updates for restriction

erpnext/hr/doctype/appraisal/appraisal.txt

@@ -2,7 +2,7 @@
  {
   "creation": "2013-01-10 16:34:12", 
   "docstatus": 0, 
-  "modified": "2014-01-20 17:48:22", 
+  "modified": "2014-01-22 16:05:34", 
   "modified_by": "Administrator", 
   "owner": "ashwini@webnotestech.com"
  }, 
@@ -233,7 +233,7 @@
   "cancel": 0, 
   "delete": 0, 
   "doctype": "DocPerm", 
-  "match": "owner", 
+  "restricted": 1, 
   "role": "Employee", 
   "submit": 0
  }, 

erpnext/hr/doctype/expense_claim/expense_claim.txt

@@ -2,7 +2,7 @@
  {
   "creation": "2013-01-10 16:34:14", 
   "docstatus": 0, 
-  "modified": "2014-01-20 17:48:44", 
+  "modified": "2014-01-22 16:05:34", 
   "modified_by": "Administrator", 
   "owner": "harshada@webnotestech.com"
  }, 
@@ -223,7 +223,7 @@
  {
   "delete": 0, 
   "doctype": "DocPerm", 
-  "match": "owner", 
+  "restricted": 1, 
   "role": "Employee"
  }, 
  {

erpnext/hr/doctype/leave_allocation/leave_allocation.txt

@@ -2,7 +2,7 @@
  {
   "creation": "2013-02-20 19:10:38", 
   "docstatus": 0, 
-  "modified": "2014-01-20 17:48:54", 
+  "modified": "2014-01-22 16:05:35", 
   "modified_by": "Administrator", 
   "owner": "Administrator"
  }, 
@@ -171,7 +171,7 @@
  }, 
  {
   "doctype": "DocPerm", 
-  "match": "owner", 
+  "restricted": 1, 
   "role": "HR User"
  }, 
  {

erpnext/patches/4_0/update_user_properties.py

@@ -45,7 +45,11 @@ def update_user_match():
 		for profile in webnotes.conn.sql_list("""select name from `tabProfile`
 			where enabled=1 and user_type='System User'"""):
 			
-			perms = webnotes.permissions.get_user_perms(meta, "read", profile)
+			user_roles = webnotes.get_roles(profile)
+			
+			perms = meta.get({"doctype": "DocPerm", "permlevel": 0, 
+				"role": ["in", [["All"] + user_roles]], "read": 1})
+
 			# user does not have required roles
 			if not perms:
 				continue

erpnext/projects/doctype/time_log/time_log.txt

@@ -2,7 +2,7 @@
  {
   "creation": "2013-04-03 16:38:41", 
   "docstatus": 0, 
-  "modified": "2014-01-20 17:49:34", 
+  "modified": "2014-01-22 16:05:35", 
   "modified_by": "Administrator", 
   "owner": "Administrator"
  }, 
@@ -205,7 +205,7 @@
  {
   "create": 1, 
   "doctype": "DocPerm", 
-  "match": "owner", 
+  "restricted": 1, 
   "role": "Projects User"
  }, 
  {

erpnext/selling/page/sales_browser/sales_browser.py

@@ -7,17 +7,17 @@ import webnotes
 
 @webnotes.whitelist()
 def get_children():
-	ctype = webnotes.form_dict.get('ctype')
-	webnotes.form_dict['parent_field'] = 'parent_' + ctype.lower().replace(' ', '_')
+	ctype = webnotes.local.form_dict.get('ctype')
+	webnotes.local.form_dict['parent_field'] = 'parent_' + ctype.lower().replace(' ', '_')
 	if not webnotes.form_dict.get('parent'):
-		webnotes.form_dict['parent'] = ''
+		webnotes.local.form_dict['parent'] = ''
 		
 	return webnotes.conn.sql("""select name as value, 
 		if(is_group='Yes', 1, 0) as expandable
 		from `tab%(ctype)s`
 		where docstatus < 2
 		and ifnull(%(parent_field)s,'') = "%(parent)s"
-		order by name""" % webnotes.form_dict, as_dict=1)
+		order by name""" % webnotes.local.form_dict, as_dict=1)
 		
 @webnotes.whitelist()
 def add_node():

erpnext/utilities/doctype/note/note.txt

@@ -2,7 +2,7 @@
  {
   "creation": "2013-05-24 13:41:00", 
   "docstatus": 0, 
-  "modified": "2014-01-20 17:48:58", 
+  "modified": "2014-01-22 16:05:35", 
   "modified_by": "Administrator", 
   "owner": "Administrator"
  }, 
@@ -25,7 +25,7 @@
   "permlevel": 0
  }, 
  {
-  "cancel": 1, 
+  "cancel": 0, 
   "create": 1, 
   "delete": 1, 
   "doctype": "DocPerm", 
@@ -37,6 +37,7 @@
   "permlevel": 0, 
   "print": 1, 
   "read": 1, 
+  "restricted": 1, 
   "role": "All", 
   "write": 1
  },