vassili/seitime-frappe
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 4
40366 commits 1 branch 0 tags 587 MiB
Commit graph

110 commits

Author SHA1 Message Date
Sagar Vora
0c220169da chore: reorder pylint disable 2022-12-07 13:50:59 +05:30
Sagar Vora
7d47d10692 fix: override RestrictedPython transformer to allow _dict, revert frappe.as_dict 2022-12-07 13:45:28 +05:30
Sagar Vora
f2e1dbe7eb fix: restore _dict, used in Jinja code 2022-12-07 13:13:27 +05:30
HarryPaulo
f25358ad63
fix: "_dict" is an invalid attribute name because it starts with "_" (#19010) 
* fix: "_dict" is an invalid attribute name because it starts with "_"

* chore: move to frappe namespace
 2022-11-29 11:43:23 +05:30
Ankush Menat
668a730788 fix: avoid patching QB if already patched 2022-11-11 16:38:05 +05:30
Ankush Menat
44a5bdc3f1
fix: ignore internal methods (#18784) 2022-11-06 19:18:30 +05:30
Ankush Menat
e02b90cd5b
fix: dont allow reading attributes of unsafe objects (#18706) 2022-11-06 17:33:02 +05:30
Athul Cyriac Ajay
31a37ed671
chore: Add make_put_requests method for Server Scripts (#18128) 2022-09-14 15:54:15 +05:30
barredterra
d0b753a25d refactor: move lang into frappe namespace 2022-09-01 17:12:58 +02:00
barredterra
836fd6ef78 feat: add lang to safe globals 2022-09-01 16:53:20 +02:00
phot0n
cd2664bf99 chore: remove get_payment_gateway_controller safe global 2022-07-26 23:18:23 +05:30
Ankush Menat
a98e47150f feat(tiny): frappe.log -> frappe.log for server scripts 
This it already whitelisted but in global scope.

[skip ci]
 2022-07-18 16:27:28 +05:30
Suraj Shetty
d4166dbe20 refactor: Replace html2text with markdownify 2022-07-06 08:23:14 +05:30
Ankush Menat
81b37cb7d2
refactor: clean up code to py310 supported features (#17367) 
refactor: clean up code to py39+ supported syntax

- f-strings instead of format
- latest typing support instead of pre 3.9 TitleCase
- remove UTF-8 declarations.
- many more changes

Powered by https://github.com/asottile/pyupgrade/ + manual cleanups
 2022-07-01 11:51:05 +05:30
Abhishek M
378149375d
fix: Passing dev server variable to jenv globals correctly (#16843) 
Encountered the same issue during a fresh setup: https://discuss.erpnext.com/t/v13-fresh-install-develop-socket-io-using-wrong-port/74562

The problem originates from the `socketio_client.js` file.  During development, the `socket.io` client by default sends request to port 8000 but ideally it should've been 9000 (that's where it's actually running) since the latter is defined in `frappe.boot.socketio_port`. This is happening because the `jenv` variable `dev_server` is always being returned as 0.

In [this](0f7d8e7903/frappe/__init__.py (L237)) line, we are seting `frappe.local.dev_server` but in safe exec we are using `frappe._dev_server` as the source to populate the variable `dev_server` which eventually gets pushed to the `app.html` via `jinja`. (`frappe._dev_server` evaluates to `None`)

In `socketio_client`, we are using [this](0f7d8e7903/frappe/public/js/frappe/socketio_client.js (L112)) variable as a flag to decide whether or not `frappe.boot.socketio_port` should be the port that the `socket.io` client connects to.
 2022-05-18 09:19:24 +00:00
Saurabh
e2d3d1d0be
feat: provision to handle payment authorization event in server script for custom documents (#16712) 
Currently, there is no provision to handle payment authorization events via server script. So it's not possible if a user wants to link payments against custom documents. 

Thus adding a provision in server script 
- Setup checkout for custom doc 
<img width="1299" alt="Screenshot 2022-03-11 at 2 44 19 PM" src="https://user-images.githubusercontent.com/3784093/157838010-989f6009-83d6-4329-92a6-bb2b6b38438b.png">

- Handle payment callback
<img width="1051" alt="Screenshot 2022-04-22 at 11 28 19 AM" src="https://user-images.githubusercontent.com/3784093/164612613-d321edb3-c7f8-4063-b809-8ae5fe46ee66.png">

## Documentation
https://frappeframework.com/docs/v13/user/en/desk/scripting/server-script/edit?wiki_page_patch=bbed0fcd9a
 2022-04-26 10:02:30 +00:00
Gavin D'souza
ab1f893e41 feat: Add get_mapped_doc in safe_exec under frappe 2022-04-21 16:52:06 +05:30
Gavin D'souza
9823e51512 feat(safe_exec): Allow new_doc, get_last_doc, rename_doc, delte_doc 
* rename_doc points to the unwhitelisted method which supports
  ignore_permissions check
* Allowed other safe utils for better DX
 2022-04-21 16:00:24 +05:30
Deepesh Garg
2af2b80ba6
feat: Expose add index in exec_globals (#16605) 
* feat: Expose add index in exec_globals

* fix: Linting issues
 2022-04-14 18:59:39 +05:30
Suraj Shetty
c0c5b2ebdd
style: format all python files using black (#16453) 
Co-authored-by: Frappe Bot <developers@frappe.io>
 2022-04-12 10:59:25 +05:30
Ankush Menat
b029b255fe refactor: code duplication for sql whitelisting 2022-03-24 17:49:28 +05:30
Sagar Vora
4c403333c4 fix: remove unused flag in_setup_help 2022-02-16 16:02:37 +05:30
Sagar Vora
01f4ba2061 feat: frappe.enqueue and frappe.call for server scripts 2021-12-22 13:21:13 +05:30
Faris Ansari
c6f9920795 fix: removing map filter 
these can potentially lead to security issues, avoiding for now
 2021-12-16 20:31:50 +05:30
Faris Ansari
0bc3ff794b fix: remove attr helpers and type 
these can potentially lead to security issues, avoiding for now
 2021-12-16 16:21:05 +05:30
Faris Ansari
7c8659388d fix(server-script): add common python builtins 2021-12-16 12:19:08 +05:30
Aradhya
69108c4c86 Merge branch 'develop' of github.com:Aradhya-Tripathi/frappe into at/aggregations 2021-11-27 17:52:30 +05:30
Faris Ansari
7e35dc4913 fix: add frappe.as_json for safe_exec scripts 2021-11-26 16:30:34 +05:30
Aradhya
47367fc107 Merge branch 'at/aggregations' of github.com:Aradhya-Tripathi/frappe into at/aggregation 2021-11-24 19:01:29 +05:30
Aditya Hase
43a722d3bb
fix(minor): Don't allow frappe.cache() methods in server scripts (#14609) 2021-10-28 15:54:32 +05:30
Aditya Hase
787364b166
fix(minor): Don't allow changes to global hooks from server scripts 2021-10-28 14:40:16 +05:30
Rohit Waghchaure
5ef72dd290 feat: pdf to base64 convert 2021-10-28 12:41:27 +05:30
Aradhya-Tripathi
18e2ab7e08 refactor: moved aggregation functions from safe_exec 2021-10-14 16:54:44 +05:30
Aradhya-Tripathi
fe7b45c068 fix: fixing safeqb in server scripts 2021-10-11 14:01:17 +05:30
Gavin D'souza
4e7be5b3ec Merge branch 'develop' of github.com:frappe/frappe into at/safeqb 2021-10-11 12:45:03 +05:30
Gavin D'souza
cfa2d65394 refactor(safe_exec): Manage in-safe frappe.db.sql 
* Check if flag in_safe_exec to check if SELECT query in frappe.db.sql
* Get rid of read_sql...refactor logic
* Enable frappe.qb just like that ;)
* Add support fro *args in .run
 2021-10-11 12:28:36 +05:30
Deepesh Garg
1127d3d184 fix: Restrict commit and rollback for doc events 2021-10-10 17:41:26 +05:30
Deepesh Garg
4f74f9e4e1 fix: Add rollback to safe_exec 2021-10-08 15:52:44 +05:30
Deepesh Garg
34882227fb Merge branch 'develop' of https://github.com/frappe/frappe into server_script_enhancements 2021-10-08 15:11:27 +05:30
Sun Howwrongbum
1d9000fd85
feat: expose frappe.db.exists to Server Script 2021-10-06 14:21:03 +05:30
Aradhya-Tripathi
2a241bd2dc style: formatted code 2021-10-05 18:23:46 +05:30
Aradhya-Tripathi
6c706ec000 fix: fixed multitenancy in safeqb 2021-10-05 18:13:32 +05:30
Aradhya-Tripathi
9c00a28869 feat: Added safe_qb for server scripts 2021-10-05 12:39:22 +05:30
Deepesh Garg
39ac03cf93 Merge branch 'develop' of https://github.com/frappe/frappe into server_script_enhancements 2021-10-04 11:00:11 +05:30
Deepesh Garg
4ebdabda48 fix: Encapsulate cache methods 2021-10-04 10:59:47 +05:30
Aradhya-Tripathi
dadd7abad2 Merge branch 'develop' of https://github.com/Aradhya-Tripathi/frappe into at-refactor 2021-10-03 01:21:15 +05:30
Rohit Waghchaure
5bd9be2437 feat: frappe.errprint in the server script for debugging 2021-10-01 15:35:28 +05:30
Deepesh Garg
dffd78d3fc fix: Validate server script for doc events 2021-09-27 12:02:31 +05:30
Aradhya-Tripathi
cbe068c7ff feat: added aggregation in safe_exec 2021-09-20 23:00:52 +05:30
Aradhya-Tripathi
73eb7806a8 refactor: removed aggregation from database.py 
refactor: moved aggregate to frappe.query
 2021-09-20 22:47:06 +05:30