[fresh install] [fix] replace allow roles with explicit has_permission checks for doctype py files
diff --git a/accounts/doctype/mis_control/mis_control.py b/accounts/doctype/mis_control/mis_control.py
index 17971fe..35d2bc2 100644
--- a/accounts/doctype/mis_control/mis_control.py
+++ b/accounts/doctype/mis_control/mis_control.py
@@ -35,8 +35,6 @@
self.account_list = []
self.ac_details = {} # key: account id, values: debit_or_credit, lft, rgt
- self.roles = webnotes.user.get_roles()
-
self.period_list = []
self.period_start_date = {}
self.period_end_date = {}
@@ -44,7 +42,7 @@
self.fs_list = []
self.root_bal = []
self.flag = 0
-
+
# Get defaults on load of MIS, MIS - Comparison Report and Financial statements
# ----------------------------------------------------
def get_comp(self):
@@ -75,6 +73,7 @@
ret['month'] = mon
# ------------------------ get MIS Type on basis of roles of session user ------------------------------------------
+ self.roles = webnotes.user.get_roles()
if has_common(self.roles, ['Sales Manager']):
type.append('Sales')
if has_common(self.roles, ['Purchase Manager']):
diff --git a/hr/doctype/upload_attendance/upload_attendance.py b/hr/doctype/upload_attendance/upload_attendance.py
index ee4234a..54b8e49 100644
--- a/hr/doctype/upload_attendance/upload_attendance.py
+++ b/hr/doctype/upload_attendance/upload_attendance.py
@@ -13,8 +13,11 @@
self.doc = doc
self.doclist = doclist
-@webnotes.whitelist(allow_roles=['System Manager', 'HR Manager', "HR User"])
+@webnotes.whitelist()
def get_template():
+ if not webnotes.has_permission("Attendance", "create"):
+ raise webnotes.PermissionError
+
args = webnotes.form_dict
global doclist
doclist = webnotes.model.doctype.get("Attendance")
@@ -96,8 +99,11 @@
return series[0]
-@webnotes.whitelist(allow_roles=['System Manager', 'HR Manager', "HR User"])
+@webnotes.whitelist()
def upload():
+ if not webnotes.has_permission("Attendance", "create"):
+ raise webnotes.PermissionError
+
from webnotes.utils.datautils import read_csv_content_from_uploaded_file
from webnotes.modules import scrub
diff --git a/stock/doctype/stock_ledger_entry/stock_ledger_entry.py b/stock/doctype/stock_ledger_entry/stock_ledger_entry.py
index b2a1085..c216c42 100644
--- a/stock/doctype/stock_ledger_entry/stock_ledger_entry.py
+++ b/stock/doctype/stock_ledger_entry/stock_ledger_entry.py
@@ -119,11 +119,12 @@
def scrub_posting_time(self):
if not self.doc.posting_time or self.doc.posting_time == '00:0':
self.doc.posting_time = '00:00'
-
- def on_doctype_update(self):
- if not webnotes.conn.sql("""show index from `tabStock Ledger Entry`
- where Key_name="posting_sort_index" """):
- webnotes.conn.commit()
- webnotes.conn.sql("""alter table `tabStock Ledger Entry`
- add index posting_sort_index(posting_date, posting_time, name)""")
- webnotes.conn.begin()
\ No newline at end of file
+
+def on_doctype_update():
+ print "on_doctype_update called for SLE"
+ if not webnotes.conn.sql("""show index from `tabStock Ledger Entry`
+ where Key_name="posting_sort_index" """):
+ webnotes.conn.commit()
+ webnotes.conn.sql("""alter table `tabStock Ledger Entry`
+ add index posting_sort_index(posting_date, posting_time, name)""")
+ webnotes.conn.begin()
\ No newline at end of file
diff --git a/utilities/doctype/rename_tool/rename_tool.py b/utilities/doctype/rename_tool/rename_tool.py
index 5accf3c..4da3a28 100644
--- a/utilities/doctype/rename_tool/rename_tool.py
+++ b/utilities/doctype/rename_tool/rename_tool.py
@@ -13,7 +13,7 @@
return webnotes.conn.sql_list("""select name from tabDocType
where ifnull(allow_rename,0)=1 and module!='Core' order by name""")
-@webnotes.whitelist(allow_roles=["System Manager"])
+@webnotes.whitelist()
def upload(select_doctype=None, rows=None):
from webnotes.utils.datautils import read_csv_content_from_uploaded_file
from webnotes.modules import scrub
@@ -21,6 +21,9 @@
if not select_doctype:
select_doctype = webnotes.form_dict.select_doctype
+
+ if not webnotes.has_permission(select_doctype, "write"):
+ raise webnotes.PermissionError
if not rows:
rows = read_csv_content_from_uploaded_file()