• Модуль: crm
  • Путь к файлу: ~/bitrix/modules/crm/classes/general/crm_event.php
  • Класс: \CCrmEvent
  • Вызов: CCrmEvent::BuildPermSql
public function BuildPermSql($aliasPrefix = 'CE', $permType = 'READ')
{
	if (empty($arFilter['ENTITY_TYPE']))
	{
		$arEntity = array(
			CCrmOwnerType::LeadName,
			CCrmOwnerType::DealName,
			CCrmOwnerType::QuoteName,
			CCrmOwnerType::ContactName,
			CCrmOwnerType::CompanyName
		);
	}
	elseif(isset($arFilter['ENTITY_TYPE']) && is_array($arFilter['ENTITY_TYPE']))
	{
		$arEntity = $arFilter['ENTITY_TYPE'];
	}
	else
	{
		$arEntity = array($arFilter['ENTITY_TYPE']);
	}

	$entitiesSql = array();
	$permOptions = array('IDENTITY_COLUMN' => 'ENTITY_ID');
	foreach ($arEntity as $entityType)
	{
		if($entityType === CCrmOwnerType::LeadName)
		{
			$entitiesSql[CCrmOwnerType::LeadName] = CCrmLead::BuildPermSql('CER', $permType, $permOptions);
		}
		elseif($entityType === CCrmOwnerType::DealName)
		{
			$entitiesSql[CCrmOwnerType::DealName] = CCrmDeal::BuildPermSql('CER', $permType, $permOptions);
		}
		elseif($entityType === CCrmOwnerType::QuoteName)
		{
			$entitiesSql[CCrmOwnerType::QuoteName] = CCrmQuote::BuildPermSql('CER', $permType, $permOptions);
		}
		elseif($entityType === CCrmOwnerType::ContactName)
		{
			$entitiesSql[CCrmOwnerType::ContactName] = CCrmContact::BuildPermSql('CER', $permType, $permOptions);
		}
		elseif($entityType === CCrmOwnerType::CompanyName)
		{
			$entitiesSql[CCrmOwnerType::CompanyName] = CCrmCompany::BuildPermSql('CER', $permType, $permOptions);
		}
	}

	foreach($entitiesSql as $entityType => $entitySql)
	{
		if(!is_string($entitySql))
		{
			//If $entityPermSql is not string - acces denied. Clear permission SQL and related records will be ignored.
			unset($entitiesSql[$entityType]);
			continue;
		}

		if($entitySql !== '')
		{
			$entitiesSql[$entityType] = "(CER.ENTITY_TYPE = '{$entityType}' AND ({$entitySql}))";
		}
		else
		{
			// No permissions check - fetch all related records
			$entitiesSql[$entityType] = "(CER.ENTITY_TYPE = '$entityType')";
		}
	}

	//If $entitiesSql is empty - user does not have permissions at all.
	if(empty($entitiesSql))
	{
		return false;
	}

	return implode(' OR ', $entitiesSql);
}