• Модуль: rpa
  • Путь к файлу: ~/bitrix/modules/rpa/lib/engine/checkpermissions.php
  • Класс: BitrixRpaEngineCheckPermissions
  • Вызов: CheckPermissions::onBeforeAction
public function onBeforeAction(Event $event)
{
	if($this->entity === UserPermissions::ENTITY_TYPE)
	{
		if($this->actionType === UserPermissions::ACTION_CREATE)
		{
			if(!$this->userPermissions->canCreateType())
			{
				$this->addError(new Error(Loc::getMessage('RPA_PERMISSION_TYPE_CREATE_DENIED')));
			}
		}
		else
		{
			/** @var Type $type */
			$type = $this->getObjectFromArguments(Type::class);
			if(!$type)
			{
				$this->addError(new Error(Loc::getMessage('RPA_NOT_FOUND_ERROR')));
			}
			else
			{
				if($this->actionType === UserPermissions::ACTION_VIEW && !$this->userPermissions->canViewType($type->getId()))
				{
					$this->addError(new Error(Loc::getMessage('RPA_PERMISSION_TYPE_VIEW_DENIED')));
				}
				if($this->actionType === UserPermissions::ACTION_MODIFY && !$this->userPermissions->canModifyType($type->getId()))
				{
					$this->addError(new Error(Loc::getMessage('RPA_PERMISSION_TYPE_MODIFY_DENIED')));
				}
				if($this->actionType === UserPermissions::ACTION_DELETE && !$this->userPermissions->canDeleteType($type->getId()))
				{
					$this->addError(new Error(Loc::getMessage('RPA_PERMISSION_TYPE_MODIFY_DENIED')));
				}
			}
		}
	}
	elseif($this->entity === UserPermissions::ENTITY_STAGE)
	{
		$typeId = null;
		if($this->actionType === UserPermissions::ACTION_CREATE)
		{
			$fields = $this->getFieldsFromArguments();
			if($fields)
			{
				$typeId = $fields['typeId'];
			}
		}
		else
		{
			/** @var Stage $stage */
			$stage = $this->getObjectFromArguments(Stage::class);
			if($stage)
			{
				$typeId = $stage->getTypeId();
			}
			else
			{
				$this->addError(new Error(Loc::getMessage('RPA_STAGE_NOT_FOUND_ERROR')));
			}
		}

		if ($this->errorCollection->isEmpty())
		{
			if(!$typeId)
			{
				$this->addError(new Error(Loc::getMessage('RPA_PERMISSION_TYPE_NOT_FOUND')));
			}
			elseif($this->actionType === UserPermissions::ACTION_VIEW && !$this->userPermissions->canViewType($typeId))
			{
				$this->addError(new Error(Loc::getMessage('RPA_PERMISSION_STAGE_VIEW_DENIED')));
			}
			elseif(
				(
					$this->actionType === UserPermissions::ACTION_MODIFY
					|| $this->actionType === UserPermissions::ACTION_CREATE
				)
				&& !$this->userPermissions->canModifyType($typeId)
			)
			{
				$this->addError(new Error(Loc::getMessage('RPA_PERMISSION_STAGE_MODIFY_DENIED')));
			}
		}
	}

	if(!$this->errorCollection->isEmpty())
	{
		return new EventResult(EventResult::ERROR, null, null, $this);
	}

	return null;
}