From 1bb26f68d3997386ddc765d12c22c6dd7c2695bc Mon Sep 17 00:00:00 2001
From: Sumit Bhanushali <sumit.bhanushali63@gmail.com>
Date: Wed, 4 Dec 2024 17:25:06 +0530
Subject: [PATCH] fix: check at doc level when if owner role permission is
 checked during export from list view

(cherry picked from commit 1ed45ceb97868c9b517dd3066f0b4ea2cd5358f5)
---
 frappe/core/doctype/data_import/exporter.py | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/frappe/core/doctype/data_import/exporter.py b/frappe/core/doctype/data_import/exporter.py
index 4128ba396a..3300693e26 100644
--- a/frappe/core/doctype/data_import/exporter.py
+++ b/frappe/core/doctype/data_import/exporter.py
@@ -110,11 +110,21 @@ class Exporter:
 		return fields or []
 
 	def get_data_to_export(self):
-		frappe.permissions.can_export(self.doctype, raise_exception=True)
-
 		table_fields = [f for f in self.exportable_fields if f != self.doctype]
 		data = self.get_data_as_docs()
 
+		if not frappe.permissions.can_export(self.doctype):
+			if frappe.permissions.can_export(self.doctype, is_owner=True):
+				for doc in data:
+					if doc.get("owner") != frappe.session.user:
+						raise frappe.PermissionError(
+							_("You are not allowed to export {} doctype").format(self.doctype)
+						)
+			else:
+				raise frappe.PermissionError(
+					_("You are not allowed to export {} doctype").format(self.doctype)
+				)
+
 		for doc in data:
 			rows = []
 			rows = self.add_data_row(self.doctype, None, doc, rows, 0)
@@ -163,7 +173,7 @@ class Exporter:
 		parent_data = frappe.db.get_list(
 			self.doctype,
 			filters=filters,
-			fields=["name", *parent_fields],
+			fields=["name", "owner", *parent_fields],
 			limit_page_length=self.export_page_length,
 			order_by=order_by,
 			as_list=0,