* fix search.py
After the PR #17828 in some cases an "IndexError: list assignment index out of range" error is thrown. This should fix it.
* Update search.py
Yes, that should be even better
* style: formatting
[skip ci]
* refactor: use meta.translated_doctype
* refactor: get_title_field_query
* feat: search in title, if we show title
* refactor: build_for_autosuggest
* style: black
* fix: don't order translated doctypes by untranslated relevance
* feat: match all fields for translated doctypes
* feat: translate all fields in description, remove redundant title
* refactor: title in link
* fix: show name in description for title links
refactor: clean up code to py39+ supported syntax
- f-strings instead of format
- latest typing support instead of pre 3.9 TitleCase
- remove UTF-8 declarations.
- many more changes
Powered by https://github.com/asottile/pyupgrade/ + manual cleanups
Full Name and Email ID of a **User** are sensitive data.
With **Role and User Permissions** we can restrict which other users a user can see, thus maintaining data protection. This could be circumvented by using the `@mention` functionality in comments. It allows us to see all users and their names, regardless of our permissions.
This PR aims to fix this issue by using `get_list` instead of `get_all` while retrieving options for `@mention`.
In `search.py` it was hardcoded that **DocType** and **Role** get translated before matching against the search text. This way, a user can type in his local language and still see correct results.
This feature is useful for other DocTypes as well. The criterion would be: there is a small, fairly static number of records, so that the performance impact of translating all names first is not too bad.
This PR adds a hook `translated_search_doctypes` that determines which DocType names get translated before search.
I also added **Country** to `translated_search_doctypes` for frappe. The link to **Country** is frequently used in **Address**, but until now there was no way to use it in the local language. There are ~70% less Countries than DocTypes (including ERPNext), so the performance should be fine.
ERPNext could, for example, add the **Gender** DocType to this hook. As there are very few genders, translating them is fast and improves the UX.
Docs: https://frappeframework.com/docs/v13/user/en/python-api/hooks/edit?wiki_page_patch=b4d7c8d6fc
The license.txt file has been replaced with LICENSE for quite a while
now. INAL but it didn't seem accurate to say "hey, checkout license.txt
although there's no such file". Apart from this, there were
inconsistencies in the headers altogether...this change brings
consistency.
* fix: only enabled users in mentions
* Update frappe/desk/search.py
Co-authored-by: gavin <gavin18d@gmail.com>
* test: add test cases to disallow disabled in mention
* test: pass roles as single values
* style: Remove extra space and line
Co-authored-by: Suraj Shetty <13928957+surajshetty3416@users.noreply.github.com>
Co-authored-by: gavin <gavin18d@gmail.com>
* Remove six for PY2 compatability since our dependencies are not, PY2
is legacy.
* Removed usages of utils from future/past libraries since they are
deprecated. This includes 'from __future__ ...' and 'from past...'
statements.
* Removed compatibility imports for PY2, switched from six imports to
standard library imports.
* Removed utils code blocks that handle operations depending on PY2/3
versions.
* Removed 'from __future__ ...' lines from templates/code generators
* Used PY3 syntaxes in place of PY2 compatible blocks. eg: metaclass
* feat: add permtype 'select' to DocPerm and CustomDocPerm
* feat: add 'select' perm in rights tupple
* feat: provisions to handle select permission
* feat: toggle href based on permissions
* feat: pass permission type explicitly while validating link in permission check
* fix: sider
* feat: added test cases to validate select perm
* feat: add method frappe.only_has_select_perm to explicitly check the select perm
* fix: if user only has select perm then do not show anchor tag for link fields
* fix: sider
search widget takes query as an input, but does not check whether the
query function that is called is whitelisted, basically allowing anyone
logged-in to call any function regardless of the whitelist.
Signed-off-by: Chinmay D. Pai <chinmaydpai@gmail.com>
