* feat: add user invitation doctype & related public methods
* style(user-invitation): execute formatters & add semgrep comments
* refactor(user-invitation): use `is` to compare `None` values
* fix(user-invitation): skip fetching `after_accept` for default app
* fix(user-invitation): translate email templates
* fix(user-invitaton): return pending invites from invite by email api
* refactor(user-invitation): improve code quality
* fix(user-invitation): translate all error messages
* refactor(user-invitation): improve security & readability
Improvements:
- move invite expiration check to `daily_maintenance`
- explicitly import all of the used packages
- specify methods for all security-critical endpoints
- improve error messages and give them suitable titles
- remove unnecessary utility functions
- make invitation key management secure
- translate all of the subjects of the sent emails
- use the `app_title` hook to create email titles
- commit the work done after each iteration of the background invitation
expiry checker
- restructure code to improve readability
- use `user.reset_password` to generate the target link
- use clear long names to name identifiers
- add document states with relevant colors (User Invitation doctype)
- differ `sendmail` emails whenever possible
- send an email to the invitation creator instead of the invitee after
the invite has expired
- remove `User Invitation Manager` role
* fix(user-invitation): use valid emails to test doctype & related code
* feat(user-invitation): support adding multiple roles
* refactor(user-invitation): mark relevant fields `set only once`
* feat(user-invitation): add `Cancelled` status
* test(user-invitation): correct broken tests
* test(user-invitation): form valid f-strings & run code formatter
* feat(user-invitation): make doctype usable from desk
* fix(user-invitation): remove delete permission from invitation doctype
* feat(user-invitation): pass user inserted info to `after_accept` hook
* refactor(user-invitation): improve custom action methods & errors
Improvements:
- trigger actions only when the invitation is in the `Pending` state
- use lowercase letters to start error messages
- handle cases where `user_invitation_hook` is not defined
* refactor(user-invitation): remove site name from email templates
* docs(user-invitation): add internal documentation
* feat(user-invitation): add 'get pending' & cancel invites apis
* fix(user-invitation): make invitation app specific
* refactor(user-invitation): avoid mixing function programming
* fix(user-invitation): make apis usable for app specific valid users
* fix(user-invitation): allow app specific invites
* feat(user-invitation): make list view & permission checks app specific
* refactor(user-invitation): convert class methods to static when possible
* feat(user-invitation): add `app_only_for` method to the doc
* fix(user-invitation): f-string syntax error in `get_permission_query_conditions`
* docs(user-invitation): add examples & improve the internal doc
* refactor: rename method name
static_ is unnecessary
only_for doesn't make sense in this context when arguments are not roles
* fix: Support POST request too
We dont follow REST semantics 100%, anything that modifies something
should ideally be doable with POST too.
* chore: cap
* fix: Avoid ignore_permissions as user arg
---------
Co-authored-by: Ankush Menat <ankush@frappe.io>
* fix(ui): button color for login via link template
- blue > black
* fix: restrict login via link for disabled users
* fix: validate user on session.resume
This fix adds a signature forcibly if found under the sender's
User.email_signature or default outgoing email account's signature
field.
The previous method of adding a comment into the Email didn't work since
Quill would discard comments before setting them. Adding signatures in
get_formatted_html didn't seem apt since it's used in QueueBuilder to
re-construct the Email before processing the Email Queue. This meant
that the email content that was added in the Communication record would
not be final. Now, we treat the signature as part of the Communication
content.
