403WebShell

403Webshell

Server IP : 80.87.202.40 / Your IP : 216.73.216.169
Web Server : Apache
System : Linux rospirotorg.ru 5.14.0-539.el9.x86_64 #1 SMP PREEMPT_DYNAMIC Thu Dec 5 22:26:13 UTC 2024 x86_64
User : bitrix ( 600)
PHP Version : 8.2.27
Disable Function : NONE
MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : OFF | Sudo : ON | Pkexec : ON
Directory : /home/bitrix/ext_www/rospirotorg.ru/bitrix/modules/main/lib/userfield/

Upload File :

[ Back ]

Current File : /home/bitrix/ext_www/rospirotorg.ru/bitrix/modules/main/lib/userfield/userfieldaccess.php

<?php

namespace Bitrix\Main\UserField;

use Bitrix\Main\Config\Configuration;
use Bitrix\Main\Engine\CurrentUser;
use Bitrix\Main\Loader;
use Bitrix\Main\ObjectNotFoundException;
use Bitrix\Main\UserFieldTable;

abstract class UserFieldAccess
{
	public const SETTINGS_USER_FIELD_KEY = 'userField';
	public const SETTINGS_ACCESS_CLASS_KEY = 'access';

	protected $userId;

	public function __construct(int $userId = null)
	{
		if($userId === null)
		{
			$userId = $this->getDefaultUserId();
		}

		$this->userId = $userId;
	}

	public static function getInstance(string $moduleId, int $userId = null): UserFieldAccess
	{
		$configuration = Configuration::getInstance($moduleId);

		$value = $configuration->get(static::SETTINGS_USER_FIELD_KEY);
		if(
			is_array($value)
			&& isset($value[static::SETTINGS_ACCESS_CLASS_KEY])
			&& Loader::includeModule($moduleId)
			&& is_a($value[static::SETTINGS_ACCESS_CLASS_KEY], self::class, true))
		{
			return new $value[static::SETTINGS_ACCESS_CLASS_KEY]($userId);
		}

		throw new ObjectNotFoundException('No settings for UserFieldAccess');
	}

	protected function getDefaultUserId(): int
	{
		global $USER;
		if($USER instanceof \CUser)
		{
			return (int) CurrentUser::get()->getId();
		}

		return 0;
	}

	public function setUserId(int $userId): UserFieldAccess
	{
		$this->userId = $userId;

		return $this;
	}

	public function getUserId(): int
	{
		return $this->userId;
	}

	abstract protected function getAvailableEntityIds(): array;

	public function getRestrictedTypes(): array
	{
		return [
			'resourcebooking', // available in crm only
			'mail_message', // no way to edit
			'hlblock', // the field is not implemented yet
		];
	}

	public function canReadWithFilter(array $filter): bool
	{
		return is_array($this->prepareFilter($filter));
	}

	public function prepareFilter(array $filter = []): ?array
	{
		$filterEntityIds = [];
		foreach($filter as $name => $value)
		{
			if(str_contains($name, 'ENTITY_ID'))
			{
				if($name === 'ENTITY_ID')
				{
					if(is_array($value))
					{
						$filterEntityIds = $value;
					}
					else
					{
						$filterEntityIds = [$value];
					}
				}

				unset($filter[$name]);
			}
		}
		$availableEntityIds = $this->getAvailableEntityIds();
		if(empty($filterEntityIds))
		{
			$filterEntityIds = $availableEntityIds;
		}
		else
		{
			foreach($filterEntityIds as $key => $entityId)
			{
				if(!in_array($entityId, $availableEntityIds, true))
				{
					unset($filterEntityIds[$key]);
				}
			}
		}

		if(empty($filterEntityIds))
		{
			return null;
		}

		$filter['=ENTITY_ID'] = $filterEntityIds;

		return $filter;
	}

	public function canRead(int $id): bool
	{
		$filter = $this->prepareFilter([
			'=ID' => $id,
		]);

		if(empty($filter))
		{
			return false;
		}

		return (UserFieldTable::getCount($filter) > 0);
	}

	public function canAdd(array $field): bool
	{
		$availableEntityIds = $this->getAvailableEntityIds();

		return (isset($field['ENTITY_ID']) && in_array($field['ENTITY_ID'], $availableEntityIds, true));
	}

	public function canUpdate(int $id): bool
	{
		return $this->canRead($id);
	}

	public function canDelete(int $id): bool
	{
		return $this->canUpdate($id);
	}
}

Youez - 2016 - github.com/yon3zu
LinuXploit