anoopmb
/
frappe
1
0
派生 0
代码 工单 0 合并请求 0 版本发布 0 百科 动态
您最多选择25个主题 主题必须以字母或数字开头,可以包含连字符 (-),并且长度不得超过35个字符
2799 提交
1 分支
314 MiB
 
 
 
 
 
 
目录树: a46f2011d4
分支列表 标签列表
${ item.name }
创建分支 ${ searchTerm }
从 'a46f2011d4'
${ noResults }
frappe/public/js/wn/model/perm.js

224 行
6.0 KiB
原始文件 Blame 文件历史 

  1. // Copyright (c) 2012 Web Notes Technologies Pvt Ltd (http://erpnext.com)

  2. // 

  3. // MIT License (MIT)

  4. // 

  5. // Permission is hereby granted, free of charge, to any person obtaining a 

  6. // copy of this software and associated documentation files (the "Software"), 

  7. // to deal in the Software without restriction, including without limitation 

  8. // the rights to use, copy, modify, merge, publish, distribute, sublicense, 

  9. // and/or sell copies of the Software, and to permit persons to whom the 

  10. // Software is furnished to do so, subject to the following conditions:

  11. // 

  12. // The above copyright notice and this permission notice shall be included in 

  13. // all copies or substantial portions of the Software.

  14. // 

  15. // THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, 

  16. // INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A 

  17. // PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT 

  18. // HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF 

  19. // CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE 

  20. // OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

  21. // 

  22. 

  23. wn.provide("wn.perm");

  24. var READ = 0, WRITE = 1, CREATE = 2; 

  25. var SUBMIT = 3, CANCEL = 4, AMEND = 5;

  26. 

  27. $.extend(wn.perm, {

  28. 	doctype_perm: {},

  29. 	has_perm: function(doctype, level, type) {

  30. 		if(!level) level = 0;

  31. 		var perms = wn.perm.doctype_perm;

  32. 		if(!perms[doctype]) 

  33. 			perms[doctype] = wn.perm.get_perm(doctype);

  34. 		

  35. 		if(!perms[doctype])

  36. 			return false;

  37. 			

  38. 		if(!perms[doctype][level])

  39. 			return false;

  40. 			

  41. 		return perms[doctype][level][type];

  42. 	},

  43. 	get_perm: function(doctype, dn) {

  44. 		var perm = [[0,0],];

  45. 		if(in_list(user_roles, 'Administrator')) 

  46. 			perm[0][READ] = 1;

  47. 		

  48. 		if(locals["DocType"][doctype] && locals["DocType"][doctype].istable) {

  49. 			parent_df = wn.model.get("DocField", {fieldtype:"Table", options:doctype});

  50. 			if(parent_df.length) {

  51. 				doctype = parent_df[0].parent;

  52. 			}

  53. 		}

  54. 		

  55. 		$.each(wn.model.get("DocPerm", {parent:doctype}), function(i, p) {

  56. 			var pl = cint(p.permlevel?p.permlevel:0);

  57. 			// if user role

  58. 			if(in_list(user_roles, p.role)) {

  59. 				// if field match

  60. 				if(wn.perm.check_match(p, doctype, dn)) { // new style

  61. 					if(!perm[pl])

  62. 						perm[pl] = [];

  63. 						

  64. 					if(!perm[pl][READ]) {

  65. 						if(cint(p.read)) perm[pl][READ]=1; else perm[pl][READ]=0;

  66. 					}

  67. 					if(!perm[pl][WRITE]) { 

  68. 						if(cint(p.write)) { perm[pl][WRITE]=1; perm[pl][READ]=1; }

  69. 						else perm[pl][WRITE]=0;

  70. 					}

  71. 					if(!perm[pl][CREATE]) { 

  72. 						if(cint(p.create))perm[pl][CREATE]=1; else perm[pl][CREATE]=0;

  73. 					}

  74. 					if(!perm[pl][SUBMIT]) { 

  75. 						if(cint(p.submit))perm[pl][SUBMIT]=1; else perm[pl][SUBMIT]=0;

  76. 					}

  77. 					if(!perm[pl][CANCEL]) { 

  78. 						if(cint(p.cancel))perm[pl][CANCEL]=1; else perm[pl][CANCEL]=0;

  79. 					}

  80. 					if(!perm[pl][AMEND]) { 

  81. 						if(cint(p.amend)) perm[pl][AMEND]=1;  else perm[pl][AMEND]=0;

  82. 					}

  83. 				}

  84. 			}

  85. 		});

  86. 

  87. 		return perm;

  88. 	},

  89. 	

  90. 	get_match_rule: function(doctype) {

  91. 		var match_rules = {};

  92. 		var match = true;

  93. 		$.each(wn.model.get("DocPerm", {parent:doctype}), function(i, p) {

  94. 			if(p.permlevel==0 && in_list(user_roles, p.role)) {

  95. 				if(p.match) {

  96. 					match_keys = wn.perm.get_match_keys(p.match);

  97. 					match_rules[match_keys[0]] = wn.defaults.get_user_defaults(match_keys[1]);

  98. 				} else {

  99. 					match = false;

  100. 				}

  101. 			}

  102. 		});

  103. 		return match ? match_rules : {};

  104. 	},

  105. 

  106. 	get_match_keys: function(match) {

  107. 		if(match.indexOf(":")!=-1) {

  108. 			key_list = match.split(":");

  109. 		} else {

  110. 			key_list = [match, match];

  111. 		}

  112. 		return key_list;

  113. 	},

  114. 	

  115. 	check_match: function(p, doctype, name) {

  116. 		if(!name) return true;

  117. 		var out =false;

  118. 		if(p.match) {

  119. 			var key_list = wn.perm.get_match_keys(p.match);

  120. 			var document_key = key_list[0];

  121. 			var default_key = key_list[1];

  122. 

  123. 			var match_values = wn.defaults.get_user_defaults(default_key);

  124. 			if(match_values) {

  125. 				for(var i=0 ; i<match_values.length;i++) {

  126. 					 // user must have match field in defaults

  127. 					if(match_values[i]==locals[doctype][name][document_key]) {

  128. 					    // must match document

  129. 			  			return true;

  130. 					}

  131. 				}

  132. 				return false;

  133. 			} else if(!locals[doctype][name][document_key]) { // blanks are true

  134. 				return true;

  135. 			} else {

  136. 				return false;

  137. 			}

  138. 		} else {

  139. 			return true;

  140. 		}

  141. 	},	

  142. 	get_field_display_status: function(df, doc, perm, explain) {

  143. 		if(!doc) return "Write"

  144. 

  145. 		if(!df.permlevel) df.permlevel = 0;

  146. 

  147. 		perm = perm || wn.perm.get_perm(doc.doctype, doc.name);

  148. 		var p = perm[df.permlevel],

  149. 			ret = null;

  150. 

  151. 		// permission level

  152. 		if(p && p[WRITE] && !df.disabled)

  153. 			ret='Write';

  154. 		else if(p && p[READ])

  155. 			ret='Read';

  156. 		else 

  157. 			ret='None';

  158. 

  159. 		if(explain) console.log("By Permission:" + ret)

  160. 

  161. 		// hidden

  162. 		if(cint(df.hidden)) {

  163. 			ret = 'None';

  164. 		}

  165. 

  166. 		if(explain) console.log("By Hidden:" + ret)

  167. 

  168. 		// for submit

  169. 		if(ret=='Write' && cint(doc.docstatus) > 0) {

  170. 			ret = 'Read';

  171. 		}

  172. 

  173. 		if(explain) console.log("By Submit:" + ret)

  174. 

  175. 		// allow on submit

  176. 		var allow_on_submit = df.fieldtype!= "Table" ? 

  177. 			cint(df.allow_on_submit) :

  178. 			0;

  179. 		

  180. 		// if(allow_on_submit && doc.parent) {

  181. 		// 	parent_df = wn.model.get("DocField", {

  182. 		// 		"parent": doc.parenttype,

  183. 		// 		"fieldname": doc.parentfield

  184. 		// 	});

  185. 		// 	allow_on_submit = parent_df ? 

  186. 		// 		parent_df[0].allow_on_submit :

  187. 		// 		0;

  188. 		// }

  189. 

  190. 		if(explain) console.log("Allow on Submit:" + allow_on_submit)

  191. 

  192. 		if(ret=="Read" && allow_on_submit && cint(doc.docstatus)==1 && 

  193. 			perm[df.permlevel][WRITE]) {

  194. 			ret='Write';

  195. 		}

  196. 

  197. 		if(explain) console.log("By Allow on Submt:" + ret)

  198. 

  199. 		// workflow state

  200. 		if(ret=="Write" && cur_frm && cur_frm.state_fieldname) {

  201. 			if(cint(cur_frm.read_only)) {

  202. 				ret = 'Read';

  203. 			}

  204. 			// fields updated by workflow must be read-only

  205. 			if(in_list(cur_frm.states.update_fields, df.fieldname) ||

  206. 				df.fieldname==cur_frm.state_fieldname) {

  207. 				ret = 'Read';

  208. 			}

  209. 		}

  210. 

  211. 		if(explain) console.log("By Workflow:" + ret)

  212. 

  213. 		// make a field read_only if read_only 

  214. 		// is checked (disregards write permission)

  215. 		if(ret=="Write" && cint(df.read_only)) {

  216. 			ret = "Read";

  217. 		}

  218. 

  219. 		if(explain) console.log("By Read Only:" + ret)

  220. 

  221. 		return ret;

  222. 		

  223. 	}

  224. });