From 1989375be4addc783ddd9a8b5a3ef6696bd08e07 Mon Sep 17 00:00:00 2001
From: shariquerik <sharique.rik@gmail.com>
Date: Fri, 26 Mar 2021 16:34:22 +0530
Subject: [PATCH 1/2] fix: Employee profile pic upload access for erpnext user

---
 erpnext/hooks.py                        |  4 ++++
 erpnext/hr/doctype/employee/employee.py | 10 ++++++++--
 2 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/erpnext/hooks.py b/erpnext/hooks.py
index 9b9a0dae2e..c2798a36b6 100644
--- a/erpnext/hooks.py
+++ b/erpnext/hooks.py
@@ -195,6 +195,10 @@ sounds = [
 	{"name": "call-disconnect", "src": "/assets/erpnext/sounds/call-disconnect.mp3", "volume": 0.2},
 ]
 
+has_upload_permission = {
+	"Employee": "erpnext.hr.doctype.employee.employee.has_upload_permission"
+}
+
 has_website_permission = {
 	"Sales Order": "erpnext.controllers.website_list_for_contact.has_website_permission",
 	"Quotation": "erpnext.controllers.website_list_for_contact.has_website_permission",
diff --git a/erpnext/hr/doctype/employee/employee.py b/erpnext/hr/doctype/employee/employee.py
index d0e7d0537b..c9946d8ac4 100755
--- a/erpnext/hr/doctype/employee/employee.py
+++ b/erpnext/hr/doctype/employee/employee.py
@@ -8,7 +8,7 @@ from frappe.utils import getdate, validate_email_address, today, add_years, form
 from frappe.model.naming import set_name_by_naming_series
 from frappe import throw, _, scrub
 from frappe.permissions import add_user_permission, remove_user_permission, \
-	set_user_permission_if_allowed, has_permission
+	set_user_permission_if_allowed, has_permission, get_doc_permissions
 from frappe.model.document import Document
 from erpnext.utilities.transaction_base import delete_events
 from frappe.utils.nestedset import NestedSet
@@ -66,7 +66,7 @@ class Employee(NestedSet):
 	def validate_user_details(self):
 		data = frappe.db.get_value('User',
 			self.user_id, ['enabled', 'user_image'], as_dict=1)
-		if data.get("user_image"):
+		if data.get("user_image") and self.image == '':
 			self.image = data.get("user_image")
 		self.validate_for_enabled_user_id(data.get("enabled", 0))
 		self.validate_duplicate_user_id()
@@ -501,3 +501,9 @@ def has_user_permission_for_employee(user_name, employee_name):
 		'allow': 'Employee',
 		'for_value': employee_name
 	})
+
+def has_upload_permission(doc, ptype='read', user=None):
+	if not user: user = frappe.session.user
+	if get_doc_permissions(doc, user=user, ptype=ptype).get(ptype):
+		return True
+	return doc.user_id == user
\ No newline at end of file

From 82d7986a2f6a6e70139b50d412e6191201f34cd9 Mon Sep 17 00:00:00 2001
From: shariquerik <sharique.rik@gmail.com>
Date: Fri, 26 Mar 2021 17:02:37 +0530
Subject: [PATCH 2/2] fix: sider fix

---
 erpnext/hr/doctype/employee/employee.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/erpnext/hr/doctype/employee/employee.py b/erpnext/hr/doctype/employee/employee.py
index c9946d8ac4..629bc57118 100755
--- a/erpnext/hr/doctype/employee/employee.py
+++ b/erpnext/hr/doctype/employee/employee.py
@@ -503,7 +503,8 @@ def has_user_permission_for_employee(user_name, employee_name):
 	})
 
 def has_upload_permission(doc, ptype='read', user=None):
-	if not user: user = frappe.session.user
+	if not user: 
+		user = frappe.session.user
 	if get_doc_permissions(doc, user=user, ptype=ptype).get(ptype):
 		return True
 	return doc.user_id == user
\ No newline at end of file