From 2a80bb01ac1a41d5e5fcd70c7a37f62c5c93e8a9 Mon Sep 17 00:00:00 2001 From: "Patrick.St" <72972659+pstuhlmueller@users.noreply.github.com> Date: Tue, 21 Feb 2023 16:13:07 +0100 Subject: [PATCH 01/24] fix: Incorrect use of the Walrus operator Incorrect use of the Walrus operator leads to unintended behavior for if-condition: "None" will be appended to cc. --- frappe/core/doctype/communication/mixins.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/frappe/core/doctype/communication/mixins.py b/frappe/core/doctype/communication/mixins.py index 7b6427d1c2..7b34208019 100644 --- a/frappe/core/doctype/communication/mixins.py +++ b/frappe/core/doctype/communication/mixins.py @@ -70,7 +70,7 @@ class CommunicationEmailMixin: if include_sender: cc.append(self.sender_mailid) if is_inbound_mail_communcation: - if (doc_owner := self.get_owner()) not in frappe.STANDARD_USERS: + if (doc_owner := self.get_owner()) and (doc_owner not in frappe.STANDARD_USERS): cc.append(doc_owner) cc = set(cc) - {self.sender_mailid} cc.update(self.get_assignees()) From 841557338b69d455a683ce4f02e8c76a12016b49 Mon Sep 17 00:00:00 2001 From: "Patrick.St" <72972659+pstuhlmueller@users.noreply.github.com> Date: Tue, 21 Feb 2023 16:24:02 +0100 Subject: [PATCH 02/24] fix: sending mails to unintended recipients as cc Security vulnerability: Unintentionally, all incoming emails are sent as CC to all users in a ToDo as "allocated_to" with the status "Open" --- frappe/core/doctype/communication/mixins.py | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/frappe/core/doctype/communication/mixins.py b/frappe/core/doctype/communication/mixins.py index 7b34208019..22b7e8a0fc 100644 --- a/frappe/core/doctype/communication/mixins.py +++ b/frappe/core/doctype/communication/mixins.py @@ -216,7 +216,11 @@ class CommunicationEmailMixin: "reference_name": self.reference_name, "reference_type": self.reference_doctype, } - return ToDo.get_owners(filters) + + if self.reference_doctype == "ToDo" and self.reference_name != None: + return ToDo.get_owners(filters) + else: + return [] @staticmethod def filter_thread_notification_disbled_users(emails): From 9758781f809a60fb1f1c3c29ad746f98478d6a3d Mon Sep 17 00:00:00 2001 From: Raffael Meyer <14891507+barredterra@users.noreply.github.com> Date: Thu, 30 Mar 2023 13:40:44 +0200 Subject: [PATCH 03/24] fix: bulk update using doc method, check perms (#20522) * fix: bulk update * fix: always check permission --- .../desk/doctype/bulk_update/bulk_update.js | 49 +++++++------------ .../desk/doctype/bulk_update/bulk_update.py | 32 ++++++------ 2 files changed, 34 insertions(+), 47 deletions(-) diff --git a/frappe/desk/doctype/bulk_update/bulk_update.js b/frappe/desk/doctype/bulk_update/bulk_update.js index 017eee1480..d8a2b89cf3 100644 --- a/frappe/desk/doctype/bulk_update/bulk_update.js +++ b/frappe/desk/doctype/bulk_update/bulk_update.js @@ -16,38 +16,27 @@ frappe.ui.form.on("Bulk Update", { if (!frm.doc.update_value) { frappe.throw(__('Field "value" is mandatory. Please specify value to be updated')); } else { - frappe - .call({ - method: "frappe.desk.doctype.bulk_update.bulk_update.update", - args: { - doctype: frm.doc.document_type, - field: frm.doc.field, - value: frm.doc.update_value, - condition: frm.doc.condition, - limit: frm.doc.limit, - }, - }) - .then((r) => { - let failed = r.message; - if (!failed) failed = []; + frm.call("bulk_update").then((r) => { + let failed = r.message; + if (!failed) failed = []; - if (failed.length && !r._server_messages) { - frappe.throw( - __("Cannot update {0}", [ - failed.map((f) => (f.bold ? f.bold() : f)).join(", "), - ]) - ); - } else { - frappe.msgprint({ - title: __("Success"), - message: __("Updated Successfully"), - indicator: "green", - }); - } + if (failed.length && !r._server_messages) { + frappe.throw( + __("Cannot update {0}", [ + failed.map((f) => (f.bold ? f.bold() : f)).join(", "), + ]) + ); + } else { + frappe.msgprint({ + title: __("Success"), + message: __("Updated Successfully"), + indicator: "green", + }); + } - frappe.hide_progress(); - frm.save(); - }); + frappe.hide_progress(); + frm.save(); + }); } }); }, diff --git a/frappe/desk/doctype/bulk_update/bulk_update.py b/frappe/desk/doctype/bulk_update/bulk_update.py index 5521d9583f..535be8155f 100644 --- a/frappe/desk/doctype/bulk_update/bulk_update.py +++ b/frappe/desk/doctype/bulk_update/bulk_update.py @@ -10,26 +10,24 @@ from frappe.utils.scheduler import is_scheduler_inactive class BulkUpdate(Document): - pass + @frappe.whitelist() + def bulk_update(self): + self.check_permission("write") + limit = self.limit if self.limit and cint(self.limit) < 500 else 500 + condition = "" + if self.condition: + if ";" in self.condition: + frappe.throw(_("; not allowed in condition")) -@frappe.whitelist() -def update(doctype, field, value, condition="", limit=500): - if not limit or cint(limit) > 500: - limit = 500 + condition = f" where {self.condition}" - if condition: - condition = " where " + condition - - if ";" in condition: - frappe.throw(_("; not allowed in condition")) - - docnames = frappe.db.sql_list( - f"""select name from `tab{doctype}`{condition} limit {limit} offset 0""" - ) - data = {} - data[field] = value - return submit_cancel_or_update_docs(doctype, docnames, "update", data) + docnames = frappe.db.sql_list( + f"""select name from `tab{self.document_type}`{condition} limit {limit} offset 0""" + ) + return submit_cancel_or_update_docs( + self.document_type, docnames, "update", {self.field: self.update_value} + ) @frappe.whitelist() From 2cb492561a2ba790241b081be507b252d8061fac Mon Sep 17 00:00:00 2001 From: Himanshu Shivhare Date: Thu, 30 Mar 2023 17:57:00 +0530 Subject: [PATCH 04/24] fix(ux): correct email account setup path in error message (#20513) --- frappe/core/doctype/communication/email.py | 2 +- frappe/email/doctype/email_account/email_account.py | 2 +- frappe/email/smtp.py | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/frappe/core/doctype/communication/email.py b/frappe/core/doctype/communication/email.py index 2e199e014d..1733b7b716 100755 --- a/frappe/core/doctype/communication/email.py +++ b/frappe/core/doctype/communication/email.py @@ -165,7 +165,7 @@ def _make( if not comm.get_outgoing_email_account(): frappe.throw( _( - "Unable to send mail because of a missing email account. Please setup default Email Account from Setup > Email > Email Account" + "Unable to send mail because of a missing email account. Please setup default Email Account from Settings > Email Account" ), exc=frappe.OutgoingEmailError, ) diff --git a/frappe/email/doctype/email_account/email_account.py b/frappe/email/doctype/email_account/email_account.py index 2e5dbe2e24..faf28afdb3 100755 --- a/frappe/email/doctype/email_account/email_account.py +++ b/frappe/email/doctype/email_account/email_account.py @@ -325,7 +325,7 @@ class EmailAccount(Document): if _raise_error: frappe.throw( - _("Please setup default Email Account from Setup > Email > Email Account"), + _("Please setup default Email Account from Settings > Email Account"), frappe.OutgoingEmailError, ) diff --git a/frappe/email/smtp.py b/frappe/email/smtp.py index 028b21b0ae..5e1b5ef296 100644 --- a/frappe/email/smtp.py +++ b/frappe/email/smtp.py @@ -70,7 +70,7 @@ class SMTPServer: if not self.server: frappe.msgprint( _( - "Email Account not setup. Please create a new Email Account from Setup > Email > Email Account" + "Email Account not setup. Please create a new Email Account from Settings > Email Account" ), raise_exception=frappe.OutgoingEmailError, ) From aab37e0a6ca59727edf7c48ee9bc64d09677fcea Mon Sep 17 00:00:00 2001 From: Suraj Shetty <13928957+surajshetty3416@users.noreply.github.com> Date: Fri, 31 Mar 2023 13:31:18 +0530 Subject: [PATCH 05/24] fix: Check if reference_name is set --- frappe/core/doctype/communication/mixins.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/frappe/core/doctype/communication/mixins.py b/frappe/core/doctype/communication/mixins.py index 22b7e8a0fc..52ea93d829 100644 --- a/frappe/core/doctype/communication/mixins.py +++ b/frappe/core/doctype/communication/mixins.py @@ -217,7 +217,7 @@ class CommunicationEmailMixin: "reference_type": self.reference_doctype, } - if self.reference_doctype == "ToDo" and self.reference_name != None: + if self.reference_doctype and self.reference_name: return ToDo.get_owners(filters) else: return [] From c509983ca4d4450609e6960b858148635bf54950 Mon Sep 17 00:00:00 2001 From: Ankush Menat Date: Fri, 31 Mar 2023 13:37:55 +0530 Subject: [PATCH 06/24] build: bump redis version https://github.com/redis/redis-py/releases --- pyproject.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pyproject.toml b/pyproject.toml index 48903f3163..daa0748e5f 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -57,7 +57,7 @@ dependencies = [ "python-dateutil~=2.8.1", "pytz==2022.1", "rauth~=0.7.3", - "redis~=4.3.4", + "redis~=4.5.4", "hiredis~=2.0.0", "requests-oauthlib~=1.3.0", "requests~=2.27.1", From 7a92a604e0686e1679c6df3ecce7a9f38e0c1506 Mon Sep 17 00:00:00 2001 From: Suraj Shetty <13928957+surajshetty3416@users.noreply.github.com> Date: Fri, 31 Mar 2023 14:03:49 +0530 Subject: [PATCH 07/24] style: Fix formatting --- frappe/email/smtp.py | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/frappe/email/smtp.py b/frappe/email/smtp.py index 5e1b5ef296..3b22bc4ce4 100644 --- a/frappe/email/smtp.py +++ b/frappe/email/smtp.py @@ -69,9 +69,7 @@ class SMTPServer: if not self.server: frappe.msgprint( - _( - "Email Account not setup. Please create a new Email Account from Settings > Email Account" - ), + _("Email Account not setup. Please create a new Email Account from Settings > Email Account"), raise_exception=frappe.OutgoingEmailError, ) From 5ad9350b14ada372ed4a528d3988178218c87ebc Mon Sep 17 00:00:00 2001 From: Ankush Menat Date: Fri, 31 Mar 2023 14:37:51 +0530 Subject: [PATCH 08/24] fix: Handle JsBarcode exceptions (#20533) JsBarcode exceptions prevent entire page from loading. Instead of that catch error and show it in helpbox so user can correct the barcode if required. Steps to reproduce: 1. Add barcode field 2. Set barcode type in options 3. add invalid barcode and save (cherry picked from commit 57d40b2614068c13b4b14f42438b46b22c0f5533) --- frappe/public/js/frappe/form/controls/barcode.js | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/frappe/public/js/frappe/form/controls/barcode.js b/frappe/public/js/frappe/form/controls/barcode.js index c130ecc039..a819384773 100644 --- a/frappe/public/js/frappe/form/controls/barcode.js +++ b/frappe/public/js/frappe/form/controls/barcode.js @@ -27,6 +27,7 @@ frappe.ui.form.ControlBarcode = class ControlBarcode extends frappe.ui.form.Cont let svg = value; let barcode_value = ""; + this.set_empty_description(); if (value && value.startsWith(" Date: Fri, 31 Mar 2023 17:42:13 +0530 Subject: [PATCH 09/24] perf: Faster address query with explicit joins This querry is particularly problamatic when there are OR conditions due to shared docs. ```sql ANALYZE SELECT `tabAddress`.name, `tabAddress`.city, `tabAddress`.country FROM `tabAddress` join `tabDynamic Link` on (`tabDynamic Link`.parent = `tabAddress`.name AND `tabDynamic Link`.parenttype = 'Address') WHERE `tabDynamic Link`.link_doctype = 'Customer' AND `tabDynamic Link`.link_name = 'CUSTOMER NAME' AND coalesce(`tabAddress`.disabled, 0) = 0 AND (`tabAddress`.`country` like '%%' OR `tabAddress`.`state` like '%%' OR `tabAddress`.`name` like '%%' OR `tabAddress`.`name` like '%%') AND ((((coalesce(`tabAddress`.`branch`, '')='' OR `tabAddress`.`branch` in ('something'))))) OR (`tabAddress`.name in ('SOME SHARED DOC')) ORDER BY if(locate('', `tabAddress`.name), locate('', `tabAddress`.name), 99999), `tabAddress`.idx DESC, `tabAddress`.name LIMIT 0, 20; ``` **Before:** Never terminates and reads entire table with millions of lines :LOL: **After:** Reads ~100 rows max. ``` *************************** 1. row *************************** id: 1 select_type: SIMPLE table: tabDynamic Link type: index_merge possible_keys: parent,link_doctype_link_name_index,link_name key: link_name,link_doctype_link_name_index,parent key_len: 563,1126,563 ref: NULL rows: 40 r_rows: 79.00 filtered: 100.00 r_filtered: 100.00 Extra: Using union(intersect(link_name,link_doctype_link_name_index),parent); Using where; Using temporary; Using filesort *************************** 2. row *************************** id: 1 select_type: SIMPLE table: tabAddress type: eq_ref possible_keys: PRIMARY,selco_branch key: PRIMARY key_len: 562 ref: _900a733bdc3bb9ed.tabDynamic Link.parent rows: 1 r_rows: 1.00 filtered: 100.00 r_filtered: 100.00 Extra: Using where 2 rows in set (0.001 sec) ``` > Please provide enough information so that others can review your pull request: > Explain the **details** for making this change. What existing problem does the pull request solve? > Screenshots/GIFs --- frappe/contacts/doctype/address/address.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/frappe/contacts/doctype/address/address.py b/frappe/contacts/doctype/address/address.py index 5fe22eb7f2..77dee10615 100644 --- a/frappe/contacts/doctype/address/address.py +++ b/frappe/contacts/doctype/address/address.py @@ -254,10 +254,10 @@ def address_query(doctype, txt, searchfield, start, page_len, filters): """select `tabAddress`.name, `tabAddress`.city, `tabAddress`.country from - `tabAddress`, `tabDynamic Link` + `tabAddress` + join `tabDynamic Link` + on (`tabDynamic Link`.parent = `tabAddress`.name and `tabDynamic Link`.parenttype = 'Address') where - `tabDynamic Link`.parent = `tabAddress`.name and - `tabDynamic Link`.parenttype = 'Address' and `tabDynamic Link`.link_doctype = %(link_doctype)s and `tabDynamic Link`.link_name = %(link_name)s and ifnull(`tabAddress`.disabled, 0) = 0 and From fba3497ba0f2c549453d6cae3c6cc553494a7a22 Mon Sep 17 00:00:00 2001 From: Ankush Menat Date: Fri, 31 Mar 2023 19:04:11 +0530 Subject: [PATCH 10/24] test: address query --- .../contacts/doctype/address/test_address.py | 30 ++++++++++++++++++- 1 file changed, 29 insertions(+), 1 deletion(-) diff --git a/frappe/contacts/doctype/address/test_address.py b/frappe/contacts/doctype/address/test_address.py index 1d11c5efef..d30b0f9f78 100644 --- a/frappe/contacts/doctype/address/test_address.py +++ b/frappe/contacts/doctype/address/test_address.py @@ -1,7 +1,9 @@ # Copyright (c) 2015, Frappe Technologies and Contributors # License: MIT. See LICENSE +from functools import partial + import frappe -from frappe.contacts.doctype.address.address import get_address_display +from frappe.contacts.doctype.address.address import address_query, get_address_display from frappe.tests.utils import FrappeTestCase @@ -28,3 +30,29 @@ class TestAddress(FrappeTestCase): address = frappe.get_list("Address")[0].name display = get_address_display(frappe.get_doc("Address", address).as_dict()) self.assertTrue(display) + + def test_address_query(self): + def query(doctype="Address", txt="", searchfield="name", start=0, page_len=20, filters=None): + if filters is None: + filters = {"link_doctype": "User", "link_name": "Administrator"} + return address_query(doctype, txt, searchfield, start, page_len, filters) + + frappe.get_doc( + { + "address_type": "Billing", + "address_line1": "1", + "city": "Mumbai", + "state": "Maharashtra", + "country": "India", + "doctype": "Address", + "links": [ + { + "link_doctype": "User", + "link_name": "Administrator", + } + ], + } + ).insert() + + self.assertGreaterEqual(len(query(txt="admin")), 1) + self.assertEqual(len(query(txt="what_zyx")), 0) From ae3b3ebb174d4709f01f002014ebaa0930632aab Mon Sep 17 00:00:00 2001 From: Raffael Meyer <14891507+barredterra@users.noreply.github.com> Date: Sat, 1 Apr 2023 18:52:03 +0200 Subject: [PATCH 11/24] chore: remove excessive whitespace (#20544) to make the linter happy [skip ci] --- frappe/core/doctype/communication/mixins.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/frappe/core/doctype/communication/mixins.py b/frappe/core/doctype/communication/mixins.py index 52ea93d829..24b6a8fafb 100644 --- a/frappe/core/doctype/communication/mixins.py +++ b/frappe/core/doctype/communication/mixins.py @@ -216,7 +216,7 @@ class CommunicationEmailMixin: "reference_name": self.reference_name, "reference_type": self.reference_doctype, } - + if self.reference_doctype and self.reference_name: return ToDo.get_owners(filters) else: From b72ec114eeed6de1bc77cedc9b5cc540ae3dd769 Mon Sep 17 00:00:00 2001 From: Shariq Ansari Date: Sun, 2 Apr 2023 14:33:35 +0530 Subject: [PATCH 12/24] fix(UI): align link cards & charts on workspace --- frappe/public/scss/desk/desktop.scss | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/frappe/public/scss/desk/desktop.scss b/frappe/public/scss/desk/desktop.scss index 41eaa4777d..cef6e2e52a 100644 --- a/frappe/public/scss/desk/desktop.scss +++ b/frappe/public/scss/desk/desktop.scss @@ -208,7 +208,6 @@ body { // Overrides for each widgets &.dashboard-widget-box { min-height: 240px; - padding: var(--padding-md) var(--padding-lg); .filter-chart { background-color: var(--control-bg); @@ -238,13 +237,16 @@ body { } .widget-head { - padding: var(--padding-sm); display: flex; justify-content: space-between; flex-wrap: wrap; gap: 6px; } + .widget-body { + padding-top: 7px; + } + .widget-control { display: flex; align-items: center; @@ -560,7 +562,7 @@ body { } &.links-widget-box { - padding: 18px 12px; + padding: 12px 7px; .link-item { display: flex; From 10dcbc5ecf2aa22b128a71a52061eb3a1c3da5f7 Mon Sep 17 00:00:00 2001 From: Ankush Menat Date: Sun, 2 Apr 2023 15:10:29 +0530 Subject: [PATCH 13/24] fix: fix address query for postgres refer https://github.com/frappe/frappe/pull/20537#ref-pullrequest-1645575433 --- frappe/contacts/doctype/address/address.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/frappe/contacts/doctype/address/address.py b/frappe/contacts/doctype/address/address.py index 77dee10615..a1ecbdd4a5 100644 --- a/frappe/contacts/doctype/address/address.py +++ b/frappe/contacts/doctype/address/address.py @@ -266,7 +266,7 @@ def address_query(doctype, txt, searchfield, start, page_len, filters): order by if(locate(%(_txt)s, `tabAddress`.name), locate(%(_txt)s, `tabAddress`.name), 99999), `tabAddress`.idx desc, `tabAddress`.name - limit %(start)s, %(page_len)s """.format( + limit %(page_len)s offset %(start)s""".format( mcond=get_match_cond(doctype), search_condition=search_condition, condition=condition or "", From f206b1582e31108efdd90893270b57ab259aace5 Mon Sep 17 00:00:00 2001 From: Marica Date: Sun, 2 Apr 2023 15:14:40 +0530 Subject: [PATCH 14/24] test: Kanban Test fails to remove System Manager role (#20505) * fix: Kanban Test fails to remove System Manager role - As there's only one user with System Manager role, role removal is reverted - Add another user with this role, so that role removal on test user works * chore: Reuse `create_test_user` util * fix: user switching in kanban test --------- Co-authored-by: barredterra <14891507+barredterra@users.noreply.github.com> --- cypress/integration/kanban.js | 19 +++++++++++-------- frappe/tests/ui_test_helpers.py | 9 ++++++--- 2 files changed, 17 insertions(+), 11 deletions(-) diff --git a/cypress/integration/kanban.js b/cypress/integration/kanban.js index 04a72a9436..f14c991c7c 100644 --- a/cypress/integration/kanban.js +++ b/cypress/integration/kanban.js @@ -98,15 +98,17 @@ context("Kanban Board", () => { }); it("Checks if Kanban Board edits are blocked for non-System Manager and non-owner of the Board", () => { - // create admin kanban board - cy.call("frappe.tests.ui_test_helpers.create_todo", { description: "Frappe User ToDo" }); - cy.switch_to_user("Administrator"); - cy.call("frappe.tests.ui_test_helpers.create_admin_kanban"); - // remove sys manager - cy.remove_role("frappe@example.com", "System Manager"); - cy.switch_to_user("frappe@example.com"); + const noSystemManager = "nosysmanager@example.com"; + cy.call("frappe.tests.ui_test_helpers.create_test_user", { + username: noSystemManager, + }); + cy.remove_role(noSystemManager, "System Manager"); + cy.call("frappe.tests.ui_test_helpers.create_todo", { description: "Frappe User ToDo" }); + cy.call("frappe.tests.ui_test_helpers.create_admin_kanban"); + + cy.switch_to_user(noSystemManager); cy.visit("/app/todo/view/kanban/Admin Kanban"); @@ -122,7 +124,8 @@ context("Kanban Board", () => { // Column actions should be hidden (dropdown for 'Archive' and indicators) cy.get(".kanban .column-options").should("have.length", 0); - cy.add_role("frappe@example.com", "System Manager"); + cy.switch_to_user("Administrator"); + cy.call("frappe.client.delete", { doctype: "User", name: noSystemManager }); }); after(() => { diff --git a/frappe/tests/ui_test_helpers.py b/frappe/tests/ui_test_helpers.py index 2846b33eb9..4d3e3ec11f 100644 --- a/frappe/tests/ui_test_helpers.py +++ b/frappe/tests/ui_test_helpers.py @@ -426,12 +426,15 @@ def create_blog_post(): return doc -def create_test_user(): - if frappe.db.exists("User", UI_TEST_USER): +@whitelist_for_tests +def create_test_user(username=None): + name = username or UI_TEST_USER + + if frappe.db.exists("User", name): return user = frappe.new_doc("User") - user.email = UI_TEST_USER + user.email = name user.first_name = "Frappe" user.new_password = frappe.local.conf.admin_password user.send_welcome_email = 0 From 5fff6698ada2d313493f6e50d4c2acfc889c9e8e Mon Sep 17 00:00:00 2001 From: Ankush Menat Date: Sun, 2 Apr 2023 15:23:22 +0530 Subject: [PATCH 15/24] fix: use `develop` as branch name for new apps dont ask me why --- frappe/tests/test_boilerplate.py | 4 ++++ frappe/utils/boilerplate.py | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/frappe/tests/test_boilerplate.py b/frappe/tests/test_boilerplate.py index 999c74592e..0f58e84df4 100644 --- a/frappe/tests/test_boilerplate.py +++ b/frappe/tests/test_boilerplate.py @@ -8,6 +8,7 @@ import unittest from io import StringIO from unittest.mock import patch +import git import yaml import frappe @@ -134,6 +135,9 @@ class TestBoilerPlate(unittest.TestCase): self.check_parsable_python_files(new_app_dir) + app_repo = git.Repo(new_app_dir) + self.assertEqual(app_repo.active_branch.name, "develop") + def test_create_app_without_git_init(self): app_name = "test_app_no_git" diff --git a/frappe/utils/boilerplate.py b/frappe/utils/boilerplate.py index 1cd57f4695..2e8a5088ed 100644 --- a/frappe/utils/boilerplate.py +++ b/frappe/utils/boilerplate.py @@ -150,7 +150,7 @@ def _create_app_boilerplate(dest, hooks, no_git=False): f.write(frappe.as_unicode(gitignore_template.format(app_name=hooks.app_name))) # initialize git repository - app_repo = git.Repo.init(app_directory) + app_repo = git.Repo.init(app_directory, initial_branch="develop") app_repo.git.add(A=True) app_repo.index.commit("feat: Initialize App") From 3d626dd36488433e9dd5a72f0bcfa8b0da54c02c Mon Sep 17 00:00:00 2001 From: Wolfram Schmidt Date: Mon, 3 Apr 2023 07:53:12 +0200 Subject: [PATCH 16/24] chore: Update de.csv (#20546) alligned singular and plural. Has effect on DocType naming of DocType Notification! --- frappe/translations/de.csv | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/frappe/translations/de.csv b/frappe/translations/de.csv index c60fcbb41e..af8ac7bcb8 100644 --- a/frappe/translations/de.csv +++ b/frappe/translations/de.csv @@ -1720,11 +1720,11 @@ Note: Changing the Page Name will break previous URL to this page.,"Hinweis: Wen Note: Multiple sessions will be allowed in case of mobile device,Hinweis: Mehrere Sitzungen wird im Falle einer mobilen Gerät erlaubt sein, Nothing to show,Nichts anzuzeigen, Nothing to update,Nichts zu aktualisieren, -Notification,Mitteilung, +Notification,Benachrichtigung, Notification Recipient,Benachrichtigungsempfänger, Notification Tones,Benachrichtigungstöne, Notifications,Benachrichtigungen, -Notifications and bulk mails will be sent from this outgoing server.,Hinweise und Massen-E-Mails werden von diesem Postausgangsserver versendet., +Notifications and bulk mails will be sent from this outgoing server.,Benachrichtigungen und Massen-E-Mails werden von diesem Postausgangsserver versendet., Notify Users On Every Login,Benutzer bei jeder Anmeldung benachrichtigen, Notify if unreplied,"Benachrichtigen, wenn unbeantwortet", Notify if unreplied for (in mins),"Benachrichtigen, wenn unbeantwortet für (in Minuten)", From 492fdbeec44d1fa164eb750ba1cd804b2caa7a78 Mon Sep 17 00:00:00 2001 From: Wolfram Schmidt Date: Mon, 3 Apr 2023 07:53:34 +0200 Subject: [PATCH 17/24] chore: Update de.csv (#20545) added translations related to Navbar-Settings. Cleanup. --- frappe/translations/de.csv | 3 +++ 1 file changed, 3 insertions(+) diff --git a/frappe/translations/de.csv b/frappe/translations/de.csv index af8ac7bcb8..1ef1bf1a9b 100644 --- a/frappe/translations/de.csv +++ b/frappe/translations/de.csv @@ -1383,6 +1383,7 @@ Inverse,Invertieren, Is,Ist, Is Attachments Folder,Ist Ordner für Anhänge, Is Child Table,Ist Untertabelle, +Is Custom,Ist benutzerdefiniert, Is Custom Field,Ist benutzerdefiniertes Feld, Is First Startup,Ist Erstes Startup, Is Folder,Ist Ordner, @@ -1613,6 +1614,7 @@ Naming,Bezeichnung, Naming Rule, Benennungsregel, "Naming Options:\n
  1. field:[fieldname] - By Field
  2. naming_series: - By Naming Series (field called naming_series must be present
  3. Prompt - Prompt user for a name
  4. [series] - Series by prefix (separated by a dot); for example PRE.#####
    5. \n
  5. format:EXAMPLE-{MM}morewords{fieldname1}-{fieldname2}-{#####} - Replace all braced words (fieldnames, date words (DD, MM, YY), series) with their value. Outside braces, any characters can be used.
","Namensoptionen:
  1. Feld: [Feldname] - Nach Feld
  2. naming_series: - Nach der Namensreihe (das Feld naming_series muss vorhanden sein)
  3. Eingabeaufforderung - Benutzer nach einem Namen fragen
  4. [Serie] - Reihe nach Präfix (getrennt durch einen Punkt); zum Beispiel PRE. #####
  5. Format: BEISPIEL- {MM} morewords {Feldname1} - {Feldname2} - {#####} - Ersetzt alle verspannten Wörter (Feldnamen, Datumsworte (DD, MM, YY), Serien) durch ihren Wert. Außerhalb von Klammern können beliebige Zeichen verwendet werden.
", Naming Series mandatory,Nummernkreis zwingend erforderlich, +Navigation Settings,Navigationseinstellungen, Nested set error. Please contact the Administrator.,Schachtelfehler. Bitte den Administrator kontaktieren., New Activity,Neue Aktivität, New Chat,Neuer Chat, @@ -2323,6 +2325,7 @@ Show more details,Weiteres, Show only errors,Zeige nur Fehler, "Show title in browser window as ""Prefix - title""","Diesen Eintrag im Browser-Fenster als ""Präfix - Titel"" anzeigen", Showing only Numeric fields from Report,Nur numerische Felder aus Bericht anzeigen, +Sidebar,Seitenleiste, Sidebar Items,Elemente der Seitenleiste, Sidebar Settings,Sidebar-Einstellungen, Sidebar and Comments,Sidebar und Kommentare, From 62a1f234fe2945cb94ab3ae3d924b1166e434fa5 Mon Sep 17 00:00:00 2001 From: Wolfram Schmidt Date: Mon, 3 Apr 2023 07:53:49 +0200 Subject: [PATCH 18/24] chore: Update de.csv (#20547) added missing DocType translation. This used to be Naming Series (Nummernkreis) https://doku.phamos.eu/books/erpnext-benutzerhandbuch-v14/page/dokumentenbenennungseinstellungen-document-naming-settings --- frappe/translations/de.csv | 1 + 1 file changed, 1 insertion(+) diff --git a/frappe/translations/de.csv b/frappe/translations/de.csv index 1ef1bf1a9b..6ef7faa337 100644 --- a/frappe/translations/de.csv +++ b/frappe/translations/de.csv @@ -64,6 +64,7 @@ Delivery Status,Lieferstatus, Department,Abteilung, Details,Details, Document Name,Dokumentenname, +Document Naming Settings,Dokumentenbenennungseinstellungen, Document Status,Dokumentenstatus, Document Type,Dokumententyp, Domain,Domäne, From 75973fd22a6935e862afd48cb23bbec7ebacf199 Mon Sep 17 00:00:00 2001 From: Wolfram Schmidt Date: Mon, 3 Apr 2023 07:53:59 +0200 Subject: [PATCH 19/24] chore: Update de.csv (#20548) translations for new feature to crop images on upload. Crop (cutting) is in conflict with crop (Agricultural) but as this module is not part of ERPNext-Standard installation. This should not matter for now. --- frappe/translations/de.csv | 1 + 1 file changed, 1 insertion(+) diff --git a/frappe/translations/de.csv b/frappe/translations/de.csv index 6ef7faa337..2dd903ee93 100644 --- a/frappe/translations/de.csv +++ b/frappe/translations/de.csv @@ -52,6 +52,7 @@ Content,Inhalt, Content Type,Inhaltstyp, Create,Erstellen, Created By,Erstellt von, +Crop,Zuschneiden, Current,Laufend, Custom HTML,Benutzerdefiniertes HTML, Custom?,Benutzerdefiniert?, From a1aaed0a5f23b8a52e0f075ca953e4102679102e Mon Sep 17 00:00:00 2001 From: Sabu Siyad Date: Mon, 3 Apr 2023 11:26:49 +0530 Subject: [PATCH 20/24] feat(util): `get_table_name`: wrap in backticks (#20553) --- frappe/utils/__init__.py | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/frappe/utils/__init__.py b/frappe/utils/__init__.py index 5d1aed259a..ef32ff5653 100644 --- a/frappe/utils/__init__.py +++ b/frappe/utils/__init__.py @@ -1031,8 +1031,13 @@ def groupby_metric(iterable: dict[str, list], key: str): return records -def get_table_name(table_name: str) -> str: - return f"tab{table_name}" if not table_name.startswith("__") else table_name +def get_table_name(table_name: str, wrap_in_backticks: bool = False) -> str: + name = f"tab{table_name}" if not table_name.startswith("__") else table_name + + if wrap_in_backticks: + return f"`{name}`" + + return name def squashify(what): From fa32b610d661bae0ca935cf3a4f7c3f5c3ecac66 Mon Sep 17 00:00:00 2001 From: Ankush Menat Date: Mon, 3 Apr 2023 14:47:45 +0530 Subject: [PATCH 21/24] fix: rewrite query for postgres (#20557) --- frappe/contacts/doctype/address/address.py | 6 +++++- frappe/contacts/doctype/address/test_address.py | 2 +- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/frappe/contacts/doctype/address/address.py b/frappe/contacts/doctype/address/address.py index a1ecbdd4a5..965425019c 100644 --- a/frappe/contacts/doctype/address/address.py +++ b/frappe/contacts/doctype/address/address.py @@ -264,7 +264,11 @@ def address_query(doctype, txt, searchfield, start, page_len, filters): ({search_condition}) {mcond} {condition} order by - if(locate(%(_txt)s, `tabAddress`.name), locate(%(_txt)s, `tabAddress`.name), 99999), + case + when locate(%(_txt)s, `tabAddress`.name) != 0 + then locate(%(_txt)s, `tabAddress`.name) + else 99999 + end, `tabAddress`.idx desc, `tabAddress`.name limit %(page_len)s offset %(start)s""".format( mcond=get_match_cond(doctype), diff --git a/frappe/contacts/doctype/address/test_address.py b/frappe/contacts/doctype/address/test_address.py index d30b0f9f78..ecb95f9e0c 100644 --- a/frappe/contacts/doctype/address/test_address.py +++ b/frappe/contacts/doctype/address/test_address.py @@ -54,5 +54,5 @@ class TestAddress(FrappeTestCase): } ).insert() - self.assertGreaterEqual(len(query(txt="admin")), 1) + self.assertGreaterEqual(len(query(txt="Admin")), 1) self.assertEqual(len(query(txt="what_zyx")), 0) From 06580bdbff9a8f86709e52c82afe0cb9da2dc1d4 Mon Sep 17 00:00:00 2001 From: Daizy Modi Date: Mon, 3 Apr 2023 15:02:05 +0530 Subject: [PATCH 22/24] fix: allow `reset_otp_secret` only if Two Factor Auth is enabled (#20506) * fix: display `Reset OTP Secret` button only if Two factor Auth is enabled * fix: added validations and fetched value from cached doc * fix: linter changes --- frappe/core/doctype/user/user.js | 5 ++++- frappe/twofactor.py | 18 +++++++++++++----- 2 files changed, 17 insertions(+), 6 deletions(-) diff --git a/frappe/core/doctype/user/user.js b/frappe/core/doctype/user/user.js index 413dd07dc4..918a9ee37c 100644 --- a/frappe/core/doctype/user/user.js +++ b/frappe/core/doctype/user/user.js @@ -219,7 +219,10 @@ frappe.ui.form.on("User", { }); } - if (frappe.session.user == doc.name || frappe.user.has_role("System Manager")) { + if ( + cint(frappe.boot.sysdefaults.enable_two_factor_auth) && + (frappe.session.user == doc.name || frappe.user.has_role("System Manager")) + ) { frm.add_custom_button( __("Reset OTP Secret"), function () { diff --git a/frappe/twofactor.py b/frappe/twofactor.py index 8ad02f0b5a..c4292b0533 100644 --- a/frappe/twofactor.py +++ b/frappe/twofactor.py @@ -450,12 +450,20 @@ def disable(): @frappe.whitelist() -def reset_otp_secret(user): +def reset_otp_secret(user: str): if frappe.session.user != user: frappe.only_for("System Manager", message=True) - otp_issuer = frappe.db.get_single_value("System Settings", "otp_issuer_name") - user_email = frappe.db.get_value("User", user, "email") + settings = frappe.get_cached_doc("System Settings") + + if not settings.enable_two_factor_auth: + frappe.throw( + _("You have to enable Two Factor Auth from System Settings."), + title=_("Enable Two Factor Auth"), + ) + + otp_issuer = settings.otp_issuer_name or "Frappe Framework" + user_email = frappe.get_cached_value("User", user, "email") clear_default(user + "_otplogin") clear_default(user + "_otpsecret") @@ -463,10 +471,10 @@ def reset_otp_secret(user): email_args = { "recipients": user_email, "sender": None, - "subject": _("OTP Secret Reset - {0}").format(otp_issuer or "Frappe Framework"), + "subject": _("OTP Secret Reset - {0}").format(otp_issuer), "message": _( "

Your OTP secret on {0} has been reset. If you did not perform this reset and did not request it, please contact your System Administrator immediately.

" - ).format(otp_issuer or "Frappe Framework"), + ).format(otp_issuer), "delayed": False, "retry": 3, } From d2bde19b5c967b3980ce5175eb74e70e9e74eac4 Mon Sep 17 00:00:00 2001 From: Daizy Modi Date: Mon, 3 Apr 2023 15:03:37 +0530 Subject: [PATCH 23/24] fix: removed unnecessary usage of `@frappe.whitelist` (#20503) --- frappe/core/doctype/server_script/server_script.py | 1 - 1 file changed, 1 deletion(-) diff --git a/frappe/core/doctype/server_script/server_script.py b/frappe/core/doctype/server_script/server_script.py index dc502e4683..17cddee1e8 100644 --- a/frappe/core/doctype/server_script/server_script.py +++ b/frappe/core/doctype/server_script/server_script.py @@ -169,7 +169,6 @@ class ServerScript(Document): return items -@frappe.whitelist() def setup_scheduler_events(script_name, frequency): """Creates or Updates Scheduled Job Type documents based on the specified script name and frequency From 3db1c1aea00cbc79559a73c5cc9638f99ea07cc8 Mon Sep 17 00:00:00 2001 From: Daizy Modi Date: Mon, 3 Apr 2023 15:04:46 +0530 Subject: [PATCH 24/24] fix: allowed only POST and PUT methods in `rename_doc` (#20504) --- frappe/__init__.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/frappe/__init__.py b/frappe/__init__.py index 332224f989..9d7befe2d1 100644 --- a/frappe/__init__.py +++ b/frappe/__init__.py @@ -1274,7 +1274,7 @@ def reload_doc( return frappe.modules.reload_doc(module, dt, dn, force=force, reset_permissions=reset_permissions) -@whitelist() +@whitelist(methods=["POST", "PUT"]) def rename_doc( doctype: str, old: str,