def has_unrestricted_access(doc, verbose=True): from frappe.defaults import get_restrictions restrictions = get_restrictions() meta = frappe.get_meta(doc.get("doctype")) user_perms = get_user_perms(meta) if get_user_perms(meta).restricted: if doc.owner == frappe.session.user: # owner is always allowed for restricted permissions return True elif not (restrictions and restrictions.get(doc.get("doctype"))): return False else: if not restrictions: return True def _has_unrestricted_access(d): meta = frappe.get_meta(d.get("doctype")) # evaluate specific restrictions fields_to_check = meta.get_restricted_fields(restrictions.keys()) _has_restricted_data = False for df in fields_to_check: if d.get(df.fieldname) and d.get( df.fieldname) not in restrictions[df.options]: if verbose: msg = _("Not allowed to access {0} with {1} = {2}").format( df.options, _(df.label), d.get(df.fieldname)) if d.parentfield: msg = "{doctype}, {row} #{idx}, ".format( doctype=_( d.doctype), row=_("Row"), idx=d.idx) + msg msgprint(msg) _has_restricted_data = True return _has_restricted_data has_restricted_data = _has_unrestricted_access(doc) for d in doc.get_all_children(): has_restricted_data = _has_unrestricted_access( d) or has_restricted_data # check all restrictions before returning return False if has_restricted_data else True
def has_unrestricted_access(doc, verbose=True): from frappe.defaults import get_restrictions restrictions = get_restrictions() meta = frappe.get_meta(doc.get("doctype")) user_perms = get_user_perms(meta) if get_user_perms(meta).restricted: if doc.owner == frappe.session.user: # owner is always allowed for restricted permissions return True elif not (restrictions and restrictions.get(doc.get("doctype"))): return False else: if not restrictions: return True def _has_unrestricted_access(d): meta = frappe.get_meta(d.get("doctype")) # evaluate specific restrictions fields_to_check = meta.get_restricted_fields(restrictions.keys()) _has_restricted_data = False for df in fields_to_check: if d.get(df.fieldname) and d.get(df.fieldname) not in restrictions[df.options]: if verbose: msg = _("Not allowed to access {0} with {1} = {2}").format(df.options, _(df.label), d.get(df.fieldname)) if d.parentfield: msg = "{doctype}, {row} #{idx}, ".format(doctype=_(d.doctype), row=_("Row"), idx=d.idx) + msg msgprint(msg) _has_restricted_data = True return _has_restricted_data has_restricted_data = _has_unrestricted_access(doc) for d in doc.get_all_children(): has_restricted_data = _has_unrestricted_access(d) or has_restricted_data # check all restrictions before returning return False if has_restricted_data else True
def set_price_list(out, party, party_type, given_price_list): # price list price_list = get_restrictions().get("Price List") if isinstance(price_list, list): price_list = None if not price_list: price_list = party.default_price_list if not price_list and party_type=="Customer": price_list = frappe.db.get_value("Customer Group", party.customer_group, "default_price_list") if not price_list: price_list = given_price_list if price_list: out.price_list_currency = frappe.db.get_value("Price List", price_list, "currency") out["selling_price_list" if party.doctype=="Customer" else "buying_price_list"] = price_list
def set_price_list(out, party, party_type, given_price_list): # price list price_list = get_restrictions().get("Price List") if isinstance(price_list, list): price_list = None if not price_list: price_list = party.default_price_list if not price_list and party_type == "Customer": price_list = frappe.db.get_value("Customer Group", party.customer_group, "default_price_list") if not price_list: price_list = given_price_list if price_list: out.price_list_currency = frappe.db.get_value("Price List", price_list, "currency") out["selling_price_list" if party.doctype == "Customer" else "buying_price_list"] = price_list
def add_restriction_if_required(self, doctype, user): if frappe.permissions.has_only_non_restrict_role(doctype, user) \ and self.name not in get_restrictions(user).get("Employee", []): frappe.defaults.add_default("Employee", self.name, user, "Restriction")