getRequest(); $auth = $req->getHeader('Authorization'); $token = (preg_match('/Bearer\s+(.*)$/i', $auth, $m)) ? trim($m[1]) : $req->get("access_token"); $uid = self::getUidByToken($token); if($uid) { $u = \CUser::GetByID($uid)->Fetch(); // --- ИСПРАВЛЕННАЯ ЛОГИКА ГРУПП --- $specNames = []; // Названия (только 555) $specCodes = []; // Коды (только 555) - для чекбоксов $allCodes = []; // Все коды вообще - для прав доступа $rs = \Bitrix\Main\GroupTable::getList([ 'filter' => ['ID' => \CUser::GetUserGroup($u['ID']), '=ACTIVE' => 'Y'], 'select' => ['NAME', 'STRING_ID', 'C_SORT'] ]); while($g = $rs->fetch()) { // 1. В общий список прав добавляем все, у чего есть код if($g['STRING_ID']) { $allCodes[] = $g['STRING_ID']; } // 2. В списки СПЕЦИАЛЬНОСТЕЙ - только с сортировкой 555 if($g['C_SORT'] == 555) { $specNames[] = $g['NAME']; if($g['STRING_ID']) { $specCodes[] = $g['STRING_ID']; } } } // --------------------------------- echo json_encode([ 'id' => $u['ID'], 'login' => $u['LOGIN'], 'email' => $u['EMAIL'], 'name' => $u['NAME'], 'last_name' => $u['LAST_NAME'], 'second_name' => $u['SECOND_NAME'], 'city' => $u['PERSONAL_CITY'], 'phone' => $u['PERSONAL_MOBILE'], // Ваша правка 'country' => $u['PERSONAL_COUNTRY'], 'specialties' => $specNames, 'specialties_code' => $specCodes, // Теперь тут только специальности! 'groups_code' => $allCodes ]); } else { header('HTTP/1.0 401 Unauthorized'); } } // 2. ОБНОВЛЕНИЕ ДАННЫХ public static function updateAction() { header('Content-Type: application/json'); $req = Context::getCurrent()->getRequest(); if(!self::checkClient($req->getPost("client_id"), $req->getPost("client_secret"))) { die(json_encode(['error'=>'forbidden'])); } $uid = self::getUidByToken($req->getPost("access_token")); if(!$uid) die(json_encode(['error'=>'invalid_token'])); $fields = [ "NAME" => $req->getPost("name"), "LAST_NAME" => $req->getPost("last_name"), "SECOND_NAME" => $req->getPost("second_name"), "PERSONAL_MOBILE" => $req->getPost("phone"), // Ваша правка "PERSONAL_CITY" => $req->getPost("city"), "PERSONAL_COUNTRY" => $req->getPost("country") ]; $newSpecs = $req->getPost("specialties"); // Приходит массив кодов $resNames = []; $resSpecCodes = []; if(is_array($newSpecs)) { $curG = \CUser::GetUserGroup($uid); $finalG = []; $allSpecGIds = []; // Получаем ID всех групп-специальностей (555) $rs = \Bitrix\Main\GroupTable::getList(['filter'=>['=C_SORT'=>555],'select'=>['ID']]); while($g = $rs->fetch()) $allSpecGIds[] = $g['ID']; // Оставляем у юзера только НЕ специальности foreach($curG as $gid) { if(!in_array($gid, $allSpecGIds)) $finalG[] = $gid; } // Добавляем новые выбранные $rs = \Bitrix\Main\GroupTable::getList(['filter'=>['=STRING_ID'=>$newSpecs, '=C_SORT'=>555]]); while($g = $rs->fetch()) { $finalG[] = $g['ID']; $resNames[] = $g['NAME']; $resSpecCodes[] = $g['STRING_ID']; } $fields["GROUP_ID"] = $finalG; } $user = new \CUser; if($user->Update($uid, $fields)) { self::audit("PROFILE_UPDATED", $req->getPost("client_id"), $uid); echo json_encode([ 'status' => 'success', 'new_specialties' => $resNames, 'new_specialties_code' => $resSpecCodes ]); } else { echo json_encode(['status' => 'error', 'message' => strip_tags($user->LAST_ERROR)]); } } public static function passwordAction() { header('Content-Type: application/json'); $req = Context::getCurrent()->getRequest(); if(!self::checkClient($req->getPost("client_id"), $req->getPost("client_secret"))) { die(json_encode(['error'=>'forbidden'])); } $uid = self::getUidByToken($req->getPost("access_token")); if(!$uid) die(json_encode(['error'=>'invalid_token'])); $np = $req->getPost("new_password"); $v = self::validatePassword($np); if($v !== true) die(json_encode(['status'=>'error', 'message'=>$v])); if((new \CUser)->Update($uid, ["PASSWORD"=>$np, "CONFIRM_PASSWORD"=>$np])) { self::audit("PASS_CHANGED", $req->getPost("client_id"), $uid); echo json_encode(['status'=>'success']); } else { echo json_encode(['status'=>'error', 'message'=>strip_tags((new \CUser)->LAST_ERROR)]); } } }