Merge branch 'version-14' of https://github.com/frappe/frappe into ve…

…rsion-14
aliriocastro · Nov 29, 2023 · 43646bd · 43646bd
2 parents 150b82f + a403c47
commit 43646bd
Show file tree

Hide file tree

Showing 237 changed files with 3,798 additions and 2,245 deletions.
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -35,7 +35,7 @@ repos:
     rev: v2.7.1
     hooks:
       - id: prettier
-        types_or: [javascript]
+        types_or: [javascript, vue, scss]
         # Ignore any files that might contain jinja / bundles
         exclude: |
             (?x)^(
@@ -44,7 +44,8 @@ repos:
                 .*boilerplate.*|
                 frappe/www/website_script.js|
                 frappe/templates/includes/.*|
-                frappe/public/js/lib/.*
+                frappe/public/js/lib/.*|
+                frappe/website/doctype/website_theme/website_theme_template.scss
             )$
 
 

diff --git a/frappe/__init__.py b/frappe/__init__.py
@@ -44,7 +44,7 @@
 )
 from .utils.lazy_loader import lazy_import
 
-__version__ = "14.54.0"
+__version__ = "14.57.0"
 __title__ = "Frappe Framework"
 
 controllers = {}
@@ -419,6 +419,8 @@ def msgprint(
 	primary_action: str = None,
 	is_minimizable: bool = False,
 	wide: bool = False,
+	*,
+	realtime=False,
 ) -> None:
 	"""Print a message to the user (via HTTP response).
 	Messages are sent in the `__server_messages` property in the
@@ -432,6 +434,7 @@ def msgprint(
 	:param primary_action: [optional] Bind a primary server/client side action.
 	:param is_minimizable: [optional] Allow users to minimize the modal
 	:param wide: [optional] Show wide modal
+	:param realtime: Publish message immediately using websocket.
 	"""
 	import inspect
 	import sys
@@ -494,7 +497,10 @@ def _raise_exception():
 	if wide:
 		out.wide = wide
 
-	message_log.append(json.dumps(out))
+	if realtime:
+		publish_realtime(event="msgprint", message=out)
+	else:
+		message_log.append(json.dumps(out))
 
 	if raise_exception and hasattr(raise_exception, "__name__"):
 		local.response["exc_type"] = raise_exception.__name__

diff --git a/frappe/api.py b/frappe/api.py
@@ -10,6 +10,7 @@
 import frappe.handler
 from frappe import _
 from frappe.utils.data import sbool
+from frappe.utils.password import get_decrypted_password
 from frappe.utils.response import build_response
 
 
@@ -179,6 +180,11 @@ def validate_auth():
 
 	validate_auth_via_hooks()
 
+	# If login via bearer, basic or keypair didn't work then authentication failed and we
+	# should terminate here.
+	if len(authorization_header) == 2 and frappe.session.user in ("", "Guest"):
+		raise frappe.AuthenticationError
+
 
 def validate_oauth(authorization_header):
 	"""
@@ -191,6 +197,9 @@ def validate_oauth(authorization_header):
 	from frappe.integrations.oauth2 import get_oauth_server
 	from frappe.oauth import get_url_delimiter
 
+	if authorization_header[0].lower() != "bearer":
+		return
+
 	form_dict = frappe.local.form_dict
 	token = authorization_header[1]
 	req = frappe.request
@@ -249,8 +258,10 @@ def validate_api_key_secret(api_key, api_secret, frappe_authorization_source=Non
 	"""frappe_authorization_source to provide api key and secret for a doctype apart from User"""
 	doctype = frappe_authorization_source or "User"
 	doc = frappe.db.get_value(doctype=doctype, filters={"api_key": api_key}, fieldname=["name"])
+	if not doc:
+		raise frappe.AuthenticationError
 	form_dict = frappe.local.form_dict
-	doc_secret = frappe.utils.password.get_decrypted_password(doctype, doc, fieldname="api_secret")
+	doc_secret = get_decrypted_password(doctype, doc, fieldname="api_secret")
 	if api_secret == doc_secret:
 		if doctype == "User":
 			user = frappe.db.get_value(doctype="User", filters={"api_key": api_key}, fieldname=["name"])
@@ -259,6 +270,8 @@ def validate_api_key_secret(api_key, api_secret, frappe_authorization_source=Non
 		if frappe.local.login_manager.user in ("", "Guest"):
 			frappe.set_user(user)
 		frappe.local.form_dict = form_dict
+	else:
+		raise frappe.AuthenticationError
 
 
 def validate_auth_via_hooks():

diff --git a/frappe/app.py b/frappe/app.py
@@ -163,9 +163,12 @@ def init_request(request):
 			raise frappe.SessionStopped("Session Stopped")
 	else:
 		frappe.connect(set_admin_as_user=False)
+	if request.path.startswith("/api/method/upload_file"):
+		from frappe.core.api.file import get_max_file_size
 
-	request.max_content_length = cint(frappe.local.conf.get("max_file_size")) or 10 * 1024 * 1024
-
+		request.max_content_length = get_max_file_size()
+	else:
+		request.max_content_length = cint(frappe.local.conf.get("max_file_size")) or 25 * 1024 * 1024
 	make_form_dict(request)
 
 	if request.method != "OPTIONS":
@@ -262,11 +265,11 @@ def set_cors_headers(response):
 	response.headers.extend(cors_headers)
 
 
-def make_form_dict(request):
+def make_form_dict(request: Request):
 	import json
 
 	request_data = request.get_data(as_text=True)
-	if "application/json" in (request.content_type or "") and request_data:
+	if request_data and request.is_json:
 		args = json.loads(request_data)
 	else:
 		args = {}
@@ -278,9 +281,8 @@ def make_form_dict(request):
 
 	frappe.local.form_dict = frappe._dict(args)
 
-	if "_" in frappe.local.form_dict:
-		# _ is passed by $.ajax so that the request is not cached by the browser. So, remove _ from form_dict
-		frappe.local.form_dict.pop("_")
+	# _ is passed by $.ajax so that the request is not cached by the browser. So, remove _ from form_dict
+	frappe.local.form_dict.pop("_", None)
 
 
 def handle_exception(e):

diff --git a/frappe/auth.py b/frappe/auth.py
@@ -19,9 +19,11 @@
 )
 from frappe.utils import cint, date_diff, datetime, get_datetime, today
 from frappe.utils.deprecations import deprecation_warning
-from frappe.utils.password import check_password
+from frappe.utils.password import check_password, get_decrypted_password
 from frappe.website.utils import get_home_page
 
+MAX_PASSWORD_SIZE = 512
+
 
 class HTTPRequest:
 	def __init__(self):
@@ -235,6 +237,9 @@ def authenticate(self, user: str = None, pwd: str = None):
 		if not (user and pwd):
 			self.fail(_("Incomplete login details"), user=user)
 
+		if len(pwd) > MAX_PASSWORD_SIZE:
+			self.fail(_("Password size exceeded the maximum allowed size"), user=user)
+
 		_raw_user_name = user
 		user = User.find_by_credentials(user, pwd)
 

diff --git a/frappe/boot.py b/frappe/boot.py
@@ -121,12 +121,12 @@ def get_letter_heads():
 
 
 def load_conf_settings(bootinfo):
-	from frappe import conf
+	from frappe.core.api.file import get_max_file_size
 
-	bootinfo.max_file_size = conf.get("max_file_size") or 10485760
+	bootinfo.max_file_size = get_max_file_size()
 	for key in ("developer_mode", "socketio_port", "file_watcher_port"):
-		if key in conf:
-			bootinfo[key] = conf.get(key)
+		if key in frappe.conf:
+			bootinfo[key] = frappe.conf.get(key)
 
 
 def load_desktop_data(bootinfo):

diff --git a/frappe/commands/translate.py b/frappe/commands/translate.py
@@ -102,10 +102,28 @@ def import_translations(context, lang, path):
 		frappe.destroy()
 
 
+@click.command("migrate-translations")
+@click.argument("source-app")
+@click.argument("target-app")
+@pass_context
+def migrate_translations(context, source_app, target_app):
+	"Migrate target-app-specific translations from source-app to target-app"
+	import frappe.translate
+
+	site = get_site(context)
+	try:
+		frappe.init(site=site)
+		frappe.connect()
+		frappe.translate.migrate_translations(source_app, target_app)
+	finally:
+		frappe.destroy()
+
+
 commands = [
 	build_message_files,
 	get_untranslated,
 	import_translations,
 	new_language,
 	update_translations,
+	migrate_translations,
 ]
diff --git a/frappe/contacts/doctype/address/address.json b/frappe/contacts/doctype/address/address.json
@@ -51,12 +51,14 @@
    "fieldname": "address_line1",
    "fieldtype": "Data",
    "label": "Address Line 1",
+   "length": 240,
    "reqd": 1
   },
   {
    "fieldname": "address_line2",
    "fieldtype": "Data",
-   "label": "Address Line 2"
+   "label": "Address Line 2",
+   "length": 240
   },
   {
    "fieldname": "city",
@@ -148,7 +150,7 @@
  "icon": "fa fa-map-marker",
  "idx": 5,
  "links": [],
- "modified": "2023-10-30 05:50:23.912366",
+ "modified": "2023-11-20 17:28:41.698356",
  "modified_by": "Administrator",
  "module": "Contacts",
  "name": "Address",

diff --git a/frappe/core/doctype/comment/comment.json b/frappe/core/doctype/comment/comment.json
@@ -14,8 +14,6 @@
   "column_break_5",
   "reference_doctype",
   "reference_name",
-  "link_doctype",
-  "link_name",
   "reference_owner",
   "section_break_10",
   "content",
@@ -76,18 +74,6 @@
    "label": "Reference Name",
    "options": "reference_doctype"
   },
-  {
-   "fieldname": "link_doctype",
-   "fieldtype": "Link",
-   "label": "Link DocType",
-   "options": "DocType"
-  },
-  {
-   "fieldname": "link_name",
-   "fieldtype": "Dynamic Link",
-   "label": "Link Name",
-   "options": "link_doctype"
-  },
   {
    "fieldname": "reference_owner",
    "fieldtype": "Data",
@@ -113,7 +99,7 @@
   }
  ],
  "links": [],
- "modified": "2022-07-12 17:35:31.774137",
+ "modified": "2023-07-24 13:52:55.651462",
  "modified_by": "Administrator",
  "module": "Core",
  "name": "Comment",

diff --git a/frappe/core/doctype/data_import/data_import.py b/frappe/core/doctype/data_import/data_import.py
@@ -9,7 +9,7 @@
 from frappe.core.doctype.data_import.importer import Importer
 from frappe.model.document import Document
 from frappe.modules.import_file import import_file_by_path
-from frappe.utils.background_jobs import enqueue
+from frappe.utils.background_jobs import enqueue, is_job_enqueued
 from frappe.utils.csvutils import validate_google_sheets_url
 
 
@@ -65,15 +65,15 @@ def start_import(self):
 		if is_scheduler_inactive() and not frappe.flags.in_test:
 			frappe.throw(_("Scheduler is inactive. Cannot import data."), title=_("Scheduler Inactive"))
 
-		enqueued_jobs = [d.get("job_name") for d in get_info()]
+		job_id = f"data_import::{self.name}"
 
-		if self.name not in enqueued_jobs:
+		if not is_job_enqueued(job_id):
 			enqueue(
 				start_import,
 				queue="default",
 				timeout=10000,
 				event="data_import",
-				job_name=self.name,
+				job_id=job_id,
 				data_import=self.name,
 				now=frappe.conf.developer_mode or frappe.flags.in_test,
 			)

diff --git a/frappe/core/doctype/data_import/patches/__init__.py b/frappe/core/doctype/data_import/patches/__init__.py
diff --git a/frappe/core/doctype/data_import/patches/remove_stale_docfields_from_legacy_version.py b/frappe/core/doctype/data_import/patches/remove_stale_docfields_from_legacy_version.py
@@ -0,0 +1,6 @@
+import frappe
+
+
+def execute():
+	"""Remove stale docfields from legacy version"""
+	frappe.db.delete("DocField", {"options": "Data Import", "parent": "Data Import Legacy"})
diff --git a/frappe/core/doctype/doctype/doctype.py b/frappe/core/doctype/doctype/doctype.py
@@ -744,6 +744,7 @@ def make_amendable(self):
 						"read_only": 1,
 						"print_hide": 1,
 						"no_copy": 1,
+						"search_index": 1,
 					},
 				)
 

diff --git a/frappe/core/doctype/file/utils.py b/frappe/core/doctype/file/utils.py
@@ -374,7 +374,7 @@ def relink_files(doc, fieldname, temp_doc_name):
 			"attached_to_field": fieldname,
 			"creation": (
 				"between",
-				[now_datetime() - add_to_date(date=now_datetime(), minutes=-60), now_datetime()],
+				[add_to_date(date=now_datetime(), minutes=-60), now_datetime()],
 			),
 		},
 	)