feat: Disable Sharing globally (#20318) [backport] #20500
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* feat: Disable Sharing globally - Checkbox in System Settings - If disabled, avoid share UI render - Share APIs return None (non-obstructing) if share APIs are invoked * feat: Settings checkbox must toggle share permission globally - Treat feature like a perm toggler. Essentially noone is allowed to explicity share anything - Implicit sharing via `ignore_share_permissions` is allowed. Devs can decide where sharing should happen under the hood - UI is made read only and not hidden. Users must see who doc is already shared with - Make sure perm APIs used by share feature return false if sharing is disabled - Rename checkbox to `Disable Document Sharing` * test: (server side) Impact of disabling sharing on APIs - Also, fix missed system setting rename in `assign_to` * fix: Inform assigner if assignee lacks perms and sharing is disabled - misc: readable conditions * fix: throw instead of msgprint * fix: Typo and appropriate message for `throw` --------- Co-authored-by: Ankush Menat <ankush@frappe.io>
marination
requested review from
a team and
shariquerik
and removed request for
a team
marination
force-pushed
the
disable-sharing-globally-v13
branch
from
ec80709
to
834b0be
Compare
We throw instead of showing warning now
marination
force-pushed
the
disable-sharing-globally-v13
branch
from
834b0be
to
fe76082
Compare
[skip ci]
frappe-pr-bot
pushed a commit
that referenced
this pull request
Apr 4, 2023
# [13.52.0](v13.51.3...v13.52.0) (2023-04-04) ### Bug Fixes * better error logging while sending email ([#20570](#20570)) ([8ae4d55](8ae4d55)) * cannot restore cancelled document if workflow is active ([6206dc0](6206dc0)) * escape HTML instead of sanitizing ([68ad9cf](68ad9cf)) * fix address query for postgres ([616dd8b](616dd8b)), closes [/github.com//pull/20537#ref-pullrequest-1645575433](https://github.com//github.com/frappe/frappe/pull/20537/issues/ref-pullrequest-1645575433) * get workflow_state_fieldname instead of setting workflow_state to none ([3249aa2](3249aa2)) * removed unnecessary usage of `[@frappe](https://github.com/frappe).whitelist` ([#20503](#20503)) ([#20562](#20562)) ([08398cb](08398cb)) * rewrite query for postgres ([#20557](#20557)) ([#20558](#20558)) ([e400c5f](e400c5f)) ### Features * Disable Sharing globally ([#20318](#20318)) [backport] ([#20500](#20500)) ([758873c](758873c)) * make workflow state translatable ([#20412](#20412)) ([#20501](#20501)) ([1545fbd](1545fbd)) ### Performance Improvements * Faster address query with explicit joins (backport [#20537](#20537)) ([#20539](#20539)) ([955a723](955a723))
|
🎉 This PR is included in version 13.52.0 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Port of #20318
Docs: https://docs.erpnext.com/docs/v13/user/manual/en/setting-up/settings/system-settings/edit-wiki?wiki_page_patch=301c81b67e
The following is tested on a v13 site and the screenshots belong to the same:
Enable or Disable document sharing system wide
Checkbox in System Settings which is unchecked by default to maintain old behaviour
If enabled, system wide, no user will have share access to any document
The share button will be read only, no action (no share access). Although users can see who the doc is shared with (consistent with old behaviour)
On invoking the share API without
ignore_share_permissions(from the browser), a perm error is thrownIf any share API is invoked with
ignore_share_permissionsit will go through (consistent with old behaviour). [Creating a user, doc must be shared with the user themselves]assign_tois handled as a special case, where assigning a doc to a user will block the assignment if the user does not have access already. The assignee is expected to have access to the document otherwise assignments can be misused