| rohitwaghchaure | a1064a6 | 2016-03-03 14:00:35 +0530 | [diff] [blame] | 1 | # Copyright (c) 2015, Frappe Technologies Pvt. Ltd. and Contributors |
| 2 | # License: GNU General Public License v3. See license.txt |
| 3 | |
| 4 | from __future__ import unicode_literals |
| 5 | import frappe |
| 6 | from frappe import _ |
| 7 | |
| 8 | def get_context(context): |
| 9 | context.no_cache = 1 |
| 10 | context.doc = frappe.get_doc(frappe.form_dict.doctype, frappe.form_dict.name) |
| 11 | context.parents = frappe.form_dict.parents |
| 12 | context.doc.supplier = get_supplier() |
| 13 | unauthrized_user(context.doc.supplier) |
| 14 | context["title"] = frappe.form_dict.name |
| 15 | |
| 16 | def unauthrized_user(supplier): |
| 17 | status = check_supplier_has_docname_access(supplier) |
| 18 | if status == False: |
| 19 | frappe.throw(_("Not Permitted"), frappe.PermissionError) |
| 20 | |
| 21 | def get_supplier(): |
| 22 | from erpnext.shopping_cart.utils import check_customer_or_supplier |
| 23 | key, parties = check_customer_or_supplier() |
| 24 | return parties[0] if key == 'Supplier' else '' |
| 25 | |
| 26 | def check_supplier_has_docname_access(supplier): |
| 27 | status = True |
| 28 | if frappe.form_dict.name not in frappe.db.sql_list("""select parent from `tabRFQ Supplier` |
| 29 | where supplier = '{supplier}'""".format(supplier=supplier)): |
| 30 | status = False |
| 31 | return status |