frappe-core-permissions

# Frappe Permissions > Deterministic patterns for the five-layer Frappe permission system. --- ## Permission Layers | Layer | Controls | Configured Via | Version | |-------|----------|----------------|---------| | **Role Permissions** | What users CAN do | DocType permissions table | All | | **User Permissions** | WHICH records users see | User Permission DocType | All | | **Perm Levels** | WHICH fields users see/edit | Field `permlevel` property | All | | **Permission Hooks** | Custom deny logic | `hooks.py` | All | | **Data Masking** | Masked field values | Field `mask` property | [v16+] | --- ## Decision Tree ``` Need to control access? ├── Who can Create/Read/Write/Delete a DocType? → Role Permissions ├── Which specific records can a user see? → User Permissions ├── Which fields should be hidden? → Perm Levels (permlevel 1+) ├── Which fields show masked values? → Data Masking [v16+] ├── Custom runtime deny logic? → has_permission hook ├── Filter list queries dynamically? → permission_query_conditions hook └── Share one document with one user? → frappe.share Checking permissions in code? ├── Before action → frappe.has_permission() or doc.has_permission() ├── Raise on denial → doc.check_permission() or throw=True ├── System bypass → doc.flags.ignore_permissions = True (ALWAYS document why) └── List query → ALWAYS use frappe.get_list() for user-facing data ``` --- ## Permission Types | Type | API Check | Applies To | |------|-----------|------------| | `read` | `f...