[minor] ignore permissions option for filters in db_query (#3234)

8年前 · 262f361021
--- a/frappe/desk/reportview.py
+++ b/frappe/desk/reportview.py
@@ -37,7 +37,7 @@ def get_form_params():
 		data["save_user_settings"] = json.loads(data["save_user_settings"])
 	else:
 		data["save_user_settings"] = True
 	

 	doctype = data["doctype"]
 	fields = data["fields"]

@@ -51,9 +51,9 @@ def get_form_params():
 			fieldname = fieldname.strip("`")

 		df = frappe.get_meta(parenttype).get_field(fieldname)
 		

 		report_hide = df.report_hide if df else None
 		

 		# remove the field from the query if the report hide flag is set
 		if report_hide:
 			fields.remove(field)
@@ -331,7 +331,7 @@ def build_match_conditions(doctype, as_condition=True):
 	else:
 		return match_conditions

 def get_filters_cond(doctype, filters, conditions):
 def get_filters_cond(doctype, filters, conditions, ignore_permissions=None):
 	if filters:
 		flt = filters
 		if isinstance(filters, dict):
@@ -347,7 +347,7 @@ def get_filters_cond(doctype, filters, conditions):
 		query = DatabaseQuery(doctype)
 		query.filters = flt
 		query.conditions = conditions
 		query.build_filter_conditions(flt, conditions)
 		query.build_filter_conditions(flt, conditions, ignore_permissions)

 		cond = ' and ' + ' and '.join(query.conditions)
 	else:
--- a/frappe/geo/address_and_contact.py
+++ b/frappe/geo/address_and_contact.py
@@ -4,7 +4,7 @@
 from __future__ import unicode_literals
 import frappe

 def load_address_and_contact(doc, key):
 def load_address_and_contact(doc, key=None):
 	"""Loads address list and contact list in `__onload`"""
 	from frappe.geo.doctype.address.address import get_address_display

--- a/frappe/model/db_query.py
+++ b/frappe/model/db_query.py
@@ -250,8 +250,11 @@ class DatabaseQuery(object):
 			if match_conditions:
 				self.conditions.append("(" + match_conditions + ")")

 	def build_filter_conditions(self, filters, conditions):
 	def build_filter_conditions(self, filters, conditions, ignore_permissions=None):
 		"""build conditions from user filters"""
 		if ignore_permissions is not None:
 			self.flags.ignore_permissions = ignore_permissions

 		if isinstance(filters, dict):
 			filters = [filters]

--- a/frappe/tests/test_db_query.py
+++ b/frappe/tests/test_db_query.py
@@ -5,6 +5,7 @@ from __future__ import unicode_literals
 import frappe, unittest

 from frappe.model.db_query import DatabaseQuery
 from frappe.desk.reportview import get_filters_cond

 class TestReportview(unittest.TestCase):
 	def test_basic(self):
@@ -70,6 +71,12 @@ class TestReportview(unittest.TestCase):
 		self.assertTrue({ "name": todays_event.name } in data)
 		self.assertTrue({ "name": event.name } in data)

 	def test_ignore_permissions_for_get_filters_cond(self):
 		frappe.set_user('test1@example.com')
 		self.assertRaises(frappe.PermissionError, get_filters_cond, 'DocType', dict(istable=1), [])
 		self.assertTrue(get_filters_cond('DocType', dict(istable=1), [], ignore_permissions=True))
 		frappe.set_user('Administrator')

 def create_event(subject="_Test Event", starts_on=None):
 	""" create a test event """