return CIBlock::GetPermission($intIBlockID) >= $strAccess; } }
$arStr[$vv["TEMPLATE_ID"]] .= GetMessage("IBEL_A_BP_TASK") . ":<br /><a href=\"bizproc_task.php?id=" . $arTask["ID"] . "\" title=\"" . $arTask["DESCRIPTION"] . "\">" . $arTask["NAME"] . "</a><br /><br />"; } } } $str = ""; foreach ($arStr as $k => $v) { $row->AddViewField("WF_" . $k, $v); $str .= "<b>" . (strlen($arStr1[$k]) > 0 ? $arStr1[$k] : GetMessage("IBEL_A_BP_PROC")) . "</b>:<br />" . $v . "<br />"; } $row->AddViewField("BIZPROC", $str); } } $boolIBlockElementAdd = CIBlockSectionRights::UserHasRightTo($intSubIBlockID, $find_section_section, "section_element_bind"); $availQuantityTrace = COption::GetOptionString("catalog", "default_quantity_trace", 'N'); $arQuantityTrace = array("D" => GetMessage("IBEL_DEFAULT_VALUE") . " (" . ($availQuantityTrace == 'Y' ? GetMessage("IBEL_YES_VALUE") : GetMessage("IBEL_NO_VALUE")) . ")", "Y" => GetMessage("IBEL_YES_VALUE"), "N" => GetMessage("IBEL_NO_VALUE")); $arElementOps = CIBlockElementRights::UserHasRightTo($intSubIBlockID, array_keys($arRows), "", CIBlockRights::RETURN_OPERATIONS); foreach ($arRows as $f_ID => $row) { $edit_url = '/bitrix/admin/iblock_subelement_edit.php?WF=Y&type=' . urlencode($strSubIBlockType) . '&IBLOCK_ID=' . $intSubIBlockID . '&lang=' . LANGUAGE_ID . '&PRODUCT_ID=' . $ID . '&ID=' . $row->arRes['orig']['ID'] . '&TMP_ID=' . $strSubTMP_ID . $sThisSectionUrl; if (array_key_exists("PREVIEW_PICTURE", $arSelectedFieldsMap)) { $row->AddViewField("PREVIEW_PICTURE", CFile::ShowFile($row->arRes['PREVIEW_PICTURE'], 100000, 50, 50, true)); } if (array_key_exists("DETAIL_PICTURE", $arSelectedFieldsMap)) { $row->AddViewField("DETAIL_PICTURE", CFile::ShowFile($row->arRes['DETAIL_PICTURE'], 100000, 50, 50, true)); } if (array_key_exists("PREVIEW_TEXT", $arSelectedFieldsMap)) { $row->AddViewField("PREVIEW_TEXT", $row->arRes["PREVIEW_TEXT_TYPE"] == "text" ? htmlspecialcharsex($row->arRes["PREVIEW_TEXT"]) : HTMLToTxt($row->arRes["PREVIEW_TEXT"])); } if (array_key_exists("DETAIL_TEXT", $arSelectedFieldsMap)) { $row->AddViewField("DETAIL_TEXT", $row->arRes["DETAIL_TEXT_TYPE"] == "text" ? htmlspecialcharsex($row->arRes["DETAIL_TEXT"]) : HTMLToTxt($row->arRes["DETAIL_TEXT"])); } if (isset($arElementOps[$f_ID]) && isset($arElementOps[$f_ID]["element_edit"])) {
/** * * * * * * @return mixed <p></p> * * * <h4>Example</h4> * <pre> * <br><br> * </pre> * * * * <h4>See Also</h4> * <p></p><a name="examples"></a> * * * @static * @link http://dev.1c-bitrix.ru/api_help/iblock/classes/ciblock/getpanelbuttons.php * @author Bitrix */ public static function GetPanelButtons($IBLOCK_ID = 0, $ELEMENT_ID = 0, $SECTION_ID = 0, $arOptions = array()) { /** @global CMain $APPLICATION */ global $APPLICATION; $arButtons = array("view" => array(), "edit" => array(), "configure" => array(), "submenu" => array()); if (array_key_exists("SECTION_BUTTONS", $arOptions) && $arOptions["SECTION_BUTTONS"] === false) { $bSectionButtons = false; } else { $bSectionButtons = true; } if (array_key_exists("SESSID", $arOptions) && $arOptions["SESSID"] === false) { $bSessID = false; } else { $bSessID = true; } $IBLOCK_ID = intval($IBLOCK_ID); $ELEMENT_ID = intval($ELEMENT_ID); $SECTION_ID = intval($SECTION_ID); if ($ELEMENT_ID > 0 && ($IBLOCK_ID <= 0 || $bSectionButtons && $SECTION_ID == 0)) { $rsIBlockElement = CIBlockElement::GetList(array(), array("ID" => $ELEMENT_ID, "ACTIVE_DATE" => "Y", "ACTIVE" => "Y", "CHECK_PERMISSIONS" => "Y"), false, false, array("ID", "IBLOCK_ID", "IBLOCK_SECTION_ID")); if ($arIBlockElement = $rsIBlockElement->Fetch()) { $IBLOCK_ID = $arIBlockElement["IBLOCK_ID"]; $SECTION_ID = $arIBlockElement["IBLOCK_SECTION_ID"]; } } if ($IBLOCK_ID <= 0) { return $arButtons; } $bCatalog = false; if (isset($arOptions["CATALOG"]) && $arOptions["CATALOG"] == true) { if (CModule::IncludeModule('catalog')) { $bCatalog = true; } } $return_url = array("add_element" => "", "edit_element" => "", "edit_iblock" => "", "history_element" => "", "edit_section" => "", "add_section" => "", "delete_section" => "", "delete_element" => "", "element_list" => "", "section_list" => ""); if (array_key_exists("RETURN_URL", $arOptions)) { if (is_array($arOptions["RETURN_URL"])) { foreach ($arOptions["RETURN_URL"] as $key => $url) { if (!empty($url) && array_key_exists($key, $return_url)) { $return_url[$key] = $url; } } } elseif (!empty($arOptions["RETURN_URL"])) { foreach ($return_url as $key => $url) { $return_url[$key] = $arOptions["RETURN_URL"]; } } } $str = ""; foreach ($return_url as $key => $url) { if (empty($url)) { if (empty($str)) { if (defined("BX_AJAX_PARAM_ID")) { $str = $APPLICATION->GetCurPageParam("", array(BX_AJAX_PARAM_ID)); } else { $str = $APPLICATION->GetCurPageParam(); } } $return_url[$key] = $str; } } $arIBlock = CIBlock::GetArrayByID($IBLOCK_ID); $bWorkflow = CModule::IncludeModule("workflow") && $arIBlock["WORKFLOW"] !== "N"; $s = $bWorkflow ? "&WF=Y" : ""; $arLabels = $arOptions["LABELS"]; if ($ELEMENT_ID > 0 && CIBlockElementRights::UserHasRightTo($IBLOCK_ID, $ELEMENT_ID, "element_edit")) { $url = "/bitrix/admin/" . CIBlock::GetAdminElementEditLink($IBLOCK_ID, $ELEMENT_ID, array("force_catalog" => $bCatalog, "filter_section" => $SECTION_ID, "bxpublic" => "Y", "from_module" => "iblock", "return_url" => $return_url["edit_element"])) . $s; $action = $APPLICATION->GetPopupLink(array("URL" => $url, "PARAMS" => array("width" => 700, 'height' => 400, 'resize' => false))); $arButton = array("TEXT" => strlen($arLabels["ELEMENT_EDIT_TEXT"]) ? $arLabels["ELEMENT_EDIT_TEXT"] : $arIBlock["ELEMENT_EDIT"], "TITLE" => strlen($arLabels["ELEMENT_EDIT_TITLE"]) ? $arLabels["ELEMENT_EDIT_TITLE"] : $arIBlock["ELEMENT_EDIT"], "ACTION" => 'javascript:' . $action, "ACTION_URL" => $url, "ONCLICK" => $action, "DEFAULT" => $APPLICATION->GetPublicShowMode() != 'configure' ? true : false, "ICON" => "bx-context-toolbar-edit-icon", "ID" => "bx-context-toolbar-edit-element"); $arButtons["edit"]["edit_element"] = $arButton; $arButtons["configure"]["edit_element"] = $arButton; $url = str_replace("&bxpublic=Y&from_module=iblock", "", $url); $arButton["ACTION"] = "javascript:jsUtils.Redirect([], '" . CUtil::JSEscape($url) . "')"; unset($arButton["ONCLICK"]); $arButtons["submenu"]["edit_element"] = $arButton; if ($bWorkflow) { $url = "/bitrix/admin/iblock_history_list.php?type=" . $arIBlock["IBLOCK_TYPE_ID"] . "&lang=" . LANGUAGE_ID . "&IBLOCK_ID=" . $IBLOCK_ID . "&ELEMENT_ID=" . $ELEMENT_ID . "&filter_section=" . $SECTION_ID . "&return_url=" . UrlEncode($return_url["history_element"]); $arButton = array("TEXT" => GetMessage("IBLOCK_PANEL_HISTORY_BUTTON"), "TITLE" => GetMessage("IBLOCK_PANEL_HISTORY_BUTTON"), "ACTION" => "javascript:jsUtils.Redirect([], '" . CUtil::JSEscape($url) . "')", "ONCLICK" => "jsUtils.Redirect([], '" . CUtil::JSEscape($url) . "')", "ID" => "bx-context-toolbar-history-element"); $arButtons["submenu"]["history_element"] = $arButton; } } if (CIBlockSectionRights::UserHasRightTo($IBLOCK_ID, $SECTION_ID, "section_element_bind")) { $url = "/bitrix/admin/" . CIBlock::GetAdminElementEditLink($IBLOCK_ID, null, array("force_catalog" => $bCatalog, "filter_section" => $SECTION_ID, "IBLOCK_SECTION_ID" => $SECTION_ID, "bxpublic" => "Y", "from_module" => "iblock", "return_url" => $return_url["add_element"])); $action = $APPLICATION->GetPopupLink(array("URL" => $url, "PARAMS" => array("width" => 700, 'height' => 400, 'resize' => false))); $arButton = array("TEXT" => strlen($arLabels["ELEMENT_ADD_TEXT"]) ? $arLabels["ELEMENT_ADD_TEXT"] : $arIBlock["ELEMENT_ADD"], "TITLE" => strlen($arLabels["ELEMENT_ADD_TITLE"]) ? $arLabels["ELEMENT_ADD_TITLE"] : $arIBlock["ELEMENT_ADD"], "ACTION" => 'javascript:' . $action, "ACTION_URL" => $url, "ONCLICK" => $action, "ICON" => "bx-context-toolbar-create-icon", "ID" => "bx-context-toolbar-add-element"); $arButtons["edit"]["add_element"] = $arButton; $arButtons["configure"]["add_element"] = $arButton; $arButtons["intranet"][] = array('TEXT' => $arButton["TEXT"], 'TITLE' => $arButton["TITLE"], 'ICON' => 'add', 'ONCLICK' => $arButton["ACTION"], 'SORT' => 1000); $url = str_replace("&bxpublic=Y&from_module=iblock", "", $url); $arButton["ACTION"] = "javascript:jsUtils.Redirect([], '" . CUtil::JSEscape($url) . "')"; unset($arButton["ONCLICK"]); $arButtons["submenu"]["add_element"] = $arButton; } if ($ELEMENT_ID > 0 && CIBlockElementRights::UserHasRightTo($IBLOCK_ID, $ELEMENT_ID, "element_delete")) { //Delete Element if (!empty($arButtons["edit"])) { $arButtons["edit"][] = array("SEPARATOR" => "Y", "HREF" => ""); } if (!empty($arButtons["configure"])) { $arButtons["configure"][] = array("SEPARATOR" => "Y", "HREF" => ""); } if (!empty($arButtons["submenu"])) { $arButtons["submenu"][] = array("SEPARATOR" => "Y", "HREF" => ""); } $url = CIBlock::GetAdminElementListLink($IBLOCK_ID, array('action' => 'delete')); if ($bSessID) { $url .= '&' . bitrix_sessid_get(); } $url .= '&ID=' . (preg_match('/^iblock_list_admin\\.php/', $url) ? "E" : "") . $ELEMENT_ID . "&return_url=" . UrlEncode($return_url["delete_element"]); $url = "/bitrix/admin/" . $url; $arButton = array("TEXT" => strlen($arLabels["ELEMENT_DELETE_TEXT"]) ? $arLabels["ELEMENT_DELETE_TEXT"] : $arIBlock["ELEMENT_DELETE"], "TITLE" => strlen($arLabels["ELEMENT_DELETE_TITLE"]) ? $arLabels["ELEMENT_DELETE_TITLE"] : $arIBlock["ELEMENT_DELETE"], "ACTION" => "javascript:if(confirm('" . GetMessageJS("IBLOCK_PANEL_ELEMENT_DEL_CONF") . "'))jsUtils.Redirect([], '" . CUtil::JSEscape($url) . "')", "ACTION_URL" => $url, "ONCLICK" => "if(confirm('" . GetMessageJS("IBLOCK_PANEL_ELEMENT_DEL_CONF") . "'))jsUtils.Redirect([], '" . CUtil::JSEscape($url) . "')", "ICON" => "bx-context-toolbar-delete-icon", "ID" => "bx-context-toolbar-delete-element"); $arButtons["edit"]["delete_element"] = $arButton; $arButtons["configure"]["delete_element"] = $arButton; $arButtons["submenu"]["delete_element"] = $arButton; } if ($ELEMENT_ID <= 0 && $bSectionButtons) { $rsIBTYPE = CIBlockType::GetByID($arIBlock["IBLOCK_TYPE_ID"]); if (($arIBTYPE = $rsIBTYPE->Fetch()) && $arIBTYPE["SECTIONS"] == "Y") { if ($SECTION_ID > 0 && CIBlockSectionRights::UserHasRightTo($IBLOCK_ID, $SECTION_ID, "section_edit")) { if (!empty($arButtons["edit"])) { $arButtons["edit"][] = array("SEPARATOR" => "Y", "HREF" => ""); } if (!empty($arButtons["configure"])) { $arButtons["configure"][] = array("SEPARATOR" => "Y", "HREF" => ""); } if (!empty($arButtons["submenu"])) { $arButtons["submenu"][] = array("SEPARATOR" => "Y", "HREF" => ""); } $url = "/bitrix/admin/" . CIBlock::GetAdminSectionEditLink($IBLOCK_ID, $SECTION_ID, array("force_catalog" => $bCatalog, "filter_section" => $SECTION_ID, "bxpublic" => "Y", "from_module" => "iblock", "return_url" => $return_url["edit_section"])); $action = $APPLICATION->GetPopupLink(array("URL" => $url, "PARAMS" => array("width" => 700, 'height' => 400, 'resize' => false))); $arButton = array("TEXT" => strlen($arLabels["SECTION_EDIT_TEXT"]) ? $arLabels["SECTION_EDIT_TEXT"] : $arIBlock["SECTION_EDIT"], "TITLE" => strlen($arLabels["SECTION_EDIT_TITLE"]) ? $arLabels["SECTION_EDIT_TITLE"] : $arIBlock["SECTION_EDIT"], "ACTION" => 'javascript:' . $action, "ACTION_URL" => $url, "ICON" => "bx-context-toolbar-edit-icon", "ONCLICK" => $action, "DEFAULT" => $APPLICATION->GetPublicShowMode() != 'configure' ? true : false, "ID" => "bx-context-toolbar-edit-section"); $arButtons["edit"]["edit_section"] = $arButton; $arButtons["configure"]["edit_section"] = $arButton; $url = str_replace("&bxpublic=Y&from_module=iblock", "", $url); $arButton["ACTION"] = "javascript:jsUtils.Redirect([], '" . CUtil::JSEscape($url) . "')"; unset($arButton["ONCLICK"]); $arButtons["submenu"]["edit_section"] = $arButton; } if (CIBlockSectionRights::UserHasRightTo($IBLOCK_ID, $SECTION_ID, "section_section_bind")) { $url = "/bitrix/admin/" . CIBlock::GetAdminSectionEditLink($IBLOCK_ID, null, array("force_catalog" => $bCatalog, "IBLOCK_SECTION_ID" => $SECTION_ID, "filter_section" => $SECTION_ID, "bxpublic" => "Y", "from_module" => "iblock", "return_url" => $return_url["add_section"])); $action = $APPLICATION->GetPopupLink(array("URL" => $url, "PARAMS" => array("width" => 700, 'height' => 400, 'resize' => false))); $arButton = array("TEXT" => strlen($arLabels["SECTION_ADD_TEXT"]) ? $arLabels["SECTION_ADD_TEXT"] : $arIBlock["SECTION_ADD"], "TITLE" => strlen($arLabels["SECTION_ADD_TITLE"]) ? $arLabels["SECTION_ADD_TITLE"] : $arIBlock["SECTION_ADD"], "ACTION" => 'javascript:' . $action, "ACTION_URL" => $url, "ICON" => "bx-context-toolbar-create-icon", "ID" => "bx-context-toolbar-add-section", "ONCLICK" => $action); $arButtons["edit"]["add_section"] = $arButton; $arButtons["configure"]["add_section"] = $arButton; $url = str_replace("&bxpublic=Y&from_module=iblock", "", $url); $arButton["ACTION"] = "javascript:jsUtils.Redirect([], '" . CUtil::JSEscape($url) . "')"; unset($arButton["ONCLICK"]); $arButtons["submenu"]["add_section"] = $arButton; } //Delete section if ($SECTION_ID > 0 && CIBlockSectionRights::UserHasRightTo($IBLOCK_ID, $SECTION_ID, "section_delete")) { $url = CIBlock::GetAdminSectionListLink($IBLOCK_ID, array('action' => 'delete')); if ($bSessID) { $url .= '&' . bitrix_sessid_get(); } $url .= '&ID[]=' . (preg_match('/^iblock_list_admin\\.php/', $url) ? "S" : "") . $SECTION_ID . "&return_url=" . UrlEncode($return_url["delete_section"]); $url = "/bitrix/admin/" . $url; $arButton = array("TEXT" => strlen($arLabels["SECTION_DELETE_TEXT"]) ? $arLabels["SECTION_DELETE_TEXT"] : $arIBlock["SECTION_DELETE"], "TITLE" => strlen($arLabels["SECTION_DELETE_TITLE"]) ? $arLabels["SECTION_DELETE_TITLE"] : $arIBlock["SECTION_DELETE"], "ACTION" => "javascript:if(confirm('" . GetMessageJS("IBLOCK_PANEL_SECTION_DEL_CONF") . "'))jsUtils.Redirect([], '" . CUtil::JSEscape($url) . "')", "ACTION_URL" => $url, "ONCLICK" => "if(confirm('" . GetMessageJS("IBLOCK_PANEL_SECTION_DEL_CONF") . "'))jsUtils.Redirect([], '" . CUtil::JSEscape($url) . "')", "ICON" => "bx-context-toolbar-delete-icon", "ID" => "bx-context-toolbar-delete-section"); $arButtons["edit"]["delete_section"] = $arButton; $arButtons["configure"]["delete_section"] = $arButton; $arButtons["submenu"]["delete_section"] = $arButton; } } } if ($IBLOCK_ID > 0 && CIBlockRights::UserHasRightTo($IBLOCK_ID, $IBLOCK_ID, "iblock_admin_display")) { if (!empty($arButtons["submenu"])) { $arButtons["submenu"][] = array("SEPARATOR" => "Y", "HREF" => ""); } if ($SECTION_ID > 0) { $url = "/bitrix/admin/" . CIBlock::GetAdminElementListLink($IBLOCK_ID, array('find_section_section' => $SECTION_ID)); } else { $url = "/bitrix/admin/" . CIBlock::GetAdminElementListLink($IBLOCK_ID, array('find_el_y' => 'Y')); } $arButton = array("TEXT" => strlen($arLabels["ELEMENTS_NAME_TEXT"]) ? $arLabels["ELEMENTS_NAME_TEXT"] : $arIBlock["ELEMENTS_NAME"], "TITLE" => strlen($arLabels["ELEMENTS_NAME_TITLE"]) ? $arLabels["ELEMENTS_NAME_TITLE"] : $arIBlock["ELEMENTS_NAME"], "ACTION" => "javascript:jsUtils.Redirect([], '" . CUtil::JSEscape($url) . "')", "ACTION_URL" => $url, "ONCLICK" => "jsUtils.Redirect([], '" . CUtil::JSEscape($url) . "')", "ID" => "bx-context-toolbar-elements-list"); $arButtons["submenu"]["element_list"] = $arButton; $arButtons["intranet"]["element_list"] = array('TEXT' => $arButton["TEXT"], 'TITLE' => $arButton["TITLE"], 'ICON' => 'settings', 'ONCLICK' => $arButton["ACTION"], 'SORT' => 1010); $url = "/bitrix/admin/" . CIBlock::GetAdminSectionListLink($IBLOCK_ID, array('find_section_section' => $SECTION_ID)); $arButton = array("TEXT" => strlen($arLabels["SECTIONS_NAME_TEXT"]) ? $arLabels["SECTIONS_NAME_TEXT"] : $arIBlock["SECTIONS_NAME"], "TITLE" => strlen($arLabels["SECTIONS_NAME_TITLE"]) ? $arLabels["SECTIONS_NAME_TITLE"] : $arIBlock["SECTIONS_NAME"], "ACTION" => "javascript:jsUtils.Redirect([], '" . CUtil::JSEscape($url) . "')", "ACTION_URL" => $url, "ONCLICK" => "jsUtils.Redirect([], '" . CUtil::JSEscape($url) . "')", "ID" => "bx-context-toolbar-sections-list"); $arButtons["submenu"]["section_list"] = $arButton; if (CIBlockRights::UserHasRightTo($IBLOCK_ID, $IBLOCK_ID, "iblock_edit")) { $url = "/bitrix/admin/iblock_edit.php?type=" . $arIBlock["IBLOCK_TYPE_ID"] . "&lang=" . LANGUAGE_ID . "&ID=" . $IBLOCK_ID . "&return_url=" . UrlEncode($return_url["edit_iblock"]); $arButton = array("TEXT" => GetMessage("IBLOCK_PANEL_EDIT_IBLOCK_BUTTON", array("#IBLOCK_NAME#" => $arIBlock["NAME"])), "TITLE" => GetMessage("IBLOCK_PANEL_EDIT_IBLOCK_BUTTON", array("#IBLOCK_NAME#" => $arIBlock["NAME"])), "ACTION" => "javascript:jsUtils.Redirect([], '" . CUtil::JSEscape($url) . "')", "ACTION_URL" => $url, "ONCLICK" => "jsUtils.Redirect([], '" . CUtil::JSEscape($url) . "')", "ID" => "bx-context-toolbar-edit-iblock"); $arButtons["submenu"]["edit_iblock"] = $arButton; } } return $arButtons; }
foreach ($arErrorsTmp as $e) { $strWarning .= $e["message"] . "<br />"; } } } } $arDocumentStates = null; CBPDocument::AddDocumentToHistory(BizProcDocument::getDocumentComplexId($arParams["IBLOCK_TYPE_ID"], $arResult["ELEMENT_ID"]), $arElement["NAME"], $GLOBALS["USER"]->GetID()); } } if (!$strError) { //Successfull update //And go to proper page if (isset($_POST["save"])) { LocalRedirect($arResult["~LIST_SECTION_URL"]); } elseif ($lists_perm < CListPermissions::CAN_READ && !CIBlockElementRights::UserHasRightTo($arResult["IBLOCK_ID"], $arResult["ELEMENT_ID"], "element_read")) { LocalRedirect($arResult["~LIST_SECTION_URL"]); } else { $url = CHTTP::urlAddParams(str_replace(array("#list_id#", "#section_id#", "#element_id#", "#group_id#"), array($arResult["IBLOCK_ID"], intval($_POST["IBLOCK_SECTION_ID"]), $arResult["ELEMENT_ID"], $arParams["SOCNET_GROUP_ID"]), $arParams["~LIST_ELEMENT_URL"]), array($tab_name => $_POST[$tab_name]), array("skip_empty" => true, "encode" => true)); if (isset($_GET["list_section_id"]) && strlen($_GET["list_section_id"]) == 0) { $url = CHTTP::urlAddParams($url, array("list_section_id" => "")); } LocalRedirect($url); } } else { ShowError($strError); $bVarsFromForm = true; } } else { //Go to list section page LocalRedirect($arResult["~LIST_SECTION_URL"]);
$obRights->GetRights(array("count_overwrited" => true, "parents" => $str_IBLOCK_ELEMENT_SECTION)), false, /*$bForceInherited=*/($ID <= 0) || $bCopy ); $tabControl->EndCustomField("RIGHTS", $htmlHidden); endif; $bDisabled = ($view=="Y") || ($bWorkflow && $prn_LOCK_STATUS=="red") || ( (($ID <= 0) || $bCopy) && !CIBlockSectionRights::UserHasRightTo($IBLOCK_ID, $MENU_SECTION_ID, "section_element_bind") ) || ( (($ID > 0) && !$bCopy) && !CIBlockElementRights::UserHasRightTo($IBLOCK_ID, $ID, "element_edit") ) || ( $bBizproc && !$canWrite ) ; if (!defined('BX_PUBLIC_MODE') || BX_PUBLIC_MODE != 1): ob_start(); ?> <input <?if ($bDisabled) echo "disabled";?> type="submit" class="adm-btn-save" name="save" id="save" value="<?echo GetMessage("IBLOCK_EL_SAVE")?>"> <? if (!$bAutocomplete) { ?><input <?if ($bDisabled) echo "disabled";?> type="submit" class="button" name="apply" id="apply" value="<?echo GetMessage('IBLOCK_APPLY')?>"><? }
$dbIB = CIBlockElement::GetList(array(), array('ID' => $arParams['ENTITY_ID'], 'IBLOCK_ID' => $arParams['IBLOCK_ID']), false, false, array('ID', 'IBLOCK_ID', 'IBLOCK_SECTION_ID', 'NAME')); if ($dbIB && ($arIB = $dbIB->Fetch())) { $arResult['ENTITY_NAME'] = $arIB['NAME']; $arResult['ENTITY_PARENTS'][] = $arIB['IBLOCK_SECTION_ID']; } } if (sizeof($arResult['ENTITY_PARENTS']) > 0 && intval($arResult['ENTITY_PARENTS'][0]) > 0) { $dbChain = CIBlockSection::GetNavChain($arParams['IBLOCK_ID'], $arResult['ENTITY_PARENTS'][0]); if ($dbChain) { while ($arChain = $dbChain->Fetch()) { $arResult['ENTITY_PARENTS'][] = $arChain['IBLOCK_SECTION_ID']; } } } } if ($USER->CanDoOperation('webdav_change_settings') || $obIBlockRights && $obIBlockRights->UserHasRightTo($arParams['IBLOCK_ID'], $arParams['ENTITY_ID'], $checkOP)) { $arTasks = CIBlockRights::GetRightsList(); $arTaskLetters = CWebDavIblock::GetTasks(); //bad hack. It's not public rights. if (isset($arTaskLetters['S'])) { unset($arTasks[$arTaskLetters['S']]); } if (isset($arTaskLetters['T'])) { unset($arTasks[$arTaskLetters['T']]); } $arResult['PERMISSIONS'] = $arTasks; if (!$bCreate) { $arRightParams = array("count_overwrited" => true); if (!empty($arResult['ENTITY_PARENTS'])) { $arRightParams['parents'] = $arResult['ENTITY_PARENTS']; }
$IBLOCK_ID = (int) $IBLOCK_ID; if ($IBLOCK_ID <= 0) { return; } $MENU_SECTION_ID = (int) $MENU_SECTION_ID; $PRODUCT_ID = $ID > 0 ? CIBlockElement::GetRealElement($ID) : 0; $arBaseProduct = false; $periodTimeTypes = array(); if ($arMainCatalog['SUBSCRIPTION'] == 'Y') { $arDefProduct = array('QUANTITY' => '', 'QUANTITY_RESERVED' => '', 'VAT_ID' => 0, 'VAT_INCLUDED' => 'N', 'QUANTITY_TRACE_ORIG' => 'D', 'CAN_BUY_ZERO_ORIG' => 'D', 'PRICE_TYPE' => '', 'RECUR_SCHEME_TYPE' => '', 'RECUR_SCHEME_LENGTH' => '', 'TRIAL_PRICE_ID' => '', 'WITHOUT_ORDER' => '', 'PURCHASING_PRICE' => '', 'PURCHASING_CURRENCY' => '', 'BARCODE_MULTI' => '', 'SUBSCRIBE_ORIG' => 'D'); $periodTimeTypes = CCatalogProduct::GetTimePeriodTypes(true); } else { $arDefProduct = array('QUANTITY' => '', 'QUANTITY_RESERVED' => '', 'WEIGHT' => '', 'WIDTH' => '', 'LENGTH' => '', 'HEIGHT' => '', 'MEASURE' => '', 'VAT_ID' => 0, 'VAT_INCLUDED' => 'N', 'QUANTITY_TRACE_ORIG' => 'D', 'CAN_BUY_ZERO_ORIG' => 'D', 'PURCHASING_PRICE' => '', 'PURCHASING_CURRENCY' => '', 'BARCODE_MULTI' => '', 'SUBSCRIBE_ORIG' => 'D'); } if ($PRODUCT_ID > 0) { $bReadOnly = !($USER->CanDoOperation('catalog_price') && CIBlockElementRights::UserHasRightTo($IBLOCK_ID, $PRODUCT_ID, "element_edit_price")); if ($arMainCatalog['SUBSCRIPTION'] == 'Y') { $arProductSelect = array('ID', 'QUANTITY', 'QUANTITY_RESERVED', 'QUANTITY_TRACE_ORIG', 'VAT_ID', 'VAT_INCLUDED', 'CAN_BUY_ZERO_ORIG', 'PRICE_TYPE', 'RECUR_SCHEME_TYPE', 'RECUR_SCHEME_LENGTH', 'TRIAL_PRICE_ID', 'WITHOUT_ORDER', 'PURCHASING_PRICE', 'PURCHASING_CURRENCY', 'BARCODE_MULTI', 'SUBSCRIBE_ORIG', 'TYPE'); } else { $arProductSelect = array('ID', 'QUANTITY', 'QUANTITY_RESERVED', 'QUANTITY_TRACE_ORIG', 'WEIGHT', 'WIDTH', 'LENGTH', 'HEIGHT', 'MEASURE', 'VAT_ID', 'VAT_INCLUDED', 'CAN_BUY_ZERO_ORIG', 'PURCHASING_PRICE', 'PURCHASING_CURRENCY', 'BARCODE_MULTI', 'SUBSCRIBE_ORIG', 'TYPE'); } $rsProducts = CCatalogProduct::GetList(array(), array('ID' => $PRODUCT_ID), false, false, $arProductSelect); $arBaseProduct = $rsProducts->Fetch(); if ($bCopy) { $arBaseProduct['QUANTITY'] = ''; $arBaseProduct['QUANTITY_RESERVED'] = ''; } } else { $bReadOnly = !($USER->CanDoOperation('catalog_price') && CIBlockSectionRights::UserHasRightTo($IBLOCK_ID, $MENU_SECTION_ID, "element_edit_price")); } if (empty($arBaseProduct)) {
function CanUserOperateDocument($operation, $userId, $documentId, $arParameters = array()) { $documentId = trim($documentId); if (strlen($documentId) <= 0) { return false; } if (!array_key_exists("IBlockId", $arParameters) && (!array_key_exists("IBlockPermission", $arParameters) || !array_key_exists("DocumentStates", $arParameters) || !array_key_exists("IBlockRightsMode", $arParameters) || array_key_exists("IBlockRightsMode", $arParameters) && $arParameters["IBlockRightsMode"] === "E") || !array_key_exists("CreatedBy", $arParameters) && !array_key_exists("AllUserGroups", $arParameters)) { $dbElementList = CIBlockElement::GetList(array(), array("ID" => $documentId, "SHOW_NEW" => "Y", "SHOW_HISTORY" => "Y"), false, false, array("ID", "IBLOCK_ID", "CREATED_BY")); $arElement = $dbElementList->Fetch(); if (!$arElement) { return false; } $arParameters["IBlockId"] = $arElement["IBLOCK_ID"]; $arParameters["CreatedBy"] = $arElement["CREATED_BY"]; } if (!array_key_exists("IBlockRightsMode", $arParameters)) { $arParameters["IBlockRightsMode"] = CIBlock::GetArrayByID($arParameters["IBlockId"], "RIGHTS_MODE"); } if ($arParameters["IBlockRightsMode"] === "E") { if ($operation === CBPCanUserOperateOperation::ReadDocument) { return CIBlockElementRights::UserHasRightTo($arParameters["IBlockId"], $documentId, "element_read"); } elseif ($operation === CBPCanUserOperateOperation::WriteDocument) { return CIBlockElementRights::UserHasRightTo($arParameters["IBlockId"], $documentId, "element_edit"); } elseif ($operation === CBPCanUserOperateOperation::StartWorkflow || $operation === CBPCanUserOperateOperation::ViewWorkflow) { if (CIBlockElementRights::UserHasRightTo($arParameters["IBlockId"], $documentId, "element_edit")) { return true; } if (!array_key_exists("WorkflowId", $arParameters)) { return false; } if (!CIBlockElementRights::UserHasRightTo($arParameters["IBlockId"], $documentId, "element_read")) { return false; } $userId = intval($userId); if (!array_key_exists("AllUserGroups", $arParameters)) { if (!array_key_exists("UserGroups", $arParameters)) { $arParameters["UserGroups"] = CUser::GetUserGroup($userId); } $arParameters["AllUserGroups"] = $arParameters["UserGroups"]; if ($userId == $arParameters["CreatedBy"]) { $arParameters["AllUserGroups"][] = "Author"; } } if (!array_key_exists("DocumentStates", $arParameters)) { if ($operation === CBPCanUserOperateOperation::StartWorkflow) { $arParameters["DocumentStates"] = CBPWorkflowTemplateLoader::GetDocumentTypeStates(array("iblock", "CIBlockDocument", "iblock_" . $arParameters["IBlockId"])); } else { $arParameters["DocumentStates"] = CBPDocument::GetDocumentStates(array("iblock", "CIBlockDocument", "iblock_" . $arParameters["IBlockId"]), array("iblock", "CIBlockDocument", $documentId)); } } if (array_key_exists($arParameters["WorkflowId"], $arParameters["DocumentStates"])) { $arParameters["DocumentStates"] = array($arParameters["WorkflowId"] => $arParameters["DocumentStates"][$arParameters["WorkflowId"]]); } else { return false; } $arAllowableOperations = CBPDocument::GetAllowableOperations($userId, $arParameters["AllUserGroups"], $arParameters["DocumentStates"]); if (!is_array($arAllowableOperations)) { return false; } if ($operation === CBPCanUserOperateOperation::ViewWorkflow && in_array("read", $arAllowableOperations) || $operation === CBPCanUserOperateOperation::StartWorkflow && in_array("write", $arAllowableOperations)) { return true; } $chop = $operation === CBPCanUserOperateOperation::ViewWorkflow ? "element_read" : "element_edit"; foreach ($arAllowableOperations as $op) { $ar = CTask::GetOperations($op, true); if (in_array($chop, $ar)) { return true; } } } return false; } if (!array_key_exists("IBlockPermission", $arParameters)) { if (CModule::IncludeModule('lists')) { $arParameters["IBlockPermission"] = CLists::GetIBlockPermission($arParameters["IBlockId"], $userId); } else { $arParameters["IBlockPermission"] = CIBlock::GetPermission($arParameters["IBlockId"], $userId); } } if ($arParameters["IBlockPermission"] <= "R") { return false; } elseif ($arParameters["IBlockPermission"] >= "W") { return true; } $userId = intval($userId); if (!array_key_exists("AllUserGroups", $arParameters)) { if (!array_key_exists("UserGroups", $arParameters)) { $arParameters["UserGroups"] = CUser::GetUserGroup($userId); } $arParameters["AllUserGroups"] = $arParameters["UserGroups"]; if ($userId == $arParameters["CreatedBy"]) { $arParameters["AllUserGroups"][] = "Author"; } } if (!array_key_exists("DocumentStates", $arParameters)) { $arParameters["DocumentStates"] = CBPDocument::GetDocumentStates(array("iblock", "CIBlockDocument", "iblock_" . $arParameters["IBlockId"]), array("iblock", "CIBlockDocument", $documentId)); } if (array_key_exists("WorkflowId", $arParameters)) { if (array_key_exists($arParameters["WorkflowId"], $arParameters["DocumentStates"])) { $arParameters["DocumentStates"] = array($arParameters["WorkflowId"] => $arParameters["DocumentStates"][$arParameters["WorkflowId"]]); } else { return false; } } $arAllowableOperations = CBPDocument::GetAllowableOperations($userId, $arParameters["AllUserGroups"], $arParameters["DocumentStates"]); if (!is_array($arAllowableOperations)) { return false; } $r = false; switch ($operation) { case CBPCanUserOperateOperation::ViewWorkflow: $r = in_array("read", $arAllowableOperations); break; case CBPCanUserOperateOperation::StartWorkflow: $r = in_array("write", $arAllowableOperations); break; case CBPCanUserOperateOperation::CreateWorkflow: $r = false; break; case CBPCanUserOperateOperation::WriteDocument: $r = in_array("write", $arAllowableOperations); break; case CBPCanUserOperateOperation::ReadDocument: $r = in_array("read", $arAllowableOperations) || in_array("write", $arAllowableOperations); break; default: $r = false; } return $r; }
$bizProcIndex = 0; $arDocumentStates = CBPDocument::GetDocumentStates(BizProcDocument::generateDocumentComplexType($arParams["IBLOCK_TYPE_ID"], $arResult["IBLOCK_ID"]), $arResult["ELEMENT_ID"] > 0 ? BizProcDocument::getDocumentComplexId($arParams["IBLOCK_TYPE_ID"], $arResult["ELEMENT_ID"]) : null, "Y"); $custom_html .= '<input type="hidden" name="stop_bizproc" id="stop_bizproc" value="">'; $runtime = CBPRuntime::GetRuntime(); $runtime->StartRuntime(); $documentService = $runtime->GetService("DocumentService"); foreach ($arDocumentStates as $arDocumentState) { $bizProcIndex++; if ($arResult["ELEMENT_ID"] > 0) { $canViewWorkflow = CBPDocument::CanUserOperateDocument(CBPCanUserOperateOperation::ViewWorkflow, $GLOBALS["USER"]->GetID(), BizProcDocument::getDocumentComplexId($arParams["IBLOCK_TYPE_ID"], $arResult["ELEMENT_ID"]), array("AllUserGroups" => $arCurrentUserGroups, "DocumentStates" => $arDocumentStates, "WorkflowId" => $arDocumentState["ID"])); } else { $canViewWorkflow = CBPDocument::CanUserOperateDocumentType(CBPCanUserOperateOperation::StartWorkflow, $GLOBALS["USER"]->GetID(), BizProcDocument::generateDocumentComplexType($arParams["IBLOCK_TYPE_ID"], $arResult["IBLOCK_ID"]), array("sectionId" => intval($arResult["SECTION_ID"]), "AllUserGroups" => $arCurrentUserGroups, "DocumentStates" => $arDocumentStates, "WorkflowId" => $arDocumentState["ID"])); } if ($canViewWorkflow) { $arTab2Fields[] = array("id" => "BIZPROC_TITLE" . $bizProcIndex, "name" => $arDocumentState["TEMPLATE_NAME"], "type" => "section"); if ($arParams["IBLOCK_TYPE_ID"] != COption::GetOptionString("lists", "livefeed_iblock_type_id") && strlen($arDocumentState["ID"]) && CIBlockElementRights::UserHasRightTo($arResult["IBLOCK_ID"], $arResult["ELEMENT_ID"], "element_rights_edit") && strlen($arDocumentState["WORKFLOW_STATUS"])) { $arTab2Fields[] = array("id" => "BIZPROC_STOP" . $bizProcIndex, "name" => GetMessage("CT_BLEE_BIZPROC_STOP_LABEL"), "type" => "label", "value" => '<a href="javascript:jsStopBP(\'' . CUtil::JSEscape('form_' . $arResult["FORM_ID"]) . '\', \'' . CUtil::JSEscape($arDocumentState["ID"]) . '\');">' . GetMessage("CT_BLEE_BIZPROC_STOP") . '</a>'); } $arTab2Fields[] = array("id" => "BIZPROC_NAME" . $bizProcIndex, "name" => GetMessage("CT_BLEE_BIZPROC_NAME"), "type" => "label", "value" => $arDocumentState["TEMPLATE_NAME"]); if ($arDocumentState["TEMPLATE_DESCRIPTION"] != '') { $arTab2Fields[] = array("id" => "BIZPROC_DESC" . $bizProcIndex, "name" => GetMessage("CT_BLEE_BIZPROC_DESC"), "type" => "label", "value" => $arDocumentState["TEMPLATE_DESCRIPTION"]); } if (strlen($arDocumentState["STATE_MODIFIED"])) { $arTab2Fields[] = array("id" => "BIZPROC_DATE" . $bizProcIndex, "name" => GetMessage("CT_BLEE_BIZPROC_DATE"), "type" => "label", "value" => $arDocumentState["STATE_MODIFIED"]); } if (strlen($arDocumentState["STATE_NAME"])) { $backUrl = CHTTP::urlAddParams($APPLICATION->GetCurPageParam("", array($arResult["FORM_ID"] . "_active_tab")), array($arResult["FORM_ID"] . "_active_tab" => "tab_bp")); $url = CHTTP::urlAddParams(str_replace(array("#list_id#", "#document_state_id#", "#group_id#"), array($arResult["IBLOCK_ID"], $arDocumentState["ID"], $arParams["SOCNET_GROUP_ID"]), $arParams["~BIZPROC_LOG_URL"]), array("back_url" => $backUrl), array("skip_empty" => true, "encode" => true)); if (strlen($arDocumentState["ID"])) { $arTab2Fields[] = array("id" => "BIZPROC_STATE" . $bizProcIndex, "name" => GetMessage("CT_BLEE_BIZPROC_STATE"), "type" => "label", "value" => '<a href="' . htmlspecialcharsbx($url) . '">' . (strlen($arDocumentState["STATE_TITLE"]) ? $arDocumentState["STATE_TITLE"] : $arDocumentState["STATE_NAME"]) . '</a>'); $canDeleteWorkflow = false;
$bizProcIndex = 0; $arDocumentStates = CBPDocument::GetDocumentStates(array("iblock", "CIBlockDocument", $DOCUMENT_TYPE), $arResult["ELEMENT_ID"] > 0 ? array("iblock", "CIBlockDocument", $arResult["ELEMENT_ID"]) : null, "Y"); $custom_html .= '<input type="hidden" name="stop_bizproc" id="stop_bizproc" value="">'; $runtime = CBPRuntime::GetRuntime(); $runtime->StartRuntime(); $documentService = $runtime->GetService("DocumentService"); foreach ($arDocumentStates as $arDocumentState) { $bizProcIndex++; if ($arResult["ELEMENT_ID"] > 0) { $canViewWorkflow = CBPDocument::CanUserOperateDocument(CBPCanUserOperateOperation::ViewWorkflow, $GLOBALS["USER"]->GetID(), array("iblock", "CIBlockDocument", $arResult["ELEMENT_ID"]), array("AllUserGroups" => $arCurrentUserGroups, "DocumentStates" => $arDocumentStates, "WorkflowId" => $arDocumentState["ID"] > 0 ? $arDocumentState["ID"] : $arDocumentState["TEMPLATE_ID"])); } else { $canViewWorkflow = CBPDocument::CanUserOperateDocumentType(CBPCanUserOperateOperation::ViewWorkflow, $GLOBALS["USER"]->GetID(), array("iblock", "CIBlockDocument", "iblock_" . $arResult["IBLOCK_ID"]), array("AllUserGroups" => $arCurrentUserGroups, "DocumentStates" => $arDocumentStates, "WorkflowId" => $arDocumentState["ID"] > 0 ? $arDocumentState["ID"] : $arDocumentState["TEMPLATE_ID"])); } if ($canViewWorkflow) { $arTab2Fields[] = array("id" => "BIZPROC_TITLE" . $bizProcIndex, "name" => $arDocumentState["TEMPLATE_NAME"], "type" => "section"); if (strlen($arDocumentState["ID"]) && strlen($arDocumentState["WORKFLOW_STATUS"]) && CIBlockElementRights::UserHasRightTo($arResult["IBLOCK_ID"], $arResult["ELEMENT_ID"], "element_rights_edit")) { $arTab2Fields[] = array("id" => "BIZPROC_STOP" . $bizProcIndex, "name" => GetMessage("CT_BLEE_BIZPROC_STOP_LABEL"), "type" => "label", "value" => '<a href="javascript:jsStopBP(\'' . CUtil::JSEscape('form_' . $arResult["FORM_ID"]) . '\', \'' . CUtil::JSEscape($arDocumentState["ID"]) . '\');">' . GetMessage("CT_BLEE_BIZPROC_STOP") . '</a>'); } $arTab2Fields[] = array("id" => "BIZPROC_NAME" . $bizProcIndex, "name" => GetMessage("CT_BLEE_BIZPROC_NAME"), "type" => "label", "value" => $arDocumentState["TEMPLATE_NAME"]); if ($arDocumentState["TEMPLATE_DESCRIPTION"] != '') { $arTab2Fields[] = array("id" => "BIZPROC_DESC" . $bizProcIndex, "name" => GetMessage("CT_BLEE_BIZPROC_DESC"), "type" => "label", "value" => $arDocumentState["TEMPLATE_DESCRIPTION"]); } if (strlen($arDocumentState["STATE_MODIFIED"])) { $arTab2Fields[] = array("id" => "BIZPROC_DATE" . $bizProcIndex, "name" => GetMessage("CT_BLEE_BIZPROC_DATE"), "type" => "label", "value" => $arDocumentState["STATE_MODIFIED"]); } if (strlen($arDocumentState["STATE_NAME"])) { $url = str_replace(array("#list_id#", "#document_state_id#", "#group_id#"), array($arResult["IBLOCK_ID"], $arDocumentState["ID"], $arParams["SOCNET_GROUP_ID"]), $arParams["~BIZPROC_LOG_URL"]); if (strlen($arDocumentState["ID"])) { $arTab2Fields[] = array("id" => "BIZPROC_STATE" . $bizProcIndex, "name" => GetMessage("CT_BLEE_BIZPROC_STATE"), "type" => "label", "value" => '<a href="' . htmlspecialcharsbx($url) . '">' . (strlen($arDocumentState["STATE_TITLE"]) ? $arDocumentState["STATE_TITLE"] : $arDocumentState["STATE_NAME"]) . '</a>'); $canDeleteWorkflow = CBPDocument::CanUserOperateDocumentType(CBPCanUserOperateOperation::CreateWorkflow, $GLOBALS["USER"]->GetID(), array("iblock", "CIBlockDocument", $arResult["ELEMENT_ID"]), array("UserGroups" => $arCurrentUserGroups)); if ($canDeleteWorkflow) {
<?php /** @global CUser $USER */ /** @global int $ID */ use Bitrix\Main, Bitrix\Main\Localization\Loc; if ($USER->CanDoOperation('catalog_price')) { $IBLOCK_ID = intval($IBLOCK_ID); if (0 >= $IBLOCK_ID) { return; } $MENU_SECTION_ID = intval($MENU_SECTION_ID); $ID = (int) $ID; $PRODUCT_ID = 0 < $ID ? CIBlockElement::GetRealElement($ID) : 0; $boolPriceRights = $PRODUCT_ID > 0 ? CIBlockElementRights::UserHasRightTo($IBLOCK_ID, $PRODUCT_ID, "element_edit_price") : CIBlockSectionRights::UserHasRightTo($IBLOCK_ID, $MENU_SECTION_ID, "element_edit_price"); if ($boolPriceRights) { Loc::loadMessages($_SERVER['DOCUMENT_ROOT'] . '/bitrix/modules/catalog/templates/product_edit_action.php'); $arCatalogBasePrices = array(); $arCatalogPrices = array(); $CAT_ROW_COUNTER = intval($CAT_ROW_COUNTER); if ($CAT_ROW_COUNTER < 0) { $strWarning .= Loc::getMessage("C2IT_INTERNAL_ERROR") . "<br>"; } $arCatalogBaseGroup = CCatalogGroup::GetBaseGroup(); if (!$arCatalogBaseGroup) { $strWarning .= Loc::getMessage("C2IT_NO_BASE_TYPE") . "<br>"; } $CAT_VAT_ID = intval($CAT_VAT_ID); $CAT_VAT_INCLUDED = !isset($CAT_VAT_INCLUDED) || $CAT_VAT_INCLUDED == 'N' ? 'N' : 'Y'; $bUseExtForm = isset($_POST['price_useextform']) && $_POST['price_useextform'] == 'Y'; if (!$bUseExtForm) { $CAT_ROW_COUNTER = 0;
$arID[] = $arRes['ID']; } } foreach ($arID as $ID) { if (strlen($ID) <= 0) { continue; } $ID = intval($ID); $arRes = CIBlockElement::GetByID($ID); $arRes = $arRes->Fetch(); if (!$arRes) { continue; } $bPermissions = false; //delete and modify can: if (CIBlockElementRights::UserHasRightTo($IBLOCK_ID, $ID, "element_edit_any_wf_status ")) { $bPermissions = true; } else { //For delete action we have to check all statuses in element history $STATUS_PERMISSION = CIBlockElement::WF_GetStatusPermission($arRes["WF_STATUS_ID"], $_REQUEST['action'] == "delete" ? $ID : false); if ($STATUS_PERMISSION >= 2) { $bPermissions = true; } } if (!$bPermissions) { $lAdmin->AddGroupError(GetMessage("IBLOCK_ADM_HISTORY_UPDERR3") . " (ID:" . $ID . ")", $ID); continue; } switch ($_REQUEST['action']) { case "delete": $d = CIBlockElement::GetByID($ID);
<?php /** @global CUser $USER */ /** @global int $ID */ use Bitrix\Main, Bitrix\Main\Localization\Loc; if ($USER->CanDoOperation('catalog_price')) { $IBLOCK_ID = intval($IBLOCK_ID); if ($IBLOCK_ID <= 0) { return; } $PRODUCT_ID = 0 < $ID ? CIBlockElement::GetRealElement($ID) : 0; $boolPriceRights = $PRODUCT_ID > 0 ? CIBlockElementRights::UserHasRightTo($IBLOCK_ID, $PRODUCT_ID, "element_edit_price") : CIBlockRights::UserHasRightTo($IBLOCK_ID, $IBLOCK_ID, "element_edit_price"); if ($boolPriceRights) { Loc::loadMessages($_SERVER['DOCUMENT_ROOT'] . '/bitrix/modules/catalog/templates/product_edit_action.php'); $arCatalogBasePrices = array(); $arCatalogPrices = array(); $SUBCAT_ROW_COUNTER = intval($SUBCAT_ROW_COUNTER); if ($SUBCAT_ROW_COUNTER < 0) { $strWarning .= Loc::getMessage("C2IT_INTERNAL_ERROR") . "<br>"; } $arCatalogBaseGroup = CCatalogGroup::GetBaseGroup(); if (!$arCatalogBaseGroup) { $strWarning .= Loc::getMessage("C2IT_NO_BASE_TYPE") . "<br>"; } $SUBCAT_VAT_ID = intval($SUBCAT_VAT_ID); $SUBCAT_VAT_INCLUDED = !isset($SUBCAT_VAT_INCLUDED) || $SUBCAT_VAT_INCLUDED == 'N' ? 'N' : 'Y'; $bUseExtForm = isset($_POST['subprice_useextform']) && $_POST['subprice_useextform'] == 'Y'; if (!$bUseExtForm) { $SUBCAT_ROW_COUNTER = 0; } for ($i = 0; $i <= $SUBCAT_ROW_COUNTER; $i++) {
} $aActions = array(); if ($lists_perm >= CListPermissions::CAN_WRITE || CIBlockElementRights::UserHasRightTo($IBLOCK_ID, $data["~ID"], "element_edit")) { $aActions[] = array("ICONCLASS" => "edit", "TEXT" => GetMessage("CC_BLL_ELEMENT_ACTION_MENU_EDIT"), "ONCLICK" => "jsUtils.Redirect(arguments, '" . CUtil::JSEscape($url) . "')", "DEFAULT" => true); $arResult["ELEMENTS_CAN_MOVE"][] = $data["ID"]; } else { $aActions[] = array("ICONCLASS" => "view", "TEXT" => GetMessage("CC_BLL_ELEMENT_ACTION_MENU_VIEW"), "ONCLICK" => "jsUtils.Redirect(arguments, '" . CUtil::JSEscape($url) . "')", "DEFAULT" => true); } if ($lists_perm > CListPermissions::CAN_READ || CIBlockSectionRights::UserHasRightTo($IBLOCK_ID, intval($arResult["SECTION_ID"]), "section_element_bind")) { $urlCopy = CHTTP::urlAddParams(str_replace(array("#list_id#", "#section_id#", "#element_id#", "#group_id#"), array($arIBlock["ID"], intval($arResult["SECTION_ID"]), 0, $arParams["SOCNET_GROUP_ID"]), $arParams["LIST_ELEMENT_URL"]), array("copy_id" => $data["~ID"]), array("skip_empty" => true, "encode" => true)); $aActions[] = array("TEXT" => GetMessage("CC_BLL_ELEMENT_ACTION_MENU_COPY"), "ONCLICK" => "jsUtils.Redirect(arguments, '" . CUtil::JSEscape($urlCopy) . "')"); } if (count($arBPStart) && ($lists_perm >= CListPermissions::CAN_BIZPROC || CIBlockElementRights::UserHasRightTo($IBLOCK_ID, $data["~ID"], "element_bizproc_start"))) { $aActions[] = array("TEXT" => GetMessage("CC_BLL_ELEMENT_ACTION_MENU_START_BP"), "MENU" => $arBPStart); } if ($lists_perm >= CListPermissions::CAN_WRITE || CIBlockElementRights::UserHasRightTo($IBLOCK_ID, $data["~ID"], "element_delete")) { $aActions[] = array("SEPARATOR" => true); $aActions[] = array("ICONCLASS" => "delete", "TEXT" => GetMessage("CC_BLL_ELEMENT_ACTION_MENU_DELETE"), "ONCLICK" => "bxGrid_" . $arResult["GRID_ID"] . ".DeleteItem('" . $data["ID"] . "', '" . GetMessage("CC_BLL_ELEMENT_ACTION_MENU_DELETE_CONF") . "')"); $arResult["ELEMENTS_CAN_DELETE"][] = $data["ID"]; } $arResult["ELEMENTS_ROWS"][] = array("id" => $data["ID"], "data" => $data, "actions" => $aActions, "columns" => $aCols); } $rsElements->bShowAll = false; $arResult["NAV_OBJECT"] = $rsElements; $arResult["SORT"] = $grid_sort["sort"]; $arResult["LIST_NEW_ELEMENT_URL"] = str_replace(array("#list_id#", "#section_id#", "#element_id#", "#group_id#"), array($arIBlock["ID"], intval($arResult["SECTION_ID"]), 0, $arParams["SOCNET_GROUP_ID"]), $arParams["LIST_ELEMENT_URL"]); if ($arResult["ANY_SECTION"]) { $arResult["LIST_NEW_ELEMENT_URL"] = CHTTP::urlAddParams($arResult["LIST_NEW_ELEMENT_URL"], array("list_section_id" => "")); } $APPLICATION->SetTitle(GetMessage("CC_BLL_TITLE", array("#NAME#" => $arResult["IBLOCK"]["NAME"]))); $APPLICATION->AddChainItem($arResult["IBLOCK"]["NAME"], CHTTP::urlAddParams(str_replace(array("#list_id#", "#section_id#", "#group_id#"), array($arResult["IBLOCK_ID"], 0, $arParams["SOCNET_GROUP_ID"]), $arParams["~LIST_URL"]), array("list_section_id" => "")));
<?php /** @global CUser $USER */ /** @var string $strWarning */ /** @var int $IBLOCK_ID */ /** @var int $ID */ if ($USER->CanDoOperation('catalog_price')) { $IBLOCK_ID = (int) $IBLOCK_ID; $ID = (int) $ID; $userId = (int) $USER->GetID(); if (0 < $IBLOCK_ID && 0 < $ID) { $PRODUCT_ID = CIBlockElement::GetRealElement($ID); $bUseStoreControl = COption::GetOptionString('catalog', 'default_use_store_control', 'N') == "Y"; $bEnableReservation = 'N' != COption::GetOptionString('catalog', 'enable_reservation'); if (CIBlockElementRights::UserHasRightTo($IBLOCK_ID, $PRODUCT_ID, "element_edit_price")) { IncludeModuleLangFile($_SERVER['DOCUMENT_ROOT'] . '/bitrix/modules/catalog/templates/product_edit_action.php'); if ('' == $strWarning) { $bUseExtForm = isset($_POST['price_useextform']) && 'Y' == $_POST['price_useextform']; $arCatalog = CCatalog::GetByID($IBLOCK_ID); $arCatalogPrice_tmp = array(); $intBasePriceCount = count($arCatalogBasePrices); $dbCatGroups = CCatalogGroup::GetList(array(), array("!BASE" => "Y")); while ($arCatGroups = $dbCatGroups->Fetch()) { unset($arCatalogPrice_tmp); $arCatalogPrice_tmp = array(); for ($i = 0; $i < $intBasePriceCount; $i++) { ${"CAT_PRICE_" . $arCatGroups["ID"] . "_" . $arCatalogBasePrices[$i]["IND"]} = str_replace(",", ".", ${"CAT_PRICE_" . $arCatGroups["ID"] . "_" . $arCatalogBasePrices[$i]["IND"]}); $arCatalogPrice_tmp[$i] = array("ID" => IntVal(${"CAT_ID_" . $arCatGroups["ID"]}[$arCatalogBasePrices[$i]["IND"]]), "EXTRA_ID" => ${"CAT_EXTRA_" . $arCatGroups["ID"] . "_" . $arCatalogBasePrices[$i]["IND"]} ? IntVal(${"CAT_EXTRA_" . $arCatGroups["ID"] . "_" . $arCatalogBasePrices[$i]["IND"]}) : 0, "PRICE" => ${"CAT_PRICE_" . $arCatGroups["ID"] . "_" . $arCatalogBasePrices[$i]["IND"]}, "CURRENCY" => Trim(${"CAT_CURRENCY_" . $arCatGroups["ID"] . "_" . $arCatalogBasePrices[$i]["IND"]}), "QUANTITY_FROM" => $arCatalogBasePrices[$i]["QUANTITY_FROM"], "QUANTITY_TO" => $arCatalogBasePrices[$i]["QUANTITY_TO"]); if (strlen($arCatalogPrice_tmp[$i]["CURRENCY"]) <= 0) { $arCatalogPrice_tmp[$i]["CURRENCY"] = $arCatalogBasePrices[$i]["CURRENCY"]; }
} } } if (!empty($actionsProcess)) { $listProcesses[] = array("TEXT" => $documentState["TEMPLATE_NAME"] . " (" . $documentState["STARTED"] . ")", "MENU" => $actionsProcess); } else { $listProcesses[] = array("TEXT" => $documentState["TEMPLATE_NAME"] . " (" . $documentState["STARTED"] . ")"); } } } if (!empty($listProcesses)) { $aActions[] = array("TEXT" => GetMessage("CC_BLL_ELEMENT_ACTION_MENU_RUNNING_BP"), "MENU" => $listProcesses); } } } if (!$arResult["IS_SOCNET_GROUP_CLOSED"] && ($lists_perm >= CListPermissions::CAN_WRITE || CIBlockElementRights::UserHasRightTo($IBLOCK_ID, $data["~ID"], "element_delete"))) { $aActions[] = array("SEPARATOR" => true); $aActions[] = array("ICONCLASS" => "delete", "TEXT" => GetMessage("CC_BLL_ELEMENT_ACTION_MENU_DELETE"), "ONCLICK" => "bxGrid_" . $arResult["GRID_ID"] . ".DeleteItem('" . $data["ID"] . "', '" . GetMessage("CC_BLL_ELEMENT_ACTION_MENU_DELETE_CONF") . "')"); $arResult["ELEMENTS_CAN_DELETE"][] = $data["ID"]; } $arResult["ELEMENTS_ROWS"][] = array("id" => $data["ID"], "data" => $data, "actions" => $aActions, "columns" => $aCols); } if (!$arResult["CAN_READ"] && $check) { $arResult["CAN_READ"] = true; } $rsElements->bShowAll = false; $arResult["NAV_OBJECT"] = $rsElements; $arResult["SORT"] = $grid_sort["sort"]; $arResult["LIST_NEW_ELEMENT_URL"] = str_replace(array("#list_id#", "#section_id#", "#element_id#", "#group_id#"), array($arIBlock["ID"], intval($arResult["SECTION_ID"]), 0, $arParams["SOCNET_GROUP_ID"]), $arParams["LIST_ELEMENT_URL"]); if ($arResult["ANY_SECTION"]) { $arResult["LIST_NEW_ELEMENT_URL"] = CHTTP::urlAddParams($arResult["LIST_NEW_ELEMENT_URL"], array("list_section_id" => ""));
foreach ($obRights->GetRights() as $RIGHT_ID => $arRight) { $htmlHidden .= ' <input type="hidden" name="SUB_RIGHTS[][RIGHT_ID]" value="' . htmlspecialcharsbx($RIGHT_ID) . '"> <input type="hidden" name="SUB_RIGHTS[][GROUP_CODE]" value="' . htmlspecialcharsbx($arRight["GROUP_CODE"]) . '"> <input type="hidden" name="SUB_RIGHTS[][TASK_ID]" value="' . htmlspecialcharsbx($arRight["TASK_ID"]) . '"> '; } } else { $obRights = new CIBlockSectionRights($IBLOCK_ID, 0); $htmlHidden = ''; } $tabControl->BeginCustomField("RIGHTS", GetMessage("IBEL_E_RIGHTS_FIELD")); IBlockShowRights('element', $IBLOCK_ID, $ID, GetMessage("IBEL_E_RIGHTS_SECTION_TITLE"), "SUB_RIGHTS", $obRights->GetRightsList(), $obRights->GetRights(array("count_overwrited" => true, "parents" => array())), false, $ID <= 0 || $bCopy); $tabControl->EndCustomField("RIGHTS", $htmlHidden); } $bDisabled = $view == "Y" || $bWorkflow && $prn_LOCK_STATUS == "red" || ($ID <= 0 || $bCopy) && !CIBlockSectionRights::UserHasRightTo($IBLOCK_ID, 0, "section_element_bind") || $ID > 0 && !$bCopy && !CIBlockElementRights::UserHasRightTo($IBLOCK_ID, $ID, "element_edit") || $bBizproc && !$canWrite; if ($ID > 0 && !$bSubCopy && BX_SUB_SETTINGS) { if (!$ajaxReload) { $reloadParams = array('bxpublic' => 'Y', 'bxsku' => 'Y', 'WF' => 'Y', 'TMP_ID' => $strSubTMP_ID, 'ajaxReload' => 'Y'); if ($arShowTabs['product_group']) { $reloadParams['groupdel'] = 'Y'; $reloadParams['sessid'] = bitrix_sessid(); $setBtn = "{\n\t\t\t\ttitle: '" . CUtil::JSEscape(GetMessage('IB_SE_SET_PRODUCT_TYPE_GROUP_DELETE')) . "',\n\t\t\t\tname: 'groupdel',\n\t\t\t\tid: 'groupdel',\n\t\t\t\tclassName: 'adm-btn-add',\n\t\t\t\taction: function () {\n\t\t\t\t\tif (confirm('" . CUtil::JSEscape(GetMessage('IB_SE_SET_PRODUCT_TYPE_GROUP_DELETE_CONFIRM')) . "'))\n\t\t\t\t\t{\n\t\t\t\t\t\ttop.BX.showWait();\n\t\t\t\t\t\ttop.BX.ajax.get(\n\t\t\t\t\t\t\t'" . CIBlock::GetAdminSubElementEditLink($IBLOCK_ID, $intProductID, $ID, $reloadParams, '', true) . "',\n\t\t\t\t\t\t\tfunction (result) {\n\t\t\t\t\t\t\t\ttop.BX.closeWait();\n\t\t\t\t\t\t\t\ttop.BX.WindowManager.Get().SetContent(result);\n\t\t\t\t\t\t\t\tif (BX('groupdel'))\n\t\t\t\t\t\t\t\t{\n\t\t\t\t\t\t\t\t\tBX.style(BX('groupdel'), 'display', 'none');\n\t\t\t\t\t\t\t\t}\n\t\t\t\t\t\t\t}\n\t\t\t\t\t\t);\n\t\t\t\t\t}\n\t\t\t\t}\n\t\t\t}"; } else { $reloadParams['SUBPRODUCT_TYPE'] = CCatalogAdminTools::TAB_GROUP; $setBtn = "{\n\t\t\t\ttitle: '" . CUtil::JSEscape(GetMessage('IB_SE_SET_PRODUCT_TYPE_GROUP_ADD')) . "',\n\t\t\t\tname: 'groupset',\n\t\t\t\tid: 'groupset',\n\t\t\t\tclassName: 'adm-btn-add',\n\t\t\t\taction: function () {\n\t\t\t\t\ttop.BX.showWait();\n\t\t\t\t\ttop.BX.ajax.get('" . CIBlock::GetAdminSubElementEditLink($IBLOCK_ID, $intProductID, $ID, $reloadParams, '', true) . "',\n\t\t\t\t\tfunction (result) {\n\t\t\t\t\t\ttop.BX.closeWait();\n\t\t\t\t\t\ttop.BX.WindowManager.Get().SetContent(result);\n\t\t\t\t\t\tif (BX('groupset'))\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\tBX.style(BX('groupset'), 'display', 'none');\n\t\t\t\t\t\t}\n\t\t\t\t\t});\n\t\t\t\t}\n\t\t\t}"; } $tabControl->ButtonsPublic(array($setBtn)); unset($setBtn, $reloadParams); } } else {
))) ); } if(strlen($f_DETAIL_PAGE_URL) > 0) { $tmpVar = CIBlock::ReplaceDetailUrl($arRes["DETAIL_PAGE_URL"], $arRes_orig, true, "E"); $arActions[] = array( "ICON" => "view", "TEXT" => GetMessage("IBLIST_A_ADMIN_VIEW"), "TITLE" => GetMessage("IBLIST_A_VIEW_WF_ALT"), "ACTION" => $lAdmin->ActionRedirect(htmlspecialcharsbx($tmpVar)), ); } if (CIBlockElementRights::UserHasRightTo($IBLOCK_ID, $f_ID, "element_delete")) { if (!empty($arActions)) $arActions[] = array("SEPARATOR"=>true); $arActions[] = array( "ICON" => "delete", "TEXT" => GetMessage('MAIN_DELETE'), "TITLE" => GetMessage("IBLOCK_DELETE_ALT"), "ACTION" => "if(confirm('".GetMessageJS('IBLOCK_CONFIRM_DEL_MESSAGE')."')) ".$lAdmin->ActionDoGroup($f_TYPE.$arRes_orig['ID'], "delete", $sThisSectionUrl), ); } } $row->AddActions($arActions); } if ($bCatalog) {
if (CModule::IncludeModule('iblock')) { CIBlockElement::Delete(intval($absenceID)); } } if (!CModule::IncludeModule('iblock')) { echo GetMessage("INTR_ABSENCE_BITRIX24_MODULE"); } else { if ($_SERVER["REQUEST_METHOD"] === "GET" && isset($_GET["action"]) && $_GET["action"] == "delete" && check_bitrix_sessid()) { if (CIBlockElementRights::UserHasRightTo($iblockID, intval($_GET["absenceID"]), "element_delete")) { DeleteAbsence($_GET["absenceID"]); } die; } $ID = 1; if ($_SERVER["REQUEST_METHOD"] === "POST" && check_bitrix_sessid()) { if (isset($_POST['absence_element_id']) && CIBlockElementRights::UserHasRightTo($iblockID, intval($_POST['absence_element_id']), 'element_edit')) { $ID = EditAbsence($_POST); } elseif (!isset($_POST['absence_element_id']) && CIBlockSectionRights::UserHasRightTo($iblockID, 0, "section_element_bind")) { $ID = AddAbsence($_POST); } else { die('error:<li>' . GetMessage('INTR_USER_ERR_NO_RIGHT') . '</li>'); } if (is_array($ID)) { $arErrors = $ID; foreach ($arErrors as $key => $val) { if (strlen($val) <= 0) { unset($arErrors[$key]); } } $ID = 0; die('error:<li>' . implode('</li><li>', $arErrors)) . '</li>';
} elseif ($lists_perm < 0) { switch ($lists_perm) { case CListPermissions::WRONG_IBLOCK_TYPE: ShowError(GetMessage("CC_BLF_WRONG_IBLOCK_TYPE")); return; case CListPermissions::WRONG_IBLOCK: ShowError(GetMessage("CC_BLF_WRONG_IBLOCK")); return; case CListPermissions::LISTS_FOR_SONET_GROUP_DISABLED: ShowError(GetMessage("CC_BLF_LISTS_FOR_SONET_GROUP_DISABLED")); return; default: ShowError(GetMessage("CC_BLF_UNKNOWN_ERROR")); return; } } elseif ($ELEMENT_ID > 0 && $lists_perm <= CListPermissions::CAN_READ && !CIBlockElementRights::UserHasRightTo($IBLOCK_ID, $ELEMENT_ID, "element_read")) { ShowError(GetMessage("CC_BLF_ACCESS_DENIED")); return; } elseif ($SECTION_ID > 0 && $lists_perm <= CListPermissions::CAN_READ && !CIBlockSectionRights::UserHasRightTo($IBLOCK_ID, $SECTION_ID, "section_read")) { ShowError(GetMessage("CC_BLF_ACCESS_DENIED")); return; } $arIBlock = CIBlock::GetArrayByID(intval($arParams["~IBLOCK_ID"])); $arResult["FILES"] = array(); $arResult["ELEMENT"] = false; $arResult["SECTION"] = false; if ($ELEMENT_ID > 0) { $rsElement = CIBlockElement::GetList(array(), array("IBLOCK_ID" => $arIBlock["ID"], "=ID" => $ELEMENT_ID, "CHECK_PERMISSIONS" => "N"), false, false, array("ID", $arParams["FIELD_ID"])); while ($ar = $rsElement->GetNext()) { if (isset($ar[$arParams["FIELD_ID"]])) { $arResult["FILES"][] = $ar[$arParams["FIELD_ID"]];
/** * @param $userId * @return bool */ public function canRead($userId) { if ($this->canRead !== null) { return $this->canRead; } if (($res = $this->getDataToCheck($this->entityId)) && !empty($res)) { list($message, $topic) = $res; if (!empty($topic["XML_ID"])) { $entityId = substr($topic["XML_ID"], strrpos($topic["XML_ID"], "_") + 1); $entityType = substr($topic["XML_ID"], 0, strrpos($topic["XML_ID"], "_")); switch ($entityType) { case "TASK": if (Loader::includeModule("tasks")) { $connector = new TaskConnector($entityId, $this->attachedObject); $this->canRead = $connector->canRead($userId); return $this->canRead; } break; case "EVENT": if (Loader::includeModule("calendar")) { $connector = new CalendarEventConnector($entityId, $this->attachedObject); $this->canRead = $connector->canRead($userId); return $this->canRead; } break; case "IBLOCK": if ((int) $topic["USER_ID"] > 0 && Loader::includeModule("socialnetwork")) { $codes = array(); if (($res = \CSocNetLog::getList(array(), array("SOURCE_ID" => $entityId, "EVENT_ID" => array("photo_photo", "news", "wiki")), false, false, array("ID"))->fetch()) && $res) { $db_res = \CSocNetLogRights::getList(array(), array("LOG_ID" => $res["ID"])); while ($res = $db_res->fetch()) { $codes[] = $res["GROUP_CODE"]; } } $this->canRead = $this->canAccess($userId, $codes); return $this->canRead; } $this->canRead = true; return $this->canRead; case "MEETING": $this->canRead = (int) $message["FORUM_ID"] == (int) \COption::getOptionInt('meeting', 'comments_forum_id', 0, SITE_ID); return $this->canRead; case "TIMEMAN_ENTRY": if (Loader::includeModule("timeman")) { $dbEntry = \CTimeManEntry::getList(array(), array("ID" => $entityId), false, false, array("ID", "USER_ID")); if ($arEntry = $dbEntry->fetch()) { if ($arEntry["USER_ID"] == $userId) { $this->canRead = true; return $this->canRead; } else { $arManagers = \CTimeMan::getUserManagers($arEntry["USER_ID"]); $this->canRead = in_array($userId, $arManagers); return $this->canRead; } } } $this->canRead = false; return $this->canRead; case "TIMEMAN_REPORT": if (Loader::includeModule("timeman")) { $dbReport = \CTimeManReportFull::getList(array(), array("ID" => $entityId), false, false, array("ID", "USER_ID")); if ($arReport = $dbReport->fetch()) { if ($arReport["USER_ID"] == $userId) { $this->canRead = true; return $this->canRead; } else { $arManagers = \CTimeMan::getUserManagers($arReport["USER_ID"]); $this->canRead = in_array($userId, $arManagers); return $this->canRead; } } } $this->canRead = false; return $this->canRead; case "WF": $this->canRead = false; if (Loader::includeModule("bizproc") && Loader::includeModule("lists")) { $documentId = \CBPStateService::getStateDocumentId($entityId); $elementId = intval($documentId[2]); $elementObject = \CIBlockElement::getList(array(), array('ID' => $elementId), false, false, array('IBLOCK_TYPE_ID', 'IBLOCK_ID')); $element = $elementObject->fetch(); $listPerm = \CListPermissions::checkAccess($this->getUser(), $element['IBLOCK_TYPE_ID'], $element['IBLOCK_ID']); if ($listPerm < 0) { $this->canRead = false; } elseif ($listPerm < \CListPermissions::CAN_READ && !\CIBlockElementRights::UserHasRightTo($element['IBLOCK_ID'], $elementId, "element_read")) { $this->canRead = false; } else { $this->canRead = true; } } return $this->canRead; } } else { if ((!empty($topic["SOCNET_GROUP_ID"]) || !empty($topic["OWNER_ID"])) && Loader::includeModule("socialnetwork")) { if (!empty($topic["SOCNET_GROUP_ID"])) { $this->canRead = \CSocNetFeatures::isActiveFeature(SONET_ENTITY_GROUP, $topic["SOCNET_GROUP_ID"], "forum") && \CSocNetFeaturesPerms::canPerformOperation($userId, SONET_ENTITY_GROUP, $topic["SOCNET_GROUP_ID"], "forum", "view"); return $this->canRead; } else { $this->canRead = \CSocNetFeatures::isActiveFeature(SONET_ENTITY_USER, $topic["OWNER_ID"], "forum") && \CSocNetFeaturesPerms::canPerformOperation($userId, SONET_ENTITY_USER, $topic["OWNER_ID"], "forum", "view"); return $this->canRead; } } } if ($message) { $user = $this->getUser(); if ($user && $userId == $user->getId()) { $userGroups = $user->getUserGroupArray(); } else { $userGroups = array(2); } /** @noinspection PhpDynamicAsStaticMethodCallInspection */ if (\CForumUser::isAdmin($userId, $userGroups)) { $this->canRead = true; return $this->canRead; } /** @noinspection PhpDynamicAsStaticMethodCallInspection */ $perms = \CForumNew::getUserPermission($message["FORUM_ID"], $userGroups); if ($perms >= "Y") { $this->canRead = true; return $this->canRead; } if ($perms < "E" || $perms < "Q" && $message["APPROVED"] != "Y") { $this->canRead = false; return $this->canRead; } /** @noinspection PhpDynamicAsStaticMethodCallInspection */ $forum = \CForumNew::getByID($message["FORUM_ID"]); $this->canRead = $forum["ACTIVE"] == "Y"; return $this->canRead; } } $this->canRead = false; return $this->canRead; }