Merge pull request #1281 from resilient-tech/mergify/bp/version-14-ho…

…tfix/pr-1280 fix: revert perm check for GST account names (backport #1280)
resilient-tech · Nov 18, 2023 · c22998f · c22998f
2 parents a4e9dca + 36c9fa0
commit c22998f
Showing 1 changed file with 4 additions and 7 deletions.
diff --git a/india_compliance/gst_india/utils/__init__.py b/india_compliance/gst_india/utils/__init__.py
@@ -90,7 +90,6 @@ def send_updated_doc(doc, set_docinfo=False):
 def get_gstin_list(party, party_type="Company"):
     """
     Returns a list the party's GSTINs.
-    This function doesn't check for permissions since GSTINs are publicly available.
     """
 
     frappe.has_permission(party_type, doc=party, throw=True)
@@ -464,15 +463,13 @@ def get_gst_accounts_by_type(company, account_type, throw=True):
 
 @frappe.whitelist()
 def get_all_gst_accounts(company):
+    """
+    Permission not checked here:
+    List of GST account names isn't considered sensitive data
+    """
     if not company:
         frappe.throw(_("Please set Company first"))
 
-    if not (
-        frappe.has_permission("Account", "read")
-        or frappe.has_permission("Account", "select")
-    ):
-        frappe.throw(_("Not Permitted to select/read Accounts"), frappe.PermissionError)
-
     settings = frappe.get_cached_doc("GST Settings")
 
     accounts_list = []