Merge pull request #17682 from resilient-tech/refactor-only-for
refactor: improve `frappe.only_for`
This commit is contained in:
gavin
GitHub
commit
e4fcf563d2
3 changed files with 31 additions and 23 deletions
|
|
@ -818,23 +818,30 @@ def write_only():
|
|||
return innfn
|
||||
|
||||
|
||||
def only_for(roles: list[str] | str, message=False):
|
||||
"""Raise `frappe.PermissionError` if the user does not have any of the given **Roles**.
|
||||
def only_for(roles: list[str] | tuple[str] | str, message=False):
|
||||
"""
|
||||
Raises `frappe.PermissionError` if the user does not have any of the permitted roles.
|
||||
|
||||
:param roles: List of roles to check."""
|
||||
if local.flags.in_test:
|
||||
:param roles: Permitted role(s)
|
||||
"""
|
||||
|
||||
if local.flags.in_test or local.session.user == "Administrator":
|
||||
return
|
||||
|
||||
if not isinstance(roles, (tuple, list)):
|
||||
if isinstance(roles, str):
|
||||
roles = (roles,)
|
||||
roles = set(roles)
|
||||
myroles = set(get_roles())
|
||||
if not roles.intersection(myroles):
|
||||
if message:
|
||||
msgprint(
|
||||
_("This action is only allowed for {}").format(bold(", ".join(roles))), _("Not Permitted")
|
||||
)
|
||||
raise PermissionError
|
||||
|
||||
if not set(roles).intersection(get_roles()):
|
||||
if not message:
|
||||
raise PermissionError
|
||||
|
||||
throw(
|
||||
_("This action is only allowed for {}").format(
|
||||
", ".join(bold(_(role)) for role in roles),
|
||||
),
|
||||
PermissionError,
|
||||
_("Not Permitted"),
|
||||
)
|
||||
|
||||
|
||||
def get_domain_data(module):
|
||||
|
|
|
|||
|
|
@ -4,19 +4,18 @@
|
|||
import frappe
|
||||
import frappe.utils.user
|
||||
from frappe.model import data_fieldtypes
|
||||
from frappe.permissions import check_admin_or_system_manager, rights
|
||||
from frappe.permissions import rights
|
||||
|
||||
|
||||
def execute(filters=None):
|
||||
frappe.only_for("System Manager")
|
||||
|
||||
user, doctype, show_permissions = (
|
||||
filters.get("user"),
|
||||
filters.get("doctype"),
|
||||
filters.get("show_permissions"),
|
||||
)
|
||||
|
||||
if not validate(user, doctype):
|
||||
return [], []
|
||||
|
||||
columns, fields = get_columns_and_fields(doctype)
|
||||
data = frappe.get_list(doctype, fields=fields, as_list=True, user=user)
|
||||
|
||||
|
|
@ -30,12 +29,6 @@ def execute(filters=None):
|
|||
return columns, data
|
||||
|
||||
|
||||
def validate(user, doctype):
|
||||
# check if current user is System Manager
|
||||
check_admin_or_system_manager()
|
||||
return user and doctype
|
||||
|
||||
|
||||
def get_columns_and_fields(doctype):
|
||||
columns = [f"Name:Link/{doctype}:200"]
|
||||
fields = ["`name`"]
|
||||
|
|
|
|||
|
|
@ -28,6 +28,14 @@ rights = (
|
|||
|
||||
|
||||
def check_admin_or_system_manager(user=None):
|
||||
from frappe.utils.commands import warn
|
||||
|
||||
warn(
|
||||
"The function check_admin_or_system_manager will be deprecated in version 15."
|
||||
'Please use frappe.only_for("System Manager") instead.',
|
||||
category=PendingDeprecationWarning,
|
||||
)
|
||||
|
||||
if not user:
|
||||
user = frappe.session.user
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue