fix: bypass IP restriction for the methods required for our socketio backend
Those requests are made from a separate backend, not by the user. Signed-off-by: Akhil Narang <me@akhilnarang.dev>
This commit is contained in:
Akhil Narang
parent
68c5307fd9
commit
68fd322955
1 changed files with 12 additions and 1 deletions
|
|
@ -421,7 +421,18 @@ def clear_cookies():
|
|||
|
||||
|
||||
def validate_ip_address(user):
|
||||
"""check if IP Address is valid"""
|
||||
"""
|
||||
Method to check if the user has IP restrictions enabled, and if so is the IP address they are
|
||||
connecting from allowlisted.
|
||||
|
||||
Certain methods called from our socketio backend need direct access, and so the IP is not
|
||||
checked for those
|
||||
"""
|
||||
if hasattr(frappe.local, "request") and frappe.local.request.path.startswith(
|
||||
"/api/method/frappe.realtime."
|
||||
):
|
||||
return True
|
||||
|
||||
from frappe.core.doctype.user.user import get_restricted_ip_list
|
||||
|
||||
# Only fetch required fields - for perf
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue