Skip to content

Commit

Permalink
Merge pull request #1888 from frappe/mergify/bp/version-15-hotfix/pr-…
Browse files Browse the repository at this point in the history 
…1887

fix(PWA): make approval fields & buttons permission sensitive based on permlevel (backport #1887)
  • Loading branch information
@ruchamahabal
ruchamahabal committed Jun 12, 2024
2 parents 6e22a2a + aa6d4c4 commit 9e0f9ce
Show file tree
Hide file tree
Showing 6 changed files with 83 additions and 10 deletions.
21 changes: 18 additions & 3 deletions frontend/src/components/FormView.vue
View file
Original file line number Diff line number Diff line change
Expand Up @@ -100,7 +100,7 @@
:options="field.options"
:linkFilters="field.linkFilters"
:documentList="field.documentList"
:readOnly="Boolean(field.read_only) || isFormReadOnly"
:readOnly="isFieldReadOnly(field)"
:reqd="Boolean(field.reqd)"
:hidden="Boolean(field.hidden)"
:errorMessage="field.error_message"
Expand Down Expand Up @@ -141,7 +141,7 @@
:options="field.options"
:linkFilters="field.linkFilters"
:documentList="field.documentList"
:readOnly="Boolean(field.read_only) || isFormReadOnly"
:readOnly="isFieldReadOnly(field)"
:reqd="Boolean(field.reqd)"
:hidden="Boolean(field.hidden)"
:errorMessage="field.error_message"
Expand Down Expand Up @@ -586,6 +586,12 @@ const documentResource = createDocumentResource({
const docPermissions = createResource({
url: "frappe.client.get_doc_permissions",
params: { doctype: props.doctype, docname: props.id },
})
const permittedWriteFields = createResource({
url: "hrms.api.get_permitted_fields_for_write",
params: { doctype: props.doctype },
})
const formButton = computed(() => {
Expand All @@ -610,6 +616,14 @@ function hasPermission(action) {
return docPermissions.data?.permissions[action]
}
function isFieldReadOnly(field) {
return (
Boolean(field.read_only)
|| isFormReadOnly.value
|| (props.id && !permittedWriteFields.data?.includes(field.fieldname))
)
}
function handleDocInsert() {
if (!validateMandatoryFields()) return
docList.insert.submit(formModel.value)
Expand Down Expand Up @@ -736,7 +750,8 @@ onMounted(async () => {
if (props.id) {
await documentResource.get.promise
formModel.value = { ...documentResource.doc }
await docPermissions.fetch({ doctype: props.doctype, docname: props.id })
await docPermissions.reload()
await permittedWriteFields.reload()
await attachedFiles.reload()
await setFormattedCurrency()
Expand Down
25 changes: 22 additions & 3 deletions frontend/src/components/RequestActionSheet.vue
View file
Original file line number Diff line number Diff line change
Expand Up @@ -80,7 +80,7 @@
/>
<div
v-else-if="['Open', 'Draft'].includes(document?.doc?.[approvalField])"
v-else-if="['Open', 'Draft'].includes(document?.doc?.[approvalField]) && hasPermission('approval')"
class="flex w-full flex-row items-center justify-between gap-3 sticky bottom-0 border-t z-[100] p-4"
>
<Button
Expand Down Expand Up @@ -111,7 +111,8 @@
<div
v-else-if="
document?.doc?.docstatus === 0 &&
['Approved', 'Rejected'].includes(document?.doc?.[approvalField])
['Approved', 'Rejected'].includes(document?.doc?.[approvalField]) &&
hasPermission('submit')
"
class="flex w-full flex-row items-center justify-between gap-3 sticky bottom-0 border-t z-[100] p-4"
>
Expand All @@ -125,7 +126,7 @@
</div>
<div
v-else-if="document?.doc?.docstatus === 1"
v-else-if="document?.doc?.docstatus === 1 && hasPermission('cancel')"
class="flex w-full flex-row items-center justify-between gap-3 sticky bottom-0 border-t z-[100] p-4"
>
<Button
Expand Down Expand Up @@ -210,6 +211,24 @@ const attachedFiles = createResource({
},
})
const docPermissions = createResource({
url: "frappe.client.get_doc_permissions",
params: { doctype: props.modelValue.doctype, docname: props.modelValue.name },
auto: true,
})
const permittedWriteFields = createResource({
url: "hrms.api.get_permitted_fields_for_write",
params: { doctype: props.modelValue.doctype },
auto: true,
})
function hasPermission(action) {
if (action === "approval")
return permittedWriteFields.data?.includes(approvalField.value)
return docPermissions.data?.permissions[action]
}
const currency = computed(() => {
let docCurrency = document?.doc?.currency
Expand Down
3 changes: 0 additions & 3 deletions frontend/src/composables/workflow.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,6 @@ export default function useWorkflow(doctype) {
url: "hrms.api.get_workflow",
params: { doctype: doctype },
cache: ["hrms:workflow", doctype],
onSuccess: (data) => {
console.log("Workflow loaded successfully ✅", data)
},
})
workflowDoc.reload()

Expand Down
1 change: 1 addition & 0 deletions frontend/src/views/expense_claim/Form.vue
View file
Original file line number Diff line number Diff line change
Expand Up @@ -214,6 +214,7 @@ function getFilteredFields(fields) {
"is_paid",
"mode_of_payment",
"clearance_date",
"approval_status",
]
if (!props.id) excludeFields.push(...extraFields)
Expand Down
7 changes: 7 additions & 0 deletions hrms/api/__init__.py
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
import frappe
from frappe import _
from frappe.model import get_permitted_fields
from frappe.model.workflow import get_workflow_name
from frappe.query_builder import Order
from frappe.utils import getdate, strip_html
Expand Down Expand Up @@ -641,3 +642,9 @@ def get_workflow_state_field(doctype: str) -> str | None:
def get_allowed_states_for_workflow(workflow: dict, user_id: str) -> list[str]:
user_roles = frappe.get_roles(user_id)
return [transition.state for transition in workflow.transitions if transition.allowed in user_roles]


# Permissions
@frappe.whitelist()
def get_permitted_fields_for_write(doctype: str) -> list[str]:
return get_permitted_fields(doctype, permission_type="write")
36 changes: 35 additions & 1 deletion hrms/hr/doctype/expense_claim/expense_claim.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -112,6 +112,7 @@
"label": "Approval Status",
"no_copy": 1,
"options": "Draft\nApproved\nRejected",
"permlevel": 1,
"search_index": 1
},
{
Expand Down Expand Up @@ -387,7 +388,7 @@
"idx": 1,
"is_submittable": 1,
"links": [],
"modified": "2024-04-17 19:38:30.373122",
"modified": "2024-06-12 15:56:45.609119",
"modified_by": "Administrator",
"module": "HR",
"name": "Expense Claim",
Expand Down Expand Up @@ -447,6 +448,39 @@
"share": 1,
"submit": 1,
"write": 1
},
{
"permlevel": 1,
"read": 1,
"role": "HR Manager",
"write": 1
},
{
"permlevel": 1,
"read": 1,
"role": "HR User",
"write": 1
},
{
"delete": 1,
"email": 1,
"permlevel": 1,
"print": 1,
"read": 1,
"report": 1,
"role": "Expense Approver",
"share": 1,
"write": 1
},
{
"email": 1,
"export": 1,
"permlevel": 1,
"print": 1,
"read": 1,
"report": 1,
"role": "All",
"share": 1
}
],
"search_fields": "employee,employee_name",
Expand Down

0 comments on commit 9e0f9ce

Please sign in to comment.