* refactored code to add support in filters to get descendant or ancestor for tree type documents
* added semicolon and comments to imporve code quality
* refactored code to add not ancestor and not descendants of filters
* added test cases for ancestors of and descendants of
* Translate labels
* [fix] sanitize filters and or_filters to avoid sql injection
* add test cases for filter sanitizer
* codacy fix
* added test cases to test valid scenarios
* Overwrite "if owner" restriction*
- Overwrite "if owner" restriction if user has other valid roles
(with access rights) without if_owner enabled for it in doc perm
eg:
If a doctype has 2 docperm for Role A and Role B and the docperm with
Role A has if owner enabled.
Suppose User 1 has Role A, then User 1 should see only docs
which was created by him.
Now if User 2 has Role A and Role B, User 2 should be able to see all the
records because Role B has unrestricted access on doctype.
------------------------------------------------------
Previously in case of User 2, the restriction(of if owner) from Role A
used to reflect and User 2 was only able to view only records made by
him.
This commit will overwrite the if_owner restriction in such case.
- Refactor get_role_permission method
* Add advanced control for user permission
- Add ability to skip user permission check for specific doctype
* Refactor "linked with" method
- Add option to skip linked with doctype which has
ignore_user_permission enabled against them.
* Clear "linked with doctype" cache on doctype changes
* [Minor] Fix formatting
* Fix error and bugs in linked_with method
* Format code
* Add fix to get allowed docs from user_permission
* Fix has_user_permission bug
* Add before migrate patch for user permission
* Fix typo
* [start] removing simpler user permission structure
* permission changes
removed "apply user permission" from has_permission
* test fixes and other supporting fixes
* Removed Apply user permission code
* additional check to see if user has some user permissions related to a doctype
* test fixes
* removed a test
* Permission changes
- Code to restrict access if module is blocked for user.
- [Fix] ignore user perm if applicable
* List view restrictions ui changes
* removed unwanted apply user perm code
* permission (block module fix)
* permission fix
* change user permission
user permission will not be applied if user doesn't have role permission
* removed left "apply_user_permissions" property
* add user permission help template
* perm js refactor
* ui / ux changes
restrict list view before entering view if user is not permitterd
add description for if owner check in role permission manager
* codacy fixes
* permission code fix
add controller permission check
add blocked module check in build_permission
* optimized get blocked module method
* [fix] sanitize fields to avoid mysql injection
* sanitize sql statements to avoid subqueries
* Added test cases
* Raise exception if mysql injection found in fields and related test-cases
* [fix] riase exception if blacklistes function or keyworkds found in fields
