Merge branch 'develop'

frappe/__version__.py

@@ -1,2 +1,2 @@
 from __future__ import unicode_literals
-__version__ = "4.13.1"
+__version__ = "4.13.2"

frappe/hooks.py

@@ -4,7 +4,7 @@ app_title = "Frappe Framework"
 app_publisher = "Web Notes Technologies Pvt. Ltd."
 app_description = "Full Stack Web Application Framework in Python"
 app_icon = "assets/frappe/images/frappe.svg"
-app_version = "4.13.1"
+app_version = "4.13.2"
 app_color = "#3498db"
 app_email = "support@frappe.io"
 

frappe/permissions.py

@@ -43,7 +43,7 @@ def has_permission(doctype, ptype="read", doc=None, verbose=True, user=None):
 
 		if role_permissions["apply_user_permissions"].get(ptype):
 			if not user_has_permission(doc, verbose=verbose, user=user,
-				user_permission_doctypes=role_permissions.get("user_permission_doctypes")):
+				user_permission_doctypes=role_permissions.get("user_permission_doctypes", {}).get(ptype) or []):
 				return False
 
 		if not has_controller_permissions(doc, ptype, user=user):
@@ -67,11 +67,11 @@ def get_doc_permissions(doc, verbose=False, user=None):
 	if not cint(meta.allow_import):
 		role_permissions["import"] = 0
 
-	if role_permissions.get("apply_user_permissions") and not user_has_permission(doc, verbose=verbose, user=user,
-		user_permission_doctypes=role_permissions.get("user_permission_doctypes")):
+	if role_permissions.get("apply_user_permissions"):
 		# no user permissions, switch off all user-level permissions
 		for ptype in role_permissions:
-			if role_permissions["apply_user_permissions"].get(ptype):
+			if role_permissions["apply_user_permissions"].get(ptype) and not user_has_permission(doc, verbose=verbose, user=user,
+		user_permission_doctypes=role_permissions.get("user_permission_doctypes", {}).get(ptype) or []):
 				role_permissions[ptype] = 0
 
 	return role_permissions
@@ -81,7 +81,7 @@ def get_role_permissions(meta, user=None):
 	cache_key = (meta.name, user)
 
 	if not frappe.local.role_permissions.get(cache_key):
-		perms = frappe._dict({ "apply_user_permissions": {} })
+		perms = frappe._dict({ "apply_user_permissions": {}, "user_permission_doctypes": {} })
 		user_roles = frappe.get_roles(user)
 
 		for p in meta.permissions:
@@ -98,9 +98,11 @@ def get_role_permissions(meta, user=None):
 					user_permission_doctypes = (json.loads(p.user_permission_doctypes)
 							if p.user_permission_doctypes else None)
 
-					if user_permission_doctypes and user_permission_doctypes not in perms.get("user_permission_doctypes", []):
-						# perms["user_permission_doctypes"] would be a list of list like [["User", "Blog Post"], ["User"]]
-						perms.setdefault("user_permission_doctypes", []).append(user_permission_doctypes)
+					if user_permission_doctypes:
+						# perms["user_permission_doctypes"][ptype] would be a list of list like [["User", "Blog Post"], ["User"]]
+						for ptype in rights:
+							if p.get(ptype):
+								perms["user_permission_doctypes"].setdefault(ptype, []).append(user_permission_doctypes)
 
 		for key, value in perms.get("apply_user_permissions").items():
 			if not value:
@@ -229,7 +231,6 @@ def get_user_permission_doctypes(user_permission_doctypes, user_permissions):
 	else:
 		user_permission_doctypes = [user_permissions.keys()]
 
-
 	if len(user_permission_doctypes) > 1:
 		# OPTIMIZATION
 		# if intersection exists, use that to reduce the amount of querying

frappe/public/js/frappe/misc/utils.js

@@ -203,6 +203,15 @@ frappe.utils = {
 		return arr;
 	},
 
+	all: function(lst) {
+		for(var i=0, l=lst.length; i<l; i++) {
+			if(!lst[i]) {
+				return false;
+			}
+		}
+		return true;
+	},
+
 	dict: function(keys,values) {
 		// make dictionaries from keys and values
 		var out = [];

setup.py

@@ -1,7 +1,7 @@
 from setuptools import setup, find_packages
 import os
 
-version = "4.13.1"
+version = "4.13.2"
 
 with open("requirements.txt", "r") as f:
 	install_requires = f.readlines()