User getting forced Logout with custom script

What I have done,
Whenever a user enters the lead, I create a default event for that day,
So it has two piece of code

frappe.ui.form.on("Lead", {
  after_save: function (frm) {
    // Triggered after the Lead form is saved
    // Get creation and modification timestamps
    const creation_time = frm.doc.creation
      ? frm.doc.creation.replace("T", " ").replace("Z", "")
      : null;
    const modified_time = frm.doc.modified
      ? frm.doc.modified.replace("T", " ").replace("Z", "")
      : null;

    // Check if the lead is new (not yet modified)
    if (creation_time && modified_time && creation_time === modified_time) {
      console.log("New Lead saved. Initiating event creation process.");

      const lead_name =;
      const sales_person = frm.doc.sales_person;
      const lead_owner = frm.doc.lead_owner;

      // Call the backend API to create an event for the new lead{
        method: "phillip_custom.online_lead_to_lead.create_event_for_lead",
        args: {
          lead_name: lead_name,
          sales_person: sales_person,
          lead_owner: lead_owner,
        callback: function (response) {
          if (response.message) {
              "Today's Follow-up created successfully for the lead."
            // window.location.reload();
          } else {
              "Failed to create event for the lead. Please try again.",
    } else {
      console.log("Existing Lead saved. Skipping event creation process.");

Server side:

def create_event_for_lead(lead_name, sales_person,lead_owner,is_import):
        today = getdate()
        event = frappe.new_doc("Event")
        event.subject = f"Follow-up Meeting for Lead {lead_name}"
        event.starts_on = today
        event.sales_person = sales_person  # Set the salesperson as the owner of the event
        event.owner = lead_owner  # Set the salesperson as the owner of the event
        event.created_by = lead_owner
        event.modified_by =lead_owner
         # Associate the lead with the event
        event_participants = frappe.new_doc("Event Participants")
        event_participants.created_by = lead_owner
        event_participants.modified_by = lead_owner
        event_participants.reference_doctype = "Lead"
        event_participants.reference_docname = lead_name
        event_participants.parent =
        event_participants.parentfield = "event_participants"
        event_participants.parenttype = "Event"
        return event

Also tried commenting this code


But whenever user enters the lead and save it lead the lead gets saved but he faces below issue.and also gets loggout


Can you trace back what piece of code in (custom or core) client script make a call to erpnext.crm.utils.get_open_activites ?

If you disable/comment your client script, it is still happen ?

Yes if I stop client script then it works properly,
Get activities is called when lead gets stored and page gets loaded.
Problem seems to be my code, where may be the user is getting logout and after that the code is trying to load activites

@NCP Can you please, Help ? The issues seems to from my side,but not able to find it

It works perfectly if i stop client-script

All calls to a server side script validates if the method being called is whitelisted.

Try adding this decorator above the function definition.

def create_event_for_lead

It should work.

The method is already,white listed

Why set user?
frappe.flags.in_import = is_import as the first line on the python function and remove the set_user

Oh, okay didn’t read carefully through the whole post sorry.

What version are you using?
Is get_open_activities in crm.utils whitelisted in that version?

If so, then could you try giving permission for the Task and ToDo doctypes?

Ofcourse if we could find out when this function is being called, it’d be better.