protected function processActionDefault() { $pathToAjax = isset($this->arParams['AJAX_PATH']) ? $this->arParams['AJAX_PATH'] : '/bitrix/components/bitrix/disk.bitrix24disk/ajax.php'; /** @noinspection PhpDynamicAsStaticMethodCallInspection */ $quota = CDiskQuota::getDiskQuota(); $this->arResult['showDiskQuota'] = false; //$quota !== true; //now without quota $this->arResult['diskSpace'] = (double) COption::getOptionInt('main', 'disk_space') * 1024 * 1024; $this->arResult['quota'] = $quota; $this->arResult['ajaxIndex'] = $pathToAjax; $this->arResult['ajaxStorageIndex'] = '/desktop_app/storage.php'; $this->arResult['isInstalledDisk'] = \Bitrix\Disk\Desktop::isDesktopDiskInstall(); $this->arResult['personalLibIndex'] = '/company/personal/user/' . $this->getUser()->getId() . '/disk/path/'; $this->arResult['isInstalledPull'] = (bool) isModuleInstalled('pull'); $this->arResult['currentUser'] = array('id' => $this->getUser()->getId(), 'formattedName' => $this->getUser()->getFormattedName()); Asset::getInstance()->addJs('/bitrix/components/bitrix/disk.bitrix24disk/disk.js'); $this->includeComponentTemplate(); }
/** * @param string $ip * @return bool */ protected function blockCurrentUser($ip = "") { if(self::currentUserHaveRightsForSkip()) return false; if(!is_string($ip) || $ip === "") $ip = $_SERVER["REMOTE_ADDR"]; $rule = new CSecurityIPRule; CTimeZone::Disable(); $added = $rule->Add(array( "RULE_TYPE" => "A", "ACTIVE" => "Y", "ADMIN_SECTION" => "Y", "NAME" => getMessage("SECURITY_FILTER_IP_RULE", array("#IP#" => $ip)), "ACTIVE_FROM" => ConvertTimeStamp(false, "FULL"), "ACTIVE_TO" => ConvertTimeStamp(time()+COption::getOptionInt("security", "filter_duration")*60, "FULL"), "INCL_IPS" => array($ip), "INCL_MASKS" => array("/*"), )); CTimeZone::Enable(); return ($added > 0); }
/** * Return WAF events count for Admin's informer popup and Admin's gadget * @param string $pTimestamp - from date * @return integer */ public function getEventsCount($pTimestamp = '') { if (!$this->isDBEngineActive) { return 0; } /** * @global CCacheManager $CACHE_MANAGER * @global CDataBase $DB */ global $DB, $CACHE_MANAGER; $ttl = 3600; $cacheId = 'sec_events_count'; $cacheDir = '/security/events'; if ($CACHE_MANAGER->read($ttl, $cacheId, $cacheDir)) { $result = $CACHE_MANAGER->get($cacheId); } else { if (strlen($pTimestamp) <= 0) { $days = COption::getOptionInt("main", "event_log_cleanup_days", 7); if ($days > 7) { $days = 7; } $pTimestamp = convertTimeStamp(time() - $days * 24 * 3600 + CTimeZone::getOffset()); } $arAudits = array("SECURITY_FILTER_SQL", "SECURITY_FILTER_XSS", "SECURITY_FILTER_XSS2", "SECURITY_FILTER_PHP"); $strAuditsSql = implode("', '", $arAudits); $strSql = "\n\t\t\t\tSELECT COUNT(ID) AS COUNT\n\t\t\t\tFROM\n\t\t\t\t\tb_event_log\n\t\t\t\tWHERE\n\t\t\t\t\tAUDIT_TYPE_ID in ('" . $strAuditsSql . "')\n\t\t\t\tAND\n\t\t\t\t\t(MODULE_ID = 'security' and MODULE_ID is not null)\n\t\t\t\tAND\n\t\t\t\t\tTIMESTAMP_X >= " . $DB->charToDateFunction($DB->forSQL($pTimestamp)) . "\n\t\t\t"; $res = $DB->query($strSql, false, "FILE: " . __FILE__ . "<br>LINE: " . __LINE__); if ($arRes = $res->fetch()) { $result = $arRes["COUNT"]; } else { $result = 0; } $CACHE_MANAGER->set($cacheId, $result); } return $result; }
public static function initializeBasicKernel() { //language independed classes require_once $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/classes/general/punycode.php"; require_once $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/classes/general/charset_converter.php"; require_once $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/classes/" . $GLOBALS["DBType"] . "/main.php"; //main class require_once $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/classes/" . $GLOBALS["DBType"] . "/option.php"; //options and settings class require_once $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/classes/general/cache.php"; //various cache classes require_once $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/classes/general/cache_html.php"; //html cache class support require_once $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/classes/general/module.php"; error_reporting(E_COMPILE_ERROR | E_ERROR | E_CORE_ERROR | E_PARSE); require_once $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/classes/general/virtual_io.php"; require_once $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/classes/general/virtual_file.php"; //define global application object $GLOBALS["APPLICATION"] = new \CMain(); if (defined("SITE_ID")) { define("LANG", SITE_ID); } if (defined("LANG")) { if (defined("ADMIN_SECTION") && ADMIN_SECTION === true) { $db_lang = CLangAdmin::getByID(LANG); } else { $db_lang = CLang::getByID(LANG); } $arLang = $db_lang->fetch(); } else { $arLang = $GLOBALS["APPLICATION"]->getLang(); // define("LANG", $arLang["LID"]); } $lang = $arLang["LID"]; // define("SITE_ID", $arLang["LID"]); // define("SITE_DIR", $arLang["DIR"]); // define("SITE_SERVER_NAME", $arLang["SERVER_NAME"]); // define("SITE_CHARSET", $arLang["CHARSET"]); // define("FORMAT_DATE", $arLang["FORMAT_DATE"]); // define("FORMAT_DATETIME", $arLang["FORMAT_DATETIME"]); // define("LANG_DIR", $arLang["DIR"]); // define("LANG_CHARSET", $arLang["CHARSET"]); // define("LANG_ADMIN_LID", $arLang["LANGUAGE_ID"]); // define("LANGUAGE_ID", $arLang["LANGUAGE_ID"]); /// нужна кодировка для конвертации $GLOBALS["APPLICATION"]->reinitPath(); //global var, is used somewhere $GLOBALS["sDocPath"] = $GLOBALS["APPLICATION"]->getCurPage(); IncludeModuleLangFile($_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/tools.php"); IncludeModuleLangFile($_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/date_format.php"); IncludeModuleLangFile($_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/classes/general/database.php"); IncludeModuleLangFile($_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/classes/general/main.php"); IncludeModuleLangFile(__FILE__); error_reporting(\COption::getOptionInt("main", "error_reporting", E_COMPILE_ERROR | E_ERROR | E_CORE_ERROR | E_PARSE) & ~E_STRICT); if (!defined("BX_COMP_MANAGED_CACHE") && \COption::getOptionString("main", "component_managed_cache_on", "Y") != "N") { } // define("BX_COMP_MANAGED_CACHE", true); require_once $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/filter_tools.php"; require_once $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/ajax_tools.php"; require_once $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/classes/general/urlrewriter.php"; \CModule::addAutoloadClasses("main", array("CBitrixComponent" => "classes/general/component.php", "CComponentEngine" => "classes/general/component_engine.php", "CComponentAjax" => "classes/general/component_ajax.php", "CBitrixComponentTemplate" => "classes/general/component_template.php", "CComponentUtil" => "classes/general/component_util.php", "CControllerClient" => "classes/general/controller_member.php", "PHPParser" => "classes/general/php_parser.php", "CDiskQuota" => "classes/" . $GLOBALS["DBType"] . "/quota.php", "CEventLog" => "classes/general/event_log.php", "CEventMain" => "classes/general/event_log.php", "CAdminFileDialog" => "classes/general/file_dialog.php", "WLL_User" => "classes/general/liveid.php", "WLL_ConsentToken" => "classes/general/liveid.php", "WindowsLiveLogin" => "classes/general/liveid.php", "CAllFile" => "classes/general/file.php", "CFile" => "classes/" . $GLOBALS["DBType"] . "/file.php", "CTempFile" => "classes/general/file_temp.php", "CFavorites" => "classes/" . $GLOBALS["DBType"] . "/favorites.php", "CUserOptions" => "classes/general/user_options.php", "CGridOptions" => "classes/general/grids.php", "CUndo" => "/classes/general/undo.php", "CAutoSave" => "/classes/general/undo.php", "CRatings" => "classes/" . $GLOBALS["DBType"] . "/ratings.php", "CRatingsComponentsMain" => "classes/" . $GLOBALS["DBType"] . "/ratings_components.php", "CRatingRule" => "classes/general/rating_rule.php", "CRatingRulesMain" => "classes/" . $GLOBALS["DBType"] . "/rating_rules.php", "CTopPanel" => "public/top_panel.php", "CEditArea" => "public/edit_area.php", "CComponentPanel" => "public/edit_area.php", "CTextParser" => "classes/general/textparser.php", "CPHPCacheFiles" => "classes/general/cache_files.php", "CTimeZone" => "classes/general/time.php", "CDataXML" => "classes/general/xml.php", "CRsaProvider" => "classes/general/rsasecurity.php", "CRsaSecurity" => "classes/general/rsasecurity.php", "CRsaBcmathProvider" => "classes/general/rsabcmath.php", "CRsaOpensslProvider" => "classes/general/rsaopenssl.php", "CASNReader" => "classes/general/asn.php", "CBXShortUri" => "classes/" . $GLOBALS["DBType"] . "/short_uri.php", "CFinder" => "classes/general/finder.php", "CAccess" => "classes/general/access.php", "CAuthProvider" => "classes/general/authproviders.php", "IProviderInterface" => "classes/general/authproviders.php", "CGroupAuthProvider" => "classes/general/authproviders.php", "CUserAuthProvider" => "classes/general/authproviders.php", "Bitrix\\Main\\Entity\\Base" => "lib/entity/base.php", "Bitrix\\Main\\Entity\\DataManager" => "lib/entity/base.php", "Bitrix\\Main\\Entity\\Field" => "lib/entity/field.php", "Bitrix\\Main\\Entity\\ScalarField" => "lib/entity/scalarfield.php", "Bitrix\\Main\\Entity\\IntegerField" => "lib/entity/integerfield.php", "Bitrix\\Main\\Entity\\FloatField" => "lib/entity/floatfield.php", "Bitrix\\Main\\Entity\\StringField" => "lib/entity/stringfield.php", "Bitrix\\Main\\Entity\\TextField" => "lib/entity/textfield.php", "Bitrix\\Main\\Entity\\BooleanField" => "lib/entity/booleanfield.php", "Bitrix\\Main\\Entity\\DateField" => "lib/entity/datefield.php", "Bitrix\\Main\\Entity\\DatetimeField" => "lib/entity/datetimefield.php", "Bitrix\\Main\\Entity\\EnumField" => "lib/entity/enumfield.php", "Bitrix\\Main\\Entity\\ExpressionField" => "lib/entity/expressionfield.php", "Bitrix\\Main\\Entity\\UField" => "lib/entity/ufield.php", "WorkgroupEntity" => "lib/workgroup.php", "Bitrix\\Main\\Entity\\ReferenceField" => "lib/entity/referencefield.php", "Bitrix\\Main\\Entity\\Query" => "lib/entity/query.php", "Bitrix\\Main\\Entity\\QueryChain" => "lib/entity/querychain.php", "Bitrix\\Main\\Entity\\QueryChainElement" => "lib/entity/querychainelement.php", "SiteEntity" => "lib/site.php", "Site" => "lib/site.php", "UserEntity" => "lib/user.php", "UtsUserEntity" => "lib/utsuser.php", "UtmUserEntity" => "lib/utmuser.php", "UserGroupEntity" => "lib/usergroup.php", "GroupEntity" => "lib/group.php", "CTableSchema" => "classes/general/table_schema.php", "CUserCounter" => "classes/" . $GLOBALS["DBType"] . "/user_counter.php", "CHotKeys" => "classes/general/hot_keys.php", "CHotKeysCode" => "classes/general/hot_keys.php", "CBXSanitizer" => "classes/general/sanitizer.php", "CBXArchive" => "classes/general/archive.php", "CAdminNotify" => "classes/general/admin_notify.php", "CBXFavAdmMenu" => "classes/general/favorites.php", "CAdminInformer" => "classes/general/admin_informer.php")); require_once $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/classes/" . $GLOBALS["DBType"] . "/agent.php"; require_once $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/classes/" . $GLOBALS["DBType"] . "/user.php"; require_once $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/classes/" . $GLOBALS["DBType"] . "/event.php"; require_once $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/classes/general/menu.php"; AddEventHandler("main", "OnAfterEpilog", array("CCacheManager", "_Finalize")); require_once $_SERVER["DOCUMENT_ROOT"] . BX_ROOT . "/modules/main/classes/" . $GLOBALS["DBType"] . "/usertype.php"; //component 2.0 template engines // нужно до подключения init.php $GLOBALS["arCustomTemplateEngines"] = array(); }
<?php require $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/prolog_admin_before.php"; if (check_bitrix_sessid()) { $IBLOCK_ID = COption::getOptionInt('intranet', 'iblock_structure', 0); $SECTION_ID = intval($_REQUEST['SECTION_ID']); $USER_ID = intval($_REQUEST['USER_ID']); if ($IBLOCK_ID && $SECTION_ID && $USER_ID && CModule::IncludeModule('iblock')) { $perm = CIBlock::GetPermission($IBLOCK_ID); if ($perm >= 'W') { $obS = new CIBlockSection(); if ($obS->Update($SECTION_ID, array('UF_HEAD' => $USER_ID))) { echo '<script>BX.reload(true);</script>'; } elseif ($obS->LAST_ERROR) { echo '<script>alert(\'' . CUtil::JSEscape($obS->LAST_ERROR) . '\');</script>'; } } else { echo '<script>alert(\'Access denied!\');</script>'; } } else { echo '<script>alert(\'Params error!\');</script>'; } } else { echo '<script>alert(\'Session expired!\');</script>'; }
function Connect($mailbox_id) { global $DB; $mailbox_id = IntVal($mailbox_id); $strSql = "SELECT MB.*, C.CHARSET as LANG_CHARSET " . "FROM b_mail_mailbox MB, b_lang L, b_culture C " . "WHERE MB.LID=L.LID AND C.ID=L.CULTURE_ID " . "\tAND MB.ID=" . $mailbox_id; $dbr = $DB->Query($strSql, false, "File: " . __FILE__ . "<br>Line: " . __LINE__); $dbr = new _CMailBoxDBRes($dbr); if (!($arMAILBOX_PARAMS = $dbr->Fetch())) { return CMailError::SetError("ERR_MAILBOX_NOT_FOUND", GetMessage("MAIL_CL_ERR_MAILBOX_NOT_FOUND"), GetMessage("MAIL_CL_ERR_MAILBOX_NOT_FOUND")); } @set_time_limit(0); // https://support.google.com/mail/answer/47948 if ($arMAILBOX_PARAMS["SERVER"] == 'pop.gmail.com') { $arMAILBOX_PARAMS["LOGIN"] = '******' . $arMAILBOX_PARAMS["LOGIN"]; } $server = $arMAILBOX_PARAMS["SERVER"]; if (($arMAILBOX_PARAMS['USE_TLS'] == 'Y' || $arMAILBOX_PARAMS['USE_TLS'] == 'S') && strpos($server, 'tls://') === false) { $server = 'tls://' . $server; } $pop3_conn =& $this->pop3_conn; $pop3_conn = stream_socket_client(sprintf('%s:%s', $server, $arMAILBOX_PARAMS["PORT"]), $errno, $errstr, COption::getOptionInt('mail', 'connect_timeout', B_MAIL_TIMEOUT), STREAM_CLIENT_CONNECT, stream_context_create(array('ssl' => array('allow_self_signed' => $arMAILBOX_PARAMS['USE_TLS'] == 'S')))); CMailLog::AddMessage(array("MAILBOX_ID" => $mailbox_id, "STATUS_GOOD" => "Y", "MESSAGE" => GetMessage("MAIL_CL_CONNECT_TO") . " " . $arMAILBOX_PARAMS["SERVER"])); if (!$pop3_conn || !is_resource($pop3_conn)) { CMailLog::AddMessage(array("MAILBOX_ID" => $mailbox_id, "STATUS_GOOD" => "N", "MESSAGE" => GetMessage("MAIL_CL_TIMEOUT"))); return CMailError::SetError("ERR_CONNECT_TIMEOUT", GetMessage("MAIL_CL_TIMEOUT"), "{$errstr} ({$errno})"); } $this->mailbox_id = $mailbox_id; if ($arMAILBOX_PARAMS["CHARSET"] != '') { $this->charset = $arMAILBOX_PARAMS["CHARSET"]; } else { $this->charset = $arMAILBOX_PARAMS["LANG_CHARSET"]; } $this->use_md5 = $arMAILBOX_PARAMS["USE_MD5"]; $session_id = md5(uniqid("")); $this->GetResponse(); $greeting = $this->GetResponseString(); if ($this->use_md5 == "Y" && preg_match("'(<.+>)'", $greeting, $reg)) { $this->SendCommand("APOP " . $arMAILBOX_PARAMS["LOGIN"] . " " . md5($reg[1] . $arMAILBOX_PARAMS["PASSWORD"])); if (!$this->GetResponse()) { return CMailError::SetError("ERR_AFTER_USER", GetMessage("MAIL_CL_ERR_APOP"), $this->GetResponseString()); } } else { $this->SendCommand("USER " . $arMAILBOX_PARAMS["LOGIN"]); if (!$this->GetResponse()) { return CMailError::SetError("ERR_AFTER_USER", GetMessage("MAIL_CL_ERR_USER"), $this->GetResponseString()); } $this->SendCommand("PASS " . $arMAILBOX_PARAMS["PASSWORD"]); if (!$this->GetResponse()) { return CMailError::SetError("ERR_AFTER_PASS", GetMessage("MAIL_CL_ERR_PASSWORD"), $this->GetResponseString()); } } $this->SendCommand("STAT"); if (!$this->GetResponse()) { return CMailError::SetError("ERR_AFTER_STAT", GetMessage("MAIL_CL_ERR_STAT"), $this->GetResponseString()); } $stat = trim($this->GetResponseBody()); $arStat = explode(" ", $stat); $this->mess_count = $arStat[1]; if ($this->mess_count > 0) { $this->mess_size = $arStat[2]; $arLIST = array(); if ($arMAILBOX_PARAMS["MAX_MSG_SIZE"] > 0) { $this->SendCommand("LIST"); if (!$this->GetResponse(true)) { return CMailError::SetError("ERR_AFTER_LIST", "LIST command error", $this->GetResponseString()); } $list = $this->GetResponseBody(); preg_match_all("'([0-9]+)[ ]+?(.+)'", $list, $arLIST_temp, PREG_SET_ORDER); for ($i = 0, $n = count($arLIST_temp); $i < $n; $i++) { $arLIST[IntVal($arLIST_temp[$i][1])] = IntVal($arLIST_temp[$i][2]); } } $this->SendCommand("UIDL"); if (!$this->GetResponse(true)) { return CMailError::SetError("ERR_AFTER_UIDL", GetMessage("MAIL_CL_ERR_UIDL"), $this->GetResponseString()); } $uidl = $this->GetResponseBody(); preg_match_all("'([0-9]+)[ ]+?(.+)'", $uidl, $arUIDL_temp, PREG_SET_ORDER); $arUIDL = array(); $cnt = count($arUIDL_temp); for ($i = 0; $i < $cnt; $i++) { $arUIDL[md5($arUIDL_temp[$i][2])] = $arUIDL_temp[$i][1]; } $skipOldUIDL = $cnt < $this->mess_count; if ($skipOldUIDL) { AddMessage2Log(sprintf("%s\n%s of %s", $this->response, $cnt, $this->mess_count), 'mail'); } $arOldUIDL = array(); if (count($arUIDL) > 0) { $strSql = 'SELECT ID FROM b_mail_message_uid WHERE MAILBOX_ID = ' . $mailbox_id; $db_res = $DB->query($strSql, false, 'File: ' . __FILE__ . '<br>Line: ' . __LINE__); while ($ar_res = $db_res->fetch()) { if (isset($arUIDL[$ar_res['ID']])) { unset($arUIDL[$ar_res['ID']]); } else { if (!$skipOldUIDL) { $arOldUIDL[] = $ar_res['ID']; } } } } while (count($arOldUIDL) > 0) { $ids = "'" . join("','", array_splice($arOldUIDL, 0, 1000)) . "'"; $strSql = 'DELETE FROM b_mail_message_uid WHERE MAILBOX_ID = ' . $mailbox_id . ' AND ID IN (' . $ids . ')'; $DB->query($strSql, false, 'File: ' . __FILE__ . '<br>Line: ' . __LINE__); } $this->new_mess_count = 0; $this->deleted_mess_count = 0; $session_id = md5(uniqid("")); foreach ($arUIDL as $msguid => $msgnum) { if ($arMAILBOX_PARAMS["MAX_MSG_SIZE"] <= 0 || $arLIST[$msgnum] <= $arMAILBOX_PARAMS["MAX_MSG_SIZE"]) { $this->GetMessage($mailbox_id, $msgnum, $msguid, $session_id); } if ($arMAILBOX_PARAMS["DELETE_MESSAGES"] == "Y") { $this->DeleteMessage($msgnum); $this->deleted_mess_count++; } $this->new_mess_count++; if ($arMAILBOX_PARAMS["MAX_MSG_COUNT"] > 0 && $arMAILBOX_PARAMS["MAX_MSG_COUNT"] <= $this->new_mess_count) { break; } } } $this->SendCommand("QUIT"); if (!$this->GetResponse()) { return CMailError::SetError("ERR_AFTER_QUIT", GetMessage("MAIL_CL_ERR_DISCONNECT"), $this->GetResponseString()); } fclose($pop3_conn); return true; }
/** * @param string $pIP */ protected function blockCurrentUser($pIP = "") { static $blocked = array(); if($this->currentUserHaveRightsForSkip()) return; if(is_string($pIP) && $pIP != "") { $ip = $pIP; } else { $ip = $_SERVER["REMOTE_ADDR"]; } if(!array_key_exists($ip, $blocked)) { $rule = new CSecurityIPRule; CTimeZone::Disable(); $rule->Add(array( "RULE_TYPE" => "A", "ACTIVE" => "Y", "ADMIN_SECTION" => "Y", "NAME" => getMessage("SECURITY_FILTER_IP_RULE", array("#IP#" => $ip)), "ACTIVE_FROM" => ConvertTimeStamp(false, "FULL"), "ACTIVE_TO" => ConvertTimeStamp(time()+COption::getOptionInt("security", "filter_duration")*60, "FULL"), "INCL_IPS" => array($ip), "INCL_MASKS" => array("*"), )); CTimeZone::Enable(); $blocked[$ip] = true; $this->isUserBlocked = true; } }
/** * @param $userId * @return bool */ public function canRead($userId) { if ($this->canRead !== null) { return $this->canRead; } if (($res = $this->getDataToCheck($this->entityId)) && !empty($res)) { list($message, $topic) = $res; $entityId = null; $entityType = null; if (!empty($topic["XML_ID"])) { $entityId = substr($topic["XML_ID"], strrpos($topic["XML_ID"], "_") + 1); $entityType = substr($topic["XML_ID"], 0, strrpos($topic["XML_ID"], "_")); } switch ($entityType) { case "TASK": if (Loader::includeModule("tasks")) { $connector = new TaskConnector($entityId, $this->attachedObject); $this->canRead = $connector->canRead($userId); return $this->canRead; } break; case "EVENT": if (Loader::includeModule("calendar")) { $connector = new CalendarEventConnector($entityId, $this->attachedObject); $this->canRead = $connector->canRead($userId); return $this->canRead; } break; case "IBLOCK": if ((int) $topic["USER_ID"] > 0 && Loader::includeModule("socialnetwork")) { $codes = array(); if (($res = \CSocNetLog::getList(array(), array("SOURCE_ID" => $entityId, "EVENT_ID" => array("photo_photo", "news", "wiki")), false, false, array("ID"))->fetch()) && $res) { $db_res = \CSocNetLogRights::getList(array(), array("LOG_ID" => $res["ID"])); while ($res = $db_res->fetch()) { $codes[] = $res["GROUP_CODE"]; } } $this->canRead = $this->canAccess($userId, $codes); return $this->canRead; } $this->canRead = true; return $this->canRead; case "MEETING": $this->canRead = (int) $message["FORUM_ID"] == (int) \COption::getOptionInt('meeting', 'comments_forum_id', 0, SITE_ID); return $this->canRead; case "TIMEMAN_ENTRY": if (Loader::includeModule("timeman")) { $dbEntry = \CTimeManEntry::getList(array(), array("ID" => $entityId), false, false, array("ID", "USER_ID")); if ($arEntry = $dbEntry->fetch()) { if ($arEntry["USER_ID"] == $userId) { $this->canRead = true; return $this->canRead; } else { $arManagers = \CTimeMan::getUserManagers($arEntry["USER_ID"]); $this->canRead = in_array($userId, $arManagers); return $this->canRead; } } } $this->canRead = false; return $this->canRead; case "TIMEMAN_REPORT": if (Loader::includeModule("timeman")) { $dbReport = \CTimeManReportFull::getList(array(), array("ID" => $entityId), array("ID", "USER_ID")); if ($arReport = $dbReport->fetch()) { if ($arReport["USER_ID"] == $userId) { $this->canRead = true; return $this->canRead; } else { $arManagers = \CTimeMan::getUserManagers($arReport["USER_ID"]); $this->canRead = in_array($userId, $arManagers); return $this->canRead; } } } $this->canRead = false; return $this->canRead; case "WF": $this->canRead = false; if (Loader::includeModule("bizproc")) { $currentUserId = (int) $this->getUser()->getId(); $participants = \CBPTaskService::getWorkflowParticipants($entityId); if (in_array($currentUserId, $participants)) { $this->canRead = true; } else { $state = \CBPStateService::getWorkflowStateInfo($entityId); if ($state && $currentUserId === (int) $state['STARTED_BY']) { $this->canRead = true; } } } return $this->canRead; } if ((!empty($topic["SOCNET_GROUP_ID"]) || !empty($topic["OWNER_ID"])) && Loader::includeModule("socialnetwork")) { if (!empty($topic["SOCNET_GROUP_ID"])) { $this->canRead = \CSocNetFeatures::isActiveFeature(SONET_ENTITY_GROUP, $topic["SOCNET_GROUP_ID"], "forum") && \CSocNetFeaturesPerms::canPerformOperation($userId, SONET_ENTITY_GROUP, $topic["SOCNET_GROUP_ID"], "forum", "view"); return $this->canRead; } else { $this->canRead = \CSocNetFeatures::isActiveFeature(SONET_ENTITY_USER, $topic["OWNER_ID"], "forum") && \CSocNetFeaturesPerms::canPerformOperation($userId, SONET_ENTITY_USER, $topic["OWNER_ID"], "forum", "view"); return $this->canRead; } } if ($message) { $user = $this->getUser(); if ($user && $userId == $user->getId()) { $userGroups = $user->getUserGroupArray(); } else { $userGroups = array(2); } /** @noinspection PhpDynamicAsStaticMethodCallInspection */ if (\CForumUser::isAdmin($userId, $userGroups)) { $this->canRead = true; return $this->canRead; } /** @noinspection PhpDynamicAsStaticMethodCallInspection */ $perms = \CForumNew::getUserPermission($message["FORUM_ID"], $userGroups); if ($perms >= "Y") { $this->canRead = true; return $this->canRead; } if ($perms < "E" || $perms < "Q" && $message["APPROVED"] != "Y") { $this->canRead = false; return $this->canRead; } /** @noinspection PhpDynamicAsStaticMethodCallInspection */ $forum = \CForumNew::getByID($message["FORUM_ID"]); $this->canRead = $forum["ACTIVE"] == "Y"; return $this->canRead; } } $this->canRead = false; return $this->canRead; }