vassili/seitime-frappe
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 4
41155 commits 1 branch 0 tags 587 MiB
Commit graph

394 commits

Author SHA1 Message Date
Gavin D'souza
3cd781e316 Merge branch 'develop' into get_all-virtual-dts 2023-02-02 13:55:24 +05:30
Gavin D'souza
5d3453eeb9 refactor: Re-use DefaultOrderBy value as global constant 2023-02-02 13:43:31 +05:30
Gavin D'souza
7ce0c4c8b3 Merge branch 'develop' into permlevel-apis 2023-01-31 17:47:59 +05:30
Gavin D'souza
dc940bac1d fix: Pass all DatabaseQuery.execute params to virtual doctype's get_list 
Give parsed args higher priority in kwargs resolution
 2023-01-31 17:07:04 +05:30
Gavin D'souza
9d236fc2cc fix: handle missing is_virtual column via is_virtual_doctype 2023-01-31 15:31:24 +05:30
gavin
7f34d510f2
fix(db_query): Allow link field to have 'tab' (#19820) 
* fix(db_query): Allow link field to have 'tab'

Issue: Occurence of tab was used to check if the selected field is a table name
and not a fieldname. This caused DocTypes with fields like `tablets` or
`table_name` to break List Views.

Change: Check if the field exists in meta to be sure that the selectable
is a field.

* fix: Split once to ensure at most 2 args
 2023-01-31 14:43:26 +05:30
Gavin D'souza
5cc21da6a1 fix: Interface DatabaseQuery to virtual doctypes' 2023-01-31 13:06:44 +05:30
Leonard Goertz
3e20e7df25
fix: add brackets for docshare or condition (#19650) 
Co-authored-by: Leonard Goertz <leonard.goertz@noventive.com>
 2023-01-30 14:14:11 +05:30
Gavin D'souza
31049b705e fix(db_query): With as_list, pass NULL to maintain order 2023-01-25 14:01:02 +05:30
Gavin D'souza
895f1d3f3a fix(db_query): Check if params in sql fn call are all permitted access 2023-01-25 12:45:36 +05:30
Gavin D'souza
6b0e4695a8 Merge branch 'develop' into permlevel-apis 2023-01-25 12:08:47 +05:30
Gavin D'souza
4c1b2ae67c refactor: get_valid_dict 
* Util get_permitted_fields checks for valid columns instead of planned logic
* Remove virtual field from dict if not in permitted fields
* Remove reliance on sentinel object _DOC_DELETED_ATTR
 2023-01-25 12:04:34 +05:30
Gavin D'souza
e75bfd0e73 refactor: Split objects just once 
Co-authored-by: Ritwik Puri <ritwikpuri5678@gmail.com>
 2023-01-25 10:45:30 +05:30
Gavin D'souza
d357af1533 refactor: Add a maxsplit limit to string splits 2023-01-24 19:22:51 +05:30
Gavin D'souza
e41f005daa fix(db_query): Remove naive field in sql func check 2023-01-24 13:59:48 +05:30
Gavin D'souza
2ae6b7f016 fix: Handle * fields after field iterations 2023-01-24 13:52:33 +05:30
Gavin D'souza
54ff630c77 fix(db_query): Permit optional_fields without checking in permitted 
fields
 2023-01-24 13:27:07 +05:30
Gavin D'souza
5c5bd2b104 refactor: Meta.get_permitted_fieldnames 
* Remove older API that returned list[df]
* Rename fields in usage scope & Meta internals
 2023-01-24 13:09:43 +05:30
Gavin D'souza
550261b3dc fix(db_query): Set & use existing constants 2023-01-24 13:01:05 +05:30
Gavin D'souza
47bcc527f3 fix: Remove logic short circuit / dont reject fields easily 2023-01-16 14:51:31 +05:30
Gavin D'souza
85d6949d04 fix: Raise PermissionError when user doesnt have access to linked table 2023-01-16 14:28:47 +05:30
Gavin D'souza
0355f33b77 fix(db_query): Handle permlevel check cases clearer 
- Split to utility functions for clarity
- Add example over code blocks
- Re-arrange blocks based on priority
 2023-01-16 13:54:56 +05:30
Gavin D'souza
197de99e35 refactor: Use permitted over available in variable naming 2023-01-16 11:07:56 +05:30
Gavin D'souza
19b728f514 fix(db_query): Parse distinct field usages 2023-01-11 14:05:10 +05:30
Gavin D'souza
3ee510439b fix(db_query): Allow standalone functions, rename get_permitted_fields 2023-01-10 17:43:14 +05:30
Gavin D'souza
bb9763def7 fix(db_query): Parse SQL function calls to check if field is accessible 2023-01-09 18:19:03 +05:30
Gavin D'souza
058c49f439 fix: Pass parenttype in meta calls, handle count(*) type queries 2023-01-09 17:09:36 +05:30
Gavin D'souza
2a6f9b1b9a fix(db_query): Load doctype meta on demand not on init 2023-01-09 16:22:01 +05:30
Gavin D'souza
1f50370599 fix(db_query): Apply permlevel checks on child/joined table queries 2023-01-09 16:12:22 +05:30
Gavin D'souza
15e51307b1 fix(db_query): Maintain order of dict[/select] keys 
* Reduce internals' mutating calls
* maintain order of fields as previous function
* Use performant f-strings over concat + formatting
 2023-01-09 15:47:21 +05:30
Gavin D'souza
1cd7620a3c fix: Fetch fields according to meta maintain order 2023-01-09 15:47:21 +05:30
Gavin D'souza
48aa7e8a93 perf(db_query): Avoid re-fetching doctype meta 
Store doctype meta in DatabaseQuery instance under `doctype_meta`
bypassing multiple get_meta calls and Redis/DB IO & serialization overheads.
 2023-01-09 15:47:21 +05:30
Gavin D'souza
d71522091e fix: Apply permlevel restrictions to DatabaseQuery 
Allow reading only accessible fields for given user session if
ignore_permissions (get_all) is unset.
 2023-01-09 15:47:21 +05:30
Gavin D'souza
ee074ec3c0 perf: DatabaseQuery.prepare_args 
* Re-use stripped str variable where possible
* Remove use of any + [], startswith to get rid of unnecessary evaluations
 2023-01-09 15:47:21 +05:30
gavin
6062d812a1
fix(db_query): Disallow usage of certain functions in *_by (#18981) 
* fix(db_query): Disallow blacklisted functions in (order|group)_by

Changes:
- allow only functions that are not blacklisted in *_by clause:
  currently just sleep
- perf improvemnts: lower, in, split, strip & other low hanging  micro optimizations

Handle the following use cases:
- upper/lower case function usages
- spaces between function name and brackets

* test(db_query): Add tests for *_by checks
 2022-11-28 12:42:29 +05:30
gavin
35827af172
fix: Strip white spaces on lower cased field value 
Co-authored-by: Ankush Menat <ankushmenat@gmail.com>
 2022-11-25 12:39:11 +05:30
Gavin D'souza
1a5e5f546b fix: Move function check inside subquery 2022-11-24 16:27:54 +05:30
Gavin D'souza
575d32ec35 fix(db_query): Space resilient matching 2022-11-24 15:36:28 +05:30
Sagar Vora
f3c00c2bdc
perf: dont fetch meta unless required (#18907) 2022-11-17 13:15:35 +05:30
Aradhya
e6a281f19e refactor: better naming 2022-10-27 13:11:15 +05:30
Aradhya
4a573e252c Merge branch 'develop' of https://github.com/frappe/frappe into qb-fixes 2022-10-20 22:25:44 +05:30
Shariq Ansari
fc1e01555b fix: added missing operators 2022-09-30 17:16:40 +05:30
Aradhya Tripathi
c15da987eb
Merge branch 'develop' into qb-fixes 2022-09-21 02:24:23 +05:30
Aradhya
38f1a9708a refactor: simplified logic 2022-09-20 01:45:20 +05:30
Shariq Ansari
235171796d
fix: coalesce not in queries (#18099) 
* fix: get workspaces with empty module fields

* Revert "fix: get workspaces with empty module fields"

This reverts commit 1f194be2c3642e31ebe2165e461b2f24be8cda4c.

* fix: always coalesce `not in` queries

Co-authored-by: Ankush Menat <ankush@frappe.io>
 2022-09-13 12:08:07 +05:30
Aradhya
ae18f74311 feat: Added nested set support 2022-09-03 19:15:35 +05:30
Aradhya
ec100d7a8a fix: misc fixes 2022-08-30 16:36:00 +05:30
Aradhya Tripathi
80e64c7143
Merge branch 'develop' into get-all-mod 2022-08-24 19:46:46 +05:30
Ankush Menat
cdb0732646
perf: avoid coalescing wherever possible (#17920) 2022-08-24 10:30:51 +05:30
Aradhya
66ac93e14d Merge branch 'get-all-mod' of github.com:Aradhya-Tripathi/frappe into get-all-mod 2022-08-19 15:57:13 +05:30