From 0d2e01720c0171f73a275036b81ad6d40daa9e11 Mon Sep 17 00:00:00 2001
From: RobertSchouten <robert_schouten@live.com>
Date: Sat, 8 Oct 2016 13:36:27 +0800
Subject: [PATCH] fix for write share permission #1996 (#2016)

* add write perm as cascade has been removed

* remove cascade permission from docshare

to allow read only access to share

* remove cascade permission for write permission

* check existing shares for write permission

* unset permissions on read
---
 frappe/core/doctype/docshare/docshare.py                | 2 --
 frappe/core/doctype/docshare/test_docshare.py           | 8 ++++----
 frappe/core/doctype/user/user.py                        | 2 +-
 frappe/patches/v5_0/update_shared.py                    | 2 +-
 frappe/public/js/frappe/form/templates/set_sharing.html | 4 ++--
 frappe/share.py                                         | 2 --
 6 files changed, 8 insertions(+), 12 deletions(-)

diff --git a/frappe/core/doctype/docshare/docshare.py b/frappe/core/doctype/docshare/docshare.py
index 047d24a9dd..40362765a9 100644
--- a/frappe/core/doctype/docshare/docshare.py
+++ b/frappe/core/doctype/docshare/docshare.py
@@ -19,8 +19,6 @@ class DocShare(Document):
 		self.get_doc().run_method("validate_share", self)
 
 	def cascade_permissions_downwards(self):
-		if self.share:
-			self.write = 1
 		if self.write:
 			self.read = 1
 
diff --git a/frappe/core/doctype/docshare/test_docshare.py b/frappe/core/doctype/docshare/test_docshare.py
index e4a41ac0d2..10986d9eae 100644
--- a/frappe/core/doctype/docshare/test_docshare.py
+++ b/frappe/core/doctype/docshare/test_docshare.py
@@ -34,7 +34,7 @@ class TestDocShare(unittest.TestCase):
 		self.assertTrue(self.event.has_permission())
 
 	def test_share_permission(self):
-		frappe.share.add("Event", self.event.name, self.user, share=1)
+		frappe.share.add("Event", self.event.name, self.user, write=1, share=1)
 
 		frappe.set_user(self.user)
 		self.assertTrue(self.event.has_permission("share"))
@@ -60,14 +60,14 @@ class TestDocShare(unittest.TestCase):
 		self.assertRaises(frappe.PermissionError, frappe.share.add, "Event", self.event.name, self.user)
 
 		frappe.set_user("Administrator")
-		frappe.share.add("Event", self.event.name, self.user, share=1)
+		frappe.share.add("Event", self.event.name, self.user, write=1, share=1)
 
 		# test not raises
 		frappe.set_user(self.user)
-		frappe.share.add("Event", self.event.name, "test1@example.com", share=1)
+		frappe.share.add("Event", self.event.name, "test1@example.com", write=1, share=1)
 
 	def test_remove_share(self):
-		frappe.share.add("Event", self.event.name, self.user, share=1)
+		frappe.share.add("Event", self.event.name, self.user, write=1, share=1)
 
 		frappe.set_user(self.user)
 		self.assertTrue(self.event.has_permission("share"))
diff --git a/frappe/core/doctype/user/user.py b/frappe/core/doctype/user/user.py
index 4763ff4bab..3169043065 100644
--- a/frappe/core/doctype/user/user.py
+++ b/frappe/core/doctype/user/user.py
@@ -178,7 +178,7 @@ class User(Document):
 
 	def share_with_self(self):
 		if self.user_type=="System User":
-			frappe.share.add(self.doctype, self.name, self.name, share=1,
+			frappe.share.add(self.doctype, self.name, self.name, write=1, share=1,
 				flags={"ignore_share_permission": True})
 		else:
 			frappe.share.remove(self.doctype, self.name, self.name,
diff --git a/frappe/patches/v5_0/update_shared.py b/frappe/patches/v5_0/update_shared.py
index 8ce3f842af..4ba908b334 100644
--- a/frappe/patches/v5_0/update_shared.py
+++ b/frappe/patches/v5_0/update_shared.py
@@ -13,7 +13,7 @@ def execute():
 	users = frappe.get_all("User", filters={"user_type": "System User"})
 	usernames = [user.name for user in users]
 	for user in usernames:
-		frappe.share.add("User", user, user, share=1)
+		frappe.share.add("User", user, user, write=1, share=1)
 
 	# move event user to shared
 	if frappe.db.exists("DocType", "Event User"):
diff --git a/frappe/public/js/frappe/form/templates/set_sharing.html b/frappe/public/js/frappe/form/templates/set_sharing.html
index 9c27ab179c..0452dc7fd6 100644
--- a/frappe/public/js/frappe/form/templates/set_sharing.html
+++ b/frappe/public/js/frappe/form/templates/set_sharing.html
@@ -12,7 +12,7 @@
         <div class="col-xs-2"><input type="checkbox" name="read"
             {% if(cint(everyone.read)) { %}checked{% } %} class="edit-share"></div>
         <div class="col-xs-2"><input type="checkbox" name="write"
-            {% if(cint(everyone.write)) { %}checked{% } %} class="edit-share"></div>
+            {% if(cint(everyone.write)) { %}checked{% } %} class="edit-share"{% if (!frm.perm[0].write){ %} disabled="disabled"{% } %}></div>
         <div class="col-xs-2"><input type="checkbox" name="share"
             {% if(cint(everyone.share)) { %}checked{% } %} class="edit-share"></div>
 	</div>
@@ -25,7 +25,7 @@
 	        <div class="col-xs-2"><input type="checkbox" name="read"
 	            {% if(cint(s.read)) { %}checked{% } %} class="edit-share"></div>
 	        <div class="col-xs-2"><input type="checkbox" name="write"
-	            {% if(cint(s.write)) { %}checked{% } %} class="edit-share"></div>
+	            {% if(cint(s.write)) { %}checked{% } %} class="edit-share"{% if (!frm.perm[0].write){ %} disabled="disabled"{% } %}></div>
 	        <div class="col-xs-2"><input type="checkbox" name="share"
 	            {% if(cint(s.share)) { %}checked{% } %} class="edit-share"></div>
 	    </div>
diff --git a/frappe/share.py b/frappe/share.py
index dc37a12507..15b878f6c7 100644
--- a/frappe/share.py
+++ b/frappe/share.py
@@ -73,8 +73,6 @@ def set_permission(doctype, name, user, permission_to, value=1, everyone=0):
 			# un-set higher-order permissions too
 			if permission_to=="read":
 				share.read = share.write = share.share = 0
-			elif permission_to=="write":
-				share.write = share.share = 0
 
 		share.save()