[fresh install] [fix] replace allow roles with explicit has_permission checks for doctype py files

This commit is contained in:
Anand Doshi 2013-07-05 12:57:03 +05:30
parent 44935e4608
commit 901773a139
4 changed files with 23 additions and 14 deletions

View File

@ -35,8 +35,6 @@ class DocType:
self.account_list = []
self.ac_details = {} # key: account id, values: debit_or_credit, lft, rgt
self.roles = webnotes.user.get_roles()
self.period_list = []
self.period_start_date = {}
self.period_end_date = {}
@ -44,7 +42,7 @@ class DocType:
self.fs_list = []
self.root_bal = []
self.flag = 0
# Get defaults on load of MIS, MIS - Comparison Report and Financial statements
# ----------------------------------------------------
def get_comp(self):
@ -75,6 +73,7 @@ class DocType:
ret['month'] = mon
# ------------------------ get MIS Type on basis of roles of session user ------------------------------------------
self.roles = webnotes.user.get_roles()
if has_common(self.roles, ['Sales Manager']):
type.append('Sales')
if has_common(self.roles, ['Purchase Manager']):

View File

@ -13,8 +13,11 @@ class DocType():
self.doc = doc
self.doclist = doclist
@webnotes.whitelist(allow_roles=['System Manager', 'HR Manager', "HR User"])
@webnotes.whitelist()
def get_template():
if not webnotes.has_permission("Attendance", "create"):
raise webnotes.PermissionError
args = webnotes.form_dict
global doclist
doclist = webnotes.model.doctype.get("Attendance")
@ -96,8 +99,11 @@ def get_naming_series():
return series[0]
@webnotes.whitelist(allow_roles=['System Manager', 'HR Manager', "HR User"])
@webnotes.whitelist()
def upload():
if not webnotes.has_permission("Attendance", "create"):
raise webnotes.PermissionError
from webnotes.utils.datautils import read_csv_content_from_uploaded_file
from webnotes.modules import scrub

View File

@ -119,11 +119,12 @@ class DocType(DocListController):
def scrub_posting_time(self):
if not self.doc.posting_time or self.doc.posting_time == '00:0':
self.doc.posting_time = '00:00'
def on_doctype_update(self):
if not webnotes.conn.sql("""show index from `tabStock Ledger Entry`
where Key_name="posting_sort_index" """):
webnotes.conn.commit()
webnotes.conn.sql("""alter table `tabStock Ledger Entry`
add index posting_sort_index(posting_date, posting_time, name)""")
webnotes.conn.begin()
def on_doctype_update():
print "on_doctype_update called for SLE"
if not webnotes.conn.sql("""show index from `tabStock Ledger Entry`
where Key_name="posting_sort_index" """):
webnotes.conn.commit()
webnotes.conn.sql("""alter table `tabStock Ledger Entry`
add index posting_sort_index(posting_date, posting_time, name)""")
webnotes.conn.begin()

View File

@ -13,7 +13,7 @@ def get_doctypes():
return webnotes.conn.sql_list("""select name from tabDocType
where ifnull(allow_rename,0)=1 and module!='Core' order by name""")
@webnotes.whitelist(allow_roles=["System Manager"])
@webnotes.whitelist()
def upload(select_doctype=None, rows=None):
from webnotes.utils.datautils import read_csv_content_from_uploaded_file
from webnotes.modules import scrub
@ -21,6 +21,9 @@ def upload(select_doctype=None, rows=None):
if not select_doctype:
select_doctype = webnotes.form_dict.select_doctype
if not webnotes.has_permission(select_doctype, "write"):
raise webnotes.PermissionError
if not rows:
rows = read_csv_content_from_uploaded_file()