public static function GetAccess()
{
global $USER;
// simplest caching. is it enough? maybe...
static $access = null;
if (!is_array($access)) {
$access = array('READ' => array(), 'WRITE' => array());
$arAccessSettings = null;
if ($USER->CanDoOperation('tm_read')) {
$access['READ'][] = '*';
} elseif ($USER->CanDoOperation('tm_read_subordinate')) {
$arAccessSettings = self::GetAccessSettings();
if ($arAccessSettings['READ']['EMPLOYEE'] >= 2) {
$access['READ'][] = '*';
} else {
// everybody can read his own entries
$access['READ'][] = $USER->GetID();
if ($arAccessSettings['READ']['EMPLOYEE'] >= 1) {
$dbUsers = CIntranetUtils::GetDepartmentColleagues();
while ($arRes = $dbUsers->Fetch()) {
$access['READ'][] = $arRes['ID'];
}
}
$dbUsers = CIntranetUtils::GetSubordinateEmployees($USER->GetID(), $arAccessSettings['READ']['HEAD'] == 1);
while ($arRes = $dbUsers->Fetch()) {
if ($arAccessSettings['READ']['HEAD'] == 2) {
$access['READ'] = array('*');
break;
}
$access['READ'][] = $arRes['ID'];
}
$access['READ'] = array_values(array_unique($access['READ']));
}
}
if ($USER->CanDoOperation('tm_write')) {
$access['WRITE'][] = '*';
} elseif ($USER->CanDoOperation('tm_write_subordinate')) {
if ($arAccessSettings['WRITE']['EMPLOYEE'] >= 2) {
$access['WRITE'][] = '*';
} else {
// check if current user is The Boss.
$arManagers = self::GetUserManagers($USER->GetID());
if (count($arManagers) == 1 && $arManagers[0] == $USER->GetID()) {
$access['WRITE'][] = $USER->GetID();
}
if (!is_array($arAccessSettings)) {
$arAccessSettings = self::GetAccessSettings();
}
$dbUsers = CIntranetUtils::GetSubordinateEmployees($USER->GetID(), $arAccessSettings['WRITE']['HEAD'] == 1);
while ($arRes = $dbUsers->Fetch()) {
$access['WRITE'][] = $arRes['ID'];
}
$access['WRITE'] = array_values(array_unique($access['WRITE']));
}
}
}
return $access;
}