- Модуль: catalog
- Путь к файлу: ~/bitrix/modules/catalog/lib/Access/Install/AccessInstaller.php
- Класс: BitrixCatalogAccessInstallAccessInstaller
- Вызов: AccessInstaller::fillGroupTaskPermissions
private function fillGroupTaskPermissions(array $catalogGroupTasks): void
{
$taskIds = array_column($catalogGroupTasks, 'TASK_ID');
$taskOperations = TaskOperationTable::getList([
'filter' => [
'TASK_ID' => $taskIds,
],
'select' => [
'TASK_ID',
'OPERATION_NAME' => 'OPERATION.NAME',
],
]);
$permissionMap = ActionDictionary::getActionPermissionMap();
$storeDocumentsInstallerMap = [
ActionDictionary::ACTION_STORE_DOCUMENT_VIEW => PermissionDictionary::CATALOG_STORE_DOCUMENT_VIEW,
ActionDictionary::ACTION_STORE_DOCUMENT_MODIFY => PermissionDictionary::CATALOG_STORE_DOCUMENT_MODIFY,
ActionDictionary::ACTION_STORE_DOCUMENT_CANCEL => PermissionDictionary::CATALOG_STORE_DOCUMENT_CANCEL,
ActionDictionary::ACTION_STORE_DOCUMENT_CONDUCT => PermissionDictionary::CATALOG_STORE_DOCUMENT_CONDUCT,
ActionDictionary::ACTION_STORE_DOCUMENT_DELETE => PermissionDictionary::CATALOG_STORE_DOCUMENT_DELETE,
ActionDictionary::ACTION_STORE_DOCUMENT_ALLOW_NEGATION_PRODUCT_QUANTITY => PermissionDictionary::CATALOG_STORE_DOCUMENT_ALLOW_NEGATION_PRODUCT_QUANTITY,
];
$permissionMap = array_merge($permissionMap, $storeDocumentsInstallerMap);
$taskPermissionMap = [];
while ($taskOperation = $taskOperations->fetch())
{
$taskId = $taskOperation['TASK_ID'];
$taskPermissionMap[$taskId] ??= [];
$newActions = ActionDictionary::getLegacyMap()[$taskOperation['OPERATION_NAME']] ?? [];
foreach ($newActions as $newAction)
{
$permission = $permissionMap[$newAction] ?? null;
if (!$permission)
{
continue;
}
if (in_array($permission, $storeDocumentsInstallerMap, true))
{
$documents = null;
if ($permission === PermissionDictionary::CATALOG_STORE_DOCUMENT_ALLOW_NEGATION_PRODUCT_QUANTITY)
{
$documents = [
StoreDocumentTable::TYPE_MOVING,
StoreDocumentTable::TYPE_DEDUCT,
StoreDocumentTable::TYPE_SALES_ORDERS,
];
}
$taskPermissionMap[$taskId] = array_merge(
$taskPermissionMap[$taskId],
PermissionDictionary::getStoreDocumentPermissionRules([$permission], $documents)
);
}
else
{
$taskPermissionMap[$taskId][] = $permission;
}
}
}
$groups = [];
foreach ($catalogGroupTasks as $groupTask)
{
$groups[$groupTask['GROUP_ID']] ??= [];
$groups[$groupTask['GROUP_ID']]['NAME'] = $groupTask['GROUP_NAME'];
$groups[$groupTask['GROUP_ID']]['PERMISSIONS'][] = $taskPermissionMap[$groupTask['TASK_ID']];
}
$crmAdminGroupIds = [];
$crmAdminGroups = GroupTable::getList([
'filter' => ['=STRING_ID' => ShopGroupAssistant::SHOP_ADMIN_USER_GROUP_CODE],
'select' => ['ID'],
]);
while ($crmAdminGroup = $crmAdminGroups->fetch())
{
$crmAdminGroupIds[] = (int)$crmAdminGroup['ID'];
}
foreach ($groups as $groupId => &$group)
{
$group['PERMISSIONS'] = array_unique(array_merge(...$group['PERMISSIONS']));
if (in_array($groupId, $crmAdminGroupIds, true))
{
$group['PERMISSIONS'][] = PermissionDictionary::CATALOG_SETTINGS_EDIT_RIGHTS;
}
}
$groupRoleMap = $this->fillGroupPermissions($groups);
$this->fillGroupUserRoleRelations($groupRoleMap);
}