...Человеческий поиск в разработке...
- Модуль: crm
- Путь к файлу: ~/bitrix/modules/crm/classes/general/crm_activity.php
- Класс: \CAllCrmActivity
- Вызов: CAllCrmActivity::BuildPermSql
static function BuildPermSql($aliasPrefix = 'A', $permType = 'READ', $arOptions = array()) { if(!(is_string($aliasPrefix) && $aliasPrefix !== '')) { $aliasPrefix = 'A'; } if(!is_array($arOptions)) { $arOptions = array(); } $userPermissions = isset($arOptions['PERMS']) ? $arOptions['PERMS'] : null; $userID = ($userPermissions !== null && is_object($userPermissions)) ? $userPermissions->GetUserID() : Container::getInstance()->getContext()->getUserId() ; if (CCrmPerms::IsAdmin($userID)) { return ''; } if(!CCrmPerms::IsAccessEnabled($userPermissions)) { // User does not have permissions at all. return false; } $entitiesSql = array(); $permOptions = array_merge(array('IDENTITY_COLUMN' => 'OWNER_ID'), $arOptions); unset($permOptions['RAW_QUERY']); //Ignore RESTRICT_BY_IDS. We can not apply filter by activity ID for Lead, Deal, Contact or Company unset($permOptions['RESTRICT_BY_IDS']); $entitiesSql[(string)CCrmOwnerType::Lead] = CCrmLead::BuildPermSql($aliasPrefix, $permType, $permOptions); $entitiesSql[(string)CCrmOwnerType::Deal] = CCrmDeal::BuildPermSql($aliasPrefix, $permType, $permOptions); $entitiesSql[(string)CCrmOwnerType::Contact] = CCrmContact::BuildPermSql($aliasPrefix, $permType, $permOptions); $entitiesSql[(string)CCrmOwnerType::Company] = CCrmCompany::BuildPermSql($aliasPrefix, $permType, $permOptions); $entitiesSql[(string)CCrmOwnerType::Order] = CCrmPerms::BuildSql(CCrmOwnerType::OrderName, $aliasPrefix, $permType, $permOptions); $entitiesSql[(string)CCrmOwnerType::Quote] = CCrmPerms::BuildSql(CCrmOwnerType::QuoteName, $aliasPrefix, $permType, $permOptions); $userPermissions = Container::getInstance()->getUserPermissions($userID); $typesMap = Container::getInstance()->getTypesMap(); foreach ($typesMap->getFactories() as $factory) { if (array_key_exists((string)$factory->getEntityTypeId(), $entitiesSql)) { continue; } if (!$userPermissions->canReadType($factory->getEntityTypeId())) { continue; } $entityTypesHelper = new Crm\Category\PermissionEntityTypeHelper($factory->getEntityTypeId()); $entitiesSql[(string)$factory->getEntityTypeId()] = CCrmPerms::BuildSqlForEntitySet( $entityTypesHelper->getAllPermissionEntityTypesForEntity(), $aliasPrefix, $permType, $permOptions ); } //Invoice does not have activities //$entitiesSql[strval(CCrmOwnerType::Invoice)] = CCrmInvoice::BuildPermSql($aliasPrefix, $permType, $permOptions); foreach($entitiesSql as $entityTypeID => $entitySql) { if(!is_string($entitySql)) { //If $entityPermSql is not string - access denied. Clear permission SQL and related records will be ignored. unset($entitiesSql[$entityTypeID]); continue; } if($entitySql !== '') { $entitiesSql[$entityTypeID] = '('.$aliasPrefix.'.OWNER_TYPE_ID = '.$entityTypeID.' AND ('.$entitySql.') )'; } else { // No permissions check - fetch all related records $entitiesSql[$entityTypeID] = '('.$aliasPrefix.'.OWNER_TYPE_ID = '.$entityTypeID.')'; } } //If $entitiesSql is empty - user does not have permissions at all. if(empty($entitiesSql)) { return false; } $userID = CCrmSecurityHelper::GetCurrentUserID(); if($userID > 0) { //Allow responsible user to view activity without permissions check. $sql = $aliasPrefix.'.RESPONSIBLE_ID = '.$userID.' OR '.implode(' OR ', $entitiesSql); } else { $sql = implode(' OR ', $entitiesSql); } if(isset($arOptions['RAW_QUERY']) && $arOptions['RAW_QUERY'] === true) { $tableName = \CCrmActivity::TABLE_NAME; $sql = "SELECT {$aliasPrefix}.ID FROM {$tableName} {$aliasPrefix} WHERE {$sql}"; } return $sql; }