vassili/seitime-frappe

Author	SHA1	Message	Date
Sagar Vora	ceb4ee8bf2	perf: get ancestors only if needed	2025-06-24 11:58:55 +05:30
Sagar Vora	86fcea4578	refactor: reduce duplication	2025-06-24 11:49:49 +05:30
Akhil Narang	519a298db3	fix: add back accidentally removed logging Signed-off-by: Akhil Narang <me@akhilnarang.dev>	2025-06-24 11:18:23 +05:30
Sagar Vora	e1f7556687	fix: ensure document name isn't None Signed-off-by: Akhil Narang <me@akhilnarang.dev>	2025-06-24 11:18:23 +05:30
Akhil Narang	60dd0377e8	refactor: store `hide_descendants` within user permissions data Signed-off-by: Akhil Narang <me@akhilnarang.dev>	2025-06-24 11:18:23 +05:30
Akhil Narang	6d8ebeb09f	fix: allow creating tree doctype if user permission grants access to the parent Signed-off-by: Akhil Narang <me@akhilnarang.dev>	2025-06-24 11:18:23 +05:30
Akhil Narang	2b51d4f4d7	Revert "fix: permission error when permission docname is none" This reverts commit `f1d0419fa8`. Signed-off-by: Akhil Narang <me@akhilnarang.dev>	2025-06-24 11:18:23 +05:30
Ankush Menat	726474db94	fix: skip strict perm while writing on local document too (#32927 ) It's harmless: https://github.com/frappe/frappe/pull/32798#issuecomment-2969391481	2025-06-13 15:42:24 +05:30
Ankush Menat	fe03ceb35e	fix: don't apply strict user permission on local document (#32798 )	2025-06-13 05:59:30 +00:00
Ankush Menat	bebabc3211	fix: Handle support for DocType and virtual By falling back to original impl with warning. This is just to allow "fearless usage".	2025-06-11 09:55:45 +05:30
Ankush Menat	beefdb9a1f	perf: use lazy doc for permission checks 🚀 Co-Authored-By: Sagar Vora <sagar@resilient.tech>	2025-06-11 09:55:45 +05:30
Ejaaz Khan	f1d0419fa8	fix: permission error when permission docname is none	2025-06-02 17:46:10 +05:30
Ankush Menat	dcf6a45537	chore: language	2025-05-17 18:02:47 +05:30
Ankush Menat	c70ba644a9	fix: Show doctype name in perm check errors (#32122 ) `meta.doctype` is always `DocType`	2025-04-14 12:29:51 +00:00
Sagar Vora	60b889c3b8	fix: ensure correct context in `sys.exc_info`	2025-02-19 17:33:53 +05:30
Sagar Vora	09459d1d27	fix: ensure exception is always returned	2025-02-19 12:38:43 +05:30
Sagar Vora	f4062b4d7a	fix: ensure consistent error in response	2025-02-19 12:10:59 +05:30
Ankush Menat	546260162d	perf: Skip link checking on internal deletes These are deletes that aren't user triggered and these documents are typically never "linked" somewhere else. So skip all expensive link / dynamic link checks.	2025-01-06 11:48:19 +05:30
Sumit Bhanushali	5d22ee7b2b	fix: check at doc level when if owner role permission is checked during export from report view (cherry picked from commit c7ad3296c9664f5d6b2946f46082f57b91c1bac8)	2024-12-09 07:22:32 +00:00
Akhil Narang	84ef6ec677	refactor: fixup with ruff 0.8.1 Signed-off-by: Akhil Narang <me@akhilnarang.dev>	2024-12-04 13:18:04 +05:30
Akhil Narang	d47057cbef	fix(permissions): cast docname to string Extension of #24988 Signed-off-by: Akhil Narang <me@akhilnarang.dev>	2024-10-22 13:09:43 +05:30
Sumit Bhanushali	847dd62ec0	feat: permission log	2024-09-30 14:54:32 +05:30
Ankush Menat	a1bb734079	fix: filter select perm in get_doctypes_with_read closes https://github.com/frappe/frappe/issues/26015 Extracted from https://github.com/frappe/frappe/pull/26018	2024-04-18 15:15:47 +05:30
Akhil Narang	306c923986	chore: minor code cleanup - Use walrus operator where possible - Drop redundant checks - we anyway can't iterate over an empty list Signed-off-by: Akhil Narang <me@akhilnarang.dev>	2024-04-10 17:22:45 +05:30
Revant Nandgaonkar	7e16e902d9	feat: allow wildcard for doctype in permission hooks (#25729 ) * feat: allow wildcard for doctype in permission hooks * fix: pass doctype to permission query * fix: combine methods instead of alternate * test: wildcard has_permssion hook * test: wildcard has_permssion make note public * fix: fetch list of hooks once	2024-04-10 11:44:37 +05:30
Ankush Menat	99952880cc	fix!: Don't let users with write access to UP bypass UP IDK why we truly need this, except maybe debugging sometimes. This just causes confusion and people keep reporting this as security issue.	2024-04-05 18:55:27 +05:30
barredterra	b6f12db08c	fix: translate doctype in user-facing error message	2024-02-24 02:39:29 +01:00
Ankush Menat	99bb5d0303	fix: Cast to string to handle int PK (#24988 )	2024-02-21 13:27:38 +00:00
Raffael Meyer	fc64e8a0fb	feat: pass doctype as context when translating label (#24903 )	2024-02-18 19:42:15 +05:30
Ankush Menat	72c2207e0f	refactor: useless use of dict in frappe.get_doc	2024-02-10 12:52:38 +05:30
Akhil Narang	26ae0f3460	fix: ruff fixes Signed-off-by: Akhil Narang <me@akhilnarang.dev>	2024-02-07 17:04:31 +05:30
Ankush Menat	de9ac89748	style: re-format with ruff	2024-02-05 18:53:33 +05:30
Gursheen Anand	f74939eb0c	fix: skip strict user perms for single doctypes	2024-01-18 16:10:20 +05:30
Ankush Menat	447f02e8d3	fix!: Remove misleading "raise_exception" (#24266 ) frappe.permission.has_permission won't accept raise_exception anymore, it was extremely misleading argument and actual purpose of the argument was to print perm check logs.	2024-01-11 08:24:18 +00:00
Ankush Menat	5ef8577cff	fix!: Stricter requirement for permission hooks (#24253 ) BREAKING CHANGE: before: `has_permission` hooks need to explicitly return "False" to block a user. after: `has_permission` hook need to explicitly return "True" (or truthy) value to allow user. They will be blocked otherwise. Why? Everything related to permission should be block by default and allow if some checks pass.	2024-01-11 01:35:08 +05:30
Ankush Menat	b3532024b5	fix: Accept "Falsy" values from perm controllers	2024-01-10 15:43:06 +05:30
Ankush Menat	914406d31b	feat: extend perm debugging to popular controllers - [x] File - [x] Communication	2024-01-10 15:16:52 +05:30
Ankush Menat	3a8fc90961	feat: permission debugger (#24239 ) * feat: permission debugger This PR adds a virtual doctype that can run has_permission for doctype-docname-user-ptype combinations and spit out detailed log for why/where some permissionw as denied or granted. This isn't supposed to be programatic, it's just textual dump of what code is doing. IMO a better debugger can be written but that will require extensive rewrite of perm checks first. All debugging, error messages in current systems are bolted on top with hacks to avoid messing with implementation. * fix: capture UP pass check * fix: reset docname on changing doctype * fix: docname is optional * fix: debug doctype perms	2024-01-10 09:29:13 +00:00
Ankush Menat	3349f2b6e6	fix: nested has_permission calls erase messages	2024-01-04 10:31:55 +05:30
Ankush Menat	04acd0bda4	fix: don't add fallback for child table (#24105 )	2024-01-03 12:18:06 +00:00
Hussain Nagaria	8d2137c265	docs: consistent doc strings	2023-12-18 18:27:39 +05:30
barredterra	c35476256f	refactor: simplify conditional logic Command: `sourcery review --fix --enable de-morgan .`	2023-12-05 11:14:41 +01:00
Sagar Vora	c561369330	fix: avoid double translation	2023-09-28 11:46:44 +05:30
Ankush Menat	0381f836d6	fix: update correct role permission rule Right now if you have if-owner rule on doctype then whatever you change will only apply to last inserted rule because we don't check if-owner value Long term better fix: Identify with perm rule name instead of arbitrary "primary keys" defined in code.	2023-09-18 13:45:20 +05:30
Ankush Menat	fb65ab1a4e	fix: notify when rule already exists	2023-09-18 12:28:14 +05:30
Ankush Menat	1b406edd54	feat: `Desk User` role	2023-08-28 22:31:23 +05:30
barredterra	b553ed98d8	refactor: inline immediately returned variable Inline a variable to a return in the case when the variable being declared is immediately returned	2023-08-08 18:09:49 +02:00
Ankush Menat	ada2e20af3	fix: has_permission check on int pk	2023-07-31 16:42:31 +05:30
Ankush Menat	14798146c7	fix: Conditionally show extra info for perm error (#21660 )	2023-07-12 22:22:34 +05:30
Ankush Menat	e4bae5c831	perf: faster doc shared checks - If document, explicitly query document - If checking doctype then put limit and only see if 1 record is returned.	2023-06-28 20:00:55 +05:30

1 2 3 4 5 ...

272 commits