refactor: remove masking setting from System Settings

frappe/core/doctype/system_settings/system_settings.json

@@ -28,7 +28,6 @@
   "show_absolute_datetime_in_timeline",
   "permissions",
   "apply_strict_user_permissions",
-  "enable_data_masking",
   "column_break_21",
   "allow_older_web_view_links",
   "security_tab",
@@ -718,12 +717,6 @@
    "fieldtype": "Check",
    "label": "Show Absolute Datetime in Timeline"
   },
-  {
-   "default": "0",
-   "fieldname": "enable_data_masking",
-   "fieldtype": "Check",
-   "label": "Enable Data Masking"
-  },
   {
    "fieldname": "api_logging_section",
    "fieldtype": "Section Break",
@@ -739,7 +732,7 @@
  "icon": "fa fa-cog",
  "issingle": 1,
  "links": [],
- "modified": "2025-06-10 14:54:41.151334",
+ "modified": "2025-06-26 13:03:49.011134",
  "modified_by": "Administrator",
  "module": "Core",
  "name": "System Settings",

frappe/core/doctype/system_settings/system_settings.py

@@ -49,7 +49,6 @@ class SystemSettings(Document):
 		dormant_days: DF.Int
 		email_footer_address: DF.SmallText | None
 		email_retry_limit: DF.Int
-		enable_data_masking: DF.Check
 		enable_onboarding: DF.Check
 		enable_password_policy: DF.Check
 		enable_scheduler: DF.Check

frappe/desk/form/meta.py

@@ -60,24 +60,19 @@ def mask_protected_fields(meta):
 	):
 		return meta
 
-	if is_data_masking_enabled():
-		for df in meta.fields:
-			if df.mask and not meta.has_permlevel_access_to(
-				fieldname=df.fieldname, df=df, permission_type="mask"
-			):
-				# store orignal fieldtype and change fieldtype to Data
-				df.read_only = 1
-				df.mask_readonly = 1
-				df.set("old_fieldtype", df.get("old_fieldtype") or df.fieldtype)
-				if df.fieldtype != "Data":
-					df.fieldtype = "Data"
+	for df in meta.fields:
+		if df.mask and not meta.has_permlevel_access_to(
+			fieldname=df.fieldname, df=df, permission_type="mask"
+		):
+			# store orignal fieldtype and change fieldtype to Data
+			df.read_only = 1
+			df.mask_readonly = 1
+			df.set("old_fieldtype", df.get("old_fieldtype") or df.fieldtype)
+			if df.fieldtype != "Data":
+				df.fieldtype = "Data"
 	return meta
 
 
-def is_data_masking_enabled():
-	return frappe.db.get_single_value("System Settings", "enable_data_masking")
-
-
 class FormMeta(Meta):
 	def __init__(self, doctype, *, cached=True):
 		self.__dict__.update(frappe.get_meta(doctype, cached=cached).__dict__)

frappe/model/db_query.py

@@ -659,6 +659,16 @@ from {tables}
 				ignore_virtual=True,
 			)
 		)
+
+		# get_permitted_field = get_permitted_fields(
+		# 	doctype=self.doctype,
+		# 	parenttype=self.parent_doctype,
+		# 	permission_type=self.permission_map.get(self.doctype),
+		# 	ignore_virtual=True,
+		# )
+
+		print(self.doctype, self.permission_map.get(self.doctype), "permitted_fields \n\n\n\n")
+		# print(get_permitted_field, "get_permitted_field \n\n\n\n")
 		permitted_child_table_fields = {}
 
 		for i, field in enumerate(self.fields):

frappe/model/document.py

@@ -979,6 +979,7 @@ class Document(BaseDocument):
 			return
 
 		# check for child tables
+		print(high_permlevel_fields, "high_permlevel_fields \n\n\n")
 		for df in self.meta.get_table_fields():
 			high_permlevel_fields = frappe.get_meta(df.options).get_high_permlevel_fields()
 			if high_permlevel_fields: