From 94c69f456374c2341ee9f8875227d57224bb273e Mon Sep 17 00:00:00 2001 From: barredterra <14891507+barredterra@users.noreply.github.com> Date: Wed, 22 May 2024 20:36:31 +0200 Subject: [PATCH 1/6] fix: don't automatically add system manager --- frappe/core/doctype/user/user.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/frappe/core/doctype/user/user.py b/frappe/core/doctype/user/user.py index f4ca1b0de4d..7c86f1d95b6 100644 --- a/frappe/core/doctype/user/user.py +++ b/frappe/core/doctype/user/user.py @@ -159,7 +159,7 @@ def validate(self): if self.name not in STANDARD_USERS: self.email = self.name self.validate_email_type(self.name) - self.add_system_manager_role() + self.move_role_profile_name_to_role_profiles() self.populate_role_profile_roles() self.check_roles_added() From 2aa1c736eafee2e27bc9d48b9f0ed93460dd2583 Mon Sep 17 00:00:00 2001 From: barredterra <14891507+barredterra@users.noreply.github.com> Date: Thu, 23 May 2024 14:42:21 +0200 Subject: [PATCH 2/6] feat: remove User.a_system_manager_should_exist --- frappe/core/doctype/user/user.py | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/frappe/core/doctype/user/user.py b/frappe/core/doctype/user/user.py index 7c86f1d95b6..88e29453a38 100644 --- a/frappe/core/doctype/user/user.py +++ b/frappe/core/doctype/user/user.py @@ -279,9 +279,6 @@ def check_enable_disable(self): if not cint(self.enabled) and self.name in STANDARD_USERS: frappe.throw(_("User {0} cannot be disabled").format(self.name)) - if not cint(self.enabled): - self.a_system_manager_should_exist() - # clear sessions if disabled if not cint(self.enabled) and getattr(frappe.local, "login_manager", None): frappe.local.login_manager.logout(user=self.name) @@ -528,20 +525,11 @@ def send_login_mail(self, subject, template, add_args, now=None, custom_template retry=3, ) - def a_system_manager_should_exist(self): - if self.is_system_manager_disabled(): - return - - if not self.get_other_system_managers(): - throw(_("There should remain at least one System Manager")) - def on_trash(self): frappe.clear_cache(user=self.name) if self.name in STANDARD_USERS: throw(_("User {0} cannot be deleted").format(self.name)) - self.a_system_manager_should_exist() - # disable the user and log him/her out self.enabled = 0 if getattr(frappe.local, "login_manager", None): From e53c687a38ba6a2e453c4a7331363fb440f00fcc Mon Sep 17 00:00:00 2001 From: barredterra <14891507+barredterra@users.noreply.github.com> Date: Thu, 23 May 2024 14:43:36 +0200 Subject: [PATCH 3/6] feat: remove User.add_system_manager_role --- frappe/core/doctype/user/user.py | 29 ----------------------------- 1 file changed, 29 deletions(-) diff --git a/frappe/core/doctype/user/user.py b/frappe/core/doctype/user/user.py index 88e29453a38..e69a4d9a47c 100644 --- a/frappe/core/doctype/user/user.py +++ b/frappe/core/doctype/user/user.py @@ -286,35 +286,6 @@ def check_enable_disable(self): # toggle notifications based on the user's status toggle_notifications(self.name, enable=cint(self.enabled), ignore_permissions=True) - def add_system_manager_role(self): - if self.is_system_manager_disabled(): - return - - # if adding system manager, do nothing - if not cint(self.enabled) or ( - "System Manager" in [user_role.role for user_role in self.get("roles")] - ): - return - - if ( - self.name not in STANDARD_USERS - and self.user_type == "System User" - and not self.get_other_system_managers() - and cint(frappe.db.get_single_value("System Settings", "setup_complete")) - ): - msgprint(_("Adding System Manager to this User as there must be atleast one System Manager")) - self.append("roles", {"doctype": "Has Role", "role": "System Manager"}) - - if self.name == "Administrator": - # Administrator should always have System Manager Role - self.extend( - "roles", - [ - {"doctype": "Has Role", "role": "System Manager"}, - {"doctype": "Has Role", "role": "Administrator"}, - ], - ) - def is_system_manager_disabled(self): return frappe.db.get_value("Role", {"name": "System Manager"}, ["disabled"]) From 1de307a836d870dfa6ced18f0fb07fa6a6c3ce7b Mon Sep 17 00:00:00 2001 From: barredterra <14891507+barredterra@users.noreply.github.com> Date: Thu, 23 May 2024 14:44:09 +0200 Subject: [PATCH 4/6] feat: remove User.is_system_manager_disabled --- frappe/core/doctype/user/user.py | 3 --- 1 file changed, 3 deletions(-) diff --git a/frappe/core/doctype/user/user.py b/frappe/core/doctype/user/user.py index e69a4d9a47c..636107c6312 100644 --- a/frappe/core/doctype/user/user.py +++ b/frappe/core/doctype/user/user.py @@ -286,9 +286,6 @@ def check_enable_disable(self): # toggle notifications based on the user's status toggle_notifications(self.name, enable=cint(self.enabled), ignore_permissions=True) - def is_system_manager_disabled(self): - return frappe.db.get_value("Role", {"name": "System Manager"}, ["disabled"]) - def email_new_password(self, new_password=None): if new_password and not self.flags.in_insert: _update_password(user=self.name, pwd=new_password, logout_all_sessions=self.logout_all_sessions) From 9a3a66b008325931c8c77e637ec37ff2b6c56e84 Mon Sep 17 00:00:00 2001 From: barredterra <14891507+barredterra@users.noreply.github.com> Date: Thu, 23 May 2024 14:44:45 +0200 Subject: [PATCH 5/6] feat: remove User.get_other_system_managers --- frappe/core/doctype/user/user.py | 14 -------------- 1 file changed, 14 deletions(-) diff --git a/frappe/core/doctype/user/user.py b/frappe/core/doctype/user/user.py index 636107c6312..e5633cc058c 100644 --- a/frappe/core/doctype/user/user.py +++ b/frappe/core/doctype/user/user.py @@ -395,20 +395,6 @@ def reset_password(self, send_email=False, password_expired=False): return link - def get_other_system_managers(self): - user_doctype = DocType("User").as_("user") - user_role_doctype = DocType("Has Role").as_("user_role") - return ( - frappe.qb.from_(user_doctype) - .from_(user_role_doctype) - .select(user_doctype.name) - .where(user_role_doctype.role == "System Manager") - .where(user_doctype.enabled == 1) - .where(user_role_doctype.parent == user_doctype.name) - .where(user_role_doctype.parent.notin(["Administrator", self.name])) - .limit(1) - ).run() - def get_fullname(self): """get first_name space last_name""" return (self.first_name or "") + (self.first_name and " " or "") + (self.last_name or "") From 05dfa1952d9c8f8b2ef81baaf7bb4c1e9c836a41 Mon Sep 17 00:00:00 2001 From: barredterra <14891507+barredterra@users.noreply.github.com> Date: Fri, 24 May 2024 10:17:08 +0200 Subject: [PATCH 6/6] feat: add "System Manager" role to User created by setup wizard --- frappe/desk/page/setup_wizard/setup_wizard.py | 1 + 1 file changed, 1 insertion(+) diff --git a/frappe/desk/page/setup_wizard/setup_wizard.py b/frappe/desk/page/setup_wizard/setup_wizard.py index 0e0d395a6fb..6f2c22c9fcc 100755 --- a/frappe/desk/page/setup_wizard/setup_wizard.py +++ b/frappe/desk/page/setup_wizard/setup_wizard.py @@ -220,6 +220,7 @@ def create_or_update_user(args): # nosemgrep } ) user.append_roles(*_get_default_roles()) + user.append_roles("System Manager") user.flags.no_welcome_mail = True user.insert()