New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(Data Import): don't rely on permission for Data Import Log (backport #26228) #26251
Merged
ankush
merged 3 commits into
version-15-hotfix
from
mergify/bp/version-15-hotfix/pr-26228
May 1, 2024
Merged
fix(Data Import): don't rely on permission for Data Import Log (backport #26228) #26251
ankush
merged 3 commits into
version-15-hotfix
from
mergify/bp/version-15-hotfix/pr-26228
May 1, 2024
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
(cherry picked from commit 774f5cc) # Conflicts: # frappe/core/doctype/data_import_log/data_import_log.json
This comment was marked as outdated.
This comment was marked as outdated.
github-actions
bot
added
the
add-test-cases
Add test case to validate fix or enhancement
label
Apr 30, 2024
barredterra
added
dont-merge
and removed
conflicts
add-test-cases
Add test case to validate fix or enhancement
labels
Apr 30, 2024
frappe-pr-bot
pushed a commit
that referenced
this pull request
May 7, 2024
# [15.26.0](v15.25.0...v15.26.0) (2024-05-07) ### Bug Fixes * allow accessing reports without roles ([b2950d2](b2950d2)) * Apply configured perms on address list ([#26334](#26334)) ([#26336](#26336)) ([e2c8436](e2c8436)) * args is a stringified JSON ([5f25ae6](5f25ae6)) * automatic logo width ([#26273](#26273)) ([#26278](#26278)) ([f60be3c](f60be3c)) * changes for scheduler reliability (backport [#26292](#26292)) ([#26294](#26294)) ([d72c6ec](d72c6ec)) * **Data Import:** don't rely on permission for Data Import Log (backport [#26228](#26228)) ([#26251](#26251)) ([113de20](113de20)) * **Data Import:** scheduler not needed in dev mode (backport [#24667](#24667)) ([#26265](#26265)) ([9ce789e](9ce789e)) * disabled user login from login via link feature ([#26134](#26134)) ([#26141](#26141)) ([3ac1eda](3ac1eda)) * don't add creation index if one exists ([#26295](#26295)) ([f183a31](f183a31)) * **Geo:** change Canadian dates to ISO 8601 format ([9dec74b](9dec74b)) * init db conn for unbuffered cursor if not set ([#26220](#26220)) ([#26257](#26257)) ([1fac55d](1fac55d)) * like filter from meta filters ([#26311](#26311)) ([#26313](#26313)) ([13535a6](13535a6)) * lstrip for query writes detection ([#26180](#26180)) ([#26253](#26253)) ([97355f9](97355f9)) * misc sys health report fixes (backport [#26262](#26262)) ([#26290](#26290)) ([889eb9a](889eb9a)) * **Navbar Settings:** reload page after save ([#26274](#26274)) ([#26276](#26276)) ([20b3643](20b3643)) * **oauth2:** refresh token is optional ([#26266](#26266)) ([#26272](#26272)) ([e3f15d0](e3f15d0)), closes [/www.rfc-editor.org/rfc/rfc6749#section-5](https://github.com//www.rfc-editor.org/rfc/rfc6749/issues/section-5) * only redirect to same domain ([#26304](#26304)) ([#26306](#26306)) ([475189c](475189c)) * QB name in error message ([#26345](#26345)) ([#26348](#26348)) ([6e8de81](6e8de81)) * reportview average of ints should be float ([#26284](#26284)) ([#26288](#26288)) ([11f041b](11f041b)) * Treeview DB lookup should perform the same preperation operations as method update_nsm in file nestedset.py ([#26199](#26199)) ([7d25aed](7d25aed)) ### Features * improved update notifications (backport [#26314](#26314)) ([#26320](#26320)) ([24be120](24be120)) * link field filter backport v15 ([#25966](#25966)) ([9a15191](9a15191)), closes [#22844](#22844) * workspace extraction improvements ([#26169](#26169)) ([7d6a40a](7d6a40a)) ### Performance Improvements * Avoid caching `module_app` ([#26349](#26349)) ([#26351](#26351)) ([8961a96](8961a96)) * avoid two layer cache of timezone (backport [#26340](#26340)) ([#26342](#26342)) ([d802eb6](d802eb6)) * Reduce 1 redis call while dumping monitor logs ([#26337](#26337)) ([#26339](#26339)) ([32dbc5a](32dbc5a)) * Reuse cached user for `get_user_lang` ([#26350](#26350)) ([#26355](#26355)) ([e1048a8](e1048a8))
🎉 This PR is included in version 15.26.0 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Problem
This error occurs on opening a Data Import as a non-System Manager (perms granted via Role Permission Manager):
Proposed solution
A user who has read permissions on a Data Import should be able to view it, without requiring additional read permissions on Data Import Log.
Data Import Log is just a helper doctype, similar to a child table, and it would be hard to grant appropriate permissions here. The permissions should depend on the related Data Import.
Changes
This is an automatic backport of pull request fix(Data Import): don't rely on permission for Data Import Log #26228 done by Mergify.