According to my understanding, public workspaces are meant to be shown to all users, wheter or not they have the ‘Workspace Manager’ role.
I’m using erpnext/frappe dev branches, and found out that if I a create a public workspace with user A, it is not accesible by user B if user B has not the ‘Workspace Manager’ role.
Digging deeper, I found this piece of code:
self.page_name = page.get("name")
self.page_title = page.get("title")
self.public_page = page.get("public")
self.workspace_manager = "Workspace Manager" in frappe.get_roles()
self.user = frappe.get_user()
self.allowed_modules = self.get_cached("user_allowed_modules", self.get_allowed_modules)
self.doc = frappe.get_cached_doc("Workspace", self.page_name)
if (
self.doc
and self.doc.module
and self.doc.module not in self.allowed_modules
and not self.workspace_manager
):
raise frappe.PermissionError
Crucial part is and not self.workspace_manager, which leads to the problem…
Is there something I’m missing out? Or this is a bug?
So after digging deeper I came to some insights I’d like to share, as they highlight something a bit unexpected.
I wanted to show a custom workspace in the ERPNext sidebar. My initial assumption was that the way to do this was by assigning the workspace to the “ERPNext Integrations” module. However, in order for a user to actually see that workspace, the module itself must also contain at least one DocType that the user has access to. I had to create a dummy doctype for that porpouse (which doesn’t feel really natural).
This is due to how build_permissions(self) function works.
Contributors may consider if this is the best way to calculate ‘allowed modules’. This had me stuck for a while. Hopefully this helps someone else as well.
