Show Activity entries based on permissions. Completely fixes #1481
diff --git a/erpnext/home/doctype/feed/feed.json b/erpnext/home/doctype/feed/feed.json
index 755b8b8..1513661 100644
--- a/erpnext/home/doctype/feed/feed.json
+++ b/erpnext/home/doctype/feed/feed.json
@@ -1,61 +1,71 @@
{
- "autoname": "hash",
- "creation": "2012-07-03 13:29:42.000000",
- "docstatus": 0,
- "doctype": "DocType",
+ "autoname": "hash",
+ "creation": "2012-07-03 13:29:42",
+ "docstatus": 0,
+ "doctype": "DocType",
"fields": [
{
- "fieldname": "feed_type",
- "fieldtype": "Select",
- "label": "Feed Type",
+ "fieldname": "feed_type",
+ "fieldtype": "Select",
+ "in_list_view": 1,
+ "label": "Feed Type",
"permlevel": 0
- },
+ },
{
- "fieldname": "doc_type",
- "fieldtype": "Data",
- "label": "Doc Type",
+ "fieldname": "doc_type",
+ "fieldtype": "Data",
+ "in_list_view": 1,
+ "label": "Doc Type",
"permlevel": 0
- },
+ },
{
- "fieldname": "doc_name",
- "fieldtype": "Data",
- "label": "Doc Name",
+ "fieldname": "doc_name",
+ "fieldtype": "Data",
+ "in_list_view": 1,
+ "label": "Doc Name",
"permlevel": 0
- },
+ },
{
- "fieldname": "subject",
- "fieldtype": "Data",
- "label": "Subject",
+ "fieldname": "subject",
+ "fieldtype": "Data",
+ "in_list_view": 1,
+ "label": "Subject",
"permlevel": 0
- },
+ },
{
- "fieldname": "color",
- "fieldtype": "Data",
- "label": "Color",
+ "fieldname": "color",
+ "fieldtype": "Data",
+ "in_list_view": 1,
+ "label": "Color",
"permlevel": 0
- },
+ },
{
- "fieldname": "full_name",
- "fieldtype": "Data",
- "label": "Full Name",
+ "fieldname": "full_name",
+ "fieldtype": "Data",
+ "label": "Full Name",
"permlevel": 0
}
- ],
- "icon": "icon-rss",
- "idx": 1,
- "modified": "2013-12-20 19:24:05.000000",
- "modified_by": "Administrator",
- "module": "Home",
- "name": "Feed",
- "owner": "Administrator",
+ ],
+ "icon": "icon-rss",
+ "idx": 1,
+ "modified": "2014-05-02 08:27:23.936733",
+ "modified_by": "Administrator",
+ "module": "Home",
+ "name": "Feed",
+ "owner": "Administrator",
"permissions": [
{
- "email": 1,
- "permlevel": 0,
- "print": 1,
- "read": 1,
- "report": 1,
+ "email": 1,
+ "permlevel": 0,
+ "print": 1,
+ "read": 1,
+ "report": 1,
"role": "System Manager"
+ },
+ {
+ "permlevel": 0,
+ "read": 1,
+ "role": "All"
}
]
-}
+}
\ No newline at end of file
diff --git a/erpnext/home/doctype/feed/feed.py b/erpnext/home/doctype/feed/feed.py
index 45d8ea1..40c05f8 100644
--- a/erpnext/home/doctype/feed/feed.py
+++ b/erpnext/home/doctype/feed/feed.py
@@ -3,15 +3,42 @@
from __future__ import unicode_literals
import frappe
-
+import frappe.defaults
from frappe.model.document import Document
class Feed(Document):
pass
-
+
def on_doctype_update():
- if not frappe.db.sql("""show index from `tabFeed`
+ if not frappe.db.sql("""show index from `tabFeed`
where Key_name="feed_doctype_docname_index" """):
frappe.db.commit()
- frappe.db.sql("""alter table `tabFeed`
- add index feed_doctype_docname_index(doc_type, doc_name)""")
\ No newline at end of file
+ frappe.db.sql("""alter table `tabFeed`
+ add index feed_doctype_docname_index(doc_type, doc_name)""")
+
+def get_permission_query_conditions():
+ restrictions = frappe.defaults.get_restrictions()
+ can_read = frappe.user.get_can_read()
+
+ can_read_doctypes = ['"{}"'.format(doctype) for doctype in
+ list(set(can_read) - set(restrictions.keys()))]
+
+ if not can_read_doctypes:
+ return ""
+
+ conditions = ["tabFeed.doc_type in ({})".format(", ".join(can_read_doctypes))]
+
+ if restrictions:
+ can_read_docs = []
+ for doctype, names in restrictions.items():
+ for n in names:
+ can_read_docs.append('"{}|{}"'.format(doctype, n))
+
+ if can_read_docs:
+ conditions.append("concat_ws('|', tabFeed.doc_type, tabFeed.doc_name) in ({})".format(
+ ", ".join(can_read_docs)))
+
+ return "(" + " or ".join(conditions) + ")"
+
+def has_permission(doc):
+ return frappe.has_permission(doc.doc_type, "read", doc.doc_name)
diff --git a/erpnext/hooks.py b/erpnext/hooks.py
index 5d5adc6..4dcfdb0 100644
--- a/erpnext/hooks.py
+++ b/erpnext/hooks.py
@@ -25,6 +25,15 @@
standard_queries = "Customer:erpnext.selling.doctype.customer.customer.get_customer_list"
+permission_query_conditions = {
+ "Feed": "erpnext.home.doctype.feed.feed.get_permission_query_conditions",
+ }
+
+has_permission = {
+ "Feed": "erpnext.home.doctype.feed.feed.has_permission",
+ }
+
+
doc_events = {
"*": {
"on_update": "erpnext.home.update_feed",