[fix] print hide fields with higher perm levels - Fixes frappe/erpnext#4833

frappe/model/document.py

@@ -375,14 +375,21 @@ class Document(BaseDocument):
 					d.reset_values_if_no_permlevel_access(has_access_to, high_permlevel_fields)
 
 	def get_permlevel_access(self):
-		user_roles = frappe.get_roles()
-		has_access_to = []
-		for perm in self.meta.permissions:
-			if perm.role in user_roles and perm.permlevel > 0 and perm.write:
-				if perm.permlevel not in has_access_to:
-					has_access_to.append(perm.permlevel)
+		if not hasattr(self, "_has_access_to"):
+			user_roles = frappe.get_roles()
+			self._has_access_to = []
+			for perm in self.meta.permissions:
+				if perm.role in user_roles and perm.permlevel > 0 and perm.write:
+					if perm.permlevel not in self._has_access_to:
+						self._has_access_to.append(perm.permlevel)
 
-		return has_access_to
+		return self._has_access_to
+
+	def has_permlevel_access_to(self, fieldname, df=None):
+		if not df:
+			df = self.meta.get_field(fieldname)
+
+		return df.permlevel in self.get_permlevel_access()
 
 	def _set_defaults(self):
 		if frappe.flags.in_import:

frappe/templates/pages/print.py

@@ -265,6 +265,9 @@ def is_visible(df, doc):
 		if df.fieldname in doc.hide_in_print_layout:
 			return False
 
+	if df.permlevel > 0 and not doc.has_permlevel_access_to(df.fieldname, df):
+		return False
+
 	return not doc.is_print_hide(df.fieldname, df)
 
 def has_value(df, doc):