示例#1
0
 public static function GetAccess()
 {
     global $USER;
     // simplest caching. is it enough? maybe...
     static $access = null;
     if (!is_array($access)) {
         $access = array('READ' => array(), 'WRITE' => array());
         $arAccessSettings = null;
         if ($USER->CanDoOperation('tm_read')) {
             $access['READ'][] = '*';
         } elseif ($USER->CanDoOperation('tm_read_subordinate')) {
             $arAccessSettings = self::GetAccessSettings();
             if ($arAccessSettings['READ']['EMPLOYEE'] >= 2) {
                 $access['READ'][] = '*';
             } else {
                 // everybody can read his own entries
                 $access['READ'][] = $USER->GetID();
                 if ($arAccessSettings['READ']['EMPLOYEE'] >= 1) {
                     $dbUsers = CIntranetUtils::GetDepartmentColleagues();
                     while ($arRes = $dbUsers->Fetch()) {
                         $access['READ'][] = $arRes['ID'];
                     }
                 }
                 $dbUsers = CIntranetUtils::GetSubordinateEmployees($USER->GetID(), $arAccessSettings['READ']['HEAD'] == 1);
                 while ($arRes = $dbUsers->Fetch()) {
                     if ($arAccessSettings['READ']['HEAD'] == 2) {
                         $access['READ'] = array('*');
                         break;
                     }
                     $access['READ'][] = $arRes['ID'];
                 }
                 $access['READ'] = array_values(array_unique($access['READ']));
             }
         }
         if ($USER->CanDoOperation('tm_write')) {
             $access['WRITE'][] = '*';
         } elseif ($USER->CanDoOperation('tm_write_subordinate')) {
             if ($arAccessSettings['WRITE']['EMPLOYEE'] >= 2) {
                 $access['WRITE'][] = '*';
             } else {
                 // check if current user is The Boss.
                 $arManagers = self::GetUserManagers($USER->GetID());
                 if (count($arManagers) == 1 && $arManagers[0] == $USER->GetID()) {
                     $access['WRITE'][] = $USER->GetID();
                 }
                 if (!is_array($arAccessSettings)) {
                     $arAccessSettings = self::GetAccessSettings();
                 }
                 $dbUsers = CIntranetUtils::GetSubordinateEmployees($USER->GetID(), $arAccessSettings['WRITE']['HEAD'] == 1);
                 while ($arRes = $dbUsers->Fetch()) {
                     $access['WRITE'][] = $arRes['ID'];
                 }
                 $access['WRITE'] = array_values(array_unique($access['WRITE']));
             }
         }
     }
     return $access;
 }