Hi,
We can filter timesheet based on the project included in timesheet details entry.
I want to add the condition to Timesheet listing page so that only those timesheet entries should be shown, which includes projects which are permitted to the session user.
Eg. Login user is a Project manager who has access to “Alpha Project” and “Beta Project”. So login user should only see those timesheets which include mentioned projects in their timesheet details.
Right now anyone can access anyone’s timesheet.
Is there a way to override default listing method where I can customize query to add where condition to filter timesheets by projects. I want to do this by using hooks in my custom application.
I don’t want to handle this from the script.
Please suggest a solution.
Thank you!!!
Yes you can achieve that by executing the get_permission_query_conditions in your custom app hook for Timesheet doctype, this will be achieved by the inner join between tabTimesheet table and tabTimesheet Details table by a little trick done with something like:
if 'System Manager' in frappe.get_roles(frappe.session.user):
return """(`tabTimesheet`.name in (SELECT name FROM `tabTimesheet` INNER JOIN
`tabTimesheet Details` ON `tabTimesheet`.name = ` tabTimesheet Details`.parent where
`tabTimesheet Details`.project in (select for_value from `tabUser Permission` where allow =
'Project' and user = '{0}')))""".format(frappe.session.user);
PS: The above code is not tested for syntax error but semantically it is a workaround
Hope it helps,
Thanks . But I used seperate query to fetch timesheet Id list containing user projects. Then added it in regular condition.
1 Like