2026-03-23 17:34:51 +05:30

153 lines
3.8 KiB
Python

import frappe
@frappe.whitelist()
def get_user_roles():
"""Get roles for the current logged-in user - no permission check needed"""
user = frappe.session.user
if not user or user == "Guest":
return []
# Get roles using ignore_permissions
roles = frappe.get_roles(user)
return roles
@frappe.whitelist()
def get_user_info_with_roles():
"""Get current user info along with their roles"""
user = frappe.session.user
if not user or user == "Guest":
return {"user": None, "roles": []}
roles = frappe.get_roles(user)
return {
"user": user,
"roles": roles,
"full_name": frappe.db.get_value("User", user, "full_name")
}
@frappe.whitelist(allow_guest=False)
def check_has_role(roles):
"""Check if current user has any of the specified roles
Args:
roles: comma-separated string or list of role names
Returns:
dict with has_role (bool) and matching_roles (list)
"""
user = frappe.session.user
if not user or user == "Guest":
return {"has_role": False, "matching_roles": [], "user_roles": []}
# Handle both string and list input
if isinstance(roles, str):
check_roles = [r.strip() for r in roles.split(",")]
else:
check_roles = roles
user_roles = frappe.get_roles(user)
matching_roles = [r for r in check_roles if r in user_roles]
return {
"has_role": len(matching_roles) > 0,
"matching_roles": matching_roles,
"user_roles": user_roles
}
@frappe.whitelist()
def get_users_with_role(role):
"""
Get all enabled users who have a specific role
Args:
role: Role name (e.g., 'Technician')
Returns:
List of users with name and full_name
"""
if not role:
return []
# Get all users who have this role from Has Role child table
users_with_role = frappe.get_all(
"Has Role",
filters={
"role": role,
"parenttype": "User"
},
fields=["parent"],
distinct=True
)
if not users_with_role:
return []
user_names = [u.parent for u in users_with_role]
# Get user details for enabled users only
user_details = frappe.get_all(
"User",
filters={
"name": ["in", user_names],
"enabled": 1
},
fields=["name", "full_name"],
order_by="full_name asc"
)
return user_details
@frappe.whitelist()
def has_create_permission(doctype):
"""
Check if current user has create permission for a doctype
Uses ignore_permissions to query Custom DocPerm
"""
user = frappe.session.user
if not user or user == "Guest":
return {"has_permission": False, "reason": "Not logged in"}
# Get user's roles
user_roles = frappe.get_roles(user)
# System Manager and Administrator always have permission
if "System Manager" in user_roles or "Administrator" in user_roles:
return {
"has_permission": True,
"reason": "System Manager/Administrator",
"role": "System Manager"
}
# Check Custom DocPerm with ignore_permissions=True
custom_perms = frappe.get_all(
"Custom DocPerm",
filters={
"parent": doctype,
"role": ["in", user_roles],
"create": 1
},
fields=["name", "role"],
ignore_permissions=True, # ← This is the key!
limit=1
)
if custom_perms and len(custom_perms) > 0:
return {
"has_permission": True,
"reason": "Custom DocPerm",
"role": custom_perms[0].get("role")
}
return {
"has_permission": False,
"reason": "No create permission found in Custom DocPerm"
}