Handle conflicting User Permission DocTypes and DocPerm translations

frappe/core/page/permission_manager/permission_manager.py

@@ -5,11 +5,13 @@ from __future__ import unicode_literals
 import frappe
 import frappe.defaults
 from frappe.modules.import_file import get_file_path, read_doc_from_file
+from frappe.translate import send_translations
 from frappe.core.doctype.notification_count.notification_count import delete_notification_count_for
 
 @frappe.whitelist()
 def get_roles_and_doctypes():
 	frappe.only_for("System Manager")
+	send_translations(frappe.get_lang_dict("doctype", "DocPerm"))
 	return {
 		"doctypes": [d[0] for d in frappe.db.sql("""select name from `tabDocType` dt where
 			ifnull(istable,0)=0 and

frappe/permissions.py

@@ -93,9 +93,17 @@ def get_role_permissions(meta, user=None):
 						perms["apply_user_permissions"][ptype] = (perms["apply_user_permissions"].get(ptype, 1)
 							and p.get("apply_user_permissions"))
 
-				if p.apply_user_permissions:
-					perms["user_permission_doctypes"] = (json.loads(p.user_permission_doctypes)
-						if p.user_permission_doctypes else None)
+				if p.apply_user_permissions and p.user_permission_doctypes:
+					# set user_permission_doctypes in perms
+					user_permission_doctypes = (json.loads(p.user_permission_doctypes)
+							if p.user_permission_doctypes else None)
+
+					if user_permission_doctypes and (not perms.get("user_permission_doctypes") or
+						len(user_permission_doctypes) <= len(perms["user_permission_doctypes"])):
+						# selecting the least no. of "user_permission_doctypes" for lesser filtering
+						# why? if there is a conflict of two user_permission_doctypes, the least restrictive should win
+						# hence, using the simplistic approach of less no. of "user_permission_doctypes" implies least restrictive!
+						perms["user_permission_doctypes"] = user_permission_doctypes
 
 		for key, value in perms.get("apply_user_permissions").items():
 			if not value:

frappe/public/js/frappe/model/perm.js

@@ -84,7 +84,17 @@ $.extend(frappe.perm, {
 				});
 
 				if (permlevel===0 && p.apply_user_permissions && p.user_permission_doctypes) {
-					perm[permlevel]["user_permission_doctypes"] = JSON.parse(p.user_permission_doctypes);
+					// set user_permission_doctypes in perms
+					var user_permission_doctypes = p.user_permission_doctypes
+							? JSON.parse(p.user_permission_doctypes) : null;
+
+					if (user_permission_doctypes && (!perm[permlevel].user_permission_doctypes ||
+						user_permission_doctypes.length <= perm[permlevel].user_permission_doctypes.length)) {
+							// selecting the least no. of "user_permission_doctypes" for lesser filtering
+							// why? if there is a conflict of two user_permission_doctypes, the least restrictive should win
+							// hence, using the simplistic approach of less no. of "user_permission_doctypes" implies least restrictive!
+							perm[permlevel]["user_permission_doctypes"] = user_permission_doctypes;
+						}
 				}
 			}
 		});

frappe/translate.py

@@ -106,6 +106,7 @@ def get_dict(fortype, name=None):
 		elif fortype=="boot":
 			messages = get_messages_from_include_files()
 			messages += frappe.db.sql_list("select name from tabDocType")
+			messages += frappe.db.sql_list("select name from tabRole")
 			messages += frappe.db.sql_list("select name from `tabModule Def`")
 
 		translation_assets[asset_key] = make_dict_from_messages(messages)
@@ -193,6 +194,7 @@ def get_messages_from_doctype(name):
 
 	messages = [meta.name, meta.module]
 
+	# translations of field labels, description and options
 	for d in meta.get("fields"):
 		messages.extend([d.label, d.description])
 
@@ -202,6 +204,11 @@ def get_messages_from_doctype(name):
 			if not "icon" in options[0]:
 				messages.extend(options)
 
+	# translations of roles
+	for d in meta.get("permissions"):
+		if d.role:
+			messages.append(d.role)
+
 	# extract from js, py files
 	doctype_file_path = frappe.get_module_path(meta.module, "doctype", meta.name, meta.name)
 	messages.extend(get_messages_from_file(doctype_file_path + ".js"))
@@ -301,6 +308,8 @@ def get_untranslated(lang, untranslated_file, get_all=False):
 	for app in apps:
 		messages.extend(get_messages_for_app(app))
 
+	messages = list(set(messages))
+
 	def escape_newlines(s):
 		return (s.replace("\\\n", "|||||")
 				.replace("\\n", "||||")
@@ -366,3 +375,10 @@ def write_translations_file(app, lang, full_dict=None):
 	frappe.create_folder(tpath)
 	write_csv_file(os.path.join(tpath, lang + ".csv"),
 		app_messages, full_dict or get_full_dict(lang))
+
+def send_translations(translation_dict):
+	"""send these translations in response"""
+	if "__messages" not in frappe.local.response:
+		frappe.local.response["__messages"] = {}
+
+	frappe.local.response["__messages"].update(translation_dict)

frappe/utils/response.py

@@ -43,14 +43,14 @@ def build_response(response_type=None):
 def as_csv():
 	response = Response()
 	response.headers[b"Content-Type"] = b"text/csv; charset: utf-8"
-	response.headers[b"Content-Disposition"] = ("attachment; filename=%s.csv" % frappe.response['doctype'].replace(' ', '_')).encode("utf-8")
+	response.headers[b"Content-Disposition"] = ("attachment; filename=\"%s.csv\"" % frappe.response['doctype'].replace(' ', '_')).encode("utf-8")
 	response.data = frappe.response['result']
 	return response
 
 def as_raw():
 	response = Response()
 	response.headers[b"Content-Type"] = frappe.response.get("content_type") or mimetypes.guess_type(frappe.response['filename'])[0] or b"application/unknown"
-	response.headers[b"Content-Disposition"] = ("filename=%s" % frappe.response['filename'].replace(' ', '_')).encode("utf-8")
+	response.headers[b"Content-Disposition"] = ("filename=\"%s\"" % frappe.response['filename'].replace(' ', '_')).encode("utf-8")
 	response.data = frappe.response['filecontent']
 	return response
 

frappe/widgets/page.py

@@ -1,8 +1,9 @@
 # Copyright (c) 2013, Web Notes Technologies Pvt. Ltd. and Contributors
-# MIT License. See license.txt 
+# MIT License. See license.txt
 
 from __future__ import unicode_literals
 import frappe
+from frappe.translate import send_translations
 
 @frappe.whitelist()
 def get(name):
@@ -28,14 +29,14 @@ def getpage():
 
 	# load translations
 	if frappe.lang != "en":
-		frappe.response["__messages"] = frappe.get_lang_dict("page", page)
+		send_translations(frappe.get_lang_dict("page", page))
 
 	frappe.response.docs.append(doc)
 
 def has_permission(page):
 	if frappe.user.name == "Administrator" or "System Manager" in frappe.user.get_roles():
 		return True
-		
+
 	page_roles = [d.role for d in page.get("roles")]
 	if page_roles:
 		if frappe.session.user == "Guest" and "Guest" not in page_roles:
@@ -43,7 +44,7 @@ def has_permission(page):
 		elif not set(page_roles).intersection(set(frappe.get_roles())):
 			# check if roles match
 			return False
-		
+
 	if not frappe.has_permission("Page", ptype="read", doc=page):
 		# check if there are any user_permissions
 		return False

frappe/widgets/query_report.py

@@ -9,6 +9,7 @@ import os, json
 from frappe import _
 from frappe.modules import scrub, get_module_path
 from frappe.utils import flt, cint, get_html_format
+from frappe.translate import send_translations
 import frappe.widgets.reportview
 
 def get_report_doc(report_name):
@@ -50,7 +51,7 @@ def get_script(report_name):
 
 	# load translations
 	if frappe.lang != "en":
-		frappe.response["__messages"] = frappe.get_lang_dict("report", report_name)
+		send_translations(frappe.get_lang_dict("report", report_name))
 
 	return {
 		"script": script,