class CMyEventHandlers {
function OnBeforeUserUpdateHandler(&$arFields) {
if (array_key_exists("PASSWORD", $arFields)) {
$iUserID = 0;
if (array_key_exists("ID", $arFields)) {
// OnBeforeUserUpdate event
$iUserID = $arFields['ID'];
} else if (array_key_exists("LOGIN", $arFields)) {
// OnBeforeUserChangePassword event (user descriptor isn't passed)
$objUser = CUser::GetByLogin($arFields);
if (is_object($objUser) && $arUser = $objUser->Fetch()) {
$iUserID = $arUser['ID'];
}
}
// List of "restricted" groups descriptors
$arIntersect = array(2, 3, 4);
// If the user belongs to at least one of the "restricted" groups
if ($iUserID > 0 && count(array_intersect(CUser::GetUserGroup($iUserID), $arIntersect)) > 0) {
global $APPLICATION;
if (is_object($APPLICATION)) {
$APPLICATION->ThrowException("Can't change the password.");
}
return false;
}
}
}
}
AddEventHandler("main", "OnBeforeUserUpdate",
array("CMyEventHandlers", "OnBeforeUserUpdateHandler"));
AddEventHandler("main", "OnBeforeUserChangePassword",
array("CMyEventHandlers", "OnBeforeUserUpdateHandler")); |