* fix(apps): add type hints to whitelisted methods
* fix(recorder): add type hints to whitelisted methods
* fix(comments): add type hints to whitelisted methods
* fix(oauth2): add type hints to whitelisted methods
* fix(google_calendar): add type hints to whitelisted methods
* fix(print): add type hints to whitelisted methods
* fix(print_format_builder): add type hints to whitelisted methods
* refactor(network_printer_settings): remove unused args
* fix(document): add type hints to whitelisted methods
* fix(user_settings): add type hints to whitelisted methods
* fix(mapper): add type hints to whitelisted methods
* fix(connected_app): add type hints to whitelisted methods
* fix(google_contacts): add type hints to whitelisted methods
* fix(frappecloud_billing): add type hints to whitelisted methods
* test: rewrite test to fit the strict type check
* fix(social_login_key): add type hints to whitelisted methods
* fix(share): add type hints to whitelisted methods
* fix(webhook): add type hints to whitelisted methods
* fix(workflow): add type hints to whitelisted methods
* fix(workflow main): add type hints to whitelisted methods
* fix(workflow_action): add type hints to whitelisted methods
* fix: flexible type hint
* fix(client): add type hints to whitelisted methods
* fix: fix some of the tighter types
* fix(frappecloud_billing): add str typehint to whitelisted endpoint
* fix: target_doc can be dict/json string
---------
Co-authored-by: Ankush Menat <ankush@frappe.io>
The `hero` block was defined at the top level of `web.html`, but since `web.html` extends `base.html` which has no `hero` block, that content was simply discarded. By moving it inside the `content` block, child template's overrides will now work correctly.
People can enter any name, including HTML, which would get rendered as the value was being used in jinja directly
Signed-off-by: Akhil Narang <me@akhilnarang.dev>
* feat: add user invitation doctype & related public methods
* style(user-invitation): execute formatters & add semgrep comments
* refactor(user-invitation): use `is` to compare `None` values
* fix(user-invitation): skip fetching `after_accept` for default app
* fix(user-invitation): translate email templates
* fix(user-invitaton): return pending invites from invite by email api
* refactor(user-invitation): improve code quality
* fix(user-invitation): translate all error messages
* refactor(user-invitation): improve security & readability
Improvements:
- move invite expiration check to `daily_maintenance`
- explicitly import all of the used packages
- specify methods for all security-critical endpoints
- improve error messages and give them suitable titles
- remove unnecessary utility functions
- make invitation key management secure
- translate all of the subjects of the sent emails
- use the `app_title` hook to create email titles
- commit the work done after each iteration of the background invitation
expiry checker
- restructure code to improve readability
- use `user.reset_password` to generate the target link
- use clear long names to name identifiers
- add document states with relevant colors (User Invitation doctype)
- differ `sendmail` emails whenever possible
- send an email to the invitation creator instead of the invitee after
the invite has expired
- remove `User Invitation Manager` role
* fix(user-invitation): use valid emails to test doctype & related code
* feat(user-invitation): support adding multiple roles
* refactor(user-invitation): mark relevant fields `set only once`
* feat(user-invitation): add `Cancelled` status
* test(user-invitation): correct broken tests
* test(user-invitation): form valid f-strings & run code formatter
* feat(user-invitation): make doctype usable from desk
* fix(user-invitation): remove delete permission from invitation doctype
* feat(user-invitation): pass user inserted info to `after_accept` hook
* refactor(user-invitation): improve custom action methods & errors
Improvements:
- trigger actions only when the invitation is in the `Pending` state
- use lowercase letters to start error messages
- handle cases where `user_invitation_hook` is not defined
* refactor(user-invitation): remove site name from email templates
* docs(user-invitation): add internal documentation
* feat(user-invitation): add 'get pending' & cancel invites apis
* fix(user-invitation): make invitation app specific
* refactor(user-invitation): avoid mixing function programming
* fix(user-invitation): make apis usable for app specific valid users
* fix(user-invitation): allow app specific invites
* feat(user-invitation): make list view & permission checks app specific
* refactor(user-invitation): convert class methods to static when possible
* feat(user-invitation): add `app_only_for` method to the doc
* fix(user-invitation): f-string syntax error in `get_permission_query_conditions`
* docs(user-invitation): add examples & improve the internal doc
* refactor: rename method name
static_ is unnecessary
only_for doesn't make sense in this context when arguments are not roles
* fix: Support POST request too
We dont follow REST semantics 100%, anything that modifies something
should ideally be doable with POST too.
* chore: cap
* fix: Avoid ignore_permissions as user arg
---------
Co-authored-by: Ankush Menat <ankush@frappe.io>
* fix: remove doctypes,workspace blocks, files
* fix: minor python tests and UI tests
* fix: remove blog post from tests
* fix: remove blogger as role for tests
* fix: add check for if doctype exists
* fix: ui test
* fix: more cleanup
* fix: cleanup comments and fix test_query
* fix: resolve conflicts
* fix: add warning and handle comments
