fix: Apply field permlevel for doc GET via REST

2022-12-26 16:18:14 +05:30 · 2022-12-26 16:18:14 +05:30 · 84ccf3d128
commit 84ccf3d128
parent 92a705f8fd
2 changed files with 3 additions and 0 deletions
--- a/frappe/api.py
+++ b/frappe/api.py
@ -131,6 +131,7 @@ class _RESTAPIHandler:
 		doc = frappe.get_doc(self.doctype, self.name)
 		if not doc.has_permission("read"):
 			raise frappe.PermissionError
+		doc.apply_fieldlevel_read_permissions()
 		frappe.local.response.update({"data": doc})

 	def update_doc(self):
--- a/frappe/client.py
+++ b/frappe/client.py
@ -86,6 +86,8 @@ def get(doctype, name=None, filters=None, parent=None):
 		doc = frappe.get_doc(doctype)  # single

 	doc.check_permission()
+	doc.apply_fieldlevel_read_permissions()
+
 	return doc.as_dict()