Filter query reports based on permissions using doctype name instead of fieldnames

před 11 roky · ae38bcf40f
--- a/frappe/model/db_query.py
+++ b/frappe/model/db_query.py
@@ -256,7 +256,7 @@ class DatabaseQuery(object):
 					fieldname=df.fieldname,
 					values=", ".join([('"'+v.replace('"', '\"')+'"') for v in user_permissions[df.options]])
 				))
 				match_filters[df.fieldname] = user_permissions[df.options]
 				match_filters[df.options] = user_permissions[df.options]
 			if match_conditions:
 				self.match_conditions.append(" and ".join(match_conditions))
--- a/frappe/public/js/frappe/views/query_report.js
+++ b/frappe/public/js/frappe/views/query_report.js
@@ -475,14 +475,22 @@ frappe.views.QueryReport = Class.extend({
 		// apply inline filters
 		if (!me.inline_filter(item)) return false;
 		var parent_name = item[me.parent_field];
 		while (parent_name) {
 			if (me.item_by_name[parent_name]._collapsed) {
 				return false;
 		try {
 			var parent_name = item[me.parent_field];
 			while (parent_name) {
 				if (me.item_by_name[parent_name]._collapsed) {
 					return false;
 				}
 				parent_name = me.item_by_name[parent_name][me.parent_field];
 			}
 			parent_name = me.item_by_name[parent_name][me.parent_field];
 			return true;
 		} catch (e) {
 			if (e.message.indexOf("[parent_name] is undefined")!==-1) {
 				msgprint(__("Unable to display this tree report, due to missing data. Most likely, it is being filtered out due to permissions."));
 			}
 			throw e;
 		}
 		return true;
 	},
 	tree_formatter: function(row, cell, value, columnDef, dataContext) {
 		var me = frappe.query_report;
--- a/frappe/widgets/query_report.py
+++ b/frappe/widgets/query_report.py
@@ -138,7 +138,6 @@ def add_total_row(result, columns):
 def get_filtered_data(ref_doctype, columns, data):
 	result = []
 	linked_doctypes = get_linked_doctypes(columns)
 	match_filters_per_doctype = get_user_match_filters(linked_doctypes, ref_doctype)
@@ -153,17 +152,19 @@ def get_filtered_data(ref_doctype, columns, data):
 	return result
 def has_match(row, linked_doctypes, doctype_match_filters):
 	filter_column_cache = {}
 	resultant_match = True
 	if not row:
 		# allow empty rows :)
 		return resultant_match
 	for doctype, filter_list in doctype_match_filters.items():
 		matched_for_doctype = False
 		for match_filters in filter_list:
 			match = True
 			matched_columns = get_matched_columns(linked_doctypes, match_filters, filter_column_cache)
 			for col, idx in matched_columns.items():
 				if row[idx] not in match_filters[col]:
 			for dt, idx in linked_doctypes.items():
 				if dt in match_filters and row[idx] not in match_filters[dt]:
 					match = False
 					break
@@ -194,7 +195,7 @@ def get_linked_doctypes(columns):
 		# dict
 		elif col.get("fieldtype")=="Link" and col.get("options"):
 			linked_doctypes[col["options"]] = idx
 			linked_doctypes[col["options"]] = col["fieldname"]
 	return linked_doctypes
@@ -202,21 +203,8 @@ def get_user_match_filters(doctypes, ref_doctype):
 	match_filters = {}
 	for dt in doctypes:
 		match_filters[dt] = frappe.widgets.reportview.build_match_conditions(dt, False)
 		filter_list = frappe.widgets.reportview.build_match_conditions(dt, False)
 		if filter_list:
 			match_filters[dt] = filter_list
 	return match_filters
 def get_matched_columns(linked_doctypes, match_filters, filter_column_cache):
 	if not filter_column_cache.get(match_filters.keys()):
 		if "owner" in match_filters:
 			match_filters["user"] = match_filters["owner"]
 		col_idx_map = {}
 		for dt, idx in linked_doctypes.items():
 			link_field = dt.lower().replace(" ", "_")
 			if link_field in match_filters:
 				col_idx_map[link_field] = idx
 		filter_column_cache[match_filters.keys()] = col_idx_map
 	return filter_column_cache[match_filters.keys()]