155 lines
6.1 KiB
PHP
Executable File
155 lines
6.1 KiB
PHP
Executable File
<?php
|
||
namespace Conmed\Authserver;
|
||
|
||
use Bitrix\Main\Context;
|
||
use Bitrix\Highloadblock\HighloadBlockTable;
|
||
use Bitrix\Main\Loader;
|
||
|
||
trait ProfileTrait {
|
||
|
||
// 1. ПОЛУЧЕНИЕ ДАННЫХ (Вызывается при входе)
|
||
public static function userAction() {
|
||
header('Content-Type: application/json');
|
||
$req = Context::getCurrent()->getRequest();
|
||
|
||
$auth = $req->getHeader('Authorization');
|
||
$token = (preg_match('/Bearer\s+(.*)$/i', $auth, $m)) ? trim($m[1]) : $req->get("access_token");
|
||
|
||
$uid = self::getUidByToken($token);
|
||
|
||
if($uid) {
|
||
$u = \CUser::GetByID($uid)->Fetch();
|
||
|
||
// --- ИСПРАВЛЕННАЯ ЛОГИКА ГРУПП ---
|
||
$specNames = []; // Названия (только 555)
|
||
$specCodes = []; // Коды (только 555) - для чекбоксов
|
||
$allCodes = []; // Все коды вообще - для прав доступа
|
||
|
||
$rs = \Bitrix\Main\GroupTable::getList([
|
||
'filter' => ['ID' => \CUser::GetUserGroup($u['ID']), '=ACTIVE' => 'Y'],
|
||
'select' => ['NAME', 'STRING_ID', 'C_SORT']
|
||
]);
|
||
|
||
while($g = $rs->fetch()) {
|
||
// 1. В общий список прав добавляем все, у чего есть код
|
||
if($g['STRING_ID']) {
|
||
$allCodes[] = $g['STRING_ID'];
|
||
}
|
||
|
||
// 2. В списки СПЕЦИАЛЬНОСТЕЙ - только с сортировкой 555
|
||
if($g['C_SORT'] == 555) {
|
||
$specNames[] = $g['NAME'];
|
||
if($g['STRING_ID']) {
|
||
$specCodes[] = $g['STRING_ID'];
|
||
}
|
||
}
|
||
}
|
||
// ---------------------------------
|
||
|
||
echo json_encode([
|
||
'id' => $u['ID'],
|
||
'login' => $u['LOGIN'],
|
||
'email' => $u['EMAIL'],
|
||
'name' => $u['NAME'],
|
||
'last_name' => $u['LAST_NAME'],
|
||
'second_name' => $u['SECOND_NAME'],
|
||
'city' => $u['PERSONAL_CITY'],
|
||
'phone' => $u['PERSONAL_MOBILE'], // Ваша правка
|
||
'country' => $u['PERSONAL_COUNTRY'],
|
||
|
||
'specialties' => $specNames,
|
||
'specialties_code' => $specCodes, // Теперь тут только специальности!
|
||
'groups_code' => $allCodes
|
||
]);
|
||
} else {
|
||
header('HTTP/1.0 401 Unauthorized');
|
||
}
|
||
}
|
||
|
||
// 2. ОБНОВЛЕНИЕ ДАННЫХ
|
||
public static function updateAction() {
|
||
header('Content-Type: application/json');
|
||
$req = Context::getCurrent()->getRequest();
|
||
|
||
if(!self::checkClient($req->getPost("client_id"), $req->getPost("client_secret"))) {
|
||
die(json_encode(['error'=>'forbidden']));
|
||
}
|
||
|
||
$uid = self::getUidByToken($req->getPost("access_token"));
|
||
if(!$uid) die(json_encode(['error'=>'invalid_token']));
|
||
|
||
$fields = [
|
||
"NAME" => $req->getPost("name"),
|
||
"LAST_NAME" => $req->getPost("last_name"),
|
||
"SECOND_NAME" => $req->getPost("second_name"),
|
||
"PERSONAL_MOBILE" => $req->getPost("phone"), // Ваша правка
|
||
"PERSONAL_CITY" => $req->getPost("city"),
|
||
"PERSONAL_COUNTRY" => $req->getPost("country")
|
||
];
|
||
|
||
$newSpecs = $req->getPost("specialties"); // Приходит массив кодов
|
||
|
||
$resNames = [];
|
||
$resSpecCodes = [];
|
||
|
||
if(is_array($newSpecs)) {
|
||
$curG = \CUser::GetUserGroup($uid);
|
||
$finalG = [];
|
||
$allSpecGIds = [];
|
||
|
||
// Получаем ID всех групп-специальностей (555)
|
||
$rs = \Bitrix\Main\GroupTable::getList(['filter'=>['=C_SORT'=>555],'select'=>['ID']]);
|
||
while($g = $rs->fetch()) $allSpecGIds[] = $g['ID'];
|
||
|
||
// Оставляем у юзера только НЕ специальности
|
||
foreach($curG as $gid) {
|
||
if(!in_array($gid, $allSpecGIds)) $finalG[] = $gid;
|
||
}
|
||
|
||
// Добавляем новые выбранные
|
||
$rs = \Bitrix\Main\GroupTable::getList(['filter'=>['=STRING_ID'=>$newSpecs, '=C_SORT'=>555]]);
|
||
while($g = $rs->fetch()) {
|
||
$finalG[] = $g['ID'];
|
||
$resNames[] = $g['NAME'];
|
||
$resSpecCodes[] = $g['STRING_ID'];
|
||
}
|
||
$fields["GROUP_ID"] = $finalG;
|
||
}
|
||
|
||
$user = new \CUser;
|
||
if($user->Update($uid, $fields)) {
|
||
self::audit("PROFILE_UPDATED", $req->getPost("client_id"), $uid);
|
||
|
||
echo json_encode([
|
||
'status' => 'success',
|
||
'new_specialties' => $resNames,
|
||
'new_specialties_code' => $resSpecCodes
|
||
]);
|
||
} else {
|
||
echo json_encode(['status' => 'error', 'message' => strip_tags($user->LAST_ERROR)]);
|
||
}
|
||
}
|
||
|
||
public static function passwordAction() {
|
||
header('Content-Type: application/json');
|
||
$req = Context::getCurrent()->getRequest();
|
||
|
||
if(!self::checkClient($req->getPost("client_id"), $req->getPost("client_secret"))) {
|
||
die(json_encode(['error'=>'forbidden']));
|
||
}
|
||
|
||
$uid = self::getUidByToken($req->getPost("access_token"));
|
||
if(!$uid) die(json_encode(['error'=>'invalid_token']));
|
||
|
||
$np = $req->getPost("new_password");
|
||
$v = self::validatePassword($np);
|
||
if($v !== true) die(json_encode(['status'=>'error', 'message'=>$v]));
|
||
|
||
if((new \CUser)->Update($uid, ["PASSWORD"=>$np, "CONFIRM_PASSWORD"=>$np])) {
|
||
self::audit("PASS_CHANGED", $req->getPost("client_id"), $uid);
|
||
echo json_encode(['status'=>'success']);
|
||
} else {
|
||
echo json_encode(['status'=>'error', 'message'=>strip_tags((new \CUser)->LAST_ERROR)]);
|
||
}
|
||
}
|
||
} |