vassili/seitime-frappe
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 4
52073 commits 1 branch 0 tags 587 MiB
Commit graph

52073 commits

This branch
This branch
All branches
Author SHA1 Message Date
Sagar Vora
f2ac5babe1 fix: dont use comma pattern for group by splitting 2025-12-02 02:12:24 +05:30
Sagar Vora
87b1e15a31 fix: remove double-quoting in Locate and Ifnull functions 
The custom implementations were calling .get_sql() on pypika terms,
then passing the already-quoted string to super().__init__() which
quoted it again. This broke queries with quotes in values.

Fix: Let pypika's base classes handle the quoting by passing terms
through unchanged. Ifnull now just aliases pypika's IfNull directly.
 2025-12-02 02:08:03 +05:30
Sagar Vora
261463e06a fix: keep Column compatibility, stricter regex for backtick parse 2025-12-02 01:59:16 +05:30
Sagar Vora
5122334b4b perf: cache get_permitted_fields across Engine instance 
- Add permitted_fields_cache dict to Engine instance
- Create _get_cached_permitted_fields() method shared by _check_field_permission and apply_field_permissions
- Move OPTIONAL_FIELDS check earlier to avoid unnecessary work
- Reduces redundant expensive permission lookups for filter fields
 2025-12-02 01:10:44 +05:30
Sagar Vora
e983da0136 chore: simplify function field validation 2025-12-02 01:06:12 +05:30
Sagar Vora
c40933dca7 fix: restrict '*' argument to COUNT function only 
- Add STAR_ALLOWED_FUNCTIONS frozenset with COUNT
- Pass function_name through parse chain to validate '*' usage
- Prevents '*' in functions like SUM(*), AVG(*) where it's invalid
 2025-12-02 01:00:16 +05:30
Sagar Vora
99039c23cb chore: remove unused import 2025-12-02 00:48:57 +05:30
Sagar Vora
768a141814 refactor: simplify string literal handling in SQLFunctionParser 
- Inline string literal check and extraction (was _is_string_literal + _validate_string_literal)
- Remove dangerous_patterns validation - pypika handles escaping with wrap_constant
 2025-12-02 00:48:28 +05:30
Sagar Vora
a14b11749b refactor: remove unnecessary sql_keywords validation in _validate_alias 
pypika wraps aliases in backticks, so SQL keywords are safe to use as aliases
 2025-12-02 00:40:23 +05:30
Sagar Vora
3dcd80326b perf: replace sqlparse-based _is_function_call with regex 
- Remove sqlparse import (no longer used anywhere in query.py)
- Add FUNCTION_CALL_PATTERN regex for detecting SQL function calls
- Simplify _is_function_call from 6-line sqlparse parsing to 1-line regex match
 2025-12-02 00:38:13 +05:30
Sagar Vora
1e05d6c326 perf: pre-compile regex patterns for field and alias validation 
Added SIMPLE_FIELD_PATTERN and IDENTIFIER_PATTERN at module level
to avoid repeated regex compilation in hot paths like filter validation
and alias checking.
 2025-12-02 00:27:11 +05:30
Sagar Vora
b5bae10dc8 perf: remove unnecessary sqlparse.format and comment stripping in _sanitize_field 
ALLOWED_FIELD_PATTERN already restricts fields to simple identifiers
that cannot contain SQL comments, making the sqlparse.format(strip_comments=True)
and MARIADB_SPECIFIC_COMMENT.sub() calls unnecessary overhead.

Merged _sanitize_field into _validate_select_field.
 2025-12-02 00:23:25 +05:30
Sagar Vora
bcac30836b refactor: remove redundant share check in check_read_permission 
has_permission() already checks for shared documents internally when
role permissions do not grant access, so the separate frappe.share.get_shared()
call was dead code.
 2025-12-02 00:19:44 +05:30
Sagar Vora
5297edc732 refactor: use FIELD_PARSE_REGEX instead of sqlparse for _parse_backtick_field_notation 2025-12-02 00:14:58 +05:30
Sagar Vora
04932e20a0 fix: tighten FIELD_PARSE_REGEX to only allow backticks (not double quotes) 2025-12-01 23:59:45 +05:30
Sagar Vora
72b1fe299d fix: tighten ALLOWED_FIELD_PATTERN to disallow hyphens/spaces in field names 2025-12-01 23:58:53 +05:30
Sagar Vora
e7c8091507 fix: use Field instead of Column for field-to-field filter comparison detection 2025-12-01 23:45:56 +05:30
Sagar Vora
3f2fbd7d4e fix: use Star() instead of Column("*") for correct COUNT(*) SQL 2025-12-01 23:44:41 +05:30
Sagar Vora
730f35ab70 refactor: remove unused Permission class 2025-12-01 23:42:37 +05:30
Sagar Vora
dca4b36684 chore: remove debug print statement in DynamicTableField.parse 2025-12-01 23:41:53 +05:30
Sagar Vora
732137b9bc fix: simplify permission conditions logic 2025-12-01 23:35:57 +05:30
Sagar Vora
af1bacc691
Merge pull request #35005 from sagarvora/improve-logic 
fix(Link): improve logic for early exit
 2025-12-01 23:12:13 +05:30
Sagar Vora
da4c31b60c fix(Link): improve logic for early exit 2025-12-01 22:48:26 +05:30
Raffael Meyer
5754c7dfef
fix: enable translated languages (#35003) 2025-12-01 16:50:50 +00:00
Sagar Vora
3dadf11bd9
Merge pull request #35002 from sagarvora/save-restore-package-json 
fix: avoid package.json update during cypress install
 2025-12-01 21:32:31 +05:30
Sagar Vora
e3e5b6616a
Merge pull request #35000 from sagarvora/perf-validate-link 
perf: ignore link validation if no fetch and value in awesomplete list
 2025-12-01 21:23:21 +05:30
Sagar Vora
83f2368ccd fix: avoid package.json update during cypress install 2025-12-01 21:22:22 +05:30
Sagar Vora
aab68012d0 perf: ignore link validation if no fetch and value in awesomplete list 2025-12-01 20:59:51 +05:30
Sagar Vora
8868f7bf81
Merge pull request #35001 from frappe/refactor/remove-redundant-child-permission-checks 
refactor: remove redundant child table permission checks
 2025-12-01 20:50:56 +05:30
Sagar Vora
3a3a83b644 refactor: remove redundant child table permission checks 
The `check_parent_permission` calls in client.py are redundant because
`frappe.has_permission` already handles child tables via `has_child_permission`,
which performs the same validations plus additional permlevel checks.
 2025-12-01 20:37:18 +05:30
Sagar Vora
84af5adecd
Merge pull request #34999 from sagarvora/send-validated-value 
fix: send validated `ignore_user_permissions` to custom query
 2025-12-01 20:12:23 +05:30
Sagar Vora
4d069d0a30 fix: send validated ignore_user_permissions to custom query 2025-12-01 20:02:42 +05:30
Sagar Vora
de37b8f397
Merge pull request #34995 from sagarvora/fix-search-link 2025-12-01 19:32:06 +05:30
Sagar Vora
9623b6f4cf test: increase threshold for idle CPU usage to reduce flakiness 2025-12-01 19:05:42 +05:30
Sagar Vora
d48b0d1632 fix(search)!: validate ignore_user_permissions in link search 2025-12-01 19:03:55 +05:30
Soham Kulkarni
33b5e0aec2
Merge pull request #34988 from sokumon/desktop-fixes 2025-12-01 15:38:23 +05:30
sokumon
0cbeb68946 fix: dont allow editing sidebar 2025-12-01 15:12:59 +05:30
Abdeali Chharchhodawala
af3e272037
fix: improve handling of hidden columns in XLSX export (#34944) 2025-12-01 14:40:53 +05:30
Diptanil Saha
47227136b5
Merge pull request #34916 from diptanilsaha/email-compose-w-cc-bcc 2025-12-01 13:05:04 +05:30
Ejaaz Khan
8591904dff
Merge pull request #34974 from iamejaaz/remove-text-from-search 
feat: remove input from search
 2025-12-01 12:23:27 +05:30
avc
7bbf72bf62
fix: system settings layout (#34980) 2025-12-01 12:22:50 +05:30
Jannat Patel
68850deb5b
Merge pull request #34926 from frappe/data-import-validation 
fix: validate mandatory fields in import file
 2025-12-01 12:11:36 +05:30
Ejaaz Khan
f93d305983
Merge pull request #34978 from git-avc/child-form-width-sidebar 
fix: child row form with sidebar expanded
 2025-12-01 12:03:22 +05:30
Ejaaz Khan
1a1aa4170a test: use id instead of text in test 2025-12-01 11:59:45 +05:30
Jannat Patel
415b74bee6 fix: skip validation is headers is misconfigured 2025-12-01 11:45:53 +05:30
diptanilsaha
6f9629a11b fix: enable email composing if cc or bcc field is provided without recipients 2025-12-01 11:44:09 +05:30
Diptanil Saha
ce21a108e0
Merge pull request #34946 from diptanilsaha/bcc-email 2025-12-01 11:40:53 +05:30
Ejaaz Khan
051660dff9 refactor: change the design of desktop search 2025-12-01 11:38:42 +05:30
Ejaaz Khan
ee0ffa92f3
Merge pull request #34979 from git-avc/fix-scroll-bar-grid-row-form 
fix: show scrollbar on grid row form only if needed
 2025-12-01 10:13:12 +05:30
git-avc
8c4ff3e381 fix: show scrollbar on grid row form only if needed 2025-11-30 23:01:21 +01:00