CCrmDocument::CanUserOperateDocumentType

static function CanUserOperateDocumentType($operation, $userId, $documentType, $arParameters = array())
{
	$arDocumentID = static::GetDocumentInfo($documentType . '_0');
	if (empty($arDocumentID))
	{
		throw new CBPArgumentNullException('documentId');
	}

	$userId = intval($userId);
	if (!array_key_exists('AllUserGroups', $arParameters))
	{
		if (!array_key_exists('UserGroups', $arParameters))
		{
			$arParameters['UserGroups'] = static::PrepareUserGroups($userId);
		}

		$arParameters['AllUserGroups'] = $arParameters['UserGroups'];
		$arParameters['AllUserGroups'][] = 'Author';
	}

	if (array_key_exists('UserIsAdmin', $arParameters) && $arParameters['UserIsAdmin'] === true)
	{
		return true;
	}
	elseif (in_array(1, $arParameters['AllUserGroups']))
	{
		return true;
	}

	$permissionEntity = static::ResolvePermissionEntity($arDocumentID, $arParameters);
	$userPermissions = CCrmPerms::GetUserPermissions($userId);

	if (
		$operation == \CBPCanUserOperateOperation::CreateWorkflow
		|| $operation === CBPCanUserOperateOperation::DebugAutomation
	)
	{
		return \CCrmAuthorizationHelper::CheckConfigurationUpdatePermission($userPermissions);
	}

	if ($operation == \CBPCanUserOperateOperation::CreateAutomation)
	{
		if (isset($arParameters['DocumentCategoryId']) && $arParameters['DocumentCategoryId'] > 0)
		{
			$documentType .= '_C' . $arParameters['DocumentCategoryId'];
		}

		return \CCrmAuthorizationHelper::CheckAutomationCreatePermission($documentType, $userPermissions);
	}

	if( $operation === CBPCanUserOperateOperation::ViewWorkflow
		|| $operation === CBPCanUserOperateOperation::ReadDocument
	)
	{
		return CCrmAuthorizationHelper::CheckReadPermission($permissionEntity, 0, $userPermissions);
	}

	return CCrmAuthorizationHelper::CheckCreatePermission($permissionEntity, $userPermissions);
}