Show Activity entries based on permissions. Completely fixes #1481
This commit is contained in:
parent
2b0e4266cf
commit
75042fd502
@ -1,61 +1,71 @@
|
||||
{
|
||||
"autoname": "hash",
|
||||
"creation": "2012-07-03 13:29:42.000000",
|
||||
"docstatus": 0,
|
||||
"doctype": "DocType",
|
||||
"autoname": "hash",
|
||||
"creation": "2012-07-03 13:29:42",
|
||||
"docstatus": 0,
|
||||
"doctype": "DocType",
|
||||
"fields": [
|
||||
{
|
||||
"fieldname": "feed_type",
|
||||
"fieldtype": "Select",
|
||||
"label": "Feed Type",
|
||||
"fieldname": "feed_type",
|
||||
"fieldtype": "Select",
|
||||
"in_list_view": 1,
|
||||
"label": "Feed Type",
|
||||
"permlevel": 0
|
||||
},
|
||||
},
|
||||
{
|
||||
"fieldname": "doc_type",
|
||||
"fieldtype": "Data",
|
||||
"label": "Doc Type",
|
||||
"fieldname": "doc_type",
|
||||
"fieldtype": "Data",
|
||||
"in_list_view": 1,
|
||||
"label": "Doc Type",
|
||||
"permlevel": 0
|
||||
},
|
||||
},
|
||||
{
|
||||
"fieldname": "doc_name",
|
||||
"fieldtype": "Data",
|
||||
"label": "Doc Name",
|
||||
"fieldname": "doc_name",
|
||||
"fieldtype": "Data",
|
||||
"in_list_view": 1,
|
||||
"label": "Doc Name",
|
||||
"permlevel": 0
|
||||
},
|
||||
},
|
||||
{
|
||||
"fieldname": "subject",
|
||||
"fieldtype": "Data",
|
||||
"label": "Subject",
|
||||
"fieldname": "subject",
|
||||
"fieldtype": "Data",
|
||||
"in_list_view": 1,
|
||||
"label": "Subject",
|
||||
"permlevel": 0
|
||||
},
|
||||
},
|
||||
{
|
||||
"fieldname": "color",
|
||||
"fieldtype": "Data",
|
||||
"label": "Color",
|
||||
"fieldname": "color",
|
||||
"fieldtype": "Data",
|
||||
"in_list_view": 1,
|
||||
"label": "Color",
|
||||
"permlevel": 0
|
||||
},
|
||||
},
|
||||
{
|
||||
"fieldname": "full_name",
|
||||
"fieldtype": "Data",
|
||||
"label": "Full Name",
|
||||
"fieldname": "full_name",
|
||||
"fieldtype": "Data",
|
||||
"label": "Full Name",
|
||||
"permlevel": 0
|
||||
}
|
||||
],
|
||||
"icon": "icon-rss",
|
||||
"idx": 1,
|
||||
"modified": "2013-12-20 19:24:05.000000",
|
||||
"modified_by": "Administrator",
|
||||
"module": "Home",
|
||||
"name": "Feed",
|
||||
"owner": "Administrator",
|
||||
],
|
||||
"icon": "icon-rss",
|
||||
"idx": 1,
|
||||
"modified": "2014-05-02 08:27:23.936733",
|
||||
"modified_by": "Administrator",
|
||||
"module": "Home",
|
||||
"name": "Feed",
|
||||
"owner": "Administrator",
|
||||
"permissions": [
|
||||
{
|
||||
"email": 1,
|
||||
"permlevel": 0,
|
||||
"print": 1,
|
||||
"read": 1,
|
||||
"report": 1,
|
||||
"email": 1,
|
||||
"permlevel": 0,
|
||||
"print": 1,
|
||||
"read": 1,
|
||||
"report": 1,
|
||||
"role": "System Manager"
|
||||
},
|
||||
{
|
||||
"permlevel": 0,
|
||||
"read": 1,
|
||||
"role": "All"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
@ -3,15 +3,42 @@
|
||||
|
||||
from __future__ import unicode_literals
|
||||
import frappe
|
||||
|
||||
import frappe.defaults
|
||||
from frappe.model.document import Document
|
||||
|
||||
class Feed(Document):
|
||||
pass
|
||||
|
||||
|
||||
def on_doctype_update():
|
||||
if not frappe.db.sql("""show index from `tabFeed`
|
||||
if not frappe.db.sql("""show index from `tabFeed`
|
||||
where Key_name="feed_doctype_docname_index" """):
|
||||
frappe.db.commit()
|
||||
frappe.db.sql("""alter table `tabFeed`
|
||||
add index feed_doctype_docname_index(doc_type, doc_name)""")
|
||||
frappe.db.sql("""alter table `tabFeed`
|
||||
add index feed_doctype_docname_index(doc_type, doc_name)""")
|
||||
|
||||
def get_permission_query_conditions():
|
||||
restrictions = frappe.defaults.get_restrictions()
|
||||
can_read = frappe.user.get_can_read()
|
||||
|
||||
can_read_doctypes = ['"{}"'.format(doctype) for doctype in
|
||||
list(set(can_read) - set(restrictions.keys()))]
|
||||
|
||||
if not can_read_doctypes:
|
||||
return ""
|
||||
|
||||
conditions = ["tabFeed.doc_type in ({})".format(", ".join(can_read_doctypes))]
|
||||
|
||||
if restrictions:
|
||||
can_read_docs = []
|
||||
for doctype, names in restrictions.items():
|
||||
for n in names:
|
||||
can_read_docs.append('"{}|{}"'.format(doctype, n))
|
||||
|
||||
if can_read_docs:
|
||||
conditions.append("concat_ws('|', tabFeed.doc_type, tabFeed.doc_name) in ({})".format(
|
||||
", ".join(can_read_docs)))
|
||||
|
||||
return "(" + " or ".join(conditions) + ")"
|
||||
|
||||
def has_permission(doc):
|
||||
return frappe.has_permission(doc.doc_type, "read", doc.doc_name)
|
||||
|
@ -25,6 +25,15 @@ before_tests = "erpnext.setup.utils.before_tests"
|
||||
|
||||
standard_queries = "Customer:erpnext.selling.doctype.customer.customer.get_customer_list"
|
||||
|
||||
permission_query_conditions = {
|
||||
"Feed": "erpnext.home.doctype.feed.feed.get_permission_query_conditions",
|
||||
}
|
||||
|
||||
has_permission = {
|
||||
"Feed": "erpnext.home.doctype.feed.feed.has_permission",
|
||||
}
|
||||
|
||||
|
||||
doc_events = {
|
||||
"*": {
|
||||
"on_update": "erpnext.home.update_feed",
|
||||
|
Loading…
Reference in New Issue
Block a user