Пример #1
1
def get_transitions(doc, workflow = None):
	'''Return list of possible transitions for the given doc'''
	doc = frappe.get_doc(frappe.parse_json(doc))

	if doc.is_new():
		return []

	frappe.has_permission(doc, 'read', throw=True)
	roles = frappe.get_roles()

	if not workflow:
		workflow = get_workflow(doc.doctype)
	current_state = doc.get(workflow.workflow_state_field)

	if not current_state:
		frappe.throw(_('Workflow State not set'), WorkflowStateError)

	transitions = []
	for transition in workflow.transitions:
		if transition.state == current_state and transition.allowed in roles:
			if transition.condition:
				# if condition, evaluate
				# access to frappe.db.get_value and frappe.db.get_list
				success = frappe.safe_eval(transition.condition,
					dict(frappe = frappe._dict(
						db = frappe._dict(get_value = frappe.db.get_value, get_list=frappe.db.get_list),
						session = frappe.session
					)),
					dict(doc = doc))
				if not success:
					continue
			transitions.append(transition.as_dict())

	return transitions
Пример #2
0
def get_permission_query_conditions(user):
	if not user: user = frappe.session.user

	if "System Manager" in frappe.get_roles(user):
		return None
	else:
		abc="""
			`tabFirst Timer`.cell=(select distinct defvalue from `tabDefaultValue` where parent='%(user)s' and defkey='Cells')
			or
			`tabFirst Timer`.senior_cell=(select distinct defvalue from `tabDefaultValue` where parent='%(user)s' and defkey='Senior Cells')
			or
			`tabFirst Timer`.pcf=(select distinct defvalue from `tabDefaultValue` where parent='%(user)s' and defkey='PCFs')
			or
			`tabFirst Timer`.church=(select distinct defvalue from `tabDefaultValue` where parent='%(user)s' and defkey='Churches')
			or
			`tabFirst Timer`.church_group=(select distinct defvalue from `tabDefaultValue` where parent='%(user)s' and defkey='Group Churches')
			or
			`tabFirst Timer`.zone=(select distinct defvalue from `tabDefaultValue` where parent='%(user)s' and defkey='Zones')
			or
			`tabFirst Timer`.region=(select distinct defvalue from `tabDefaultValue` where parent='%(user)s' and defkey='Regions')
			or 
			`tabFirst Timer`.ftv_owner=(select distinct defvalue from `tabDefaultValue` where parent='%(user)s' and defkey='Member')
			""" % {
				"user": frappe.db.escape(user),
				"roles": "', '".join([frappe.db.escape(r) for r in frappe.get_roles(user)])
			}
		return abc
def get_permission_query_conditions(user):
	if user in ("Administrator", "System Manager"):
		return ""
	elif "Client User" in frappe.get_roles() or "Client Support User" in frappe.get_roles() or "Client Support Manager":
		return ""
		# print user,"\n\n\n\n\n\n\n\n"		
		# projects = frappe.db.sql("""select name from `tabProject` where client_user ='******'""".format(user)) 
		# print("hiiiiiiiiiiiiiii",projects)
		# return frappe.db.sql("select name from `tabClient Support Ticket` where project in '{0}'".format(",".join(["'%s'"%project for project in projects])))
		# print ("hellllllllllllllllllllllll",format(join(["'%s'" %project for project in projects])))
Пример #4
0
	def build_conditions(filters):
		condition = ""
		status = ""
		department = ""
		date_type = "i.opening_date"

		# status
		if filters.get("status") != "All":
			if filters.get("status") == ("Pending"):
				status = "AND i.status NOT IN ('Open', 'Closed')"
			else:
				status = "AND i.status='%s'"%(filters.get("status"))
			date_type = "i.resolution_date" if filters.get("status") == "Closed" else "i.opening_date"

		# order by
		order_by = "ORDER BY {field} ASC".format(field=date_type)
		# department
		if filters.get("dept"):
			department = "AND i.department='%s'"%(filters.get("dept"))

		# TODO system manager, Administrator, Department Head ticket filters
		names = ""
		if "System Manager" in frappe.get_roles(filters.get("user")):
			names = ""
		elif "Department Head" in frappe.get_roles(filters.get("user")):
			names = "AND i.department='{dept}' AND i.name IN (SELECT t.reference_name FROM tabToDo AS t WHERE \
				(t.owner='{user}' AND t.status='Open') OR t.assigned_by='{user}' AND t.reference_type='Issue' \
				AND t.reference_name=i.name) OR i.owner='{user}'".format(
					user=filters.get("user"),
					dept=frappe.db.get_value("User", filters.get("user"), "department")
				)
		else:
			names = "AND i.name IN (SELECT t.reference_name FROM tabToDo AS t WHERE (t.owner='{user}' AND t.status='Open') \
				OR t.assigned_by='{user}' AND t.reference_type='Issue' AND t.reference_name=i.name) OR i.owner='{user}'".format(
					user=filters.get("user")
				)
		
		condition = "WHERE {field} BETWEEN '{start}' AND '{end}' {names} {dept} {status} {order_by}".format(
				field=date_type,
				start=filters.get("start"),
				end=filters.get("end"),
				dept=department,
				status=status,
				order_by=order_by,
				names=names
			)

		return condition
Пример #5
0
def category_sync(force_override_categories=False,
                  force_override_features=False):
    """Load a new set of eBay categories.

    By default, this checks the current versions of the eBay categories cache
    and does not update it if the category version has not changed (i.e. the
    eBay categories have not changed).
    If force_override_categories is set, then the eBay categories will be
    redownloaded and new Item Group eBay entries set.
    If force_override_features is set, then the eBay features will be
    redownloaded.
    Setting force_override_features to True implies force_override_categories.
    """
    # Check permissions, as this is a whitelisted function
    if 'System Manager' not in frappe.get_roles(frappe.session.user):
        return frappe.PermissionError(
            'Only System Managers can update the eBay categories.')
    if force_override_features:
        force_override_categories = True
    categories_ok, features_ok = check_cache_versions()
    # Do we need to update the cache?
    update_categories = force_override_categories or not categories_ok
    update_features = force_override_features or not features_ok
    # Update the cache if required
    ensure_updated_cache(update_categories, update_features)
    # Update the Item Group eBay categories if required.
    if update_categories:
        # We only wipe the tables if we are forcing an override
        # otherwise we just update the existing entries.
        create_item_group_ebay(force_override_categories)
Пример #6
0
def get_permission_query_conditions(user):
	if not user: user = frappe.session.user

	if "System Manager" in frappe.get_roles(user):
		return None
	else:
		return """(tabToDo.owner = '{user}' or tabToDo.assigned_by = '{user}')""".format(user=user)
Пример #7
0
	def validate_employee_leave_approver(self):
		for l in self.get("leave_approvers")[:]:
			#if l.leave_approver:
			#	frappe.permissions.add_user_permission("User", self.user_id, l.leave_approver)

			if "Leave Approver" not in frappe.get_roles(l.leave_approver):
				frappe.get_doc("User", l.leave_approver).add_roles("Leave Approver")
Пример #8
0
def get_events(start, end):
	events = []

	employee = frappe.db.get_value("Employee", {"user_id": frappe.session.user}, ["name", "company"],
		as_dict=True)
	#if not employee:
	#	return events
	
	if employee:
		employee, company = employee.name, employee.company
	else:
		employee=''
		company=frappe.db.get_value("Global Defaults", None, "default_company")

	from frappe.desk.reportview import build_match_conditions
	match_conditions = build_match_conditions("Leave Application")

	# show department leaves for employee
	if "Employee" in frappe.get_roles():
		add_department_leaves(events, start, end, employee, company)

	add_leaves(events, start, end, match_conditions)

	add_block_dates(events, start, end, employee, company)
	add_holidays(events, start, end, employee, company)

	return events
Пример #9
0
	def set_user_info(self, resume=False):
		# set sid again
		frappe.local.cookie_manager.init_cookies()

		self.info = frappe.db.get_value("User", self.user,
			["user_type", "first_name", "last_name", "user_image"], as_dict=1)
		self.full_name = " ".join(filter(None, [self.info.first_name,
			self.info.last_name]))
		self.user_type = self.info.user_type

		if self.info.user_type=="Website User":
			frappe.local.cookie_manager.set_cookie("system_user", "no")
			if not resume:
				frappe.local.response["message"] = "No App"
				frappe.local.response["home_page"] = get_website_user_home_page(self.user)
		else:
			frappe.local.cookie_manager.set_cookie("system_user", "yes")
			if not resume:
				frappe.local.response['message'] = 'Logged In'
				if "Hospital User" in frappe.get_roles(frappe.session.user) :
					frappe.local.response["home_page"] = "/desk#modules/Hospital Bed Management"
				else:
					frappe.local.response["home_page"] = "/desk"

		if not resume:
			frappe.response["full_name"] = self.full_name

		frappe.local.cookie_manager.set_cookie("full_name", self.full_name)
		frappe.local.cookie_manager.set_cookie("user_id", self.user)
		frappe.local.cookie_manager.set_cookie("user_image", self.info.user_image or "")
Пример #10
0
	def apply_user_permissions_to_all_roles(self):
		# add apply user permissions for all roles that
		# for this doctype
		def show_progress(i, l):
			if l > 2:
				frappe.publish_realtime("progress",
					dict(progress=[i, l], title=_('Updating...')),
						user=frappe.session.user)


		roles = frappe.get_roles(self.user)
		linked = frappe.db.sql('''select distinct parent from tabDocField
			where fieldtype="Link" and options=%s''', self.allow)
		for i, link in enumerate(linked):
			doctype = link[0]
			for perm in get_valid_perms(doctype, self.user):
				# if the role is applicable to the user
				show_progress(i+1, len(linked))
				if perm.role in roles:
					if not perm.apply_user_permissions:
						update_permission_property(doctype, perm.role, 0,
							'apply_user_permissions', '1')

					try:
						user_permission_doctypes = json.loads(perm.user_permission_doctypes or '[]')
					except ValueError:
						user_permission_doctypes = []

					if self.allow not in user_permission_doctypes:
						user_permission_doctypes.append(self.allow)
						update_permission_property(doctype, perm.role, 0,
							'user_permission_doctypes', json.dumps(user_permission_doctypes), validate=False)

		show_progress(len(linked), len(linked))
Пример #11
0
	def get_appr_user_role(self, det, doctype_name, total, based_on, condition, item, company):
		amt_list, appr_users, appr_roles = [], [], []
		users, roles = '',''
		if det:
			for x in det:
				amt_list.append(flt(x[0]))
			max_amount = max(amt_list)

			app_dtl = frappe.db.sql("""select approving_user, approving_role from `tabAuthorization Rule`
				where transaction = %s and (value = %s or value > %s)
				and docstatus != 2 and based_on = %s and company = %s %s""" %
				('%s', '%s', '%s', '%s', '%s', condition),
				(doctype_name, flt(max_amount), total, based_on, company))

			if not app_dtl:
				app_dtl = frappe.db.sql("""select approving_user, approving_role from `tabAuthorization Rule`
					where transaction = %s and (value = %s or value > %s) and docstatus != 2
					and based_on = %s and ifnull(company,'') = '' %s""" %
					('%s', '%s', '%s', '%s', condition), (doctype_name, flt(max_amount), total, based_on))

			for d in app_dtl:
				if(d[0]): appr_users.append(d[0])
				if(d[1]): appr_roles.append(d[1])

			if not has_common(appr_roles, frappe.get_roles()) and not has_common(appr_users, [session['user']]):
				frappe.msgprint(_("Not authroized since {0} exceeds limits").format(_(based_on)))
				frappe.throw(_("Can be approved by {0}").format(comma_or(appr_roles + appr_users)))
Пример #12
0
def add_sidebar_data(context):
	from frappe.utils.user import get_fullname_and_avatar
	import frappe.www.list

	if not context.sidebar_items:

		sidebar_items = frappe.cache().hget('portal_menu_items', frappe.session.user)
		if sidebar_items == None:
			sidebar_items = []
			roles = frappe.get_roles()
			portal_settings = frappe.get_doc('Portal Settings', 'Portal Settings')

			def add_items(sidebar_items, menu_field):
				for d in portal_settings.get(menu_field):
					if d.enabled and ((not d.role) or d.role in roles):
						sidebar_items.append(d.as_dict())

			if not portal_settings.hide_standard_menu:
				add_items(sidebar_items, 'menu')

			if portal_settings.custom_menu:
				add_items(sidebar_items, 'custom_menu')

			frappe.cache().hset('portal_menu_items', frappe.session.user, sidebar_items)

		context.sidebar_items = sidebar_items

	info = get_fullname_and_avatar(frappe.session.user)
	context["fullname"] = info.fullname
	context["user_image"] = info.avatar
	context["user"] = info.name
Пример #13
0
def check_jasper_perm(perms, ptypes=("read",), user=None):
		found = False

		if isinstance(ptypes, basestring):
			ptypes = (ptypes, )

		if user == None:
			user = frappe.local.session['user']

		def check_perm(perms, user_roles, ptype):
			found = False
			for perm in perms:
				jasper_perm_type = perm.get('jasper_can_' + ptype, None)
				jasper_role = perm.get('jasper_role', None)
				if jasper_role in user_roles and jasper_perm_type:
					found = True
					break
			return found

		if user == "Administrator":
			return True

		user_roles = frappe.get_roles(user)

		for ptype in ptypes:
			found = check_perm(perms, user_roles, ptype)
			if found == False:
				break

		return found
def get_ftv_member():
	roles=frappe.get_roles(frappe.user.name)
	val=frappe.db.sql("select defkey,defvalue from `tabDefaultValue` where defkey in ('Cells','Senior Cells','PCFs','Churches','Group Churches','Zones','Regions') and parent='%s' limit 1"%(frappe.user.name),as_list=1)
	# frappe.errprint(val)
	if val:
		if val[0][0]=='Cells':
			key='cell'
			value=val[0][1]
		elif val[0][0]=='Senior Cells':
			key='senior_cell'
			value=val[0][1]
		elif val[0][0]=='PCFs':
			key='pcf'
			value=val[0][1]
		elif val[0][0]=='Churches':
			key='Church'
			value=val[0][1]
		elif val[0][0]=='Group Churches':
			key='church_group'
			value=val[0][1]
		elif val[0][0]=='Zones':
			key='zone'
			value=val[0][1]
		elif val[0][0]=='Regions':
			key='region'
			value=val[0][1]
		return{
			"key" : key,
			"value" : value
		}
	else:
		return{
			"key" : 1,
			"value" : 1
		}	
Пример #15
0
def get_role_permissions(meta, user=None):
	if not user: user = frappe.session.user
	cache_key = (meta.name, user)

	if not frappe.local.role_permissions.get(cache_key):
		perms = frappe._dict({ "apply_user_permissions": {}, "user_permission_doctypes": {} })
		user_roles = frappe.get_roles(user)

		for p in meta.permissions:
			if cint(p.permlevel)==0 and (p.role in user_roles):
				for ptype in rights:
					perms[ptype] = perms.get(ptype, 0) or cint(p.get(ptype))

					if ptype != "set_user_permissions" and p.get(ptype):
						perms["apply_user_permissions"][ptype] = (perms["apply_user_permissions"].get(ptype, 1)
							and p.get("apply_user_permissions"))

				if p.apply_user_permissions and p.user_permission_doctypes:
					# set user_permission_doctypes in perms
					user_permission_doctypes = json.loads(p.user_permission_doctypes)

					if user_permission_doctypes:
						# perms["user_permission_doctypes"][ptype] would be a list of list like [["User", "Blog Post"], ["User"]]
						for ptype in rights:
							if p.get(ptype):
								perms["user_permission_doctypes"].setdefault(ptype, []).append(user_permission_doctypes)

		for key, value in perms.get("apply_user_permissions").items():
			if not value:
				del perms["apply_user_permissions"][key]

		frappe.local.role_permissions[cache_key] = perms

	return frappe.local.role_permissions[cache_key]
Пример #16
0
def get_allowed_pages():
    roles = frappe.get_roles()
    page_info = {}

    for p in frappe.db.sql(
        """select distinct
		tabPage.name, tabPage.modified, tabPage.title
		from `tabPage Role`, `tabPage`
		where `tabPage Role`.role in (%s)
			and `tabPage Role`.parent = `tabPage`.name"""
        % ", ".join(["%s"] * len(roles)),
        roles,
        as_dict=True,
    ):

        page_info[p.name] = {"modified": p.modified, "title": p.title}

        # pages where role is not set are also allowed
    for p in frappe.db.sql(
        """select name, modified, title
		from `tabPage` where
			(select count(*) from `tabPage Role`
				where `tabPage Role`.parent=tabPage.name) = 0""",
        as_dict=1,
    ):

        page_info[p.name] = {"modified": p.modified, "title": p.title}

    return page_info
def recommended_patients(user):
	conditions = []
	roles = frappe.get_roles(user)
	for role in roles:
		if role == "Hospital User":
			conditions.append("ifnull(`tabPatient Allotment`.`status`, '')!='Not Verified' or ifnull(`tabPatient Allotment`.`owner`, '')='"+user+"' ")
			return " and ".join(conditions) if conditions else None
Пример #18
0
	def validate_employee_leave_approver(self):
		from erpnext.hr.doctype.leave_application.leave_application import InvalidLeaveApproverError

		for l in self.get("employee_leave_approvers")[:]:
			if "Leave Approver" not in frappe.get_roles(l.leave_approver):
				self.get("employee_leave_approvers").remove(l)
				msgprint(_("{0} is not a valid Leave Approver. Removing row #{1}.").format(l.leave_approver, l.idx))
Пример #19
0
def get_context(context):
	context.icons = get_user_icons(frappe.session.user)
	context.user = frappe.session.user

	if 'System Manager' in frappe.get_roles():
		context.users = frappe.db.get_all('User', filters={'user_type': 'System User', 'enabled': 1},
			fields = ['name', 'first_name', 'last_name'])
Пример #20
0
def can_export(doctype, raise_exception=False):
	if not ("System Manager" in frappe.get_roles() or has_permission(doctype, "export")):
		if raise_exception:
			raise frappe.PermissionError("You are not allowed to export: {doctype}".format(doctype=doctype))
		else:
			return False
	return True
Пример #21
0
	def validate_frozen_accounts_modifier(self):
		old_value = frappe.db.get_value("Account", self.name, "freeze_account")
		if old_value and old_value != self.freeze_account:
			frozen_accounts_modifier = frappe.db.get_value('Accounts Settings', None, 'frozen_accounts_modifier')
			if not frozen_accounts_modifier or \
				frozen_accounts_modifier not in frappe.get_roles():
					throw(_("You are not authorized to set Frozen value"))
Пример #22
0
	def _get_home_page():
		home_page = None

		get_website_user_home_page = frappe.get_hooks('get_website_user_home_page')
		if get_website_user_home_page:
			home_page = frappe.get_attr(get_website_user_home_page[-1])(frappe.session.user)

		if not home_page:
			role_home_page = frappe.get_hooks("role_home_page")
			if role_home_page:
				for role in frappe.get_roles():
					if role in role_home_page:
						home_page = role_home_page[role][-1]
						break

		if not home_page:
			home_page = frappe.get_hooks("home_page")
			if home_page:
				home_page = home_page[-1]

		if not home_page:
			home_page = frappe.db.get_value("Website Settings", None, "home_page") or "login"

		home_page = home_page.strip('/')

		return home_page
Пример #23
0
def get_expiry_message():
    if "System Manager" not in frappe.get_roles():
        return ""

    limits = get_limits()
    if not limits.expiry:
        return ""

    expires_on = getdate(get_limits().get("expiry"))
    today = now_datetime().date()

    message = ""
    if today > expires_on:
        message = _("Your subscription has expired.")
    else:
        days_to_expiry = (expires_on - today).days

        if days_to_expiry == 0:
            message = _("Your subscription will expire today.")

        elif days_to_expiry == 1:
            message = _("Your subscription will expire tomorrow.")

        elif days_to_expiry <= EXPIRY_WARNING_DAYS:
            message = _("Your subscription will expire on {0}.").format(formatdate(expires_on))

    if message and limits.upgrade_url:
        upgrade_link = get_upgrade_link(limits.upgrade_url)
        message += " " + _("To renew, {0}.").format(upgrade_link)

    return message
Пример #24
0
	def validate_party(self):
		if self.party_type and self.party:
			frozen_accounts_modifier = frappe.db.get_value( 'Accounts Settings', None,'frozen_accounts_modifier')
			if not frozen_accounts_modifier in frappe.get_roles():
				if frappe.db.get_value(self.party_type, self.party, "is_frozen"):
					frappe.throw("{0} {1} is frozen".format(self.party_type, self.party), CustomerFrozen)
		validate_party_frozen_disabled(self.party_type, self.party)
Пример #25
0
def get_permission_query_conditions(user):
	roles = frappe.get_roles()
	if "Central Delivery" not in roles and frappe.session.user != "Administrator":
		emp_name = frappe.db.get_value("Employee",{"user_id":frappe.session.user}, "name")
		ip_files = frappe.db.sql(""" select name from `tabIP File` where owner = '{0}' or file_approver = '{1}' """.format(frappe.session.user, emp_name),as_dict=1)
		ip_files = "', '".join([ipf.get("name") for ipf in ip_files if ipf])
		return """(`tabIP File`.name in ('{files}') )""".format(files = ip_files)
Пример #26
0
 def validate_expense_approver(self):
     if self.exp_approver and "Expense Approver" not in frappe.get_roles(self.exp_approver):
         frappe.throw(
             _("{0} ({1}) must have role 'Expense Approver'").format(
                 get_fullname(self.exp_approver), self.exp_approver
             ),
             InvalidExpenseApproverError,
         )
Пример #27
0
def add_message_to_redis(update_json):
	# "update-message" will store the update message string
	# "update-user-set" will be a set of users
	cache = frappe.cache()
	cache.set_value("update-info", json.dumps(update_json))
	user_list = [x.name for x in frappe.get_all("User", filters={"enabled": True})]
	system_managers = [user for user in user_list if 'System Manager' in frappe.get_roles(user)]
	cache.sadd("update-user-set", *system_managers)
Пример #28
0
def get_permission_query_conditions(user):
	if not user: user = frappe.session.user

	if "System Manager" in frappe.get_roles(user):
		return None
	else:
		return """(tabTask.owner = '{user}' or  tabTask._assign like '%{user}%' )"""\
			.format(user=frappe.db.escape(user))
Пример #29
0
def has_permission(doc, user):
	if doc.event_type=="Public" or doc.owner==user:
		return True

	if doc.get("roles", {"role":("in", frappe.get_roles(user))}):
		return True

	return False
Пример #30
0
	def get_permlevel_access(self):
		user_roles = frappe.get_roles()
		has_access_to = []
		for perm in self.meta.permissions:
			if perm.role in user_roles and perm.permlevel > 0 and perm.write:
				if perm.permlevel not in has_access_to:
					has_access_to.append(perm.permlevel)

		return has_access_to
Пример #31
0
def get_roles(arg=None):
    """get roles for a user"""
    return frappe.get_roles(frappe.form_dict['uid'])
Пример #32
0
def has_permission(doc, user):
    if "System Manager" in frappe.get_roles(user):
        return True
    else:
        return doc.owner == user or doc.assigned_by == user
Пример #33
0
def get_user_pages_or_reports(parent, cache=False):
    _cache = frappe.cache()

    if cache:
        has_role = _cache.get_value('has_role:' + parent,
                                    user=frappe.session.user)
        if has_role:
            return has_role

    roles = frappe.get_roles()
    has_role = {}
    column = get_column(parent)

    # get pages or reports set on custom role
    pages_with_custom_roles = frappe.db.sql("""
		select
			`tabCustom Role`.{field} as name,
			`tabCustom Role`.modified,
			`tabCustom Role`.ref_doctype,
			{column}
		from `tabCustom Role`, `tabHas Role`, `tab{parent}`
		where
			`tabHas Role`.parent = `tabCustom Role`.name
			and `tab{parent}`.name = `tabCustom Role`.{field}
			and `tabCustom Role`.{field} is not null
			and `tabHas Role`.role in ({roles})
	""".format(field=parent.lower(),
            parent=parent,
            column=column,
            roles=', '.join(['%s'] * len(roles))),
                                            roles,
                                            as_dict=1)

    for p in pages_with_custom_roles:
        has_role[p.name] = {
            "modified": p.modified,
            "title": p.title,
            "ref_doctype": p.ref_doctype
        }

    pages_with_standard_roles = frappe.db.sql("""
		select distinct
			`tab{parent}`.name as name,
			`tab{parent}`.modified,
			{column}
		from `tabHas Role`, `tab{parent}`
		where
			`tabHas Role`.role in ({roles})
			and `tabHas Role`.parent = `tab{parent}`.name
			and `tab{parent}`.`name` not in (
				select `tabCustom Role`.{field} from `tabCustom Role`
				where `tabCustom Role`.{field} is not null)
			{condition}
		""".format(
        parent=parent,
        column=column,
        roles=', '.join(['%s'] * len(roles)),
        field=parent.lower(),
        condition="and `tabReport`.disabled=0" if parent == "Report" else ""),
                                              roles,
                                              as_dict=True)

    for p in pages_with_standard_roles:
        if p.name not in has_role:
            has_role[p.name] = {"modified": p.modified, "title": p.title}
            if parent == "Report":
                has_role[p.name].update({'ref_doctype': p.ref_doctype})

    # pages with no role are allowed
    if parent == "Page":
        pages_with_no_roles = frappe.db.sql("""
			select
				`tab{parent}`.name, `tab{parent}`.modified, {column}
			from `tab{parent}`
			where
				(select count(*) from `tabHas Role`
				where `tabHas Role`.parent=`tab{parent}`.`name`) = 0
		""".format(parent=parent, column=column),
                                            as_dict=1)

        for p in pages_with_no_roles:
            if p.name not in has_role:
                has_role[p.name] = {"modified": p.modified, "title": p.title}

    elif parent == "Report":
        reports = frappe.get_all("Report",
                                 fields=["name", "report_type"],
                                 filters={"name": ("in", has_role.keys())},
                                 ignore_ifnull=True)
        for report in reports:
            has_role[report.name]["report_type"] = report.report_type

    # Expire every six hours
    _cache.set_value('has_role:' + parent, has_role, frappe.session.user,
                     21600)
    return has_role
Пример #34
0
 def validate_employee_leave_approver(self):
     for l in self.get("leave_approvers")[:]:
         if "Leave Approver" not in frappe.get_roles(l.leave_approver):
             frappe.get_doc("User",
                            l.leave_approver).add_roles("Leave Approver")
Пример #35
0
def get_role_permissions(doctype_meta, user=None, is_owner=None):
    """
	Returns dict of evaluated role permissions like
		{
			"read": 1,
			"write": 0,
			// if "if_owner" is enabled
			"if_owner":
				{
					"read": 1,
					"write": 0
				}
		}
	"""
    if isinstance(doctype_meta, string_types):
        doctype_meta = frappe.get_meta(
            doctype_meta)  # assuming doctype name was passed

    if not user: user = frappe.session.user

    cache_key = (doctype_meta.name, user)

    if user == 'Administrator':
        return allow_everything()

    if not frappe.local.role_permissions.get(cache_key):
        perms = frappe._dict(if_owner={})

        roles = frappe.get_roles(user)

        def is_perm_applicable(perm):
            return perm.role in roles and cint(perm.permlevel) == 0

        def has_permission_without_if_owner_enabled(ptype):
            return any(
                p.get(ptype, 0) and not p.get('if_owner', 0)
                for p in applicable_permissions)

        applicable_permissions = list(
            filter(is_perm_applicable, getattr(doctype_meta, 'permissions',
                                               [])))
        has_if_owner_enabled = any(
            p.get('if_owner', 0) for p in applicable_permissions)
        perms['has_if_owner_enabled'] = has_if_owner_enabled

        for ptype in rights:
            pvalue = any(p.get(ptype, 0) for p in applicable_permissions)
            # check if any perm object allows perm type
            perms[ptype] = cint(pvalue)
            if (pvalue and has_if_owner_enabled
                    and not has_permission_without_if_owner_enabled(ptype)
                    and ptype != 'create'):
                perms['if_owner'][ptype] = cint(pvalue and is_owner)
                # has no access if not owner
                # only provide select or read access so that user is able to at-least access list
                # (and the documents will be filtered based on owner sin further checks)
                perms[ptype] = 1 if ptype in ('select', 'read') else 0

        frappe.local.role_permissions[cache_key] = perms

    return frappe.local.role_permissions[cache_key]
Пример #36
0
def get_role_permissions(meta, user=None, verbose=False):
	"""Returns dict of evaluated role permissions like `{"read": True, "write":False}`

	If user permissions are applicable, it adds a dict of user permissions like

		{
			// user permissions will apply on these rights
			"apply_user_permissions": {"read": 1, "write": 1},

			// doctypes that will be applicable for each right
			"user_permission_doctypes": {
				"read": [
					// AND between "DocType 1" and "DocType 2"
					["DocType 1", "DocType 2"],

					// OR

					["DocType 3"]

				]
			}

			"if_owner": {"read": 1, "write": 1}
		}
	"""
	if not user: user = frappe.session.user
	cache_key = (meta.name, user)

	if not frappe.local.role_permissions.get(cache_key):
		perms = frappe._dict(
			apply_user_permissions={},
			user_permission_doctypes={},
			if_owner={}
		)
		roles = frappe.get_roles(user)
		dont_match = []
		has_a_role_with_apply_user_permissions = False

		for p in meta.permissions:
			if cint(p.permlevel)==0 and (p.role in roles):
				# apply only for level 0

				for ptype in rights:
					# build if_owner dict if applicable for this right
					perms[ptype] = perms.get(ptype, 0) or cint(p.get(ptype))

					if ptype != "set_user_permissions" and p.get(ptype):
						perms["apply_user_permissions"][ptype] = (perms["apply_user_permissions"].get(ptype, 1)
							and p.get("apply_user_permissions"))

					if p.if_owner and p.get(ptype):
						perms["if_owner"][ptype] = 1

					if p.get(ptype) and not p.if_owner and not p.get("apply_user_permissions"):
						dont_match.append(ptype)

				if p.apply_user_permissions:
					has_a_role_with_apply_user_permissions = True

					if p.user_permission_doctypes:
						# set user_permission_doctypes in perms
						try:
							user_permission_doctypes = json.loads(p.user_permission_doctypes)
						except ValueError:
							user_permission_doctypes = []
					else:
						user_permission_doctypes = get_linked_doctypes(meta.name)

					if user_permission_doctypes:
						# perms["user_permission_doctypes"][ptype] would be a list of list like [["User", "Blog Post"], ["User"]]
						for ptype in rights:
							if p.get(ptype):
								perms["user_permission_doctypes"].setdefault(ptype, []).append(user_permission_doctypes)

		# if atleast one record having both Apply User Permission and If Owner unchecked is found,
		# don't match for those rights
		for ptype in rights:
			if ptype in dont_match:
				if perms["apply_user_permissions"].get(ptype):
					del perms["apply_user_permissions"][ptype]

				if perms["if_owner"].get(ptype):
					del perms["if_owner"][ptype]

		# if one row has only "Apply User Permissions" checked and another has only "If Owner" checked,
		# set Apply User Permissions as checked
		# i.e. the case when there is a role with apply_user_permissions as 1, but resultant apply_user_permissions is 0
		if has_a_role_with_apply_user_permissions:
			for ptype in rights:
				if perms["if_owner"].get(ptype) and perms["apply_user_permissions"].get(ptype)==0:
					perms["apply_user_permissions"][ptype] = 1
Пример #37
0
def _is_sys_mgr():
    return "System Manager" in frappe.get_roles(frappe.session.user)
def get_data(filters, leave_types):
    user = frappe.session.user
    allocation_records_based_on_to_date = get_leave_allocation_records(
        filters.to_date)
    allocation_records_based_on_from_date = get_leave_allocation_records(
        filters.from_date)

    active_employees = frappe.get_all(
        "Employee",
        filters={
            "status": "Active",
            "company": filters.company
        },
        fields=["name", "employee_name", "department", "user_id"])

    data = []
    for employee in active_employees:
        leave_approvers = get_approvers(employee.department)
        if (len(leave_approvers) and user in leave_approvers) or (user in [
                "Administrator", employee.user_id
        ]) or ("HR Manager" in frappe.get_roles(user)):
            row = [employee.name, employee.employee_name, employee.department]

            for leave_type in leave_types:
                # leaves taken
                leaves_taken = get_approved_leaves_for_period(
                    employee.name, leave_type, filters.from_date,
                    filters.to_date)

                # opening balance
                opening = 0
                closing = 0

                conditions = (
                    " and leave_type= '" + str(leave_type) +
                    "' and employee='%s' " % employee.name) if employee else ""

                leave_allocation_records = frappe.db.sql(
                    """select employee, leave_type, total_leaves_allocated, total_leaves_encashed, from_date, to_date from `tabLeave Allocation` where from_date >= %s and to_date <= %s and docstatus=1 {0}"""
                    .format(conditions), (filters.from_date, filters.to_date),
                    as_dict=1)
                allocated_leaves = frappe._dict()
                for d in leave_allocation_records:

                    opening = d.total_leaves_allocated
                    # allocated_leaves.setdefault(d.employee, frappe._dict()).setdefault(d.leave_type, frappe._dict({
                    # 	"from_date": d.from_date,
                    # 	"to_date": d.to_date,
                    # 	"total_leaves_allocated": d.total_leaves_allocated,
                    # 	"total_leaves_encashed":d.total_leaves_encashed
                    # }))

                    # opening = get_leave_balance_on(employee.name, leave_type, filters.from_date,allocation_records_based_on_from_date.get(employee.name, frappe._dict()))

                # closing balance
                closing = float(opening) - float(leaves_taken)
                # closing = get_leave_balance_on(employee.name, leave_type, filters.to_date,
                # 	allocation_records_based_on_to_date.get(employee.name, frappe._dict()))

                row += [opening, leaves_taken, closing]

            data.append(row)

    return data
Пример #39
0
def validate_due_date(posting_date, due_date, party_type, party, company):
	if getdate(due_date) < getdate(posting_date):
		frappe.throw(_("Due Date cannot be before Posting Date"))
	else:
		default_due_date = get_due_date(posting_date, party_type, party, company)
		if not default_due_date:
			return

		if default_due_date != posting_date and getdate(due_date) > getdate(default_due_date):
			is_credit_controller = frappe.db.get_single_value("Accounts Settings", "credit_controller") in frappe.get_roles()
			if is_credit_controller:
				msgprint(_("Note: Due / Reference Date exceeds allowed customer credit days by {0} day(s)")
					.format(date_diff(due_date, default_due_date)))
			else:
				frappe.throw(_("Due / Reference Date cannot be after {0}").format(formatdate(default_due_date)))
Пример #40
0
def list_company_member(company):
	if 'Company Admin' not in frappe.get_roles(frappe.session.user):
		return False
	if frappe.db.get_value("Cloud Company", company, "enabled") != 1:
		return False
	return [{"member_id": d[0], "member_name": get_user_fullname(d[0])} for d in frappe.db.get_values("Cloud Employee", {"company": company})]
Пример #41
0
def list_company_user(company):
	if 'Company Admin' not in frappe.get_roles(frappe.session.user):
		return False
	if frappe.db.get_value("Cloud Company", company, "enabled") != 1:
		return False
	return [d[0] for d in frappe.db.get_values("Cloud Employee", {"company": company})]
Пример #42
0
def get_data(filters):
    conditions = get_item_conditions(filters, for_item_dt=False)
    item_conditions = get_item_conditions(filters, for_item_dt=True)
    show_amounts_role = frappe.db.get_single_value(
        "Stock Settings", "restrict_amounts_in_report_to_role")

    price_lists, selected_price_list = get_price_lists(filters)
    price_lists_cond = " and p.price_list in ('{0}')".format("', '".join(
        [frappe.db.escape(d) for d in price_lists]))

    item_data = frappe.db.sql("""
		select item.name as item_code, item.item_name, item.item_group, item.stock_uom, item.sales_uom, item.alt_uom, item.alt_uom_size,
			item.hide_in_price_list
		from tabItem item
		where disabled != 1 {0}
	""".format(item_conditions),
                              filters,
                              as_dict=1)

    po_data = frappe.db.sql(
        """
		select
			item.item_code,
			sum(if(item.qty - item.received_qty < 0, 0, item.qty - item.received_qty) * item.conversion_factor) as po_qty,
			sum(if(item.qty - item.received_qty < 0, 0, item.qty - item.received_qty) * item.conversion_factor * item.base_net_rate) as po_lc_amount
		from `tabPurchase Order Item` item
		inner join `tabPurchase Order` po on po.name = item.parent
		where item.docstatus = 1 and po.status != 'Closed' {0}
		group by item.item_code
	""".format(conditions),
        filters,
        as_dict=1)  # TODO add valuation rate in PO and use that

    bin_data = frappe.db.sql("""
		select
			bin.item_code,
			sum(bin.actual_qty) as actual_qty,
			sum(bin.stock_value) as stock_value
		from tabBin bin, tabItem item
		where item.name = bin.item_code {0}
		group by bin.item_code
	""".format(item_conditions),
                             filters,
                             as_dict=1)

    item_price_data = frappe.db.sql("""
		select p.name, p.price_list, p.item_code, p.price_list_rate, p.currency, p.uom,
			ifnull(p.valid_from, '2000-01-01') as valid_from
		from `tabItem Price` p
		inner join `tabItem` item on item.name = p.item_code
		where %(date)s between ifnull(p.valid_from, '2000-01-01') and ifnull(p.valid_upto, '2500-12-31')
			and ifnull(p.customer, '') = '' and ifnull(p.supplier, '') = '' {0} {1}
		order by p.uom
	""".format(item_conditions, price_lists_cond),
                                    filters,
                                    as_dict=1)

    previous_item_prices = frappe.db.sql("""
		select p.price_list, p.item_code, p.price_list_rate, ifnull(p.valid_from, '2000-01-01') as valid_from, p.uom
		from `tabItem Price` as p
		inner join `tabItem` item on item.name = p.item_code
		where ifnull(p.valid_upto, '0000-00-00') != '0000-00-00' and p.valid_upto < %(date)s {0} {1}
		order by p.valid_upto desc
	""".format(item_conditions, price_lists_cond),
                                         filters,
                                         as_dict=1)

    items_map = {}
    for d in item_data:
        default_uom = d.purchase_uom if filters.buying_selling == "Buying" else d.sales_uom
        if filters.uom:
            d['uom'] = filters.uom
        elif filters.default_uom == "Stock UOM":
            d['uom'] = d.stock_uom
        elif filters.default_uom == "Contents UOM":
            d['uom'] = d.alt_uom or default_uom
        else:
            d['uom'] = default_uom

        if not d.get('uom'):
            d['uom'] = d.stock_uom

        d['print_in_price_list'] = cint(not d['hide_in_price_list'])
        del d['hide_in_price_list']

        d['alt_uom_size'] = convert_item_uom_for(d.alt_uom_size, d.item_code,
                                                 d.stock_uom, d.uom)
        items_map[d.item_code] = d

    for d in po_data:
        if d.item_code in items_map:
            items_map[d.item_code].update(d)

    for d in bin_data:
        if d.item_code in items_map:
            items_map[d.item_code].update(d)

    for item_prices in [item_price_data, previous_item_prices]:
        for d in item_prices:
            if d.item_code in items_map:
                d.price_list_rate = convert_item_uom_for(
                    d.price_list_rate,
                    d.item_code,
                    d.uom,
                    items_map[d.item_code]['uom'],
                    null_if_not_convertible=True)

    item_price_map = {}
    for d in item_price_data:
        if d.item_code in items_map and d.price_list_rate is not None:
            current_item = items_map[d.item_code]
            price = item_price_map.setdefault(d.item_code, {}).setdefault(
                d.price_list, frappe._dict())
            pick_price = (cstr(d.uom) == cstr(current_item.uom) or
                          (cstr(price.reference_uom) != cstr(current_item.uom)
                           and cstr(d.uom) != current_item.stock_uom)
                          or not price)

            if pick_price:
                price.current_price = d.price_list_rate
                price.valid_from = d.valid_from
                price.reference_uom = d.uom
                price.currency = d.currency

                if d.price_list == filters.standard_price_list:
                    items_map[d.item_code].standard_rate = d.price_list_rate

                show_amounts = not show_amounts_role or show_amounts_role in frappe.get_roles(
                )
                if show_amounts:
                    price.item_price = d.name

    for d in previous_item_prices:
        if d.item_code in item_price_map and d.price_list in item_price_map[
                d.item_code] and d.price_list_rate is not None:
            price = item_price_map[d.item_code][d.price_list]
            if 'previous_price' not in price and d.valid_from < price.valid_from:
                price.previous_price = d.price_list_rate

    for item_code, d in iteritems(items_map):
        conversion_factor = convert_item_uom_for(1, d.item_code, d.stock_uom,
                                                 d.uom)
        d.actual_qty = flt(d.actual_qty) / conversion_factor
        d.po_qty = flt(d.po_qty) / conversion_factor

        d.po_lc_rate = flt(d.po_lc_amount) / d.po_qty if d.po_qty else 0
        d.valuation_rate = flt(
            d.stock_value) / d.actual_qty if d.actual_qty else 0

        d.balance_qty = d.actual_qty + d.po_qty
        d.avg_lc_rate = (flt(d.stock_value) + flt(d.po_lc_amount)
                         ) / d.balance_qty if d.balance_qty else 0
        d.margin_rate = (d.standard_rate - d.avg_lc_rate
                         ) * 100 / d.standard_rate if d.standard_rate else None

        for price_list, price in iteritems(item_price_map.get(item_code, {})):
            d["rate_" + scrub(price_list)] = price.current_price
            d["currency_" + scrub(price_list)] = price.currency
            if d.standard_rate is not None:
                d["rate_diff_" + scrub(price_list)] = flt(
                    price.current_price) - flt(d.standard_rate)
            if price.previous_price is not None:
                d["rate_old_" + scrub(price_list)] = price.previous_price
            if price.item_price:
                d["item_price_" + scrub(price_list)] = price.item_price

        d['print_rate'] = d.get("rate_" + scrub(selected_price_list)
                                ) if selected_price_list else d.standard_rate

    if filters.filter_items_without_price:
        to_remove = []
        for item_code, d in iteritems(items_map):
            if not d.get('print_rate'):
                to_remove.append(item_code)
        for item_code in to_remove:
            del items_map[item_code]

    return items_map.values(), price_lists
Пример #43
0
def get_columns(filters, price_lists):
    columns = [
        {
            "fieldname":
            "item_code",
            "label":
            _("Item"),
            "fieldtype":
            "Link",
            "options":
            "Item",
            "width":
            200,
            "price_list_note":
            frappe.db.get_single_value("Price List Settings",
                                       "price_list_note")
        },
        {
            "fieldname": "print_in_price_list",
            "label": _("Print"),
            "fieldtype": "Check",
            "width": 50,
            "editable": 1
        },
        {
            "fieldname": "uom",
            "label": _("UOM"),
            "fieldtype": "Data",
            "width": 50
        },
        {
            "fieldname": "alt_uom_size",
            "label": _("Per Unit"),
            "fieldtype": "Float",
            "width": 68
        },
        # {"fieldname": "item_group", "label": _("Item Group"), "fieldtype": "Link", "options": "Item Group", "width": 120},
        {
            "fieldname": "po_qty",
            "label": _("PO Qty"),
            "fieldtype": "Float",
            "width": 80,
            "restricted": 1
        },
        {
            "fieldname": "po_lc_rate",
            "label": _("PO Rate"),
            "fieldtype": "Currency",
            "width": 90,
            "restricted": 1
        },
        {
            "fieldname": "actual_qty",
            "label": _("Stock Qty"),
            "fieldtype": "Float",
            "width": 80,
            "restricted": 1
        },
        {
            "fieldname": "valuation_rate",
            "label": _("Stock Rate"),
            "fieldtype": "Currency",
            "width": 90,
            "restricted": 1
        },
        {
            "fieldname": "avg_lc_rate",
            "label": _("Avg Rate"),
            "fieldtype": "Currency",
            "width": 90,
            "restricted": 1
        },
    ]

    if filters.standard_price_list:
        columns += [
            {
                "fieldname": "standard_rate",
                "label": _("Standard Rate"),
                "fieldtype": "Currency",
                "width": 110,
                "editable": 1,
                "price_list": filters.standard_price_list,
                "force_currency_symbol": 1,
                "options": "currency_" + scrub(filters.standard_price_list)
            },
            {
                "fieldname": "margin_rate",
                "label": _("Margin"),
                "fieldtype": "Percent",
                "width": 60,
                "restricted": 1
            },
        ]

    for price_list in sorted(price_lists):
        if price_list != filters.standard_price_list:
            columns.append({
                "fieldname": "rate_" + scrub(price_list),
                "label": price_list,
                "fieldtype": "Currency",
                "width": 110,
                "editable": 1,
                "price_list": price_list,
                "options": "currency_" + scrub(price_list),
                "force_currency_symbol": 1
            })

    show_amounts_role = frappe.db.get_single_value(
        "Stock Settings", "restrict_amounts_in_report_to_role")
    show_amounts = not show_amounts_role or show_amounts_role in frappe.get_roles(
    )
    if not show_amounts:
        columns = filter(lambda d: not d.get('restricted'), columns)
        '''for c in columns:
			if c.get('editable'):
				del c['editable']'''

    return columns
Пример #44
0
	def onload(self):
		frozen_accounts_modifier = frappe.db.get_value("Accounts Settings", "Accounts Settings",
			"frozen_accounts_modifier")
		if not frozen_accounts_modifier or frozen_accounts_modifier in frappe.get_roles():
			self.set_onload("can_freeze_account", True)
Пример #45
0
def validate_due_date(posting_date, due_date, party_type, party, company=None, bill_date=None, template_name=None):
	if getdate(due_date) < getdate(posting_date):
		frappe.throw(_("Due Date cannot be before Posting / Supplier Invoice Date"))
	else:
		if not template_name: return

		default_due_date = get_due_date_from_template(template_name, posting_date, bill_date).strftime("%Y-%m-%d")

		if not default_due_date:
			return

		if default_due_date != posting_date and getdate(due_date) > getdate(default_due_date):
			is_credit_controller = frappe.db.get_single_value("Accounts Settings", "credit_controller") in frappe.get_roles()
			if is_credit_controller:
				msgprint(_("Note: Due / Reference Date exceeds allowed customer credit days by {0} day(s)")
					.format(date_diff(due_date, default_due_date)))
			else:
				frappe.throw(_("Due / Reference Date cannot be after {0}")
					.format(formatdate(default_due_date)))
Пример #46
0
def get_data(filters):
    leave_types = frappe.db.sql_list(
        "SELECT `name` FROM `tabLeave Type` ORDER BY `name` ASC")

    conditions = get_conditions(filters)

    user = frappe.session.user
    department_approver_map = get_department_leave_approver_map(
        filters.get('department'))

    active_employees = frappe.get_list('Employee',
                                       filters=conditions,
                                       fields=[
                                           'name', 'employee_name',
                                           'department', 'user_id',
                                           'leave_approver'
                                       ])

    data = []

    for leave_type in leave_types:
        if len(active_employees) > 1:
            data.append({'leave_type': leave_type})
        else:
            row = frappe._dict({'leave_type': leave_type})

        for employee in active_employees:

            leave_approvers = department_approver_map.get(
                employee.department_name, []).append(employee.leave_approver)

            if (leave_approvers and len(leave_approvers) and user in leave_approvers) or (user in ["Administrator", employee.user_id]) \
                    or ("HR Manager" in frappe.get_roles(user)):
                if len(active_employees) > 1:
                    row = frappe._dict()
                row.employee = employee.name,
                row.employee_name = employee.employee_name

                leaves_taken = get_leaves_for_period(employee.name, leave_type,
                                                     filters.from_date,
                                                     filters.to_date) * -1

                new_allocation, expired_leaves = get_allocated_and_expired_leaves(
                    filters.from_date, filters.to_date, employee.name,
                    leave_type)

                opening = get_leave_balance_on(
                    employee.name, leave_type,
                    add_days(filters.from_date,
                             -1))  # allocation boundary condition

                row.leaves_allocated = new_allocation
                row.leaves_expired = expired_leaves - \
                    leaves_taken if expired_leaves - leaves_taken > 0 else 0
                row.opening_balance = opening
                row.leaves_taken = leaves_taken

                # not be shown on the basis of days left it create in user mind for carry_forward leave
                row.closing_balance = (new_allocation + opening -
                                       (row.leaves_expired + leaves_taken))

                row.indent = 1
                data.append(row)
                new_leaves_allocated = 0

    return data
def _get_columns(filters):
    columns = concatv(
        [
            make_column(
                "invoice_name",
                "Sales Invoice",
                type="Link",
                options="Sales Invoice",
                width=150,
            ),
            make_column("invoice_date", type="Date", width=90),
            make_column("invoice_time", type="Time", width=90),
            make_column("brand", type="Link", options="Brand"),
            make_column("item_code", type="Link", options="Item"),
            make_column("item_group", type="Link", options="Item Group"),
            make_column("description"),
        ],
        [make_column("valuation_rate", "Cost Price", type="Currency", width=90)]
        if "Accounts Manager" in frappe.get_roles()
        else [],
        [
            make_column(
                "selling_rate", "Standard Selling Rate", type="Currency", width=90
            ),
            make_column("rate", "Sale Unit Rate", type="Currency", width=90),
            make_column("qty", type="Float", width=90),
        ],
        [make_column("valuation_amount", "Cost Amount", type="Currency", width=90)]
        if "Accounts Manager" in frappe.get_roles()
        else [],
        [
            make_column(
                "amount_before_discount",
                "Sale Amount Before Discount",
                type="Currency",
                width=90,
            ),
            make_column("discount_amount", type="Currency", width=90),
            make_column("discount_percentage", type="Percent", width=90),
            make_column(
                "amount_after_discount",
                "Sale Amount After Discount",
                type="Currency",
                width=90,
            ),
            make_column("ms1", "Minimum Selling Rate 1", type="Currency", width=90),
            make_column(
                "below_ms1",
                "Sold Below Mimimum Selling Rate 1",
                type="Select",
                options=["No", "Yes"],
                width=60,
            ),
            make_column("ms2", "Minimum Selling Rate 2", type="Currency", width=90),
            make_column(
                "below_ms2",
                "Sold Below Mimimum Selling Rate 2",
                type="Select",
                options=["No", "Yes"],
                width=60,
            ),
            make_column("total", "Invoice Total", type="Currency", width=90),
            make_column(
                "additional_discount_amount",
                "Invoice Additional Discount",
                type="Currency",
                width=90,
            ),
            make_column(
                "total_taxes_and_charges",
                "Invoice Taxes and Charges",
                type="Currency",
                width=90,
            ),
            make_column(
                "grand_total",
                "Invoice Grand Total",
                type="Currency",
                width=90,
            ),
            make_column("sales_person", type="Link", options="Employee"),
            make_column("sales_person_name", width="150"),
            make_column("commission_amount", type="Currency", width=90),
            make_column("remarks", type="Small Text", width=150),
            make_column("customer", type="Link", options="Customer"),
            make_column("customer_name", width="150"),
            make_column("notes", type="Small Text", width=150),
            make_column("dispensor", "Optometrist", type="Link", options="Employee"),
            make_column("branch", type="Link", options="Branch"),
            make_column(
                "sales_status", type="Select", options=["Achieved", "Collected"]
            ),
            make_column("collection_date", type="Date", width=90),
        ],
    )

    return list(columns)
Пример #48
0
def get_data(filters, leave_types):
    user = frappe.session.user
    allocation_records_based_on_to_date = get_leave_allocation_records(
        filters.to_date)
    allocation_records_based_on_from_date = get_leave_allocation_records(
        filters.from_date)
    hr_manager = frappe.get_doc("User", frappe.session.user).get(
        "roles", {"role": "HR Manager"})
    if hr_manager:
        emp_filters = {
            "status": "Active",
            "company": filters.company,
            "department": filters.department
        }
    else:
        emp_filters = {
            "status": "Active",
            "company": filters.company,
            "department": filters.department,
            "user_id": frappe.session.user
        }

    active_employees = frappe.get_all(
        "Employee",
        filters=emp_filters,
        fields=["name", "employee_name", "department", "user_id"],
        order_by="name desc")

    data = []
    for employee in active_employees:
        leave_approvers = [
            l.leave_approver for l in frappe.db.sql(
                """select leave_approver from `tabEmployee Leave Approver` where parent = %s""",
                (employee.name),
                as_dict=True)
        ]
        if (len(leave_approvers) and user in leave_approvers) or (user in [
                "Administrator", employee.user_id
        ]) or ("HR Manager" in frappe.get_roles(user)):
            row = [employee.name, employee.employee_name, employee.department]

            for leave_type in leave_types:
                # leaves taken
                leaves_taken = get_approved_leaves_for_period(
                    employee.name, leave_type, filters.from_date,
                    filters.to_date)

                # opening balance
                opening = get_leave_balance_on(
                    employee.name, leave_type, filters.from_date,
                    allocation_records_based_on_from_date.get(
                        employee.name, frappe._dict()))

                # closing balance
                closing = get_leave_balance_on(
                    employee.name, leave_type, filters.to_date,
                    allocation_records_based_on_to_date.get(
                        employee.name, frappe._dict()))

                row += [opening, leaves_taken, closing]

            data.append(row)

    return data
Пример #49
0
    def validate_approving_authority(self,
                                     doctype_name,
                                     company,
                                     total,
                                     doc_obj=''):
        if not frappe.db.count("Authorization Rule"):
            return

        av_dis = 0
        if doc_obj:
            price_list_rate, base_rate = 0, 0
            for d in doc_obj.get("items"):
                if d.base_rate:
                    price_list_rate += flt(d.base_price_list_rate) or flt(
                        d.base_rate)
                    base_rate += flt(d.base_rate)
            if doc_obj.get("discount_amount"):
                base_rate -= flt(doc_obj.discount_amount)

            if price_list_rate:
                av_dis = 100 - flt(base_rate * 100 / price_list_rate)

        final_based_on = [
            'Grand Total', 'Average Discount', 'Customerwise Discount',
            'Itemwise Discount'
        ]

        # Check for authorization set for individual user
        based_on = [
            x[0] for x in frappe.db.sql(
                """select distinct based_on from `tabAuthorization Rule`
			where transaction = %s and system_user = %s
			and (company = %s or ifnull(company,'')='') and docstatus != 2""", (
                    doctype_name, session['user'], company))
        ]

        for d in based_on:
            self.bifurcate_based_on_type(doctype_name, total, av_dis, d,
                                         doc_obj, 1, company)

        # Remove user specific rules from global authorization rules
        for r in based_on:
            if r in final_based_on and r != 'Itemwise Discount':
                final_based_on.remove(r)

        # Check for authorization set on particular roles
        based_on = [
            x[0] for x in frappe.db.sql(
                """select based_on
			from `tabAuthorization Rule`
			where transaction = %s and system_role IN (%s) and based_on IN (%s)
			and (company = %s or ifnull(company,'')='')
			and docstatus != 2
		""" % ('%s', "'" + "','".join(frappe.get_roles()) + "'", "'" +
         "','".join(final_based_on) + "'", '%s'), (doctype_name, company))
        ]

        for d in based_on:
            self.bifurcate_based_on_type(doctype_name, total, av_dis, d,
                                         doc_obj, 2, company)

        # Remove role specific rules from global authorization rules
        for r in based_on:
            if r in final_based_on and r != 'Itemwise Discount':
                final_based_on.remove(r)

        # Check for global authorization
        for g in final_based_on:
            self.bifurcate_based_on_type(doctype_name, total, av_dis, g,
                                         doc_obj, 0, company)
Пример #50
0
def get_user_pages_or_reports(parent):
    roles = frappe.get_roles()
    has_role = {}
    column = get_column(parent)

    # get pages or reports set on custom role
    custom_roles = frappe.db.sql("""
		select
			`tabCustom Role`.{field} as name,
			`tabCustom Role`.modified,
			`tabCustom Role`.ref_doctype
		from `tabCustom Role`, `tabHas Role`
		where
			`tabHas Role`.parent = `tabCustom Role`.name
			and `tabCustom Role`.{field} is not null
			and `tabHas Role`.role in ({roles})
	""".format(field=parent.lower(), roles=', '.join(['%s'] * len(roles))),
                                 roles,
                                 as_dict=1)

    for p in custom_roles:
        has_role[p.name] = {
            "modified": p.modified,
            "title": p.name,
            "ref_doctype": p.ref_doctype
        }

    standard_roles = frappe.db.sql("""
		select distinct
			`tab{parent}`.name as name,
			`tab{parent}`.modified,
			{column}
		from `tabHas Role`, `tab{parent}`
		where
			`tabHas Role`.role in ({roles})
			and `tabHas Role`.parent = `tab{parent}`.name
			and `tab{parent}`.`name` not in (
				select `tabCustom Role`.{field} from `tabCustom Role`
				where `tabCustom Role`.{field} is not null)
			{condition}
		""".format(
        parent=parent,
        column=column,
        roles=', '.join(['%s'] * len(roles)),
        field=parent.lower(),
        condition="and `tabReport`.disabled=0" if parent == "Report" else ""),
                                   roles,
                                   as_dict=True)

    for p in standard_roles:
        if p.name not in has_role:
            has_role[p.name] = {"modified": p.modified, "title": p.title}
            if parent == "Report":
                has_role[p.name].update({'ref_doctype': p.ref_doctype})

    # pages with no role are allowed
    if parent == "Page":
        pages_with_no_roles = frappe.db.sql("""
			select
				`tab{parent}`.name, `tab{parent}`.modified, {column}
			from `tab{parent}`
			where
				(select count(*) from `tabHas Role`
				where `tabHas Role`.parent=`tab{parent}`.`name`) = 0
		""".format(parent=parent, column=column),
                                            as_dict=1)

        for p in pages_with_no_roles:
            if p.name not in has_role:
                has_role[p.name] = {"modified": p.modified, "title": p.title}

    elif parent == "Report":
        for report_name in has_role:
            has_role[report_name]["report_type"] = frappe.db.get_value(
                "Report", report_name, "report_type")

    return has_role
Пример #51
0
def get_doctypes():
	if "System Manager" in frappe.get_roles():
	    return [r[0] for r in frappe.db.sql("""select name from `tabDocType`
			where allow_import = 1""")]
	else:
		return frappe.user._get("can_import")
Пример #52
0
def get_permission_query_conditions(user):
    if not user: user = frappe.session.user
    roles = frappe.get_roles()
    if "Central Delivery" not in roles and frappe.session.user != "Administrator":
        return """(`tabTraining`.owner = '{user}'  )""".format(
            user=frappe.session.user)
Пример #53
0
def can_edit():
    if ("Administrador AGILEX" in frappe.get_roles()):
        return True
    else:
        return False
Пример #54
0
	def validate_party(self):
		if self.party_type and self.party:
			frozen_accounts_modifier = frappe.db.get_value( 'Accounts Settings', None,'frozen_accounts_modifier')
			if not frozen_accounts_modifier in frappe.get_roles():
				if frappe.db.get_value(self.party_type, self.party, "is_frozen"):
					frappe.throw("{0} {1} is frozen".format(self.party_type, self.party), CustomerFrozen)
Пример #55
0
def check_admin_or_system_manager(user=None):
    if not user: user = frappe.session.user

    if ("System Manager"
            not in frappe.get_roles(user)) and (user != "Administrator"):
        frappe.throw(_("Not permitted"), frappe.PermissionError)
Пример #56
0
 def validate_expense_approver(self):
     if self.exp_approver and "Expense Approver" not in frappe.get_roles(
             self.exp_approver):
         frappe.throw(_("{0} ({1}) must have role 'Expense Approver'")\
          .format(get_fullname(self.exp_approver), self.exp_approver), InvalidExpenseApproverError)
Пример #57
0
	def test_fieldlevel_permissions_in_load(self):
		blog = frappe.get_doc({
			"doctype": "Blog Post",
			"blog_category": "-test-blog-category-1",
			"blog_intro": "Test Blog Intro",
			"blogger": "_Test Blogger 1",
			"content": "Test Blog Content",
			"title": "_Test Blog Post {}".format(frappe.utils.now()),
			"published": 0
		})

		blog.insert()

		user = frappe.get_doc('User', '*****@*****.**')

		user_roles = frappe.get_roles()
		user.remove_roles(*user_roles)
		user.add_roles('Blogger')

		blog_post_property_setter = make_property_setter('Blog Post', 'published', 'permlevel', 1, 'Int')
		reset('Blog Post')

		# test field level permission before role level permissions are defined
		frappe.set_user(user.name)
		blog_doc = get_blog(blog.name)

		self.assertEqual(blog_doc.published, None)

		# this will be ignored because user does not
		# have write access on `published` field (or on permlevel 1 fields)
		blog_doc.published = 1
		blog_doc.save()

		# since published field has higher permlevel
		self.assertEqual(blog_doc.published, 0)

		# test field level permission after role level permissions are defined
		frappe.set_user('Administrator')
		add('Blog Post', 'Website Manager', 1)
		update('Blog Post', 'Website Manager', 1, 'write', 1)

		frappe.set_user(user.name)
		blog_doc = get_blog(blog.name)

		self.assertEqual(blog_doc.name, blog.name)
		# since published field has higher permlevel
		self.assertEqual(blog_doc.published, None)

		# this will be ignored because user does not
		# have write access on `published` field (or on permlevel 1 fields)
		blog_doc.published = 1
		blog_doc.save()

		# since published field has higher permlevel
		self.assertEqual(blog_doc.published, 0)

		frappe.set_user('Administrator')
		user.add_roles('Website Manager')
		frappe.set_user(user.name)

		doc = frappe.get_doc('Blog Post', blog.name)
		doc.published = 1
		doc.save()

		blog_doc = get_blog(blog.name)
		# now user should be allowed to read field with higher permlevel
		# (after adding Website Manager role)
		self.assertEqual(blog_doc.published, 1)

		frappe.set_user('Administrator')

		# reset user roles
		user.remove_roles('Blogger', 'Website Manager')
		user.add_roles(*user_roles)

		blog_doc.delete()
		frappe.delete_doc(blog_post_property_setter.doctype, blog_post_property_setter.name)
Пример #58
0
def validate_expense_approver(exp_approver):
    if exp_approver and "Expense Approver" not in frappe.get_roles(
            exp_approver):
        return "{0} ({1}) must have role 'Expense Approver'".format(
            get_fullname(exp_approver), exp_approver)
    return ""
Пример #59
0
def check_credit_limit(customer,
                       company,
                       reference_doctype,
                       reference_document,
                       ignore_outstanding_sales_order=False,
                       extra_amount=0):
    customer_outstanding = get_customer_outstanding(
        customer, company, ignore_outstanding_sales_order)
    if extra_amount > 0:
        customer_outstanding += flt(extra_amount)

    credit_limit = get_credit_limit(customer, company)
    if credit_limit > 0 and flt(customer_outstanding) > credit_limit:
        msgprint(
            _("Credit limit has been crossed for customer {0} ({1}/{2})").
            format(customer, customer_outstanding, credit_limit))

        # If not authorized person raise exception
        credit_controller_role = frappe.db.get_single_value(
            'Accounts Settings', 'credit_controller')
        if not credit_controller_role or credit_controller_role not in frappe.get_roles(
        ):
            # form a list of emails for the credit controller users
            credit_controller_users = get_users_with_role(
                credit_controller_role or "Sales Master Manager")
            credit_controller_users = [
                user[0] for user in credit_controller_users
            ]

            # form a list of emails and names to show to the user
            credit_controller_users_list = [
                user for user in credit_controller_users
                if frappe.db.exists("Employee", {"prefered_email": user})
            ]
            credit_controller_users = [
                get_formatted_email(user).replace("<", "(").replace(">", ")")
                for user in credit_controller_users_list
            ]

            if not credit_controller_users:
                frappe.throw(
                    _("Please contact your administrator to extend the credit limits for {0}."
                      .format(customer)))

            message = """Please contact any of the following users to extend the credit limits for {0}:
				<br><br><ul><li>{1}</li></ul>""".format(
                customer, '<li>'.join(credit_controller_users))

            # if the current user does not have permissions to override credit limit,
            # prompt them to send out an email to the controller users
            frappe.msgprint(
                message,
                title="Notify",
                raise_exception=1,
                primary_action={
                    'label': 'Send Email',
                    'server_action':
                    'erpnext.selling.doctype.customer.customer.send_emails',
                    'hide_on_success': 1,
                    'args': {
                        'customer':
                        customer,
                        'customer_outstanding':
                        customer_outstanding,
                        'credit_limit':
                        credit_limit,
                        'credit_controller_users_list':
                        credit_controller_users_list,
                        'document_link':
                        frappe.utils.get_link_to_form(reference_doctype,
                                                      reference_document)
                    }
                })
Пример #60
0
def get_attendance(limit_start=0, limit=10):
    default_date = datetime.date.today()
    user = frappe.session.user
    limit_start = cint(limit_start)
    row_template = 'for_attendance/doctype/attendance/templates/attendance_row.html'
    result = []
    doctype = 'Attendance'
    meta = frappe.get_meta(doctype)
    all_fields = frappe.get_meta(doctype).fields
    list_view_fields = [df for df in all_fields if df.in_list_view][:4]
    time = frappe.form_dict.time
    
    if 'Employee' and not 'Administrator' in frappe.get_roles(user):
        attendances = frappe.db.sql('''select name from `tabAttendance` where attendance_date = %s
                and employee IN (select name from `tabEmployee` where user_id = %s)
                order by attendance_date desc limit %s, %s''', (default_date, user, limit_start, limit+1), as_dict=1)
        if time and time == 'weekly':
            attendances = frappe.db.sql('''select name from `tabAttendance` where WEEK(attendance_date, 1) = %s
                and employee IN (select name from `tabEmployee` where user_id = %s)
                order by attendance_date desc limit %s, %s''', (default_date.isocalendar()[1], user, limit_start, limit+1), as_dict=1)
        if time and time == 'monthly':
            attendances = frappe.db.sql('''select name from `tabAttendance` where MONTH(attendance_date) = %s
                and employee IN (select name from `tabEmployee` where user_id = %s)
                order by attendance_date desc limit %s, %s''', (default_date.month, user, limit_start, limit+1), as_dict=1)
    else:
        attendances = frappe.db.sql('''select name from `tabAttendance` where attendance_date = %s
                order by attendance_date desc limit %s, %s ''', (default_date, limit_start, limit+1), as_dict=1)
        if time and time == 'weekly':
            attendances = frappe.db.sql('''select name from `tabAttendance` where WEEK(attendance_date, 1) = %s
                order by attendance_date desc limit %s, %s''', (default_date.isocalendar()[1], limit_start, limit+1), as_dict=1)
        if time and time == 'monthly':
            attendances = frappe.db.sql('''select name from `tabAttendance` where MONTH(attendance_date) = %s
                order by attendance_date desc limit %s, %s''', (default_date.month, limit_start, limit+1), as_dict=1)
    show_more = len(attendances) > limit
    t_doc = frappe.get_doc('Attendance', attendances[0])
    if show_more:
        attendances = attendances[:-1]
    for a in attendances:
        doc = frappe.get_doc(doctype, a)
        new_context = frappe._dict(doc=doc, meta=meta, list_view_fields=list_view_fields)
        rendered_row = frappe.render_template(row_template, new_context)
        result.append(rendered_row)
    return {
        "list_view_fields":list_view_fields,
        "result":result,
        "show_more": show_more,
        "next_start": limit_start + limit,
        "time": time,
        "week": t_doc.total_in_week,
        "month": t_doc.total_in_month
        }

# Not removing follwoing for syntax purpose
# but the above function is better approach I think
# @frappe.whitelist()
# def get_attendance(limit_start=0, limit=5):
#     limit_start = cint(limit_start)
#     row_template = 'for_attendance/doctype/attendance/templates/attendance_row.html'
#     result = []
#     doctype = 'Attendance'
#     meta = frappe.get_meta(doctype)
#     all_fields = frappe.get_meta(doctype).fields
#     list_view_fields = [df for df in all_fields if df.in_list_view][:4]
#     time = frappe.form_dict.time
#     attendances = frappe.get_all(doctype, filters={'attendance_date': datetime.date.today()}, start=limit_start, page_length=limit+1)
#     if time and time != 'today':
#         attendances = frappe.get_all(doctype, start=limit_start, page_length=limit+1)
#     show_more = len(attendances) > limit
#     if show_more:
#         attendances = attendances[:-1]
#     for a in attendances:
#         doc = frappe.get_doc(doctype, a.name)
#         if time:
#             if time == 'today':
#                 checker = True
#             elif time == 'monthly':
#                 checker = bool((doc.attendance_date).month == datetime.date.today().month)
#             elif time == 'weekly':
#                 checker = bool((doc.attendance_date).strftime("%V") == datetime.date.today().strftime("%V"))
#             if checker:
#                 new_context = frappe._dict(doc=doc, meta=meta, list_view_fields=list_view_fields)
#                 rendered_row = frappe.render_template(row_template, new_context)
#                 result.append(rendered_row)
#         else:
#             new_context = frappe._dict(doc=doc, meta=meta, list_view_fields=list_view_fields)
#             rendered_row = frappe.render_template(row_template, new_context)
#             result.append(rendered_row)

#     return {
#         "attendances": attendances,
#         "list_view_fields":list_view_fields,
#         "result":result,
#         "show_more": show_more,
#         "next_start": limit_start + limit,
#         }