public function __construct($arFilter)
{
$loggedUserId = false;
// Skip checking permissions?
if (isset($arFilter['CHECK_PERMISSIONS']) && $arFilter['CHECK_PERMISSIONS'] === 'N') {
return;
}
// Determine requested operations
$this->requestedOperations = self::ParseRequestedOperations($arFilter);
// Determine logged in user
global $USER;
if (is_object($USER) && method_exists($USER, 'GetID')) {
$loggedUserId = (int) $USER->GetID();
}
$this->requestedUserId = self::DetermineRequestedUserId($arFilter, $loggedUserId);
// If user_id === current logged user_id, and he is admin => skip checking permissions
if ($this->requestedUserId === $loggedUserId && $USER->IsAdmin()) {
return;
}
// skip checking permissions
$this->oAccess = CLearnAccess::GetInstance($this->requestedUserId);
// If base (shared) user rights covers requested operations => nothing to check.
if ($this->oAccess->IsBaseAccess($this->requestedOperations)) {
return;
}
// skip checking permissions
// Checking of permissions must be.
$this->bCheckPerm = true;
}
public function CheckFields(&$arFields, $ID = false)
{
global $DB, $USER;
$arMsg = array();
if ((is_set($arFields, "NAME") || $ID === false) && strlen(trim($arFields["NAME"])) <= 0) {
$arMsg[] = array("id" => "NAME", "text" => GetMessage("LEARNING_BAD_NAME"));
}
if (is_set($arFields, "FILE_ID")) {
$error = CFile::CheckImageFile($arFields["FILE_ID"]);
if (strlen($error) > 0) {
$arMsg[] = array("id" => "FILE_ID", "text" => $error);
}
}
if (strlen($this->LAST_ERROR) <= 0) {
if ($ID === false && !is_set($arFields, "LESSON_ID") || is_set($arFields, "LESSON_ID") && intval($arFields["LESSON_ID"]) < 1) {
$arMsg[] = array("id" => "LESSON_ID", "text" => GetMessage("LEARNING_BAD_LESSON_ID"));
} elseif (is_set($arFields, "LESSON_ID")) {
$res = CLearnLesson::GetByID($arFields["LESSON_ID"]);
if ($arRes = $res->Fetch()) {
$oAccess = CLearnAccess::GetInstance($USER->GetID());
$bAccessLessonModify = $oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_WRITE) || $oAccess->IsLessonAccessible($arFields["LESSON_ID"], CLearnAccess::OP_LESSON_WRITE);
if (!$bAccessLessonModify) {
$arMsg[] = array("id" => "LESSON_ID", "text" => GetMessage("LEARNING_BAD_LESSON_ID_EX"));
}
} else {
$arMsg[] = array("id" => "LESSON_ID", "text" => GetMessage("LEARNING_BAD_LESSON_ID_EX"));
}
}
}
if (!empty($arMsg)) {
$e = new CAdminException($arMsg);
$GLOBALS["APPLICATION"]->ThrowException($e);
return false;
}
if (is_set($arFields, "QUESTION_TYPE") && !in_array($arFields["QUESTION_TYPE"], array("S", "M", "T", "R"))) {
$arFields["QUESTION_TYPE"] = "S";
}
if (is_set($arFields, "DESCRIPTION_TYPE") && $arFields["DESCRIPTION_TYPE"] != "html") {
$arFields["DESCRIPTION_TYPE"] = "text";
}
if (is_set($arFields, "DIRECTION") && $arFields["DIRECTION"] != "H") {
$arFields["DIRECTION"] = "V";
}
if (is_set($arFields, "SELF") && $arFields["SELF"] != "Y") {
$arFields["SELF"] = "N";
}
if (is_set($arFields, "ACTIVE") && $arFields["ACTIVE"] != "Y") {
$arFields["ACTIVE"] = "N";
}
if (is_set($arFields, "EMAIL_ANSWER") && $arFields["EMAIL_ANSWER"] != "Y") {
$arFields["EMAIL_ANSWER"] = "N";
}
if (is_set($arFields, "CORRECT_REQUIRED") && $arFields["CORRECT_REQUIRED"] != "Y") {
$arFields["CORRECT_REQUIRED"] = "N";
}
return true;
}
public static function RenderLessonRightsTab($userId, $POSTName = 'LESSON_RIGHTS', $lessonId, $readOnly)
{
$oAccess = CLearnAccess::GetInstance($userId);
$arPossibleRights = $oAccess->ListAllPossibleRights();
$arBaseRights = $oAccess->GetBasePermissions();
// is it base permissions request?
if ($lessonId === false) {
$arActualRights = $arBaseRights;
} elseif ($lessonId == 0) {
// is new lesson?
$arActualRights = array();
} else {
$arActualRights = $oAccess->GetLessonPermissions($lessonId);
}
CLearnRenderRightsEdit::LearningShowRights($lessonId, $POSTName, $arBaseRights, $arPossibleRights, $arActualRights, array(), array(), $readOnly);
}
if ($arQuestionData) {
$LESSON_ID = $arQuestionData['LESSON_ID'];
if (isset($_POST['LESSON_ID']) && $_POST['LESSON_ID'] >= 1 && $_POST['LESSON_ID'] != $LESSON_ID) {
$NEW_LESSON_ID = (int) $_POST['LESSON_ID'];
}
}
}
if ($LESSON_ID === false) {
require $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/prolog_admin_after.php";
CAdminMessage::ShowMessage(GetMessage('LEARNING_BAD_LESSON'));
require $_SERVER['DOCUMENT_ROOT'] . '/bitrix/modules/main/include/epilog_admin.php';
exit;
}
$uriParentLessonPath = $oPath->ExportUrlencoded();
unset($lessonPath);
$oAccess = CLearnAccess::GetInstance($USER->GetID());
if ($oAccess->IsLessonAccessible($LESSON_ID, CLearnAccess::OP_LESSON_WRITE)) {
$bBadCourse = false;
} else {
$bBadCourse = true;
}
if ($NEW_LESSON_ID !== false) {
if ($oAccess->IsLessonAccessible($NEW_LESSON_ID, CLearnAccess::OP_LESSON_WRITE)) {
$bBadCourse = false;
} else {
$bBadCourse = true;
}
}
$aTabs = array(array("DIV" => "edit1", "TAB" => GetMessage("LEARNING_ADMIN_TAB1"), "ICON" => "main_user_edit", "TITLE" => GetMessage("LEARNING_ADMIN_TAB1_EX")), array("DIV" => "edit2", "TAB" => GetMessage("LEARNING_ADMIN_TAB2"), "ICON" => "main_user_edit", "TITLE" => GetMessage("LEARNING_ADMIN_TAB2_EX")), array("DIV" => "edit3", "TAB" => GetMessage("LEARNING_ADMIN_TAB3"), "ICON" => "main_user_edit", "TITLE" => GetMessage("LEARNING_ADMIN_TAB3_EX")));
$aTabs[] = $USER_FIELD_MANAGER->EditFormTab('LEARNING_QUESTIONS');
$tabControl = new CAdminForm("questionTabControl", $aTabs);
public static final function Delete($lesson_id)
{
global $USER_FIELD_MANAGER;
list($lesson_id, $simulate, $check_permissions, $user_id) = self::_funcDelete_ParseOptions($lesson_id);
if ($check_permissions) {
$oAccess = CLearnAccess::GetInstance($user_id);
if (!$oAccess->IsLessonAccessible($lesson_id, CLearnAccess::OP_LESSON_REMOVE)) {
throw new LearnException('EA_ACCESS_DENIED', LearnException::EXC_ERR_ALL_ACCESS_DENIED);
}
}
// Parents and childs of the lesson
$arNeighboursEdges = self::ListImmediateNeighbours($lesson_id);
// precache rights for lesson
if ($check_permissions) {
$IsLessonAccessibleFor_OP_LESSON_UNLINK_DESCENDANTS = $oAccess->IsLessonAccessible($lesson_id, CLearnAccess::OP_LESSON_UNLINK_DESCENDANTS);
$IsLessonAccessibleFor_OP_LESSON_UNLINK_FROM_PARENTS = $oAccess->IsLessonAccessible($lesson_id, CLearnAccess::OP_LESSON_UNLINK_FROM_PARENTS);
}
foreach (GetModuleEvents('learning', 'OnBeforeLessonDelete', true) as $arEvent) {
ExecuteModuleEventEx($arEvent, array($lesson_id));
}
foreach ($arNeighboursEdges as $arEdge) {
$child_lesson_id = (int) $arEdge['CHILD_LESSON'];
$parent_lesson_id = (int) $arEdge['PARENT_LESSON'];
if ($check_permissions) {
$IsLessonAccessible = false;
if ($child_lesson_id === $lesson_id) {
// if we will be remove edge to parent - use precached rights for OP_LESSON_UNLINK_FROM_PARENTS
$IsLessonAccessible = $IsLessonAccessibleFor_OP_LESSON_UNLINK_FROM_PARENTS && $oAccess->IsLessonAccessible($parent_lesson_id, CLearnAccess::OP_LESSON_UNLINK_DESCENDANTS);
} elseif ($parent_lesson_id === $lesson_id) {
// if we will be remove edge to child - use precached rights for OP_LESSON_UNLINK_DESCENDANTS
$IsLessonAccessible = $IsLessonAccessibleFor_OP_LESSON_UNLINK_DESCENDANTS && $oAccess->IsLessonAccessible($child_lesson_id, CLearnAccess::OP_LESSON_UNLINK_FROM_PARENTS);
} else {
throw new LearnException('EA_FATAL: $lesson_id (' . $lesson_id . ') not equal to one of: $child_lesson_id (' . $child_lesson_id . '), $parent_lesson_id (' . $parent_lesson_id . ')', LearnException::EXC_ERR_ALL_LOGIC | LearnException::EXC_ERR_ALL_GIVEUP);
}
if (!$IsLessonAccessible) {
throw new LearnException('EA_ACCESS_DENIED', LearnException::EXC_ERR_ALL_ACCESS_DENIED);
}
if ($simulate === false) {
self::RelationRemove($parent_lesson_id, $child_lesson_id);
}
}
}
$linkedCourseId = self::GetLinkedCourse($lesson_id);
// If lesson is course, remove course
if ($linkedCourseId !== false) {
global $DB;
if ($simulate === false) {
if (!$DB->Query("DELETE FROM b_learn_course_site WHERE COURSE_ID = " . (int) $linkedCourseId, true)) {
throw new LearnException('EA_SQLERROR', LearnException::EXC_ERR_ALL_GIVEUP);
}
$rc = self::CourseBecomeLesson($linkedCourseId);
// if course cannot be converted to lesson - don't remove lesson
if ($rc === false) {
throw new LearnException('EA_OTHER: lesson is unremovable because linked course is in use.', LearnException::EXC_ERR_LL_UNREMOVABLE_CL);
}
// reload cache of LINKED_LESSON_ID -> COURSE_ID
self::GetCourseToLessonMap_ReloadCache();
if (CModule::IncludeModule("search")) {
CSearch::DeleteIndex("learning", false, "C" . $linkedCourseId);
CSearch::DeleteIndex("learning", "C" . $linkedCourseId);
}
}
}
// And remove lesson
if ($simulate === false) {
global $DB;
$r = $DB->Query("SELECT PREVIEW_PICTURE, DETAIL_PICTURE \n\t\t\t\tFROM b_learn_lesson \n\t\t\t\tWHERE ID = " . (int) $lesson_id, true);
if ($r === false) {
throw new LearnException('EA_SQLERROR', LearnException::EXC_ERR_ALL_GIVEUP);
}
$arRes = $r->Fetch();
if (!$arRes) {
throw new LearnException('EA_SQLERROR', LearnException::EXC_ERR_ALL_GIVEUP);
}
CFile::Delete($arRes['PREVIEW_PICTURE']);
CFile::Delete($arRes['DETAIL_PICTURE']);
// Remove questions
$q = CLQuestion::GetList(array(), array('LESSON_ID' => $lesson_id));
while ($arQ = $q->Fetch()) {
if (!CLQuestion::Delete($arQ['ID'])) {
throw new LearnException('EA_QUESTION_NOT_REMOVED', LearnException::EXC_ERR_ALL_GIVEUP);
}
}
CLearnGraphNode::Remove($lesson_id);
$USER_FIELD_MANAGER->delete('LEARNING_LESSONS', $lesson_id);
CLearnCacheOfLessonTreeComponent::MarkAsDirty();
CEventLog::add(array('AUDIT_TYPE_ID' => 'LEARNING_REMOVE_ITEM', 'MODULE_ID' => 'learning', 'ITEM_ID' => 'L #' . $lesson_id, 'DESCRIPTION' => 'lesson removed'));
if (CModule::IncludeModule('search')) {
CSearch::DeleteIndex('learning', false, 'L' . $lesson_id);
CSearch::DeleteIndex('learning', 'L' . $lesson_id);
}
}
if ($simulate === false) {
foreach (GetModuleEvents('learning', 'OnAfterLessonDelete', true) as $arEvent) {
ExecuteModuleEventEx($arEvent, array($lesson_id));
}
}
}
/**
* If user logged in - get hash for of access symbols for user.
* If user isn't logged in - get hash of access symbols for not authorized users.
*/
public static function GetAccessSymbolsHashForSiteUser()
{
global $USER;
$userId = $USER->GetID();
$arCodes = array();
if ($userId > 0) {
$oAccess = CLearnAccess::GetInstance($userId);
$arCodes = $oAccess->GetAccessCodes();
} else {
$arCodes = array('G2');
}
// G2 - is group included all users (not authorized too)
$hash = base64_encode(serialize($arCodes));
return $hash;
}
/**
* <p>Возвращает право доступа к учебному курсу с идентификатором <i>courseId</i> для текущего пользователя.</p>
*
*
*
*
* @param int $courseId Идентификатор курса. <br><br> До версии 12.0.0 параметр назывался COURSE_ID.
*
*
*
* @return string <p>Символ права доступа: "D" - запрещён, "R" - чтение, "W" - изменение, "X" -
* полный доступ (изменение + право изменять права доступа). </p>
*
*
* <h4>Example</h4>
* <pre>
* <?
* $permission = CCourse::GetPermission($id);
* if ($permission<"X")
* return false;
* ?>
* </pre>
*
*
*
* <h4>See Also</h4>
* <ul> <li> <a href="http://dev.1c-bitrix.ru/api_help/learning/classes/ccourse/index.php">CCourse</a>::<a
* href="http://dev.1c-bitrix.ru/api_help/learning/classes/ccourse/setpermission.php">SetPermission</a> </li> <li> <a
* href="http://dev.1c-bitrix.ru/api_help/learning/classes/ccourse/index.php">CCourse</a>::<a
* href="http://dev.1c-bitrix.ru/api_help/learning/classes/ccourse/getgrouppermissions.php">GetGroupPermissions</a> </li>
* </ul><a name="examples"></a>
*
*
* @static
* @link http://dev.1c-bitrix.ru/api_help/learning/classes/ccourse/getpermission.php
* @author Bitrix
*/
public static function GetPermission($courseId)
{
global $USER;
static $accessMatrix = false;
$courseId = (int) $courseId;
if (!($courseId > 0)) {
return 'D';
}
// access denied
$linkedLessonId = CCourse::CourseGetLinkedLesson($courseId);
if (!($linkedLessonId > 0)) {
return 'D';
}
// some troubles, access denied
$oAccess = CLearnAccess::GetInstance($USER->GetID());
if ($accessMatrix === false) {
$accessMatrix = array('X' => CLearnAccess::OP_LESSON_READ | CLearnAccess::OP_LESSON_CREATE | CLearnAccess::OP_LESSON_WRITE | CLearnAccess::OP_LESSON_REMOVE | CLearnAccess::OP_LESSON_LINK_TO_PARENTS | CLearnAccess::OP_LESSON_UNLINK_FROM_PARENTS | CLearnAccess::OP_LESSON_LINK_DESCENDANTS | CLearnAccess::OP_LESSON_UNLINK_DESCENDANTS | CLearnAccess::OP_LESSON_MANAGE_RIGHTS, 'W' => CLearnAccess::OP_LESSON_READ | CLearnAccess::OP_LESSON_CREATE | CLearnAccess::OP_LESSON_WRITE | CLearnAccess::OP_LESSON_REMOVE, 'R' => CLearnAccess::OP_LESSON_READ);
}
foreach ($accessMatrix as $oldAccessSymbol => $operations) {
if ($oAccess->IsBaseAccess($operations) || $oAccess->IsLessonAccessible($linkedLessonId, $operations)) {
return $oldAccessSymbol;
}
}
// by default, access denied
return 'D';
}
public static function CanUserEditLessonRights($arParams)
{
// Parse options (user_id from $arParams will be automaticaly resolved)
$options = self::ParseParamsWithUser($arParams, array('lesson_id' => array('type' => 'strictly_castable_to_integer', 'mandatory' => true)));
$oAccess = CLearnAccess::GetInstance($options['user_id']);
$isAccessGranted = $oAccess->IsLessonAccessible($options['lesson_id'], CLearnAccess::OP_LESSON_MANAGE_RIGHTS);
return $isAccessGranted;
}
protected function EnsureLessonDeactivateAccess($lessonID)
{
global $USER;
if ($USER->IsAdmin()) {
return $this;
}
$oAccess = CLearnAccess::GetInstance($USER->GetID());
if (!$oAccess->IsLessonAccessible($lessonID, CLearnAccess::OP_LESSON_WRITE)) {
throw new CLearnRenderAdminUnilessonListException('', CLearnRenderAdminUnilessonListException::C_ACCESS_DENIED);
}
return $this;
}
public static function CanViewAdminMenu()
{
global $USER;
if ($USER->IsAdmin()) {
return true;
}
$oAccess = CLearnAccess::GetInstance($USER->GetID());
if ($oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_READ) && ($oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_CREATE) || $oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_WRITE) || $oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_REMOVE) || $oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_CREATE) || $oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_LINK_TO_PARENTS) || $oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_UNLINK_FROM_PARENTS) || $oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_LINK_DESCENDANTS) || $oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_UNLINK_DESCENDANTS) || $oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_MANAGE_RIGHTS))) {
return true;
}
if ($oAccess->IsBaseAccess(CLearnAccess::OP_LESSON_CREATE)) {
return true;
}
$db = CCourse::GetList(array(), array("CHECK_PERMISSIONS" => "Y", "ACCESS_OPERATIONS" => CLearnAccess::OP_LESSON_CREATE | CLearnAccess::OP_LESSON_WRITE | CLearnAccess::OP_LESSON_REMOVE | CLearnAccess::OP_LESSON_LINK_TO_PARENTS | CLearnAccess::OP_LESSON_UNLINK_FROM_PARENTS | CLearnAccess::OP_LESSON_LINK_DESCENDANTS | CLearnAccess::OP_LESSON_UNLINK_DESCENDANTS | CLearnAccess::OP_LESSON_MANAGE_RIGHTS), array("nTopCount" => 1));
return $db->Fetch() !== false;
}
