brotherton-erpnext/erpnext/patches/v4_0/apply_user_permissions.py

# Copyright (c) 2013, Web Notes Technologies Pvt. Ltd. and Contributors
# License: GNU General Public License v3. See license.txt

from __future__ import unicode_literals
import frappe
from erpnext.hr.doctype.employee.employee import EmployeeUserDisabledError

def execute():
	update_hr_permissions()
	update_permissions()
	remove_duplicate_user_permissions()
	frappe.clear_cache()

def update_hr_permissions():
	from frappe.core.page.user_permissions import user_permissions

	# add set user permissions rights to HR Manager
	frappe.db.sql("""update `tabDocPerm` set `set_user_permissions`=1 where parent in ('Employee', 'Leave Application')
		and role='HR Manager' and permlevel=0 and `read`=1""")

	# apply user permissions on Employee and Leave Application
	frappe.db.sql("""update `tabDocPerm` set `apply_user_permissions`=1 where parent in ('Employee', 'Leave Application')
		and role in ('Employee', 'Leave Approver') and permlevel=0 and `read`=1""")

	frappe.clear_cache()

	# save employees to run on_update events
	for employee in frappe.db.sql_list("""select name from `tabEmployee` where docstatus < 2"""):
		try:
			emp = frappe.get_doc("Employee", employee)
			emp.ignore_mandatory = True
			emp.save()
		except EmployeeUserDisabledError:
			pass

def update_permissions():
	# clear match conditions other than owner
	frappe.db.sql("""update tabDocPerm set `match`=''
		where ifnull(`match`,'') not in ('', 'owner')""")

def remove_duplicate_user_permissions():
	# remove duplicate user_permissions (if they exist)
	for d in frappe.db.sql("""select parent, defkey, defvalue,
		count(*) as cnt from tabDefaultValue
		where parent not in ('__global', '__default')
		group by parent, defkey, defvalue""", as_dict=1):
		if d.cnt > 1:
			# order by parenttype so that user permission does not get removed!
			frappe.db.sql("""delete from tabDefaultValue where `parent`=%s and `defkey`=%s and
				`defvalue`=%s order by parenttype limit %s""", (d.parent, d.defkey, d.defvalue, d.cnt-1))
Role and User Permissions 2014-05-28 13:19:13 +00:00			`# Copyright (c) 2013, Web Notes Technologies Pvt. Ltd. and Contributors`
			`# License: GNU General Public License v3. See license.txt`

			`from __future__ import unicode_literals`
			`import frappe`
Fixes in user permissions patches 2014-05-29 14:37:10 +00:00			`from erpnext.hr.doctype.employee.employee import EmployeeUserDisabledError`
Role and User Permissions 2014-05-28 13:19:13 +00:00
			`def execute():`
			`update_hr_permissions()`
			`update_permissions()`
			`remove_duplicate_user_permissions()`
			`frappe.clear_cache()`

			`def update_hr_permissions():`
			`from frappe.core.page.user_permissions import user_permissions`

			`# add set user permissions rights to HR Manager`
			frappe.db.sql("""update `tabDocPerm` set `set_user_permissions`=1 where parent in ('Employee', 'Leave Application')
			and role='HR Manager' and permlevel=0 and `read`=1""")

			`# apply user permissions on Employee and Leave Application`
			frappe.db.sql("""update `tabDocPerm` set `apply_user_permissions`=1 where parent in ('Employee', 'Leave Application')
			and role in ('Employee', 'Leave Approver') and permlevel=0 and `read`=1""")

			`frappe.clear_cache()`

			`# save employees to run on_update events`
Fixes in patches for migration 2014-05-30 15:07:46 +00:00			for employee in frappe.db.sql_list("""select name from `tabEmployee` where docstatus < 2"""):
Fixes in user permissions patches 2014-05-29 14:37:10 +00:00			`try:`
Ignore mandatory in employee patch 2014-06-16 06:44:14 +00:00			`emp = frappe.get_doc("Employee", employee)`
			`emp.ignore_mandatory = True`
			`emp.save()`
Fixes in user permissions patches 2014-05-29 14:37:10 +00:00			`except EmployeeUserDisabledError:`
			`pass`
Role and User Permissions 2014-05-28 13:19:13 +00:00
			`def update_permissions():`
			`# clear match conditions other than owner`
			frappe.db.sql("""update tabDocPerm set `match`=''
			where ifnull(`match`,'') not in ('', 'owner')""")

			`def remove_duplicate_user_permissions():`
			`# remove duplicate user_permissions (if they exist)`
			`for d in frappe.db.sql("""select parent, defkey, defvalue,`
			`count(*) as cnt from tabDefaultValue`
			`where parent not in ('__global', '__default')`
			`group by parent, defkey, defvalue""", as_dict=1):`
			`if d.cnt > 1:`
			`# order by parenttype so that user permission does not get removed!`
			frappe.db.sql("""delete from tabDefaultValue where `parent`=%s and `defkey`=%s and
			`defvalue`=%s order by parenttype limit %s""", (d.parent, d.defkey, d.defvalue, d.cnt-1))