vassili/seitime-frappe
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
55527 commits 1 branch 0 tags 587 MiB
Commit graph

1145 commits

Author SHA1 Message Date
Sagar Vora
768a141814 refactor: simplify string literal handling in SQLFunctionParser 
- Inline string literal check and extraction (was _is_string_literal + _validate_string_literal)
- Remove dangerous_patterns validation - pypika handles escaping with wrap_constant
 2025-12-02 00:48:28 +05:30
Sagar Vora
a14b11749b refactor: remove unnecessary sql_keywords validation in _validate_alias 
pypika wraps aliases in backticks, so SQL keywords are safe to use as aliases
 2025-12-02 00:40:23 +05:30
Sagar Vora
3dcd80326b perf: replace sqlparse-based _is_function_call with regex 
- Remove sqlparse import (no longer used anywhere in query.py)
- Add FUNCTION_CALL_PATTERN regex for detecting SQL function calls
- Simplify _is_function_call from 6-line sqlparse parsing to 1-line regex match
 2025-12-02 00:38:13 +05:30
Sagar Vora
1e05d6c326 perf: pre-compile regex patterns for field and alias validation 
Added SIMPLE_FIELD_PATTERN and IDENTIFIER_PATTERN at module level
to avoid repeated regex compilation in hot paths like filter validation
and alias checking.
 2025-12-02 00:27:11 +05:30
Sagar Vora
b5bae10dc8 perf: remove unnecessary sqlparse.format and comment stripping in _sanitize_field 
ALLOWED_FIELD_PATTERN already restricts fields to simple identifiers
that cannot contain SQL comments, making the sqlparse.format(strip_comments=True)
and MARIADB_SPECIFIC_COMMENT.sub() calls unnecessary overhead.

Merged _sanitize_field into _validate_select_field.
 2025-12-02 00:23:25 +05:30
Sagar Vora
bcac30836b refactor: remove redundant share check in check_read_permission 
has_permission() already checks for shared documents internally when
role permissions do not grant access, so the separate frappe.share.get_shared()
call was dead code.
 2025-12-02 00:19:44 +05:30
Sagar Vora
5297edc732 refactor: use FIELD_PARSE_REGEX instead of sqlparse for _parse_backtick_field_notation 2025-12-02 00:14:58 +05:30
Sagar Vora
04932e20a0 fix: tighten FIELD_PARSE_REGEX to only allow backticks (not double quotes) 2025-12-01 23:59:45 +05:30
Sagar Vora
72b1fe299d fix: tighten ALLOWED_FIELD_PATTERN to disallow hyphens/spaces in field names 2025-12-01 23:58:53 +05:30
Sagar Vora
e7c8091507 fix: use Field instead of Column for field-to-field filter comparison detection 2025-12-01 23:45:56 +05:30
Sagar Vora
3f2fbd7d4e fix: use Star() instead of Column("*") for correct COUNT(*) SQL 2025-12-01 23:44:41 +05:30
Sagar Vora
730f35ab70 refactor: remove unused Permission class 2025-12-01 23:42:37 +05:30
Sagar Vora
dca4b36684 chore: remove debug print statement in DynamicTableField.parse 2025-12-01 23:41:53 +05:30
Sagar Vora
732137b9bc fix: simplify permission conditions logic 2025-12-01 23:35:57 +05:30
Sagar Vora
d48b0d1632 fix(search)!: validate ignore_user_permissions in link search 2025-12-01 19:03:55 +05:30
Hussain Nagaria
c2a6b91078
Merge pull request #34678 from frappe/perf/comm 2025-11-28 13:38:59 +05:30
Akhil Narang
9e380bc33c
fix(query): don't create 2 error logs for the same thing (#34925) 
Signed-off-by: Akhil Narang <me@akhilnarang.dev>
 2025-11-28 12:39:31 +05:30
Hussain Nagaria
de7d1abcf4 refactor: move drop index util to db utils file 2025-11-28 12:09:13 +05:30
Akhil Narang
1bcdec6283
fix(query): check standard field definitions (#34828) 
Signed-off-by: Akhil Narang <me@akhilnarang.dev>
 2025-11-26 18:14:03 +05:30
Akhil Narang
b640faa80b
fix: allow selecting optional fields (#34901) 
Simplification/follow up to 9455721c77

Resolves #34861

Signed-off-by: Akhil Narang <me@akhilnarang.dev>
 2025-11-26 17:31:17 +05:30
Corentin Forler
afa0cedfca
fix(query): Add set to valid types for the fields parameter (#34866) 2025-11-25 05:56:45 +00:00
Akhil Narang
bd044e520c
fix(query): don't allow using Document as a filter value (#34823) 
Signed-off-by: Akhil Narang <me@akhilnarang.dev>
 2025-11-24 11:13:43 +05:30
Aarol D'Souza
5fecde5a6a
test(postgres): enable test_unique_index_on_alter for postgres (#34719) 
* test(postgres): enable test_unique_index_on_alter for postgres

* perf(postgres): Prevent redundant unique index creation on new columns
 2025-11-24 11:05:20 +05:30
Akhil Narang
ea03bd020e
Merge pull request #34800 from akhilnarang/skip-null-fields 
fix(qb): skip null fields
 2025-11-20 18:48:23 +05:30
Akhil Narang
28a00251b1
fix(qb): skip null fields 
Signed-off-by: Akhil Narang <me@akhilnarang.dev>
 2025-11-20 18:39:28 +05:30
Akhil Narang
ba192648f3
fix(qb): track field aliases 
Signed-off-by: Akhil Narang <me@akhilnarang.dev>
 2025-11-20 18:05:33 +05:30
Akhil Narang
0f3fc00f00
fix: handle converting datetime -> date for fieldtype date 
Signed-off-by: Akhil Narang <me@akhilnarang.dev>
 2025-11-19 21:15:58 +05:30
Akhil Narang
15588de6cd
fix(query): ensure backwards compatibility for sorting, filtering 
If `db_query_compat=True` (set by `qb_query.py`), then we default to some `db_query.py` behaviour.
Otherwise, we'll retail the previous query builder behaviour, this is to minimize breakage on either side.

Signed-off-by: Akhil Narang <me@akhilnarang.dev>
 2025-11-19 21:15:58 +05:30
Akhil Narang
2c15bb4a5b
fix(query): extend regex for allow backticked aliases 
For example:

```
`tabSerial and Batch Entry`.`name` as `child_row`
```

Signed-off-by: Akhil Narang <me@akhilnarang.dev>
 2025-11-19 21:15:58 +05:30
Akhil Narang
bd84d7a66a
fix: match db_query behaviour for certain cases like 
`filters.append(["reports_to", "=", ""])`

Earlier this generated:
```
( `tabEmployee`.`reports_to` is NULL OR `tabEmployee`.`reports_to` = '' )
```

Without this change, with qb it was

```
`reports_to`=''
```

Signed-off-by: Akhil Narang <me@akhilnarang.dev>
 2025-11-19 21:15:58 +05:30
Akhil Narang
952b0d4500
chore: test 
Signed-off-by: Akhil Narang <me@akhilnarang.dev>
 2025-11-19 21:15:58 +05:30
Akhil Narang
9455721c77
fix: skip group by permission check for certain columns 
Signed-off-by: Akhil Narang <me@akhilnarang.dev>
 2025-11-19 21:15:58 +05:30
Akhil Narang
978edeaa1d
feat: add in some functions 
Signed-off-by: Akhil Narang <me@akhilnarang.dev>
 2025-11-19 21:15:58 +05:30
Akhil Narang
0bb1b4477c
fix(query): case insensitive check 
Signed-off-by: Akhil Narang <me@akhilnarang.dev>
 2025-11-19 21:15:58 +05:30
Akhil Narang
07e8c987cb
fix(check_field_permissions): allow if no permissions defined 
Signed-off-by: Akhil Narang <me@akhilnarang.dev>
 2025-11-19 21:15:58 +05:30
Akhil Narang
1ba9c14cd5
fix: check for shared documents 
Signed-off-by: Akhil Narang <me@akhilnarang.dev>
 2025-11-19 21:15:58 +05:30
Akhil Narang
943df998d6
feat: support certain backticked expressions 
Signed-off-by: Akhil Narang <me@akhilnarang.dev>
 2025-11-19 21:15:58 +05:30
Akhil Narang
7ad6f7e2c6
refactor: ensure no meta recursion 
Signed-off-by: Akhil Narang <me@akhilnarang.dev>
 2025-11-19 21:15:58 +05:30
Akhil Narang
a5e44c4c6e
fix(query): check whether filter fields belong to child tables if not part of parent 
Signed-off-by: Akhil Narang <me@akhilnarang.dev>
 2025-11-19 21:15:58 +05:30
Akhil Narang
ea926b0f31
fix(search): adjust query formation to align with new restrictions 
Signed-off-by: Akhil Narang <me@akhilnarang.dev>
 2025-11-19 21:15:58 +05:30
Akhil Narang
ddcda11d67
fix: function detection 
Signed-off-by: Akhil Narang <me@akhilnarang.dev>
 2025-11-19 21:15:57 +05:30
Akhil Narang
b407fe8093
fix: allow function aliases 
Signed-off-by: Akhil Narang <me@akhilnarang.dev>
 2025-11-19 21:15:57 +05:30
Akhil Narang
3040ab7eb2
feat(query): add in IFNULL logic from db_query 
Use `IFNULL(var, "") == ""` instead of `isnull()`

Signed-off-by: Akhil Narang <me@akhilnarang.dev>
 2025-11-19 21:15:57 +05:30
Akhil Narang
bd48f5df65
fix(convert_to_value): convert dict_keys and dict_values to a tuple as well 
Signed-off-by: Akhil Narang <me@akhilnarang.dev>
 2025-11-19 21:15:57 +05:30
Akhil Narang
e420e7646f
fix(query): match db_query, add parentheses around condition 
Signed-off-by: Akhil Narang <me@akhilnarang.dev>
 2025-11-19 21:15:57 +05:30
Akhil Narang
b4cf69732b
fix(query): allow numeric strings 
For things like `COUNT(1)`

Signed-off-by: Akhil Narang <me@akhilnarang.dev>
 2025-11-19 21:15:57 +05:30
Akhil Narang
e15ec47ba1
fix(query): allow passing as in any case 
Signed-off-by: Akhil Narang <me@akhilnarang.dev>
 2025-11-19 21:15:57 +05:30
Akhil Narang
8e03924356
fix(query): allow AggregateFunction as well in apply_field_permissions 
Without this `fields=[{"COUNT": "name"}]` didn't work, although fields=[{"COUNT": "NAME"}] did.

Signed-off-by: Akhil Narang <me@akhilnarang.dev>
 2025-11-19 21:15:57 +05:30
Akhil Narang
7183caf871
fix(query_builder): default sorting based on doctype meta 
Signed-off-by: Akhil Narang <me@akhilnarang.dev>
 2025-11-19 21:15:57 +05:30
Akhil Narang
90ed0502fa
refactor: support new function style 
- Migrate all SQL function usage from string format to dict format
- Old: fields=['count(*) as count']
- New: fields=[{'COUNT': '*', 'as': 'count'}]
- Add `NULLIF`

Signed-off-by: Akhil Narang <me@akhilnarang.dev>
 2025-11-19 21:15:57 +05:30