ERPNext.com Frappe Cloud Support Partners Foundation Frappe School

Hi friends. I have this functions:

@frappe.whitelist(allow_guest=True)
def get_diferent_taxes():
    taxes = []
    item_tax_template = []
    item_tax_template = frappe.get_list('Item Tax Template')
    for i in item_tax_template:
        taxes.append(i)
    sales_tax_template = frappe.get_list('Sales Taxes and Charges Template')
    for i in sales_tax_template:
        taxes.append(i)
    return taxes 

but I having this issue:

Item Tax Template\\n\"]",
    "_server_messages": "[\"{\\\"message\\\": \\\"User <b>Guest</b> does not have doctype access via role permission for document <b>Item Tax Template</b>\\\"}\"]",
    "_error_message": "Insufficient Permission for <b>Item Tax Template</b>"
} 

How do I solve this problem? Thanks a lot

get_list checks permission, get_all doesn’t. https://frappeframework.com/docs/user/en/api/database#frappedbget_all

allow_guest is only for allowing guests to make requests, it doesn’t exempt them from permission checks.


Also IMHO, you shouldn’t be making the function you’ve written accessible to the public. Why not just authenticate while making requests?

1 Like