diff --git a/frappe/client.py b/frappe/client.py
index 1695b39d3a..c8ec3a7156 100644
--- a/frappe/client.py
+++ b/frappe/client.py
@@ -28,7 +28,7 @@ def get_list(doctype, fields=None, filters=None, order_by=None,
 	:param limit_start: Start at this index
 	:param limit_page_length: Number of records to be returned (default 20)'''
 	if frappe.is_table(doctype):
-		check_parent_permission(parent)
+		check_parent_permission(parent, doctype)
 
 	return frappe.get_list(doctype, fields=fields, filters=filters, order_by=order_by,
 		limit_start=limit_start, limit_page_length=limit_page_length, ignore_permissions=False)
@@ -41,7 +41,7 @@ def get(doctype, name=None, filters=None, parent=None):
 	:param name: return document of this `name`
 	:param filters: If name is not set, filter by these values and return the first match'''
 	if frappe.is_table(doctype):
-		check_parent_permission(parent)
+		check_parent_permission(parent, doctype)
 
 	if filters and not name:
 		name = frappe.db.get_value(doctype, json.loads(filters))
@@ -62,7 +62,7 @@ def get_value(doctype, fieldname, filters=None, as_dict=True, debug=False, paren
 	:param fieldname: Field to be returned (default `name`)
 	:param filters: dict or string for identifying the record'''
 	if frappe.is_table(doctype):
-		check_parent_permission(parent)
+		check_parent_permission(parent, doctype)
 
 	if not frappe.has_permission(doctype):
 		frappe.throw(_("No permission for {0}".format(doctype)), frappe.PermissionError)
@@ -314,9 +314,14 @@ def get_time_zone():
 	'''Returns default time zone'''
 	return {"time_zone": frappe.defaults.get_defaults().get("time_zone")}
 
-def check_parent_permission(parent):
+def check_parent_permission(parent, child_doctype):
 	if parent:
+		# User may pass fake parent and get the information from the child table
+		if child_doctype and not frappe.db.exists('DocField',
+			{'parent': parent, 'options': child_doctype}):
+			raise frappe.PermissionError
+
 		if frappe.permissions.has_permission(parent):
 			return
 	# Either parent not passed or the user doesn't have permission on parent doctype of child table!
-	raise frappe.PermissionError
+	raise frappe.PermissionError
\ No newline at end of file