* fix(workspace): show role-restricted non-public workspaces in sidebar
Non-public workspaces with assigned roles were not visible to users
with matching roles because the visibility logic only had two buckets:
public workspaces and private (for_user) workspaces. Role-restricted
non-public workspaces without a for_user value fell through both
conditions and were never shown.
Fixes#36201
* fix(workspace): use existing module in test to fix CI failure
The test was using "Test Module" via create_workspace() helper, but
get_module_app() could not resolve it in CI's fresh environment since
the module-app mapping cache did not include it. Use "Desk" module
which always exists.
* fix(workspace): use db.delete in test cleanup to bypass on_trash hook
The on_trash hook calls delete_from_my_workspaces() which tries to
fetch "Workspace Sidebar" doc that does not exist in CI. Using
frappe.db.delete bypasses document hooks and avoids the error.
* feat: Enhance autoname functionality to support expression naming rules with and without dots before dashes
* style: Fix formatting issues
---------
Co-authored-by: Suraj Shetty <surajshetty3416@gmail.com>
can_submit() only checked docstatus, permissions, and workflow
but never verified the doctype is actually submittable. Since all
documents start at docstatus 0, this caused a Submit button to
appear on any non-submittable doctype where the user has submit
permission (e.g. System Manager).
* Revert "fix(file-upload): add support for blocking unsupported file types in file uploader (#36736)"
This reverts commit fe5072fa23.
* fix: Limit allowed MIME types for image fields
original and simpler version of #36736 that I overengineered.
* feat: add support for blocking unsupported file types in file uploader
* chore: pre-commit fix formatting
* fix: restrict image type in file upload and show better errors
* chore: allow all image types by default
Simplified allowed file types for image uploads to 'image/*'.
* chore: allow all image types by default
---------
Co-authored-by: Ankush Menat <ankush@frappe.io>
* fix(system console): allow read-only queries in system console
* fix(security): make transactions strictly read only for console and scripts
* test: remove test to reflect ban on cte's for security
* fix: Only enable read only mode for SQL query
---------
Co-authored-by: Ankush Menat <ankush@frappe.io>
`frappe.mock()` uses it. Although that's used only in tests, its defined under frappe namespace, so should be accessible without development dependencies.
Signed-off-by: Akhil Narang <me@akhilnarang.dev>
