The design of User Permissions is dangerous

We came up with this extension. It is used with custom frappe framework apps. It is not currently used with ERPNext. It should work.

https://frappe-manual-castlecraft-b249c70d8b6d99bd095c0ef03e4a3115a94f5.gitlab.io/framework-extensions/doctypes/permission-rule/

Home page: https://frappe-manual-castlecraft-b249c70d8b6d99bd095c0ef03e4a3115a94f5.gitlab.io/

3 Likes

revant_one Seems great.
Is it publicly available?

Repositories are mentioned in there.

6 Likes

@revant_one Thanks

I found interesting stuff, but it is not readable as the CSS is not working correctly, so the content is not readable , please look into to fix

You’re visiting pages that are moved.

Access it from here https://frappe-manual-castlecraft-b249c70d8b6d99bd095c0ef03e4a3115a94f5.gitlab.io

5 Likes

@revant_one, Probably I’ll never be able to learn 3%, but … thanks for sharing your treasure vault.

Baby Hat GIF

2 Likes

I had the similar case, but here looking for workaround.

I unchecked the field Hide Descendants

And then by using the code in from hrms.hr.utils import share_doc_with_approver have shared the entries with other users.
The only benefits I had was majority cases we needed to hide the entries from the manager or approvers, so using the solution was possible.
image

None can defend possible leaks in the roles and permissions of ERPNext unfortunately. If you’re willing to spend ages, you can control sensitive data acces… That is generally only salary data.
Shame when you have such a powerful tool for Salary Calculations.

this was indeed an interesting read actually