From 6139cb5cb9d9e5bb19ea89ae134894ff34d04709 Mon Sep 17 00:00:00 2001
From: Shariq Ansari <sharique.rik@gmail.com>
Date: Mon, 7 Apr 2025 17:31:17 +0530
Subject: [PATCH] fix: restrict app in apps page if no access to FCRM module

---
 crm/api/__init__.py | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/crm/api/__init__.py b/crm/api/__init__.py
index 8c6efd40..cb56e3bd 100644
--- a/crm/api/__init__.py
+++ b/crm/api/__init__.py
@@ -1,9 +1,10 @@
-from bs4 import BeautifulSoup
 import frappe
-from frappe.translate import get_all_translations
-from frappe.utils import validate_email_address, split_emails, cstr
-from frappe.utils.telemetry import POSTHOG_HOST_FIELD, POSTHOG_PROJECT_FIELD
+from bs4 import BeautifulSoup
 from frappe.core.api.file import get_max_file_size
+from frappe.translate import get_all_translations
+from frappe.utils import cstr, split_emails, validate_email_address
+from frappe.utils.modules import get_modules_from_all_apps_for_user
+from frappe.utils.telemetry import POSTHOG_HOST_FIELD, POSTHOG_PROJECT_FIELD
 
 
 @frappe.whitelist(allow_guest=True)
@@ -63,6 +64,11 @@ def check_app_permission():
 	if frappe.session.user == "Administrator":
 		return True
 
+	allowed_modules = get_modules_from_all_apps_for_user()
+	allowed_modules = [x["module_name"] for x in allowed_modules]
+	if "FCRM" not in allowed_modules:
+		return False
+
 	roles = frappe.get_roles()
 	if any(
 		role in ["System Manager", "Sales User", "Sales Manager", "Sales Master Manager"] for role in roles