From 2bc7a52365778abdd37716346423cdc86cc72642 Mon Sep 17 00:00:00 2001
From: Shariq Ansari <sharique.rik@gmail.com>
Date: Thu, 29 Feb 2024 16:28:36 +0530
Subject: [PATCH] fix: hide or make field read only based on higher permlevel
 access

---
 crm/api/doc.py                   | 15 ++++++++++++++-
 crm/fcrm/doctype/crm_deal/api.py |  2 +-
 crm/fcrm/doctype/crm_lead/api.py |  2 +-
 3 files changed, 16 insertions(+), 3 deletions(-)

diff --git a/crm/api/doc.py b/crm/api/doc.py
index 35c72e53..8fc1f705 100644
--- a/crm/api/doc.py
+++ b/crm/api/doc.py
@@ -244,7 +244,7 @@ def get_list_data(
 	}
 
 
-def get_doctype_fields(doctype):
+def get_doctype_fields(doctype, name):
 	not_allowed_fieldtypes = [
 		"Section Break",
 		"Column Break",
@@ -256,6 +256,12 @@ def get_doctype_fields(doctype):
 	sections = {}
 	section_fields = []
 	last_section = None
+	doc = frappe.get_cached_doc(doctype, name)
+
+	has_high_permlevel_fields = any(df.permlevel > 0 for df in fields)
+	if has_high_permlevel_fields:
+		has_read_access_to_permlevels = doc.get_permlevel_access("read")
+		has_write_access_to_permlevels = doc.get_permlevel_access("write")
 
 	for field in fields:
 		if field.fieldtype == "Tab Break" and last_section:
@@ -277,6 +283,13 @@ def get_doctype_fields(doctype):
 				"fields": [],
 			}
 		else:
+			if field.permlevel > 0:
+				field_has_write_access = field.permlevel in has_write_access_to_permlevels
+				field_has_read_access = field.permlevel in has_read_access_to_permlevels
+				if not field_has_write_access and field_has_read_access:
+					field.read_only = 1
+				if not field_has_read_access and not field_has_write_access:
+					field.hidden = 1
 			section_fields.append(get_field_obj(field))
 
 	section_fields = []
diff --git a/crm/fcrm/doctype/crm_deal/api.py b/crm/fcrm/doctype/crm_deal/api.py
index ffc5c861..5b1c8e69 100644
--- a/crm/fcrm/doctype/crm_deal/api.py
+++ b/crm/fcrm/doctype/crm_deal/api.py
@@ -27,7 +27,7 @@ def get_deal(name):
 		fields=["contact", "is_primary"],
 	)
 
-	deal["doctype_fields"], deal["all_fields"] = get_doctype_fields("CRM Deal") 
+	deal["doctype_fields"], deal["all_fields"] = get_doctype_fields("CRM Deal", name) 
 	deal["doctype"] = "CRM Deal"
 	deal["_form_script"] = get_form_script('CRM Deal')
 	deal["_assign"] = get_assigned_users("CRM Deal", deal.name)
diff --git a/crm/fcrm/doctype/crm_lead/api.py b/crm/fcrm/doctype/crm_lead/api.py
index c5e91573..74b6b7d1 100644
--- a/crm/fcrm/doctype/crm_lead/api.py
+++ b/crm/fcrm/doctype/crm_lead/api.py
@@ -15,7 +15,7 @@ def get_lead(name):
 		frappe.throw(_("Lead not found"), frappe.DoesNotExistError)
 	lead = lead.pop()
 
-	lead["doctype_fields"], lead["all_fields"] = get_doctype_fields("CRM Lead")
+	lead["doctype_fields"], lead["all_fields"] = get_doctype_fields("CRM Lead", name)
 	lead["doctype"] = "CRM Lead"
 	lead["_form_script"] = get_form_script('CRM Lead')
 	lead["_assign"] = get_assigned_users("CRM Lead", lead.name)