[permissions] Added Test Cases

webnotes/__init__.py

@@ -351,26 +351,34 @@ def has_permission(doctype, ptype="read", refdoc=None):
 def has_match(meta, perms, refdoc):
 	from webnotes.defaults import get_restrictions
 	
-	restrictions = get_restrictions()
-	if not restrictions:
-		return True
-	
 	restrictions = get_restrictions()
 	if restrictions:
 		if isinstance(refdoc, basestring):
 			refdoc = doc(meta[0].name, refdoc)
 	
-	fields_to_check = meta.get({"DocType":"DocField", "parent":meta[0].name, "fieldtype":"Link", 
-		"options":("in", restrictions.keys()), "ignore_restrictions":("!=", 1)})
-	
-	if meta[0].name in restrictions:
-		fields_to_check.append(_dict({"label":"Name", "fieldname":"name"}))
+		fields_to_check = meta.get_restricted_fields(restrictions.keys())
+			
+		if meta[0].name in restrictions:
+			fields_to_check.append(_dict({"label":"Name", "fieldname":"name"}))
+	
+		for df in fields_to_check:
+			if refdoc.get(df.fieldname) not in restrictions[df.options]:
+				msg = _("Not allowed for: ") + df.label + " equals " + refdoc.get(df.fieldname)
+				msgprint(msg)
+				return False
+			
+	# check owner match (if exists)
+	owner_match = None
 	
-	for df in fields_to_check:
-		if refdoc.get(df.fieldname) not in restrictions[meta[0].name]:
-			msg = _("Not allowed for: ") + df.label + " equals " + refdoc.get(df.fieldname)
-			msgprint(msg)
-			return False
+	for p in perms:
+		if p.get("match")=="owner":
+			if refdoc.get("owner") != local.session.user:
+				owner_match = owner_match or False
+			else:
+				owner_match = True
+				
+	if owner_match == False: 
+		return False
 	
 	return True
 

webnotes/widgets/reportview.py

@@ -198,32 +198,27 @@ def build_match_conditions(doctype, fields=None, as_condition=True):
 	# get restrictions
 	restrictions = webnotes.defaults.get_restrictions()
 	
-	if not restrictions:
-		return "" if as_condition else {}
-	
-	fields_to_check = webnotes.local.reportview_doctypes[doctype].get({"doctype":"DocField", 
-		"fieldtype":"Link", "parent":doctype, 
-		"ignore_restriction":("!=", 1), 
-		"options":("in", restrictions.keys())})
-	if doctype in restrictions:
-		fields_to_check.append(webnotes._dict({"fieldname":"name", "options":doctype}))
+	if restrictions:
+		fields_to_check = webnotes.local.reportview_doctypes[doctype].get_restricted_fields(restrictions.keys())
+		if doctype in restrictions:
+			fields_to_check.append(webnotes._dict({"fieldname":"name", "options":doctype}))
 		
-	# check in links
-	for df in fields_to_check:
-		if as_condition:
-			match_conditions.append('`tab{doctype}`.{fieldname} in ({values})'.format(doctype=doctype,
-				fieldname=df.fieldname, 
-				values=", ".join([('"'+v.replace('"', '\"')+'"') for v in restrictions[df.options]])))
-		else:
-			match_filters.setdefault(df.fieldname, [])
-			match_filters[df.fieldname]= restrictions[df.options]
+		# check in links
+		for df in fields_to_check:
+			if as_condition:
+				match_conditions.append('`tab{doctype}`.{fieldname} in ({values})'.format(doctype=doctype,
+					fieldname=df.fieldname, 
+					values=", ".join([('"'+v.replace('"', '\"')+'"') for v in restrictions[df.options]])))
+			else:
+				match_filters.setdefault(df.fieldname, [])
+				match_filters[df.fieldname]= restrictions[df.options]
 				
 	# add owner match
 	if webnotes.local.reportview_doctypes[doctype].get({"doctype":"DocPerm","read":1,
 		"permlevel":0,"match":"owner"}):
-		match_conditions.append('`tab{doctype}.owner="{user}"`'.format(doctye=doctype, 
-			owner=webnotes.session.user))
-		match_filters["owner"] = [webnotes.session.user]
+		match_conditions.append('`tab{doctype}`.`owner`="{user}"'.format(doctype=doctype, 
+			user=webnotes.local.session.user))
+		match_filters["owner"] = [webnotes.local.session.user]
 						
 	if as_condition:
 		conditions = " and ".join(match_conditions)