In our implementation Department is used as a child doctype in Issue doctype. The behaviour we noticed is that when we apply user permissions for department which is a child doctype, the issues are being listed even for issues which have other departments. We are unable to open the issues and it says restricted due to user permission , but why are the issues being visible is the question. For other restrictions for e.g. in this case issue_type and territory(village) we see that issues other than those that fit the user permissions criteria are not visible.
We can see that even on the right top where we could see restricted values for a doctype for a user, we see that department value is not being fetched.
Below are the user permissions actually set for the user .
But when we actually try to fetch the user permissions via api, we see the values above are reflected too.
So was wondering if there is any issue applying user permissions for child doctypes and why are the values which are supposed to be filtered visible in the list view even though we are unable to open the issue.