fix: filter select perm in get_doctypes_with_read

closes https://github.com/frappe/frappe/issues/26015 Extracted from https://github.com/frappe/frappe/pull/26018
2024-04-18 15:01:49 +05:30 · 2024-04-18 15:01:49 +05:30 · a1bb734079
commit a1bb734079
parent 1dcfadf5ca
2 changed files with 10 additions and 1 deletions
--- a/frappe/permissions.py
+++ b/frappe/permissions.py
@ -451,7 +451,7 @@ def has_controller_permissions(doc, ptype, user=None, debug=False) -> bool:


 def get_doctypes_with_read():
-	return list({cstr(p.parent) for p in get_valid_perms() if p.parent})
+	return list({cstr(p.parent) for p in get_valid_perms() if p.parent and p.read})


 def get_valid_perms(doctype=None, user=None):
--- a/frappe/tests/test_permissions.py
+++ b/frappe/tests/test_permissions.py
@ -5,6 +5,7 @@
 import frappe
 import frappe.defaults
 import frappe.model.meta
+from frappe.core.doctype.doctype.test_doctype import new_doctype
 from frappe.core.doctype.user_permission.user_permission import clear_user_permissions
 from frappe.core.page.permission_manager.permission_manager import reset, update
 from frappe.desk.form.load import getdoc
@ -17,6 +18,7 @@ from frappe.permissions import (
 	add_user_permission,
 	clear_user_permissions_for_doctype,
 	get_doc_permissions,
+	get_doctypes_with_read,
 	remove_user_permission,
 	update_permission_property,
 )
@ -736,3 +738,10 @@ class TestPermissions(FrappeTestCase):
 		)
 		frappe.set_user(system_user)
 		assertHasRole(GUEST_ROLE, ALL_USER_ROLE, SYSTEM_USER_ROLE)
+
+	def test_get_doctypes_with_read(self):
+		with self.set_user("Administrator"):
+			doctype = new_doctype(permissions=[{"select": 1, "role": "_Test Role", "read": 0}]).insert().name
+
+		with self.set_user("test@example.com"):
+			self.assertNotIn(doctype, get_doctypes_with_read())