vassili/seitime-frappe
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 4
22523 commits 1 branch 0 tags 587 MiB
Commit graph

229 commits

Author SHA1 Message Date
Shivam Mishra
00d21a2ac5 fix: tests for db_query 2019-10-29 10:17:52 +05:30
Shivam Mishra
08b992d547 style: removed loop to check standard SQL 2019-10-29 10:07:39 +05:30
Shivam Mishra
c0d69a04c4 feat: added tests 2019-10-24 19:47:53 +05:30
Shivam Mishra
d93b060f22 refactor: improved for readability 2019-10-24 18:43:24 +05:30
Shivam Mishra
e1aa309b87 fix: do not append table names for mysql methods 2019-10-24 17:29:56 +05:30
Aditya Hase
10bd8012ce
perf(orm): Use cached table_columns instead of querying the database 2019-10-23 23:00:02 +05:30
Rucha Mahabal
20ea14efe4 fix(Report View): Error on setting Is Set filter for date fields 2019-09-19 20:41:56 +05:30
Prssanna Desai
d42fea0104 feat: Add child table fields to group by in reports (#8390) 2019-09-11 17:11:24 +05:30
Suraj Shetty
2e2ebcd9cc fix: Comments in add_user_permissions 2019-08-12 09:47:22 +05:30
Aditya Hase
5d04fb4eb7 fix(search): Reduce restrictions on field contents 2019-07-30 14:25:13 +05:30
Aditya Hase
8ac155f7b6 fix(security): Sanitize fields list, group_by and order_by clause to prevent SQLi 2019-07-30 12:52:01 +05:30
Aditya Hase
ce60f98ab6 Revert "fix(security): Disallow unnecessary characters in group_by and fields" 
This reverts commit fb8993663c.
 2019-07-26 20:49:46 +05:30
Aditya Hase
fb8993663c fix(security): Disallow unnecessary characters in group_by and fields 2019-07-25 20:54:08 +05:30
Prssanna Desai
8a4bfb1429 Improve query for assignment count and add test 2019-03-27 22:41:02 +05:30
Frappe Bot
94ea028db3 Merge branch 'master' into develop 2019-03-08 09:38:18 +00:00
Anurag Mishra
cd191439fd feat: Document subscription (#6745) 2019-03-07 14:06:22 +05:30
Rushabh Mehta
43fe6bd152 fix(db_query): handle null in fields list 2019-03-05 10:26:26 +05:30
Rushabh Mehta
c0631e4e98
Merge pull request #6924 from ElasticRun/db_query_bug_fix 
[bug fix]: prepare filter condition function
 2019-02-28 13:02:15 +05:30
Faris Ansari
0a30746007
fix: Check if value is string 2019-02-26 16:16:38 +05:30
Faris Ansari
0dbafb9c6b fix: Make requests with cmd on /api/method/path 
- Will help in better debugging and Cypress testing
 2019-02-13 16:04:06 +05:30
sivankar
40dc733701 added map 2019-02-12 21:08:49 +05:30
Suraj Shetty
a67cecf981 fix(test): Use single quotes for empty string (constant) (#6871) 
* Use single quotes for empty string
since value inside double quotes is considered as Identifier in postgres

* Do not show change log modal when in test

* Revert "Do not show change log modal when in test"

This reverts commit 6c2c3fd80cad3ff491b7d3b60a2b756ba6823bf8.

* Do not show change log modal when in test

- To check it is test environment we are checking if Cypress is
loaded on window object
 2019-02-01 17:34:12 +05:30
Sagar Vora
ef82f39f99 Merge branch 'staging' into develop 2019-01-29 18:24:11 +05:30
sahil28297
60d0c390f0 fix: datetime handling in relative filters (#6823) 2019-01-24 14:53:54 +05:30
Faris Ansari
5ffdeb19fc feat: New filter type "Is Set", "Is Not Set" 2019-01-24 14:26:27 +05:30
sahil28297
3644f5f4cd feat: relative timeframe filters (#6792) 
* feat: relative timeframe filters

* fix: resolve syntax errors

* fix: Translated options
 2019-01-21 16:02:40 +05:30
Saurabh
d5fdc670f7 Merge branch 'staging' into develop 2019-01-01 14:26:16 +05:30
Suraj Shetty
eacaea6a0d Add accidently removed match filters (#6701) 
- Fixes "No user permission applied for Reports" issue
 2018-12-31 20:07:13 +05:30
Frappe Bot
a7754527df Merge branch 'staging' into develop 2018-12-26 14:31:02 +00:00
Suraj Shetty
8b201911b4
fix(permission): Update db_query.py (#6683) 2018-12-26 19:57:18 +05:30
Suraj Shetty
fe49117c92
fix: issue related to quotes (#6682) 2018-12-26 19:36:13 +05:30
Frappe Bot
0499b4a845 Merge branch 'staging' into develop 2018-12-26 12:03:03 +00:00
Suraj Shetty
40fb7ac76f Init reference doctype 2018-12-12 13:50:20 +05:30
Suraj Shetty
039bd58a31 Fix minor bug 2018-12-12 13:17:12 +05:30
Suraj Shetty
70a8054020 Fix client side user permission check 2018-12-12 13:15:11 +05:30
Suraj Shetty
943be440fa Fix user permission check 
- show complete list in no user permission for the
 reference doctype is found
 2018-12-12 12:58:56 +05:30
Suraj Shetty
390254b65d
Merge branch 'staging-fixes' into staging-fixes 2018-11-29 09:18:43 +05:30
Ameya Shenoy
c5d276b813
Merge branch 'staging' into develop 2018-11-28 08:24:00 +00:00
Ameya Shenoy
f513739d1a
Merge branch 'master' into staging-fixes 2018-11-28 07:53:35 +00:00
Saurabh
4738a9711a fix: tighten protection against sql injection (#6546) 2018-11-28 10:22:30 +05:30
Suraj Shetty
79ddfe6021
Merge branch 'staging-fixes' into staging-fixes 2018-11-26 18:12:34 +05:30
Ameya Shenoy
13524a1ad5
Merge branch 'staging' into develop 2018-11-23 08:14:29 +00:00
Ameya Shenoy
d1d0edc636
Merge branch 'master' into staging-fixes 2018-11-23 08:07:36 +00:00
rohitwaghchaure
c247ec17ea fix: child table access using get_list function (#6511) 
User was able to fetch child table data without having access from client side using frappe.db.get_list function
 2018-11-22 12:44:32 +05:30
Suraj Shetty
e79cfc531a Merge branch 'staging-fixes' of https://github.com/frappe/frappe into staging-fixes 2018-11-21 13:18:33 +05:30
Ameya Shenoy
d0e7690ae2
Merge branch 'staging' into develop 2018-11-05 06:48:46 +00:00
Ameya Shenoy
5a791cd099
Merge branch 'master' into staging-fixes 2018-11-05 06:37:49 +00:00
Saurabh
856a721073 [fix] sql injection fix (#6390) 2018-11-05 10:51:57 +05:30
Suraj Shetty
88ba2ecf36 Init return_empty 2018-11-05 10:51:39 +05:30
Suraj Shetty
30de0662e9 Set a boolean to return empty response 2018-11-05 10:39:11 +05:30