- Модуль: tasks
- Путь к файлу: ~/bitrix/modules/tasks/lib/access/rule/tasksaverule.php
- Класс: BitrixTasksAccessRuleTaskSaveRule
- Вызов: TaskSaveRule::execute
public function execute(AccessibleItem $task = null, $params = null): bool
{
if (!$task)
{
$this->controller->addError(static::class, 'Incorrect task');
return false;
}
if (!$this->checkParams($params))
{
$this->controller->addError(static::class, 'Incorrect params');
return false;
}
$this->oldTask = $task;
$this->newTask = $params;
// the task should be in the group and tasks enabled on this group
if (
$this->newTask->getGroup()
&& !$this->newTask->getGroup()['TASKS_ENABLED']
)
{
$this->controller->addError(static::class, 'Tasks are disabled in group');
return false;
}
// user is admin
if ($this->user->isAdmin())
{
return true;
}
// user can update task
if (!$this->canUpdateTask())
{
$this->controller->addError(static::class, 'Access to create or update task denied');
return false;
}
// user can set group
if (
$this->newTask->getGroupId()
&& $this->newTask->getGroupId() !== $this->oldTask->getGroupId()
&& !$this->canSetGroup($this->user->getUserId(), $this->newTask->getGroupId())
)
{
$this->controller->addError(static::class, 'Access to set group denied');
return false;
}
// user can assign task to this man
if (!$this->canAssignTask($this->oldTask, RoleDictionary::ROLE_RESPONSIBLE, $this->newTask))
{
$this->controller->addError(static::class, 'Access to assign responsible denied');
return false;
}
// user can assign task to co-executors
if (!$this->canAssignTask($this->oldTask, RoleDictionary::ROLE_ACCOMPLICE, $this->newTask))
{
$this->controller->addError(static::class, 'Access to assign accomplice denied');
return false;
}
// user can assign task to auditors
if (!$this->canAssignAuditors())
{
return false;
}
// user can change director (if director has been changed)
if (
$this->changedDirector()
&& !in_array($this->user->getUserId(), $this->newTask->getMembers(RoleDictionary::ROLE_RESPONSIBLE))
&& !$this->controller->check(ActionDictionary::ACTION_TASK_CHANGE_DIRECTOR, $task, $params)
)
{
$this->controller->addError(static::class, 'Access to assign director denied');
return false;
}
return true;
}