From ea8b7c9934e56b63f05e0e0f902c044ee4a3efde Mon Sep 17 00:00:00 2001
From: Anand Doshi <anand@erpnext.com>
Date: Fri, 5 Sep 2014 14:44:00 +0530
Subject: [PATCH] [fixes] Permission

---
 .../customize_form_field.json                 |  4 +--
 frappe/model/create_new.py                    | 21 ++++++-------
 frappe/permissions.py                         |  2 +-
 frappe/public/js/frappe/form/control.js       |  4 ---
 frappe/public/js/frappe/model/create_new.js   | 30 ++++++++++---------
 frappe/public/js/frappe/model/perm.js         |  3 +-
 6 files changed, 31 insertions(+), 33 deletions(-)

diff --git a/frappe/core/doctype/customize_form_field/customize_form_field.json b/frappe/core/doctype/customize_form_field/customize_form_field.json
index 00a368ee2b..23bb06dc1d 100644
--- a/frappe/core/doctype/customize_form_field/customize_form_field.json
+++ b/frappe/core/doctype/customize_form_field/customize_form_field.json
@@ -26,7 +26,7 @@
    "label": "Type", 
    "oldfieldname": "fieldtype", 
    "oldfieldtype": "Select", 
-   "options": "Button\nCheck\nCode\nColumn Break\nCurrency\nData\nDate\nDatetime\nFloat\nHTML\nImage\nInt\nLink\nLong Text\nPassword\nPercent\nRead Only\nSection Break\nSelect\nSmall Text\nTable\nText\nText Editor\nTime", 
+   "options": "Attach\nButton\nCheck\nCode\nColumn Break\nCurrency\nData\nDate\nDatetime\nDynamic Link\nFloat\nFold\nHTML\nImage\nInt\nLink\nLong Text\nPassword\nPercent\nRead Only\nSection Break\nSelect\nSmall Text\nTable\nText\nText Editor\nTime", 
    "permlevel": 0, 
    "print_hide": 0, 
    "reqd": 1, 
@@ -228,7 +228,7 @@
  "idx": 1, 
  "issingle": 0, 
  "istable": 1, 
- "modified": "2014-08-05 08:30:34.887505", 
+ "modified": "2014-09-05 03:47:29.743676", 
  "modified_by": "Administrator", 
  "module": "Core", 
  "name": "Customize Form Field", 
diff --git a/frappe/model/create_new.py b/frappe/model/create_new.py
index 7be5357cf8..8751690b47 100644
--- a/frappe/model/create_new.py
+++ b/frappe/model/create_new.py
@@ -40,22 +40,23 @@ def get_new_doc(doctype, parent_doc = None, parentfield = None):
 	return doc
 
 def get_default_value(df, defaults, user_permissions, parent_doc):
-	# 1 - look in user permissions
 	user_permissions_exist = (df.fieldtype=="Link"
 		and not getattr(df, "ignore_user_permissions", False)
 		and df.options in (user_permissions or []))
 
-	if user_permissions_exist and len(user_permissions[df.options])==1:
-		return user_permissions[df.options][0]
+	if df.fieldtype == "Link" and df.options != "User":
+		# 1 - look in user permissions
+		if user_permissions_exist and len(user_permissions[df.options])==1:
+			return user_permissions[df.options][0]
 
-	# 2 - Look in user defaults
-	user_default = defaults.get(df.fieldname)
-	is_allowed_user_default = user_default and (not user_permissions_exist
-		or (user_default in user_permissions.get(df.options, [])))
+		# 2 - Look in user defaults
+		user_default = defaults.get(df.fieldname)
+		is_allowed_user_default = user_default and (not user_permissions_exist
+			or (user_default in user_permissions.get(df.options, [])))
 
-	# is this user default also allowed as per user permissions?
-	if is_allowed_user_default:
-		return user_default
+		# is this user default also allowed as per user permissions?
+		if is_allowed_user_default:
+			return user_default
 
 	# 3 - look in default of docfield
 	if df.get("default"):
diff --git a/frappe/permissions.py b/frappe/permissions.py
index 9eeaf657f0..30cdbee603 100644
--- a/frappe/permissions.py
+++ b/frappe/permissions.py
@@ -226,7 +226,7 @@ def get_user_permission_doctypes(user_permission_doctypes, user_permissions):
 		user_permission_doctypes = [list(set(doctypes).intersection(set(user_permissions.keys())))
 			for doctypes in user_permission_doctypes]
 
-	if not user_permission_doctypes:
+	else:
 		user_permission_doctypes = [user_permissions.keys()]
 
 
diff --git a/frappe/public/js/frappe/form/control.js b/frappe/public/js/frappe/form/control.js
index 6299aa0c96..5ffb028da0 100644
--- a/frappe/public/js/frappe/form/control.js
+++ b/frappe/public/js/frappe/form/control.js
@@ -339,10 +339,6 @@ frappe.ui.form.ControlData = frappe.ui.form.ControlInput.extend({
 			} else
 				callback(v);
 		} else {
-			// trim strings!
-			if (typeof v==="string") {
-				v = v.trim();
-			}
 			callback(v);
 		}
 	}
diff --git a/frappe/public/js/frappe/model/create_new.js b/frappe/public/js/frappe/model/create_new.js
index a21fc384b6..f7832b1b03 100644
--- a/frappe/public/js/frappe/model/create_new.js
+++ b/frappe/public/js/frappe/model/create_new.js
@@ -75,26 +75,28 @@ $.extend(frappe.model, {
 	},
 
 	get_default_value: function(df, doc, parent_doc) {
-		// look in user permissions
 		var user_permissions = frappe.defaults.get_user_permissions();
 		var has_user_permissions = (df.fieldtype==="Link" && user_permissions
 			&& df.ignore_user_permissions != 1 && user_permissions[df.options]);
 
-		if (has_user_permissions && user_permissions[df.options].length===1) {
-			return user_permissions[df.options][0];
+		if (df.fieldtype==="Link" && df.options!=="User") {
+			// 1 - look in user permissions
+			if (has_user_permissions && user_permissions[df.options].length===1) {
+				return user_permissions[df.options][0];
+			}
+
+			// 2 - look in user defaults
+			var user_default = frappe.defaults.get_user_default(df.fieldname);
+			var is_allowed_user_default = user_default &&
+				(!has_user_permissions || user_permissions[df.options].indexOf(user_default)!==-1);
+
+			// is this user default also allowed as per user permissions?
+			if (is_allowed_user_default) {
+				return frappe.defaults.get_user_default(df.fieldname);
+			}
 		}
 
-		// look in user defaults
-		var user_default = frappe.defaults.get_user_default(df.fieldname);
-		var is_allowed_user_default = user_default &&
-			(!has_user_permissions || user_permissions[df.options].indexOf(user_default)!==-1);
-
-		// is this user default also allowed as per user permissions?
-		if (is_allowed_user_default) {
-			return frappe.defaults.get_user_default(df.fieldname);
-		}
-
-		// look in default of docfield
+		// 3 - look in default of docfield
 		if (df['default']) {
 
 			if (df["default"] == "__user") {
diff --git a/frappe/public/js/frappe/model/perm.js b/frappe/public/js/frappe/model/perm.js
index a723074f54..caa49646ef 100644
--- a/frappe/public/js/frappe/model/perm.js
+++ b/frappe/public/js/frappe/model/perm.js
@@ -155,9 +155,8 @@ $.extend(frappe.perm, {
 					out.push(valid_doctypes);
 				}
 			});
-		}
 
-		if (!out.length) {
+		} else {
 			out = [Object.keys(user_permissions)];
 		}