vassili/seitime-frappe
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1

fix(permissions): check module perms for user before displaying icon

Browse source
This commit is contained in:
AarDG10 2026-01-28 10:08:03 +05:30
parent 45eb826194
commit ece97bb89c
1 changed files with 8 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
frappe/desk/doctype/desktop_icon/desktop_icon.py
View file

@ -79,6 +79,14 @@ class DesktopIcon(Document):
os.remove(file_path)
def is_permitted(self, bootinfo):
icon_module = None
if self.icon_type == "Link" and self.link_to:
icon_module = frappe.db.get_value("Workspace", self.link_to, "module")
# module permission check
if icon_module:
blocked_modules = frappe.get_cached_doc("User", frappe.session.user).get_blocked_modules()
if icon_module in blocked_modules:
return False
# perform a permission check based on roles table (desktop icons)
allowed_roles = [d.role for d in self.get("roles") or []]
if allowed_roles and not set(allowed_roles).intersection(frappe.get_roles()):