Task::doUpdate

static function doUpdate($userId, $taskId, array $data, array $parameters)
{
	$errors = static::ensureHaveErrorCollection($parameters);
	$task = static::getTask($userId, $taskId);

	$data = static::normalizeData($data);

	static::inviteMembers($data, $errors);
	static::adaptSet($data);

	if (!is_array($parameters[ 'TASK_ACTION_UPDATE_PARAMETERS' ]))
	{
		$parameters[ 'TASK_ACTION_UPDATE_PARAMETERS' ] = array();
	}

	static::ensureDatePlanChangeAllowed($userId, $data);
	$cleanData = static::stripSubEntityData($data);

	$commentPoster = CommentsTaskCommentPoster::getInstance($taskId, $userId);
	$commentPoster->clearComments();

	$action = ActionDictionary::ACTION_TASK_EDIT;

	// under some conditions we may loose rights (for edit or read, or both) during update, so a little trick is needed
	$canEditBefore = $task->checkAccess($action); // get our rights before doing anything
	if (!empty($cleanData))
	{
		$commentPoster->enableDeferredPostMode();
		$task->update($cleanData, $parameters['TASK_ACTION_UPDATE_PARAMETERS']); // do not check return result, because method will throw an exception on error
	}

	$canReadAfter = $task->checkCanRead();
	$canEditAfter = $canReadAfter && $task->checkAccess($action);
	$rightsLost = $canEditBefore && !$canEditAfter;
	$adminUserId = BitrixTasksUtilUser::getAdminId();

	// if we have had rights before, but have lost them now, do the rest of update under superuser`s rights, or else continue normally
	// todo: instead of replacing userId make option "skipRights under current user"
	$continueAs = $rightsLost ? $adminUserId : $userId;

	if (!$canReadAfter) // at least become an auditor for that task
	{
		$sameTask = CTaskItem::getInstance($taskId, $adminUserId);
		$sameTask->startWatch($userId);
	}

	// update sub-entities (SE_*)
	$subEntityParams = array_merge(
		$parameters, array('MODE' => static::MODE_UPDATE, 'ERROR' => $errors)
	);

	if (array_key_exists(Reminder::getCode(true), $data))
	{
		Reminder::manageSet($userId, $taskId, $data[ Reminder::getCode(true) ], $subEntityParams);
	}

	if (array_key_exists(ProjectDependence::getCode(true), $data))
	{
		ProjectDependence::manageSet($continueAs, $taskId, $data[ ProjectDependence::getCode(true) ], $subEntityParams);
	}

	if (array_key_exists(Checklist::getCode(true), $data))
	{
		TaskCheckListFacade::merge(
			$taskId,
			$continueAs,
			$data[Checklist::getCode(true)],
			['analyticsData' => $parameters['ANALYTICS_DATA']]
		);
	}

	Template::manageTaskReplication($userId, $taskId, $data, $subEntityParams);

	$commentPoster->postComments();
	$commentPoster->clearComments();

	return $task;
}