Hello,
I am trying to set permissions on a custom doctype so that the one accessing those data is either
- System Manager
- Owner
- or the receiver
the delivery doctype has a place field(link) and i have added a custom field to User doctype called place,
so that if the delivery place is the same as the user’s the user can access it even if they are not the owner or manager.
My code so far:
def get_permission_query_conditions(user):
if not user: user = frappe.session.user
if "System Manager" in frappe.get_roles(user):
return None
else:
userget = frappe.get_doc("User", user)
return """(tabDelivery.owner = '{user}' or tabDelivery.address_to = {userget.place})""" \
.format(user=frappe.db.escape(user))
def has_permission(doc, user):
if "System Manager" in frappe.get_roles(user):
return True
else:
return doc.owner == user or doc.address_to == user.place
i tried this but i am getting this error:
File “/home/frappe/frappe-bench/env/local/lib/python2.7/site-packages/MySQLdb/connections.py”, line 50, in defaulterrorhandler
raise errorvalue
OperationalError: (1054, “Unknown column ‘userget.place’ in ‘where clause’”)
any help is welcome
Looks like you forgot to tell python what to put in the {userget.place} placeholder
I dont understand,
can you elaborate please?
thanks
This seems to be the problematic part
You should have something like this instead:
userget = frappe.get_doc("User", user)
return """(tabDelivery.owner = '{user}' or tabDelivery.address_to = '{place}')"""\
.format(user=frappe.db.escape(user), place=userget.place)
Thanks,
this removes the error but unfortunately the other user(who is not the owner) cannot access it,
does it has to do with the second return of has_permission,
def get_permission_query_conditions(user):
if not user: user = frappe.session.user
if "System Manager" in frappe.get_roles(user):
return None
else:
userget = frappe.get_doc("User", user)
return """(tabDelivery.owner = '{user}' or tabDelivery.address_to = '{place}')""" \
.format(user=frappe.db.escape(user), place=userget.place)
The code so far
def has_permission(doc, user):
if "System Manager" in frappe.get_roles(user):
return True
#elif doc.owner == user or doc.address_to == user.place:
# return True
else:
# return False
return doc.owner == user or doc.address_to == user.place
The solution:
def get_permission_query_conditions(user):
if not user: user = frappe.session.user
if "System Manager" in frappe.get_roles(user):
return None
else:
userget = frappe.get_doc("User", user)
return """(tabDelivery.owner = '{user}' or tabDelivery.address_to = '{place}')""" \
.format(user=frappe.db.escape(user), place=userget.place)
def has_permission(doc, user):
if "System Manager" in frappe.get_roles(user):
return True
#elif doc.owner == user or doc.address_to == user.place:
# return True
else:
# return False
userplace = frappe.get_doc("User", user)
return doc.address_to == userplace.place or doc.owner == frappe.session.user