diff --git a/setup/doctype/permission_control/__init__.py b/setup/doctype/permission_control/__init__.py deleted file mode 100644 index baffc48825..0000000000 --- a/setup/doctype/permission_control/__init__.py +++ /dev/null @@ -1 +0,0 @@ -from __future__ import unicode_literals diff --git a/setup/doctype/permission_control/permission_control.py b/setup/doctype/permission_control/permission_control.py deleted file mode 100644 index 4fbd1ddfaf..0000000000 --- a/setup/doctype/permission_control/permission_control.py +++ /dev/null @@ -1,217 +0,0 @@ -# ERPNext - web based ERP (http://erpnext.com) -# Copyright (C) 2012 Web Notes Technologies Pvt Ltd -# -# This program is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program. If not, see . - -from __future__ import unicode_literals -import webnotes - -from webnotes.utils import cint, cstr, get_defaults, now -from webnotes.model import db_exists -from webnotes.model.doc import Document -from webnotes.model.wrapper import copy_doclist -from webnotes import msgprint - -sql = webnotes.conn.sql - -class DocType: - def __init__(self, doc, doclist): - self.doc = doc - self.doclist = doclist - - - # Get Roles and Modules on loading Permission Engine - # ----------------------------------------------------- - def get_doctype_list(self): - ret = sql("""SELECT `name` FROM tabDocType - WHERE ifnull(docstatus,0)=0 - AND ifnull(istable,0)=0 - AND ifnull(issingle,0)=0 - AND (`module` NOT IN ('System','Utilities','Setup Masters','Roles','Recycle Bin','Mapper','Application Internal','Development', 'Core') - OR name IN ('Contact', 'Address')) - ORDER BY `name` ASC""") - - rl = [''] + [a[0] for a in sql("select name from tabRole where ifnull(docstatus,0)=0")] - - return {'doctypes': [r[0] for r in ret], 'roles': rl} - - - # Get Perm Level, Perm type of Doctypes of Module and Role Selected - # ------------------------------------------------------------------- - def get_permissions(self,doctype): - import webnotes.model.doctype - doclist = webnotes.model.doctype.get(doctype).get_parent_doclist() - - ptype = [{ - 'role': perm.role, - 'permlevel': cint(perm.permlevel), - 'read': cint(perm.read), - 'write': cint(perm.write), - 'create': cint(perm.create), - 'cancel': cint(perm.cancel), - 'submit': cint(perm.submit), - 'amend': cint(perm.amend), - 'match': perm.match - } for perm in sorted(doclist, - key=lambda d: [d.fields.get('permlevel'), - d.fields.get('role')]) if perm.doctype=='DocPerm'] - - fl = ['', 'owner'] + [d.fieldname for d in doclist \ - if d.doctype=='DocField' and ((d.fieldtype=='Link' \ - and cstr(d.options)!='') or (d.fieldtype=='Select' and - 'link:' in cstr(d.options).lower()))] - - return { - 'perms':ptype, - 'fields':fl, - 'is_submittable': doclist[0].fields.get('is_submittable') - } - - # get default values - # ------------------ - def get_defaults(self, arg): - if isinstance(arg, basestring): - import json - arg = json.loads(arg) - - match_key = arg["match"] - with_profiles = arg["profiles"] - - pl = ol = [] - - # defaults - dl = [a for a in sql("select parent, ifnull(parenttype,'') as parenttype, ifnull(defvalue,'') as defvalue from tabDefaultValue where defkey=%s order by parenttype desc, parent asc", match_key, as_dict=1)] - - # options - tn = webnotes.get_doctype(arg["doctype"]).get_options(match_key) - - # tn = sql("select options from tabDocField where fieldname=%s and fieldtype='Link' and docstatus=0 limit 1", match_key)[0][0] - ol = [''] + [a[0] for a in sql("select name from `tab%s` where ifnull(docstatus,0)=0" % tn)] - - # roles - if with_profiles=='Yes': - # profiles - pl = [''] + [a[0] for a in sql("select name from tabProfile where ifnull(enabled,0)=1")] - - - return {'dl':dl, 'pl':pl, 'ol':ol} - - # delete default - # ---------------------- - def delete_default(self, arg): - parent, defkey, defvalue = arg.split('~~~') - sql("delete from tabDefaultValue where parent=%s and defkey=%s and defvalue=%s", (parent, defkey, defvalue)) - - # add default - # ---------------------- - def add_default(self, arg): - parent, parenttype, defkey, defvalue = arg.split('~~~') - - if sql("select name from tabDefaultValue where parent=%s and defkey=%s and defvalue=%s", (parent, defkey, defvalue)): - msgprint("This rule already exists!") - return - - dv = Document('DefaultValue') - dv.parent = parent - dv.parenttype = parenttype - dv.parentfield = 'defaults' - dv.defkey = defkey - dv.defvalue = defvalue - dv.save(1) - return dv.fields - - # Add Permissions - # ---------------------- - def add_permission(self,args=''): - parent, role, level = eval(args) - if sql("select name from tabDocPerm where parent=%s and role=%s and permlevel=%s", (parent, role, level)): - msgprint("This permission rule already exists!") - return - - d = Document('DocPerm') - d.parent = parent - d.parenttype = 'DocType' - d.parentfield = 'permissions' - d.role = role - d.permlevel = cint(level) - d.docstatus = 0 - d.save(1) - - sql("update tabDocType set modified = %s where name = %s",(now(), parent)) - - - # Update Permissions - # ---------------------- - def update_permissions(self,args=''): - args = eval(args) - di = args['perm_dict'] - doctype_keys = di.keys() # ['Opportunity','Competitor','Zone','State'] - for parent in doctype_keys: - for permlevel in di[parent].keys(): - for role in di[parent][permlevel].keys(): - - if role: - - # check if Permissions for that perm level and Role exists - exists = sql("select name from tabDocPerm where parent = %s and role = %s and ifnull(permlevel, 0) = %s",(parent, role, cint(permlevel))) - - # Get values of dictionary of Perm Level - pd = di[parent][permlevel][role] - - # update - if exists and (1 in pd.values()): - sql("update tabDocPerm set `read` = %s, `write` = %s, `create` = %s, `submit` = %s, `cancel` = %s, `amend` = %s, `match`=%s where parent = %s and role = %s and permlevel = %s",(pd['read'],pd['write'],pd['create'],pd['submit'],pd['cancel'],pd['amend'], pd.get('match'), parent, role, permlevel)) - - # new - elif not exists and (1 in pd.values()): - - ch = Document('DocPerm') - ch.parentfield = 'permissions' - ch.parenttype = 'DocType' - ch.parent = parent - ch.role = role - ch.permlevel = cint(permlevel) - for key in pd.keys(): - ch.fields[key] = pd.get(key, None) - ch.save(1) - - # delete - elif exists and (1 not in pd.values()): - sql("delete from tabDocPerm where parent = %s and role = %s and ifnull(permlevel,0) = %s",(parent, role, cint(permlevel))) - - sql("update tabDocType set modified = %s where name = %s",(now(), parent)) - - - webnotes.clear_cache(doctype=parent) - - msgprint("Permissions Updated") - - # Get Fields based on DocType and Permlevel - # ---------------------------------------------- - def get_fields(self, args = ''): - ret = {} - args = eval(args) - table_fields_dict = {} - table_exists = sql("Select options from tabDocField where fieldtype = 'Table' and parent = %s",args['dt']) - if table_exists: - for d in table_exists: - table_fields_dict[d[0]]= sql("select label,fieldtype,fieldname,options from tabDocField where parent = %s and permlevel = %s",(d[0],args['permlevel']),as_dict = 1) - - parent_fields_dict = sql("select label, fieldtype, fieldname, options from tabDocField where parent = %s and permlevel = %s and fieldtype not in ('Section Break','Column Break')",(args['dt'],args['permlevel']),as_dict = 1) - - ret['parent_fields_dict'] = parent_fields_dict - ret['table_fields_dict'] = table_fields_dict - - return ret - diff --git a/setup/doctype/permission_control/permission_control.txt b/setup/doctype/permission_control/permission_control.txt deleted file mode 100644 index 7441452492..0000000000 --- a/setup/doctype/permission_control/permission_control.txt +++ /dev/null @@ -1,26 +0,0 @@ -[ - { - "owner": "saumil@webnotestech.com", - "docstatus": 0, - "creation": "2012-03-27 14:36:22", - "modified_by": "Administrator", - "modified": "2012-03-27 14:36:22" - }, - { - "section_style": "Simple", - "in_create": 1, - "module": "Setup", - "doctype": "DocType", - "server_code_error": " ", - "issingle": 1, - "read_only": 1, - "name": "__common__", - "colour": "White:FFF", - "show_in_menu": 0, - "version": 15 - }, - { - "name": "Permission Control", - "doctype": "DocType" - } -] \ No newline at end of file diff --git a/setup/page/permission_engine/__init__.py b/setup/page/permission_engine/__init__.py deleted file mode 100644 index baffc48825..0000000000 --- a/setup/page/permission_engine/__init__.py +++ /dev/null @@ -1 +0,0 @@ -from __future__ import unicode_literals diff --git a/setup/page/permission_engine/permission_engine.html b/setup/page/permission_engine/permission_engine.html deleted file mode 100644 index 8d989586c3..0000000000 --- a/setup/page/permission_engine/permission_engine.html +++ /dev/null @@ -1,10 +0,0 @@ -
-
-
- -
-
Note: A document is not accessible to a user if Permission at level 0 is not given.
-
diff --git a/setup/page/permission_engine/permission_engine.js b/setup/page/permission_engine/permission_engine.js deleted file mode 100644 index 6edde4c236..0000000000 --- a/setup/page/permission_engine/permission_engine.js +++ /dev/null @@ -1,585 +0,0 @@ -// ERPNext - web based ERP (http://erpnext.com) -// Copyright (C) 2012 Web Notes Technologies Pvt Ltd -// -// This program is free software: you can redistribute it and/or modify -// it under the terms of the GNU General Public License as published by -// the Free Software Foundation, either version 3 of the License, or -// (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU General Public License for more details. -// -// You should have received a copy of the GNU General Public License -// along with this program. If not, see . - -pscript['onload_Permission Engine'] = function() { - // header and toolbar - var h = new PageHeader('pe_header','Permissions Manager','Set specific permissions for Roles') - - if(!pscript.perm_engine) pscript.perm_engine = new pscript.PermEngine(); -} - - -pscript.PermEngine = function() { - // create UI elements - this.wrapper = $i('perm_engine_div'); - - this.head = $a(this.wrapper, 'div'); - this.body = $a(this.wrapper, 'div'); - this.footer = $a(this.wrapper, 'div'); - - var lab = $a(this.body,'div', '', {backgroundColor:'#FFD', padding:'8px', margin:'16px 0px'}); - lab.innerHTML = 'Please select the item for which you want to set permissions'; - - this.make_head(); - this.load_options(); -} - - -// Make Head -// ------------- -pscript.PermEngine.prototype.make_head = function() { - var me = this; - - var make_select = function(label) { - var w = $a(me.head, 'div', '', {margin:'8px 0px'}); - var t = make_table(w,1,2,'300px',['50%','50%']); - $td(t,0,0).innerHTML = label; - var s = $a($td(t,0,1),'select','',{width:'140px'}); - s.wrapper = w; - return s; - } - - var make_button = function(label, parent, green) { - return $btn(parent, label, null, {margin:'8px 0px', display:'none'}, (green ? 'green' : null)); - } - - - // Set Permissions for - this.type_select = make_select('Set Permissions For'); - this.type_select.onchange = function() { - me.get_permissions(); - } - - // Update Button - this.add_button = make_button('+ Add A New Rule', this.head, 0); - this.add_button.onclick = function() { - me.add_permission(); - } - - // Update Button - this.update_button = make_button('Update', this.footer, 1); - this.update_button.onclick = function() { - me.update_permissions(); - } -} - -// Add Permissions -// ----------------- -pscript.PermEngine.prototype.add_permission = function() { - var me = this; - if(!this.add_permission_dialog) { - - // dialog - var d = new Dialog(400,400,'Add Permission'); - d.make_body([['Select','Role'],['Select','Level'],['Button','Add']]) - - add_sel_options(d.widgets['Role'], this.roles, ''); - add_sel_options(d.widgets['Level'], [0, 1, 2, 3, 4, 5, 6, 7, 8, 9], 0); - - // add - d.widgets['Add'].onclick = function() { - if(!sel_val(d.widgets['Role'])) { - msgprint('Please select Role'); return; - } - var callback = function(r, rt) { - // reload - me.get_permissions(); - d.hide(); - } - $c_obj('Permission Control','add_permission',JSON.stringify([sel_val(me.type_select), sel_val(d.widgets['Role']), sel_val(d.widgets['Level'])]), callback); - } - - this.add_permission_dialog = d; - } - this.add_permission_dialog.show(); -} - - -// Hide Fields -// ----------------- -pscript.PermEngine.prototype.hide_fields = function() { - $dh(this.role_select.wrapper); - this.type_select.disabled = false; - this.body.innerHTML = ''; -} - - -// Load Roles And Modules -// ----------------------- -pscript.PermEngine.prototype.load_options = function() { - var me = this; - $dh(me.update_button); - $dh(me.add_button); - - $c_obj('Permission Control','get_doctype_list','', function(r,rt) { - me.roles = r.message.roles; - - // Type - empty_select(me.type_select); - add_sel_options(me.type_select,add_lists([''], r.message.doctypes)); - - }); -} - - -// Get DocType and Permissions related to module -// -------------------------------------------------- -pscript.PermEngine.prototype.get_permissions = function() { - var me = this; - - if(!sel_val(me.type_select)) { - msgprint('Please select a type first!'); return; - } - - $c_obj('Permission Control','get_permissions',sel_val(me.type_select), function(r,rt) { - // Get permissions - if(r.message.perms.length) { - me.get_results(r.message); - pscript.is_submittable = cint(r.message.is_submittable); - } - else { - me.body.innerHTML = '
No Records Found
' - pscript.is_submittable = 0; - } - pscript.hide_submit_amend() - }); -} - -// Get Results -// ------------------ -pscript.PermEngine.prototype.get_results = function(r){ - var perms = r.perms; - var me = this; - var doctype = sel_val(me.type_select); - - // show update button - $ds(me.update_button); - $ds(me.add_button); - - this.body.innerHTML = '' - pscript.all_checkboxes = []; - pscript.all_matches = []; - - var head = $a(this.body, 'h3'); head.innerHTML = 'Rules for ' + doctype; - var permt = make_table(me.body, perms.length+1,9,'80%',[],{border:'1px solid #AAA', padding:'3px', verticalAlign:'middle', height:'30px'}); - $(permt).attr('id', 'perm_table'); - - // Create Grid for particular DocType - // ------------------------------------ - - // Columns - var col_labels = ['Role','Level','Read','Write','Create','Submit','Cancel','Amend','Restrict By'] - for(var n = 0; n < col_labels.length; n++){ - $y($td(permt,0,n), {backgroundColor:'#DDD', width:(n==0?'30%':(n==8?'21%':'7%'))}) - $td(permt,0,n).innerHTML = col_labels[n]; - $td(permt,0,n).fieldname = col_labels[n].toLowerCase(); - } - - // Rows for Column Level / Role - for(var j = 0; j < perms.length; j++){ - var plevel = $a($td(permt,j+1,1), 'span', 'link_type'); - plevel.innerHTML = perms[j].permlevel; - plevel.doctype = doctype; - plevel.value = perms[j].permlevel; - plevel.onclick = function() {me.get_fields(this.doctype, this.value)} - - // role - $td(permt,j+1,0).innerHTML = perms[j].role; - - } - - // Get values - for(var l = 0; l < perms.length; l++){ - for(var m = 0; m < 6; m++){ // (read,write,create,submit,cancel,amend) - var chk = $a_input($td(permt,l+1,m+2), 'checkbox'); - var val = perms[l][$td(permt,0,m+2).fieldname]; - if(val == 1) chk.checked = 1; - else chk.checked = 0; - //if(m==3) { chk.onclick = pscript.show_submittable } - chk.doctype = doctype; - chk.permlevel = perms[l].permlevel; chk.perm_type = col_labels[m+2].toLowerCase(); chk.role = perms[l].role; - pscript.all_checkboxes.push(chk); - } - } - - // add selects for match - me.add_match_select(r, perms, permt, doctype); - -} - -pscript.hide_submit_amend = function() { - var perm_table = $('#perm_table'); - if (pscript.is_submittable) { - perm_table.find('td:nth-child(6)').each(function() { $(this).toggle(true); }); - perm_table.find('td:nth-child(8)').each(function() { $(this).toggle(true); }); - $('#submittable_warning').toggle(true); - } else { - perm_table.find('td:nth-child(6)').each(function() { $(this).toggle(false); }); - perm_table.find('td:nth-child(8)').each(function() { $(this).toggle(false); }); - $('#submittable_warning').toggle(false); - } -} - - -// render selects for match -// -------------------------------------------- - -pscript.PermEngine.prototype.add_match_select = function(r, perms, permt, doctype) { - var me = this; - - // add select for match - for(var i=0; i'],['Button','OK']]); - } - else $i('perm_engine_get_fields').innerHTML = ''; -} - -// Get Fields -// -------------------- -pscript.PermEngine.prototype.get_fields = function(dt, permlevel) { - var me = this; - var callback = function(r,rt){ - // Get Parent DocType Fields - var parent_fields_dict = r.message.parent_fields_dict; - - // Get Child Table Fields if any - var table_fields_dict = r.message.table_fields_dict; - - // Make Fields Dialog Box - me.make_fields_dialog(); - - me.make_fields_table(dt, parent_fields_dict, table_fields_dict, permlevel); - - pscript.get_field_dialog.show(); - pscript.get_field_dialog.widgets['OK'].onclick=function(){ - pscript.get_field_dialog.hide(); - } - } - var args = "{'dt':'"+dt+"','permlevel':"+permlevel+"}" - $c_obj('Permission Control','get_fields', args, callback); -} - - - -// Make Table of Fields for Dialog Box -// -------------------------------------- -pscript.PermEngine.prototype.make_fields_table = function(dt, parent_fields_dict, table_fields_dict, permlevel) { - - var make_grid = function(table, fields_dict) { - var col_labels = ['Label','Fieldtype','Fieldname','Options']; - for(var n = 0; n < col_labels.length; n++){ - $a_input(($td(table,0,n)), 'data'); - $td(table,0,n).innerHTML = ''+col_labels[n]+''; - $td(table,0,n).fieldname = col_labels[n].toLowerCase(); - } - - // Add values - for(var i = 0; i < keys(fields_dict).length; i++){ - for(var j = 0; j < 4; j++){ - $a_input(($td(table,i+1,j)), 'data'); - $td(table,i+1,j).innerHTML = cstr(fields_dict[i][$td(table,0,j).fieldname]) - } - } - } - - - $i('perm_engine_get_fields').innerHTML = ''+ dt + ' Fields at Level '+ permlevel +':

'; - var parent_field_table = make_table('perm_engine_get_fields',keys(parent_fields_dict).length+1, 4,'100%',['25%','25%','25%','25%'],{border:'1px solid #AAA',padding:'2px'}); - make_grid(parent_field_table, parent_fields_dict); - - child_tables = keys(table_fields_dict) - if(child_tables.length > 0){ - for(var k = 0; k < child_tables.length; k++){ - var tab_fields_det = table_fields_dict[child_tables[k]]; - if(keys(tab_fields_det).length > 0){ - $i('perm_engine_get_fields').innerHTML += '
'+ child_tables[k] + ' Fields at Level '+ permlevel +':

' - var child_field_table = make_table('perm_engine_get_fields',keys(tab_fields_det).length+1, 4,'100%',['25%','25%','25%','25%'],{border:'1px solid #AAA',padding:'2px'}); - make_grid(child_field_table, tab_fields_det); - } - } - } -} - - -// Update Permissions -// ----------------------- -pscript.PermEngine.prototype.update_permissions = function() { - var me = this; - var out = {}; - - var add_to_out = function(doctype, permlevel, role, key, value) { - if(!out[doctype]) out[doctype] = {}; - if(!out[doctype][permlevel]) out[doctype][permlevel] = {}; - if(!out[doctype][permlevel][role]) out[doctype][permlevel][role] = {}; - out[doctype][permlevel][role][key] = value; - } - - // check boxes - for(i in pscript.all_checkboxes) { - c = pscript.all_checkboxes[i]; - add_to_out(c.doctype, c.permlevel, c.role, c.perm_type, c.checked ? 1 : 0); - } - - // matches - for(var i=0; i