A comprehensive role duplication system for Frappe applications that allows you to easily duplicate roles with all their permissions, user permissions, and settings.

• 🔄 Complete Role Duplication: Clone roles with all permissions, settings, and configurations
• 👥 User Permission Cloning: Duplicate user-specific permissions and restrictions
• 🎯 Smart Permission Management: Automatically handles complex permission structures
• 🔍 Real-time Validation: Prevents duplicate role names and validates permissions
• 📊 Detailed Reporting: Shows comprehensive results with success/failure counts
• 🖥️ Multiple Interfaces: Web interface, form buttons, and programmatic access

1. Navigate to any Role document (e.g., HR Manager, Delivery Manager)
2. Click the "Easy Duplicate Role" button in the toolbar
3. Enter the new role name
4. The system will create a complete copy with all permissions

1. Go to Role Duplicate list
2. Create a new Role Duplicate document
3. Select the Source Role (e.g., "Delivery Manager")
4. Enter the New Role Name (e.g., "Delivery Manager Copy")
5. Click "Load Permissions" to preview all permissions
6. Click "Create New Role" to complete the duplication

1. Navigate to User Permission Manager
2. Create a new document with:
   • Alias Name: Friendly identifier
   • Applied User: Target user email
3. Add permission details in the User Permission Details table:
   • Allow: Document type (e.g., Customer Group, Warehouse)
   • For Value: Specific value (e.g., Commercial, Stores - GE)
   • Configure access levels (Apply To All Documents, Is Default, Hide Descendants)

1. Get the app from the repository:

bench get-app https://github.com/your-repo/duplicate

2. Install the app on your site:

bench --site [your-site] install-app duplicate

3. Build assets:

bench build --app duplicate

Source Role: "HR Manager" 
New Role: "HR Manager - Mumbai Branch"
Result: Complete role with all HR permissions for Mumbai operations

User: [email protected]
Permissions: 
- Customer Group: Commercial (Apply to All Documents)
- Warehouse: Stores - GE (Default access)

Source: "Delivery Manager"
Target: "Delivery Manager Copy"
Permissions Copied: Delivery Note, Delivery Settings, Delivery Trip, Driver, Serial and Batch Bundle

• ✅ Read/Write/Create/Delete permissions
• ✅ Submit/Cancel/Amend permissions
• ✅ Report/Export/Print permissions
• ✅ Email/Share permissions
• ✅ If Owner restrictions
• ✅ Set User Permissions capabilities

• ✅ Document-level restrictions (Customer, Supplier, etc.)
• ✅ Value-based access (Warehouse, Cost Center, etc.)
• ✅ Hierarchical permissions with descendant control
• ✅ Default permission assignment
• ✅ Apply to all documents settings

• 🔍 Duplicate role name prevention
• 🔍 Permission consistency checks
• 🔍 User existence validation
• 🔍 Real-time conflict detection

The app provides several command-line utilities for role management:

# Duplicate a role with all permissions
bench duplicate-role "HR Manager" "HR Manager Copy"

# Duplicate a role without copying permissions
bench duplicate-role "HR Manager" "HR Manager Copy" --no-permissions

# List all roles with their details
bench list-roles

# List roles with permission counts
bench list-roles --with-permissions

# Show detailed permissions for a specific role
bench role-permissions "HR Manager"

# Example 1: Create a department-specific role
bench duplicate-role "Sales Manager" "Sales Manager - Mumbai"

# Example 2: View role permission summary
bench list-roles --with-permissions
# Output:
# Roles with Permission Summary:
# --------------------------------
# Role Name                    Permissions  Desk Access  Status
# HR Manager                   45           Yes          Active
# Sales Manager                32           Yes          Active
# ...

# Example 3: Audit role permissions
bench role-permissions "HR Manager"
# Shows detailed permission breakdown with DocTypes and access levels

import frappe

# Create role duplicate document
doc = frappe.new_doc('Role Duplicate')
doc.source_role = 'HR Manager'
doc.new_role_name = 'HR Manager Copy'
doc.description = 'Copy of HR Manager role for testing'

# Load permissions from source role
doc.load_source_role_permissions()
print(f'Loaded {len(doc.role_permissions)} permissions')

# Create the new role with all permissions
result = doc.create_new_role()
print(f'Result: {result}')

// Load permissions from source role
frappe.call({
    method: 'duplicate.duplicate.doctype.role_duplicate.role_duplicate.load_role_permissions',
    args: {
        source_role: 'HR Manager',
        role_duplicate_name: 'ROLE-DUP-2025-00001'
    }
});

// Create new role from duplicate
frappe.call({
    method: 'duplicate.duplicate.doctype.role_duplicate.role_duplicate.create_role_from_duplicate',
    args: {
        role_duplicate_name: 'ROLE-DUP-2025-00001'
    }
});

• Role Duplicate: Main interface for role duplication
• User Permission Manager: Enhanced user permission management

• Role Duplicate Permissions: Stores individual permission details
• User Permission Details: Manages user-specific access controls

Q: Role creation shows "Network/Server Error" A: Check browser console for detailed error messages. Verify API endpoints are accessible and CSRF tokens are valid.

Q: Only some permissions are copied A: Check for DocTypes that don't exist in the target environment. The system will skip non-existent DocTypes and report them.

Q: User permissions not applying A: Verify the user exists and has the necessary base permissions. User permissions are restrictions, not grants.

Q: Installation fails with "Can't pickle function" error A: This has been resolved in recent versions. The issue was caused by command objects in hooks.py. Update to the latest version which uses Frappe's command auto-discovery.

Q: Tests fail with "Allow must be set first" validation error A: This has been completely resolved across all test methods by implementing proper Dynamic Link field validation handling. The issue occurred when the allow field wasn't set before the for_value field, or when test data like _Test Company didn't exist. The latest version includes comprehensive test data creation and proper field ordering for all test scenarios.

Enable debug logging in browser console to see detailed API call information:

// Check browser console for detailed logs when using the interface

• Frappe Framework: v14.0.0 or higher
• Python: 3.8+
• Database: MySQL/MariaDB or PostgreSQL

MIT License - see LICENSE file for details

For issues and feature requests, please create an issue in the GitHub repository.

This app uses pre-commit for code formatting and linting. Please install pre-commit and enable it for this repository:

cd apps/duplicate
pre-commit install

Pre-commit is configured to use the following tools for checking and formatting your code:

• ruff
• eslint
• prettier
• pyupgrade

This app uses GitHub Actions for CI with comprehensive testing. The following workflows are configured:

• CI: Installs this app and runs unit tests on every push to main branch and pull requests
• Linters: Runs Frappe Semgrep Rules and pip-audit on every pull request

• ✅ Fixed Pickling Error: Resolved _pickle.PicklingError in app installation caused by command object registration in hooks.py
• ✅ Fixed All Test Failures: Completely resolved "Allow must be set first" validation errors across all 4 test methods by implementing proper Dynamic Link field handling and comprehensive test data setup
• ✅ Improved Test Reliability: Enhanced test data setup and cleanup to handle edge cases in CI environments, including robust company creation and field validation for all test scenarios
• ✅ Command Auto-Discovery: Updated command registration to use Frappe's built-in auto-discovery mechanism

All tests now pass successfully in the CI environment with proper MariaDB setup and complete app installation workflow.

mit