diff --git a/frappe/config/setup.py b/frappe/config/setup.py index d6fd0d34f2..967e014f3b 100644 --- a/frappe/config/setup.py +++ b/frappe/config/setup.py @@ -27,7 +27,7 @@ def get_data(): { "type": "page", "name": "user-permissions", - "label": _("User Permissions"), + "label": _("User Permissions Manager"), "icon": "icon-user", "description": _("Set Permissions per User") }, diff --git a/frappe/core/doctype/custom_field/custom_field.py b/frappe/core/doctype/custom_field/custom_field.py index 46b44d0e7d..ab910eeaca 100644 --- a/frappe/core/doctype/custom_field/custom_field.py +++ b/frappe/core/doctype/custom_field/custom_field.py @@ -84,16 +84,20 @@ def create_custom_field_if_values_exist(doctype, df): df = frappe._dict(df) if df.fieldname in frappe.db.get_table_columns(doctype) and \ frappe.db.sql("""select count(*) from `tab{doctype}` - where ifnull({fieldname},'')!=''""".format(doctype=doctype, fieldname=df.fieldname))[0][0] and \ - not frappe.db.get_value("Custom Field", {"dt": doctype, "fieldname": df.fieldname}): - frappe.get_doc({ - "doctype":"Custom Field", - "dt": doctype, - "permlevel": df.permlevel or 0, - "label": df.label, - "fieldname": df.fieldname, - "fieldtype": df.fieldtype, - "options": df.options, - "insert_after": df.insert_after - }).insert() + where ifnull({fieldname},'')!=''""".format(doctype=doctype, fieldname=df.fieldname))[0][0]: + create_custom_field(doctype, df) + + +def create_custom_field(doctype, df): + if not frappe.db.get_value("Custom Field", {"dt": doctype, "fieldname": df.fieldname}): + frappe.get_doc({ + "doctype":"Custom Field", + "dt": doctype, + "permlevel": df.permlevel or 0, + "label": df.label, + "fieldname": df.fieldname, + "fieldtype": df.fieldtype, + "options": df.options, + "insert_after": df.insert_after + }).insert() diff --git a/frappe/core/doctype/user/user.js b/frappe/core/doctype/user/user.js index 10547f1fe0..ba5fe4bbff 100644 --- a/frappe/core/doctype/user/user.js +++ b/frappe/core/doctype/user/user.js @@ -51,7 +51,7 @@ cur_frm.cscript.refresh = function(doc) { frappe.route_options = { "user": doc.name }; - frappe.set_route("user-properties"); + frappe.set_route("user-permissions"); }) if(has_common(user_roles, ["Administrator", "System Manager"])) { diff --git a/frappe/core/page/permission_manager/permission_manager.js b/frappe/core/page/permission_manager/permission_manager.js index 0b091c4dd6..bd1affee2a 100644 --- a/frappe/core/page/permission_manager/permission_manager.js +++ b/frappe/core/page/permission_manager/permission_manager.js @@ -173,8 +173,8 @@ frappe.PermissionEngine = Class.extend({ \ ").appendTo(this.body); - $.each([["Document Type", 150], ["Role", 150], ["Level", 40], - ["Permissions", 370], ["", 40]], function(i, col) { + $.each([["Document Type", 150], ["Role", 170], ["Level", 40], + ["Permissions", 350], ["", 40]], function(i, col) { $("").html(col[0]).css("width", col[1]+"px") .appendTo(me.table.find("thead tr")); }); @@ -214,7 +214,9 @@ frappe.PermissionEngine = Class.extend({ me.set_show_users(role_cell, d.role); if (d.permlevel===0) { - add_check(role_cell, d, "apply_user_permissions").removeClass("col-md-4"); + add_check(role_cell, d, "apply_user_permissions") + .removeClass("col-md-4") + .css({"margin-top": "15px"}); } var cell = add_cell(row, d, "permlevel"); @@ -385,7 +387,7 @@ var permissions_help = ['', '
  • ', __('You can use Customize Form to set levels on fields.') @@ -447,27 +449,18 @@ var permissions_help = ['
    • ', - __('Restricting Users'), + __('User Permissions'), ':', '
      ', '
    1. ', - __("To give acess to a role for only specific records, check the 'Restricted' perimssion. User Restriction Records are used to restrict users with such role to specific records.") - + ' (' + __('Setup > User Restriction') + ')', + __("To give acess to a role for only specific records, check the 'Apply User Permissions'. User Permissions are used to limit users with such role to specific records.") + + ' (' + __('Setup > User Permissions Manager') + ')', '
      2. ', '
    2. ', - __("If 'Restricted' is not checked, you can still restrict permissions based on certain values, like Company or Territory in a document by setting User Restrictions. But unless any restriction is set, a user will have permissions based on the Role."), + __("Once you have set this, the users will only be able access documents (eg. Blog Post) where the link exists (eg. Blogger)."), '
      3. ', '
    3. ', - __("Permissions at higher levels are 'Field Level' permissions. All Fields have a 'Permission Level' set against them and the rules defined at that permissions apply to the field. This is useful in case you want to hide or make certain field read-only."), - '
      4. ', - '
    4. ', - __("If 'Restricted' is checked, the owner is always allowed based on Role."), - '
      5. ', - '
    5. ', - __("Once you have set this, the users will only be able access documents where the link (e.g Company) exists."), - '
      6. ', - '
    6. ', - __("Apart from System Manager, roles with 'Can Restrict Others' permission can restrict other users for that Document Type."), + __("Apart from System Manager, roles with 'Set User Permissions' right can set permissions for other users for that Document Type."), '
      7. ', '
    ', '', diff --git a/frappe/core/page/user_permissions/user_permissions.js b/frappe/core/page/user_permissions/user_permissions.js index b19e20c5c4..681eea2e24 100644 --- a/frappe/core/page/user_permissions/user_permissions.js +++ b/frappe/core/page/user_permissions/user_permissions.js @@ -2,6 +2,7 @@ frappe.pages['user-permissions'].onload = function(wrapper) { frappe.ui.make_app_page({ parent: wrapper, title: "User Permissions Manager", + icon: "icon-user", single_column: true }); $(wrapper).find(".layout-main").html("
    \ @@ -14,10 +15,7 @@ frappe.pages['user-permissions'].onload = function(wrapper) { + "" + "
  • " - + __("These permissions will apply for all transactions where the permitted record is linked.") - - + __("For example, if Company C is added to User Permissions of user X, \ - user X will only be able to see transactions that has company C as a linked value.") + + __("These permissions will apply for all transactions where the permitted record is linked. For example, if Company C is added to User Permissions of user X, user X will only be able to see transactions that has company C as a linked value.") + "
    • " + "
  • " @@ -61,16 +59,16 @@ frappe.UserPermissions = Class.extend({ options: (["Select User..."].concat(r.message.users)).join("\n") }); - me.filters.property = me.wrapper.appframe.add_field({ - fieldname: "property", - label: __("Property"), + me.filters.doctype = me.wrapper.appframe.add_field({ + fieldname: "doctype", + label: __("DocType"), fieldtype: "Select", - options: (["Select Property..."].concat(me.get_link_names())).join("\n") + options: (["Select DocType..."].concat(me.get_link_names())).join("\n") }); me.filters.user_permission = me.wrapper.appframe.add_field({ fieldname: "user_permission", - label: __("User Permission"), + label: __("Name"), fieldtype: "Link", options: "[Select]" }); @@ -83,8 +81,8 @@ frappe.UserPermissions = Class.extend({ }); // change options in user_permission link - me.filters.property.$input.on("change", function() { - me.filters.user_permission.df.options = $(this).val(); + me.filters.doctype.$input.on("change", function() { + me.filters.user_permission.df.options = me.get_doctype(); }); me.set_from_route(); @@ -112,9 +110,9 @@ frappe.UserPermissions = Class.extend({ var user = this.filters.user.$input.val(); return user=="Select User..." ? null : user; }, - get_property: function() { - var property = this.filters.property.$input.val(); - return property=="Select Property..." ? null : property; + get_doctype: function() { + var doctype = this.filters.doctype.$input.val(); + return doctype=="Select DocType..." ? null : doctype; }, get_user_permission: function() { // autosuggest hack! @@ -127,9 +125,9 @@ frappe.UserPermissions = Class.extend({ if(!prop_list || !prop_list.length) { this.body.html("
    "+__("No User Permissions found.")+"
    "); } else { - this.show_property_table(); + this.show_user_permissions_table(); } - this.show_add_property(); + this.show_add_user_permission(); }, refresh: function() { var me = this; @@ -137,8 +135,8 @@ frappe.UserPermissions = Class.extend({ this.body.html("
    "+__("Loading")+"...
    "); return; } - if(!me.get_user() && !me.get_property()) { - this.body.html("
    "+__("Select User or Property to start.")+"
    "); + if(!me.get_user() && !me.get_doctype()) { + this.body.html("
    "+__("Select User or DocType to start.")+"
    "); return; } // get permissions @@ -148,7 +146,7 @@ frappe.UserPermissions = Class.extend({ method: "get_permissions", args: { parent: me.get_user(), - defkey: me.get_property(), + defkey: me.get_doctype(), defvalue: me.get_user_permission() }, callback: function(r) { @@ -156,14 +154,14 @@ frappe.UserPermissions = Class.extend({ } }); }, - show_property_table: function() { + show_user_permissions_table: function() { var me = this; this.table = $("
    • \ \ \
    ").appendTo(this.body); - $.each([[__("User"), 150], [__("Type"), 150], [__("Restricted To"),150], ["", 50]], + $.each([[__("User"), 150], [__("DocType"), 150], [__("User Permission"),150], ["", 50]], function(i, col) { $("").html(col[0]).css("width", col[1]+"px") .appendTo(me.table.find("thead tr")); @@ -212,17 +210,17 @@ frappe.UserPermissions = Class.extend({ }); }, - show_add_property: function() { + show_add_user_permission: function() { var me = this; $("") .appendTo($("

    ").appendTo(this.body)) .click(function() { var d = new frappe.ui.Dialog({ - title: "Add New Property", + title: "Add New User Permission", fields: [ {fieldtype:"Select", label:__("User"), options:me.options.users, reqd:1, fieldname:"user"}, - {fieldtype:"Select", label: __("Property"), fieldname:"defkey", + {fieldtype:"Select", label: __("DocType"), fieldname:"defkey", options:me.get_link_names(), reqd:1}, {fieldtype:"Link", label:__("Value"), fieldname:"defvalue", options:'[Select]', reqd:1}, @@ -233,8 +231,8 @@ frappe.UserPermissions = Class.extend({ d.set_value("user", me.get_user()); d.get_input("user").prop("disabled", true); } - if(me.get_property()) { - d.set_value("defkey", me.get_property()); + if(me.get_doctype()) { + d.set_value("defkey", me.get_doctype()); d.get_input("defkey").prop("disabled", true); } if(me.get_user_permission()) { diff --git a/frappe/core/page/user_permissions/user_permissions.json b/frappe/core/page/user_permissions/user_permissions.json index cdb74628d2..f4e5d95ae5 100644 --- a/frappe/core/page/user_permissions/user_permissions.json +++ b/frappe/core/page/user_permissions/user_permissions.json @@ -1,16 +1,19 @@ { - "creation": "2013-01-01 18:50:55.000000", - "docstatus": 0, - "doctype": "Page", - "icon": "icon-user", - "idx": 1, - "modified": "2014-05-26 11:11:56.000000", - "modified_by": "Administrator", - "module": "Core", - "name": "user-permissions", - "owner": "Administrator", - "page_name": "user-permissions", - "roles": [], - "standard": "Yes", + "content": null, + "creation": "2013-01-01 18:50:55", + "docstatus": 0, + "doctype": "Page", + "icon": "icon-user", + "idx": 1, + "modified": "2014-05-28 16:53:43.103533", + "modified_by": "Administrator", + "module": "Core", + "name": "user-permissions", + "owner": "Administrator", + "page_name": "user-permissions", + "roles": [], + "script": null, + "standard": "Yes", + "style": null, "title": "User Permissions Manager" -} +} \ No newline at end of file diff --git a/frappe/core/page/user_permissions/user_permissions.py b/frappe/core/page/user_permissions/user_permissions.py index 236800a7d8..5ad93f7bff 100644 --- a/frappe/core/page/user_permissions/user_permissions.py +++ b/frappe/core/page/user_permissions/user_permissions.py @@ -3,6 +3,7 @@ from __future__ import unicode_literals import frappe +from frappe import _ import frappe.defaults import frappe.permissions from frappe.core.doctype.user.user import get_system_users @@ -51,17 +52,17 @@ def _build_conditions(filters): @frappe.whitelist() def remove(user, name, defkey, defvalue): - if not frappe.permissions.can_set_user_permissions_for_user(user, defkey, defvalue): - raise frappe.PermissionError("Cannot Remove Permission for User: {user} on DocType: {doctype} and Name: {name}".format( - user=user, doctype=defkey, name=defvalue)) + if not frappe.permissions.can_set_user_permissions(defkey, defvalue): + frappe.throw(_("Cannot remove permission for DocType: {0} and Name: {1}").format( + defkey, defvalue), frappe.PermissionError) frappe.permissions.remove_user_permission(defkey, defvalue, user, name) @frappe.whitelist() def add(user, defkey, defvalue): - if not frappe.permissions.can_set_user_permissions_for_user(user, defkey, defvalue): - raise frappe.PermissionError("Cannot Set Permission for User: {user} on DocType: {doctype} and Name: {name}".format( - user=user, doctype=defkey, name=defvalue)) + if not frappe.permissions.can_set_user_permissions(defkey, defvalue): + frappe.throw(_("Cannot set permission for DocType: {0} and Name: {1}").format( + defkey, defvalue), frappe.PermissionError) frappe.permissions.add_user_permission(defkey, defvalue, user) diff --git a/frappe/patches.txt b/frappe/patches.txt index 9402fef8d9..e15fd90fa3 100644 --- a/frappe/patches.txt +++ b/frappe/patches.txt @@ -12,7 +12,6 @@ execute:frappe.db.sql("alter table `tabSessions` modify `user` varchar(255), eng frappe.patches.v4_0.remove_old_parent frappe.patches.v4_0.remove_index_sitemap frappe.patches.v4_0.add_delete_permission -frappe.patches.v4_0.move_match_to_restricted frappe.patches.v4_0.set_todo_checked_as_closed frappe.patches.v4_0.website_sitemap_hierarchy frappe.patches.v4_0.webnotes_to_frappe @@ -31,3 +30,4 @@ frappe.patches.v4_0.deprecate_link_selects frappe.patches.v4_0.set_user_gravatar frappe.patches.v4_0.update_custom_field_insert_after frappe.patches.v4_0.set_user_permissions +frappe.patches.v4_0.create_custom_field_for_owner_match diff --git a/frappe/patches/v4_0/create_custom_field_for_owner_match.py b/frappe/patches/v4_0/create_custom_field_for_owner_match.py new file mode 100644 index 0000000000..3d39b22e8a --- /dev/null +++ b/frappe/patches/v4_0/create_custom_field_for_owner_match.py @@ -0,0 +1,38 @@ +# Copyright (c) 2013, Web Notes Technologies Pvt. Ltd. and Contributors +# MIT License. See license.txt + +from __future__ import unicode_literals +import frappe +from frappe.core.doctype.custom_field.custom_field import create_custom_field + +def execute(): + if "match" in frappe.db.get_table_columns("DocPerm"): + create_custom_field_for_owner_match() + +def create_custom_field_for_owner_match(): + frappe.db.sql("""update `tabDocPerm` set apply_user_permissions=1 where `match`='owner'""") + + for dt in frappe.db.sql_list("""select distinct parent from `tabDocPerm` + where `match`='owner' and permlevel=0"""): + + # a link field pointing to User already exists + if frappe.db.get_value("DocField", {"parent": dt, "fieldtype": "Link", "options": "User", + "default": "__user"}): + print "User link field already exists for", dt + continue + + fieldname = "{}_owner".format(frappe.scrub(dt)) + + create_custom_field(dt, frappe._dict({ + "permlevel": 0, + "label": "{} Owner".format(dt), + "fieldname": fieldname, + "fieldtype": "Link", + "options": "User" + })) + + frappe.db.sql("""update `tab{doctype}` set `{fieldname}`=owner""".format(doctype=dt, + fieldname=fieldname)) + + # commit is required so that we don't lose these changes because of an error in next loop's ddl + frappe.db.commit() diff --git a/frappe/patches/v4_0/move_match_to_restricted.py b/frappe/patches/v4_0/move_match_to_restricted.py deleted file mode 100644 index d8706bc325..0000000000 --- a/frappe/patches/v4_0/move_match_to_restricted.py +++ /dev/null @@ -1,10 +0,0 @@ -# Copyright (c) 2013, Web Notes Technologies Pvt. Ltd. and Contributors -# MIT License. See license.txt - -from __future__ import unicode_literals -import frappe - -def execute(): - frappe.reload_doc("core", "doctype", "docperm") - frappe.db.sql("""update `tabDocPerm` set apply_user_permissions=1 where `match`='owner'""") - frappe.clear_cache() diff --git a/frappe/patches/v4_0/set_user_permissions.py b/frappe/patches/v4_0/set_user_permissions.py index fb1d94c4b9..b25f68c09c 100644 --- a/frappe/patches/v4_0/set_user_permissions.py +++ b/frappe/patches/v4_0/set_user_permissions.py @@ -3,16 +3,22 @@ from __future__ import unicode_literals import frappe -from frappe.core.page.user_permissions.user_permissions import add +import frappe.permissions def execute(): - if "match" in frappe.db.get_table_columns("DocPerm"): - add_user_permissions_for_owner_match() + frappe.reload_doc("core", "doctype", "docperm") + table_columns = frappe.db.get_table_columns("DocPerm") + if "restricted" in table_columns: + frappe.db.sql("""update `tabDocPerm` set apply_user_permissions=1 where ifnull(apply_user_permissions, 0)=0 + and restricted=1""") + + if "match" in table_columns: + frappe.db.sql("""update `tabDocPerm` set apply_user_permissions=1 + where ifnull(apply_user_permissions, 0)=0 and ifnull(`match`, '')!=''""") + + # change Restriction to User Permission in tabDefaultValue + frappe.db.sql("""update `tabDefaultValue` set parenttype='User Permission' where parenttype='Restriction'""") + + frappe.clear_cache() -def add_user_permissions_for_owner_match(): - for dt, role in frappe.db.sql("""select distinct parent, role from `tabDocPerm` where `match`='owner'"""): - for user in frappe.db.sql("""select distinct parent from `tabUserRole` where role=%s""", role): - for name in frappe.db.sql_list("""select name from `tab{doctype}` where owner=%s""".format(dt), user): - # add to user permissions - add(user, dt, name) diff --git a/frappe/permissions.py b/frappe/permissions.py index 40d5cb69f3..f5146e90c0 100644 --- a/frappe/permissions.py +++ b/frappe/permissions.py @@ -106,16 +106,6 @@ def has_controller_permissions(doc): return True -def can_set_user_permissions_for_user(user, doctype, docname=None): - if not can_set_user_permissions(doctype, docname): - return False - - # check if target user does not have permission to set user permissions - if get_role_permissions(frappe.get_meta(doctype), user).set_user_permissions==1: - return False - - return True - def can_set_user_permissions(doctype, docname=None): # System Manager can always set user permissions if "System Manager" in frappe.get_roles(): diff --git a/frappe/public/js/frappe/form/assign_to.js b/frappe/public/js/frappe/form/assign_to.js index 77abe07362..9ab65cd876 100644 --- a/frappe/public/js/frappe/form/assign_to.js +++ b/frappe/public/js/frappe/form/assign_to.js @@ -88,35 +88,22 @@ frappe.ui.form.AssignTo = Class.extend({ fields: [ {fieldtype:'Link', fieldname:'assign_to', options:'User', label:__("Assign To"), - description:__("Add to To Do List of"), reqd:true}, + description:__("Add to To Do List Of"), reqd:true}, {fieldtype:'Data', fieldname:'description', label:__("Comment"), reqd:true}, {fieldtype:'Date', fieldname:'date', label: __("Complete By")}, {fieldtype:'Select', fieldname:'priority', label: __("Priority"), options:'Low\nMedium\nHigh', 'default':'Medium'}, {fieldtype:'Check', fieldname:'notify', - label:__("Notify By Email"), "default":1}, - {fieldtype:'Check', fieldname:'set_user_permissions', - label:__("Add This To User Permission") - + ' '}, + label:__("Notify by Email"), "default":1}, {fieldtype:'Button', label:__("Add"), fieldname:'add_btn'} ] }); - me.dialog.fields_dict.set_user_permissions.$wrapper - .find(".assign-user-properties") - .on("click", function() { - frappe.route_options = { - property: me.frm.doctype, - user: me.dialog.get_value("assign_to") - }; - frappe.set_route("user-properties"); - }); - me.dialog.fields_dict.add_btn.input.onclick = function() { var assign_to = me.dialog.fields_dict.assign_to.get_value(); var args = me.dialog.get_values(); - if(assign_to) { + if(args && assign_to) { return frappe.call({ method:'frappe.widgets.form.assign_to.add', args: $.extend(args, { @@ -139,22 +126,11 @@ frappe.ui.form.AssignTo = Class.extend({ } me.dialog.clear(); - (function toggle_set_user_permissions() { - var can_set_user_permissions = frappe.model.can_set_user_permissions(me.frm.doctype, me.frm); - me.dialog.fields_dict.set_user_permissions.$wrapper.toggle(can_set_user_permissions); - me.dialog.get_input("set_user_permissions").prop("checked", can_set_user_permissions); - })(); - if(me.frm.meta.title_field) { me.dialog.set_value("description", me.frm.doc[me.frm.meta.title_field]) } me.dialog.show(); - - if(!frappe.perm.get_perm(me.frm.doctype)[0].set_user_permissions) { - me.dialog.fields_dict.set_user_permissions.set_input(0); - me.dialog.fields_dict.set_user_permissions.$wrapper.toggle(false); - } } }); diff --git a/frappe/public/js/frappe/form/control.js b/frappe/public/js/frappe/form/control.js index e1c10807bf..60516ba523 100644 --- a/frappe/public/js/frappe/form/control.js +++ b/frappe/public/js/frappe/form/control.js @@ -843,13 +843,17 @@ frappe.ui.form.ControlLink = frappe.ui.form.ControlData.extend({ } }); - var cache = {}; + this.$input.cache = {}; this.$input.autocomplete({ minLength: 0, source: function(request, response) { - if (cache[request.term]!=null) { + if (!me.$input.cache[me.df.options]) { + me.$input.cache[me.df.options] = {}; + } + + if (me.$input.cache[me.df.options][request.term]!=null) { // from cache - response(cache[request.term]); + response(me.$input.cache[me.df.options][request.term]); return; } @@ -872,7 +876,7 @@ frappe.ui.form.ControlLink = frappe.ui.form.ControlData.extend({ make_new: true }); }; - cache[request.term] = r.results; + me.$input.cache[me.df.options][request.term] = r.results; response(r.results); }, }); diff --git a/frappe/public/js/frappe/form/infobar.js b/frappe/public/js/frappe/form/infobar.js index 05178af4a7..62ba2b4801 100644 --- a/frappe/public/js/frappe/form/infobar.js +++ b/frappe/public/js/frappe/form/infobar.js @@ -44,10 +44,10 @@ frappe.ui.form.InfoBar = Class.extend({ this.$user_properties = this.appframe.add_icon_btn("2", "icon-shield", __("User Permissions Manager"), function() { frappe.route_options = { - property: me.frm.doctype, - restriction: me.frm.docname + doctype: me.frm.doctype, + name: me.frm.docname }; - frappe.set_route("user-properties"); + frappe.set_route("user-permissions"); }); } diff --git a/frappe/public/js/frappe/views/doclistview.js b/frappe/public/js/frappe/views/doclistview.js index 442e37936e..6aa8f4a053 100644 --- a/frappe/public/js/frappe/views/doclistview.js +++ b/frappe/public/js/frappe/views/doclistview.js @@ -259,7 +259,7 @@ frappe.views.DocListView = frappe.ui.Listing.extend({ frappe.route_options = { property: me.doctype }; - frappe.set_route("user-properties"); + frappe.set_route("user-permissions"); }); } if(in_list(user_roles, "System Manager")) { diff --git a/frappe/public/js/frappe/views/query_report.js b/frappe/public/js/frappe/views/query_report.js index 4e471114ea..b258cfa597 100644 --- a/frappe/public/js/frappe/views/query_report.js +++ b/frappe/public/js/frappe/views/query_report.js @@ -72,12 +72,12 @@ frappe.views.QueryReport = Class.extend({ "icon-download"); if(frappe.model.can_set_user_permissions("Report")) { - this.appframe.add_primary_action(__("User Restrictions"), function() { + this.appframe.add_primary_action(__("User Permissions"), function() { frappe.route_options = { - property: "Report", - restriction: me.report_name + doctype: "Report", + name: me.report_name }; - frappe.set_route("user-properties"); + frappe.set_route("user-permissions"); }, "icon-shield"); } }, diff --git a/frappe/public/js/frappe/views/reportview.js b/frappe/public/js/frappe/views/reportview.js index b076e44a4f..a90bbf3655 100644 --- a/frappe/public/js/frappe/views/reportview.js +++ b/frappe/public/js/frappe/views/reportview.js @@ -558,10 +558,10 @@ frappe.views.ReportView = frappe.ui.Listing.extend({ if(this.docname && frappe.model.can_set_user_permissions("Report")) { this.page.appframe.add_button(__("User Permissions Manager"), function() { frappe.route_options = { - property: "Report", - restriction: me.docname + doctype: "Report", + name: me.docname }; - frappe.set_route("user-properties"); + frappe.set_route("user-permissions"); }, "icon-shield"); } }, diff --git a/frappe/website/doctype/about_us_settings/about_us_settings.json b/frappe/website/doctype/about_us_settings/about_us_settings.json index 674fe27d52..a65c9aea2a 100644 --- a/frappe/website/doctype/about_us_settings/about_us_settings.json +++ b/frappe/website/doctype/about_us_settings/about_us_settings.json @@ -1,6 +1,6 @@ { "allow_attach": 1, - "creation": "2013-03-19 12:02:15.000000", + "creation": "2013-03-19 12:02:15", "description": "Settings for the About Us Page", "docstatus": 0, "doctype": "DocType", @@ -18,6 +18,7 @@ "description": "Introduce your company to the website visitor.", "fieldname": "company_introduction", "fieldtype": "Text Editor", + "in_list_view": 1, "label": "Company Introduction", "permlevel": 0, "read_only": 0 @@ -33,6 +34,7 @@ "description": "\"Company History\"", "fieldname": "company_history_heading", "fieldtype": "Data", + "in_list_view": 1, "label": "Org History Heading", "permlevel": 0, "read_only": 0 @@ -80,13 +82,14 @@ "icon": "icon-group", "idx": 1, "issingle": 1, - "modified": "2013-12-20 19:22:52.000000", + "modified": "2014-05-28 17:14:48.015912", "modified_by": "Administrator", "module": "Website", "name": "About Us Settings", "owner": "Administrator", "permissions": [ { + "apply_user_permissions": 0, "create": 1, "email": 1, "permlevel": 0, diff --git a/frappe/website/doctype/blog_post/test_blog_post.py b/frappe/website/doctype/blog_post/test_blog_post.py index 034f5664dc..6d76016b03 100644 --- a/frappe/website/doctype/blog_post/test_blog_post.py +++ b/frappe/website/doctype/blog_post/test_blog_post.py @@ -92,7 +92,7 @@ class TestBlogPost(unittest.TestCase): def test_not_allowed_to_set_user_permissions(self): frappe.set_user("test2@example.com") - # this user can't add restriction + # this user can't add user permissions self.assertRaises(frappe.PermissionError, add, "test2@example.com", "Blog Post", "_test-blog-post") @@ -101,7 +101,7 @@ class TestBlogPost(unittest.TestCase): frappe.set_user("test2@example.com") - # user can only access restricted blog post + # user can only access permitted blog post doc = frappe.get_doc("Blog Post", "_test-blog-post") self.assertTrue(doc.has_permission("read")) @@ -115,7 +115,7 @@ class TestBlogPost(unittest.TestCase): frappe.set_user("test2@example.com") - # user cannot remove their own restriction + # user cannot remove their own user permissions self.assertRaises(frappe.PermissionError, remove, "test2@example.com", defname, "Blog Post", "_test-blog-post") diff --git a/frappe/website/doctype/blogger/blogger.json b/frappe/website/doctype/blogger/blogger.json index 323588ea37..0332dcadc5 100644 --- a/frappe/website/doctype/blogger/blogger.json +++ b/frappe/website/doctype/blogger/blogger.json @@ -62,7 +62,7 @@ "icon": "icon-user", "idx": 1, "max_attachments": 1, - "modified": "2014-05-27 03:49:07.960305", + "modified": "2014-05-28 16:52:15.743071", "modified_by": "Administrator", "module": "Website", "name": "Blogger", @@ -70,11 +70,16 @@ "permissions": [ { "create": 1, + "delete": 1, "email": 1, + "export": 1, + "import": 1, "permlevel": 0, "print": 1, "read": 1, + "report": 1, "role": "Website Manager", + "set_user_permissions": 1, "write": 1 }, { diff --git a/frappe/widgets/form/assign_to.py b/frappe/widgets/form/assign_to.py index 34d4b99938..b31b5779e9 100644 --- a/frappe/widgets/form/assign_to.py +++ b/frappe/widgets/form/assign_to.py @@ -29,7 +29,7 @@ def add(args=None): if frappe.db.sql("""select owner from `tabToDo` where reference_type=%(doctype)s and reference_name=%(name)s and status="Open" and owner=%(assign_to)s""", args): - frappe.msgprint(_("Already in todo"), raise_exception=True) + frappe.msgprint(_("Already in user's To Do list"), raise_exception=True) return else: from frappe.utils import nowdate @@ -50,15 +50,6 @@ def add(args=None): if frappe.get_meta(args['doctype']).get_field("assigned_to"): frappe.db.set_value(args['doctype'], args['name'], "assigned_to", args['assign_to']) - try: - if cint(args.get("set_user_permissions")): - from frappe.core.page.user_permissions import user_permissions - user_permissions.add(args['assign_to'], args['doctype'], args['name']) - frappe.msgprint(_("User Permission added")) - except frappe.PermissionError: - frappe.throw(_("Not permitted to set user permissions of User {0} for {1} {2}").format(args["assign_to"], - args["doctype"], args["name"])) - # notify if not args.get("no_notification"): notify_assignment(d.assigned_by, d.owner, d.reference_type, d.reference_name, action='ASSIGN', description=args.get("description"), notify=args.get('notify'))