protected static function _socnet_type_check($USER, $iblock_type_id, $socnet_group_id) { if ($iblock_type_id === COption::GetOptionString("lists", "socnet_iblock_type_id")) { $socnet_role = CSocNetUserToGroup::GetUserRole($USER->GetID(), $socnet_group_id); if ($socnet_role == "A") { return CListPermissions::IS_ADMIN; } else { return CListPermissions::CAN_READ; } } else { return CListPermissions::WRONG_IBLOCK_TYPE; } }
function CanUserReadGroup($userID, $groupID) { $userID = IntVal($userID); $groupID = IntVal($groupID); if ($groupID <= 0) { return false; } $arGroup = CSocNetGroup::GetById($groupID); if ($arGroup == false) { return false; } if ($arGroup["OPENED"] == "Y") { return true; } $userRoleInGroup = CSocNetUserToGroup::GetUserRole($userID, $groupID); if ($userRoleInGroup == false) { return false; } if ($userRoleInGroup == SONET_ROLES_MODERATOR || $userRoleInGroup == SONET_ROLES_OWNER || $userRoleInGroup == SONET_ROLES_USER) { return true; } else { return false; } return false; }
function tasksTaskEditAjaxHandler() { global $DB; if (isset($_POST['NAME_TEMPLATE'])) { $nameTemplate = $_POST['NAME_TEMPLATE']; } else { $nameTemplate = CSite::getNameFormat(false); } if (!check_bitrix_sessid()) { die; } switch ($_POST['action']) { case 'tasks_isUserMemberOfGroup': if (!CModule::IncludeModule('socialnetwork')) { throw new Exception($_POST['action'] . ': socialnetwork module failed to load.'); } if (!isset($_POST['groupId']) || !isset($_POST['userId']) || $_POST['groupId'] < 0 || $_POST['userId'] < 0) { throw new Exception($_POST['action'] . ': invalid userId or groupId'); } $rc = CSocNetUserToGroup::GetUserRole((int) $_POST['userId'], (int) $_POST['groupId']); if ($rc === false || $rc == SONET_ROLES_REQUEST) { echo 'N'; } else { echo 'Y'; } break; case 'getWarnings': if (isset($_POST['TASK']['RESPONSIBLE_ID'])) { $responsibleId = (int) $_POST['TASK']['RESPONSIBLE_ID']; $responsibleName = '#unknown user#'; $rsUser = CUser::GetList($by = 'ID', $order = 'ASC', array('ID' => $responsibleId), array('FIELDS' => array('NAME', 'LAST_NAME', 'SECOND_NAME', 'LOGIN'))); if ($arUser = $rsUser->fetch()) { $responsibleName = CUser::FormatName($nameTemplate, array("NAME" => $arUser["NAME"], "LAST_NAME" => $arUser["LAST_NAME"], "SECOND_NAME" => $arUser["SECOND_NAME"], "LOGIN" => $arUser["LOGIN"]), true, false); } if (isset($_POST['TASK']['GROUP_ID']) && $_POST['TASK']['GROUP_ID']) { if (CModule::IncludeModule('socialnetwork')) { $rc = CSocNetUserToGroup::GetUserRole($responsibleId, (int) $_POST['TASK']['GROUP_ID']); if ($rc === false || $rc == SONET_ROLES_REQUEST) { $arGroup = CSocNetGroup::GetByID($_POST['TASK']['GROUP_ID']); echo '<div>' . htmlspecialcharsbx(str_replace(array('#FORMATTED_USER_NAME#', '#GROUP_NAME#'), array($responsibleName, $arGroup["NAME"]), GetMessage('TASKS_WARNING_RESPONSIBLE_NOT_IN_TASK_GROUP'))) . "</div>\n"; } } } if (CModule::IncludeModule('intranet')) { $dt = ConvertTimeStamp(false, 'SHORT'); $arAbsenceData = CIntranetUtils::GetAbsenceData(array('USERS' => array($responsibleId), 'DATE_START' => $dt, 'DATE_FINISH' => $dt, 'PER_USER' => false), $MODE = BX_INTRANET_ABSENCE_ALL); $curTs = MakeTimeStamp(ConvertTimeStamp(false, 'FULL')); if (isset($arAbsenceData[0])) { if (array_key_exists('DATE_ACTIVE_FROM', $arAbsenceData[0]) && array_key_exists('DATE_ACTIVE_TO', $arAbsenceData[0])) { $fromTs = MakeTimeStamp($arAbsenceData[0]['DATE_ACTIVE_FROM']); $toTs = MakeTimeStamp($arAbsenceData[0]['DATE_ACTIVE_TO']); } else { $fromTs = MakeTimeStamp($arAbsenceData[0]['DATE_FROM']); $toTs = MakeTimeStamp($arAbsenceData[0]['DATE_TO']); } if ($toTs > $curTs) { $from = FormatDate($DB->DateFormatToPhp(CSite::GetDateFormat(CIntranetUtils::IsDateTime($fromTs) ? 'FULL' : 'SHORT')), $fromTs); $to = FormatDate($DB->DateFormatToPhp(CSite::GetDateFormat(CIntranetUtils::IsDateTime($toTs) ? 'FULL' : 'SHORT')), $toTs); echo '<div>' . htmlspecialcharsbx(str_replace(array('#FORMATTED_USER_NAME#', '#DATE_FROM#', '#DATE_TO#', '#ABSCENCE_REASON#'), array($responsibleName, $from, $to, $arAbsenceData[0]['NAME']), GetMessage('TASKS_WARNING_RESPONSIBLE_IS_ABSENCE'))) . '</div>'; } } } } break; default: throw new Exception('Requested action is unknown!'); break; } }
$arGroupSites[] = $arGroupSite["LID"]; } if (!in_array(SITE_ID, $arGroupSites)) { $arResult["FatalError"] = GetMessage("SONET_P_USER_NO_GROUP"); } else { $arResult["Group"] = $arGroup; $arResult["Urls"]["Group"] = CComponentEngine::MakePathFromTemplate($arParams["PATH_TO_GROUP"], array("group_id" => $arResult["Group"]["ID"])); $arResult["CurrentUserPerms"] = CSocNetUserToGroup::InitUserPerms($GLOBALS["USER"]->GetID(), $arResult["Group"], CSocNetUser::IsCurrentUserModuleAdmin()); if (!$arResult["CurrentUserPerms"] || !$arResult["CurrentUserPerms"]["UserCanInitiate"]) { $arResult["FatalError"] = GetMessage("SONET_C11_NO_PERMS") . ". "; } else { $arResult["IsCurrentUser"] = $GLOBALS["USER"]->GetID() == $arResult["User"]["ID"]; $arResult["CurrentUserRelation"] = CSocNetUserRelations::GetRelation($GLOBALS["USER"]->GetID(), $arResult["User"]["ID"]); $arResult["CurrentUserPerms"]["ViewProfile"] = $arResult["IsCurrentUser"] || CSocNetUserPerms::CanPerformOperation($GLOBALS["USER"]->GetID(), $arResult["User"]["ID"], "viewprofile", CSocNetUser::IsCurrentUserModuleAdmin()); $arResult["CurrentUserPerms"]["InviteGroup"] = CSocNetUserPerms::CanPerformOperation($GLOBALS["USER"]->GetID(), $arResult["User"]["ID"], "invitegroup", CSocNetUser::IsCurrentUserModuleAdmin()); $user2groupRelation = CSocNetUserToGroup::GetUserRole($arResult["User"]["ID"], $arResult["Group"]["ID"]); if ($arResult["IsCurrentUser"]) { $arResult["FatalError"] = GetMessage("SONET_C11_ERR_SELF") . ". "; } elseif (!$arResult["CurrentUserPerms"]["InviteGroup"]) { $arResult["FatalError"] = GetMessage("SONET_C11_BAD_USER") . ". "; } elseif ($user2groupRelation) { $arResult["FatalError"] = GetMessage("SONET_C11_BAD_RELATION") . ". "; } else { $arResult["ShowForm"] = "Input"; if ($_SERVER["REQUEST_METHOD"] == "POST" && strlen($_POST["save"]) > 0 && check_bitrix_sessid()) { $errorMessage = ""; if (strlen($_POST["MESSAGE"]) <= 0) { $errorMessage .= GetMessage("SONET_C11_NO_MESSAGE") . ". "; } if (strlen($errorMessage) <= 0 && !CSocNetUserToGroup::SendRequestToJoinGroup($GLOBALS["USER"]->GetID(), $arResult["User"]["ID"], $arResult["Group"]["ID"], $_POST["MESSAGE"]) && ($e = $APPLICATION->GetException())) { $errorMessage .= $e->GetString();
function GetUserGroups($documentType = null, $documentId = null, $userId = 0) { $documentType = trim(is_array($documentType) ? $documentType[2] : $documentType); if (is_array($documentType)) { $documentType = null; } else { $documentType = $documentType == null || $documentType == '' ? null : $documentType; } $userId = intVal($userId); $documentIdReal = $documentId = is_array($documentId) ? $documentId[2] : $documentId; $documentId = intVal($documentId); $arParameters = array(); if ($documentType == null && $documentId <= 0 || $userId <= 0) { return false; } elseif ($documentType != null) { $res = explode("_", $documentType); if (count($res) != 4) { return false; } $arParameters = array("IBlockId" => intval($res[1]), "OwnerType" => $res[2], "OwnerId" => intval($res[3])); } if ($documentId > 0) { $db_res = CIBlockElement::GetList(array(), array("ID" => $documentId, "SHOW_NEW" => "Y", "SHOW_HISTORY" => "Y"), false, false, array("ID", "IBLOCK_ID", "CREATED_BY", "IBLOCK_SECTION_ID")); if ($db_res && ($arElement = $db_res->Fetch())) { $dbSectionsChain = CIBlockSection::GetNavChain($arElement["IBLOCK_ID"], $arElement["IBLOCK_SECTION_ID"]); if ($arSect = $dbSectionsChain->Fetch()) { $arParameters["OwnerType"] = intVal($arSect["SOCNET_GROUP_ID"]) > 0 ? "group" : "user"; $arParameters["OwnerId"] = intVal($arSect["SOCNET_GROUP_ID"]) > 0 ? $arSect["SOCNET_GROUP_ID"] : $arSect["CREATED_BY"]; $arParameters["IBlockId"] = $arElement["IBLOCK_ID"]; $arParameters["CreatedBy"] = $arElement["CREATED_BY"]; } } } $arParameters["UserGroups"] = array(); if ($arParameters["OwnerType"] == "group") { $arParameters["UserGroups"][] = SONET_ROLES_ALL; $r = CSocNetUserToGroup::GetUserRole($userId, $arParameters["OwnerId"]); if (strlen($r) > 0) { $arParameters["UserGroups"][] = $r; foreach ($GLOBALS["arSocNetAllowedInitiatePerms"] as $perm) { if ($r < $perm) { $arParameters["UserGroups"][] = $perm; } } } } elseif ($arParameters["OwnerType"] == "user") { $arParameters["UserGroups"][] = SONET_RELATIONS_TYPE_ALL; if ($arParameters["OwnerId"] == $userId) { $arParameters["UserGroups"][] = SONET_RELATIONS_TYPE_NONE; } if (CSocNetUserRelations::IsFriends($userId, $arParameters["OwnerId"])) { $arParameters["UserGroups"][] = SONET_RELATIONS_TYPE_FRIENDS; } } if ($documentIdReal != null && ($documentId <= 0 || $userId > 0 && $userId == $arParameters["CreatedBy"])) { $arParameters["UserGroups"][] = "author"; } return $arParameters["UserGroups"]; }
function CanPerformOperation($userID, $type, $id, $feature, $operation, $bCurrentUserIsAdmin = false) { global $arSocNetAllowedEntityTypes; $arSocNetFeaturesSettings = CSocNetAllowed::GetAllowedFeatures(); $userID = IntVal($userID); if (is_array($id) && count($id) <= 0 || !is_array($id) && $id <= 0) { $GLOBALS["APPLICATION"]->ThrowException(GetMessage("SONET_GF_EMPTY_ENTITY_ID"), "ERROR_EMPTY_ENTITY_ID"); return false; } $type = Trim($type); if (StrLen($type) <= 0 || !in_array($type, $arSocNetAllowedEntityTypes)) { $GLOBALS["APPLICATION"]->ThrowException(GetMessage("SONET_GF_ERROR_NO_ENTITY_TYPE"), "ERROR_EMPTY_TYPE"); return false; } $featureOperationPerms = CSocNetFeaturesPerms::GetOperationPerm($type, $id, $feature, $operation); if ($type == SONET_ENTITY_GROUP) { $bWorkWithClosedGroups = COption::GetOptionString("socialnetwork", "work_with_closed_groups", "N") == "Y"; if (is_array($id)) { $arGroupToGet = array(); foreach ($id as $group_id) { if ($featureOperationPerms[$group_id] == false) { $arReturn[$group_id] = false; } else { $arGroupToGet[] = $group_id; } } $userRoleInGroup = CSocNetUserToGroup::GetUserRole($userID, $arGroupToGet); $arGroupToGet = array(); if (is_array($userRoleInGroup)) { foreach ($userRoleInGroup as $group_id => $role) { if ($userRoleInGroup[$group_id] == SONET_ROLES_BAN) { $arReturn[$group_id] = false; } else { $arGroupToGet[] = $group_id; } } } if (is_array($arGroupToGet) && count($arGroupToGet) <= 0 || !is_array($arGroupToGet) && intval($arGroupToGet) <= 0) { $arReturn = array(); foreach ($id as $group_id) { $arReturn[$group_id] = false; } return $arReturn; } $resGroupTmp = CSocNetGroup::GetList(array("ID" => "ASC"), array("ID" => $arGroupToGet)); while ($arGroupTmp = $resGroupTmp->Fetch()) { if ($arGroupTmp["CLOSED"] == "Y" && !in_array($operation, $arSocNetFeaturesSettings[$feature]["minoperation"])) { if (!$bWorkWithClosedGroups) { $arReturn[$arGroupTmp["ID"]] = false; continue; } else { $featureOperationPerms[$arGroupTmp["ID"]] = SONET_ROLES_OWNER; } } if ($bCurrentUserIsAdmin) { $arReturn[$arGroupTmp["ID"]] = true; continue; } if ($featureOperationPerms[$arGroupTmp["ID"]] == SONET_ROLES_ALL) { if ($arGroupTmp["VISIBLE"] == "N") { $featureOperationPerms[$arGroupTmp["ID"]] = SONET_ROLES_USER; } else { $arReturn[$arGroupTmp["ID"]] = true; continue; } } if ($featureOperationPerms[$arGroupTmp["ID"]] == SONET_ROLES_AUTHORIZED) { if ($userID > 0) { $arReturn[$arGroupTmp["ID"]] = true; continue; } else { $arReturn[$arGroupTmp["ID"]] = false; continue; } } if ($userRoleInGroup[$arGroupTmp["ID"]] == false) { $arReturn[$arGroupTmp["ID"]] = false; continue; } if ($featureOperationPerms[$arGroupTmp["ID"]] == SONET_ROLES_MODERATOR) { if ($userRoleInGroup[$arGroupTmp["ID"]] == SONET_ROLES_MODERATOR || $userRoleInGroup[$arGroupTmp["ID"]] == SONET_ROLES_OWNER) { $arReturn[$arGroupTmp["ID"]] = true; continue; } else { $arReturn[$arGroupTmp["ID"]] = false; continue; } } elseif ($featureOperationPerms[$arGroupTmp["ID"]] == SONET_ROLES_USER) { if ($userRoleInGroup[$arGroupTmp["ID"]] == SONET_ROLES_MODERATOR || $userRoleInGroup[$arGroupTmp["ID"]] == SONET_ROLES_OWNER || $userRoleInGroup[$arGroupTmp["ID"]] == SONET_ROLES_USER) { $arReturn[$arGroupTmp["ID"]] = true; continue; } else { $arReturn[$arGroupTmp["ID"]] = false; continue; } } elseif ($featureOperationPerms[$arGroupTmp["ID"]] == SONET_ROLES_OWNER) { if ($userRoleInGroup[$arGroupTmp["ID"]] == SONET_ROLES_OWNER) { $arReturn[$arGroupTmp["ID"]] = true; continue; } else { $arReturn[$arGroupTmp["ID"]] = false; continue; } } } return $arReturn; } else { $id = IntVal($id); if ($featureOperationPerms == false) { return false; } $userRoleInGroup = CSocNetUserToGroup::GetUserRole($userID, $id); if ($userRoleInGroup == SONET_ROLES_BAN) { return false; } $arGroupTmp = CSocNetGroup::GetByID($id); if ($arGroupTmp["CLOSED"] == "Y" && !in_array($operation, $arSocNetFeaturesSettings[$feature]["minoperation"])) { if (!$bWorkWithClosedGroups) { return false; } else { $featureOperationPerms = SONET_ROLES_OWNER; } } if ($bCurrentUserIsAdmin) { return true; } if ($featureOperationPerms == SONET_ROLES_ALL) { if ($arGroupTmp["VISIBLE"] == "N") { $featureOperationPerms = SONET_ROLES_USER; } else { return true; } } if ($featureOperationPerms == SONET_ROLES_AUTHORIZED) { return $userID > 0; } if ($userRoleInGroup == false) { return false; } if ($featureOperationPerms == SONET_ROLES_MODERATOR) { return in_array($userRoleInGroup, array(SONET_ROLES_MODERATOR, SONET_ROLES_OWNER)); } elseif ($featureOperationPerms == SONET_ROLES_USER) { return in_array($userRoleInGroup, array(SONET_ROLES_MODERATOR, SONET_ROLES_OWNER, SONET_ROLES_USER)); } elseif ($featureOperationPerms == SONET_ROLES_OWNER) { return $userRoleInGroup == SONET_ROLES_OWNER; } } } else { if (is_array($id)) { foreach ($id as $entity_id) { if ($featureOperationPerms[$entity_id] == false) { $arReturn[$entity_id] = false; continue; } $usersRelation = CSocNetUserRelations::GetRelation($userID, $entity_id); if ($type == SONET_ENTITY_USER && $userID == $entity_id) { $arReturn[$entity_id] = true; continue; } if ($bCurrentUserIsAdmin) { $arReturn[$entity_id] = true; continue; } if ($userID == $entity_id) { $arReturn[$entity_id] = true; continue; } if ($usersRelation == SONET_RELATIONS_BAN) { if (!IsModuleInstalled("im")) { $arReturn[$entity_id] = false; continue; } } if ($featureOperationPerms[$entity_id] == SONET_RELATIONS_TYPE_NONE) { $arReturn[$entity_id] = false; continue; } if ($featureOperationPerms[$entity_id] == SONET_RELATIONS_TYPE_ALL) { $arReturn[$entity_id] = true; continue; } if ($featureOperationPerms[$entity_id] == SONET_RELATIONS_TYPE_AUTHORIZED) { $arReturn[$entity_id] = $userID > 0; continue; } if ($featureOperationPerms[$entity_id] == SONET_RELATIONS_TYPE_FRIENDS || $featureOperationPerms[$entity_id] == SONET_RELATIONS_TYPE_FRIENDS2) { $arReturn[$entity_id] = CSocNetUserRelations::IsFriends($userID, $entity_id); continue; } } return $arReturn; } else { if ($featureOperationPerms == false) { return false; } if ($type == SONET_ENTITY_USER && $userID == $id) { return true; } if ($bCurrentUserIsAdmin) { return true; } if ($userID == $id) { return true; } $usersRelation = CSocNetUserRelations::GetRelation($userID, $id); if ($usersRelation == SONET_RELATIONS_BAN && !IsModuleInstalled("im")) { return false; } if ($featureOperationPerms == SONET_RELATIONS_TYPE_NONE) { return false; } if ($featureOperationPerms == SONET_RELATIONS_TYPE_ALL) { return true; } if ($featureOperationPerms == SONET_RELATIONS_TYPE_AUTHORIZED) { return $userID > 0; } if ($featureOperationPerms == SONET_RELATIONS_TYPE_FRIENDS || $featureOperationPerms == SONET_RELATIONS_TYPE_FRIENDS2) { return CSocNetUserRelations::IsFriends($userID, $id); } } } return false; }
$actionTaskId = intval($_GET['action_task_id']); $wf = trim($_GET['wf']); if ($actionTaskId > 0 && strlen($wf) > 0) { $arErrorsTmp = array(); $arTaskTmp = CIntranetTasks::GetById($actionTaskId); if (!$arTaskTmp) { $arErrorsTmp[] = GetMessage("INTS_NO_TASK") . ".<br />"; } if (count($arErrorsTmp) <= 0) { $arCurrentUserGroups = array(); if ($arTaskTmp["TaskType"] == "group") { $arCurrentUserGroups[] = SONET_ROLES_ALL; if ($GLOBALS["USER"]->IsAuthorized()) { $arCurrentUserGroups[] = SONET_ROLES_AUTHORIZED; } $r = CSocNetUserToGroup::GetUserRole($USER->GetID(), $arTaskTmp["OwnerId"]); if (strlen($r) > 0) { $arCurrentUserGroups[] = $r; } } else { $arCurrentUserGroups[] = SONET_RELATIONS_TYPE_ALL; if ($GLOBALS["USER"]->IsAuthorized()) { $arCurrentUserGroups[] = SONET_RELATIONS_TYPE_AUTHORIZED; } if (CSocNetUserRelations::IsFriends($USER->GetID(), $arTaskTmp["ownerId"])) { $arCurrentUserGroups[] = SONET_RELATIONS_TYPE_FRIENDS; } elseif (CSocNetUserRelations::IsFriends2($USER->GetID(), $arTaskTmp["ownerId"])) { $arCurrentUserGroups[] = SONET_RELATIONS_TYPE_FRIENDS2; } } if ($USER->GetID() == $arTaskTmp["CREATED_BY"]) {
function InitUserPerms($userID, $arGroup, $bCurrentUserIsAdmin) { global $arSocNetAllowedInitiatePerms; global $arSocNetAllowedSpamPerms; $arReturn = array(); $userID = IntVal($userID); $groupID = IntVal($arGroup["ID"]); $groupOwnerID = IntVal($arGroup["OWNER_ID"]); $groupInitiatePerms = Trim($arGroup["INITIATE_PERMS"]); $groupVisible = Trim($arGroup["VISIBLE"]); $groupOpened = Trim($arGroup["OPENED"]); $groupSpamPerms = Trim($arGroup["SPAM_PERMS"]); if ($groupID <= 0 || $groupOwnerID <= 0 || !in_array($groupInitiatePerms, $arSocNetAllowedInitiatePerms)) { return false; } $arReturn["Operations"] = array(); if (!in_array($groupSpamPerms, $arSocNetAllowedSpamPerms)) { $groupSpamPerms = "K"; } // UserRole - User role in group. False if user is not group member. // UserIsMember - True in user is group member. // UserIsOwner - True if user is group owner. // UserCanInitiate - True if user can invite friends to group. // UserCanViewGroup - True if user can view group. // UserCanAutoJoinGroup - True if user can join group automatically. // UserCanModifyGroup - True if user can modify group. // UserCanModerateGroup - True if user can moderate group. if ($userID <= 0) { $arReturn["UserRole"] = false; $arReturn["UserIsMember"] = false; $arReturn["UserIsOwner"] = false; $arReturn["UserCanInitiate"] = false; $arReturn["UserCanViewGroup"] = $groupVisible == "Y"; $arReturn["UserCanAutoJoinGroup"] = false; $arReturn["UserCanModifyGroup"] = false; $arReturn["UserCanModerateGroup"] = false; $arReturn["UserCanSpamGroup"] = false; $arReturn["InitiatedByType"] = false; $arReturn["Operations"]["viewsystemevents"] = false; } else { $arReturn["UserRole"] = CSocNetUserToGroup::GetUserRole($userID, $groupID); $arReturn["UserIsMember"] = $arReturn["UserRole"] && in_array($arReturn["UserRole"], array(SONET_ROLES_OWNER, SONET_ROLES_MODERATOR, SONET_ROLES_USER)); $arReturn["InitiatedByType"] = false; if ($arReturn["UserRole"] == SONET_ROLES_REQUEST) { $dbRelation = CSocNetUserToGroup::GetList(array(), array("USER_ID" => $userID, "GROUP_ID" => $groupID), false, false, array("INITIATED_BY_TYPE")); if ($arRelation = $dbRelation->Fetch()) { $arReturn["InitiatedByType"] = $arRelation["INITIATED_BY_TYPE"]; } } $arReturn["UserIsOwner"] = $userID == $groupOwnerID; if ($bCurrentUserIsAdmin) { $arReturn["UserCanInitiate"] = true; $arReturn["UserCanViewGroup"] = true; $arReturn["UserCanAutoJoinGroup"] = true; $arReturn["UserCanModifyGroup"] = true; $arReturn["UserCanModerateGroup"] = true; $arReturn["UserCanSpamGroup"] = true; $arReturn["Operations"]["viewsystemevents"] = true; } else { if ($arReturn["UserIsMember"]) { $arReturn["UserCanInitiate"] = $groupInitiatePerms == SONET_ROLES_OWNER && $arReturn["UserIsOwner"] || $groupInitiatePerms == SONET_ROLES_MODERATOR && in_array($arReturn["UserRole"], array(SONET_ROLES_OWNER, SONET_ROLES_MODERATOR)) || $groupInitiatePerms == SONET_ROLES_USER && $arReturn["UserIsMember"]; $arReturn["UserCanViewGroup"] = true; $arReturn["UserCanAutoJoinGroup"] = false; $arReturn["UserCanModifyGroup"] = $arReturn["UserIsOwner"]; $arReturn["UserCanModerateGroup"] = in_array($arReturn["UserRole"], array(SONET_ROLES_OWNER, SONET_ROLES_MODERATOR)); $arReturn["UserCanSpamGroup"] = $groupSpamPerms == SONET_ROLES_OWNER && $arReturn["UserIsOwner"] || $groupSpamPerms == SONET_ROLES_MODERATOR && in_array($arReturn["UserRole"], array(SONET_ROLES_OWNER, SONET_ROLES_MODERATOR)) || $groupSpamPerms == SONET_ROLES_USER && $arReturn["UserIsMember"] || $groupSpamPerms == SONET_ROLES_ALL; $arReturn["Operations"]["viewsystemevents"] = true; } else { $arReturn["UserCanInitiate"] = false; $arReturn["UserCanViewGroup"] = $groupVisible == "Y"; $arReturn["UserCanAutoJoinGroup"] = $arReturn["UserCanViewGroup"] && $groupOpened == "Y"; $arReturn["UserCanModifyGroup"] = false; $arReturn["UserCanModerateGroup"] = false; $arReturn["UserCanSpamGroup"] = $groupSpamPerms == SONET_ROLES_ALL; $arReturn["Operations"]["viewsystemevents"] = false; } } } if (CModule::IncludeModule('extranet') && CExtranet::IsExtranetSite()) { $arReturn["UserCanSpamGroup"] = true; } if (!CBXFeatures::IsFeatureEnabled("WebMessenger")) { $arReturn["UserCanSpamGroup"] = false; } return $arReturn; }
public static function GetIBlockPermission($iblock_id, $user_id) { global $USER; //IBlock permissions by default $Permission = CIBlock::GetPermission($iblock_id, $user_id); if ($Permission < "W") { $arIBlock = CIBlock::GetArrayByID($iblock_id); if ($arIBlock) { //Check if iblock is list $arListsPerm = CLists::GetPermission($arIBlock["IBLOCK_TYPE_ID"]); if (count($arListsPerm)) { //User groups if ($user_id == $USER->GetID()) { $arUserGroups = $USER->GetUserGroupArray(); } else { $arUserGroups = $USER->GetUserGroup($user_id); } //One of lists admins if (count(array_intersect($arListsPerm, $arUserGroups))) { $Permission = "X"; } } } } if ($Permission < "W" && $arIBlock["SOCNET_GROUP_ID"] && CModule::IncludeModule('socialnetwork')) { $arSocnetPerm = CLists::GetSocnetPermission($iblock_id); $socnet_role = CSocNetUserToGroup::GetUserRole($USER->GetID(), $arIBlock["SOCNET_GROUP_ID"]); $Permission = $arSocnetPerm[$socnet_role]; } return $Permission; }
function GetTasksList($iblockId, $arOrder = array("SORT" => "ASC"), $arFilter = array(), $arGroupBy = false, $arNavStartParams = false, $arSelectFields = array()) { global $USER; $iblockId = IntVal($iblockId); $arFilter["IBLOCK_ID"] = $iblockId; $arFilter["SHOW_NEW"] = "Y"; if (count($arSelectFields) > 0) { if (!in_array("IBLOCK_SECTION_ID", $arSelectFields)) { $arSelectFields[] = "IBLOCK_SECTION_ID"; } if (!in_array("ID", $arSelectFields)) { $arSelectFields[] = "ID"; } if (!in_array("IBLOCK_ID", $arSelectFields)) { $arSelectFields[] = "IBLOCK_ID"; } if (!in_array("CREATED_BY", $arSelectFields)) { $arSelectFields[] = "CREATED_BY"; } } $arResultList = array(); $arCache = array(); $isInSecurity = CModule::IncludeModule("security"); $dbTasksList = CIBlockElement::GetList($arOrder, $arFilter, $arGroupBy, $arNavStartParams, $arSelectFields); while ($obTask = $dbTasksList->GetNextElement()) { $arResult = array(); $arFields = $obTask->GetFields(); foreach ($arFields as $fieldKey => $fieldValue) { if (substr($fieldKey, 0, 1) == "~") { continue; } $arResult[$fieldKey] = $fieldValue; if (in_array($fieldKey, array("MODIFIED_BY", "CREATED_BY"))) { $arResult[$fieldKey . "_PRINTABLE"] = CIntranetTasks::PrepareUserForPrint($fieldValue); } elseif ($fieldKey == "DETAIL_TEXT") { if ($isInSecurity) { $filter = new CSecurityFilter(); $arResult["DETAIL_TEXT_PRINTABLE"] = $filter->TestXSS($arFields["~DETAIL_TEXT"]); $arResult["DETAIL_TEXT"] = $arResult["DETAIL_TEXT_PRINTABLE"]; } else { $arResult["DETAIL_TEXT_PRINTABLE"] = nl2br($arFields["DETAIL_TEXT"]); $arResult["DETAIL_TEXT"] = $arFields["DETAIL_TEXT"]; } } else { $arResult[$fieldKey . "_PRINTABLE"] = $fieldValue; } } $arProperties = $obTask->GetProperties(); foreach ($arProperties as $propertyKey => $propertyValue) { $arResult["PROPERTY_" . $propertyKey] = $propertyValue["VALUE"]; if (strtoupper($propertyKey) == "TASKCOMPLETE") { $ps = intval($propertyValue["VALUE"]); if ($ps > 100) { $ps = 100; } elseif ($ps < 0) { $ps = 0; } $arResult["PROPERTY_" . $propertyKey . "_PRINTABLE"] = '<div class="task-complete-bar-out" title="' . GetMessage("INTASK_L_TASKCOMPLETE", array("#PRC#" => IntVal($propertyValue["VALUE"]))) . '">'; if ($ps > 0) { $arResult["PROPERTY_" . $propertyKey . "_PRINTABLE"] .= '<div class="task-complete-bar-in" style="width:' . $ps . '%;"><div class="empty"></div></div>'; } $arResult["PROPERTY_" . $propertyKey . "_PRINTABLE"] .= '</div>'; } elseif (strlen($propertyValue["USER_TYPE"]) > 0) { if ($propertyValue["USER_TYPE"] == "UserID") { $arResult["PROPERTY_" . $propertyKey . "_PRINTABLE"] = CIntranetTasks::PrepareUserForPrint($propertyValue["VALUE"]); } else { $arResult["PROPERTY_" . $propertyKey . "_PRINTABLE"] = $propertyValue["VALUE"]; } } elseif ($propertyValue["PROPERTY_TYPE"] == "G") { $arResult["PROPERTY_" . $propertyKey . "_PRINTABLE"] = array(); $vx = CIntranetTasks::PrepareSectionForPrint($propertyValue["VALUE"], $propertyValue["LINK_IBLOCK_ID"]); foreach ($vx as $vx1 => $vx2) { $arResult["PROPERTY_" . $propertyKey . "_PRINTABLE"][$vx1] = $vx2["NAME"]; } } elseif ($propertyValue["PROPERTY_TYPE"] == "L") { $arResult["PROPERTY_" . $propertyKey] = array(); $arPropertyValue = $propertyValue["VALUE"]; $arPropertyKey = $propertyValue["VALUE_ENUM_ID"]; if (!is_array($arPropertyValue)) { $arPropertyValue = array($arPropertyValue); $arPropertyKey = array($arPropertyKey); } for ($i = 0, $cnt = count($arPropertyValue); $i < $cnt; $i++) { $arResult["PROPERTY_" . $propertyKey][$arPropertyKey[$i]] = $arPropertyValue[$i]; } $arResult["PROPERTY_" . $propertyKey . "_PRINTABLE"] = $arResult["PROPERTY_" . $propertyKey]; } elseif ($propertyValue["PROPERTY_TYPE"] == "S" && $propertyValue["ROW_COUNT"] > 1) { if (is_array($propertyValue["VALUE"])) { $arResult["PROPERTY_" . $propertyKey] = array(); $arResult["PROPERTY_" . $propertyKey . "_PRINTABLE"] = array(); if ($isInSecurity) { foreach ($propertyValue["~VALUE"] as $k => $v) { $filter = new CSecurityFilter(); $arResult["PROPERTY_" . $propertyKey . "_PRINTABLE"][$k] = $filter->TestXSS($v); $arResult["PROPERTY_" . $propertyKey][$k] = $arResult["PROPERTY_" . $propertyKey . "_PRINTABLE"][$k]; } } else { foreach ($propertyValue["VALUE"] as $k => $v) { $arResult["PROPERTY_" . $propertyKey . "_PRINTABLE"][$k] = nl2br($v); $arResult["PROPERTY_" . $propertyKey][$k] = $v; } } } else { if ($isInSecurity) { $filter = new CSecurityFilter(); $arResult["PROPERTY_" . $propertyKey . "_PRINTABLE"] = $filter->TestXSS($propertyValue["~VALUE"]); $arResult["PROPERTY_" . $propertyKey] = $arResult["PROPERTY_" . $propertyKey . "_PRINTABLE"]; } else { $arResult["PROPERTY_" . $propertyKey . "_PRINTABLE"] = nl2br($propertyValue["VALUE"]); $arResult["PROPERTY_" . $propertyKey] = $propertyValue["VALUE"]; } } } } $arResult["ROOT_SECTION_ID"] = 0; $arResult["IBLOCK_SECTION_ID_PRINTABLE"] = array(); $v = CIntranetTasks::PrepareSectionForPrint($arResult["IBLOCK_SECTION_ID"], $iblockId); if (is_array($v)) { foreach ($v as $k1 => $v1) { if ($arResult["ROOT_SECTION_ID"] == 0) { $arResult["ROOT_SECTION_ID"] = $k1; $taskType = $v1["XML_ID"] == "users_tasks" ? "user" : "group"; $ownerId = $taskType == "user" ? $arResult["PROPERTY_TaskAssignedTo"] : $v1["XML_ID"]; } else { $arResult["IBLOCK_SECTION_ID_PRINTABLE"][$k1] = $v1["NAME"]; } } } if (!array_key_exists($taskType . "_" . $ownerId, $arCache)) { $arCurrentUserGroups = array(); if ($taskType == "group") { $arCurrentUserGroups[] = SONET_ROLES_ALL; if ($GLOBALS["USER"]->IsAuthorized()) { $arCurrentUserGroups[] = SONET_ROLES_AUTHORIZED; } $r = CSocNetUserToGroup::GetUserRole($USER->GetID(), $ownerId); if (strlen($r) > 0) { $arCurrentUserGroups[] = $r; } } else { $arCurrentUserGroups[] = SONET_RELATIONS_TYPE_ALL; if ($GLOBALS["USER"]->IsAuthorized()) { $arCurrentUserGroups[] = SONET_RELATIONS_TYPE_AUTHORIZED; } if (CSocNetUserRelations::IsFriends($USER->GetID(), $ownerId)) { $arCurrentUserGroups[] = SONET_RELATIONS_TYPE_FRIENDS; } } $arCache[$taskType . "_" . $ownerId] = $arCurrentUserGroups; } $arCurrentUserGroups = $arCache[$taskType . "_" . $ownerId]; if ($USER->GetID() == $arResult["CREATED_BY"]) { $arCurrentUserGroups[] = "author"; } if ($USER->GetID() == $arResult["PROPERTY_TaskAssignedTo"]) { $arCurrentUserGroups[] = "responsible"; } if (is_array($arResult["PROPERTY_TaskTrackers"]) && in_array($USER->GetID(), $arResult["PROPERTY_TaskTrackers"])) { $arCurrentUserGroups[] = "trackers"; } $arResult["DocumentState"] = array(); $arDocumentStates = CBPDocument::GetDocumentStates(array("intranet", "CIntranetTasksDocument", "x" . $iblockId), array("intranet", "CIntranetTasksDocument", $arResult["ID"])); $kk = array_keys($arDocumentStates); foreach ($kk as $k) { $arResult["DocumentState"] = $arDocumentStates[$k]; $arResult["DocumentState"]["AllowableEvents"] = CBPDocument::GetAllowableEvents($GLOBALS["USER"]->GetID(), $arCurrentUserGroups, $arDocumentStates[$k]); } $arResult["TaskType"] = $taskType; $arResult["OwnerId"] = $ownerId; $arResult["CurrentUserCanViewTask"] = CIntranetTasksDocument::CanUserOperateDocument(INTASK_DOCUMENT_OPERATION_READ_DOCUMENT, $GLOBALS["USER"]->GetID(), $arResult["ID"], array("TaskType" => $taskType, "OwnerId" => $ownerId, "AllUserGroups" => $arCurrentUserGroups, "DocumentStates" => $arDocumentStates)); $arResult["CurrentUserCanCommentTask"] = CIntranetTasksDocument::CanUserOperateDocument(INTASK_DOCUMENT_OPERATION_COMMENT_DOCUMENT, $GLOBALS["USER"]->GetID(), $arResult["ID"], array("TaskType" => $taskType, "OwnerId" => $ownerId, "AllUserGroups" => $arCurrentUserGroups, "DocumentStates" => $arDocumentStates)); $arResult["CurrentUserCanDeleteTask"] = CIntranetTasksDocument::CanUserOperateDocument(INTASK_DOCUMENT_OPERATION_DELETE_DOCUMENT, $GLOBALS["USER"]->GetID(), $arResult["ID"], array("TaskType" => $taskType, "OwnerId" => $ownerId, "AllUserGroups" => $arCurrentUserGroups, "DocumentStates" => $arDocumentStates)); $arResult["CurrentUserCanWriteTask"] = CIntranetTasksDocument::CanUserOperateDocument(INTASK_DOCUMENT_OPERATION_WRITE_DOCUMENT, $GLOBALS["USER"]->GetID(), $arResult["ID"], array("TaskType" => $taskType, "OwnerId" => $ownerId, "AllUserGroups" => $arCurrentUserGroups, "DocumentStates" => $arDocumentStates)); $arResultList[] = $arResult; } $dbTasksList = new CDBResult(); $dbTasksList->InitFromArray($arResultList); return $dbTasksList; }
function ChangeStatus($taskId, $newStatus, $userId = 0) { CModule::IncludeModule("socialnetwork"); $taskId = intval($taskId); $userId = intval($userId); if ($userId == 0) { $userId = $GLOBALS["USER"]->GetID(); } $arTask = CIntranetTasks::GetById($taskId); if (!$arTask) { return; } $arDocumentStates = CBPDocument::GetDocumentStates(array("intranet", "CIntranetTasksDocument", "x" . $arTask["IBLOCK_ID"]), array("intranet", "CIntranetTasksDocument", $taskId)); $arCurrentUserGroups = array(); if ($arTask["TaskType"] == "group") { $arCurrentUserGroups[] = SONET_ROLES_ALL; if ($GLOBALS["USER"]->IsAuthorized()) { $arCurrentUserGroups[] = SONET_ROLES_AUTHORIZED; } $r = CSocNetUserToGroup::GetUserRole($userId, $arTask["OwnerId"]); if (strlen($r) > 0) { $arCurrentUserGroups[] = $r; } } if ($userId == $arTask["CREATED_BY"]) { $arCurrentUserGroups[] = "author"; } if ($userId == $arTask["PROPERTY_TaskAssignedTo"]) { $arCurrentUserGroups[] = "responsible"; } if (is_array($arTask["PROPERTY_TaskTrackers"]) && in_array($userId, $arTask["PROPERTY_TaskTrackers"])) { $arCurrentUserGroups[] = "trackers"; } $arStateCommand = array("NotAccepted" => array("NotStarted" => array("HEEA_NotAccepted_ApproveEvent"), "InProgress" => array("HEEA_NotAccepted_InProgressEvent"), "Completed" => array("HEEA_NotAccepted_CompleteEvent"), "Closed" => array("HEEA_NotAccepted_CloseEvent"), "Waiting" => array("HEEA_NotAccepted_ApproveEvent", "HEEA_NotStarted_WaitingEvent"), "Deferred" => array("HEEA_NotAccepted_ApproveEvent", "HEEA_NotStarted_DeferredEvent")), "NotStarted" => array("InProgress" => array("HEEA_NotStarted_InProgressEvent"), "Completed" => array("HEEA_NotStarted_CompleteEvent"), "Closed" => array("HEEA_NotStarted_CloseEvent"), "Waiting" => array("HEEA_NotStarted_WaitingEvent"), "Deferred" => array("HEEA_NotStarted_DeferredEvent")), "InProgress" => array("Completed" => array("HEEA_InProgress_CompleteEvent"), "Closed" => array("HEEA_InProgress_CloseEvent"), "Waiting" => array("HEEA_InProgress_WaitingEvent"), "Deferred" => array("HEEA_InProgress_DeferredEvent")), "Completed" => array("InProgress" => array("HEEA_Completed_InProgressEvent"), "Closed" => array("HEEA_Completed_CloseEvent")), "Waiting" => array("NotStarted" => array("HEEA_Waiting_NotStartedEvent"), "InProgress" => array("HEEA_Waiting_InProgressEvent"), "Completed" => array("HEEA_Waiting_CompleteEvent"), "Closed" => array("HEEA_Waiting_CloseEvent"), "Deferred" => array("HEEA_Waiting_DeferredEvent")), "Deferred" => array("NotStarted" => array("HEEA_Deferred_NotStartedEvent"), "InProgress" => array("HEEA_Deferred_InProgressEvent"), "Completed" => array("HEEA_Deferred_CompleteEvent"), "Closed" => array("HEEA_Deferred_CloseEvent"), "Waiting" => array("HEEA_Deferred_WaitingEvent"))); foreach ($arDocumentStates as $documentState) { $oldState = $documentState["STATE_NAME"]; if (!array_key_exists($oldState, $arStateCommand) || count($arStateCommand[$oldState]) <= 0) { continue; } if (!array_key_exists($newStatus, $arStateCommand[$oldState]) || count($arStateCommand[$oldState][$newStatus]) <= 0) { continue; } foreach ($arStateCommand[$oldState][$newStatus] as $sc) { CBPDocument::SendExternalEvent($documentState["ID"], $sc, array("Groups" => $arCurrentUserGroups, "User" => $userId), $arErrorTmp); } } }
/** * @param $USER CUser * @param $iblock_type_id string * @param $socnet_group_id int * @return int|string */ protected static function _socnet_type_check($USER, $iblock_type_id, $socnet_group_id) { if ($iblock_type_id === COption::GetOptionString("lists", "socnet_iblock_type_id")) { $socnet_role = CSocNetUserToGroup::GetUserRole($USER->GetID(), $socnet_group_id); if ($socnet_role == "A" && CSocNetFeaturesPerms::CanPerformOperation($USER->GetID(), SONET_ENTITY_GROUP, $socnet_group_id, "group_lists", "write", CSocNetUser::IsCurrentUserModuleAdmin())) { return CListPermissions::IS_ADMIN; } else { return CListPermissions::CAN_READ; } } else { return CListPermissions::WRONG_IBLOCK_TYPE; } }
/** * Метод проверяет права на выполнение операций над документами заданного типа. Проверяются операции 4 - право изменять шаблоны рабочий потоков для данного типа документа. * * @param int $operation - операция. * @param int $userId - код пользователя, для которого проверяется право на выполнение операции. * @param string $documentId - код типа документа, к которому применяется операция. * @param array $arParameters - ассициативный массив вспомогательных параметров. Используется для того, чтобы не рассчитывать заново те вычисляемые значения, которые уже известны на момент вызова метода. Стандартными являются ключи массива DocumentStates - массив состояний рабочих потоков данного документа, WorkflowId - код рабочего потока (если требуется проверить операцию на одном рабочем потоке). Массив может быть дополнен другими произвольными ключами. * @return bool */ public function CanUserOperateDocumentType($operation, $userId, $documentType, $arParameters = array()) { $documentType = trim($documentType); if (strlen($documentType) <= 0) { return false; } $iblockId = COption::GetOptionInt("intranet", "iblock_tasks", 0); if ($iblockId <= 0) { return false; } $userId = intval($userId); global $USER; if ($USER->IsAuthorized() && $USER->GetID() == $userId && CSocNetUser::IsCurrentUserModuleAdmin()) { return true; } $arDt = explode("_", $documentType); if (count($arDt) != 2) { return false; } $taskType = $arDt[0]; $ownerId = intval($arDt[1]); if (!in_array($taskType, array("user", "group")) || $ownerId <= 0) { return false; } if (!array_key_exists("AllUserGroups", $arParameters)) { if (!array_key_exists("UserGroups", $arParameters)) { $arParameters["UserGroups"] = array(); if ($taskType == "user") { // $arParameters["UserGroups"][] = SONET_RELATIONS_TYPE_ALL; // if (CSocNetUserRelations::IsFriends($userId, $ownerId)) // $arParameters["UserGroups"][] = SONET_RELATIONS_TYPE_FRIENDS; // elseif (CSocNetUserRelations::IsFriends2($userId, $ownerId)) // $arParameters["UserGroups"][] = SONET_RELATIONS_TYPE_FRIENDS2; } else { $arParameters["UserGroups"][] = SONET_ROLES_ALL; if ($GLOBALS["USER"]->IsAuthorized()) { $arParameters["UserGroups"][] = SONET_ROLES_AUTHORIZED; } $r = CSocNetUserToGroup::GetUserRole($userId, $ownerId); if (strlen($r) > 0) { $arParameters["UserGroups"][] = $r; } } } $arParameters["AllUserGroups"] = $arParameters["UserGroups"]; $arParameters["AllUserGroups"][] = "author"; } if (!array_key_exists("DocumentStates", $arParameters)) { $arParameters["DocumentStates"] = CBPDocument::GetDocumentStates(array("intranet", "CIntranetTasksDocument", "x" . $iblockId), null); } // Если нужно проверить только для одного рабочего потока if (array_key_exists("WorkflowId", $arParameters)) { if (array_key_exists($arParameters["WorkflowId"], $arParameters["DocumentStates"])) { $arParameters["DocumentStates"] = array($arParameters["WorkflowId"] => $arParameters["DocumentStates"][$arParameters["WorkflowId"]]); } else { return false; } } $arAllowableOperations = CBPDocument::GetAllowableOperations($userId, $arParameters["AllUserGroups"], $arParameters["DocumentStates"]); // $arAllowableOperations == null - поток не является автоматом // $arAllowableOperations == array() - в автомате нет допустимых операций // $arAllowableOperations == array("read", ...) - допустимые операции if (!is_array($arAllowableOperations)) { return false; } $r = false; switch ($operation) { case INTASK_DOCUMENT_OPERATION_VIEW_WORKFLOW: $r = false; break; case INTASK_DOCUMENT_OPERATION_START_WORKFLOW: $r = false; break; case INTASK_DOCUMENT_OPERATION_CREATE_WORKFLOW: $r = false; break; case INTASK_DOCUMENT_OPERATION_WRITE_DOCUMENT: $r = in_array("write", $arAllowableOperations); break; case INTASK_DOCUMENT_OPERATION_READ_DOCUMENT: $r = false; break; case INTASK_DOCUMENT_OPERATION_COMMENT_DOCUMENT: $r = false; break; case INTASK_DOCUMENT_OPERATION_DELETE_DOCUMENT: $r = false; break; default: $r = false; } return $r; }
/** * @param integer $userId * @param integer $groupId * @return bool true if user can access group, false otherwise */ public static function HasUserReadAccessToGroup($userId, $groupId) { // Roles allowed for extranet user to grant access to read task in group static $arAllowedRoles = array(SONET_ROLES_MODERATOR, SONET_ROLES_USER, SONET_ROLES_OWNER); if (!CModule::IncludeModule('socialnetwork')) { return false; } if (!($userId > 0 && $groupId > 0)) { return false; } if (self::IsIntranetUser($userId)) { /** @noinspection PhpDynamicAsStaticMethodCallInspection */ return CSocNetGroup::CanUserViewGroup($userId, $groupId); } /** @noinspection PhpDynamicAsStaticMethodCallInspection */ $userRole = CSocNetUserToGroup::GetUserRole($userId, $groupId); if (in_array($userRole, $arAllowedRoles)) { return true; } return false; }
if (!CModule::IncludeModule("socialnetwork")) { echo CUtil::PhpToJsObject(array('ERROR' => 'SONET_MODULE_NOT_INSTALLED')); die; } if (!$GLOBALS["USER"]->IsAuthorized()) { echo CUtil::PhpToJsObject(array("ERROR" => "CURRENT_USER_NOT_AUTH")); die; } $groupID = intval($_POST["groupID"]); if ($groupID <= 0) { echo CUtil::PhpToJsObject(array("ERROR" => "EMPTY_GROUP_ID")); die; } if (check_bitrix_sessid()) { if (in_array($_POST["action"], array("set", "unset"))) { $userRole = CSocNetUserToGroup::GetUserRole($GLOBALS["USER"]->GetID(), $groupID); if (!in_array($userRole, array(SONET_ROLES_OWNER, SONET_ROLES_MODERATOR, SONET_ROLES_USER))) { echo CUtil::PhpToJsObject(array("ERROR" => "INCORRECT_USER_ROLE")); die; } if (CSocNetSubscription::Set($GLOBALS["USER"]->GetID(), "SG" . $groupID, $_POST["action"] == "set" ? "Y" : "N")) { $rsSubscription = CSocNetSubscription::GetList(array(), array("USER_ID" => $GLOBALS["USER"]->GetID(), "CODE" => "SG" . $groupID)); if ($arSubscription = $rsSubscription->Fetch()) { echo CUtil::PhpToJsObject(array("SUCCESS" => "Y", "RESULT" => "Y")); } else { echo CUtil::PhpToJsObject(array("SUCCESS" => "Y", "RESULT" => "N")); } } } else { echo CUtil::PhpToJsObject(array("ERROR" => "UNKNOWN_ACTION")); }
function MkFilter($arFilter, &$arJoinProps, &$arAddWhereFields, $level = 0, $bPropertyLeftJoin = false) { global $DB, $USER; $arSqlSearch = array(); $permSQL = ""; $arSectionFilter = array("LOGIC" => "", "BE" => array(), "BS" => array()); $strSqlSearch = ""; if (!is_array($arFilter)) { $arFilter = array(); } foreach ($arFilter as $key => $val) { $key = strtoupper($key); $p = strpos($key, "PROPERTY_"); if ($p !== false && $p < 4) { $arFilter[substr($key, 0, $p) . "PROPERTY"][substr($key, $p + 9)] = $val; unset($arFilter[$key]); } } if (array_key_exists("LOGIC", $arFilter) && $arFilter["LOGIC"] == "OR") { $Logic = "OR"; unset($arFilter["LOGIC"]); $bPropertyLeftJoin = true; } else { $Logic = "AND"; } if ($Logic === "AND" && $level === 0) { $f = new \Bitrix\Iblock\PropertyIndex\QueryBuilder($arFilter["IBLOCK_ID"]); if ($f->isValid()) { $arJoinProps["FC"] = $f->getFilterSql($arFilter, $arSqlSearch); $arJoinProps["FC_DISTINCT"] = $f->getDistinct(); } } foreach ($arFilter as $orig_key => $val) { $res = CIBlock::MkOperationFilter($orig_key); $key = $res["FIELD"]; $cOperationType = $res["OPERATION"]; //it was done before $key = strtoupper($key); switch ($key . "") { case "ACTIVE": case "DETAIL_TEXT_TYPE": case "PREVIEW_TEXT_TYPE": $arSqlSearch[] = CIBlock::FilterCreateEx("BE." . $key, $val, "string_equal", $bFullJoinTmp, $cOperationType); break; case "NAME": case "XML_ID": case "TMP_ID": case "DETAIL_TEXT": case "SEARCHABLE_CONTENT": case "PREVIEW_TEXT": case "CODE": case "TAGS": case "WF_COMMENTS": $arSqlSearch[] = CIBlock::FilterCreateEx("BE." . $key, $val, "string", $bFullJoinTmp, $cOperationType); break; case "ID": if (is_object($val)) { $arSqlSearch[] = $val->_sql_in("BE." . $key, $cOperationType); } else { $arSqlSearch[] = CIBlock::FilterCreateEx("BE." . $key, $val, "number", $bFullJoinTmp, $cOperationType); } break; case "SHOW_COUNTER": case "WF_PARENT_ELEMENT_ID": case "WF_STATUS_ID": case "SORT": case "CREATED_BY": case "PREVIEW_PICTURE": case "DETAIL_PICTURE": $arSqlSearch[] = CIBlock::FilterCreateEx("BE." . $key, $val, "number", $bFullJoinTmp, $cOperationType); break; case "IBLOCK_ID": $arSqlSearch[] = CIBlock::FilterCreateEx("BE." . $key, $val, "number", $bFullJoinTmp, $cOperationType); break; case "TIMESTAMP_X": case "DATE_CREATE": case "SHOW_COUNTER_START": $arSqlSearch[] = CIBlock::FilterCreateEx("BE." . $key, $val, "date", $bFullJoinTmp, $cOperationType); break; case "EXTERNAL_ID": $arSqlSearch[] = CIBlock::FilterCreateEx("BE.XML_ID", $val, "string", $bFullJoinTmp, $cOperationType); break; case "IBLOCK_TYPE": $flt = CIBlock::FilterCreateEx("B.IBLOCK_TYPE_ID", $val, "string", $bFullJoinTmp, $cOperationType); $arSqlSearch[] = $flt; break; case "CHECK_PERMISSIONS": if ($val == "Y" && (!is_object($USER) || !$USER->IsAdmin())) { $permSQL = CIBlockElement::_check_rights_sql($arFilter["MIN_PERMISSION"]); } break; case "CHECK_BP_PERMISSIONS": if (IsModuleInstalled('bizproc') && (!is_object($USER) || !$USER->IsAdmin())) { if (is_array($val)) { $MODULE_ID = $DB->ForSQL($val["MODULE_ID"]); $ENTITY = $DB->ForSQL($val["ENTITY"]); $PERMISSION = $DB->ForSQL($val["PERMISSION"]); $arUserGroups = array(); if (is_array($val["GROUPS"])) { $USER_ID = intval($val["USER_ID"]); foreach ($val["GROUPS"] as $GROUP_ID) { $GROUP_ID = intval($GROUP_ID); if ($GROUP_ID) { $arUserGroups[$GROUP_ID] = $GROUP_ID; } } } else { $USER_ID = 0; } } else { $MODULE_ID = "iblock"; $ENTITY = "CIBlockDocument"; $PERMISSION = $val; $arUserGroups = false; $USER_ID = 0; } if ($PERMISSION == "read" || $PERMISSION == "write") { if (!is_array($arUserGroups) && is_object($USER)) { $USER_ID = intval($USER->GetID()); $arUserGroups = $USER->GetUserGroupArray(); } if (!is_array($arUserGroups) || count($arUserGroups) <= 0) { $arUserGroups = array(2); } $arSqlSearch[] = "EXISTS (\n\t\t\t\t\t\t\tSELECT S.DOCUMENT_ID_INT\n\t\t\t\t\t\t\tFROM\n\t\t\t\t\t\t\tb_bp_workflow_state S\n\t\t\t\t\t\t\tINNER JOIN b_bp_workflow_permissions P ON S.ID = P.WORKFLOW_ID\n\t\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\t\tS.DOCUMENT_ID_INT = BE.ID\n\t\t\t\t\t\t\t\tAND S.MODULE_ID = '{$MODULE_ID}'\n\t\t\t\t\t\t\t\tAND S.ENTITY = '{$ENTITY}'\n\t\t\t\t\t\t\t\tAND P.PERMISSION = '{$PERMISSION}'\n\t\t\t\t\t\t\t\tAND (\n\t\t\t\t\t\t\t\t\tP.OBJECT_ID IN ('" . implode("', '", $arUserGroups) . "')\n\t\t\t\t\t\t\t\t\tOR (P.OBJECT_ID = 'Author' AND BE.CREATED_BY = {$USER_ID})\n\t\t\t\t\t\t\t\t\tOR (P.OBJECT_ID = " . $DB->Concat("'USER_'", "'{$USER_ID}'") . ")\n\t\t\t\t\t\t\t\t)\n\t\t\t\t\t\t)"; } } break; case "CHECK_BP_TASKS_PERMISSIONS": if (IsModuleInstalled('bizproc') && CModule::IncludeModule("socialnetwork") && (!is_object($USER) || !$USER->IsAdmin())) { $val = explode("_", $val); $taskType = $val[0]; if (!in_array($taskType, array("user", "group"))) { $taskType = "user"; } $ownerId = intval($val[1]); $val = $val[2]; if (!in_array($val, array("read", "write", "comment"))) { $val = "write"; } $userId = is_object($USER) ? intval($USER->GetID()) : 0; $arUserGroups = array(); if ($taskType == "group") { $r = CSocNetFeaturesPerms::CanPerformOperation($userId, SONET_ENTITY_GROUP, $ownerId, "tasks", $val == "write" ? "edit_tasks" : "view_all"); if ($r) { break; } $arUserGroups[] = SONET_ROLES_ALL; $r = CSocNetUserToGroup::GetUserRole($userId, $ownerId); if (strlen($r) > 0) { $arUserGroups[] = $r; } } else { // $arUserGroups[] = SONET_RELATIONS_TYPE_ALL; // if (CSocNetUserRelations::IsFriends($userId, $ownerId)) // $arUserGroups[] = SONET_RELATIONS_TYPE_FRIENDS; // elseif (CSocNetUserRelations::IsFriends2($userId, $ownerId)) // $arUserGroups[] = SONET_RELATIONS_TYPE_FRIENDS2; } $arSqlSearch[] = "EXISTS (\n\t\t\t\t\t\tSELECT S.DOCUMENT_ID_INT\n\t\t\t\t\t\tFROM\n\t\t\t\t\t\tb_bp_workflow_state S\n\t\t\t\t\t\tINNER JOIN b_bp_workflow_permissions P ON S.ID = P.WORKFLOW_ID\n\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\tS.DOCUMENT_ID_INT = BE.ID\n\t\t\t\t\t\t\tAND S.MODULE_ID = 'intranet'\n\t\t\t\t\t\t\tAND S.ENTITY = 'CIntranetTasksDocument'\n\t\t\t\t\t\t\tAND P.PERMISSION = '" . $val . "'\n\t\t\t\t\t\t\tAND (\n\t\t\t\t\t\t\t\t" . ($taskType == "group" ? "P.OBJECT_ID IN ('" . implode("', '", $arUserGroups) . "') OR" : "") . "\n\t\t\t\t\t\t\t\t(P.OBJECT_ID = 'author' AND BE.CREATED_BY = " . $userId . ")\n\t\t\t\t\t\t\t\tOR (P.OBJECT_ID = 'responsible' AND " . $userId . " IN (\n\t\t\t\t\t\t\t\t\tSELECT SFPV0.VALUE_NUM\n\t\t\t\t\t\t\t\t\tFROM b_iblock_element_property SFPV0\n\t\t\t\t\t\t\t\t\t\tINNER JOIN b_iblock_property SFP0 ON (SFPV0.IBLOCK_PROPERTY_ID = SFP0.ID)\n\t\t\t\t\t\t\t\t\tWHERE " . CIBlock::_Upper("SFP0.CODE") . "='TASKASSIGNEDTO'\n\t\t\t\t\t\t\t\t\t\tAND SFP0.IBLOCK_ID = BE.IBLOCK_ID\n\t\t\t\t\t\t\t\t\t\tAND SFPV0.IBLOCK_ELEMENT_ID = BE.ID\n\t\t\t\t\t\t\t\t))\n\t\t\t\t\t\t\t\tOR (P.OBJECT_ID = 'trackers' AND " . $userId . " IN (\n\t\t\t\t\t\t\t\t\tSELECT SFPV0.VALUE_NUM\n\t\t\t\t\t\t\t\t\tFROM b_iblock_element_property SFPV0\n\t\t\t\t\t\t\t\t\t\tINNER JOIN b_iblock_property SFP0 ON (SFPV0.IBLOCK_PROPERTY_ID = SFP0.ID)\n\t\t\t\t\t\t\t\t\tWHERE " . CIBlock::_Upper("SFP0.CODE") . "='TASKTRACKERS'\n\t\t\t\t\t\t\t\t\t\tAND SFP0.IBLOCK_ID = BE.IBLOCK_ID\n\t\t\t\t\t\t\t\t\t\tAND SFPV0.IBLOCK_ELEMENT_ID = BE.ID\n\t\t\t\t\t\t\t\t))\n\t\t\t\t\t\t\t\tOR (P.OBJECT_ID = '" . ("USER_" . $userId) . "')\n\t\t\t\t\t\t\t)\n\t\t\t\t\t)"; } break; case "CHECK_BP_VIRTUAL_PERMISSIONS": if (IsModuleInstalled('bizproc') && (!is_object($USER) || !$USER->IsAdmin())) { if (!in_array($val, array("read", "create", "admin"))) { $val = "admin"; } $userId = is_object($USER) ? intval($USER->GetID()) : 0; if (is_object($USER)) { $arUserGroups = $USER->GetUserGroupArray(); } if (!is_array($arUserGroups) || count($arUserGroups) <= 0) { $arUserGroups = array(2); } $arSqlSearch[] = "EXISTS (\n\t\t\t\t\t\tSELECT S.DOCUMENT_ID_INT\n\t\t\t\t\t\tFROM b_bp_workflow_state S\n\t\t\t\t\t\t\tINNER JOIN b_bp_workflow_permissions P ON S.ID = P.WORKFLOW_ID\n\t\t\t\t\t\tWHERE S.DOCUMENT_ID_INT = BE.ID\n\t\t\t\t\t\t\tAND S.MODULE_ID = 'bizproc'\n\t\t\t\t\t\t\tAND S.ENTITY = 'CBPVirtualDocument'\n\t\t\t\t\t\t\tAND\n\t\t\t\t\t\t\t\t(P.PERMISSION = '" . $val . "'\n\t\t\t\t\t\t\t\tAND (\n\t\t\t\t\t\t\t\t\tP.OBJECT_ID IN ('" . implode("', '", $arUserGroups) . "')\n\t\t\t\t\t\t\t\t\tOR (P.OBJECT_ID = 'Author' AND BE.CREATED_BY = " . $userId . ")\n\t\t\t\t\t\t\t\t\tOR (P.OBJECT_ID = " . $DB->Concat("'USER_'", "'" . $userId . "'") . ")\n\t\t\t\t\t\t\t\t)\n\t\t\t\t\t\t\t)\n\t\t\t\t\t)"; } break; case "TASKSTATUS": if (IsModuleInstalled('bizproc')) { $arSqlSearch[] = ($cOperationType == "N" ? "NOT " : "") . "EXISTS (\n\t\t\t\t\t\tSELECT S.DOCUMENT_ID_INT\n\t\t\t\t\t\tFROM\n\t\t\t\t\t\tb_bp_workflow_state S\n\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\tS.DOCUMENT_ID_INT = BE.ID\n\t\t\t\t\t\t\tAND S.MODULE_ID = 'intranet'\n\t\t\t\t\t\t\tAND S.ENTITY = 'CIntranetTasksDocument'\n\t\t\t\t\t\t\tAND S.STATE = '" . $DB->ForSql($val) . "'\n\t\t\t\t\t)"; } break; case "LID": case "SITE_ID": case "IBLOCK_LID": case "IBLOCK_SITE_ID": $flt = CIBlock::FilterCreateEx("SITE_ID", $val, "string_equal", $bFullJoinTmp, $cOperationType); if (strlen($flt)) { $arSqlSearch[] = ($cOperationType == "N" ? "NOT " : "") . "EXISTS (\n\t\t\t\t\t\tSELECT IBLOCK_ID FROM b_iblock_site WHERE IBLOCK_ID = B.ID\n\t\t\t\t\t\tAND " . $flt . "\n\t\t\t\t\t)"; } break; case "DATE_ACTIVE_FROM": $arSqlSearch[] = CIBlock::FilterCreateEx("BE.ACTIVE_FROM", $val, "date", $bFullJoinTmp, $cOperationType); break; case "DATE_ACTIVE_TO": $arSqlSearch[] = CIBlock::FilterCreateEx("BE.ACTIVE_TO", $val, "date", $bFullJoinTmp, $cOperationType); break; case "IBLOCK_ACTIVE": $flt = CIBlock::FilterCreateEx("B.ACTIVE", $val, "string_equal", $bFullJoinTmp, $cOperationType); $arSqlSearch[] = $flt; break; case "IBLOCK_CODE": $flt = CIBlock::FilterCreateEx("B.CODE", $val, "string", $bFullJoinTmp, $cOperationType); $arSqlSearch[] = $flt; break; case "ID_ABOVE": $arSqlSearch[] = CIBlock::FilterCreateEx("BE.ID", $val, "number_above", $bFullJoinTmp, $cOperationType); break; case "ID_LESS": $arSqlSearch[] = CIBlock::FilterCreateEx("BE.ID", $val, "number_less", $bFullJoinTmp, $cOperationType); break; case "ACTIVE_FROM": if (strlen($val) > 0) { $arSqlSearch[] = "(BE.ACTIVE_FROM " . ($cOperationType == "N" ? "<" : ">=") . $DB->CharToDateFunction($DB->ForSql($val), "FULL") . ($cOperationType == "N" ? "" : " OR BE.ACTIVE_FROM IS NULL") . ")"; } break; case "ACTIVE_TO": if (strlen($val) > 0) { $arSqlSearch[] = "(BE.ACTIVE_TO " . ($cOperationType == "N" ? ">" : "<=") . $DB->CharToDateFunction($DB->ForSql($val), "FULL") . ($cOperationType == "N" ? "" : " OR BE.ACTIVE_TO IS NULL") . ")"; } break; case "ACTIVE_DATE": if (strlen($val) > 0) { $arSqlSearch[] = ($cOperationType == "N" ? " NOT" : "") . "((BE.ACTIVE_TO >= " . $DB->GetNowFunction() . " OR BE.ACTIVE_TO IS NULL) AND (BE.ACTIVE_FROM <= " . $DB->GetNowFunction() . " OR BE.ACTIVE_FROM IS NULL))"; } break; case "DATE_MODIFY_FROM": if (strlen($val) > 0) { $arSqlSearch[] = "(BE.TIMESTAMP_X " . ($cOperationType == "N" ? "<" : ">=") . $DB->CharToDateFunction($DB->ForSql($val), "FULL") . ($cOperationType == "N" ? "" : " OR BE.TIMESTAMP_X IS NULL") . ")"; } break; case "DATE_MODIFY_TO": if (strlen($val) > 0) { $arSqlSearch[] = "(BE.TIMESTAMP_X " . ($cOperationType == "N" ? ">" : "<=") . $DB->CharToDateFunction($DB->ForSql($val), "FULL") . ($cOperationType == "N" ? "" : " OR BE.TIMESTAMP_X IS NULL") . ")"; } break; case "WF_NEW": if ($val == "Y" || $val == "N") { $arSqlSearch[] = CIBlock::FilterCreateEx("BE.WF_NEW", "Y", "string_equal", $bFullJoinTmp, $val == "Y" ? false : true, false); } break; case "MODIFIED_USER_ID": case "MODIFIED_BY": $arSqlSearch[] = CIBlock::FilterCreateEx("BE.MODIFIED_BY", $val, "number", $bFullJoinTmp, $cOperationType); break; case "CREATED_USER_ID": case "CREATED_BY": $arSqlSearch[] = CIBlock::FilterCreateEx("BE.CREATED_BY", $val, "number", $bFullJoinTmp, $cOperationType); break; case "RATING_USER_ID": $arSqlSearch[] = CIBlock::FilterCreateEx("RVV.USER_ID", $val, "number", $bFullJoinTmp, $cOperationType); $arJoinProps["RVV"] = array("bFullJoin" => $bFullJoinTmp); break; case "WF_STATUS": $arSqlSearch[] = CIBlock::FilterCreateEx("BE.WF_STATUS_ID", $val, "number", $bFullJoinTmp, $cOperationType); break; case "WF_LOCK_STATUS": if (strlen($val) > 0) { $USER_ID = is_object($USER) ? intval($USER->GetID()) : 0; $arSqlSearch[] = " if(BE.WF_DATE_LOCK is null, 'green', if(DATE_ADD(BE.WF_DATE_LOCK, interval " . COption::GetOptionInt("workflow", "MAX_LOCK_TIME", 60) . " MINUTE)<now(), 'green', if(BE.WF_LOCKED_BY=" . $USER_ID . ", 'yellow', 'red'))) = '" . $DB->ForSql($val) . "'"; } break; case "WF_LAST_STATUS_ID": $arSqlSearch[] = "exists (\n\t\t\t\t\tselect\n\t\t\t\t\t\thistory.ID\n\t\t\t\t\tfrom\n\t\t\t\t\t\tb_iblock_element history\n\t\t\t\t\twhere\n\t\t\t\t\t\thistory.WF_PARENT_ELEMENT_ID = BE.ID\n\t\t\t\t\t\tand history.WF_STATUS_ID = " . intval($val) . "\n\t\t\t\t\t\tand history.ID = (\n\t\t\t\t\t\t\tselect max(history0.ID) LAST_ID\n\t\t\t\t\t\t\tfrom b_iblock_element history0\n\t\t\t\t\t\t\twhere history0.WF_PARENT_ELEMENT_ID = BE.ID\n\t\t\t\t\t\t)\n\t\t\t\t)\n\t\t\t\t"; break; case "SECTION_ACTIVE": if ($arFilter["INCLUDE_SUBSECTIONS"] === "Y") { $arSectionFilter["BS"][] = "BSubS.ACTIVE = 'Y'"; } else { $arSectionFilter["BS"][] = "BS.ACTIVE = 'Y'"; } break; case "SECTION_GLOBAL_ACTIVE": if ($arFilter["INCLUDE_SUBSECTIONS"] === "Y") { $arSectionFilter["BS"][] = "BSubS.GLOBAL_ACTIVE = 'Y'"; } else { $arSectionFilter["BS"][] = "BS.GLOBAL_ACTIVE = 'Y'"; } break; case "SUBSECTION": if (!is_array($val)) { $val = array($val); } //Find out margins of sections $arUnknownMargins = array(); foreach ($val as $i => $section) { if (!is_array($section)) { $arUnknownMargins[intval($section)] = intval($section); } } if (count($arUnknownMargins) > 0) { $rs = $DB->Query("SELECT ID, LEFT_MARGIN, RIGHT_MARGIN FROM b_iblock_section WHERE ID in (" . implode(", ", $arUnknownMargins) . ")"); while ($ar = $rs->Fetch()) { $arUnknownMargins[intval($ar["ID"])] = array(intval($ar["LEFT_MARGIN"]), intval($ar["RIGHT_MARGIN"])); } foreach ($val as $i => $section) { if (!is_array($section)) { $val[$i] = $arUnknownMargins[intval($section)]; } } } //Now sort them out $arMargins = array(); foreach ($val as $i => $section) { if (is_array($section) && count($section) == 2) { $left = intval($section[0]); $right = intval($section[1]); if ($left > 0 && $right > 0) { $arMargins[$left] = $right; } } } ksort($arMargins); //Remove subsubsections of the sections $prev_right = 0; foreach ($arMargins as $left => $right) { if ($right <= $prev_right) { unset($arMargins[$left]); } else { $prev_right = $right; } } if (isset($arFilter["INCLUDE_SUBSECTIONS"]) && $arFilter["INCLUDE_SUBSECTIONS"] === "Y") { $bsAlias = "BSubS"; } else { $bsAlias = "BS"; } $res = ""; foreach ($arMargins as $left => $right) { if ($res != "") { $res .= $cOperationType == "N" ? " AND " : " OR "; } $res .= ($cOperationType == "N" ? " NOT " : " ") . "({$bsAlias}.LEFT_MARGIN >= " . $left . " AND {$bsAlias}.RIGHT_MARGIN <= " . $right . ")\n"; } if ($res != "") { $arSectionFilter["BS"][] = "(" . $res . ")"; } break; case "SECTION_ID": if (!is_array($val)) { $val = array($val); } $arSections = array(); foreach ($val as $section_id) { $section_id = intval($section_id); $arSections[$section_id] = $section_id; } if ($cOperationType == "N") { if (array_key_exists(0, $arSections)) { $arSectionFilter["BE"][] = "BE.IN_SECTIONS<>'N'"; $arSectionFilter["LOGIC"] = "AND"; unset($arSections[0]); if (count($arSections) > 0) { $arSectionFilter["BS"][] = "BS.ID NOT IN (" . implode(", ", $arSections) . ")"; } } elseif (count($arSections) > 0) { $arSectionFilter["BE"][] = "BE.IN_SECTIONS='N'"; $arSectionFilter["LOGIC"] = "OR"; $arSectionFilter["BS"][] = "BS.ID NOT IN (" . implode(", ", $arSections) . ")"; } } else { if (array_key_exists(0, $arSections)) { $arSectionFilter["BE"][] = "BE.IN_SECTIONS='N'"; $arSectionFilter["LOGIC"] = "OR"; unset($arSections[0]); } if (count($arSections) > 0) { $arSectionFilter["BS"][] = "BS.ID IN (" . implode(", ", $arSections) . ")"; } } break; case "SECTION_CODE": if (!is_array($val)) { $val = array($val); } $arSections = array(); foreach ($val as $section_code) { $section_code = $DB->ForSql($section_code); $arSections[$section_code] = $section_code; } if ($cOperationType == "N") { if (array_key_exists("", $arSections)) { $arSectionFilter["BE"][] = "BE.IN_SECTIONS<>'N'"; $arSectionFilter["LOGIC"] = "AND"; unset($arSections[""]); if (count($arSections) > 0) { $arSectionFilter["BS"][] = "BS.CODE NOT IN ('" . implode("', '", $arSections) . "')"; } } elseif (count($arSections) > 0) { $arSectionFilter["BE"][] = "BE.IN_SECTIONS='N'"; $arSectionFilter["LOGIC"] = "OR"; $arSectionFilter["BS"][] = "BS.CODE NOT IN ('" . implode("', '", $arSections) . "')"; } } else { if (array_key_exists("", $arSections)) { $arSectionFilter["BE"][] = "BE.IN_SECTIONS='N'"; $arSectionFilter["LOGIC"] = "OR"; unset($arSections[""]); } if (count($arSections) > "") { $arSectionFilter["BS"][] = "BS.CODE IN ('" . implode("', '", $arSections) . "')"; } } break; case "PROPERTY": foreach ($val as $propID => $propVAL) { $res = CIBlock::MkOperationFilter($propID); $res["LOGIC"] = $Logic; $res["LEFT_JOIN"] = $bPropertyLeftJoin; if (preg_match("/^([^.]+)\\.([^.]+)\$/", $res["FIELD"], $arMatch)) { $db_prop = CIBlockProperty::GetPropertyArray($arMatch[1], CIBlock::_MergeIBArrays($arFilter["IBLOCK_ID"], $arFilter["IBLOCK_CODE"], $arFilter["~IBLOCK_ID"], $arFilter["~IBLOCK_CODE"])); if (is_array($db_prop) && $db_prop["PROPERTY_TYPE"] == "E") { $res["FIELD"] = $arMatch; CIBlockElement::MkPropertyFilter($res, $cOperationType, $propVAL, $db_prop, $arJoinProps, $arSqlSearch); } } else { if ($db_prop = CIBlockProperty::GetPropertyArray($res["FIELD"], CIBlock::_MergeIBArrays($arFilter["IBLOCK_ID"], $arFilter["IBLOCK_CODE"], $arFilter["~IBLOCK_ID"], $arFilter["~IBLOCK_CODE"]))) { CIBlockElement::MkPropertyFilter($res, $cOperationType, $propVAL, $db_prop, $arJoinProps, $arSqlSearch); } } } break; default: if (is_numeric($orig_key)) { //Here is hint for better property resolution: if (!is_array($val) || !array_key_exists("~IBLOCK_ID", $val)) { if (array_key_exists("IBLOCK_ID", $arFilter)) { $val["~IBLOCK_ID"] = $arFilter["IBLOCK_ID"]; } elseif (array_key_exists("~IBLOCK_ID", $arFilter)) { $val["~IBLOCK_ID"] = $arFilter["~IBLOCK_ID"]; } } if (!is_array($val) || !array_key_exists("~IBLOCK_CODE", $val)) { if (array_key_exists("IBLOCK_CODE", $arFilter)) { $val["~IBLOCK_CODE"] = $arFilter["IBLOCK_CODE"]; } elseif (array_key_exists("~IBLOCK_CODE", $arFilter)) { $val["~IBLOCK_CODE"] = $arFilter["~IBLOCK_CODE"]; } } //Subfilter process $arSubSqlSearch = CIBlockElement::MkFilter($val, $arJoinProps, $arAddWhereFields, $level + 1, $bPropertyLeftJoin); if (strlen(trim($arSubSqlSearch[0], "\n\t"))) { $arSqlSearch[] = str_replace("\n\t\t\t", "\n\t\t\t\t", $arSubSqlSearch[0]); } } elseif (strtoupper(substr($key, 0, 8)) == "CATALOG_" && CModule::IncludeModule("catalog")) { $res_catalog = CCatalogProduct::GetQueryBuildArrays(array(), array($orig_key => $val), array()); if (strlen($res_catalog["WHERE"])) { $arSqlSearch[] = substr($res_catalog["WHERE"], 5); // " AND ".$res $arAddWhereFields[$orig_key] = $val; } } break; } } //SECTION sub filter $sWhere = ""; foreach ($arSectionFilter["BS"] as $strFilter) { if (strlen($strFilter)) { if (strlen($sWhere)) { $sWhere .= " " . $Logic . " "; } $sWhere .= "(" . $strFilter . ")"; } } $bINCLUDE_SUBSECTIONS = isset($arFilter["INCLUDE_SUBSECTIONS"]) && $arFilter["INCLUDE_SUBSECTIONS"] === "Y"; if (strlen($sWhere)) { $sectionScope = ""; if (isset($arFilter["SECTION_SCOPE"])) { if ($arFilter["SECTION_SCOPE"] == "IBLOCK") { $sectionScope = "AND BSE.ADDITIONAL_PROPERTY_ID IS NULL"; } elseif ($arFilter["SECTION_SCOPE"] == "PROPERTY") { $sectionScope = "AND BSE.ADDITIONAL_PROPERTY_ID IS NOT NULL"; } elseif (preg_match("/^PROPERTY_(\\d+)\$/", $arFilter["SECTION_SCOPE"], $match)) { $sectionScope = "AND BSE.ADDITIONAL_PROPERTY_ID = " . $match[1]; } } //Try to convert correlated subquery to join subquery if ($level == 0 && $Logic == "AND" && !count($arSectionFilter["BE"])) { $arJoinProps["BES"] .= " INNER JOIN (\n\t\t\t\t\tSELECT DISTINCT BSE.IBLOCK_ELEMENT_ID\n\t\t\t\t\tFROM b_iblock_section_element BSE\n\t\t\t\t\t" . ($bINCLUDE_SUBSECTIONS ? "\n\t\t\t\t\tINNER JOIN b_iblock_section BSubS ON BSE.IBLOCK_SECTION_ID = BSubS.ID\n\t\t\t\t\tINNER JOIN b_iblock_section BS ON (BSubS.IBLOCK_ID=BS.IBLOCK_ID\n\t\t\t\t\t\tAND BSubS.LEFT_MARGIN>=BS.LEFT_MARGIN\n\t\t\t\t\t\tAND BSubS.RIGHT_MARGIN<=BS.RIGHT_MARGIN)\n\t\t\t\t\t" : "\n\t\t\t\t\tINNER JOIN b_iblock_section BS ON BSE.IBLOCK_SECTION_ID = BS.ID\n\t\t\t\t\t") . "\n\t\t\t\t\tWHERE (" . $sWhere . "){$sectionScope}\n\t\t\t\t\t) BES ON BES.IBLOCK_ELEMENT_ID = BE.ID\n"; } else { $arSqlSearch[] = "(" . (count($arSectionFilter["BE"]) ? implode(" " . $arSectionFilter["LOGIC"] . " ", $arSectionFilter["BE"]) . " " . $arSectionFilter["LOGIC"] : "") . " EXISTS (\n\t\t\t\t\tSELECT BSE.IBLOCK_ELEMENT_ID\n\t\t\t\t\tFROM b_iblock_section_element BSE\n\t\t\t\t\t" . ($bINCLUDE_SUBSECTIONS ? "\n\t\t\t\t\tINNER JOIN b_iblock_section BSubS ON BSE.IBLOCK_SECTION_ID = BSubS.ID\n\t\t\t\t\tINNER JOIN b_iblock_section BS ON (BSubS.IBLOCK_ID=BS.IBLOCK_ID\n\t\t\t\t\t\tAND BSubS.LEFT_MARGIN>=BS.LEFT_MARGIN\n\t\t\t\t\t\tAND BSubS.RIGHT_MARGIN<=BS.RIGHT_MARGIN)\n\t\t\t\t\t" : "\n\t\t\t\t\tINNER JOIN b_iblock_section BS ON BSE.IBLOCK_SECTION_ID = BS.ID\n\t\t\t\t\t") . "\n\t\t\t\t\tWHERE BSE.IBLOCK_ELEMENT_ID = BE.ID\n\t\t\t\t\tAND (" . $sWhere . "){$sectionScope}\n\t\t\t\t\t))"; } } elseif (count($arSectionFilter["BE"])) { foreach ($arSectionFilter["BE"] as $strFilter) { $arSqlSearch[] = $strFilter; } } $sWhere = ""; foreach ($arSqlSearch as $strFilter) { if (strlen(trim($strFilter, "\n\t"))) { if (strlen($sWhere)) { $sWhere .= "\n\t\t\t\t" . $Logic . " "; } else { $sWhere .= "\n\t\t\t\t"; } $sWhere .= "(" . $strFilter . ")"; } } $arSqlSearch = array("\n\t\t\t" . $sWhere . "\n\t\t\t"); $SHOW_BP_NEW = ""; $SHOW_NEW = isset($arFilter["SHOW_NEW"]) && $arFilter["SHOW_NEW"] == "Y" ? "Y" : "N"; if ($SHOW_NEW == "Y" && isset($arFilter["SHOW_BP_NEW"]) && is_array($arFilter["SHOW_BP_NEW"]) && IsModuleInstalled('bizproc') && (!is_object($USER) || !$USER->IsAdmin())) { $MODULE_ID = $DB->ForSQL($arFilter["SHOW_BP_NEW"]["MODULE_ID"]); $ENTITY = $DB->ForSQL($arFilter["SHOW_BP_NEW"]["ENTITY"]); $PERMISSION = $DB->ForSQL($arFilter["SHOW_BP_NEW"]["PERMISSION"]); $arUserGroups = array(); if (is_array($arFilter["SHOW_BP_NEW"]["GROUPS"])) { $USER_ID = intval($arFilter["SHOW_BP_NEW"]["USER_ID"]); foreach ($arFilter["SHOW_BP_NEW"]["GROUPS"] as $GROUP_ID) { $GROUP_ID = intval($GROUP_ID); if ($GROUP_ID) { $arUserGroups[$GROUP_ID] = $GROUP_ID; } } } else { $USER_ID = false; $arUserGroups = false; } if ($PERMISSION == "read" || $PERMISSION == "write") { if (!is_array($arUserGroups)) { $USER_ID = is_object($USER) ? intval($USER->GetID()) : 0; if (is_object($USER)) { $arUserGroups = $USER->GetUserGroupArray(); } } if (!is_array($arUserGroups) || count($arUserGroups) <= 0) { $arUserGroups = array(2); } $SHOW_BP_NEW = " AND EXISTS (\n\t\t\t\t\tSELECT S.DOCUMENT_ID_INT\n\t\t\t\t\tFROM\n\t\t\t\t\tb_bp_workflow_state S\n\t\t\t\t\tINNER JOIN b_bp_workflow_permissions P ON S.ID = P.WORKFLOW_ID\n\t\t\t\t\tWHERE\n\t\t\t\t\t\tS.DOCUMENT_ID_INT = BE.ID\n\t\t\t\t\t\tAND S.MODULE_ID = '{$MODULE_ID}'\n\t\t\t\t\t\tAND S.ENTITY = '{$ENTITY}'\n\t\t\t\t\t\tAND P.PERMISSION = '{$PERMISSION}'\n\t\t\t\t\t\tAND (\n\t\t\t\t\t\t\tP.OBJECT_ID IN ('" . implode("', '", $arUserGroups) . "')\n\t\t\t\t\t\t\tOR (P.OBJECT_ID = 'Author' AND BE.CREATED_BY = {$USER_ID})\n\t\t\t\t\t\t\tOR (P.OBJECT_ID = " . $DB->Concat("'USER_'", "'{$USER_ID}'") . ")\n\t\t\t\t\t\t)\n\t\t\t\t)"; } } if (!isset($arFilter["SHOW_HISTORY"]) || $arFilter["SHOW_HISTORY"] != "Y") { $arSqlSearch[] = "((BE.WF_STATUS_ID=1 AND BE.WF_PARENT_ELEMENT_ID IS NULL)" . ($SHOW_NEW == "Y" ? " OR (BE.WF_NEW='Y'" . $SHOW_BP_NEW . ")" : "") . ")"; } if ($permSQL) { $arSqlSearch[] = $permSQL; } if (isset($this) && is_object($this) && isset($this->subQueryProp)) { //Subquery list value should not be null $this->MkPropertyFilter(CIBlock::MkOperationFilter("!" . substr($this->strField, 9)), "NE", false, $this->subQueryProp, $arJoinProps, $arSqlSearch); } return $arSqlSearch; }
$userData = array("ADD_EMAIL" => $_POST["ADD_EMAIL"], "ADD_NAME" => $_POST["ADD_NAME"], "ADD_LAST_NAME" => $_POST["ADD_LAST_NAME"], "ADD_SEND_PASSWORD" => $_POST["ADD_SEND_PASSWORD"]); $ID_ADDED = CIntranetInviteDialog::AddNewUser(SITE_ID, $userData, $strError); if ($ID_ADDED <= 0) { $errorMessage .= (strlen($errorMessage) > 0 ? "<br />" : "") . $strError; $arResult["ErrorFields"][] = "EXTRANET_BLOCK"; } else { $arUserIDs[] = $ID_ADDED; } } } // send invitations if (is_array($arUserIDs) && count($arUserIDs) > 0) { foreach ($arUserIDs as $user_id) { $isCurrentUserTmp = $USER->GetID() == $user_id; $canInviteGroup = CSocNetUserPerms::CanPerformOperation($USER->GetID(), $user_id, "invitegroup", CSocNetUser::IsCurrentUserModuleAdmin()); $user2groupRelation = CSocNetUserToGroup::GetUserRole($user_id, $arResult["GROUP_ID"]); if (!$isCurrentUserTmp && $canInviteGroup && !$user2groupRelation) { $bMail = !is_array($arInvitedExtranetUsers) || !in_array($user_id, $arInvitedExtranetUsers); if (!CSocNetUserToGroup::SendRequestToJoinGroup($USER->GetID(), $user_id, $arResult["GROUP_ID"], $_POST["MESSAGE"], $bMail)) { $rsUser = CUser::GetByID($user_id); if ($arUser = $rsUser->Fetch()) { $arErrorUsers[] = array(CUser::FormatName($arParams["NAME_TEMPLATE"], $arUser, $bUseLogin), CSocNetUserPerms::CanPerformOperation($USER->GetID(), $arUser["ID"], "viewprofile", CSocNetUser::IsCurrentUserModuleAdmin()) ? CComponentEngine::MakePathFromTemplate($arParams["PATH_TO_USER"], array("user_id" => $arUser["ID"])) : ""); if ($e = $APPLICATION->GetException()) { $warningMessage .= $e->GetString(); } } } elseif (is_array($arResult["POST"]["USER_IDS"]) && in_array($user_id, $arResult["POST"]["USER_IDS"])) { $bInvited = true; // delete from uninvited users list $arKeysFound = array_keys($arResult["POST"]["USER_IDS"], $user_id); foreach ($arKeysFound as $key) {
public static function inviteGroupUsers($arFields) { global $USER; $groupID = $arFields['GROUP_ID']; $arUserID = $arFields['USER_ID']; $message = $arFields['MESSAGE']; if(intval($groupID) <= 0) throw new Exception('Wrong group ID'); if ( (is_array($arUserID) && count($arUserID) <= 0) || (!is_array($arUserID) && intval($arUserID) <= 0) ) throw new Exception('Wrong user IDs'); if (!is_array($arUserID)) $arUserID = array($arUserID); $arSuccessID = array(); $dbRes = CSocNetGroup::GetList(array(), array( "ID" => $groupID, "CHECK_PERMISSIONS" => $USER->GetID(), )); $arGroup = $dbRes->Fetch(); if(is_array($arGroup)) { foreach($arUserID as $user_id) { $isCurrentUserTmp = ($USER->GetID() == $user_id); $canInviteGroup = CSocNetUserPerms::CanPerformOperation($USER->GetID(), $user_id, "invitegroup", CSocNetUser::IsCurrentUserModuleAdmin(SITE_ID, false)); $user2groupRelation = CSocNetUserToGroup::GetUserRole($user_id, $arGroup["ID"]); if ( !$isCurrentUserTmp && $canInviteGroup && !$user2groupRelation && CSocNetUserToGroup::SendRequestToJoinGroup($USER->GetID(), $user_id, $arGroup["ID"], $message, true) ) $arSuccessID[] = $user_id; } } else throw new Exception('Socialnetwork group not found'); return $arSuccessID; }
if ($taskType == "user") { $arResult["Task"]["PROPERTY_TaskAssignedTo"] = $ownerId; } else { $arResult["Task"]["PROPERTY_TaskAssignedTo"] = $USER->GetID(); } } } if (strlen($arResult["FatalError"]) <= 0) { $arDocumentStates = CBPDocument::GetDocumentStates(array("intranet", "CIntranetTasksDocument", "x" . $iblockId), $arParams["TASK_ID"] > 0 ? array("intranet", "CIntranetTasksDocument", $arParams["TASK_ID"]) : null); $arCurrentUserGroups = array(); if ($taskType == "group") { $arCurrentUserGroups[] = SONET_ROLES_ALL; if ($GLOBALS["USER"]->IsAuthorized()) { $arCurrentUserGroups[] = SONET_ROLES_AUTHORIZED; } $r = CSocNetUserToGroup::GetUserRole($USER->GetID(), $ownerId); if (strlen($r) > 0) { $arCurrentUserGroups[] = $r; } } else { // $arCurrentUserGroups[] = SONET_RELATIONS_TYPE_ALL; // if (CSocNetUserRelations::IsFriends($USER->GetID(), $ownerId)) // $arCurrentUserGroups[] = SONET_RELATIONS_TYPE_FRIENDS; // elseif (CSocNetUserRelations::IsFriends2($USER->GetID(), $ownerId)) // $arCurrentUserGroups[] = SONET_RELATIONS_TYPE_FRIENDS2; } if ($arParams["TASK_ID"] > 0) { if ($USER->GetID() == $arResult["Task"]["CREATED_BY"]) { $arCurrentUserGroups[] = "author"; } if ($USER->GetID() == $arResult["Task"]["PROPERTY_TaskAssignedTo"]) {