diff --git a/core/doctype/doctype/doctype.py b/core/doctype/doctype/doctype.py index b05166ef14..b0a1aebfbd 100644 --- a/core/doctype/doctype/doctype.py +++ b/core/doctype/doctype/doctype.py @@ -141,27 +141,26 @@ class DocType: def make_amendable(self): """ - if is_submittable is set, add amended_from - docfields + if is_submittable is set, add amended_from docfields """ if self.doc.is_submittable: - import webnotes.model.doctype - temp_doclist = webnotes.model.doctype.get(self.doc.name) - max_idx = max([d.idx for d in temp_doclist if d.idx]) - max_idx = max_idx and max_idx or 0 - if 'amended_from' not in [d.fieldname for d in temp_doclist if \ - d.doctype=='DocField']: - new = self.doc.addchild('fields', 'DocField', self.doclist) - new.label = 'Amended From' - new.fieldtype = 'Link' - new.fieldname = 'amended_from' - new.options = self.doc.name - new.permlevel = 0 - new.read_only = 1 - new.print_hide = 1 - new.no_copy = 1 - new.idx = max_idx + 1 - max_idx += 1 + if not webnotes.conn.sql("""select name from tabDocField + where fieldname = 'amended_from' and parent = %s""", self.doc.name): + new = self.doc.addchild('fields', 'DocField', self.doclist) + new.label = 'Amended From' + new.fieldtype = 'Link' + new.fieldname = 'amended_from' + new.options = self.doc.name + new.permlevel = 0 + new.read_only = 1 + new.print_hide = 1 + new.no_copy = 1 + new.idx = self.get_max_idx() + 1 + + def get_max_idx(self): + max_idx = webnotes.conn.sql("""select max(idx) from `tabDocField` where parent = %s""", + self.doc.name) + return max_idx and max_idx[0][0] or 0 def validate_fields_for_doctype(doctype): from webnotes.model.doctype import get diff --git a/core/page/permission_manager/permission_manager.py b/core/page/permission_manager/permission_manager.py index 236a9cd84b..25e4b9846d 100644 --- a/core/page/permission_manager/permission_manager.py +++ b/core/page/permission_manager/permission_manager.py @@ -1,5 +1,6 @@ from __future__ import unicode_literals import webnotes +import webnotes.defaults @webnotes.whitelist(allow_roles=["System Manager", "Administrator"]) def get_roles_and_doctypes(): @@ -22,8 +23,13 @@ def get_permissions(doctype=None, role=None): @webnotes.whitelist(allow_roles=["System Manager", "Administrator"]) def remove(doctype, name): + match = webnotes.conn.get_value("DocPerm", name, "match") + webnotes.conn.sql("""delete from tabDocPerm where name=%s""", name) validate_and_reset(doctype, for_remove=True) + + if match: + webnotes.defaults.clear_cache() @webnotes.whitelist(allow_roles=["System Manager", "Administrator"]) def add(parent, role, permlevel): @@ -46,11 +52,15 @@ def update(name, doctype, ptype, value=0): % (ptype, '%s', '%s'), (value, name)) validate_and_reset(doctype) + if ptype == "read" and webnotes.conn.get_value("DocPerm", name, "match"): + webnotes.defaults.clear_cache() + @webnotes.whitelist(allow_roles=["System Manager", "Administrator"]) def update_match(name, doctype, match=""): webnotes.conn.sql("""update tabDocPerm set `match`=%s where name=%s""", (match, name)) validate_and_reset(doctype) + webnotes.defaults.clear_cache() def validate_and_reset(doctype, for_remove=False): from core.doctype.doctype.doctype import validate_permissions_for_doctype @@ -61,6 +71,7 @@ def validate_and_reset(doctype, for_remove=False): def reset(doctype): webnotes.reset_perms(doctype) webnotes.clear_cache(doctype=doctype) + webnotes.defaults.clear_cache() @webnotes.whitelist(allow_roles=["System Manager", "Administrator"]) def get_users_with_role(role): diff --git a/public/js/wn/misc/user.js b/public/js/wn/misc/user.js index 317da9ce4a..e40dd1751c 100644 --- a/public/js/wn/misc/user.js +++ b/public/js/wn/misc/user.js @@ -54,17 +54,18 @@ $.extend(wn.user, { } }); } + + if(!modules_list || !modules_list.length) { + // all modules + modules_list = keys(wn.modules).sort(); + } + // filter hidden modules if(wn.boot.hidden_modules && modules_list) { var hidden_list = JSON.parse(wn.boot.hidden_modules); var modules_list = $.map(modules_list, function(m) { if(hidden_list.indexOf(m)==-1) return m; else return null; }); - } - - if(!modules_list || !modules_list.length) { - // all modules - modules_list = keys(wn.modules).sort(); } // hide based on permission diff --git a/webnotes/__init__.py b/webnotes/__init__.py index 2bc6c6e183..3749724348 100644 --- a/webnotes/__init__.py +++ b/webnotes/__init__.py @@ -276,8 +276,10 @@ def has_permission(doctype, ptype="read", doc=None): # no valid permission found if match_failed: - key = match_failed.keys()[0] - msgprint(_("Not allowed for: ") + key + "=" + match_failed[key]) + msg = _("Not allowed for: ") + for key in match_failed: + msg += "\n" + key + " = " + (match_failed[key] or "None") + msgprint(msg) return False else: return perms and True or False diff --git a/webnotes/defaults.py b/webnotes/defaults.py index 1fa9f27aa4..8c9c0ba265 100644 --- a/webnotes/defaults.py +++ b/webnotes/defaults.py @@ -115,11 +115,29 @@ def get_defaults_for(parent="Control Panel"): defaults[d.defkey].append(d.defvalue) else: defaults[d.defkey] = d.defvalue + + if webnotes.session and parent == webnotes.session.user: + defaults.update(get_defaults_for_match(defaults)) webnotes.cache().set_value("__defaults:" + parent, defaults) return defaults +def get_defaults_for_match(userd): + """ if a profile based match condition exists for a user's role + and no user property is specified for that match key, + set default value as user's profile for that match key""" + user_roles = webnotes.get_roles() + out = {} + + for role, match in webnotes.conn.sql("""select distinct role, `match` + from `tabDocPerm` where ifnull(permlevel, 0)=0 and `read`=1 + and `match` like "%:user" """): + if role in user_roles and match.split(":")[0] not in userd: + out[match.split(":")[0]] = webnotes.session.user + + return out + def clear_cache(parent=None): def all_profiles(): return webnotes.conn.sql_list("select name from tabProfile") + ["Control Panel"]