Authorization in Frappe

1

Document Permissions

You can modify the behaviour of doc.has_permission document method for any DocType and add custom permission checking logic using the has_permission hook.

app/hooks.py

has_permission = {
    "Event": "app.permissions.event_has_permission",
}

The method will be passed the doc, user and permission_type as arguments. It should return True or a False value. If None is returned, it will fallback to default behaviour.

app/permissions.py

def event_has_permission(doc, user=None, permission_type=None):
    # when reading a document allow if event is Public
    if permission_type == "read" and doc.event_type == "Public":
        return True

    # when writing a document allow if event owned by user
    if permission_type == "write" and doc.owner == user:
        return True

    return False

This from frappe documentation, I implemented *has permission * hook like the example but I always got none value for permission_type parameter, So I can’t modify the logic as I want , So I wonder if there is any dependency should I inject on my code, or anything I have to take care about ? Thank you

2

Hi @Mohammed_Omar_Balous,

I haven’t try but check and try it.

If you are getting a None value for the permission_type parameter in your has_permission hook, it is likely because you are not specifying the permission type when checking the document permission in your code.

To specify the permission type, you can pass it as the third argument to the frappe.has_permission function. For example, if you want to check if the current user has permission to read a document of type MyDocType, you can do:

if frappe.has_permission("MyDocType", permission_type="read"):
    # allow read access
else:
    # deny read access

Make sure to pass the permission type when calling the frappe.has_permission function, and the permission_type parameter in your has_permission hook should no longer be None.

Thank You!

3

I will try it, thank you very much