From e821d95a01139cc6ef5be844a3f1503340d30ef7 Mon Sep 17 00:00:00 2001 From: RJPvT <48353029+RJPvT@users.noreply.github.com> Date: Sun, 19 Apr 2020 15:51:47 +0200 Subject: [PATCH 01/13] fix: two_factor_is_enabled needs username --- frappe/twofactor.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/frappe/twofactor.py b/frappe/twofactor.py index e60113215b..b44092d6a1 100644 --- a/frappe/twofactor.py +++ b/frappe/twofactor.py @@ -374,11 +374,11 @@ def delete_qrimage(user, check_expiry=False): def delete_all_barcodes_for_users(): '''Task to delete all barcodes for user.''' - if not two_factor_is_enabled(): - return users = frappe.get_all('User', {'enabled':1}) for user in users: + if not two_factor_is_enabled(user=user.name): + continue delete_qrimage(user.name, check_expiry=True) def should_remove_barcode_image(barcode): From be14e59d4aab9fdd4848f3dd123cdac2ccf43c01 Mon Sep 17 00:00:00 2001 From: RJPvT <48353029+RJPvT@users.noreply.github.com> Date: Sun, 19 Apr 2020 15:58:29 +0200 Subject: [PATCH 02/13] fix: no need for password check --- frappe/auth.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/frappe/auth.py b/frappe/auth.py index dba8b05a62..1353acf10f 100644 --- a/frappe/auth.py +++ b/frappe/auth.py @@ -219,7 +219,10 @@ class LoginManager: user = frappe.db.get_value("User", filters={"username": user}, fieldname="name") or user self.check_if_enabled(user) - self.user = self.check_password(user, pwd) + if not frappe.form_dict.get('tmp_id'): + self.user = self.check_password(user, pwd) + else: + self.user = user def force_user_to_reset_password(self): if not self.user: From 2fd199650678213a43fb2751e084f75306dc0873 Mon Sep 17 00:00:00 2001 From: RJPvT <48353029+RJPvT@users.noreply.github.com> Date: Sun, 19 Apr 2020 16:02:19 +0200 Subject: [PATCH 03/13] fix: check if ldap user requires 2fa on login --- frappe/integrations/doctype/ldap_settings/ldap_settings.py | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/frappe/integrations/doctype/ldap_settings/ldap_settings.py b/frappe/integrations/doctype/ldap_settings/ldap_settings.py index 558f7117c0..80dfef2693 100644 --- a/frappe/integrations/doctype/ldap_settings/ldap_settings.py +++ b/frappe/integrations/doctype/ldap_settings/ldap_settings.py @@ -6,7 +6,7 @@ from __future__ import unicode_literals import frappe from frappe import _, safe_encode from frappe.model.document import Document - +from frappe.twofactor import (should_run_2fa, authenticate_for_2factor,confirm_otp_token) class LDAPSettings(Document): def validate(self): @@ -237,6 +237,10 @@ def login(): user = ldap.authenticate(frappe.as_unicode(args.usr), frappe.as_unicode(args.pwd)) frappe.local.login_manager.user = user.name + if should_run_2fa(user.name): + authenticate_for_2factor(user.name) + if not confirm_otp_token(frappe.local.login_manager): + return False frappe.local.login_manager.post_login() # because of a GET request! From ce4560078a12e6548b2269d26b8d0be61da77f51 Mon Sep 17 00:00:00 2001 From: Gavin D'souza Date: Fri, 24 Apr 2020 12:58:22 +0530 Subject: [PATCH 04/13] fix: allow truncated image files Reason: "IOError: broken data stream when reading image file" Reference: https://github.com/python-pillow/Pillow/issues/1510 --- frappe/core/doctype/file/file.py | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/frappe/core/doctype/file/file.py b/frappe/core/doctype/file/file.py index 8741101976..1312ae5c2b 100755 --- a/frappe/core/doctype/file/file.py +++ b/frappe/core/doctype/file/file.py @@ -28,7 +28,7 @@ from frappe import conf from frappe.utils.nestedset import NestedSet from frappe.model.document import Document from frappe.utils import strip -from PIL import Image, ImageOps +from PIL import Image, ImageFile, ImageOps from six import StringIO, string_types from six.moves.urllib.parse import unquote, quote from six import text_type, PY2 @@ -38,9 +38,11 @@ class MaxFileSizeReachedError(frappe.ValidationError): pass -class FolderNotEmpty(frappe.ValidationError): pass +class FolderNotEmpty(frappe.ValidationError): + pass exclude_from_linked_with = True +ImageFile.LOAD_TRUNCATED_IMAGES = True class File(Document): From 8144ae3bff74d403dc4b22ee05dfa3c591f2253d Mon Sep 17 00:00:00 2001 From: Gavin D'souza Date: Fri, 24 Apr 2020 13:01:13 +0530 Subject: [PATCH 05/13] style: sort imports --- frappe/core/doctype/file/file.py | 38 +++++++++++++++----------------- 1 file changed, 18 insertions(+), 20 deletions(-) diff --git a/frappe/core/doctype/file/file.py b/frappe/core/doctype/file/file.py index 1312ae5c2b..252aeb0d10 100755 --- a/frappe/core/doctype/file/file.py +++ b/frappe/core/doctype/file/file.py @@ -1,43 +1,41 @@ # Copyright (c) 2015, Frappe Technologies Pvt. Ltd. and Contributors # MIT License. See license.txt -from __future__ import unicode_literals -from frappe import _ """ record of files naming for same name files: file.gif, file-1.gif, file-2.gif etc """ -import frappe -import json -import os +from __future__ import unicode_literals + import base64 -import re import hashlib -import mimetypes +import imghdr import io +import json +import mimetypes +import os +import re import shutil +import zipfile + import requests import requests.exceptions -import imghdr - -from frappe.utils import get_hook_method, get_files_path, random_string, encode, cstr, call_hook_method, cint -from frappe import _ -from frappe import conf -from frappe.utils.nestedset import NestedSet -from frappe.model.document import Document -from frappe.utils import strip from PIL import Image, ImageFile, ImageOps -from six import StringIO, string_types -from six.moves.urllib.parse import unquote, quote -from six import text_type, PY2 -import zipfile +from six import PY2, StringIO, string_types, text_type +from six.moves.urllib.parse import quote, unquote + +import frappe +from frappe import _, conf +from frappe.model.document import Document +from frappe.utils import call_hook_method, cint, cstr, encode, get_files_path, get_hook_method, random_string, strip +from frappe.utils.nestedset import NestedSet + class MaxFileSizeReachedError(frappe.ValidationError): pass - class FolderNotEmpty(frappe.ValidationError): pass From a55589ec8dc05686e9f4f1965318fe2f325d7ccd Mon Sep 17 00:00:00 2001 From: Gavin D'souza Date: Fri, 24 Apr 2020 13:06:02 +0530 Subject: [PATCH 06/13] chore: remove unused imports --- frappe/core/doctype/file/file.py | 1 - 1 file changed, 1 deletion(-) diff --git a/frappe/core/doctype/file/file.py b/frappe/core/doctype/file/file.py index 252aeb0d10..70cdd6a000 100755 --- a/frappe/core/doctype/file/file.py +++ b/frappe/core/doctype/file/file.py @@ -30,7 +30,6 @@ import frappe from frappe import _, conf from frappe.model.document import Document from frappe.utils import call_hook_method, cint, cstr, encode, get_files_path, get_hook_method, random_string, strip -from frappe.utils.nestedset import NestedSet class MaxFileSizeReachedError(frappe.ValidationError): From 027ec14bd7997c95a7f4506863e5e76d609dd476 Mon Sep 17 00:00:00 2001 From: Michelle Alva <50285544+michellealva@users.noreply.github.com> Date: Sun, 26 Apr 2020 14:59:26 +0530 Subject: [PATCH 07/13] fix: convert max_file_size to int Traceback (most recent call last): File "/home/frappe/benches/bench-12-f1-0/apps/frappe/frappe/app.py", line 62, in application response = frappe.api.handle() File "/home/frappe/benches/bench-12-f1-0/apps/frappe/frappe/api.py", line 55, in handle return frappe.handler.handle() File "/home/frappe/benches/bench-12-f1-0/apps/frappe/frappe/handler.py", line 22, in handle data = execute_cmd(cmd) File "/home/frappe/benches/bench-12-f1-0/apps/frappe/frappe/handler.py", line 61, in execute_cmd return frappe.call(method, **frappe.form_dict) File "/home/frappe/benches/bench-12-f1-0/apps/frappe/frappe/__init__.py", line 1054, in call return fn(*args, **newargs) File "/home/frappe/benches/bench-12-f1-0/apps/frappe/frappe/handler.py", line 198, in upload_file ret.save(ignore_permissions=ignore_permissions) File "/home/frappe/benches/bench-12-f1-0/apps/frappe/frappe/model/document.py", line 273, in save return self._save(*args, **kwargs) File "/home/frappe/benches/bench-12-f1-0/apps/frappe/frappe/model/document.py", line 296, in _save self.insert() File "/home/frappe/benches/bench-12-f1-0/apps/frappe/frappe/model/document.py", line 223, in insert self.run_method("before_insert") File "/home/frappe/benches/bench-12-f1-0/apps/frappe/frappe/model/document.py", line 794, in run_method out = Document.hook(fn)(self, *args, **kwargs) File "/home/frappe/benches/bench-12-f1-0/apps/frappe/frappe/model/document.py", line 1065, in composer return composed(self, method, *args, **kwargs) File "/home/frappe/benches/bench-12-f1-0/apps/frappe/frappe/model/document.py", line 1048, in runner add_to_return_value(self, fn(self, *args, **kwargs)) File "/home/frappe/benches/bench-12-f1-0/apps/frappe/frappe/model/document.py", line 788, in fn = lambda self, *args, **kwargs: getattr(self, method)(*args, **kwargs) File "/home/frappe/benches/bench-12-f1-0/apps/frappe/frappe/core/doctype/file/file.py", line 55, in before_insert self.save_file(content=self.content, decode=self.decode) File "/home/frappe/benches/bench-12-f1-0/apps/frappe/frappe/core/doctype/file/file.py", line 439, in save_file self.file_size = self.check_max_file_size() File "/home/frappe/benches/bench-12-f1-0/apps/frappe/frappe/core/doctype/file/file.py", line 495, in check_max_file_size if file_size > max_file_size: TypeError: '>' not supported between instances of 'int' and 'str' --- frappe/core/doctype/file/file.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/frappe/core/doctype/file/file.py b/frappe/core/doctype/file/file.py index 0d0803def9..b35abfa861 100755 --- a/frappe/core/doctype/file/file.py +++ b/frappe/core/doctype/file/file.py @@ -696,7 +696,7 @@ def remove_file(fid=None, attached_to_doctype=None, attached_to_name=None, from_ def get_max_file_size(): - return conf.get('max_file_size') or 10485760 + return cint(conf.get('max_file_size')) or 10485760 def remove_all(dt, dn, from_delete=False): From 75031287652d9d76914ef5c199345d8a9e2f8d1e Mon Sep 17 00:00:00 2001 From: Suraj Shetty <13928957+surajshetty3416@users.noreply.github.com> Date: Sun, 26 Apr 2020 17:18:11 +0530 Subject: [PATCH 08/13] Revert "fix: Set fields in grid form as read only for non-editable grids" --- frappe/public/js/frappe/form/grid_row.js | 3 --- 1 file changed, 3 deletions(-) diff --git a/frappe/public/js/frappe/form/grid_row.js b/frappe/public/js/frappe/form/grid_row.js index 31d62dc445..8738efc1ee 100644 --- a/frappe/public/js/frappe/form/grid_row.js +++ b/frappe/public/js/frappe/form/grid_row.js @@ -22,9 +22,6 @@ export default class GridRow { if(me.grid.allow_on_grid_editing() && me.grid.is_editable()) { // pass } else { - if (!me.grid.is_editable()) { - me.docfields.map(df => df.read_only = 1); - } me.toggle_view(); return false; } From 84a3d9271e1dca021e43738d680f3d74a1635126 Mon Sep 17 00:00:00 2001 From: Suraj Shetty Date: Sun, 26 Apr 2020 20:32:51 +0530 Subject: [PATCH 09/13] fix: Only make form-area scrollable - Exclude grid-form-footer from scrolling area --- frappe/public/less/form_grid.less | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/frappe/public/less/form_grid.less b/frappe/public/less/form_grid.less index ed457a9ce8..88c5cf7bbc 100644 --- a/frappe/public/less/form_grid.less +++ b/frappe/public/less/form_grid.less @@ -263,8 +263,10 @@ } .grid-form-body { - max-height: 75vh; - overflow-y: auto; + .form-area { + max-height: 70vh; + overflow-y: auto; + } } .grid-header-toolbar { From 3292cfb82d7a186bf28fbe1c56b45550724ad8c9 Mon Sep 17 00:00:00 2001 From: Suraj Shetty Date: Sun, 26 Apr 2020 20:36:01 +0530 Subject: [PATCH 10/13] fix(style): Make grid form look visually centered & fix scrolling - Scroll -15px to make grid form look visually centered - Do not scroll if grid is displayed in modal --- frappe/public/js/frappe/dom.js | 4 ++++ frappe/public/js/frappe/form/grid_row.js | 16 ++++++++++------ 2 files changed, 14 insertions(+), 6 deletions(-) diff --git a/frappe/public/js/frappe/dom.js b/frappe/public/js/frappe/dom.js index 819ecb526e..7b59f9da08 100644 --- a/frappe/public/js/frappe/dom.js +++ b/frappe/public/js/frappe/dom.js @@ -85,6 +85,10 @@ frappe.dom = { ); }, + is_element_in_modal(element) { + return Boolean($(element).parents('.modal').length); + }, + set_style: function(txt, id) { if(!txt) return; diff --git a/frappe/public/js/frappe/form/grid_row.js b/frappe/public/js/frappe/form/grid_row.js index 31d62dc445..5ed31e6e49 100644 --- a/frappe/public/js/frappe/form/grid_row.js +++ b/frappe/public/js/frappe/form/grid_row.js @@ -527,7 +527,7 @@ export default class GridRow { return this; } show_form() { - if(!this.grid_form) { + if (!this.grid_form) { this.grid_form = new GridRowForm({ row: this }); @@ -536,13 +536,15 @@ export default class GridRow { this.row.toggle(false); // this.form_panel.toggle(true); frappe.dom.freeze("", "dark"); - if(cur_frm) cur_frm.cur_grid = this; + if (cur_frm) cur_frm.cur_grid = this; this.wrapper.addClass("grid-row-open"); - if(!frappe.dom.is_element_in_viewport(this.wrapper)) { - frappe.utils.scroll_to(this.wrapper, true, 15); + if (!frappe.dom.is_element_in_viewport(this.wrapper) + && !frappe.dom.is_element_in_modal(this.wrapper)) { + // -15 offset to make form look visually centered + frappe.utils.scroll_to(this.wrapper, true, -15); } - if(this.frm) { + if (this.frm) { this.frm.script_manager.trigger(this.doc.parentfield + "_on_form_rendered"); this.frm.script_manager.trigger("form_render", this.doc.doctype, this.doc.name); } @@ -550,7 +552,9 @@ export default class GridRow { hide_form() { frappe.dom.unfreeze(); this.row.toggle(true); - frappe.utils.scroll_to(this.row, true, 15); + if (!frappe.dom.is_element_in_modal(this.row)) { + frappe.utils.scroll_to(this.row, true, 15); + } this.refresh(); if(cur_frm) cur_frm.cur_grid = null; this.wrapper.removeClass("grid-row-open"); From 44b78e7fb21da754355ef11482c0d325cab8be79 Mon Sep 17 00:00:00 2001 From: Sagar Vora Date: Sun, 26 Apr 2020 20:47:11 +0530 Subject: [PATCH 11/13] fix: proper sass mapping and always failing test --- rollup/config.js | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/rollup/config.js b/rollup/config.js index 5f0b2bc60a..e4dbdc6053 100644 --- a/rollup/config.js +++ b/rollup/config.js @@ -109,7 +109,7 @@ function get_rollup_options_for_js(output_file, input_files) { function get_rollup_options_for_css(output_file, input_files) { const output_path = path.resolve(assets_path, output_file); - const minimize_css = output_path.startsWith('css/') && production; + const starts_with_css = output_file.startsWith('css/'); const plugins = [ // enables array of inputs @@ -125,15 +125,24 @@ function get_rollup_options_for_css(output_file, input_files) { path.resolve(get_public_path('frappe'), 'less') ] }], - ['sass', get_options_for_scss()] + ['sass', { + ...get_options_for_scss(), + outFile: output_path, + sourceMapContents: true + }] ], include: [ path.resolve(bench_path, '**/*.less'), path.resolve(bench_path, '**/*.scss'), path.resolve(bench_path, '**/*.css') ], +<<<<<<< Updated upstream minimize: minimize_css, sourceMap: output_file.startsWith('css/') && !production +======= + minimize: starts_with_css && production, + sourceMap: starts_with_css && !production +>>>>>>> Stashed changes }) ]; From 4d80b592e29d21ad383b579f09909cdf6ca20762 Mon Sep 17 00:00:00 2001 From: Sagar Vora Date: Sun, 26 Apr 2020 20:48:21 +0530 Subject: [PATCH 12/13] fix: merge conflict --- rollup/config.js | 5 ----- 1 file changed, 5 deletions(-) diff --git a/rollup/config.js b/rollup/config.js index e4dbdc6053..a88b966916 100644 --- a/rollup/config.js +++ b/rollup/config.js @@ -136,13 +136,8 @@ function get_rollup_options_for_css(output_file, input_files) { path.resolve(bench_path, '**/*.scss'), path.resolve(bench_path, '**/*.css') ], -<<<<<<< Updated upstream - minimize: minimize_css, - sourceMap: output_file.startsWith('css/') && !production -======= minimize: starts_with_css && production, sourceMap: starts_with_css && !production ->>>>>>> Stashed changes }) ]; From c4c71bc5391fc1294a8fb6c020f6464723278cb1 Mon Sep 17 00:00:00 2001 From: Rucha Mahabal Date: Sun, 26 Apr 2020 21:26:28 +0530 Subject: [PATCH 13/13] fix: initialise filters in Dashboard Chart --- frappe/desk/doctype/dashboard_chart/dashboard_chart.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/frappe/desk/doctype/dashboard_chart/dashboard_chart.py b/frappe/desk/doctype/dashboard_chart/dashboard_chart.py index 36a75bd9d5..7bed8f4504 100644 --- a/frappe/desk/doctype/dashboard_chart/dashboard_chart.py +++ b/frappe/desk/doctype/dashboard_chart/dashboard_chart.py @@ -79,7 +79,7 @@ def get(chart_name = None, chart = None, no_cache = None, filters = None, from_d to_date = chart.to_date timegrain = time_interval or chart.time_interval - filters = frappe.parse_json(filters) or frappe.parse_json(chart.filters_json) + filters = frappe.parse_json(filters) or frappe.parse_json(chart.filters_json) or [] # don't include cancelled documents filters.append([chart.document_type, 'docstatus', '<', 2, False])