[fresh install] [fix] replace allow roles with explicit has_permission checks for doctype py files

accounts/doctype/mis_control/mis_control.py

@@ -35,8 +35,6 @@ class DocType:
 		self.account_list = []
 		self.ac_details = {} # key: account id, values: debit_or_credit, lft, rgt
 		
-		self.roles = webnotes.user.get_roles()
-
 		self.period_list = []
 		self.period_start_date = {}
 		self.period_end_date = {}
@@ -44,7 +42,7 @@ class DocType:
 		self.fs_list = []
 		self.root_bal = []
 		self.flag = 0
-
+		
 	# Get defaults on load of MIS, MIS - Comparison Report and Financial statements
 	# ----------------------------------------------------
 	def get_comp(self):
@@ -75,6 +73,7 @@ class DocType:
 		ret['month'] = mon
 
 		# ------------------------ get MIS Type on basis of roles of session user ------------------------------------------
+		self.roles = webnotes.user.get_roles()
 		if has_common(self.roles, ['Sales Manager']):
 			type.append('Sales')
 		if has_common(self.roles, ['Purchase Manager']):

hr/doctype/upload_attendance/upload_attendance.py

@@ -13,8 +13,11 @@ class DocType():
 		self.doc = doc
 		self.doclist = doclist
 
-@webnotes.whitelist(allow_roles=['System Manager', 'HR Manager', "HR User"])
+@webnotes.whitelist()
 def get_template():
+	if not webnotes.has_permission("Attendance", "create"):
+		raise webnotes.PermissionError
+	
 	args = webnotes.form_dict
 	global doclist
 	doclist = webnotes.model.doctype.get("Attendance")
@@ -96,8 +99,11 @@ def get_naming_series():
 	return series[0]
 
 
-@webnotes.whitelist(allow_roles=['System Manager', 'HR Manager', "HR User"])
+@webnotes.whitelist()
 def upload():
+	if not webnotes.has_permission("Attendance", "create"):
+		raise webnotes.PermissionError
+	
 	from webnotes.utils.datautils import read_csv_content_from_uploaded_file
 	from webnotes.modules import scrub
 	

stock/doctype/stock_ledger_entry/stock_ledger_entry.py

@@ -119,11 +119,12 @@ class DocType(DocListController):
 	def scrub_posting_time(self):
 		if not self.doc.posting_time or self.doc.posting_time == '00:0':
 			self.doc.posting_time = '00:00'
-			
-	def on_doctype_update(self):
-		if not webnotes.conn.sql("""show index from `tabStock Ledger Entry` 
-			where Key_name="posting_sort_index" """):
-			webnotes.conn.commit()
-			webnotes.conn.sql("""alter table `tabStock Ledger Entry` 
-				add index posting_sort_index(posting_date, posting_time, name)""")
-			webnotes.conn.begin()
+
+def on_doctype_update():
+	print "on_doctype_update called for SLE"
+	if not webnotes.conn.sql("""show index from `tabStock Ledger Entry` 
+		where Key_name="posting_sort_index" """):
+		webnotes.conn.commit()
+		webnotes.conn.sql("""alter table `tabStock Ledger Entry` 
+			add index posting_sort_index(posting_date, posting_time, name)""")
+		webnotes.conn.begin()

utilities/doctype/rename_tool/rename_tool.py

@@ -13,7 +13,7 @@ def get_doctypes():
 	return webnotes.conn.sql_list("""select name from tabDocType
 		where ifnull(allow_rename,0)=1 and module!='Core' order by name""")
 		
-@webnotes.whitelist(allow_roles=["System Manager"])
+@webnotes.whitelist()
 def upload(select_doctype=None, rows=None):
 	from webnotes.utils.datautils import read_csv_content_from_uploaded_file
 	from webnotes.modules import scrub
@@ -21,6 +21,9 @@ def upload(select_doctype=None, rows=None):
 
 	if not select_doctype:
 		select_doctype = webnotes.form_dict.select_doctype
+		
+	if not webnotes.has_permission(select_doctype, "write"):
+		raise webnotes.PermissionError
 
 	if not rows:
 		rows = read_csv_content_from_uploaded_file()