• Модуль: crm
  • Путь к файлу: ~/bitrix/modules/crm/lib/security/entityauthorization.php
  • Класс: Bitrix\Crm\Security\EntityAuthorization
  • Вызов: EntityAuthorization::checkReadPermission
static function checkReadPermission($entityTypeID, $entityID, $userPermissions = null, array $params = null)
{
	if(!is_int($entityTypeID))
	{
		$entityTypeID = (int)$entityTypeID;
	}

	if(!is_int($entityID))
	{
		$entityID = (int)$entityID;
	}

	if($entityTypeID === \CCrmOwnerType::Lead)
	{
		return \CCrmLead::CheckReadPermission($entityID, $userPermissions);
	}
	elseif($entityTypeID === \CCrmOwnerType::Deal || $entityTypeID === \CCrmOwnerType::DealRecurring)
	{
		return \CCrmDeal::CheckReadPermission(
			$entityID,
			$userPermissions,
			isset($params['DEAL_CATEGORY_ID']) ? (int)$params['DEAL_CATEGORY_ID'] : -1
		);
	}
	elseif($entityTypeID === \CCrmOwnerType::Quote)
	{
		return \CCrmQuote::CheckReadPermission($entityID, $userPermissions);
	}
	elseif($entityTypeID === \CCrmOwnerType::Invoice)
	{
		return \CCrmInvoice::CheckReadPermission($entityID, $userPermissions);
	}
	elseif($entityTypeID === \CCrmOwnerType::Contact)
	{
		return \CCrmContact::CheckReadPermission(
			$entityID,
			$userPermissions,
			$params['CATEGORY_ID'] ?? null
		);
	}
	elseif($entityTypeID === \CCrmOwnerType::Company)
	{
		return \CCrmCompany::CheckReadPermission(
			$entityID,
			$userPermissions,
			$params['CATEGORY_ID'] ?? null
		);
	}
	elseif($entityTypeID === \CCrmOwnerType::Order)
	{
		return Order\Permissions\Order::checkReadPermission($entityID, $userPermissions);
	}
	elseif($entityTypeID === \CCrmOwnerType::OrderPayment)
	{
		return Order\Permissions\Payment::checkReadPermission($entityID, $userPermissions);
	}
	elseif($entityTypeID === \CCrmOwnerType::OrderShipment)
	{
		return Order\Permissions\Shipment::checkReadPermission($entityID, $userPermissions);
	}
	elseif($entityTypeID === \CCrmOwnerType::ShipmentDocument)
	{
		if (Main\Loader::includeModule('catalog'))
		{
			return
				AccessController::getCurrent()->check(ActionDictionary::ACTION_CATALOG_READ)
				&& AccessController::getCurrent()->check(ActionDictionary::ACTION_INVENTORY_MANAGEMENT_ACCESS)
				&& AccessController::getCurrent()->checkByValue(
					ActionDictionary::ACTION_STORE_DOCUMENT_VIEW,
					\Bitrix\Catalog\StoreDocumentTable::TYPE_SALES_ORDERS
				)
			;
		}

		return Order\Permissions\Shipment::checkReadPermission($entityID, $userPermissions);
	}
	elseif($entityTypeID === \CCrmOwnerType::StoreDocument)
	{
		return Main\Loader::includeModule('catalog') && AccessController::getCurrent()->check(ActionDictionary::ACTION_CATALOG_READ);
	}
	elseif(\CCrmOwnerType::isUseFactoryBasedApproach($entityTypeID))
	{
		$factory = Container::getInstance()->getFactory($entityTypeID);
		if ($factory)
		{
			$categoryId = $params['CATEGORY_ID'] ?? $factory->getItemCategoryId($entityID) ?? null;
			return static::getPermissionsService($userPermissions)->checkReadPermissions(
				$entityTypeID,
				$entityID,
				$categoryId
			);
		}

		return false;
	}

	$entityTypeName = \CCrmOwnerType::ResolveName($entityTypeID);
	$permissionEntityType = \CCrmPerms::ResolvePermissionEntityType($entityTypeName, $entityID);

	return \CCrmAuthorizationHelper::CheckReadPermission(
		$permissionEntityType,
		$entityID,
		$userPermissions
	);
}