anoopmb
/
frappe
1
0
フォーク 0
コード 課題 0 プルリクエスト 0 リリース 0 Wiki アクティビティ
選択できるのは25トピックまでです。 トピックは、先頭が英数字で、英数字とダッシュ('-')を使用した35文字以内のものにしてください。
4949 コミット
1 ブランチ
314 MiB
 
 
 
 
 
 
ツリー: 7bef30b270
ブランチ タグ
${ item.name }
ブランチ ${ searchTerm } を作成
'7bef30b270' から
${ noResults }
frappe/frappe/utils/user.py

236 行
6.8 KiB
Raw Blame 履歴 

  1. # Copyright (c) 2013, Web Notes Technologies Pvt. Ltd. and Contributors

  2. # MIT License. See license.txt 

  3. 

  4. from __future__ import unicode_literals

  5. 

  6. import frappe, json

  7. 

  8. class User:

  9. 	"""

  10. 	A user object is created at the beginning of every request with details of the use.

  11. 	The global user object is `frappe.user`

  12. 	"""

  13. 	def __init__(self, name=''):

  14. 		self.defaults = None

  15. 		self.name = name or frappe.session.get('user')

  16. 		self.roles = []

  17. 		

  18. 		self.all_read = []

  19. 		self.can_create = []

  20. 		self.can_read = []

  21. 		self.can_write = []

  22. 		self.can_cancel = []

  23. 		self.can_delete = []

  24. 		self.can_search = []

  25. 		self.can_get_report = []

  26. 		self.can_import = []

  27. 		self.can_export = []

  28. 		self.can_print = []

  29. 		self.can_email = []

  30. 		self.can_restrict = []

  31. 		self.allow_modules = []

  32. 		self.in_create = []

  33. 

  34. 	def get_roles(self):

  35. 		"""get list of roles"""

  36. 		if not self.roles:

  37. 			self.roles = get_roles(self.name)

  38. 		return self.roles

  39. 	

  40. 	def build_doctype_map(self):

  41. 		"""build map of special doctype properties"""

  42. 			

  43. 		self.doctype_map = {}

  44. 		for r in frappe.db.sql("""select name, in_create, issingle, istable, 

  45. 			read_only, module from tabDocType""", as_dict=1):

  46. 			self.doctype_map[r['name']] = r

  47. 			

  48. 	def build_perm_map(self):

  49. 		"""build map of permissions at level 0"""

  50. 		self.perm_map = {}

  51. 		for r in frappe.db.sql("""select parent, `read`, `write`, `create`, `delete`, `submit`, 

  52. 			`cancel`,`report`, `import`, `export`, `print`, `email`, `restrict`

  53. 			from tabDocPerm where docstatus=0 

  54. 			and ifnull(permlevel,0)=0

  55. 			and parent not like "old_parent:%%" 

  56. 			and role in ('%s')""" % "','".join(self.get_roles()), as_dict=1):

  57. 			dt = r['parent']

  58. 			

  59. 			if not dt in  self.perm_map:

  60. 				self.perm_map[dt] = {}

  61. 				

  62. 			for k in ('read', 'write', 'create', 'submit', 'cancel', 'amend', 'delete',

  63. 				'report', 'import', 'export', 'print', 'email', 'restrict'):

  64. 				if not self.perm_map[dt].get(k):

  65. 					self.perm_map[dt][k] = r.get(k)

  66. 							

  67. 	def build_permissions(self):

  68. 		"""build lists of what the user can read / write / create

  69. 		quirks: 

  70. 			read_only => Not in Search

  71. 			in_create => Not in create

  72. 		"""

  73. 		self.build_doctype_map()

  74. 		self.build_perm_map()

  75. 		

  76. 		for dt in self.doctype_map:

  77. 			dtp = self.doctype_map[dt]

  78. 			p = self.perm_map.get(dt, {})

  79. 			

  80. 			if not dtp.get('istable'):

  81. 				if p.get('create') and not dtp.get('issingle'):

  82. 					if dtp.get('in_create'):

  83. 						self.in_create.append(dt)

  84. 					else:

  85. 						self.can_create.append(dt)

  86. 				elif p.get('write'):

  87. 					self.can_write.append(dt)

  88. 				elif p.get('read'):

  89. 					if dtp.get('read_only'):

  90. 						self.all_read.append(dt)

  91. 					else:

  92. 						self.can_read.append(dt)

  93. 

  94. 			if p.get('cancel'):

  95. 				self.can_cancel.append(dt)

  96. 

  97. 			if p.get('delete'):

  98. 				self.can_delete.append(dt)

  99. 

  100. 			if (p.get('read') or p.get('write') or p.get('create')):

  101. 				if p.get('report'):

  102. 					self.can_get_report.append(dt)

  103. 				for key in ("import", "export", "print", "email", "restrict"):

  104. 					if p.get(key):

  105. 						getattr(self, "can_" + key).append(dt)

  106. 					

  107. 				if not dtp.get('istable'):

  108. 					if not dtp.get('issingle') and not dtp.get('read_only'):

  109. 						self.can_search.append(dt)

  110. 					if not dtp.get('module') in self.allow_modules:

  111. 						self.allow_modules.append(dtp.get('module'))

  112. 

  113. 		self.can_write += self.can_create

  114. 		self.can_write += self.in_create

  115. 		self.can_read += self.can_write

  116. 		self.all_read += self.can_read

  117. 		

  118. 	def get_defaults(self):

  119. 		import frappe.defaults

  120. 		self.defaults = frappe.defaults.get_defaults(self.name)

  121. 		return self.defaults

  122. 			

  123. 	# update recent documents

  124. 	def update_recent(self, dt, dn):

  125. 		rdl = frappe.cache().get_value("recent:" + self.name) or []	

  126. 		new_rd = [dt, dn]

  127. 		

  128. 		# clear if exists

  129. 		for i in range(len(rdl)):

  130. 			rd = rdl[i]

  131. 			if rd==new_rd:

  132. 				del rdl[i]

  133. 				break

  134. 

  135. 		if len(rdl) > 19:

  136. 			rdl = rdl[:19]

  137. 		

  138. 		rdl = [new_rd] + rdl

  139. 		r = frappe.cache().set_value("recent:" + self.name, rdl)

  140. 		

  141. 	def _get(self, key):

  142. 		if not self.can_read:

  143. 			self.build_permissions()

  144. 		return getattr(self, key)

  145. 	

  146. 	def get_can_read(self):

  147. 		"""return list of doctypes that the user can read"""

  148. 		if not self.can_read:

  149. 			self.build_permissions()

  150. 		return self.can_read

  151. 	

  152. 	def load_user(self):

  153. 		d = frappe.db.sql("""select email, first_name, last_name, 

  154. 			email_signature, background_image, user_type, language

  155. 			from tabUser where name = %s""", (self.name,), as_dict=1)[0]

  156. 

  157. 		if not self.can_read:

  158. 			self.build_permissions()

  159. 

  160. 		d.name = self.name

  161. 		d.recent = json.dumps(frappe.cache().get_value("recent:" + self.name) or [])

  162. 				

  163. 		d['roles'] = self.get_roles()

  164. 		d['defaults'] = self.get_defaults()

  165. 		

  166. 		for key in ("can_create", "can_write", "can_read", "can_cancel", "can_delete",

  167. 			"can_get_report", "allow_modules", "all_read", "can_search",

  168. 			"in_create", "can_export", "can_import", "can_print", "can_email",

  169. 			"can_restrict"):

  170. 			

  171. 			d[key] = list(set(getattr(self, key)))

  172. 		

  173. 		return d

  174. 		

  175. def get_user_fullname(user):

  176. 	fullname = frappe.db.sql("SELECT CONCAT_WS(' ', first_name, last_name) FROM `tabUser` WHERE name=%s", (user,))

  177. 	return fullname and fullname[0][0] or ''

  178. 

  179. def get_system_managers(only_name=False):

  180. 	"""returns all system manager's user details"""

  181. 	import email.utils

  182. 	from frappe.core.doctype.user.user import STANDARD_USERS

  183. 	system_managers = frappe.db.sql("""select distinct name,

  184. 		concat_ws(" ", if(first_name="", null, first_name), if(last_name="", null, last_name))

  185. 		as fullname from tabUser p 

  186. 		where docstatus < 2 and enabled = 1

  187. 		and name not in ({})

  188. 		and exists (select * from tabUserRole ur

  189. 			where ur.parent = p.name and ur.role="System Manager")""".format(", ".join(["%s"]*len(STANDARD_USERS))), 

  190. 			STANDARD_USERS, as_dict=True)

  191. 	

  192. 	if only_name:

  193. 		return [p.name for p in system_managers]

  194. 	else:

  195. 		return [email.utils.formataddr((p.fullname, p.name)) for p in system_managers]

  196. 	

  197. def add_role(user, role):

  198. 	user_wrapper = frappe.get_doc("User", user).add_roles(role)

  199. 

  200. def add_system_manager(email, first_name=None, last_name=None):

  201. 	# add user

  202. 	user = frappe.new_bean("User")

  203. 	user.update({

  204. 		"name": email,

  205. 		"email": email,

  206. 		"enabled": 1,

  207. 		"first_name": first_name or email,

  208. 		"last_name": last_name,

  209. 		"user_type": "System User"

  210. 	})

  211. 	user.insert()

  212. 	

  213. 	# add roles

  214. 	roles = frappe.db.sql_list("""select name from `tabRole`

  215. 		where name not in ("Administrator", "Guest", "All")""")

  216. 	user.add_roles(*roles)

  217. 	

  218. def get_roles(username=None, with_standard=True):

  219. 	"""get roles of current user"""

  220. 	if not username:

  221. 		username = frappe.session.user

  222. 

  223. 	if username=='Guest':

  224. 		return ['Guest']

  225. 	

  226. 	roles = frappe.cache().get_value("roles:" + username)

  227. 	if not roles:

  228. 		roles = [r[0] for r in frappe.db.sql("""select role from tabUserRole 

  229. 			where parent=%s and role!='All'""", (username,))] + ['All']

  230. 		frappe.cache().set_value("roles:" + username, roles)

  231. 		

  232. 	# filter standard if required

  233. 	if not with_standard:

  234. 		roles = filter(lambda x: x not in ['All', 'Guest', 'Administrator'], roles)

  235. 		

  236. 	return roles