1C-Bitrix 25.700.0
Загрузка...
Поиск...
Не найдено
roleutil.php
См. документацию.
1<?php
8
9namespace Bitrix\Main\Access\Role;
10
11use Bitrix\Main\Access\AccessCode;
12use Bitrix\Main\Access\Exception\PermissionSaveException;
13use Bitrix\Main\Access\Exception\RoleNotFoundException;
14use Bitrix\Main\Access\Exception\RoleRelationSaveException;
15use Bitrix\Main\Access\Exception\RoleSaveException;
16use Bitrix\Main\Access\Permission\PermissionDictionary;
17use Bitrix\Main\Application;
18use Bitrix\Main\DB\SqlExpression;
19
20abstract class RoleUtil
21{
22 protected $roleId;
23 protected $role;
24
25 abstract protected static function getRoleTableClass(): string;
26
27 abstract protected static function getRoleRelationTableClass(): string;
28
29 abstract protected static function getPermissionTableClass(): string;
30
31 abstract protected static function getRoleDictionaryClass(): ?string;
32
33 public static function getRoles()
34 {
35 $class = static::getRoleTableClass();
36 return $class::getList()->fetchAll();
37 }
38
39 public static function createRole(string $title): int
40 {
41 $class = static::getRoleTableClass();
42 $res = $class::add([
43 'NAME' => $title
44 ]);
45
46 if (!$res->isSuccess())
47 {
48 throw new RoleSaveException();
49 }
50
51 return (int) $res->getId();
52 }
53
54 public function __construct(int $roleId)
55 {
56 $this->roleId = $roleId;
57 }
58
59 public function getMembers(int $limit = 0)
60 {
61 $filter = [
62 'filter' => [
63 'ROLE_ID' => $this->roleId
64 ],
65 'order' => ['ID' => 'DESC']
66 ];
67 if ($limit)
68 {
69 $filter['limit'] = $limit;
70 }
71
72 $class = static::getRoleRelationTableClass();
73 return $class::getList($filter);
74 }
75
76 public function deleteRole()
77 {
78 if (!$this->roleId)
79 {
80 return;
81 }
82
83 // remove role
84 $roleClass = static::getRoleTableClass();
85 $roleClass::delete($this->roleId);
86
87 // remove role relations
88 $relationClass = static::getRoleRelationTableClass();
89 $relationClass::deleteList([
90 '=ROLE_ID' => $this->roleId
91 ]);
92
93 // remove permissions
94 $permissionClass = static::getPermissionTableClass();
95 $permissionClass::deleteList([
96 '=ROLE_ID' => $this->roleId
97 ]);
98 }
99
100 public function updateTitle(string $title)
101 {
102 $this->loadRole();
103
104 if ($this->role->getName() === $title)
105 {
106 return;
107 }
108
109 $dictionaryClass = static::getRoleDictionaryClass();
110 if (
111 $dictionaryClass
112 && $dictionaryClass::getRoleName($this->role->getName()) === $title
113 )
114 {
115 return;
116 }
117
118 $this->role->setName($title);
119 $result = $this->role->save();
120
121 if (!$result->isSuccess())
122 {
123 throw new RoleNotFoundException();
124 }
125 }
126
127 public function getPermissions(): array
128 {
129 $class = static::getPermissionTableClass();
130 $res = $class::getList([
131 'filter' => [
132 '=ROLE_ID' => $this->roleId
133 ]
134 ])
135 ->fetchAll();
136
137 $permissions = [];
138 foreach ($res as $row)
139 {
140 $permissions[$row['PERMISSION_ID']] = $row['VALUE'];
141 }
142
143 return $permissions;
144 }
145
155 public function updatePermissions(array $permissions)
156 {
157 $this->loadRole();
158
159 if (!$this->validatePermissions($permissions))
160 {
161 throw new RoleNotFoundException();
162 }
163
164 $permissionClass = static::getPermissionTableClass();
165 $permissionClass::deleteList([
166 '=ROLE_ID' => $this->roleId
167 ]);
168
170
171 $query = [];
172 foreach ($permissions as $id => $value)
173 {
174 $expression = new SqlExpression(
175 '(?i, ?s, ?i)',
176 $this->roleId,
177 trim($id),
178 $value,
179 );
180 $expression->setConnection($connection);
181
182 $query[] = $expression->compile();
183 }
184
185 if (empty($query))
186 {
187 return;
188 }
189
190 $expression = new SqlExpression(
191 'INSERT INTO ?# (ROLE_ID, PERMISSION_ID, VALUE) VALUES ' . implode(',', $query),
192 $permissionClass::getTableName(),
193 );
194 $expression->setConnection($connection);
195
196 $query = $expression->compile();
197
198 try
199 {
200 $connection->query($query);
201 }
202 catch (\Exception $e)
203 {
204 throw new PermissionSaveException();
205 }
206 }
207
213 public function updateRoleRelations(array $roleRelations)
214 {
216
217 $roleRelationsClass = static::getRoleRelationTableClass();
218 $roleRelationsClass::deleteList([
219 '=ROLE_ID' => $this->roleId
220 ]);
221
222 $query = [];
223 foreach ($roleRelations as $code => $type)
224 {
226 {
227 throw new RoleRelationSaveException();
228 }
229
230 $expression = new SqlExpression(
231 '(?i, ?s)',
232 $this->roleId,
233 trim($code),
234 );
235 $expression->setConnection($connection);
236
237 $query[] = $expression->compile();
238 }
239
240 if (empty($query))
241 {
242 return;
243 }
244
245 $expression = new SqlExpression(
246 'INSERT INTO ?# (ROLE_ID, RELATION) VALUES ' . implode(',', $query),
247 $roleRelationsClass::getTableName(),
248 );
249 $expression->setConnection($connection);
250
251 $query = $expression->compile();
252
253 try
254 {
255 $connection->query($query);
256 }
257 catch (\Exception $e)
258 {
259 throw new RoleRelationSaveException();
260 }
261 }
262
263 protected function loadRole()
264 {
265 if (!$this->role)
266 {
267 $class = static::getRoleTableClass();
268 $this->role = $class::getById($this->roleId)->fetchObject();
269 }
270 if (!$this->role)
271 {
272 throw new RoleNotFoundException();
273 }
274 return $this->role;
275 }
276
277 protected function validatePermissions(array $permissions): bool
278 {
279 foreach ($permissions as $id => $value)
280 {
282 }
283
284 return true;
285 }
286}
$connection
Определения actionsdefinitions.php:38
$type
Определения options.php:106
static isValid($code)
Определения accesscode.php:91
static recursiveValidatePermission(array $permissions, $id)
Определения permissiondictionary.php:128
static getRoles()
Определения roleutil.php:33
updatePermissions(array $permissions)
Определения roleutil.php:155
validatePermissions(array $permissions)
Определения roleutil.php:277
static createRole(string $title)
Определения roleutil.php:39
updateTitle(string $title)
Определения roleutil.php:100
updateRoleRelations(array $roleRelations)
Определения roleutil.php:213
__construct(int $roleId)
Определения roleutil.php:54
getMembers(int $limit=0)
Определения roleutil.php:59
static getConnection($name="")
Определения application.php:638
</td ></tr ></table ></td ></tr >< tr >< td class="bx-popup-label bx-width30"><?=GetMessage("PAGE_NEW_TAGS")?> array( $site)
Определения file_new.php:804
$res
Определения filter_act.php:7
$result
Определения get_property_values.php:14
$query
Определения get_search.php:11
$filter
Определения iblock_catalog_list.php:54
if(!is_null($config))($config as $configItem)(! $configItem->isVisible()) $code
Определения options.php:195
$title
Определения pdf.php:123