From d4e9e87af69cb4d5d96f2f9fe8a0c29a8fb3f523 Mon Sep 17 00:00:00 2001 From: Anand Doshi Date: Fri, 17 Jul 2015 19:42:48 +0530 Subject: [PATCH] [fix] Share query is always ORed after the AND combination of User Permissions and DocType permission conditions --- frappe/model/db_query.py | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/frappe/model/db_query.py b/frappe/model/db_query.py index e73096663a..193e4ea5bb 100644 --- a/frappe/model/db_query.py +++ b/frappe/model/db_query.py @@ -270,7 +270,6 @@ class DatabaseQuery(object): """add match conditions if applicable""" self.match_filters = [] self.match_conditions = [] - only_if_shared = False if not self.tables: self.extract_tables() @@ -295,10 +294,6 @@ class DatabaseQuery(object): self.add_user_permissions(user_permissions, user_permission_doctypes=role_permissions.get("user_permission_doctypes").get("read")) - # share is an OR condition, if there is a role permission - if not only_if_shared and self.shared: - self.match_conditions.append(self.get_share_condition()) - if as_condition: conditions = "" if self.match_conditions: @@ -309,6 +304,14 @@ class DatabaseQuery(object): if doctype_conditions: conditions += (' and ' + doctype_conditions) if conditions else doctype_conditions + # share is an OR condition, if there is a role permission + if not only_if_shared and self.shared: + if conditions: + conditions = "({conditions}) or ({shared_condition})".format( + conditions=conditions, shared_condition=self.get_share_condition()) + else: + conditions = "{shared_condition}".format(shared_condition=self.get_share_condition()) + return conditions else: