Users with only 'select' permission can now filter, order by, and
group by all permlevel 0 fields, not just search fields.
- Added _get_filterable_fields() returning all permlevel 0 fields
for select permission users
- Split permission checking into check_select_field_permission()
and check_filter_field_permission()
- select field validation uses check_select_field_permission
- Filter/order/group by validation uses check_filter_field_permission
* fix(schema): drop unique constraint and indexes for deleted doctype fields
* refactor(schema): rename a variable and remove commented code
* test: add test case for dropping unique constraint on field deletion from doctype
* fix(tests): prevent list mutation during iteration
* test(db): guard MariaDB-specific unique index test with db_type_is.MARIADB
* fix(schema): drop unique constraints and indexes for deleted fields on postgres
* fix(schema): make postgres unique cleanup idempotent for deleted fields
* fix(schema): make postgres unique cleanup idempotent on reload
* test: add test case for dropping unique constraint and index on field deletion for postgres
* fix(schema): make postgres unique cleanup idempotent
Added logic to return appropriate criteria for empty lists in IN and NOT IN operators. An empty list with IN now returns 0 results (1=0), while NOT IN returns all results (1=1). Updated tests to verify this behavior.
Without proper grouping, OR conditions from shared docs could bypass WHERE filters:
WHERE filter=X AND perm_cond OR shared_cond -- shared_cond ignores filter!
With proper grouping:
WHERE filter=X AND (perm_cond OR shared_cond) -- correct behavior
* fix(query): check standard field definitions
Signed-off-by: Akhil Narang <me@akhilnarang.dev>
* fix(postgres): fix order_by problem in pg
* fix(postgres): fix order_by in get_all for _test_connection_query
* fix: add check to a proper numeric fallback in _get_ifnull_fallback
* test(postgres): fix pg query used in assertion in test_permission_query
* fix(postgres): fix order_by in get_all for possible_link
* fix(postgres): fix order_by in get_all for set_modules
* fix(postgres): fix pg query count *
* fix(postgres): fix order_by in get_all for ask_pass_update
* fix(postgres): fix order_by statement in search_widget
* fix(postgres): fix order_by in get_list for get_stats
* test(postgres): normalize_sql for pg queries in test_arithmetic_operators_in_fields
* test(postgres): normalize_sql for pg queries in test_field_alias_in_group_by
* test(postgres): normalize_sql for pg queries in test_field_alias_permission_check
* test(postgres): fix order_by statement in get_all for test_db_keywords_as_fields
* test(postgres): fix order_by statement in get_all for test_prepare_select_args
* fix(treeview): use 0 instead of false to check since check field is an integer
* fix(postgres): fix order_by in get_all for sync_communication
* fix(postgres): fix order_by in get_all for get_references_across_doctypes_by_dynamic_link_field
* test(postgres): fix order_by in get_all for test_list_summary
* fix(postgres): fix order_by in get_all for email queries
* test(postgres): use order_by none and update assertion for postgres
* fix(postgres): use ILIKE to support case insensitive search in postgres
* test(test_query): update pg specific query assert to use ILIKE
* test(test_query): update test_nested_filters to use ilike instead for PG
* test(postgres): update pg query in assert to test updated qb query
* fix(search): update query to be db-agnostic
* test(postgres): normalize query for pg in test_build_match_conditions
* fix(postgres): suppress ORDER BY when SELECT DISTINCT in query for postgres specific behavior
* fix(postgres): suppress ORDER BY when GROUP BY is explicitly asked for pg specific behavior
* test(postgres): fix test behavior for pg ORDER BY drop when used with GROUP BY
* refactor: reducing noise in code by formatting code
* fix(query): use Star() to handle SQL wildcard character * correctly
* fix(postgres): display warning for ORDER BY fields that will be dropped
---------
Signed-off-by: Akhil Narang <me@akhilnarang.dev>
Co-authored-by: Akhil Narang <me@akhilnarang.dev>
If `db_query_compat=True` (set by `qb_query.py`), then we default to some `db_query.py` behaviour.
Otherwise, we'll retail the previous query builder behaviour, this is to minimize breakage on either side.
Signed-off-by: Akhil Narang <me@akhilnarang.dev>
* fix: remove doctypes,workspace blocks, files
* fix: minor python tests and UI tests
* fix: remove blog post from tests
* fix: remove blogger as role for tests
* fix: add check for if doctype exists
* fix: ui test
* fix: more cleanup
* fix: cleanup comments and fix test_query
* fix: resolve conflicts
* fix: add warning and handle comments
