def has_unrestricted_access(doc, verbose=True):
from frappe.defaults import get_restrictions
restrictions = get_restrictions()
meta = frappe.get_meta(doc.get("doctype"))
user_perms = get_user_perms(meta)
if get_user_perms(meta).restricted:
if doc.owner == frappe.session.user:
# owner is always allowed for restricted permissions
return True
elif not (restrictions and restrictions.get(doc.get("doctype"))):
return False
else:
if not restrictions:
return True
def _has_unrestricted_access(d):
meta = frappe.get_meta(d.get("doctype"))
# evaluate specific restrictions
fields_to_check = meta.get_restricted_fields(restrictions.keys())
_has_restricted_data = False
for df in fields_to_check:
if d.get(df.fieldname) and d.get(
df.fieldname) not in restrictions[df.options]:
if verbose:
msg = _("Not allowed to access {0} with {1} = {2}").format(
df.options, _(df.label), d.get(df.fieldname))
if d.parentfield:
msg = "{doctype}, {row} #{idx}, ".format(
doctype=_(
d.doctype), row=_("Row"), idx=d.idx) + msg
msgprint(msg)
_has_restricted_data = True
return _has_restricted_data
has_restricted_data = _has_unrestricted_access(doc)
for d in doc.get_all_children():
has_restricted_data = _has_unrestricted_access(
d) or has_restricted_data
# check all restrictions before returning
return False if has_restricted_data else True
def has_unrestricted_access(doc, verbose=True):
from frappe.defaults import get_restrictions
restrictions = get_restrictions()
meta = frappe.get_meta(doc.get("doctype"))
user_perms = get_user_perms(meta)
if get_user_perms(meta).restricted:
if doc.owner == frappe.session.user:
# owner is always allowed for restricted permissions
return True
elif not (restrictions and restrictions.get(doc.get("doctype"))):
return False
else:
if not restrictions:
return True
def _has_unrestricted_access(d):
meta = frappe.get_meta(d.get("doctype"))
# evaluate specific restrictions
fields_to_check = meta.get_restricted_fields(restrictions.keys())
_has_restricted_data = False
for df in fields_to_check:
if d.get(df.fieldname) and d.get(df.fieldname) not in restrictions[df.options]:
if verbose:
msg = _("Not allowed to access {0} with {1} = {2}").format(df.options, _(df.label), d.get(df.fieldname))
if d.parentfield:
msg = "{doctype}, {row} #{idx}, ".format(doctype=_(d.doctype),
row=_("Row"), idx=d.idx) + msg
msgprint(msg)
_has_restricted_data = True
return _has_restricted_data
has_restricted_data = _has_unrestricted_access(doc)
for d in doc.get_all_children():
has_restricted_data = _has_unrestricted_access(d) or has_restricted_data
# check all restrictions before returning
return False if has_restricted_data else True
def set_price_list(out, party, party_type, given_price_list):
# price list
price_list = get_restrictions().get("Price List")
if isinstance(price_list, list):
price_list = None
if not price_list:
price_list = party.default_price_list
if not price_list and party_type=="Customer":
price_list = frappe.db.get_value("Customer Group",
party.customer_group, "default_price_list")
if not price_list:
price_list = given_price_list
if price_list:
out.price_list_currency = frappe.db.get_value("Price List", price_list, "currency")
out["selling_price_list" if party.doctype=="Customer" else "buying_price_list"] = price_list
def set_price_list(out, party, party_type, given_price_list):
# price list
price_list = get_restrictions().get("Price List")
if isinstance(price_list, list):
price_list = None
if not price_list:
price_list = party.default_price_list
if not price_list and party_type == "Customer":
price_list = frappe.db.get_value("Customer Group",
party.customer_group,
"default_price_list")
if not price_list:
price_list = given_price_list
if price_list:
out.price_list_currency = frappe.db.get_value("Price List", price_list,
"currency")
out["selling_price_list" if party.doctype ==
"Customer" else "buying_price_list"] = price_list
def add_restriction_if_required(self, doctype, user):
if frappe.permissions.has_only_non_restrict_role(doctype, user) \
and self.name not in get_restrictions(user).get("Employee", []):
frappe.defaults.add_default("Employee", self.name, user,
"Restriction")
def add_restriction_if_required(self, doctype, user):
if frappe.permissions.has_only_non_restrict_role(doctype, user) \
and self.name not in get_restrictions(user).get("Employee", []):
frappe.defaults.add_default("Employee", self.name, user, "Restriction")
