vassili/seitime-frappe
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 4
42272 commits 1 branch 0 tags 587 MiB
Commit graph

406 commits

Author SHA1 Message Date
Ankush Menat
3df13ca392 feat: new operator - descendants of (inclusive) 
Co-Authored-By: Faris Ansari <netchamp.faris@gmail.com>
 2023-05-29 16:59:57 +05:30
Gavin D'souza
63a605876f fix: Pass current dt as fallback parent_doctype 2023-04-27 14:37:15 +05:30
Gavin D'souza
a22cbe8ae5 fix: Setup permission_map & use get_permitted_fields 2023-04-22 14:58:28 +05:30
Sagar Vora
70ede18942
fix: improved implementation of between filter (#20190) 2023-03-02 09:51:02 +05:30
Sagar Vora
e0d7c9d901
chore: remove dead helper function (#20191) 2023-03-01 12:05:30 +05:30
gavin
3406b6d752
fix(db_query): selecting linked fields as alias (#20085) 
* fix(db_query): Don't track link_tables separately

Treat all joined tables the same, expand the fieldnames whether Table or
Link type with their respective table names

* fix(db_query): Add link join conditions for all relevant fields

* Revert "fix(db_query): Add link join conditions for all relevant fields"

This reverts commit 79622ab4cea5aa73a24f4ba7afde8e83510a79fb.

* Revert "fix(db_query): Don't track link_tables separately"

This reverts commit b8364f781e52e7ffaa7faa8878ef409b023f2288.

* fix: Check link field tables permissions in permlevel checks

* test: Fix, add for test_permlevel_fields

Previous assertion was wrong :')
added extra to check if access is fine
 2023-02-22 22:14:15 +05:30
Devin Slauenwhite
d5ce94d6a5
feat: disable comment count on list view settings. (#20039) 
* feat: add list view setting disable column count.

* fix: cast using sbool

* fix: make modified last-child if comment_count is disabled.
 2023-02-22 18:17:45 +05:30
Suraj Shetty
044eec35a6 fix: Do not filter columns like "_assign" & "_user_tags" 2023-02-14 14:00:42 +05:30
Gavin D'souza
5829dabf74 fix: Add DefaultValue to core_doctypes_list 2023-02-06 12:45:02 +05:30
Gavin D'souza
da3b98c91a Merge branch 'develop' into distinct-get_count 2023-02-03 20:26:21 +05:30
Ritwik Puri
d118cfb94a fix: Pass parent_doctype to fetch permitted fields in child tables 2023-02-03 20:20:00 +05:30
Gavin D'souza
0c17d400c0 fix(db_query): Handle distinct in fn calls 2023-02-03 20:12:55 +05:30
Gavin D'souza
3cd781e316 Merge branch 'develop' into get_all-virtual-dts 2023-02-02 13:55:24 +05:30
Gavin D'souza
5d3453eeb9 refactor: Re-use DefaultOrderBy value as global constant 2023-02-02 13:43:31 +05:30
Gavin D'souza
7ce0c4c8b3 Merge branch 'develop' into permlevel-apis 2023-01-31 17:47:59 +05:30
Gavin D'souza
dc940bac1d fix: Pass all DatabaseQuery.execute params to virtual doctype's get_list 
Give parsed args higher priority in kwargs resolution
 2023-01-31 17:07:04 +05:30
Gavin D'souza
9d236fc2cc fix: handle missing is_virtual column via is_virtual_doctype 2023-01-31 15:31:24 +05:30
gavin
7f34d510f2
fix(db_query): Allow link field to have 'tab' (#19820) 
* fix(db_query): Allow link field to have 'tab'

Issue: Occurence of tab was used to check if the selected field is a table name
and not a fieldname. This caused DocTypes with fields like `tablets` or
`table_name` to break List Views.

Change: Check if the field exists in meta to be sure that the selectable
is a field.

* fix: Split once to ensure at most 2 args
 2023-01-31 14:43:26 +05:30
Gavin D'souza
5cc21da6a1 fix: Interface DatabaseQuery to virtual doctypes' 2023-01-31 13:06:44 +05:30
Leonard Goertz
3e20e7df25
fix: add brackets for docshare or condition (#19650) 
Co-authored-by: Leonard Goertz <leonard.goertz@noventive.com>
 2023-01-30 14:14:11 +05:30
Gavin D'souza
31049b705e fix(db_query): With as_list, pass NULL to maintain order 2023-01-25 14:01:02 +05:30
Gavin D'souza
895f1d3f3a fix(db_query): Check if params in sql fn call are all permitted access 2023-01-25 12:45:36 +05:30
Gavin D'souza
6b0e4695a8 Merge branch 'develop' into permlevel-apis 2023-01-25 12:08:47 +05:30
Gavin D'souza
4c1b2ae67c refactor: get_valid_dict 
* Util get_permitted_fields checks for valid columns instead of planned logic
* Remove virtual field from dict if not in permitted fields
* Remove reliance on sentinel object _DOC_DELETED_ATTR
 2023-01-25 12:04:34 +05:30
Gavin D'souza
e75bfd0e73 refactor: Split objects just once 
Co-authored-by: Ritwik Puri <ritwikpuri5678@gmail.com>
 2023-01-25 10:45:30 +05:30
Gavin D'souza
d357af1533 refactor: Add a maxsplit limit to string splits 2023-01-24 19:22:51 +05:30
Gavin D'souza
e41f005daa fix(db_query): Remove naive field in sql func check 2023-01-24 13:59:48 +05:30
Gavin D'souza
2ae6b7f016 fix: Handle * fields after field iterations 2023-01-24 13:52:33 +05:30
Gavin D'souza
54ff630c77 fix(db_query): Permit optional_fields without checking in permitted 
fields
 2023-01-24 13:27:07 +05:30
Gavin D'souza
5c5bd2b104 refactor: Meta.get_permitted_fieldnames 
* Remove older API that returned list[df]
* Rename fields in usage scope & Meta internals
 2023-01-24 13:09:43 +05:30
Gavin D'souza
550261b3dc fix(db_query): Set & use existing constants 2023-01-24 13:01:05 +05:30
Gavin D'souza
47bcc527f3 fix: Remove logic short circuit / dont reject fields easily 2023-01-16 14:51:31 +05:30
Gavin D'souza
85d6949d04 fix: Raise PermissionError when user doesnt have access to linked table 2023-01-16 14:28:47 +05:30
Gavin D'souza
0355f33b77 fix(db_query): Handle permlevel check cases clearer 
- Split to utility functions for clarity
- Add example over code blocks
- Re-arrange blocks based on priority
 2023-01-16 13:54:56 +05:30
Gavin D'souza
197de99e35 refactor: Use permitted over available in variable naming 2023-01-16 11:07:56 +05:30
Gavin D'souza
19b728f514 fix(db_query): Parse distinct field usages 2023-01-11 14:05:10 +05:30
Gavin D'souza
3ee510439b fix(db_query): Allow standalone functions, rename get_permitted_fields 2023-01-10 17:43:14 +05:30
Gavin D'souza
bb9763def7 fix(db_query): Parse SQL function calls to check if field is accessible 2023-01-09 18:19:03 +05:30
Gavin D'souza
058c49f439 fix: Pass parenttype in meta calls, handle count(*) type queries 2023-01-09 17:09:36 +05:30
Gavin D'souza
2a6f9b1b9a fix(db_query): Load doctype meta on demand not on init 2023-01-09 16:22:01 +05:30
Gavin D'souza
1f50370599 fix(db_query): Apply permlevel checks on child/joined table queries 2023-01-09 16:12:22 +05:30
Gavin D'souza
15e51307b1 fix(db_query): Maintain order of dict[/select] keys 
* Reduce internals' mutating calls
* maintain order of fields as previous function
* Use performant f-strings over concat + formatting
 2023-01-09 15:47:21 +05:30
Gavin D'souza
1cd7620a3c fix: Fetch fields according to meta maintain order 2023-01-09 15:47:21 +05:30
Gavin D'souza
48aa7e8a93 perf(db_query): Avoid re-fetching doctype meta 
Store doctype meta in DatabaseQuery instance under `doctype_meta`
bypassing multiple get_meta calls and Redis/DB IO & serialization overheads.
 2023-01-09 15:47:21 +05:30
Gavin D'souza
d71522091e fix: Apply permlevel restrictions to DatabaseQuery 
Allow reading only accessible fields for given user session if
ignore_permissions (get_all) is unset.
 2023-01-09 15:47:21 +05:30
Gavin D'souza
ee074ec3c0 perf: DatabaseQuery.prepare_args 
* Re-use stripped str variable where possible
* Remove use of any + [], startswith to get rid of unnecessary evaluations
 2023-01-09 15:47:21 +05:30
gavin
6062d812a1
fix(db_query): Disallow usage of certain functions in *_by (#18981) 
* fix(db_query): Disallow blacklisted functions in (order|group)_by

Changes:
- allow only functions that are not blacklisted in *_by clause:
  currently just sleep
- perf improvemnts: lower, in, split, strip & other low hanging  micro optimizations

Handle the following use cases:
- upper/lower case function usages
- spaces between function name and brackets

* test(db_query): Add tests for *_by checks
 2022-11-28 12:42:29 +05:30
gavin
35827af172
fix: Strip white spaces on lower cased field value 
Co-authored-by: Ankush Menat <ankushmenat@gmail.com>
 2022-11-25 12:39:11 +05:30
Gavin D'souza
1a5e5f546b fix: Move function check inside subquery 2022-11-24 16:27:54 +05:30
Gavin D'souza
575d32ec35 fix(db_query): Space resilient matching 2022-11-24 15:36:28 +05:30