Anand Doshi
11 年之前
共有 2 個文件被更改,包括 9 次插入 和 3 次删除
統一視圖
Diff Options
+ 3
- 2
frappe/core/doctype/event/event.py
查看文件
| @@ -28,12 +28,13 @@ def get_permission_query_conditions(): | |||||
| "roles": "', '".join(frappe.get_roles(frappe.session.user)) | "roles": "', '".join(frappe.get_roles(frappe.session.user)) | ||||
| } | } | ||||
| def has_permission(doc): | |||||
| def has_permission(doc, bean=None): | |||||
| if doc.event_type=="Public" or doc.owner==frappe.session.user: | if doc.event_type=="Public" or doc.owner==frappe.session.user: | ||||
| return True | return True | ||||
| # need full doclist to check roles and users | # need full doclist to check roles and users | ||||
| bean = frappe.bean("Event", doc.name) | |||||
| if not bean: | |||||
| bean = frappe.bean("Event", doc.name) | |||||
| if len(bean.doclist)==1: | if len(bean.doclist)==1: | ||||
| return False | return False | ||||
+ 6
- 1
frappe/permissions.py
查看文件
| @@ -101,9 +101,14 @@ def has_unrestricted_access(meta, refdoc, verbose=True): | |||||
| return False if has_restricted_data else True | return False if has_restricted_data else True | ||||
| def has_additional_permission(doc): | def has_additional_permission(doc): | ||||
| if doc.fields.get("__islocal"): | |||||
| bean = frappe.bean(doc) | |||||
| else: | |||||
| bean = frappe.bean(doc.doctype, doc.name) | |||||
| condition_methods = frappe.get_hooks("has_permission:" + doc.doctype) | condition_methods = frappe.get_hooks("has_permission:" + doc.doctype) | ||||
| for method in frappe.get_hooks("has_permission:" + doc.doctype): | for method in frappe.get_hooks("has_permission:" + doc.doctype): | ||||
| if not frappe.get_attr(method)(doc): | |||||
| if not frappe.call(frappe.get_attr(method), doc=doc, bean=bean): | |||||
| return False | return False | ||||
| return True | return True | ||||