From e738803d2c15fdbedd7cc4ca1f1f784377db5697 Mon Sep 17 00:00:00 2001 From: Rishabh Rahangdale Date: Mon, 25 May 2026 16:51:41 +0530 Subject: [PATCH 1/3] fix: restrict CIF Tracker access by role AND designation --- custom_report/www/cif_tracker.html | 2 +- custom_report/www/cif_tracker.py | 12 +++++++++--- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/custom_report/www/cif_tracker.html b/custom_report/www/cif_tracker.html index 4f32f26..b32aa20 100644 --- a/custom_report/www/cif_tracker.html +++ b/custom_report/www/cif_tracker.html @@ -220,7 +220,7 @@

CIF Tracker

🚫

Access Denied

You do not have permission to access the CIF Tracker.

-

Please contact your IT Administrator to request the 'CIF Tracker' role.

+

Access Requirement: CIF Tracker role and a valid designation (BM, BOM, or COM).

{% endif %} diff --git a/custom_report/www/cif_tracker.py b/custom_report/www/cif_tracker.py index f5b9672..3c879fa 100644 --- a/custom_report/www/cif_tracker.py +++ b/custom_report/www/cif_tracker.py @@ -10,22 +10,28 @@ def get_context(context): context.has_access = check_user_access() def check_user_access(): - """Helper to check if user has 'CIF Tracker' or 'Administrator' access""" + """Helper to check if user has 'CIF Tracker' role AND appropriate designation""" user = frappe.session.user if user == "Administrator": return True user_roles = set(frappe.get_roles(user)) - if "CIF Tracker" in user_roles or "System Manager" in user_roles: + if "System Manager" in user_roles: return True + if "CIF Tracker" in user_roles: + # Check designation for CIF Tracker role holders + designation = frappe.db.get_value("Employee", {"user_id": user}, "designation") + if designation in ['BRANCH MANAGER', 'Branch Operation Manager', 'CLUSTER OPERATION MANAGER']: + return True + return False @frappe.whitelist() def get_cif_details(cif_id): # Security check for API call if not check_user_access(): - frappe.throw("Access Denied: You do not have the 'CIF Tracker' role.", frappe.PermissionError) + frappe.throw("Access Denied: You must have the 'CIF Tracker' role AND a valid designation (Branch Manager, Branch Operation Manager, or Cluster Operation Manager).", frappe.PermissionError) if not cif_id: return {"success": False, "error": "CIF ID is required"} From 8df4f35af79cd98ace7f81b540e7ce230543f604 Mon Sep 17 00:00:00 2001 From: Rishabh Rahangdale Date: Mon, 25 May 2026 16:59:02 +0530 Subject: [PATCH 2/3] chore: update CIF Tracker description --- custom_report/www/cif_tracker.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/custom_report/www/cif_tracker.html b/custom_report/www/cif_tracker.html index b32aa20..05301b3 100644 --- a/custom_report/www/cif_tracker.html +++ b/custom_report/www/cif_tracker.html @@ -168,7 +168,7 @@

CIF Tracker

-

Enter CIF ID to fetch linked account details

+

Enter the CIF ID to view assigned verification user details.

From 29fdbb897dab89fb0de7fbe56b6199372c61b071 Mon Sep 17 00:00:00 2001 From: Rishabh Rahangdale Date: Mon, 25 May 2026 17:11:02 +0530 Subject: [PATCH 3/3] feat: update CIF Tracker error message for empty search results --- custom_report/www/cif_tracker.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/custom_report/www/cif_tracker.py b/custom_report/www/cif_tracker.py index 3c879fa..11c5cd3 100644 --- a/custom_report/www/cif_tracker.py +++ b/custom_report/www/cif_tracker.py @@ -70,7 +70,7 @@ def get_cif_details(cif_id): }) return {"success": True, "data": data} else: - return {"success": False, "error": "No records found for this CIF ID."} + return {"success": False, "error": "Invalid CIF ID or already verified by the checker. Please confirm and try again."} except Exception as e: frappe.log_error(message=frappe.get_traceback(), title="CIF Tracker Error")