anoopmb
/
frappe
1
0
Fork 0
Código Incidencias 0 Pull Requests 0 Lanzamientos 0 Wiki Actividad
Explorar el Código

[restrictions] user properties page

version-14
Anand Doshi hace 11 años
padre
7913052cf3
commit
d3a9c56744
Se han modificado 5 ficheros con 111 adiciones y 48 borrados
Dividir vista
Opciones de diferencias
Mostrar estadísticas Descargar archivo de parche Descargar archivo de diferencias
  1. +4
    -1
      core/doctype/profile/profile.js
  2. +63
    -27
      core/page/user_properties/user_properties.js
  3. +28
    -11
      core/page/user_properties/user_properties.py
  4. +9
    -7
      webnotes/__init__.py
  5. +7
    -2
      webnotes/widgets/reportview.py

+ 4
- 1
core/doctype/profile/profile.js Ver fichero

@@ -42,7 +42,10 @@ cur_frm.cscript.refresh = function(doc) {

if(!doc.__islocal){
cur_frm.add_custom_button("Set Properties", function() {
wn.set_route("user-properties", doc.name);
wn.route_options = {
"user": doc.name
};
wn.set_route("user-properties");
})

if(has_common(user_roles, ["Administrator", "System Manager"])) {


+ 63
- 27
core/page/user_properties/user_properties.js Ver fichero

@@ -20,7 +20,7 @@ wn.pages['user-properties'].onload = function(wrapper) {
wrapper.user_properties = new wn.UserProperties(wrapper);
}

wn.pages['user-properties'].refresh = function(wrapper) {
wn.pages['user-properties'].refresh = function(wrapper) {
wrapper.user_properties.set_from_route();
}

@@ -28,6 +28,7 @@ wn.UserProperties = Class.extend({
init: function(wrapper) {
this.wrapper = wrapper;
this.body = $(this.wrapper).find(".user-settings");
this.filters = {};
this.make();
this.refresh();
},
@@ -39,18 +40,40 @@ wn.UserProperties = Class.extend({
method: "get_users_and_links",
callback: function(r) {
me.options = r.message;
me.user_select =
me.wrapper.appframe.add_select("users",
["Select User..."].concat(r.message.users))
.change(function() {
me.set_route();
});
me.property_select =
me.wrapper.appframe.add_select("links",
["Select Property..."].concat(me.get_link_names()))
.change(function() {
me.set_route();
});
me.filters.user = me.wrapper.appframe.add_field({
fieldname: "user",
label: wn._("User"),
fieldtype: "Select",
options: (["Select User..."].concat(r.message.users)).join("\n")
});
me.filters.property = me.wrapper.appframe.add_field({
fieldname: "property",
label: wn._("Property"),
fieldtype: "Select",
options: (["Select Property..."].concat(me.get_link_names())).join("\n")
});
me.filters.restriction = me.wrapper.appframe.add_field({
fieldname: "restriction",
label: wn._("Restriction"),
fieldtype: "Link",
options: "[Select]"
});
// bind change event
$.each(me.filters, function(k, f) {
f.$input.on("change", function() {
me.refresh();
});
});
// change options in restriction link
me.filters.property.$input.on("change", function() {
me.filters.restriction.df.options = $(this).val();
});
me.set_from_route();
}
});
@@ -58,26 +81,30 @@ wn.UserProperties = Class.extend({
get_link_names: function() {
return $.map(this.options.link_fields, function(l) { return l[0]; });
},
set_route: function() {
wn.set_route("user-properties", this.user_select.val(),
this.property_select.val());
},
set_from_route: function() {
var route = wn.get_route();
if((route.length > 1) && this.user_select && this.property_select) {
this.user_select.val(route[1]);
this.property_select.val(route[2]);
var me = this;
if(wn.route_options && this.filters) {
$.each(wn.route_options, function(key, value) {
me.set_filter(key, value);
});
wn.route_options = null;
}
this.refresh();
},
set_filter: function(key, value) {
this.filters[key].$input.val(value);
},
get_user: function() {
var user = this.user_select.val();
var user = this.filters.user.$input.val();
return user=="Select User..." ? null : user;
},
get_property: function() {
var property = this.property_select.val();
var property = this.filters.property.$input.val();
return property=="Select Property..." ? null : property;
},
get_restriction: function() {
return this.filters.restriction.$input.val();
},
render: function(prop_list) {
this.body.empty();
this.prop_list = prop_list;
@@ -90,7 +117,7 @@ wn.UserProperties = Class.extend({
},
refresh: function() {
var me = this;
if(!me.user_select) {
if(!me.filters.user) {
this.body.html("<div class='alert alert-info'>"+wn._("Loading")+"...</div>");
return;
}
@@ -104,8 +131,9 @@ wn.UserProperties = Class.extend({
page: "user_properties",
method: "get_properties",
args: {
user: me.get_user(),
key: me.get_property()
parent: me.get_user(),
defkey: me.get_property(),
defvalue: me.get_restriction()
},
callback: function(r) {
me.render(r.message);
@@ -144,6 +172,8 @@ wn.UserProperties = Class.extend({
.appendTo($("<td>").appendTo(row))
.attr("data-name", d.name)
.attr("data-user", d.parent)
.attr("data-defkey", d.defkey)
.attr("data-defvalue", d.defvalue)
.click(function() {
return wn.call({
module: "core",
@@ -151,7 +181,9 @@ wn.UserProperties = Class.extend({
method: "remove",
args: {
name: $(this).attr("data-name"),
user: $(this).attr("data-user")
user: $(this).attr("data-user"),
defkey: $(this).attr("data-defkey"),
defvalue: $(this).attr("data-defvalue")
},
callback: function(r) {
if(r.exc) {
@@ -189,6 +221,10 @@ wn.UserProperties = Class.extend({
d.set_value("defkey", me.get_property());
d.get_input("defkey").prop("disabled", true);
}
if(me.get_restriction()) {
d.set_value("defvalue", me.get_restriction());
d.get_input("defvalue").prop("disabled", true);
}
d.fields_dict["defvalue"].get_query = function(txt) {
var key = d.get_value("defkey");


+ 28
- 11
core/page/user_properties/user_properties.py Ver fichero

@@ -9,24 +9,35 @@ import webnotes.defaults
def get_users_and_links():
webnotes.only_for(("System Manager", "Administrator"))
return {
"users": [d[0] for d in webnotes.conn.sql("""select name from tabProfile where
"users": webnotes.conn.sql_list("""select name from tabProfile where
ifnull(enabled,0)=1 and
name not in ("Administrator", "Guest")""")],
name not in ("Administrator", "Guest")"""),
"link_fields": webnotes.conn.sql("""select name, name from tabDocType
where ifnull(issingle,0)=0 and ifnull(istable,0)=0""")
}
@webnotes.whitelist()
def get_properties(user=None, key=None):
def get_properties(parent=None, defkey=None, defvalue=None):
webnotes.only_for(("System Manager", "Administrator"))
conditions, values = _build_conditions(locals())
return webnotes.conn.sql("""select name, parent, defkey, defvalue
from tabDefaultValue
where parent!='Control Panel'
and parenttype='Restriction'
where parent not in ('Control Panel', '__global')
and substr(defkey,1,1)!='_'
%s%s order by parent, defkey""" % (\
user and (" and parent='%s'" % user) or "",
key and (" and defkey='%s'" % key) or ""), as_dict=True)
and parenttype='Restriction'
{conditions}
order by parent, defkey""".format(conditions=conditions), values, as_dict=True)
def _build_conditions(filters):
conditions = []
values = {}
for key, value in filters.items():
if filters.get(key):
conditions.append("and `{key}`=%({key})s".format(key=key))
values[key] = value
return "\n".join(conditions), values

@webnotes.whitelist()
def remove(user, name):
@@ -34,6 +45,12 @@ def remove(user, name):
webnotes.defaults.clear_default(name=name)
@webnotes.whitelist()
def add(parent, defkey, defvalue):
def add(user, defkey, defvalue):
webnotes.only_for(("System Manager", "Administrator"))
webnotes.defaults.add_default(defkey, defvalue, parent, "Restriction")
# check if already exists
d = webnotes.conn.sql("""select name from tabDefaultValue
where parent=%s and parenttype='Restriction' and defkey=%s and defvalue=%s""", (user, defkey, defvalue))
if not d:
webnotes.defaults.add_default(defkey, defvalue, user, "Restriction")

+ 9
- 7
webnotes/__init__.py Ver fichero

@@ -332,20 +332,16 @@ def check_admin_or_system_manager():
if ("System Manager" not in get_roles()) and \
(session.user!="Administrator"):
msgprint("Only Allowed for Role System Manager or Administrator", raise_exception=True)
def has_permission(doctype, ptype="read", refdoc=None):
"""check if user has permission"""
from webnotes.utils import cint
if session.user=="Administrator" or conn.get_value("DocType", doctype, "istable")==1:
return True
meta = get_doctype(doctype)
# get user permissions
user_roles = get_roles()
perms = [p for p in meta.get({"doctype": "DocPerm"})
if cint(p.get(ptype))==1 and cint(p.permlevel)==0 and (p.role=="All" or p.role in user_roles)]
perms = get_user_perms(meta, ptype)
if not perms:
return False
@@ -356,6 +352,12 @@ def has_permission(doctype, ptype="read", refdoc=None):
return False
else:
return True
def get_user_perms(meta, ptype):
from webnotes.utils import cint
user_roles = get_roles()
return [p for p in meta.get({"doctype": "DocPerm"})
if cint(p.get(ptype))==1 and cint(p.permlevel)==0 and (p.role=="All" or p.role in user_roles)]

def has_only_permitted_data(meta, refdoc):
from webnotes.defaults import get_restrictions
@@ -373,7 +375,7 @@ def has_only_permitted_data(meta, refdoc):
fields_to_check.append(_dict({"label":"Name", "fieldname":"name"}))
for df in fields_to_check:
if refdoc.get(df.fieldname) not in restrictions[df.options]:
if refdoc.get(df.fieldname) and refdoc.get(df.fieldname) not in restrictions[df.options]:
msg = "{not_allowed}: {label} {equals} {value}".format(not_allowed=_("Not allowed for"),
label=_(df.label), equals=_("equals"), value=refdoc.get(df.fieldname))


+ 7
- 2
webnotes/widgets/reportview.py Ver fichero

@@ -214,8 +214,13 @@ def build_match_conditions(doctype, fields=None, as_condition=True):
match_filters[df.fieldname]= restrictions[df.options]
# add owner match
if webnotes.local.reportview_doctypes[doctype].get({"doctype":"DocPerm","read":1,
"permlevel":0,"match":"owner"}):
owner_match = True
for p in webnotes.get_user_perms(webnotes.local.reportview_doctypes[doctype], "read"):
if not (p.match and p.match=="owner"):
owner_match = False
break
if owner_match:
match_conditions.append('`tab{doctype}`.`owner`="{user}"'.format(doctype=doctype,
user=webnotes.local.session.user))
match_filters["owner"] = [webnotes.local.session.user]


Escribir Vista previa
Cargando…
Cancelar
Guardar