• Модуль: catalog
  • Путь к файлу: ~/bitrix/modules/catalog/lib/Access/Service/RolePermissionService.php
  • Класс: BitrixCatalogAccessServiceRolePermissionService
  • Вызов: RolePermissionService::saveRolePermissions
public function saveRolePermissions(array $permissionSettings): array
{
	$event = new Event(
		'catalog',
		self::EVENT_ON_BEFORE_SAVE,
		$permissionSettings
	);
	$event->send();

	$query = [];
	$roles = [];

	$catalogStoreDocumentPermissions = PermissionDictionary::getStoreDocumentPermissionRules(
		[
			PermissionDictionary::CATALOG_STORE_DOCUMENT_VIEW,
			PermissionDictionary::CATALOG_STORE_DOCUMENT_MODIFY,
			PermissionDictionary::CATALOG_STORE_DOCUMENT_CANCEL,
			PermissionDictionary::CATALOG_STORE_DOCUMENT_CONDUCT,
			PermissionDictionary::CATALOG_STORE_DOCUMENT_DELETE,
			PermissionDictionary::CATALOG_STORE_DOCUMENT_ALLOW_NEGATION_PRODUCT_QUANTITY,
		]
	);

	foreach ($permissionSettings as &$setting)
	{
		$roleId = (int)$setting['id'];
		$roleTitle = (string)$setting['title'];

		$roleId = $this->saveRole($roleTitle, $roleId);
		$setting['id'] = $roleId;
		$roles[] = $roleId;

		if(!isset($setting['accessRights']))
		{
			continue;
		}

		foreach ($setting['accessRights'] as $permission)
		{
			$permissionId =
				in_array($permission['id'], $catalogStoreDocumentPermissions, true)
					? $permission['id']
					: (int)$permission['id']
			;

			if ($permissionId < 1)
			{
				continue;
			}

			$query[] = new SqlExpression(
				'(?i, ?, ?i)',
				$roleId,
				$permissionId,
				$permission['value']
			);
		}
	}

	if ($query)
	{
		$db = Application::getConnection();

		try
		{
			$db->startTransaction();

			if (!PermissionTable::deleteList(["=ROLE_ID" => $roles]))
			{
				throw new SqlQueryException(self::DB_ERROR_KEY);
			}

			RoleUtil::insertPermissions($query);
			if (BitrixMainLoader::includeModule("intranet"))
			{
				CIntranetUtils::clearMenuCache();
			}

			$this->roleRelationService->saveRoleRelation($permissionSettings);

			$db->commitTransaction();

			IblockCatalogPermissionStepper::bind(1);
		}
		catch (Exception $e)
		{
			$db->rollbackTransaction();

			throw new SqlQueryException(self::DB_ERROR_KEY);
		}
	}

	$event = new Event(
		'catalog',
		self::EVENT_ON_AFTER_SAVE,
		$permissionSettings
	);
	$event->send();

	return $permissionSettings;
}