From 7f27586cbe6f3112183228c53b4f46c39299850e Mon Sep 17 00:00:00 2001
From: Frappe PR Bot <frappe.pr.bot@gmail.com>
Date: Wed, 25 Aug 2021 22:26:09 +0530
Subject: [PATCH] fix(healthcare): Removed ignore user permissions flag in
 appointment (#27146)

* fix(healthcare): Removed ignore user permissions flag in appointment (#27129)

(cherry picked from commit 81b28b899843dcbf66d5c2cc241429e363ab04ac)

# Conflicts:
#	erpnext/healthcare/doctype/patient_appointment/test_patient_appointment.py

* chore: Fix merge conflicts

Co-authored-by: Chillar Anand <anand21nanda@gmail.com>
---
 .../healthcare_practitioner.json              |  5 ++-
 .../patient_appointment.json                  |  1 -
 .../test_patient_appointment.py               | 37 ++++++++++++++++++-
 3 files changed, 39 insertions(+), 4 deletions(-)

diff --git a/erpnext/healthcare/doctype/healthcare_practitioner/healthcare_practitioner.json b/erpnext/healthcare/doctype/healthcare_practitioner/healthcare_practitioner.json
index 8162f03f6dc..cb455eb5014 100644
--- a/erpnext/healthcare/doctype/healthcare_practitioner/healthcare_practitioner.json
+++ b/erpnext/healthcare/doctype/healthcare_practitioner/healthcare_practitioner.json
@@ -282,7 +282,7 @@
  ],
  "image_field": "image",
  "links": [],
- "modified": "2021-01-22 10:14:43.187675",
+ "modified": "2021-08-24 10:42:08.513054",
  "modified_by": "Administrator",
  "module": "Healthcare",
  "name": "Healthcare Practitioner",
@@ -295,6 +295,7 @@
    "read": 1,
    "report": 1,
    "role": "Laboratory User",
+   "select": 1,
    "share": 1,
    "write": 1
   },
@@ -307,6 +308,7 @@
    "read": 1,
    "report": 1,
    "role": "Physician",
+   "select": 1,
    "share": 1,
    "write": 1
   },
@@ -319,6 +321,7 @@
    "read": 1,
    "report": 1,
    "role": "Nursing User",
+   "select": 1,
    "share": 1,
    "write": 1
   }
diff --git a/erpnext/healthcare/doctype/patient_appointment/patient_appointment.json b/erpnext/healthcare/doctype/patient_appointment/patient_appointment.json
index 0267e65a212..a6929c28511 100644
--- a/erpnext/healthcare/doctype/patient_appointment/patient_appointment.json
+++ b/erpnext/healthcare/doctype/patient_appointment/patient_appointment.json
@@ -142,7 +142,6 @@
   {
    "fieldname": "practitioner",
    "fieldtype": "Link",
-   "ignore_user_permissions": 1,
    "in_standard_filter": 1,
    "label": "Healthcare Practitioner",
    "options": "Healthcare Practitioner",
diff --git a/erpnext/healthcare/doctype/patient_appointment/test_patient_appointment.py b/erpnext/healthcare/doctype/patient_appointment/test_patient_appointment.py
index c0fe5f08854..062a32a92e6 100644
--- a/erpnext/healthcare/doctype/patient_appointment/test_patient_appointment.py
+++ b/erpnext/healthcare/doctype/patient_appointment/test_patient_appointment.py
@@ -251,6 +251,27 @@ class TestPatientAppointment(unittest.TestCase):
 		appointment = create_appointment(patient, practitioner, nowdate(), service_unit=overlap_service_unit, save=0)
 		self.assertRaises(MaximumCapacityError, appointment.save)
 
+	def test_patient_appointment_should_consider_permissions_while_fetching_appointments(self):
+		patient, practitioner = create_healthcare_docs()
+		create_appointment(patient, practitioner, nowdate())
+
+		patient, new_practitioner = create_healthcare_docs(id=2)
+		create_appointment(patient, new_practitioner, nowdate())
+
+		roles = [{"doctype": "Has Role", "role": "Physician"}]
+		user = create_user(roles=roles)
+		new_practitioner = frappe.get_doc('Healthcare Practitioner', new_practitioner)
+		new_practitioner.user_id = user.email
+		new_practitioner.save()
+
+		frappe.set_user(user.name)
+		appointments = frappe.get_list('Patient Appointment')
+		assert len(appointments) == 1
+
+		frappe.set_user("Administrator")
+		appointments = frappe.get_list('Patient Appointment')
+		assert len(appointments) == 2
+
 
 def create_healthcare_docs(id=0):
 	patient = create_patient(id)
@@ -298,7 +319,6 @@ def create_practitioner(id=0, medical_department=None):
 
 	return practitioner.name
 
-
 def create_encounter(appointment):
 	if appointment:
 		encounter = frappe.new_doc('Patient Encounter')
@@ -313,7 +333,6 @@ def create_encounter(appointment):
 
 		return encounter
 
-
 def create_appointment(patient, practitioner, appointment_date, invoice=0, procedure_template=0,
 	service_unit=None, appointment_type=None, save=1, department=None):
 	item = create_healthcare_service_items()
@@ -423,3 +442,17 @@ def create_service_unit(id=0, service_unit_type=None, service_unit_capacity=0):
 	service_unit.save(ignore_permissions=True)
 
 	return service_unit.name
+
+def create_user(email=None, roles=None):
+	if not email:
+		email = '{}@frappe.com'.format(frappe.utils.random_string(10))
+	user = frappe.db.exists('User', email)
+	if not user:
+		user = frappe.get_doc({
+			"doctype": "User",
+			"email": email,
+			"first_name": "test_user",
+			"password": "password",
+			"roles": roles,
+		}).insert()
+	return user