6d1008933f
* feat: add user invitation doctype & related public methods * style(user-invitation): execute formatters & add semgrep comments * refactor(user-invitation): use `is` to compare `None` values * fix(user-invitation): skip fetching `after_accept` for default app * fix(user-invitation): translate email templates * fix(user-invitaton): return pending invites from invite by email api * refactor(user-invitation): improve code quality * fix(user-invitation): translate all error messages * refactor(user-invitation): improve security & readability Improvements: - move invite expiration check to `daily_maintenance` - explicitly import all of the used packages - specify methods for all security-critical endpoints - improve error messages and give them suitable titles - remove unnecessary utility functions - make invitation key management secure - translate all of the subjects of the sent emails - use the `app_title` hook to create email titles - commit the work done after each iteration of the background invitation expiry checker - restructure code to improve readability - use `user.reset_password` to generate the target link - use clear long names to name identifiers - add document states with relevant colors (User Invitation doctype) - differ `sendmail` emails whenever possible - send an email to the invitation creator instead of the invitee after the invite has expired - remove `User Invitation Manager` role * fix(user-invitation): use valid emails to test doctype & related code * feat(user-invitation): support adding multiple roles * refactor(user-invitation): mark relevant fields `set only once` * feat(user-invitation): add `Cancelled` status * test(user-invitation): correct broken tests * test(user-invitation): form valid f-strings & run code formatter * feat(user-invitation): make doctype usable from desk * fix(user-invitation): remove delete permission from invitation doctype * feat(user-invitation): pass user inserted info to `after_accept` hook * refactor(user-invitation): improve custom action methods & errors Improvements: - trigger actions only when the invitation is in the `Pending` state - use lowercase letters to start error messages - handle cases where `user_invitation_hook` is not defined * refactor(user-invitation): remove site name from email templates * docs(user-invitation): add internal documentation * feat(user-invitation): add 'get pending' & cancel invites apis * fix(user-invitation): make invitation app specific * refactor(user-invitation): avoid mixing function programming * fix(user-invitation): make apis usable for app specific valid users * fix(user-invitation): allow app specific invites * feat(user-invitation): make list view & permission checks app specific * refactor(user-invitation): convert class methods to static when possible * feat(user-invitation): add `app_only_for` method to the doc * fix(user-invitation): f-string syntax error in `get_permission_query_conditions` * docs(user-invitation): add examples & improve the internal doc * refactor: rename method name static_ is unnecessary only_for doesn't make sense in this context when arguments are not roles * fix: Support POST request too We dont follow REST semantics 100%, anything that modifies something should ideally be doable with POST too. * chore: cap * fix: Avoid ignore_permissions as user arg --------- Co-authored-by: Ankush Menat <ankush@frappe.io> |
||
|---|---|---|
| .. | ||
| __init__.py | ||
| file.py | ||
| user_invitation.py | ||