public static function filesBulletinAdd($userId, $bulletinId)
{
if ($userId == 0) {
CAccess::setError('blockUnregister');
return false;
}
$table = JTable::getInstance('Bulletin', 'CTable');
$table->load($bulletinId);
//CFactory::load( 'libraries' , 'limits' );
$groupModel = CFactory::getModel('groups');
$bulletinParams = $table->getParams();
if (!CLimitsHelper::exceededGroupFileUpload($table->groupid)) {
return false;
}
if (CLimitsLibrary::exceedDaily('files', $userId)) {
return false;
}
if (COwnerHelper::isCommunityAdmin() || $groupModel->isAdmin($userId, $table->groupid) || $groupModel->isMember($userId, $table->groupid) && $bulletinParams->get('filepermission-member')) {
return true;
}
return false;
}
function _check_rights_sql($min_permission)
{
global $DB, $USER;
$min_permission = (strlen($min_permission)==1) ? $min_permission : "R";
if(is_object($USER))
{
$iUserID = intval($USER->GetID());
$strGroups = $USER->GetGroups();
$bAuthorized = $USER->IsAuthorized();
}
else
{
$iUserID = 0;
$strGroups = "2";
$bAuthorized = false;
}
$stdPermissions = "
SELECT IBLOCK_ID
FROM b_iblock_group IBG
WHERE IBG.GROUP_ID IN (".$strGroups.")
AND IBG.PERMISSION >= '".$DB->ForSQL($min_permission)."'
";
if(!defined("ADMIN_SECTION"))
$stdPermissions .= "
AND (IBG.PERMISSION='X' OR B.ACTIVE='Y')
";
if($min_permission >= "X")
$operation = 'section_rights_edit';
elseif($min_permission >= "W")
$operation = 'section_edit';
elseif($min_permission >= "R")
$operation = 'section_read';
else
$operation = '';
if($operation)
{
$acc = new CAccess;
$acc->UpdateCodes();
}
if($operation == "section_read")
{
$extPermissions = "
SELECT SR.SECTION_ID
FROM b_iblock_section_right SR
INNER JOIN b_iblock_right IBR ON IBR.ID = SR.RIGHT_ID
".($iUserID > 0? "LEFT": "INNER")." JOIN b_user_access UA ON UA.ACCESS_CODE = IBR.GROUP_CODE AND UA.USER_ID = ".$iUserID."
WHERE SR.SECTION_ID = BS.ID
AND IBR.OP_SREAD = 'Y'
".($bAuthorized || $iUserID > 0? "
AND (UA.USER_ID IS NOT NULL
".($bAuthorized? "OR IBR.GROUP_CODE = 'AU'": "")."
".($iUserID > 0? "OR (IBR.GROUP_CODE = 'CR' AND BS.CREATED_BY = ".$iUserID.")": "")."
)": "")."
";
$strResult = "(
B.ID IN ($stdPermissions)
OR (B.RIGHTS_MODE = 'E' AND EXISTS ($extPermissions))
)";
}
elseif($operation)
{
$extPermissions = "
SELECT SR.SECTION_ID
FROM b_iblock_section_right SR
INNER JOIN b_iblock_right IBR ON IBR.ID = SR.RIGHT_ID
INNER JOIN b_task_operation T ON T.TASK_ID = IBR.TASK_ID
INNER JOIN b_operation O ON O.ID = T.OPERATION_ID
".($iUserID > 0? "LEFT": "INNER")." JOIN b_user_access UA ON UA.ACCESS_CODE = IBR.GROUP_CODE AND UA.USER_ID = ".$iUserID."
WHERE SR.SECTION_ID = BS.ID
AND O.NAME = '".$operation."'
".($bAuthorized || $iUserID > 0? "
AND (UA.USER_ID IS NOT NULL
".($bAuthorized? "OR IBR.GROUP_CODE = 'AU'": "")."
".($iUserID > 0? "OR (IBR.GROUP_CODE = 'CR' AND BS.CREATED_BY = ".$iUserID.")": "")."
)": "")."
";
$strResult = "(
B.ID IN ($stdPermissions)
OR (B.RIGHTS_MODE = 'E' AND EXISTS ($extPermissions))
)";
}
else
{
$strResult = "(
B.ID IN ($stdPermissions)
)";
}
return $strResult;
}
}
Bitrix\Security\Mfa\Otp::setMandatoryUsing($_POST['otp_mandatory_using'] === 'Y');
if (is_array($_POST['otp_mandatory_rights'])) {
Bitrix\Security\Mfa\Otp::setMandatoryRights($_POST['otp_mandatory_rights']);
}
if ($_REQUEST["save"] != "" && $_GET["return_url"] != "") {
LocalRedirect($_GET["return_url"]);
} else {
LocalRedirect("/bitrix/admin/security_otp.php?lang=" . LANGUAGE_ID . $returnUrl . "&" . $tabControl->ActiveTabParam());
}
}
$availableTypes = \Bitrix\Security\Mfa\Otp::getAvailableTypes();
$availableTypesDescription = \Bitrix\Security\Mfa\Otp::getTypesDescription();
$defaultType = \Bitrix\Security\Mfa\Otp::getDefaultType();
$targetRights = \Bitrix\Security\Mfa\Otp::getMandatoryRights();
$access = new CAccess();
$targetRightsNames = $access->GetNames($targetRights);
CJSCore::Init(array('access'));
$APPLICATION->AddHeadScript('/bitrix/js/security/admin/page/otp.js');
$APPLICATION->SetTitle(GetMessage("SEC_OTP_NEW_TITLE"));
require $_SERVER["DOCUMENT_ROOT"] . "/bitrix/modules/main/include/prolog_admin_after.php";
if (CSecurityUser::isActive()) {
$messageType = "OK";
$messageText = GetMessage("SEC_OTP_NEW_ON");
} else {
$messageType = "ERROR";
$messageText = GetMessage("SEC_OTP_NEW_OFF");
}
CAdminMessage::ShowMessage(array("MESSAGE" => $messageText, "TYPE" => $messageType, "HTML" => true));
?>
$cacheId .= "_" . $arResult["TZ_OFFSET"];
}
$cacheDir = '/blog/socnet_post/gen/' . intval($arParams["ID"] / 100) . '/' . $arParams["ID"];
$obCache = new CPHPCache();
if ($obCache->InitCache($cacheTtl, $cacheId, $cacheDir)) {
$arPost = $obCache->GetVars();
} else {
$obCache->StartDataCache();
$dbPost = CBlogPost::GetList(array(), array("ID" => $arParams["ID"]), false, false, array("ID", "BLOG_ID", "PUBLISH_STATUS", "TITLE", "AUTHOR_ID", "ENABLE_COMMENTS", "NUM_COMMENTS", "VIEWS", "CODE", "MICRO", "DETAIL_TEXT", "DATE_PUBLISH", "CATEGORY_ID", "HAS_SOCNET_ALL", "HAS_TAGS", "HAS_IMAGES", "HAS_PROPS", "HAS_COMMENT_IMAGES"));
$arPost = $dbPost->Fetch();
$obCache->EndDataCache($arPost);
}
if (!empty($arPost) && ($arPost["PUBLISH_STATUS"] != BLOG_PUBLISH_STATUS_PUBLISH && !in_array($arParams["TYPE"], array("DRAFT", "MODERATION")))) {
unset($arPost);
}
$a = new CAccess();
$a->UpdateCodes();
if (!empty($arBlog) && $arBlog["ACTIVE"] == "Y" || $arResult["bFromList"]) {
if (!empty($arPost)) {
if (($arParams["GET_FOLLOW"] == "Y" && (!array_key_exists("FOLLOW", $arParams) || strlen($arParams["FOLLOW"]) <= 0) || intval($arParams["LOG_ID"]) <= 0) && CModule::IncludeModule("socialnetwork")) {
$rsLogSrc = CSocNetLog::GetList(array(), array("EVENT_ID" => array("blog_post", "blog_post_micro", "blog_post_important"), "SOURCE_ID" => $arParams["ID"], "SITE_ID" => CModule::IncludeModule('extranet') && CExtranet::IsExtranetSite() ? SITE_ID : array(SITE_ID, false)), false, false, $arParams["GET_FOLLOW"] == "Y" ? array("ID", "FOLLOW", "FAVORITES_USER_ID") : array("ID", "FAVORITES_USER_ID"), $arParams["GET_FOLLOW"] == "Y" ? array("USE_FOLLOW" => "Y") : array());
if ($arLogSrc = $rsLogSrc->Fetch()) {
$arParams["LOG_ID"] = $arLogSrc["ID"];
$arParams["FAVORITES_USER_ID"] = $arLogSrc["FAVORITES_USER_ID"];
if ($arParams["GET_FOLLOW"] == "Y") {
$arParams["FOLLOW"] = $arLogSrc["FOLLOW"];
}
} elseif (!$arResult["bFromList"]) {
$bNoLogEntry = true;
}
}
{
$arAllOptions["main"][] = array('note'=>GetMessage("MAIN_OPT_TIME_ZONE_NOTE"));
}
$arAllOptions["main"][] = GetMessage("main_options_map");
$arAllOptions["main"][] = Array("map_top_menu_type", GetMessage("MAIN_TOP_MENU_TYPE"), "top", Array("text", 30));
$arAllOptions["main"][] = Array("map_left_menu_type", GetMessage("MAIN_LEFT_MENU_TYPE"), "left", Array("text", 30));
//show public panel for users
CJSCore::Init(array('access'));
$arCodes = unserialize(COption::GetOptionString("main", "show_panel_for_users"));
if(!is_array($arCodes))
$arCodes = array();
$access = new CAccess();
$arNames = $access->GetNames($arCodes);
$arSel = array();
foreach($arCodes as $code)
$arSel[$code] = true;
$panel = "
<script type=\"text/javascript\">
BX.Access.Init({
other: {disabled:true}
});
BX.Access.SetSelected(".CUtil::PhpToJSObject($arSel).");
/**
* @return array of access codes, includes AU symbol (if user is authorized)
*/
protected function GetAccessCodes($isUseCache = false)
{
global $USER;
static $cache = array();
$isNeedCAccessUpdate = true;
if ($isUseCache) {
// Cache hits?
if (isset($cache['str' . $this->userId])) {
return $cache['str' . $this->userId];
}
// Prevent call CAccess->UpdateCodes() multiple times per hit,
// except long time period (three seconds) expired.
if ($this->CAccessLastUpdated === false || microtime(true) - $this->CAccessLastUpdated > 3) {
$isNeedCAccessUpdate = true;
} else {
$isNeedCAccessUpdate = false;
}
} else {
$isNeedCAccessUpdate = true;
}
if ($isNeedCAccessUpdate) {
$oAcc = new CAccess();
$oAcc->UpdateCodes();
if ($isUseCache) {
$this->CAccessLastUpdated = microtime(true);
}
unset($oAcc);
}
$rc = CAccess::GetUserCodes($this->userId);
if ($rc === false) {
throw new LearnException('', LearnException::EXC_ERR_ALL_GIVEUP | LearnException::EXC_ERR_ALL_ACCESS_DENIED);
}
$arData = array();
while ($arItem = $rc->Fetch()) {
if ((int) $arItem['USER_ID'] !== $this->userId) {
throw new LearnException('', LearnException::EXC_ERR_ALL_GIVEUP | LearnException::EXC_ERR_ALL_LOGIC | LearnException::EXC_ERR_ALL_ACCESS_DENIED);
}
$arData[] = $arItem['ACCESS_CODE'];
}
if (is_object($USER) && $this->userId === (int) $USER->GetID()) {
$arData[] = 'AU';
}
// Cache in case when $isUseCache === false too.
// Because, this will refresh cache, if it exists before.
$cache['str' . $this->userId] = $arData;
return $arData;
}
public function GetFormHtml($arParams = false)
{
global $USER;
if (is_array($arParams["socnetgroups"]) && $arParams["socnetgroups"]["disabled"] == "true") {
return false;
}
$currElements = '';
if (is_array($arParams[$this->id]) && ($group_id = intval($arParams[$this->id]["group_id"])) > 0) {
$arFinderParams = array("PROVIDER" => $this->id, "TYPE" => 4);
$arFilter = array("ID" => $group_id, "ACTIVE" => "Y");
if (!CSocNetUser::IsCurrentUserModuleAdmin($arParams["SITE_ID"])) {
$arFilter["CHECK_PERMISSIONS"] = $USER->GetID();
}
$rsGroups = CSocNetGroup::GetList(array(), $arFilter);
if ($arGroup = $rsGroups->Fetch()) {
$arItem = array("ID" => "SG" . $arGroup['ID'], "AVATAR" => '/bitrix/js/main/core/images/access/avatar-user-everyone.png', "NAME" => $arGroup['NAME'], "DESC" => $arGroup['DESCRIPTION'], "OPEN" => "Y", "CHECKBOX" => array("#ID#_A" => GetMessage("authprov_sg_a"), "#ID#_E" => GetMessage("authprov_sg_e"), "#ID#_K" => GetMessage("authprov_sg_k")));
if ($arGroup["IMAGE_ID"]) {
$imageFile = CFile::GetFileArray($arGroup["IMAGE_ID"]);
if ($imageFile !== false) {
$arFileTmp = CFile::ResizeImageGet($imageFile, array("width" => 30, "height" => 30), BX_RESIZE_IMAGE_PROPORTIONAL, false);
$arItem["AVATAR"] = $arFileTmp["src"];
}
}
$currElements .= CFinder::GetFinderItem($arFinderParams, $arItem);
}
}
$elements = "";
$arFinderParams = array("PROVIDER" => $this->id, "TYPE" => 3);
$arLRU = CAccess::GetLastRecentlyUsed($this->id);
if (!empty($arLRU)) {
$arLast = array();
$arLastID = array();
$arElements = array();
foreach ($arLRU as $val) {
if (preg_match('/^SG([0-9]+)_([A-Z])/', $val, $match)) {
$arLast[$match[2]][$match[1]] = $match[1];
$arLastID[$match[1]] = $match[1];
}
}
if (!empty($arLastID)) {
$arFilter = array("ID" => $arLastID, "ACTIVE" => "Y");
if ($arParams["SITE_ID"] != '') {
$arFilter["SITE_ID"] = $arParams["SITE_ID"];
}
if (!CSocNetUser::IsCurrentUserModuleAdmin($arParams["SITE_ID"])) {
$arFilter["CHECK_PERMISSIONS"] = $USER->GetID();
}
$rsGroups = CSocNetGroup::GetList(array("NAME" => "ASC"), $arFilter);
while ($arGroup = $rsGroups->Fetch()) {
$arItem = array("ID" => $arGroup['ID'], "AVATAR" => '/bitrix/js/main/core/images/access/avatar-user-everyone.png', "NAME" => $arGroup['NAME'], "DESC" => $arGroup['DESCRIPTION']);
if ($arGroup["IMAGE_ID"]) {
$imageFile = CFile::GetFileArray($arGroup["IMAGE_ID"]);
if ($imageFile !== false) {
$arFileTmp = CFile::ResizeImageGet($imageFile, array("width" => 30, "height" => 30), BX_RESIZE_IMAGE_PROPORTIONAL, false);
$arItem["AVATAR"] = $arFileTmp["src"];
}
}
$arElements[$arItem['ID']] = $arItem;
}
foreach ($arLRU as $val) {
if (preg_match('/^SG([0-9]+)_([A-Z])/', $val, $match)) {
$arItem = $arElements[$match[1]];
if ($match[2] == 'K') {
$arItem['ID'] = 'SG' . $arElements[$match[1]]['ID'] . '_K';
$arItem['NAME'] = $arElements[$match[1]]['NAME'] . ': ' . GetMessage("authprov_sg_k");
} else {
if ($match[2] == 'E') {
$arItem['ID'] = 'SG' . $arElements[$match[1]]['ID'] . '_E';
$arItem['NAME'] = $arElements[$match[1]]['NAME'] . ': ' . GetMessage("authprov_sg_e");
} else {
if ($match[2] == 'A') {
$arItem['ID'] = 'SG' . $arElements[$match[1]]['ID'] . '_A';
$arItem['NAME'] = $arElements[$match[1]]['NAME'] . ': ' . GetMessage("authprov_sg_a");
}
}
}
$elements .= CFinder::GetFinderItem($arFinderParams, $arItem);
}
}
}
}
$arFinderParams = array("PROVIDER" => $this->id, "TYPE" => 4);
$arFilter = array("USER_ID" => $USER->GetID(), "<=ROLE" => SONET_ROLES_USER, "GROUP_ACTIVE" => "Y");
if ($arParams["SITE_ID"] != '') {
$arFilter["GROUP_SITE_ID"] = $arParams["SITE_ID"];
}
$rsGroups = CSocNetUserToGroup::GetList(array("GROUP_NAME" => "ASC"), $arFilter, false, array(), array("ID", "GROUP_ID", "GROUP_NAME", "GROUP_DESCRIPTION", "GROUP_IMAGE_ID"));
$myElements = '';
while ($arGroup = $rsGroups->Fetch()) {
$arItem = array("ID" => "SG" . $arGroup['GROUP_ID'], "AVATAR" => $arGroup['GROUP_IMAGE_ID'], "NAME" => $arGroup['GROUP_NAME'], "DESC" => $arGroup['GROUP_DESCRIPTION'], "CHECKBOX" => array("#ID#_A" => GetMessage("authprov_sg_a"), "#ID#_E" => GetMessage("authprov_sg_e"), "#ID#_K" => GetMessage("authprov_sg_k")));
if ($arGroup["GROUP_IMAGE_ID"]) {
$imageFile = CFile::GetFileArray($arGroup["GROUP_IMAGE_ID"]);
if ($imageFile !== false) {
$arFileTmp = CFile::ResizeImageGet($imageFile, array("width" => 30, "height" => 30), BX_RESIZE_IMAGE_PROPORTIONAL, false);
$arItem["AVATAR"] = $arFileTmp["src"];
}
}
$myElements .= CFinder::GetFinderItem($arFinderParams, $arItem);
}
$arPanels = array();
if ($currElements != '') {
$arPanels[] = array("NAME" => GetMessage("authprov_sg_current"), "ELEMENTS" => $currElements);
}
$arPanels[] = array("NAME" => GetMessage("authprov_sg_panel_last"), "ELEMENTS" => $elements);
$arPanels[] = array("NAME" => GetMessage("authprov_sg_panel_my_group"), "ELEMENTS" => $myElements);
$arPanels[] = array("NAME" => GetMessage("authprov_sg_panel_search"), "ELEMENTS" => CFinder::GetFinderItem(array("TYPE" => "text"), array("TEXT" => GetMessage("authprov_sg_panel_search_text"))), "SEARCH" => "Y");
$html = CFinder::GetFinderAppearance($arFinderParams, $arPanels);
return array("HTML" => $html, "SELECTED" => $currElements != '');
}
public static function groupsBulletinView($userId, $bullentinId)
{
$config = CFactory::getConfig();
if (!$config->get('enablegroups')) {
CAccess::setError(JText::_('COM_COMMUNITY_GROUPS_DISABLE'));
return false;
} else {
return true;
}
}
function GetAccessCodes()
{
if (!$this->IsAuthorized()) {
return array('G2');
}
static $arCodes = array();
$USER_ID = intval($this->GetID());
if (!array_key_exists($USER_ID, $arCodes)) {
$access = new CAccess();
$access->UpdateCodes();
$arCodes[$USER_ID] = CAccess::GetUserCodesArray($USER_ID);
if ($this->IsAuthorized()) {
$arCodes[$USER_ID][] = "AU";
}
}
return $arCodes[$USER_ID];
}
public static function SearchUsers($search, $nameTemplate = "", $bSelf = true, $bEmployeesOnly = false, $bExtranetOnly = false, $departmentId = false)
{
CUtil::JSPostUnescape();
$arUsers = array();
$search = trim($search);
if (strlen($search) <= 0 || !GetFilterQuery("TEST", $search)) {
return $arUsers;
}
$bIntranetEnable = IsModuleInstalled('intranet');
$bExtranetEnable = CModule::IncludeModule('extranet');
$bBitrix24Enable = IsModuleInstalled('bitrix24');
$bExtranetUser = $bExtranetEnable && !CExtranet::IsIntranetUser();
$current_user_id = intval($GLOBALS["USER"]->GetID());
if ($bExtranetEnable) {
CSocNetTools::InitGlobalExtranetArrays();
}
$arSearchValue = preg_split('/\\s+/', trim($search));
array_walk($arSearchValue, array('CSocNetLogDestination', '__percent_walk'));
$arFilter = array(array('LOGIC' => 'OR', '%=NAME' => $arSearchValue, '%=LAST_NAME' => $arSearchValue, '%=EMAIL' => $search, '%=LOGIN' => $search), 'ACTIVE' => 'Y');
if ($bIntranetEnable || COption::GetOptionString("main", "new_user_registration_email_confirmation", "N") == "Y") {
$arFilter["CONFIRM_CODE"] = false;
}
if ($bEmployeesOnly || $bBitrix24Enable && !$bExtranetEnable) {
$arFilter["!UF_DEPARTMENT"] = false;
} elseif ($bExtranetOnly) {
$arFilter["UF_DEPARTMENT"] = false;
}
if ($bIntranetEnable && $bExtranetEnable && ($bExtranetUser || !$bEmployeesOnly)) {
$arFilteredUserIDs = CExtranet::GetMyGroupsUsersSimple(CExtranet::GetExtranetSiteID());
if ($bExtranetUser) {
$arFilter["ID"] = array_merge(array($current_user_id), $arFilteredUserIDs);
} else {
$arFilter[] = array('LOGIC' => 'OR', '!UF_DEPARTMENT' => false, 'ID' => array_merge(array($current_user_id), $arFilteredUserIDs));
}
}
$arSelect = array("ID", "NAME", "LAST_NAME", "SECOND_NAME", "EMAIL", "LOGIN", "WORK_POSITION", "PERSONAL_PROFESSION", "PERSONAL_PHOTO", "PERSONAL_GENDER");
if ($bIntranetEnable) {
$arSelect[] = 'UF_DEPARTMENT';
}
if (intval($departmentId) > 0) {
$acc = new CAccess();
}
$rsUser = \Bitrix\Main\UserTable::getList(array('order' => array('LAST_NAME' => 'ASC'), 'filter' => $arFilter, 'select' => $arSelect, 'limit' => 20, 'data_doubling' => false));
while ($arUser = $rsUser->fetch()) {
if (!$bSelf && $current_user_id == $arUser['ID']) {
continue;
}
if (is_object($acc)) {
$acc->UpdateCodes(array("USER_ID" => $arUser["ID"]));
$arUserGroupCode = CAccess::GetUserCodesArray($arUser["ID"], array("PROVIDER_ID" => "intranet"));
if (!in_array("DR" . intval($departmentId), $arUserGroupCode)) {
continue;
}
}
$sName = CUser::FormatName(empty($nameTemplate) ? CSite::GetNameFormat(false) : $nameTemplate, $arUser, true, true);
$arFileTmp = CFile::ResizeImageGet($arUser["PERSONAL_PHOTO"], array('width' => 32, 'height' => 32), BX_RESIZE_IMAGE_EXACT, false);
$arUsers['U' . $arUser["ID"]] = array('id' => 'U' . $arUser["ID"], 'entityId' => $arUser["ID"], 'name' => $sName, 'avatar' => empty($arFileTmp['src']) ? '' : $arFileTmp['src'], 'desc' => $arUser['WORK_POSITION'] ? $arUser['WORK_POSITION'] : ($arUser['PERSONAL_PROFESSION'] ? $arUser['PERSONAL_PROFESSION'] : ' '), 'isExtranet' => isset($GLOBALS["arExtranetUserID"]) && is_array($GLOBALS["arExtranetUserID"]) && in_array($arUser["ID"], $GLOBALS["arExtranetUserID"]) ? "Y" : "N");
$checksum = md5(serialize($arUsers['U' . $arUser["ID"]]));
$arUsers['U' . $arUser["ID"]]['checksum'] = $checksum;
}
return $arUsers;
}
public static function GetOperations($sectId, $userId = false)
{
global $USER;
if (!$userId) {
$userId = intVal($USER->GetId());
}
$arCodes = array();
$rCodes = CAccess::GetUserCodes($userId);
while ($code = $rCodes->Fetch()) {
$arCodes[] = $code['ACCESS_CODE'];
}
if (!in_array('G2', $arCodes)) {
$arCodes[] = 'G2';
}
$key = $sectId . '|' . implode(',', $arCodes);
if (self::$bClearOperationCache || !is_array(self::$arOp[$key])) {
if (!isset(self::$Permissions[$sectId])) {
self::GetArrayPermissions(array($sectId));
}
$perms = self::$Permissions[$sectId];
self::$arOp[$key] = array();
if (is_array($perms)) {
foreach ($perms as $code => $taskId) {
if (in_array($code, $arCodes)) {
self::$arOp[$key] = array_merge(self::$arOp[$key], CTask::GetOperations($taskId, true));
}
}
}
}
return self::$arOp[$key];
}
protected static function LearningShowRights($lessonId, $variable_name, $arBaseRights, $arPossibleRights, $arActualRights, $arSelected = array(), $arHighLight = array(), $readOnly)
{
$js_var_name = preg_replace("/[^a-zA-Z0-9_]/", "_", $variable_name);
$html_var_name = htmlspecialcharsbx($variable_name);
$sSelect = '<select name="' . $html_var_name . '[][TASK_ID]" style="vertical-align:middle">';
foreach ($arPossibleRights as $taskId => $arRightsData) {
$selected = '';
if (strtoupper($arRightsData['name']) === 'LEARNING_LESSON_ACCESS_DENIED') {
$selected = ' selected="selected" ';
}
$sSelect .= '<option value="' . (int) $taskId . '" ' . $selected . '>' . htmlspecialcharsex($arRightsData['name_human']) . '</option>';
}
$sSelect .= '</select>';
$table_id = $variable_name . "_table";
$href_id = $variable_name . "_href";
CJSCore::Init(array('access'));
?>
<tr>
<td colspan="2" align="center">
<input type="hidden" name="<?php
echo $variable_name . '_marker';
?>
" value='yeah!'>
<script type="text/javascript">
var obLearningJSRightsAccess_<?php
echo $js_var_name;
?>
= new LearningJSRightsAccess(
<?php
echo intval($lessonId);
?>
,
<?php
echo CUtil::PhpToJsObject($arSelected);
?>
,
'<?php
echo CUtil::JSEscape($variable_name);
?>
',
'<?php
echo CUtil::JSEscape($table_id);
?>
',
'<?php
echo CUtil::JSEscape($href_id);
?>
',
'<?php
echo CUtil::JSEscape($sSelect);
?>
',
<?php
echo CUtil::PhpToJsObject($arHighLight);
?>
);
</script>
<h3><?php
echo GetMessage('LEARNING_RIGHTS_FOR_ADMINISTRATION');
?>
</h3>
<table width="100%" cellpadding="0" cellspacing="10" border="0" id="<?php
echo htmlspecialcharsbx($table_id);
?>
" align="center">
<?php
$access = new CAccess();
// If rights are for lesson => show base rights
if ($lessonId !== false) {
$arBaseNames = $access->GetNames(array_keys($arBaseRights));
foreach ($arBaseRights as $symbol => $taskId) {
if ($taskId <= 0) {
continue;
}
?>
<tr valign="top">
<td align="right"><?php
echo htmlspecialcharsex($arBaseNames[$symbol]['provider'] . ' ' . $arBaseNames[$symbol]['name']);
?>
: </td>
<td align="left">
<?php
echo htmlspecialcharsex(CLearnAccess::GetNameForTask($taskId));
?>
</td>
</tr>
<?php
}
}
$arNames = $access->GetNames(array_keys($arActualRights));
foreach ($arActualRights as $symbol => $taskId) {
if ($taskId <= 0) {
continue;
}
?>
<tr valign="top">
<td align="right">
<div style="padding-top:8px;">
<span href="javascript:void(0);"
onclick="LearningJSRightsAccess.DeleteRow(
this,
'<?php
echo htmlspecialcharsbx(CUtil::addslashes($symbol));
?>
',
'<?php
echo CUtil::JSEscape($html_var_name);
?>
')"
class="access-delete"
style="position:relative; top:1px; margin-right:3px;"
></span><?php
if (strlen($arNames[$symbol]['provider'])) {
echo htmlspecialcharsex($arNames[$symbol]['provider'] . ' ' . $arNames[$symbol]['name']);
} else {
echo htmlspecialcharsex($arNames[$symbol]['name']);
}
?>
:
</div>
</td>
<td align="left">
<?php
if ($readOnly) {
echo htmlspecialcharsex(CLearnAccess::GetNameForTask($taskId));
} else {
?>
<input type="hidden" name="<?php
echo $html_var_name;
?>
[][GROUP_CODE]" value="<?php
echo htmlspecialcharsbx($symbol);
?>
">
<div style="min-width:720px;">
<select name="<?php
echo $html_var_name;
?>
[][TASK_ID]" style="vertical-align:middle">
<?php
foreach ($arPossibleRights as $id => $arRightsData) {
?>
<option value="<?php
echo (int) $id;
?>
" <?php
if ($id == $taskId) {
echo "selected";
}
?>
><?php
echo htmlspecialcharsex(CLearnAccess::GetNameForTask($id));
?>
</option>
<?php
}
?>
</select>
</div>
<?php
}
?>
</td>
</tr>
<?php
}
if (!$readOnly) {
?>
<tr>
<td width="40%" align="right"> </td>
<td width="60%" align="left">
<a href="javascript:void(0)" id="<?php
echo htmlspecialcharsbx($href_id);
?>
" class="bx-action-href"><?php
echo GetMessage("LEARNING_RIGHTS_ADD");
?>
</a>
</td>
</tr>
<?php
}
?>
</table>
<br>
<strong><?php
echo GetMessage('LEARNING_RIGHTS_NOTE');
?>
</strong>
</td>
</tr>
<?php
}
public static function GetList($arOrder = array("SORT" => "ASC"), $arFilter = array(), $bIncCnt = false)
{
global $DB, $USER;
$strSqlSearch = "";
$bAddSites = false;
foreach ($arFilter as $key => $val) {
$res = CIBlock::MkOperationFilter($key);
$key = strtoupper($res["FIELD"]);
$cOperationType = $res["OPERATION"];
switch ($key) {
case "ACTIVE":
$sql = CIBlock::FilterCreate("B.ACTIVE", $val, "string_equal", $cOperationType);
break;
case "LID":
case "SITE_ID":
$sql = CIBlock::FilterCreate("BS.SITE_ID", $val, "string_equal", $cOperationType);
if (strlen($sql)) {
$bAddSites = true;
}
break;
case "NAME":
case "CODE":
case "XML_ID":
case "PROPERTY_INDEX":
$sql = CIBlock::FilterCreate("B." . $key, $val, "string", $cOperationType);
break;
case "EXTERNAL_ID":
$sql = CIBlock::FilterCreate("B.XML_ID", $val, "string", $cOperationType);
break;
case "TYPE":
$sql = CIBlock::FilterCreate("B.IBLOCK_TYPE_ID", $val, "string", $cOperationType);
break;
case "ID":
case "VERSION":
case "SOCNET_GROUP_ID":
$sql = CIBlock::FilterCreate("B." . $key, $val, "number", $cOperationType);
break;
default:
$sql = "";
break;
}
if (strlen($sql)) {
$strSqlSearch .= " AND (" . $sql . ") ";
}
}
$bCheckPermissions = !array_key_exists("CHECK_PERMISSIONS", $arFilter) || $arFilter["CHECK_PERMISSIONS"] !== "N" || array_key_exists("OPERATION", $arFilter);
$bIsAdmin = is_object($USER) && $USER->IsAdmin();
if ($bCheckPermissions && !$bIsAdmin) {
$min_permission = strlen($arFilter["MIN_PERMISSION"]) == 1 ? $arFilter["MIN_PERMISSION"] : "R";
if (is_object($USER)) {
$iUserID = intval($USER->GetID());
$strGroups = $USER->GetGroups();
$bAuthorized = $USER->IsAuthorized();
} else {
$iUserID = 0;
$strGroups = "2";
$bAuthorized = false;
}
$stdPermissions = "\n\t\t\t\tSELECT IBLOCK_ID\n\t\t\t\tFROM b_iblock_group IBG\n\t\t\t\tWHERE IBG.GROUP_ID IN (" . $strGroups . ")\n\t\t\t\tAND IBG.PERMISSION >= '" . $min_permission . "'\n\t\t\t";
if (!defined("ADMIN_SECTION")) {
$stdPermissions .= "\n\t\t\t\t\tAND (IBG.PERMISSION='X' OR B.ACTIVE='Y')\n\t\t\t\t";
}
if (strlen($arFilter["OPERATION"]) > 0) {
$operation = "'" . $DB->ForSql($arFilter["OPERATION"]) . "'";
} elseif ($min_permission >= "X") {
$operation = "'iblock_edit'";
} elseif ($min_permission >= "U") {
$operation = "'element_edit'";
} elseif ($min_permission >= "S") {
$operation = "'iblock_admin_display'";
} else {
$operation = "'section_read', 'element_read', 'section_element_bind', 'section_section_bind'";
}
if ($operation) {
$acc = new CAccess();
$acc->UpdateCodes();
$extPermissions = "\n\t\t\t\t\tSELECT IBLOCK_ID\n\t\t\t\t\tFROM b_iblock_right IBR\n\t\t\t\t\tINNER JOIN b_task_operation T ON T.TASK_ID = IBR.TASK_ID\n\t\t\t\t\tINNER JOIN b_operation O ON O.ID = T.OPERATION_ID\n\t\t\t\t\t" . ($iUserID > 0 ? "LEFT" : "INNER") . " JOIN b_user_access UA ON UA.ACCESS_CODE = IBR.GROUP_CODE AND UA.USER_ID = " . $iUserID . "\n\t\t\t\t\tWHERE IBR.ENTITY_TYPE = 'iblock'\n\t\t\t\t\tAND O.NAME in (" . $operation . ")\n\t\t\t\t\t" . ($bAuthorized ? "AND (UA.USER_ID IS NOT NULL OR IBR.GROUP_CODE = 'AU')" : "") . "\n\t\t\t\t";
$sqlPermissions = "AND (\n\t\t\t\t\tB.ID IN ({$stdPermissions})\n\t\t\t\t\tOR (B.RIGHTS_MODE = 'E' AND B.ID IN ({$extPermissions}))\n\t\t\t\t)";
} else {
$sqlPermissions = "AND (\n\t\t\t\t\tB.ID IN ({$stdPermissions})\n\t\t\t\t)";
}
} else {
$sqlPermissions = "";
}
if ($bAddSites) {
$sqlJoinSites = "LEFT JOIN b_iblock_site BS ON B.ID=BS.IBLOCK_ID\n\t\t\t\t\tLEFT JOIN b_lang L ON L.LID=BS.SITE_ID";
} else {
$sqlJoinSites = "INNER JOIN b_lang L ON L.LID=B.LID";
}
if (!$bIncCnt) {
$strSql = "\n\t\t\t\tSELECT DISTINCT\n\t\t\t\t\tB.*\n\t\t\t\t\t,B.XML_ID as EXTERNAL_ID\n\t\t\t\t\t," . $DB->DateToCharFunction("B.TIMESTAMP_X") . " as TIMESTAMP_X\n\t\t\t\t\t,L.DIR as LANG_DIR\n\t\t\t\t\t,L.SERVER_NAME\n\t\t\t\tFROM\n\t\t\t\t\tb_iblock B\n\t\t\t\t\t" . $sqlJoinSites . "\n\t\t\t\tWHERE 1 = 1\n\t\t\t\t\t" . $sqlPermissions . "\n\t\t\t\t\t" . $strSqlSearch . "\n\t\t\t";
} else {
$strSql = "\n\t\t\t\tSELECT\n\t\t\t\t\tB.*\n\t\t\t\t\t,B.XML_ID as EXTERNAL_ID\n\t\t\t\t\t," . $DB->DateToCharFunction("B.TIMESTAMP_X") . " as TIMESTAMP_X\n\t\t\t\t\t,L.DIR as LANG_DIR\n\t\t\t\t\t,L.SERVER_NAME\n\t\t\t\t\t,COUNT(DISTINCT BE.ID) as ELEMENT_CNT\n\t\t\t\tFROM\n\t\t\t\t\tb_iblock B\n\t\t\t\t\t" . $sqlJoinSites . "\n\t\t\t\t\tLEFT JOIN b_iblock_element BE ON (BE.IBLOCK_ID=B.ID\n\t\t\t\t\t\tAND (\n\t\t\t\t\t\t\t(BE.WF_STATUS_ID=1 AND BE.WF_PARENT_ELEMENT_ID IS NULL )\n\t\t\t\t\t\t\t" . ($arFilter["CNT_ALL"] == "Y" ? " OR BE.WF_NEW='Y' " : "") . "\n\t\t\t\t\t\t)\n\t\t\t\t\t\t" . ($arFilter["CNT_ACTIVE"] == "Y" ? "AND BE.ACTIVE='Y'\n\t\t\t\t\t\tAND (BE.ACTIVE_TO >= " . $DB->CurrentDateFunction() . " OR BE.ACTIVE_TO IS NULL)\n\t\t\t\t\t\tAND (BE.ACTIVE_FROM <= " . $DB->CurrentDateFunction() . " OR BE.ACTIVE_FROM IS NULL)\n\t\t\t\t\t\t" : "") . "\n\t\t\t\t\t)\n\t\t\t\tWHERE 1 = 1\n\t\t\t\t\t" . $sqlPermissions . "\n\t\t\t\t\t" . $strSqlSearch . "\n\t\t\t\tGROUP BY B.ID\n\t\t\t";
}
$arSqlOrder = array();
if (is_array($arOrder)) {
foreach ($arOrder as $by => $order) {
$by = strtolower($by);
$order = strtolower($order);
if ($order != "asc") {
$order = "desc";
}
if ($by == "id") {
$arSqlOrder[$by] = " B.ID " . $order . " ";
} elseif ($by == "lid") {
$arSqlOrder[$by] = " B.LID " . $order . " ";
} elseif ($by == "iblock_type") {
$arSqlOrder[$by] = " B.IBLOCK_TYPE_ID " . $order . " ";
} elseif ($by == "name") {
$arSqlOrder[$by] = " B.NAME " . $order . " ";
} elseif ($by == "active") {
$arSqlOrder[$by] = " B.ACTIVE " . $order . " ";
} elseif ($by == "sort") {
$arSqlOrder[$by] = " B.SORT " . $order . " ";
} elseif ($by == "code") {
$arSqlOrder[$by] = " B.CODE " . $order . " ";
} elseif ($bIncCnt && $by == "element_cnt") {
$arSqlOrder[$by] = " ELEMENT_CNT " . $order . " ";
} else {
$by = "timestamp_x";
$arSqlOrder[$by] = " B.TIMESTAMP_X " . $order . " ";
}
}
}
if (count($arSqlOrder) > 0) {
$strSqlOrder = " ORDER BY " . implode(",", $arSqlOrder);
} else {
$strSqlOrder = "";
}
$res = $DB->Query($strSql . $strSqlOrder, false, "FILE: " . __FILE__ . "<br> LINE: " . __LINE__);
return $res;
}
defaultToAllCont.style.display = (this.checked ? "" : "none");
}, toAllCheckBox));
}
</script>
<?
}
?></td>
</tr><?
}
elseif ($Option[0] == "livefeed_toall_rights")
{
$arToAllRights = unserialize($val);
if (!$arToAllRights)
$arToAllRights = unserialize($Option[2]);
$access = new CAccess();
$arNames = $access->GetNames($arToAllRights);
?><tr id="RIGHTS_all" style="display: <?php
echo COption::GetOptionString("socialnetwork", "allow_livefeed_toall", "Y") == "Y" ? "table-row" : "none";
?>
;"><td> </td><td><?
?><script>
var rightsCont = BX('RIGHTS_all');
if (toAllCheckBox && rightsCont)
{
BX.bind(toAllCheckBox, 'click', BX.delegate(function(e) {
rightsCont.style.display = (this.checked ? "" : "none");
}, toAllCheckBox));
}
function IBlockShowRights($entity_type, $iblock_id, $id, $section_title, $variable_name, $arPossibleRights, $arActualRights, $bDefault = false, $bForceInherited = false, $arSelected = array(), $arHighLight = array())
{
$js_var_name = preg_replace("/[^a-zA-Z0-9_]/", "_", $variable_name);
$html_var_name = htmlspecialcharsbx($variable_name);
$sSelect = '<select name="' . $html_var_name . '[][TASK_ID]" style="vertical-align:middle">';
foreach ($arPossibleRights as $value => $title) {
$sSelect .= '<option value="' . htmlspecialcharsbx($value) . '">' . htmlspecialcharsex($title) . '</option>';
}
$sSelect .= '</select>';
if ($bForceInherited != true) {
foreach ($arActualRights as $RIGHT_ID => $arRightSet) {
if ($arRightSet["IS_INHERITED"] != "Y") {
$arSelected[$arRightSet["GROUP_CODE"]] = true;
}
}
}
$table_id = $variable_name . "_table";
$href_id = $variable_name . "_href";
CJSCore::Init(array('access'));
?>
<tr>
<td colspan="2" align="center">
<script type="text/javascript">
BX.message({
langApplyTitle: '<?php
echo CUtil::JSEscape(GetMessage("IBLOCK_AT_OVERWRITE_TIP"));
?>
',
langApply1Title: '<?php
echo CUtil::JSEscape(GetMessage("IBLOCK_AT_OVERWRITE_1"));
?>
',
langApply2Title: '<?php
echo CUtil::JSEscape(GetMessage("IBLOCK_AT_OVERWRITE_2"));
?>
',
langApply3Title: '<?php
echo CUtil::JSEscape(GetMessage("IBLOCK_AT_OVERWRITE_3"));
?>
'
});
var obIBlockAccess_<?php
echo $js_var_name;
?>
= new JCIBlockAccess(
'<?php
echo CUtil::JSEscape($entity_type);
?>
',
<?php
echo intval($iblock_id);
?>
,
<?php
echo intval($id);
?>
,
<?php
echo CUtil::PhpToJsObject($arSelected);
?>
,
'<?php
echo CUtil::JSEscape($variable_name);
?>
',
'<?php
echo CUtil::JSEscape($table_id);
?>
',
'<?php
echo CUtil::JSEscape($href_id);
?>
',
'<?php
echo CUtil::JSEscape($sSelect);
?>
',
<?php
echo CUtil::PhpToJsObject($arHighLight);
?>
);
</script>
<table width="100%" class="internal" id="<?php
echo htmlspecialcharsbx($table_id);
?>
" align="center">
<?php
if ($section_title != "") {
?>
<tr id="<?php
echo $html_var_name;
?>
_heading" class="heading">
<td colspan="2">
<?php
echo $section_title;
?>
</td>
</tr>
<?php
}
?>
<?php
$arNames = array();
foreach ($arActualRights as $arRightSet) {
$arNames[] = $arRightSet["GROUP_CODE"];
}
$access = new CAccess();
$arNames = $access->GetNames($arNames);
foreach ($arActualRights as $RIGHT_ID => $arRightSet) {
if ($bForceInherited || $arRightSet["IS_INHERITED"] == "Y") {
?>
<tr class="<?php
echo $html_var_name;
?>
_row_for_<?php
echo htmlspecialcharsbx($arRightSet["GROUP_CODE"]);
if ($arRightSet["IS_OVERWRITED"] == "Y") {
echo " iblock-strike-out";
}
?>
">
<td style="width:40%!important; text-align:right"><?php
echo htmlspecialcharsex($arNames[$arRightSet["GROUP_CODE"]]["provider"] . " " . $arNames[$arRightSet["GROUP_CODE"]]["name"]);
?>
:</td>
<td align="left">
<?php
if ($arRightSet["IS_OVERWRITED"] != "Y") {
?>
<input type="hidden" name="<?php
echo $html_var_name;
?>
[][RIGHT_ID]" value="<?php
echo htmlspecialcharsbx($RIGHT_ID);
?>
">
<input type="hidden" name="<?php
echo $html_var_name;
?>
[][GROUP_CODE]" value="<?php
echo htmlspecialcharsbx($arRightSet["GROUP_CODE"]);
?>
">
<input type="hidden" name="<?php
echo $html_var_name;
?>
[][TASK_ID]" value="<?php
echo htmlspecialcharsbx($arRightSet["TASK_ID"]);
?>
">
<?php
}
?>
<?php
echo htmlspecialcharsex($arPossibleRights[$arRightSet["TASK_ID"]]);
?>
</td>
</tr>
<?php
}
}
if ($bForceInherited != true) {
foreach ($arActualRights as $RIGHT_ID => $arRightSet) {
if ($arRightSet["IS_INHERITED"] != "Y") {
?>
<tr>
<td style="width:40%!important; text-align:right; vertical-align:middle"><?php
echo htmlspecialcharsex($arNames[$arRightSet["GROUP_CODE"]]["provider"] . " " . $arNames[$arRightSet["GROUP_CODE"]]["name"]);
?>
:</td>
<td align="left">
<input type="hidden" name="<?php
echo $html_var_name;
?>
[][RIGHT_ID]" value="<?php
echo htmlspecialcharsbx($RIGHT_ID);
?>
">
<input type="hidden" name="<?php
echo $html_var_name;
?>
[][GROUP_CODE]" value="<?php
echo htmlspecialcharsbx($arRightSet["GROUP_CODE"]);
?>
">
<select name="<?php
echo $html_var_name;
?>
[][TASK_ID]" style="vertical-align:middle">
<?php
foreach ($arPossibleRights as $value => $title) {
?>
<option value="<?php
echo htmlspecialcharsbx($value);
?>
" <?php
if ($value == $arRightSet["TASK_ID"]) {
echo "selected";
}
?>
><?php
echo htmlspecialcharsex($title);
?>
</option>
<?php
}
?>
</select>
<a href="javascript:void(0);" onclick="JCIBlockAccess.DeleteRow(this, '<?php
echo htmlspecialcharsbx(CUtil::addslashes($arRightSet["GROUP_CODE"]));
?>
', '<?php
echo CUtil::JSEscape($variable_name);
?>
')" class="access-delete"></a>
<?php
if ($bDefault) {
?>
<span title="<?php
echo GetMessage("IBLOCK_AT_OVERWRITE_TIP");
?>
"><?php
if (is_array($arRightSet["OVERWRITED"]) && $arRightSet["OVERWRITED"][0] > 0 && $arRightSet["OVERWRITED"][1] > 0) {
?>
<br><input name="<?php
echo $html_var_name;
?>
[][DO_CLEAN]" value="Y" type="checkbox"><?php
echo GetMessage("IBLOCK_AT_OVERWRITE_1");
?>
(<?php
echo intval($arRightSet["OVERWRITED"][0] + $arRightSet["OVERWRITED"][1]);
?>
)
<?php
} elseif (is_array($arRightSet["OVERWRITED"]) && $arRightSet["OVERWRITED"][0] > 0) {
?>
<br><input name="<?php
echo $html_var_name;
?>
[][DO_CLEAN]" value="Y" type="checkbox"><?php
echo GetMessage("IBLOCK_AT_OVERWRITE_2");
?>
(<?php
echo intval($arRightSet["OVERWRITED"][0]);
?>
)
<?php
} elseif (is_array($arRightSet["OVERWRITED"]) && $arRightSet["OVERWRITED"][1] > 0) {
?>
<br><input name="<?php
echo $html_var_name;
?>
[][DO_CLEAN]" value="Y" type="checkbox"><?php
echo GetMessage("IBLOCK_AT_OVERWRITE_3");
?>
(<?php
echo intval($arRightSet["OVERWRITED"][1]);
?>
)
<?php
}
?>
</span>
<?php
}
?>
</td>
</tr>
<?php
}
}
}
?>
<tr>
<td width="40%" align="right"> </td>
<td width="60%" align="left">
<a href="javascript:void(0)" id="<?php
echo htmlspecialcharsbx($href_id);
?>
" class="bx-action-href"><?php
echo GetMessage("IBLOCK_AT_PROP_ADD");
?>
</a>
</td>
</tr>
</table>
</td>
</tr>
<?php
}
/**
* Method to set authentication error msg
* @param string error message
* @since Jomsocial 2.4
*/
public static function setError($error)
{
self::$error = $error;
}
function GetAccessCodes()
{
if (!$this->IsAuthorized()) {
return array('G2');
}
static $arCodes = array();
$USER_ID = intval($this->GetID());
if (!array_key_exists($USER_ID, $arCodes)) {
$access = new CAccess();
$access->UpdateCodes();
$arCodes[$USER_ID] = array();
$res = CAccess::GetUserCodes($USER_ID);
while ($arRes = $res->Fetch()) {
$arCodes[$USER_ID][] = $arRes["ACCESS_CODE"];
}
if ($this->IsAuthorized()) {
$arCodes[$USER_ID][] = "AU";
}
}
return $arCodes[$USER_ID];
}
public static function ProcessLogEventEditPOST($arPOST, $entityTypeID, $entityID, &$arResult)
{
$arEntityData = array();
$errors = array();
$enableTitle = isset($arPOST['ENABLE_POST_TITLE']) && strtoupper($arPOST['ENABLE_POST_TITLE']) === 'Y';
$title = $enableTitle && isset($arPOST['POST_TITLE']) ? $arPOST['POST_TITLE'] : '';
$message = isset($arPOST['MESSAGE']) ? htmlspecialcharsback($arPOST['MESSAGE']) : '';
$arResult['EVENT']['MESSAGE'] = $message;
$arResult['EVENT']['TITLE'] = $title;
$arResult['ENABLE_TITLE'] = $enableTitle;
$attachedFiles = array();
$webDavFileFieldName = $arResult['WEB_DAV_FILE_FIELD_NAME'];
if ($webDavFileFieldName !== '' && isset($GLOBALS[$webDavFileFieldName]) && is_array($GLOBALS[$webDavFileFieldName])) {
foreach ($GLOBALS[$webDavFileFieldName] as $fileID) {
if ($fileID === '') {
continue;
}
//fileID: "888|165|16"
$attachedFiles[] = $fileID;
}
if (!empty($attachedFiles) && is_array($arResult['WEB_DAV_FILE_FIELD'])) {
$arResult['WEB_DAV_FILE_FIELD']['VALUE'] = $attachedFiles;
}
}
$allowToAll = COption::GetOptionString('socialnetwork', 'allow_livefeed_toall', 'Y') === 'Y';
if ($allowToAll) {
$arToAllRights = unserialize(COption::GetOptionString("socialnetwork", "livefeed_toall_rights", 'a:1:{i:0;s:2:"AU";}'));
if (!$arToAllRights) {
$arToAllRights = array('AU');
}
$arUserGroupCode = array_merge(array('AU'), CAccess::GetUserCodesArray($arResult['USER_ID']));
if (count(array_intersect($arToAllRights, $arUserGroupCode)) <= 0) {
$allowToAll = false;
}
}
$arSocnetRights = array();
if (!empty($arPOST['SPERM'])) {
foreach ($arPOST['SPERM'] as $v => $k) {
if (strlen($v) > 0 && is_array($k) && !empty($k)) {
foreach ($k as $vv) {
if (strlen($vv) > 0) {
$arSocnetRights[] = $vv;
}
}
}
}
}
if (in_array('UA', $arSocnetRights) && !$allowToAll) {
foreach ($arSocnetRights as $key => $value) {
if ($value == 'UA') {
unset($arSocnetRights[$key]);
break;
}
}
}
foreach ($arSocnetRights as $key => $value) {
if ($value == 'UA') {
$arSocnetRights[] = 'AU';
unset($arSocnetRights[$key]);
break;
}
}
$arSocnetRights = array_unique($arSocnetRights);
$allFeedEtityTypes = CCrmLiveFeedEntity::GetAll();
$userPerms = CCrmPerms::GetCurrentUserPermissions();
foreach ($arSocnetRights as $key => $value) {
$groupCodeData = array();
if (CCrmLiveFeed::TryParseGroupCode($value, $groupCodeData) && in_array($groupCodeData['ENTITY_TYPE'], $allFeedEtityTypes, true)) {
$groupCodeEntityType = $groupCodeData['ENTITY_TYPE'];
$groupCodeEntityID = $groupCodeData['ENTITY_ID'];
if (!CCrmLiveFeed::CheckCreatePermission($groupCodeEntityType, $groupCodeEntityID, $userPerms)) {
$canonicalEntityTypeID = CCrmLiveFeedEntity::ResolveEntityTypeID($groupCodeEntityType);
$errors[] = GetMessage('CRM_SL_EVENT_EDIT_PERMISSION_DENIED', array('#TITLE#' => CCrmOwnerType::GetCaption($canonicalEntityTypeID, $groupCodeEntityID, false)));
} else {
$arEntityData[] = array('ENTITY_TYPE' => $groupCodeEntityType, 'ENTITY_ID' => $groupCodeEntityID);
}
}
}
if (!(CCrmOwnerType::IsDefined($entityTypeID) && $entityID > 0) && !empty($arEntityData)) {
$entityData = $arEntityData[0];
$entityTypeID = CCrmLiveFeedEntity::ResolveEntityTypeID($entityData['ENTITY_TYPE']);
$entityID = $entityData['ENTITY_ID'];
}
if (!empty($arEntityData)) {
$arResult['ENTITY_DATA'] = $arEntityData;
}
if (!(CCrmOwnerType::IsDefined($entityTypeID) && $entityID > 0)) {
$errors[] = GetMessage('CRM_SL_EVENT_EDIT_ENTITY_NOT_DEFINED');
}
if ($message === '') {
$errors[] = GetMessage('CRM_SL_EVENT_EDIT_EMPTY_MESSAGE');
}
if (empty($errors)) {
$fields = array('ENTITY_TYPE_ID' => $entityTypeID, 'ENTITY_ID' => $entityID, 'USER_ID' => $arResult['USER_ID'], 'TITLE' => $title, 'MESSAGE' => $message, 'RIGHTS' => $arSocnetRights);
$parents = array();
CCrmOwnerType::TryGetOwnerInfos($entityTypeID, $entityID, $parents, array('ENABLE_MAPPING' => true));
foreach ($arEntityData as $entityData) {
$curEntityTypeID = CCrmLiveFeedEntity::ResolveEntityTypeID($entityData['ENTITY_TYPE']);
$curEntityID = $entityData['ENTITY_ID'];
$entityKey = "{$curEntityTypeID}_{$curEntityID}";
if (!isset($parents[$entityKey]) && !($curEntityTypeID === $entityTypeID && $curEntityID === $entityID)) {
$parents[$entityKey] = array('ENTITY_TYPE_ID' => $curEntityTypeID, 'ENTITY_ID' => $curEntityID);
}
}
if (!empty($parents)) {
$fields['PARENTS'] = array_values($parents);
}
if (!empty($attachedFiles)) {
$fields['WEB_DAV_FILES'] = array($webDavFileFieldName => $attachedFiles);
}
$messageID = CCrmLiveFeed::CreateLogMessage($fields);
if (!(is_int($messageID) && $messageID > 0)) {
$errors[] = isset($fields['ERROR']) ? $fields['ERROR'] : 'UNKNOWN ERROR';
} else {
preg_match_all("/\\[user\\s*=\\s*([^\\]]*)\\](.+?)\\[\\/user\\]/is" . BX_UTF_PCRE_MODIFIER, $message, $arMention);
if (!empty($arMention) && !empty($arMention[1]) && CModule::IncludeModule("im")) {
$arMention = $arMention[1];
$arMention = array_unique($arMention);
$arMessageFields = array("MESSAGE_TYPE" => IM_MESSAGE_SYSTEM, "TO_USER_ID" => "", "FROM_USER_ID" => $arResult['USER_ID'], "NOTIFY_TYPE" => IM_NOTIFY_FROM, "NOTIFY_MODULE" => "crm", "NOTIFY_EVENT" => "mention");
$genderSuffix = "";
$dbUser = CUser::GetByID($arResult['USER_ID']);
if ($arUser = $dbUser->Fetch()) {
switch ($arUser["PERSONAL_GENDER"]) {
case "M":
$genderSuffix = "_M";
break;
case "F":
$genderSuffix = "_F";
break;
default:
$genderSuffix = "";
}
}
$strIMMessageTitle = str_replace(array("\r\n", "\n"), " ", strlen($title) > 0 ? $title : $message);
if (CModule::IncludeModule("blog")) {
$strIMMessageTitle = trim(blogTextParser::killAllTags($strIMMessageTitle));
}
$strIMMessageTitle = TruncateText($strIMMessageTitle, 100);
$strIMMessageTitleOut = TruncateText($strIMMessageTitle, 255);
$strLogEntryURL = COption::GetOptionString("socialnetwork", "log_entry_page", SITE_DIR . "company/personal/log/#log_id#/", SITE_ID);
$strLogEntryURL = CComponentEngine::MakePathFromTemplate($strLogEntryURL, array("log_id" => $messageID));
$strLogEntryCrmURL = CComponentEngine::MakePathFromTemplate(SITE_DIR . "crm/stream/?log_id=#log_id#", array("log_id" => $messageID));
$serverName = (CMain::IsHTTPS() ? "https" : "http") . "://" . (defined("SITE_SERVER_NAME") && strlen(SITE_SERVER_NAME) > 0 ? SITE_SERVER_NAME : COption::GetOptionString("main", "server_name", ""));
foreach ($arMention as $val) {
$val = IntVal($val);
if ($val > 0 && $val != $arResult['USER_ID']) {
$bHasAccess = false;
if (in_array('U' . $val, $arSocnetRights)) {
$url = $strLogEntryURL;
$bHasAccess = true;
}
if (!$bHasAccess) {
$arAccessCodes = array();
$dbAccess = CAccess::GetUserCodes($val);
while ($arAccess = $dbAccess->Fetch()) {
$arAccessCodes[] = $arAccess["ACCESS_CODE"];
}
$arTmp = array_intersect($arAccess, $arSocnetRights);
if (!empty($arTmp)) {
$url = $strLogEntryURL;
$bHasAccess = true;
}
}
if (!$bHasAccess) {
$userPermissions = CCrmPerms::GetUserPermissions($val);
foreach ($arEntityData as $arEntity) {
if (CCrmAuthorizationHelper::CheckReadPermission(CCrmOwnerType::ResolveName(CCrmLiveFeedEntity::ResolveEntityTypeID($arEntity['ENTITY_TYPE'])), $arEntity['ENTITY_ID'], $userPermissions)) {
$url = $strLogEntryCrmURL;
$bHasAccess = true;
break;
}
}
}
if ($bHasAccess) {
$arMessageFields["TO_USER_ID"] = $val;
$arMessageFields["NOTIFY_TAG"] = "CRM|MESSAGE_MENTION|" . $messageID;
$arMessageFields["NOTIFY_MESSAGE"] = GetMessage("CRM_SL_EVENT_IM_MENTION_POST" . $genderSuffix, array("#title#" => "<a href=\"" . $url . "\" class=\"bx-notifier-item-action\">" . htmlspecialcharsbx($strIMMessageTitle) . "</a>"));
$arMessageFields["NOTIFY_MESSAGE_OUT"] = GetMessage("CRM_SL_EVENT_IM_MENTION_POST" . $genderSuffix, array("#title#" => htmlspecialcharsbx($strIMMessageTitleOut))) . " (" . $serverName . $url . ")";
CIMNotify::Add($arMessageFields);
}
}
}
}
return $messageID;
}
}
return $errors;
}
function _check_rights_sql($min_permission)
{
global $DB, $USER;
$min_permission = strlen($min_permission) == 1 ? $min_permission : "R";
if (is_object($USER)) {
$iUserID = intval($USER->GetID());
$strGroups = $USER->GetGroups();
$bAuthorized = $USER->IsAuthorized();
} else {
$iUserID = 0;
$strGroups = "2";
$bAuthorized = false;
}
$stdPermissions = "\n\t\t\tSELECT IBLOCK_ID\n\t\t\tFROM b_iblock_group IBG\n\t\t\tWHERE IBG.GROUP_ID IN (" . $strGroups . ")\n\t\t\tAND IBG.PERMISSION >= '" . $DB->ForSQL($min_permission) . "'\n\t\t";
if (!defined("ADMIN_SECTION")) {
$stdPermissions .= "\n\t\t\t\tAND (IBG.PERMISSION='X' OR B.ACTIVE='Y')\n\t\t\t";
}
if ($min_permission >= "X") {
$operation = 'element_rights_edit';
} elseif ($min_permission >= "W") {
$operation = 'element_edit';
} elseif ($min_permission >= "R") {
$operation = 'element_read';
} else {
$operation = '';
}
if ($operation) {
$acc = new CAccess();
$acc->UpdateCodes();
}
if ($operation == "element_read") {
$extPermissions = "\n\t\t\t\tSELECT ER.ELEMENT_ID\n\t\t\t\tFROM b_iblock_element_right ER\n\t\t\t\tINNER JOIN b_iblock_right IBR ON IBR.ID = ER.RIGHT_ID\n\t\t\t\t" . ($iUserID > 0 ? "LEFT" : "INNER") . " JOIN b_user_access UA ON UA.ACCESS_CODE = IBR.GROUP_CODE AND UA.USER_ID = " . $iUserID . "\n\t\t\t\tWHERE ER.ELEMENT_ID = BE.ID\n\t\t\t\tAND IBR.OP_EREAD = 'Y'\n\t\t\t\t" . ($bAuthorized || $iUserID > 0 ? "\n\t\t\t\t\tAND (UA.USER_ID IS NOT NULL\n\t\t\t\t\t" . ($bAuthorized ? "OR IBR.GROUP_CODE = 'AU'" : "") . "\n\t\t\t\t\t" . ($iUserID > 0 ? "OR (IBR.GROUP_CODE = 'CR' AND BE.CREATED_BY = " . $iUserID . ")" : "") . "\n\t\t\t\t)" : "") . "\n\t\t\t";
$strResult = "(\n\t\t\t\tB.ID IN ({$stdPermissions})\n\t\t\t\tOR (B.RIGHTS_MODE = 'E' AND EXISTS ({$extPermissions}))\n\t\t\t)";
} elseif ($operation) {
$extPermissions = "\n\t\t\t\tSELECT ER.ELEMENT_ID\n\t\t\t\tFROM b_iblock_element_right ER\n\t\t\t\tINNER JOIN b_iblock_right IBR ON IBR.ID = ER.RIGHT_ID\n\t\t\t\tINNER JOIN b_task_operation T ON T.TASK_ID = IBR.TASK_ID\n\t\t\t\tINNER JOIN b_operation O ON O.ID = T.OPERATION_ID\n\t\t\t\t" . ($iUserID > 0 ? "LEFT" : "INNER") . " JOIN b_user_access UA ON UA.ACCESS_CODE = IBR.GROUP_CODE AND UA.USER_ID = " . $iUserID . "\n\t\t\t\tWHERE ER.ELEMENT_ID = BE.ID\n\t\t\t\tAND O.NAME = '" . $operation . "'\n\t\t\t\t" . ($bAuthorized || $iUserID > 0 ? "\n\t\t\t\t\tAND (UA.USER_ID IS NOT NULL\n\t\t\t\t\t" . ($bAuthorized ? "OR IBR.GROUP_CODE = 'AU'" : "") . "\n\t\t\t\t\t" . ($iUserID > 0 ? "OR (IBR.GROUP_CODE = 'CR' AND BE.CREATED_BY = " . $iUserID . ")" : "") . "\n\t\t\t\t)" : "") . "\n\t\t\t";
$strResult = "(\n\t\t\t\tB.ID IN ({$stdPermissions})\n\t\t\t\tOR (B.RIGHTS_MODE = 'E' AND EXISTS ({$extPermissions}))\n\t\t\t)";
} else {
$strResult = "(\n\t\t\t\tB.ID IN ({$stdPermissions})\n\t\t\t)";
}
return $strResult;
}
public static function GetUserCodesArray($USER_ID, $arFilter = array())
{
global $CACHE_MANAGER;
$USER_ID = intval($USER_ID);
$useCache = empty($arFilter) && CACHED_b_user_access_check !== false;
if ($useCache && $CACHE_MANAGER->Read(CACHED_b_user_access_check, "access_codes" . $USER_ID, "access_check")) {
return $CACHE_MANAGER->Get("access_codes" . $USER_ID);
} else {
$arCodes = array();
$res = CAccess::GetUserCodes($USER_ID, $arFilter);
while ($arRes = $res->Fetch()) {
$arCodes[] = $arRes["ACCESS_CODE"];
}
if ($useCache) {
$CACHE_MANAGER->Set("access_codes" . $USER_ID, $arCodes);
}
return $arCodes;
}
}
public function GetFormHtml($arParams = false)
{
global $USER;
if (is_array($arParams["user"]) && $arParams["user"]["disabled"] == "true") {
return false;
}
if (!$USER->CanDoOperation('view_all_users')) {
return false;
}
$elements = "";
$arFinderParams = array("PROVIDER" => $this->id, "TYPE" => 2);
$arLRU = CAccess::GetLastRecentlyUsed($this->id);
if (!empty($arLRU)) {
foreach ($arLRU as $i => $val) {
$arLRU[$i] = substr($val, 1);
}
$nameFormat = CSite::GetNameFormat(false);
//be careful with field list because of CUser::FormatName()
$res = CUser::GetList($by = "LAST_NAME", $order = "asc", array("ID" => implode("|", $arLRU)), array("FIELDS" => array('ID', 'NAME', 'LAST_NAME', 'SECOND_NAME', 'LOGIN', 'EMAIL')));
while ($arUser = $res->Fetch()) {
$arItem = array("ID" => "U" . $arUser["ID"], "NAME" => CUser::FormatName($nameFormat, $arUser, true, false));
$elements .= CFinder::GetFinderItem($arFinderParams, $arItem);
}
}
$arPanels = array(array("NAME" => GetMessage("authprov_last"), "ELEMENTS" => $elements), array("NAME" => GetMessage("authprov_search"), "ELEMENTS" => CFinder::GetFinderItem(array("TYPE" => "text"), array("TEXT" => GetMessage("authprov_user"))), "SEARCH" => "Y"));
$html = CFinder::GetFinderAppearance($arFinderParams, $arPanels);
return array("HTML" => $html);
}
<td width="45%"><b><?php
echo GetMessage("EDIT_ACCESS_USER_GROUP");
?>
</b></td>
<td><b><?php
echo GetMessage("EDIT_ACCESS_PERMISSION");
?>
</b> </td>
</tr>
<tr class="empty">
<td colspan="2"></td>
</tr>
<?
//names for access codes
$access = new CAccess();
$arNames = $access->GetNames($arUserGroupsID, true);
//Javascript variables
$jsTaskArray = "window.BXTaskArray = {'0':'".CUtil::JSEscape(GetMessage("EDIT_ACCESS_SET_INHERIT"))."'";
foreach ($arPermTypes as $taskID => $taskTitle)
$jsTaskArray .= ",'".$taskID."':'".CUtil::JSEscape($taskTitle)."'";
$jsTaskArray .= "};";
$jsInheritPerm = "";
$jsInheritPermID = "var jsInheritPermIDs = [";
$bWasCurrentPerm = false;
foreach($arNames as $access_code => $dummy):
if(!in_array($access_code, $arUserGroupsID))
continue;
function GetList($arOrder = array("ID" => "DESC"), $arFilter = array(), $arGroupBy = false, $arNavStartParams = false, $arSelectFields = array(), $arParams = array())
{
global $DB, $arSocNetAllowedEntityTypes, $USER, $USER_FIELD_MANAGER;
$arSocNetAllowedSubscribeEntityTypesDesc = CSocNetAllowed::GetAllowedEntityTypesDesc();
$obUserFieldsSql = new CUserTypeSQL();
$obUserFieldsSql->SetEntity("SONET_LOG", "L.ID");
$obUserFieldsSql->SetSelect($arSelectFields);
$obUserFieldsSql->SetFilter($arFilter);
$obUserFieldsSql->SetOrder($arOrder);
if (count($arSelectFields) <= 0) {
$arSelectFields = array("ID", "TMP_ID", "ENTITY_TYPE", "ENTITY_ID", "USER_ID", "EVENT_ID", "LOG_DATE", "LOG_UPDATE", "TITLE_TEMPLATE", "TITLE", "MESSAGE", "TEXT_MESSAGE", "URL", "MODULE_ID", "CALLBACK_FUNC", "EXTERNAL_ID", "SITE_ID", "PARAMS", "COMMENTS_COUNT", "ENABLE_COMMENTS", "SOURCE_ID", "GROUP_NAME", "GROUP_OWNER_ID", "GROUP_INITIATE_PERMS", "GROUP_VISIBLE", "GROUP_OPENED", "GROUP_IMAGE_ID", "USER_NAME", "USER_LAST_NAME", "USER_SECOND_NAME", "USER_LOGIN", "USER_PERSONAL_PHOTO", "USER_PERSONAL_GENDER", "CREATED_BY_NAME", "CREATED_BY_LAST_NAME", "CREATED_BY_SECOND_NAME", "CREATED_BY_LOGIN", "CREATED_BY_PERSONAL_PHOTO", "CREATED_BY_PERSONAL_GENDER", "RATING_TYPE_ID", "RATING_ENTITY_ID", "RATING_TOTAL_VALUE", "RATING_TOTAL_VOTES", "RATING_TOTAL_POSITIVE_VOTES", "RATING_TOTAL_NEGATIVE_VOTES", "RATING_USER_VOTE_VALUE", "SOURCE_TYPE");
if (!isset($arParams["USE_FAVORITES"]) || $arParams["USE_FAVORITES"] != "N") {
$arSelectFields[] = "FAVORITES_USER_ID";
}
}
static $arFields1 = array("ID" => array("FIELD" => "L.ID", "TYPE" => "int"), "TMP_ID" => array("FIELD" => "L.TMP_ID", "TYPE" => "int"), "SOURCE_ID" => array("FIELD" => "L.SOURCE_ID", "TYPE" => "int"), "ENTITY_TYPE" => array("FIELD" => "L.ENTITY_TYPE", "TYPE" => "string"), "ENTITY_ID" => array("FIELD" => "L.ENTITY_ID", "TYPE" => "int"), "USER_ID" => array("FIELD" => "L.USER_ID", "TYPE" => "int"), "EVENT_ID" => array("FIELD" => "L.EVENT_ID", "TYPE" => "string"), "LOG_DATE" => array("FIELD" => "L.LOG_DATE", "TYPE" => "datetime"), "LOG_DATE_TS" => array("FIELD" => "UNIX_TIMESTAMP(L.LOG_DATE)", "TYPE" => "int"), "LOG_UPDATE" => array("FIELD" => "L.LOG_UPDATE", "TYPE" => "datetime"), "TITLE_TEMPLATE" => array("FIELD" => "L.TITLE_TEMPLATE", "TYPE" => "string"), "TITLE" => array("FIELD" => "L.TITLE", "TYPE" => "string"), "MESSAGE" => array("FIELD" => "L.MESSAGE", "TYPE" => "string"), "TEXT_MESSAGE" => array("FIELD" => "L.TEXT_MESSAGE", "TYPE" => "string"), "URL" => array("FIELD" => "L.URL", "TYPE" => "string"), "MODULE_ID" => array("FIELD" => "L.MODULE_ID", "TYPE" => "string"), "CALLBACK_FUNC" => array("FIELD" => "L.CALLBACK_FUNC", "TYPE" => "string"), "EXTERNAL_ID" => array("FIELD" => "L.EXTERNAL_ID", "TYPE" => "string"), "PARAMS" => array("FIELD" => "L.PARAMS", "TYPE" => "string"), "COMMENTS_COUNT" => array("FIELD" => "L.COMMENTS_COUNT", "TYPE" => "int"), "ENABLE_COMMENTS" => array("FIELD" => "L.ENABLE_COMMENTS", "TYPE" => "string"), "SOURCE_TYPE" => array("FIELD" => "L.SOURCE_TYPE", "TYPE" => "string"), "GROUP_NAME" => array("FIELD" => "G.NAME", "TYPE" => "string", "FROM" => "LEFT JOIN b_sonet_group G ON (L.ENTITY_TYPE = 'G' AND L.ENTITY_ID = G.ID)"), "GROUP_OWNER_ID" => array("FIELD" => "G.OWNER_ID", "TYPE" => "int", "FROM" => "LEFT JOIN b_sonet_group G ON (L.ENTITY_TYPE = 'G' AND L.ENTITY_ID = G.ID)"), "GROUP_INITIATE_PERMS" => array("FIELD" => "G.INITIATE_PERMS", "TYPE" => "string", "FROM" => "LEFT JOIN b_sonet_group G ON (L.ENTITY_TYPE = 'G' AND L.ENTITY_ID = G.ID)"), "GROUP_VISIBLE" => array("FIELD" => "G.VISIBLE", "TYPE" => "string", "FROM" => "LEFT JOIN b_sonet_group G ON (L.ENTITY_TYPE = 'G' AND L.ENTITY_ID = G.ID)"), "GROUP_OPENED" => array("FIELD" => "G.OPENED", "TYPE" => "string", "FROM" => "LEFT JOIN b_sonet_group G ON (L.ENTITY_TYPE = 'G' AND L.ENTITY_ID = G.ID)"), "GROUP_IMAGE_ID" => array("FIELD" => "G.IMAGE_ID", "TYPE" => "int", "FROM" => "LEFT JOIN b_sonet_group G ON (L.ENTITY_TYPE = 'G' AND L.ENTITY_ID = G.ID)"), "USER_NAME" => array("FIELD" => "U.NAME", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U ON (L.ENTITY_TYPE = 'U' AND L.ENTITY_ID = U.ID)"), "USER_LAST_NAME" => array("FIELD" => "U.LAST_NAME", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U ON (L.ENTITY_TYPE = 'U' AND L.ENTITY_ID = U.ID)"), "USER_SECOND_NAME" => array("FIELD" => "U.SECOND_NAME", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U ON (L.ENTITY_TYPE = 'U' AND L.ENTITY_ID = U.ID)"), "USER_LOGIN" => array("FIELD" => "U.LOGIN", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U ON (L.ENTITY_TYPE = 'U' AND L.ENTITY_ID = U.ID)"), "USER_PERSONAL_PHOTO" => array("FIELD" => "U.PERSONAL_PHOTO", "TYPE" => "int", "FROM" => "LEFT JOIN b_user U ON (L.ENTITY_TYPE = 'U' AND L.ENTITY_ID = U.ID)"), "USER_PERSONAL_GENDER" => array("FIELD" => "U.PERSONAL_GENDER", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U ON (L.ENTITY_TYPE = 'U' AND L.ENTITY_ID = U.ID)"), "CREATED_BY_NAME" => array("FIELD" => "U1.NAME", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U1 ON L.USER_ID = U1.ID"), "CREATED_BY_LAST_NAME" => array("FIELD" => "U1.LAST_NAME", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U1 ON L.USER_ID = U1.ID"), "CREATED_BY_SECOND_NAME" => array("FIELD" => "U1.SECOND_NAME", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U1 ON L.USER_ID = U1.ID"), "CREATED_BY_LOGIN" => array("FIELD" => "U1.LOGIN", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U1 ON L.USER_ID = U1.ID"), "CREATED_BY_PERSONAL_PHOTO" => array("FIELD" => "U1.PERSONAL_PHOTO", "TYPE" => "int", "FROM" => "LEFT JOIN b_user U1 ON L.USER_ID = U1.ID"), "CREATED_BY_PERSONAL_GENDER" => array("FIELD" => "U1.PERSONAL_GENDER", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U1 ON L.USER_ID = U1.ID"), "USER_ID|COMMENT_USER_ID" => array("FIELD" => "L.USER_ID|LC.USER_ID", "WHERE" => array("CSocNetLog", "GetSimpleOrQuery"), "FROM" => "LEFT JOIN b_sonet_log_comment LC ON LC.LOG_ID = L.ID"));
$arFields = array("RATING_TYPE_ID" => array("FIELD" => "L.RATING_TYPE_ID", "TYPE" => "string"), "RATING_ENTITY_ID" => array("FIELD" => "L.RATING_ENTITY_ID", "TYPE" => "int"), "RATING_TOTAL_VALUE" => array("FIELD" => $DB->IsNull('RG.TOTAL_VALUE', '0'), "TYPE" => "double", "FROM" => "LEFT JOIN b_rating_voting RG ON L.RATING_TYPE_ID = RG.ENTITY_TYPE_ID AND L.RATING_ENTITY_ID = RG.ENTITY_ID"), "RATING_TOTAL_VOTES" => array("FIELD" => $DB->IsNull('RG.TOTAL_VOTES', '0'), "TYPE" => "double", "FROM" => "LEFT JOIN b_rating_voting RG ON L.RATING_TYPE_ID = RG.ENTITY_TYPE_ID AND L.RATING_ENTITY_ID = RG.ENTITY_ID"), "RATING_TOTAL_POSITIVE_VOTES" => array("FIELD" => $DB->IsNull('RG.TOTAL_POSITIVE_VOTES', '0'), "TYPE" => "int", "FROM" => "LEFT JOIN b_rating_voting RG ON L.RATING_TYPE_ID = RG.ENTITY_TYPE_ID AND L.RATING_ENTITY_ID = RG.ENTITY_ID"), "RATING_TOTAL_NEGATIVE_VOTES" => array("FIELD" => $DB->IsNull('RG.TOTAL_NEGATIVE_VOTES', '0'), "TYPE" => "int", "FROM" => "LEFT JOIN b_rating_voting RG ON L.RATING_TYPE_ID = RG.ENTITY_TYPE_ID AND L.RATING_ENTITY_ID = RG.ENTITY_ID"));
if (isset($USER) && is_object($USER)) {
$arFields["RATING_USER_VOTE_VALUE"] = array("FIELD" => $DB->IsNull('RV.VALUE', '0'), "TYPE" => "double", "FROM" => "LEFT JOIN b_rating_vote RV ON L.RATING_TYPE_ID = RV.ENTITY_TYPE_ID AND L.RATING_ENTITY_ID = RV.ENTITY_ID AND RV.USER_ID = " . intval($USER->GetID()));
if (!isset($arParams["USE_FAVORITES"]) || $arParams["USE_FAVORITES"] != "N") {
$join_type = "LEFT";
$field_value = $DB->IsNull("SLF.USER_ID", "0");
foreach ($arFilter as $key => $value) {
if (strpos($key, "FAVORITES_USER_ID") !== false) {
$join_type = "INNER";
$field_value = "SLF.USER_ID";
break;
}
}
$arFields["FAVORITES_USER_ID"] = array("FIELD" => $field_value, "TYPE" => "double", "FROM" => $join_type . " JOIN b_sonet_log_favorites SLF ON L.ID = SLF.LOG_ID AND SLF.USER_ID = " . intval($USER->GetID()));
}
}
if (isset($USER) && is_object($USER) && $USER->IsAuthorized() && $arParams["USE_FOLLOW"] == "Y") {
$default_follow = CSocNetLogFollow::GetDefaultValue($USER->GetID());
$default_field = $default_follow == "Y" ? "LOG_UPDATE" : "LOG_DATE";
$arFields["DATE_FOLLOW"] = array("FIELD" => "CASE\n\t\t\t\t\tWHEN LFW.USER_ID IS NULL\n\t\t\t\t\t\tTHEN L." . $default_field . "\n\t\t\t\t\tWHEN LFW.FOLLOW_DATE IS NOT NULL\n\t\t\t\t\t\tTHEN LFW.FOLLOW_DATE\n\t\t\t\t\tWHEN LFW.TYPE = 'Y'\n\t\t\t\t\t\tTHEN L.LOG_UPDATE\n\t\t\t\t\tELSE L.LOG_DATE\n\t\t\t\tEND", "TYPE" => "datetime", "FROM" => "LEFT JOIN b_sonet_log_follow LFW ON LFW.USER_ID = " . $USER->GetID() . " AND LFW.REF_ID = L.ID AND LFW.CODE = " . $DB->Concat("'L'", "L.ID"));
$arFields["FOLLOW"] = array("FIELD" => "CASE\n\t\t\t\t\tWHEN LFW.USER_ID IS NULL\n\t\t\t\t\t\tTHEN '" . $default_follow . "'\n\t\t\t\t\tELSE LFW.TYPE\n\t\t\t\tEND", "TYPE" => "string", "FROM" => "LEFT JOIN b_sonet_log_follow LFW ON LFW.USER_ID = " . $USER->GetID() . " AND LFW.REF_ID = L.ID AND LFW.CODE = " . $DB->Concat("'L'", "L.ID"));
if (!in_array("FOLLOW", $arSelectFields)) {
$arSelectFields[] = "FOLLOW";
}
}
if (array_key_exists("SITE_ID", $arFilter)) {
$arFields["SITE_ID"] = array("FIELD" => "SLS.SITE_ID", "TYPE" => "string", "FROM" => "LEFT JOIN b_sonet_log_site SLS ON L.ID = SLS.LOG_ID");
if (is_array($arFilter["SITE_ID"])) {
$site_cnt = 0;
foreach ($arFilter["SITE_ID"] as $site_id_tmp) {
if ($site_id_tmp) {
$site_cnt++;
}
}
$strDistinct = $site_cnt > 1 ? " DISTINCT " : " ";
} else {
$strDistinct = " ";
}
foreach ($arSelectFields as $i => $strFieldTmp) {
if ($strFieldTmp == "SITE_ID") {
unset($arSelectFields[$i]);
}
}
foreach ($arOrder as $by => $order) {
if (!in_array($by, $arSelectFields)) {
$arSelectFields[] = $by;
}
}
} else {
$arFields["SITE_ID"] = array("FIELD" => "L.SITE_ID", "TYPE" => "string");
$strDistinct = " ";
}
if (array_key_exists("USER_ID", $arFilter) && !array_key_exists("ENTITY_TYPE", $arFilter)) {
$arCBFilterEntityType = array();
foreach ($arSocNetAllowedSubscribeEntityTypesDesc as $entity_type_tmp => $arEntityTypeTmp) {
if (array_key_exists("USE_CB_FILTER", $arEntityTypeTmp) && $arEntityTypeTmp["USE_CB_FILTER"] == "Y") {
$arCBFilterEntityType[] = $entity_type_tmp;
}
}
if (is_array($arCBFilterEntityType) && count($arCBFilterEntityType) > 0) {
$arFilter["ENTITY_TYPE"] = $arCBFilterEntityType;
}
}
if (array_key_exists("LOG_RIGHTS", $arFilter)) {
$Rights = array();
if (is_array($arFilter["LOG_RIGHTS"])) {
foreach ($arFilter["LOG_RIGHTS"] as $str) {
if (trim($str)) {
$Rights[] = trim($str);
}
}
} elseif (trim($arFilter["LOG_RIGHTS"])) {
$Rights = trim($arFilter["LOG_RIGHTS"]);
}
unset($arFilter["LOG_RIGHTS"]);
if (is_array($Rights) && !empty($Rights) || !is_array($Rights)) {
$arFilter["LOG_RIGHTS"] = $Rights;
$arFields["LOG_RIGHTS"] = array("FIELD" => "SLR0.GROUP_CODE", "TYPE" => "string", "FROM" => "INNER JOIN b_sonet_log_right SLR0 ON L.ID = SLR0.LOG_ID");
}
if (is_array($Rights) && count($Rights) > 1) {
$strDistinct = " DISTINCT ";
}
}
if (array_key_exists("USER_ID|COMMENT_USER_ID", $arFilter)) {
$strDistinct = " DISTINCT ";
}
if ($arParams["IS_CRM"] == "Y") {
$events = GetModuleEvents("socialnetwork", "OnFillSocNetLogFields");
while ($arEvent = $events->Fetch()) {
ExecuteModuleEventEx($arEvent, array(&$arFields));
}
}
$arFields = array_merge($arFields1, $arFields);
$arSqls = CSocNetGroup::PrepareSql($arFields, $arOrder, $arFilter, $arGroupBy, $arSelectFields, $obUserFieldsSql);
$listEvents = GetModuleEvents("socialnetwork", "OnBuildSocNetLogSql");
while ($arEvent = $listEvents->Fetch()) {
ExecuteModuleEventEx($arEvent, array(&$arFields, &$arOrder, &$arFilter, &$arGroupBy, &$arSelectFields, &$arSqls));
}
$r = $obUserFieldsSql->GetFilter();
if (strlen($r) > 0) {
$strSqlUFFilter = " (" . $r . ") ";
}
$arSqls["RIGHTS"] = "";
$arSqls["CRM_RIGHTS"] = "";
if (!empty($arParams) && (array_key_exists("CHECK_RIGHTS", $arParams) && $arParams["CHECK_RIGHTS"] == "Y" || array_key_exists("CHECK_CRM_RIGHTS", $arParams) && $arParams["CHECK_CRM_RIGHTS"] == "Y") && !array_key_exists("USER_ID", $arParams) && is_object($USER)) {
$arParams["USER_ID"] = $USER->GetID();
}
if (!empty($arParams) && array_key_exists("USER_ID", $arParams) && $arParams["CHECK_CRM_RIGHTS"] != "Y") {
$arParams["CHECK_RIGHTS"] = "Y";
}
if (!empty($arParams) && ($arParams["USE_SUBSCRIBE"] == "Y" || $arParams["USE_FOLLOW"] == "Y")) {
if (!array_key_exists("SUBSCRIBE_USER_ID", $arParams)) {
if (array_key_exists("USER_ID", $arParams) && intval($arParams["USER_ID"]) > 0) {
$arParams["SUBSCRIBE_USER_ID"] = $arParams["USER_ID"];
} elseif (is_object($USER)) {
$arParams["SUBSCRIBE_USER_ID"] = $USER->GetID();
}
}
if ($arParams["USE_SUBSCRIBE"] == "Y" && !array_key_exists("MY_ENTITIES", $arParams)) {
foreach ($arSocNetAllowedSubscribeEntityTypesDesc as $entity_type_tmp => $arEntityTypeTmp) {
if (array_key_exists("HAS_MY", $arEntityTypeTmp) && $arEntityTypeTmp["HAS_MY"] == "Y" && array_key_exists("CLASS_MY", $arEntityTypeTmp) && array_key_exists("METHOD_MY", $arEntityTypeTmp) && strlen($arEntityTypeTmp["CLASS_MY"]) > 0 && strlen($arEntityTypeTmp["METHOD_MY"]) > 0 && method_exists($arEntityTypeTmp["CLASS_MY"], $arEntityTypeTmp["METHOD_MY"])) {
$arMyEntities[$entity_type_tmp] = call_user_func(array($arEntityTypeTmp["CLASS_MY"], $arEntityTypeTmp["METHOD_MY"]));
}
}
$arParams["MY_ENTITIES"] = $arMyEntities;
}
}
if (!empty($arParams) && array_key_exists("CHECK_RIGHTS", $arParams) && $arParams["CHECK_RIGHTS"] == "Y" && array_key_exists("USER_ID", $arParams)) {
$acc = new CAccess();
$acc->UpdateCodes();
$arSqls["RIGHTS"] = "EXISTS ( SELECT SLR.ID FROM b_sonet_log_right SLR\n\t\t\t\tLEFT JOIN b_user_access UA ON (UA.ACCESS_CODE = SLR.GROUP_CODE AND UA.USER_ID = " . (is_object($USER) ? intval($USER->GetID()) : 0) . ")\n\t\t\t\tWHERE L.ID = SLR.LOG_ID " . (is_object($USER) && $USER->IsAuthorized() && $arParams["MY_GROUPS_ONLY"] == "Y" ? " AND (\n\t\t\t\t\t\t\t\t(SLR.GROUP_CODE LIKE 'SG%' AND (UA.ACCESS_CODE = SLR.GROUP_CODE AND UA.USER_ID = " . intval($USER->GetID()) . ")) \n\t\t\t\t\t\t\t\tOR SLR.GROUP_CODE = 'U" . intval($USER->GetID()) . "'\n\t\t\t\t\t\t\t)" : " AND (\n\t\t\t\t\t\t\t\t0=1 " . (is_object($USER) && CSocNetUser::IsCurrentUserModuleAdmin() ? " OR SLR.GROUP_CODE = 'SA'" : "") . (is_object($USER) && $USER->IsAuthorized() ? " OR (SLR.GROUP_CODE = 'AU')" : "") . " OR (SLR.GROUP_CODE = 'G2')" . (is_object($USER) && $USER->IsAuthorized() ? " OR (UA.ACCESS_CODE = SLR.GROUP_CODE AND UA.USER_ID = " . intval($USER->GetID()) . ")" : "") . "\n\t\t\t\t\t\t\t)") . ")";
}
if (!empty($arParams) && array_key_exists("CHECK_CRM_RIGHTS", $arParams) && $arParams["CHECK_CRM_RIGHTS"] == "Y" && array_key_exists("USER_ID", $arParams)) {
$permParams = array('ALIAS_PREFIX' => 'L', 'PERM_TYPE' => 'READ', 'FILTER_PARAMS' => isset($arParams['CUSTOM_FILTER_PARAMS']) ? $arParams['CUSTOM_FILTER_PARAMS'] : array(), 'OPTIONS' => array('ENTITY_TYPE_COLUMN' => 'ENTITY_TYPE', 'IDENTITY_COLUMN' => 'ENTITY_ID'));
$altPerms = array();
$events = GetModuleEvents("socialnetwork", "OnBuildSocNetLogPerms");
while ($arEvent = $events->Fetch()) {
ExecuteModuleEventEx($arEvent, array(&$altPerms, $permParams));
}
if (!empty($altPerms)) {
foreach ($altPerms as $permSql) {
if ($permSql === false) {
//Access denied
$dbRes = new CDBResult();
$dbRes->InitFromArray(array());
return $dbRes;
}
if (is_string($permSql) && $permSql !== '') {
if ($arSqls['CRM_RIGHTS'] !== '') {
$arSqls['CRM_RIGHTS'] .= ' AND ';
}
$arSqls['CRM_RIGHTS'] = $permSql;
}
}
}
}
if ($arParams["USE_SUBSCRIBE"] == "Y" && intval($arParams["SUBSCRIBE_USER_ID"]) > 0) {
$arSqls["SUBSCRIBE"] = CSocNetLogEvents::GetSQL($arParams["SUBSCRIBE_USER_ID"], is_array($arParams["MY_ENTITIES"]) ? $arParams["MY_ENTITIES"] : array(), $arParams["TRANSPORT"], $arParams["VISIBLE"]);
$arParams["MIN_ID_JOIN"] = true;
}
$arSqls["SELECT"] = str_replace("%%_DISTINCT_%%", $strDistinct, $arSqls["SELECT"]);
$strMinIDJoin = "";
if (is_array($arGroupBy) && count($arGroupBy) == 0) {
$strSql = "SELECT " . $arSqls["SELECT"] . " " . $obUserFieldsSql->GetSelect() . " " . "FROM b_sonet_log L " . $strMinIDJoin . "\t" . $arSqls["FROM"] . " " . $obUserFieldsSql->GetJoin("L.ID") . " ";
$bWhereStarted = false;
if (strlen($arSqls["WHERE"]) > 0) {
$strSql .= "WHERE " . $arSqls["WHERE"] . " ";
$bWhereStarted = true;
}
if (strlen($strSqlUFFilter) > 0) {
$strSql .= ($bWhereStarted ? " AND " : " WHERE ") . $strSqlUFFilter . " ";
$bWhereStarted = true;
}
if (strlen($arSqls["RIGHTS"]) > 0) {
$strSql .= ($bWhereStarted ? " AND " : " WHERE ") . $arSqls["RIGHTS"] . " ";
$bWhereStarted = true;
}
if (strlen($arSqls["CRM_RIGHTS"]) > 0) {
$strSql .= ($bWhereStarted ? " AND " : " WHERE ") . $arSqls["CRM_RIGHTS"] . " ";
$bWhereStarted = true;
}
if (strlen($arSqls["SUBSCRIBE"]) > 0) {
$strSql .= ($bWhereStarted ? " AND " : " WHERE ") . "(" . $arSqls["SUBSCRIBE"] . ") ";
$bWhereStarted = true;
}
if (strlen($arSqls["GROUPBY"]) > 0) {
$strSql .= "GROUP BY " . $arSqls["GROUPBY"] . " ";
}
//echo "!1!=".htmlspecialcharsbx($strSql)."<br>";
$dbRes = $DB->Query($strSql, false, "File: " . __FILE__ . "<br>Line: " . __LINE__);
if ($arRes = $dbRes->Fetch()) {
return $arRes["CNT"];
} else {
return False;
}
}
$strSql = "SELECT " . $arSqls["SELECT"] . " " . $obUserFieldsSql->GetSelect() . " " . "FROM b_sonet_log L " . $strMinIDJoin . "\t" . $arSqls["FROM"] . " " . $obUserFieldsSql->GetJoin("L.ID") . " ";
$bWhereStarted = false;
if (strlen($arSqls["WHERE"]) > 0) {
$strSql .= "WHERE " . $arSqls["WHERE"] . " ";
$bWhereStarted = true;
}
if (strlen($strSqlUFFilter) > 0) {
$strSql .= ($bWhereStarted ? " AND " : " WHERE ") . $strSqlUFFilter . " ";
$bWhereStarted = true;
}
if (strlen($arSqls["RIGHTS"]) > 0) {
$strSql .= ($bWhereStarted ? " AND " : " WHERE ") . $arSqls["RIGHTS"] . " ";
$bWhereStarted = true;
}
if (strlen($arSqls["CRM_RIGHTS"]) > 0) {
$strSql .= ($bWhereStarted ? " AND " : " WHERE ") . $arSqls["CRM_RIGHTS"] . " ";
$bWhereStarted = true;
}
if (strlen($arSqls["SUBSCRIBE"]) > 0) {
$strSql .= ($bWhereStarted ? " AND " : " WHERE ") . "(" . $arSqls["SUBSCRIBE"] . ") ";
$bWhereStarted = true;
}
if (strlen($arSqls["GROUPBY"]) > 0) {
$strSql .= "GROUP BY " . $arSqls["GROUPBY"] . " ";
}
if (strlen($arSqls["ORDERBY"]) > 0) {
$strSql .= "ORDER BY " . $arSqls["ORDERBY"] . " ";
}
if (is_array($arNavStartParams) && IntVal($arNavStartParams["nTopCount"]) <= 0) {
if (isset($arNavStartParams["nRecordCount"]) && intval($arNavStartParams["nRecordCount"]) > 0) {
$cnt = intval($arNavStartParams["nRecordCount"]);
} else {
$strSql_tmp = "SELECT COUNT('x') as CNT " . $obUserFieldsSql->GetSelect() . " " . "FROM b_sonet_log L " . $strMinIDJoin . "\t" . $arSqls["FROM"] . " " . $obUserFieldsSql->GetJoin("L.ID") . " ";
$bWhereStarted = false;
if (strlen($arSqls["WHERE"]) > 0) {
$strSql_tmp .= "WHERE " . $arSqls["WHERE"] . " ";
$bWhereStarted = true;
}
if (strlen($strSqlUFFilter) > 0) {
$strSql_tmp .= ($bWhereStarted ? " AND " : " WHERE ") . $strSqlUFFilter . " ";
$bWhereStarted = true;
}
if (strlen($arSqls["RIGHTS"]) > 0) {
$strSql_tmp .= ($bWhereStarted ? " AND " : " WHERE ") . $arSqls["RIGHTS"] . " ";
$bWhereStarted = true;
}
if (strlen($arSqls["CRM_RIGHTS"]) > 0) {
$strSql_tmp .= ($bWhereStarted ? " AND " : " WHERE ") . $arSqls["CRM_RIGHTS"] . " ";
$bWhereStarted = true;
}
if (strlen($arSqls["SUBSCRIBE"]) > 0) {
$strSql_tmp .= ($bWhereStarted ? " AND " : " WHERE ") . "(" . $arSqls["SUBSCRIBE"] . ") ";
$bWhereStarted = true;
}
if (strlen($arSqls["GROUPBY"]) > 0) {
$strSql_tmp .= "GROUP BY " . $arSqls["GROUPBY"] . " ";
}
//echo "!2.1!=".htmlspecialcharsbx($strSql_tmp)."<br>";
$dbRes = $DB->Query($strSql_tmp, false, "File: " . __FILE__ . "<br>Line: " . __LINE__);
$cnt = 0;
if (strlen($arSqls["GROUPBY"]) <= 0) {
if ($arRes = $dbRes->Fetch()) {
$cnt = $arRes["CNT"];
}
} else {
// рнкэйн дкъ MYSQL!!! дкъ ORACLE дпсцни йнд
$cnt = $dbRes->SelectedRowsCount();
}
// for empty 2nd page show
if ($arNavStartParams["bSkipPageReset"] && $arNavStartParams["nPageSize"] >= $cnt) {
$cnt = $arNavStartParams["nPageSize"] + $cnt;
}
}
$dbRes = new CDBResult();
//echo "!2.2!=".htmlspecialcharsbx($strSql)."<br>";
$dbRes->SetUserFields($USER_FIELD_MANAGER->GetUserFields("SONET_LOG"));
$dbRes->NavQuery($strSql, $cnt, $arNavStartParams);
} else {
if (is_array($arNavStartParams) && IntVal($arNavStartParams["nTopCount"]) > 0) {
$strSql .= "LIMIT " . intval($arNavStartParams["nTopCount"]);
}
//echo "!3!=".htmlspecialcharsbx($strSql)."<br>";
$dbRes = $DB->Query($strSql, false, "File: " . __FILE__ . "<br>Line: " . __LINE__);
$dbRes->SetUserFields($USER_FIELD_MANAGER->GetUserFields("SONET_LOG"));
}
return $dbRes;
}
function GetList($arOrder = Array("ID" => "DESC"), $arFilter = Array(), $arGroupBy = false, $arNavStartParams = false, $arSelectFields = array(), $arParams = array())
{
global $DB, $arSocNetAllowedEntityTypes, $USER, $USER_FIELD_MANAGER;
$arSocNetAllowedSubscribeEntityTypesDesc = CSocNetAllowed::GetAllowedEntityTypesDesc();
$obUserFieldsSql = new CUserTypeSQL;
$obUserFieldsSql->SetEntity("SONET_COMMENT", "LC.ID");
$obUserFieldsSql->SetSelect($arSelectFields);
$obUserFieldsSql->SetFilter($arFilter);
$obUserFieldsSql->SetOrder($arOrder);
if (count($arSelectFields) <= 0)
$arSelectFields = array(
"ID", "LOG_ID", "SOURCE_ID", "ENTITY_TYPE", "ENTITY_ID", "USER_ID", "EVENT_ID", "LOG_DATE", "MESSAGE", "TEXT_MESSAGE", "URL", "MODULE_ID",
"GROUP_NAME", "GROUP_OWNER_ID", "GROUP_VISIBLE", "GROUP_OPENED", "GROUP_IMAGE_ID",
"USER_NAME", "USER_LAST_NAME", "USER_SECOND_NAME", "USER_LOGIN", "USER_PERSONAL_PHOTO", "USER_PERSONAL_GENDER",
"CREATED_BY_NAME", "CREATED_BY_LAST_NAME", "CREATED_BY_SECOND_NAME", "CREATED_BY_LOGIN", "CREATED_BY_PERSONAL_PHOTO", "CREATED_BY_PERSONAL_GENDER",
"LOG_SITE_ID", "LOG_SOURCE_ID", "LOG_USER_ID",
"RATING_TYPE_ID", "RATING_ENTITY_ID", "RATING_TOTAL_VALUE", "RATING_TOTAL_VOTES", "RATING_TOTAL_POSITIVE_VOTES", "RATING_TOTAL_NEGATIVE_VOTES", "RATING_USER_VOTE_VALUE"
);
static $arFields1 = array(
"ID" => Array("FIELD" => "LC.ID", "TYPE" => "int"),
"LOG_ID" => Array("FIELD" => "LC.LOG_ID", "TYPE" => "int"),
"SOURCE_ID" => Array("FIELD" => "LC.SOURCE_ID", "TYPE" => "int"),
"ENTITY_TYPE" => Array("FIELD" => "LC.ENTITY_TYPE", "TYPE" => "string"),
"ENTITY_ID" => Array("FIELD" => "LC.ENTITY_ID", "TYPE" => "int"),
"USER_ID" => Array("FIELD" => "LC.USER_ID", "TYPE" => "int"),
"EVENT_ID" => Array("FIELD" => "LC.EVENT_ID", "TYPE" => "string"),
"LOG_DATE" => Array("FIELD" => "LC.LOG_DATE", "TYPE" => "datetime"),
"LOG_DATE_TS" => Array("FIELD" => "UNIX_TIMESTAMP(LC.LOG_DATE)", "TYPE" => "int"),
"TITLE" => Array("FIELD" => "LC.TITLE", "TYPE" => "string"),
"MESSAGE" => Array("FIELD" => "LC.MESSAGE", "TYPE" => "string"),
"TEXT_MESSAGE" => Array("FIELD" => "LC.TEXT_MESSAGE", "TYPE" => "string"),
"URL" => Array("FIELD" => "LC.URL", "TYPE" => "string"),
"MODULE_ID" => Array("FIELD" => "LC.MODULE_ID", "TYPE" => "string"),
"LOG_SOURCE_ID" => Array("FIELD" => "L.SOURCE_ID", "TYPE" => "int", "FROM" => "LEFT JOIN b_sonet_log L ON (LC.LOG_ID = L.ID)"),
"LOG_USER_ID" => Array("FIELD" => "L.USER_ID", "TYPE" => "int", "FROM" => "LEFT JOIN b_sonet_log L ON (LC.LOG_ID = L.ID)"),
"LOG_TITLE" => Array("FIELD" => "L1.TITLE", "TYPE" => "string", "FROM" => "INNER JOIN b_sonet_log L1 ON (LC.LOG_ID = L1.ID)"),
"LOG_URL" => Array("FIELD" => "L1.URL", "TYPE" => "string", "FROM" => "INNER JOIN b_sonet_log L1 ON (LC.LOG_ID = L1.ID)"),
"LOG_PARAMS" => Array("FIELD" => "L1.PARAMS", "TYPE" => "string", "FROM" => "INNER JOIN b_sonet_log L1 ON (LC.LOG_ID = L1.ID)"),
"GROUP_NAME" => Array("FIELD" => "G.NAME", "TYPE" => "string", "FROM" => "LEFT JOIN b_sonet_group G ON (LC.ENTITY_TYPE = 'G' AND LC.ENTITY_ID = G.ID)"),
"GROUP_OWNER_ID" => Array("FIELD" => "G.OWNER_ID", "TYPE" => "int", "FROM" => "LEFT JOIN b_sonet_group G ON (LC.ENTITY_TYPE = 'G' AND LC.ENTITY_ID = G.ID)"),
"GROUP_VISIBLE" => Array("FIELD" => "G.VISIBLE", "TYPE" => "string", "FROM" => "LEFT JOIN b_sonet_group G ON (LC.ENTITY_TYPE = 'G' AND LC.ENTITY_ID = G.ID)"),
"GROUP_OPENED" => Array("FIELD" => "G.OPENED", "TYPE" => "string", "FROM" => "LEFT JOIN b_sonet_group G ON (LC.ENTITY_TYPE = 'G' AND LC.ENTITY_ID = G.ID)"),
"GROUP_IMAGE_ID" => Array("FIELD" => "G.IMAGE_ID", "TYPE" => "int", "FROM" => "LEFT JOIN b_sonet_group G ON (LC.ENTITY_TYPE = 'G' AND LC.ENTITY_ID = G.ID)"),
"USER_NAME" => Array("FIELD" => "U.NAME", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U ON (LC.ENTITY_TYPE = 'U' AND LC.ENTITY_ID = U.ID)"),
"USER_LAST_NAME" => Array("FIELD" => "U.LAST_NAME", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U ON (LC.ENTITY_TYPE = 'U' AND LC.ENTITY_ID = U.ID)"),
"USER_SECOND_NAME" => Array("FIELD" => "U.SECOND_NAME", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U ON (LC.ENTITY_TYPE = 'U' AND LC.ENTITY_ID = U.ID)"),
"USER_LOGIN" => Array("FIELD" => "U.LOGIN", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U ON (LC.ENTITY_TYPE = 'U' AND LC.ENTITY_ID = U.ID)"),
"USER_PERSONAL_PHOTO" => Array("FIELD" => "U.PERSONAL_PHOTO", "TYPE" => "int", "FROM" => "LEFT JOIN b_user U ON (LC.ENTITY_TYPE = 'U' AND LC.ENTITY_ID = U.ID)"),
"USER_PERSONAL_GENDER" => Array("FIELD" => "U.PERSONAL_GENDER", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U ON (LC.ENTITY_TYPE = 'U' AND LC.ENTITY_ID = U.ID)"),
"CREATED_BY_NAME" => Array("FIELD" => "U1.NAME", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U1 ON LC.USER_ID = U1.ID"),
"CREATED_BY_LAST_NAME" => Array("FIELD" => "U1.LAST_NAME", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U1 ON LC.USER_ID = U1.ID"),
"CREATED_BY_SECOND_NAME" => Array("FIELD" => "U1.SECOND_NAME", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U1 ON LC.USER_ID = U1.ID"),
"CREATED_BY_LOGIN" => Array("FIELD" => "U1.LOGIN", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U1 ON LC.USER_ID = U1.ID"),
"CREATED_BY_PERSONAL_PHOTO" => Array("FIELD" => "U1.PERSONAL_PHOTO", "TYPE" => "int", "FROM" => "LEFT JOIN b_user U1 ON LC.USER_ID = U1.ID"),
"CREATED_BY_PERSONAL_GENDER" => Array("FIELD" => "U1.PERSONAL_GENDER", "TYPE" => "string", "FROM" => "LEFT JOIN b_user U1 ON LC.USER_ID = U1.ID"),
);
if (array_key_exists("LOG_SITE_ID", $arFilter))
{
$arFields["LOG_SITE_ID"] = Array("FIELD" => "SLS.SITE_ID", "TYPE" => "string", "FROM" => "LEFT JOIN b_sonet_log_site SLS ON LC.LOG_ID = SLS.LOG_ID");
$strDistinct = " DISTINCT ";
foreach ($arSelectFields as $i => $strFieldTmp)
if ($strFieldTmp == "LOG_SITE_ID")
unset($arSelectFields[$i]);
foreach ($arOrder as $by => $order)
if (!in_array($by, $arSelectFields))
$arSelectFields[] = $by;
}
else
{
$arFields["LOG_SITE_ID"] = Array("FIELD" => "L.SITE_ID", "TYPE" => "string", "FROM" => "LEFT JOIN b_sonet_log L ON (LC.LOG_ID = L.ID)");
$strDistinct = " ";
}
$arFields["RATING_TYPE_ID"] = Array("FIELD" => "LC.RATING_TYPE_ID", "TYPE" => "string");
$arFields["RATING_ENTITY_ID"] = Array("FIELD" => "LC.RATING_ENTITY_ID", "TYPE" => "int");
$arFields["RATING_TOTAL_VALUE"] = Array("FIELD" => $DB->IsNull('RG.TOTAL_VALUE', '0'), "TYPE" => "double", "FROM" => "LEFT JOIN b_rating_voting RG ON LC.RATING_TYPE_ID = RG.ENTITY_TYPE_ID AND LC.RATING_ENTITY_ID = RG.ENTITY_ID");
$arFields["RATING_TOTAL_VOTES"] = Array("FIELD" => $DB->IsNull('RG.TOTAL_VOTES', '0'), "TYPE" => "double", "FROM" => "LEFT JOIN b_rating_voting RG ON LC.RATING_TYPE_ID = RG.ENTITY_TYPE_ID AND LC.RATING_ENTITY_ID = RG.ENTITY_ID");
$arFields["RATING_TOTAL_POSITIVE_VOTES"] = Array("FIELD" => $DB->IsNull('RG.TOTAL_POSITIVE_VOTES', '0'), "TYPE" => "int", "FROM" => "LEFT JOIN b_rating_voting RG ON LC.RATING_TYPE_ID = RG.ENTITY_TYPE_ID AND LC.RATING_ENTITY_ID = RG.ENTITY_ID");
$arFields["RATING_TOTAL_NEGATIVE_VOTES"] = Array("FIELD" => $DB->IsNull('RG.TOTAL_NEGATIVE_VOTES', '0'), "TYPE" => "int", "FROM" => "LEFT JOIN b_rating_voting RG ON LC.RATING_TYPE_ID = RG.ENTITY_TYPE_ID AND LC.RATING_ENTITY_ID = RG.ENTITY_ID");
if (isset($USER) && is_object($USER))
$arFields["RATING_USER_VOTE_VALUE"] = Array("FIELD" => $DB->IsNull('RV.VALUE', '0'), "TYPE" => "double", "FROM" => "LEFT JOIN b_rating_vote RV ON LC.RATING_TYPE_ID = RV.ENTITY_TYPE_ID AND LC.RATING_ENTITY_ID = RV.ENTITY_ID AND RV.USER_ID = ".intval($USER->GetId()));
if (array_key_exists("LOG_RIGHTS", $arFilter))
{
$Rights = array();
if(is_array($arFilter["LOG_RIGHTS"]))
{
foreach($arFilter["LOG_RIGHTS"] as $str)
if(trim($str))
$Rights[] = trim($str);
}
elseif(trim($arFilter["LOG_RIGHTS"]))
$Rights = trim($arFilter["LOG_RIGHTS"]);
unset($arFilter["LOG_RIGHTS"]);
if((is_array($Rights) && !empty($Rights)) || !is_array($Rights))
{
$arFilter["LOG_RIGHTS"] = $Rights;
$arFields["LOG_RIGHTS"] = Array("FIELD" => "SLR0.GROUP_CODE", "TYPE" => "string", "FROM" => "INNER JOIN b_sonet_log_right SLR0 ON LC.LOG_ID = SLR0.LOG_ID");
}
if(is_array($Rights) && count($Rights) > 1)
$strDistinct = " DISTINCT ";
}
$arFields = array_merge($arFields1, $arFields);
$arSqls = CSocNetGroup::PrepareSql($arFields, $arOrder, $arFilter, $arGroupBy, $arSelectFields, $obUserFieldsSql);
$r = $obUserFieldsSql->GetFilter();
if(strlen($r)>0)
$strSqlUFFilter = " (".$r.") ";
$arSqls["RIGHTS"] = "";
$arSqls["CRM_RIGHTS"] = "";
if (
!empty($arParams)
&& array_key_exists("CHECK_RIGHTS", $arParams)
&& $arParams["CHECK_RIGHTS"] == "Y"
&& !array_key_exists("USER_ID", $arParams)
&& is_object($GLOBALS["USER"])
)
$arParams["USER_ID"] = $GLOBALS["USER"]->GetID();
if (
!empty($arParams)
&& array_key_exists("USER_ID", $arParams)
)
$arParams["CHECK_RIGHTS"] = "Y";
if (
!empty($arParams)
&& array_key_exists("USE_SUBSCRIBE", $arParams)
&& $arParams["USE_SUBSCRIBE"] == "Y"
)
{
if (!array_key_exists("SUBSCRIBE_USER_ID", $arParams))
{
if (
array_key_exists("USER_ID", $arParams)
&& intval($arParams["USER_ID"]) > 0
)
$arParams["SUBSCRIBE_USER_ID"] = $arParams["USER_ID"];
else
$arParams["SUBSCRIBE_USER_ID"] = $GLOBALS["USER"]->GetID();
}
if (!array_key_exists("MY_ENTITIES", $arParams))
{
foreach($arSocNetAllowedSubscribeEntityTypesDesc as $entity_type_tmp => $arEntityTypeTmp)
if (
array_key_exists("HAS_MY", $arEntityTypeTmp)
&& $arEntityTypeTmp["HAS_MY"] == "Y"
&& array_key_exists("CLASS_MY", $arEntityTypeTmp)
&& array_key_exists("METHOD_MY", $arEntityTypeTmp)
&& strlen($arEntityTypeTmp["CLASS_MY"]) > 0
&& strlen($arEntityTypeTmp["METHOD_MY"]) > 0
&& method_exists($arEntityTypeTmp["CLASS_MY"], $arEntityTypeTmp["METHOD_MY"])
)
$arMyEntities[$entity_type_tmp] = call_user_func(array($arEntityTypeTmp["CLASS_MY"], $arEntityTypeTmp["METHOD_MY"]));
$arParams["MY_ENTITIES"] = $arMyEntities;
}
}
if (
!empty($arParams)
&& array_key_exists("CHECK_RIGHTS", $arParams)
&& $arParams["CHECK_RIGHTS"] == "Y"
&& array_key_exists("USER_ID", $arParams)
)
{
$acc = new CAccess;
$acc->UpdateCodes();
$arSqls["RIGHTS"] = "EXISTS ( SELECT SLR.ID FROM b_sonet_log_right SLR
LEFT JOIN b_user_access UA ON (UA.ACCESS_CODE = SLR.GROUP_CODE AND UA.USER_ID = ".(is_object($USER)? intval($USER->GetID()): 0).")
WHERE LC.LOG_ID = SLR.LOG_ID AND (0=1 ".
(is_object($USER) && CSocNetUser::IsCurrentUserModuleAdmin() ? " OR SLR.GROUP_CODE = 'SA'" : "").
(is_object($USER) && $USER->IsAuthorized() ? " OR (SLR.GROUP_CODE = 'AU')" : "").
" OR (SLR.GROUP_CODE = 'G2')".
(is_object($USER) && $USER->IsAuthorized() ? " OR (UA.ACCESS_CODE = SLR.GROUP_CODE AND UA.USER_ID = ".$USER->GetID().")" : "")."))";
}
if (
!empty($arParams)
&& array_key_exists("CHECK_CRM_RIGHTS", $arParams)
&& $arParams["CHECK_CRM_RIGHTS"] == "Y"
&& array_key_exists("USER_ID", $arParams)
)
{
$arSqls["CRM_RIGHTS"] = "";
}
if (
$arParams["USE_SUBSCRIBE"] == "Y"
&& intval($arParams["SUBSCRIBE_USER_ID"]) > 0
)
{
$arSqls["SUBSCRIBE"] = CSocNetLogEvents::GetSQL(
$arParams["SUBSCRIBE_USER_ID"],
(is_array($arParams["MY_ENTITIES"]) ? $arParams["MY_ENTITIES"] : array()),
$arParams["TRANSPORT"],
$arParams["VISIBLE"],
"LC"
);
}
$arSqls["SELECT"] = str_replace("%%_DISTINCT_%%", $strDistinct, $arSqls["SELECT"]);
if (is_array($arGroupBy) && count($arGroupBy)==0)
{
$strSql =
"SELECT ".$arSqls["SELECT"]." ".
$obUserFieldsSql->GetSelect()." ".
"FROM b_sonet_log_comment LC ".
" ".$arSqls["FROM"]." ".
$obUserFieldsSql->GetJoin("LC.ID")." ";
$bWhereStarted = false;
if (strlen($arSqls["WHERE"]) > 0)
{
$strSql .= "WHERE ".$arSqls["WHERE"]." ".(strlen($arSqls["SUBSCRIBE"]) > 0 ? "AND (".$arSqls["SUBSCRIBE"].") " : "");
$bWhereStarted = true;
}
elseif (strlen($arSqls["SUBSCRIBE"]) > 0)
{
$strSql .= "WHERE (".$arSqls["SUBSCRIBE"].") ";
$bWhereStarted = true;
}
if (strlen($strSqlUFFilter) > 0)
{
$strSql .= ($bWhereStarted ? " AND " : " WHERE ").$strSqlUFFilter." ";
$bWhereStarted = true;
}
if (strlen($arSqls["RIGHTS"]) > 0)
{
$strSql .= ($bWhereStarted ? " AND " : " WHERE ").$arSqls["RIGHTS"]." ";
$bWhereStarted = true;
}
if (strlen($arSqls["CRM_RIGHTS"]) > 0)
{
$strSql .= ($bWhereStarted ? " AND " : " WHERE ").$arSqls["CRM_RIGHTS"]." ";
$bWhereStarted = true;
}
if (strlen($arSqls["GROUPBY"]) > 0)
$strSql .= "GROUP BY ".$arSqls["GROUPBY"]." ";
//echo "!1!=".htmlspecialcharsbx($strSql)."<br>";
$dbRes = $DB->Query($strSql, false, "File: ".__FILE__."<br>Line: ".__LINE__);
if ($arRes = $dbRes->Fetch())
return $arRes["CNT"];
else
return false;
}
$strSql =
"SELECT ".$arSqls["SELECT"]." ".
$obUserFieldsSql->GetSelect()." ".
"FROM b_sonet_log_comment LC ".
" ".$arSqls["FROM"]." ".
$obUserFieldsSql->GetJoin("LC.ID")." ";
$bWhereStarted = false;
if (strlen($arSqls["WHERE"]) > 0)
{
$strSql .= "WHERE ".$arSqls["WHERE"]." ".(strlen($arSqls["SUBSCRIBE"]) > 0 ? "AND (".$arSqls["SUBSCRIBE"].") " : "");
$bWhereStarted = true;
}
elseif (strlen($arSqls["SUBSCRIBE"]) > 0)
{
$strSql .= "WHERE (".$arSqls["SUBSCRIBE"].") ";
$bWhereStarted = true;
}
if (strlen($strSqlUFFilter) > 0)
{
$strSql .= ($bWhereStarted ? " AND " : " WHERE ").$strSqlUFFilter." ";
$bWhereStarted = true;
}
if (strlen($arSqls["RIGHTS"]) > 0)
{
$strSql .= ($bWhereStarted ? " AND " : " WHERE ").$arSqls["RIGHTS"]." ";
$bWhereStarted = true;
}
if (strlen($arSqls["CRM_RIGHTS"]) > 0)
{
$strSql .= ($bWhereStarted ? " AND " : " WHERE ").$arSqls["CRM_RIGHTS"]." ";
$bWhereStarted = true;
}
if (strlen($arSqls["GROUPBY"]) > 0)
$strSql .= "GROUP BY ".$arSqls["GROUPBY"]." ";
if (strlen($arSqls["ORDERBY"]) > 0)
$strSql .= "ORDER BY ".$arSqls["ORDERBY"]." ";
if (is_array($arNavStartParams) && IntVal($arNavStartParams["nTopCount"]) <= 0)
{
$strSql_tmp =
"SELECT COUNT('x') as CNT ".
$obUserFieldsSql->GetSelect()." ".
"FROM b_sonet_log_comment LC ".
" ".$arSqls["FROM"]." ".
$obUserFieldsSql->GetJoin("LC.ID")." ";
$bWhereStarted = false;
if (strlen($arSqls["WHERE"]) > 0)
{
$strSql_tmp .= "WHERE ".$arSqls["WHERE"]." ".(strlen($arSqls["SUBSCRIBE"]) > 0 ? "AND (".$arSqls["SUBSCRIBE"].") " : "");
$bWhereStarted = true;
}
elseif (strlen($arSqls["SUBSCRIBE"]) > 0)
{
$strSql_tmp .= "WHERE (".$arSqls["SUBSCRIBE"].") ";
$bWhereStarted = true;
}
if (strlen($strSqlUFFilter) > 0)
{
$strSql_tmp .= ($bWhereStarted ? " AND " : " WHERE ").$strSqlUFFilter." ";
$bWhereStarted = true;
}
if (strlen($arSqls["RIGHTS"]) > 0)
{
$strSql_tmp .= ($bWhereStarted ? " AND " : " WHERE ").$arSqls["RIGHTS"]." ";
$bWhereStarted = true;
}
if (strlen($arSqls["CRM_RIGHTS"]) > 0)
{
$strSql_tmp .= ($bWhereStarted ? " AND " : " WHERE ").$arSqls["CRM_RIGHTS"]." ";
$bWhereStarted = true;
}
if (strlen($arSqls["GROUPBY"]) > 0)
$strSql_tmp .= "GROUP BY ".$arSqls["GROUPBY"]." ";
//echo "!2.1!=".htmlspecialcharsbx($strSql_tmp)."<br>";
$dbRes = $DB->Query($strSql_tmp, false, "File: ".__FILE__."<br>Line: ".__LINE__);
$cnt = 0;
if (strlen($arSqls["GROUPBY"]) <= 0)
{
if ($arRes = $dbRes->Fetch())
$cnt = $arRes["CNT"];
}
else
{
// рнкэйн дкъ MYSQL!!! дкъ ORACLE дпсцни йнд
$cnt = $dbRes->SelectedRowsCount();
}
$dbRes = new CDBResult();
//echo "!2.2!=".htmlspecialcharsbx($strSql)."<br>";
$dbRes->SetUserFields($USER_FIELD_MANAGER->GetUserFields("SONET_COMMENT"));
$dbRes->NavQuery($strSql, $cnt, $arNavStartParams);
}
else
{
if (is_array($arNavStartParams) && IntVal($arNavStartParams["nTopCount"]) > 0)
$strSql .= "LIMIT ".intval($arNavStartParams["nTopCount"]);
//echo "!3!=".htmlspecialcharsbx($strSql)."<br>";
$dbRes = $DB->Query($strSql, false, "File: ".__FILE__."<br>Line: ".__LINE__);
$dbRes->SetUserFields($USER_FIELD_MANAGER->GetUserFields("SONET_COMMENT"));
}
return $dbRes;
}
public static function GetSocNetUserPerms($postId = 0, $authorId = 0)
{
global $APPLICATION, $USER, $AR_BLOG_PERMS, $BLOG_POST;
$userId = IntVal($USER->GetID());
$postId = IntVal($postId);
$authorId = IntVal($authorId);
if($postId <= 0)
return false;
$perms = BLOG_PERMS_DENY;
$blogModulePermissions = $APPLICATION->GetGroupRight("blog");
if($authorId > 0 && $userId == $authorId)
$perms = BLOG_PERMS_FULL;
elseif ($blogModulePermissions >= "W" || CSocNetUser::IsCurrentUserModuleAdmin())
{
end($AR_BLOG_PERMS);
$perms = key($AR_BLOG_PERMS);
reset($AR_BLOG_PERMS);
}
if($perms <= BLOG_PERMS_DENY)
{
$arPerms = CBlogPost::GetSocNetPerms($postId);
$arEntities = Array();
if (isset($BLOG_POST["UAC_CACHE_".$userId]) && !empty($BLOG_POST["UAC_CACHE_".$userId]))
{
$arEntities = $BLOG_POST["UAC_CACHE_".$userId];
}
else
{
$dbA = CAccess::GetUserCodes($userId);
while($arA = $dbA->Fetch())
{
if($arA["PROVIDER_ID"] == "intranet")
{
$arEntities["DR"][$arA["ACCESS_CODE"]] = $arA["ACCESS_CODE"];
}
elseif($arA["PROVIDER_ID"] == "socnetgroup")
{
$g = substr($arA["ACCESS_CODE"], 2);
$gId = IntVal($g);
$gR = substr($g, strpos($g, "_")+1);
$arEntities["SG"][$gId][$gR] = $gR;
}
}
$BLOG_POST["UAC_CACHE_".$userId] = $arEntities;
}
if(!empty($arEntities["DR"]) && !empty($arPerms["DR"]))
{
foreach($arPerms["DR"] as $id => $val)
{
if(isset($arEntities["DR"]["DR".$id]))
{
$perms = BLOG_PERMS_READ;
break;
}
}
}
if((!empty($arPerms["U"][$userId]) && in_array("US".$userId, $arPerms["U"][$userId])) || ($authorId >0 && $userId == $authorId)) // if author
$perms = BLOG_PERMS_FULL;
else
{
if($authorId <= 0)
{
foreach($arPerms["U"] as $id => $p)
{
if(in_array("US".$id, $p))
{
$authorId = $id;
break;
}
}
}
if(!empty($arPerms["U"][$userId]) || (!empty($arPerms["U"][$authorId]) && in_array("US".$authorId, $arPerms["U"][$authorId])) || $perms == BLOG_PERMS_READ)
{
if (CSocNetFeaturesPerms::CanPerformOperation($userId, SONET_ENTITY_USER, $authorId, "blog", "write_comment"))
$perms = BLOG_PERMS_WRITE;
elseif (CSocNetFeaturesPerms::CanPerformOperation($userId, SONET_ENTITY_USER, $authorId, "blog", "premoderate_comment"))
$perms = BLOG_PERMS_PREMODERATE;
elseif (CSocNetFeaturesPerms::CanPerformOperation($userId, SONET_ENTITY_USER, $authorId, "blog", "view_comment"))
$perms = BLOG_PERMS_READ;
}
}
if($perms <= BLOG_PERMS_FULL)
{
$arGroupsId = Array();
if(!empty($arPerms["SG"]))
{
foreach($arPerms["SG"] as $gid => $val)
{
//if(!empty($arEntities["SG"][$gid]))
$arGroupsId[] = $gid;
}
$operation = Array("full_comment", "moderate_comment", "write_comment", "premoderate_comment");
if($perms < BLOG_PERMS_READ)
$operation[] = "view_comment";
}
if(!empty($arGroupsId))
{
foreach($operation as $v)
{
if($perms <= BLOG_PERMS_READ)
{
$f = CSocNetFeaturesPerms::GetOperationPerm(SONET_ENTITY_GROUP, $arGroupsId, "blog", $v);
if(!empty($f))
{
foreach($f as $gid => $val)
{
if((!empty($arEntities["SG"][$gid]) && in_array($val, $arEntities["SG"][$gid])) || $val == SONET_ROLES_ALL || ($userId > 0 && $val == SONET_ROLES_AUTHORIZED))
{
switch($v)
{
case "full_comment":
$perms = BLOG_PERMS_FULL;
break;
case "moderate_comment":
$perms = BLOG_PERMS_MODERATE;
break;
case "write_comment":
$perms = BLOG_PERMS_WRITE;
break;
case "premoderate_comment":
$perms = BLOG_PERMS_PREMODERATE;
break;
case "view_comment":
$perms = BLOG_PERMS_READ;
break;
}
}
}
}
}
}
}
}
}
return $perms;
}
function GetSocNetUserPerms($postId = 0, $authorId = 0)
{
global $APPLICATION, $USER, $AR_BLOG_PERMS;
$userId = IntVal($USER->GetID());
$postId = IntVal($postId);
$authorId = IntVal($authorId);
if ($postId <= 0) {
return false;
}
$perms = BLOG_PERMS_DENY;
$blogModulePermissions = $APPLICATION->GetGroupRight("blog");
if ($authorId > 0 && $userId == $authorId) {
$perms = BLOG_PERMS_FULL;
} elseif ($blogModulePermissions >= "W" || CSocNetUser::IsCurrentUserModuleAdmin()) {
end($AR_BLOG_PERMS);
$perms = key($AR_BLOG_PERMS);
reset($AR_BLOG_PERMS);
}
if ($perms <= BLOG_PERMS_DENY) {
$arPerms = CBlogPost::GetSocNetPerms($postId);
$arEntities = array();
if (!empty(CBlogPost::$arUACCache[$userId])) {
$arEntities = CBlogPost::$arUACCache[$userId];
} else {
$arCodes = CAccess::GetUserCodesArray($userId);
foreach ($arCodes as $code) {
if (preg_match('/^DR([0-9]+)/', $code, $match) || preg_match('/^D([0-9]+)/', $code, $match) || preg_match('/^IU([0-9]+)/', $code, $match)) {
$arEntities["DR"][$code] = $code;
} elseif (preg_match('/^SG([0-9]+)_([A-Z])/', $code, $match)) {
$arEntities["SG"][$match[1]][$match[2]] = $match[2];
}
}
CBlogPost::$arUACCache[$userId] = $arEntities;
}
if (!empty($arEntities["DR"]) && !empty($arPerms["DR"])) {
foreach ($arPerms["DR"] as $id => $val) {
if (isset($arEntities["DR"]["DR" . $id])) {
$perms = BLOG_PERMS_READ;
break;
}
}
}
if (!empty($arPerms["U"][$userId]) && in_array("US" . $userId, $arPerms["U"][$userId]) || $authorId > 0 && $userId == $authorId) {
// if author
$perms = BLOG_PERMS_FULL;
} else {
if ($authorId <= 0) {
foreach ($arPerms["U"] as $id => $p) {
if (in_array("US" . $id, $p)) {
$authorId = $id;
break;
}
}
}
if (!empty($arPerms["U"][$userId]) || !empty($arPerms["U"][$authorId]) && in_array("US" . $authorId, $arPerms["U"][$authorId]) || $perms == BLOG_PERMS_READ) {
if (CSocNetFeaturesPerms::CanPerformOperation($userId, SONET_ENTITY_USER, $authorId, "blog", "write_comment")) {
$perms = BLOG_PERMS_WRITE;
} elseif (CSocNetFeaturesPerms::CanPerformOperation($userId, SONET_ENTITY_USER, $authorId, "blog", "premoderate_comment")) {
$perms = BLOG_PERMS_PREMODERATE;
} elseif (CSocNetFeaturesPerms::CanPerformOperation($userId, SONET_ENTITY_USER, $authorId, "blog", "view_comment")) {
$perms = BLOG_PERMS_READ;
}
}
}
if ($perms <= BLOG_PERMS_FULL) {
$arGroupsId = array();
if (!empty($arPerms["SG"])) {
foreach ($arPerms["SG"] as $gid => $val) {
//if(!empty($arEntities["SG"][$gid]))
$arGroupsId[] = $gid;
}
$operation = array("full_comment", "moderate_comment", "write_comment", "premoderate_comment");
if ($perms < BLOG_PERMS_READ) {
$operation[] = "view_comment";
}
}
if (!empty($arGroupsId)) {
foreach ($operation as $v) {
if ($perms <= BLOG_PERMS_READ) {
$f = CSocNetFeaturesPerms::GetOperationPerm(SONET_ENTITY_GROUP, $arGroupsId, "blog", $v);
if (!empty($f)) {
foreach ($f as $gid => $val) {
if (!empty($arEntities["SG"][$gid]) && in_array($val, $arEntities["SG"][$gid]) || $val == SONET_ROLES_ALL || $userId > 0 && $val == SONET_ROLES_AUTHORIZED) {
switch ($v) {
case "full_comment":
$perms = BLOG_PERMS_FULL;
break;
case "moderate_comment":
$perms = BLOG_PERMS_MODERATE;
break;
case "write_comment":
$perms = BLOG_PERMS_WRITE;
break;
case "premoderate_comment":
$perms = BLOG_PERMS_PREMODERATE;
break;
case "view_comment":
$perms = BLOG_PERMS_READ;
break;
}
}
}
}
}
}
}
}
}
return $perms;
}
function GetSocNetPostPerms($postId = 0, $bNeedFull = false, $userId = false)
{
if (!$userId) {
$userId = IntVal($GLOBALS["USER"]->GetID());
$bByUserId = false;
} else {
$userId = IntVal($userId);
$bByUserId = true;
}
$postId = IntVal($postId);
if ($postId <= 0) {
return false;
}
$perms = BLOG_PERMS_DENY;
$arAvailPerms = array_keys($GLOBALS["AR_BLOG_PERMS"]);
if (!$bByUserId) {
$blogModulePermissions = $GLOBALS["APPLICATION"]->GetGroupRight("blog");
if ($blogModulePermissions >= "W" || CSocNetUser::IsCurrentUserModuleAdmin()) {
$perms = $arAvailPerms[count($arAvailPerms) - 1];
}
} else {
if (CSocNetUser::IsUserModuleAdmin($userId)) {
$perms = $arAvailPerms[count($arAvailPerms) - 1];
}
}
$arPost = CBlogPost::GetByID($postId);
if ($arPost["AUTHOR_ID"] == $userId) {
$perms = BLOG_PERMS_FULL;
}
if ($perms <= BLOG_PERMS_DENY) {
$arPerms = CBlogPost::GetSocNetPerms($postId);
$arEntities = array();
if (isset($GLOBALS["BLOG_POST"]["UAC_CACHE_" . $userId]) && !empty($GLOBALS["BLOG_POST"]["UAC_CACHE_" . $userId])) {
$arEntities = $GLOBALS["BLOG_POST"]["UAC_CACHE_" . $userId];
} else {
$dbA = CAccess::GetUserCodes($userId);
while ($arA = $dbA->Fetch()) {
if ($arA["PROVIDER_ID"] == "intranet") {
$arEntities["DR"][] = $arA["ACCESS_CODE"];
} elseif ($arA["PROVIDER_ID"] == "socnetgroup") {
$g = substr($arA["ACCESS_CODE"], 2);
$gId = IntVal($g);
$gR = substr($g, strpos($g, "_") + 1);
$arEntities["SG"][$gId][] = $gR;
}
}
$GLOBALS["BLOG_POST"]["UAC_CACHE_" . $userId] = $arEntities;
}
foreach ($arPerms as $t => $val) {
foreach ($val as $id => $p) {
if ($userId > 0 && $t == "U" && $userId == $id) {
$perms = BLOG_PERMS_READ;
if (in_array("US" . $userId, $p)) {
// if author
$perms = BLOG_PERMS_FULL;
}
break;
}
if (in_array("G2", $p)) {
$perms = BLOG_PERMS_READ;
break;
}
if ($userId > 0 && in_array("AU", $p)) {
$perms = BLOG_PERMS_READ;
break;
}
if ($t == "SG") {
if (!empty($arEntities["SG"][$id])) {
foreach ($arEntities["SG"][$id] as $gr) {
if (in_array("SG" . $id . "_" . $gr, $p)) {
$perms = BLOG_PERMS_READ;
break;
}
}
}
}
if ($t == "DR") {
if (in_array("DR" . $id, $arEntities["DR"])) {
$perms = BLOG_PERMS_READ;
break;
}
}
}
if ($perms > BLOG_PERMS_DENY) {
break;
}
}
if ($bNeedFull && $perms <= BLOG_PERMS_FULL) {
$arGroupsId = array();
if (!empty($arPerms["SG"])) {
foreach ($arPerms["SG"] as $gid => $val) {
if (!empty($arEntities["SG"][$gid])) {
$arGroupsId[] = $gid;
}
}
}
$operation = array("full_post", "moderate_post", "write_post", "premoderate_post");
if (!empty($arGroupsId)) {
foreach ($operation as $v) {
if ($perms <= BLOG_PERMS_READ) {
$f = CSocNetFeaturesPerms::GetOperationPerm(SONET_ENTITY_GROUP, $arGroupsId, "blog", $v);
if (!empty($f)) {
foreach ($f as $gid => $val) {
if (in_array($val, $arEntities["SG"][$gid])) {
switch ($v) {
case "full_post":
$perms = BLOG_PERMS_FULL;
break;
case "moderate_post":
$perms = BLOG_PERMS_MODERATE;
break;
case "write_post":
$perms = BLOG_PERMS_WRITE;
break;
case "premoderate_post":
$perms = BLOG_PERMS_PREMODERATE;
break;
}
}
}
}
}
}
}
}
}
return $perms;
}
public static function SearchUsers($search, $nameTemplate = "", $bSelf = true, $bEmployeesOnly = false, $bExtranetOnly = false, $departmentId = false)
{
CUtil::JSPostUnescape();
$arUsers = array();
$search = trim($search);
if (strlen($search) <= 0 || !GetFilterQuery("TEST", $search)) {
return $arUsers;
}
$bIntranetEnable = IsModuleInstalled('intranet');
$bExtranetEnable = CModule::IncludeModule('extranet');
$bBitrix24Enable = IsModuleInstalled('bitrix24');
$bExtranetUser = $bExtranetEnable && !CExtranet::IsIntranetUser();
$current_user_id = intval($GLOBALS["USER"]->GetID());
if ($bExtranetEnable) {
CSocNetTools::InitGlobalExtranetArrays();
}
$arSearchValue = preg_split('/\\s+/', trim(ToUpper($search)));
array_walk($arSearchValue, array('CSocNetLogDestination', '__percent_walk'));
$arFilter = array(array('LOGIC' => 'OR', 'NAME' => $arSearchValue, 'LAST_NAME' => $arSearchValue, '%=EMAIL' => $search, '%=LOGIN' => $search), 'ACTIVE' => 'Y');
if ($bIntranetEnable || COption::GetOptionString("main", "new_user_registration_email_confirmation", "N") == "Y") {
$arFilter["CONFIRM_CODE"] = false;
}
if ($bEmployeesOnly || $bBitrix24Enable && !$bExtranetEnable) {
$arFilter["!UF_DEPARTMENT"] = false;
} elseif ($bExtranetOnly) {
$arFilter["UF_DEPARTMENT"] = false;
}
if ($bIntranetEnable && $bExtranetEnable && ($bExtranetUser || !$bEmployeesOnly)) {
$arFilteredUserIDs = CExtranet::GetMyGroupsUsersSimple(CExtranet::GetExtranetSiteID());
if ($bExtranetUser) {
$arFilter["ID"] = array_merge(array($current_user_id), $arFilteredUserIDs);
} else {
$arFilter[] = array('LOGIC' => 'OR', '!UF_DEPARTMENT' => false, 'ID' => array_merge(array($current_user_id), $arFilteredUserIDs));
}
}
$arSelect = array("ID", "NAME", "LAST_NAME", "SECOND_NAME", "EMAIL", "LOGIN", "WORK_POSITION", "PERSONAL_PROFESSION", "PERSONAL_PHOTO", "PERSONAL_GENDER", new \Bitrix\Main\Entity\ExpressionField('MAX_LAST_USE_DATE', 'MAX(%s)', array('\\Bitrix\\Main\\FinderDest:CODE_USER_CURRENT.LAST_USE_DATE')));
// $arFilter["\Bitrix\Main\FinderDest:CODE_USER_CURRENT.USER_ID"] = array(false, intval($GLOBALS["USER"]->GetID()));
$helper = \Bitrix\Main\Application::getConnection()->getSqlHelper();
$connection = \Bitrix\Main\Application::getConnection();
$castType = $connection instanceof \Bitrix\Main\DB\MysqlCommonConnection ? 'UNSIGNED' : 'INT';
$arFilter["@ID"] = new \Bitrix\Main\DB\SqlExpression('
(SELECT
CAST(' . $helper->quote("MAIN_USER_TMP20258") . '.' . $helper->quote("ID") . ' AS ' . $castType . ') AS ' . $helper->quote("ID") . '
FROM b_user ' . $helper->quote("MAIN_USER_TMP20258") . '
LEFT JOIN
b_finder_dest ' . $helper->quote("TALIAS_1_TMP20258") . '
ON
' . $helper->quote("TALIAS_1_TMP20258") . '.' . $helper->quote("CODE_USER_ID") . ' = ' . $helper->quote("MAIN_USER_TMP20258") . '.' . $helper->quote("ID") . '
AND ' . $helper->quote("TALIAS_1_TMP20258") . '.' . $helper->quote("USER_ID") . ' = ' . intval($GLOBALS["USER"]->GetID()) . '
WHERE (
' . $helper->quote("TALIAS_1_TMP20258") . '.' . $helper->quote("USER_ID") . ' IS NULL
or ' . $helper->quote("TALIAS_1_TMP20258") . '.' . $helper->quote("USER_ID") . ' in (0, ' . intval($GLOBALS["USER"]->GetID()) . ')
)
)');
$rsUser = \Bitrix\Main\UserTable::getList(array('order' => array("\\Bitrix\\Main\\FinderDest:CODE_USER_CURRENT.LAST_USE_DATE" => 'DESC', 'LAST_NAME' => 'ASC'), 'filter' => $arFilter, 'select' => $arSelect, 'limit' => 50, 'data_doubling' => false));
while ($arUser = $rsUser->fetch()) {
if (!$bSelf && $current_user_id == $arUser['ID']) {
continue;
}
if (intval($departmentId) > 0) {
$arUserGroupCode = CAccess::GetUserCodesArray($arUser["ID"]);
if (!in_array("DR" . intval($departmentId), $arUserGroupCode)) {
continue;
}
}
$sName = CUser::FormatName(empty($nameTemplate) ? CSite::GetNameFormat(false) : $nameTemplate, $arUser, true, true);
$arFileTmp = CFile::ResizeImageGet($arUser["PERSONAL_PHOTO"], array('width' => 32, 'height' => 32), BX_RESIZE_IMAGE_EXACT, false);
$arUsers['U' . $arUser["ID"]] = array('id' => 'U' . $arUser["ID"], 'entityId' => $arUser["ID"], 'name' => $sName, 'avatar' => empty($arFileTmp['src']) ? '' : $arFileTmp['src'], 'desc' => $arUser['WORK_POSITION'] ? $arUser['WORK_POSITION'] : ($arUser['PERSONAL_PROFESSION'] ? $arUser['PERSONAL_PROFESSION'] : ' '), 'isExtranet' => isset($GLOBALS["arExtranetUserID"]) && is_array($GLOBALS["arExtranetUserID"]) && in_array($arUser["ID"], $GLOBALS["arExtranetUserID"]) ? "Y" : "N");
$checksum = md5(serialize($arUsers['U' . $arUser["ID"]]));
$arUsers['U' . $arUser["ID"]]['checksum'] = $checksum;
}
return $arUsers;
}
public static function ClearStat($provider = false, $USER_ID = false)
{
global $DB;
$arWhere = array();
if ($provider !== false) {
$arWhere[] = "provider_id='" . $DB->ForSQL($provider) . "'";
}
if ($USER_ID !== false) {
$arWhere[] = "user_id=" . intval($USER_ID);
}
$sWhere = '';
if (!empty($arWhere)) {
$sWhere = " where " . implode(" and ", $arWhere);
}
$DB->Query("delete from b_user_access_check " . $sWhere);
if ($provider === false && $USER_ID === false) {
self::$arChecked = array();
} elseif ($USER_ID === false) {
unset(self::$arChecked[$provider]);
} elseif ($provider === false) {
foreach (self::$arChecked as $pr => $ar) {
unset(self::$arChecked[$pr][$USER_ID]);
}
} else {
unset(self::$arChecked[$provider][$USER_ID]);
}
}
public static function GetAccessNames()
{
$arCodes = array();
foreach (self::$accessNames as $code => $name) {
if ($name === null) {
$arCodes[] = $code;
}
}
if ($arCodes) {
$access = new CAccess();
$arNames = $access->GetNames($arCodes);
foreach ($arNames as $code => $name) {
self::$accessNames[$code] = trim(htmlspecialcharsbx($name['provider'] . ' ' . $name['name']));
}
}
return self::$accessNames;
}
