From d08b0fa477dc0762256cc8ae7e9b057d3cff7998 Mon Sep 17 00:00:00 2001
From: Shariq Ansari <sharique.rik@gmail.com>
Date: Wed, 17 May 2023 17:39:08 +0530
Subject: [PATCH] fix: allow custom html block based on roles applied

if roles table is empty it will allow access
---
 frappe/desk/desktop.py                        | 21 +++++++++++++++++++
 .../custom_html_block/custom_html_block.json  | 17 +++++++++++++--
 2 files changed, 36 insertions(+), 2 deletions(-)

diff --git a/frappe/desk/desktop.py b/frappe/desk/desktop.py
index 7b700fdd3c..46cda8fe5d 100644
--- a/frappe/desk/desktop.py
+++ b/frappe/desk/desktop.py
@@ -204,6 +204,24 @@ class Workspace:
 
 		return item
 
+	def is_custom_block_permitted(self, custom_block_name):
+		from frappe.utils import has_common
+
+		allowed = [
+			d.role
+			for d in frappe.get_all("Has Role", fields=["role"], filters={"parent": custom_block_name})
+		]
+
+		if not allowed:
+			return True
+
+		roles = frappe.get_roles()
+
+		if has_common(roles, allowed):
+			return True
+
+		return False
+
 	@handle_not_exist
 	def get_links(self):
 		cards = self.doc.get_link_groups()
@@ -355,6 +373,9 @@ class Workspace:
 
 			for custom_block in custom_blocks:
 				if frappe.has_permission("Custom HTML Block", doc=custom_block.custom_block_name):
+					if not self.is_custom_block_permitted(custom_block.custom_block_name):
+						continue
+
 					# Translate label
 					custom_block.label = (
 						_(custom_block.label) if custom_block.label else _(custom_block.custom_block_name)
diff --git a/frappe/desk/doctype/custom_html_block/custom_html_block.json b/frappe/desk/doctype/custom_html_block/custom_html_block.json
index c0e92cb6b8..6c3d80fba9 100644
--- a/frappe/desk/doctype/custom_html_block/custom_html_block.json
+++ b/frappe/desk/doctype/custom_html_block/custom_html_block.json
@@ -15,7 +15,9 @@
   "js_message",
   "script",
   "css_section",
-  "style"
+  "style",
+  "roles_section",
+  "roles"
  ],
  "fields": [
   {
@@ -74,11 +76,22 @@
    "fieldtype": "HTML",
    "label": "HTML Message",
    "options": "<p>You cannot use global class on elements. The css for those classes will not be applied on this HTML, you will have to rewrite styles again in CSS field</p><p>For Example:</p>\n<pre class=\"p-3 bg-gray-100 border-radius rounded-sm mb-0\" style=\"width: fit-content;\"><code>// style for class m-3 will not work\n<br>&lt;div class=\"m-3\"&gt;&lt;/div&gt;<br>\n<br>// You will have to add style of m-3 in CSS field below like\n<br>.m-3 {\n<br>    margin: 14px!important\n<br>}\n</code></pre>"
+  },
+  {
+   "fieldname": "roles_section",
+   "fieldtype": "Section Break",
+   "label": "Roles"
+  },
+  {
+   "fieldname": "roles",
+   "fieldtype": "Table",
+   "label": "Roles",
+   "options": "Has Role"
   }
  ],
  "index_web_pages_for_search": 1,
  "links": [],
- "modified": "2023-05-17 16:51:32.449635",
+ "modified": "2023-05-17 17:17:04.232519",
  "modified_by": "Administrator",
  "module": "Desk",
  "name": "Custom HTML Block",