def test_confirm_payment(self): razorpay_payment_id = "test_pay_{0}".format(frappe.generate_hash(length=14)) razorpay_payment = make_payment(razorpay_payment_id=razorpay_payment_id, options=json.dumps(data["options"])) self.assertRaises(InvalidRequest, razorpay_payment.insert) razorpay_settings = frappe.get_doc("Razorpay Settings") razorpay_settings.update(data["razorpay_settings"]) razorpay_payment_id = "test_pay_{0}".format(frappe.generate_hash(length=14)) razorpay_payment = make_payment(razorpay_payment_id=razorpay_payment_id, options=json.dumps(data["options"])) razorpay_payment.flags.is_sandbox = True razorpay_payment.sanbox_response = data["sanbox_response"] razorpay_payment.sanbox_response.update({ "id": razorpay_payment_id, "status": "authorized" }) razorpay_payment.insert(ignore_permissions=True) razorpay_payment_status = frappe.db.get_value("Razorpay Payment", razorpay_payment_id, "status") self.assertEquals(razorpay_payment_status, "Authorized")
def get_pdf(html, options=None): if not options: options = {} options.update({ "print-media-type": None, "background": None, "images": None, 'margin-top': '15mm', 'margin-right': '15mm', 'margin-bottom': '15mm', 'margin-left': '15mm', 'encoding': "UTF-8", 'quiet': None, 'no-outline': None }) if not options.get("page-size"): options['page-size'] = frappe.db.get_single_value("Print Settings", "pdf_page_size") or "A4" html = scrub_urls(html) fname = os.path.join("/tmp", frappe.generate_hash() + ".pdf") try: pdfkit.from_string(html, fname, options=options or {}) except IOError, e: if "ContentNotFoundError" in e.message: frappe.throw(_("PDF generation failed because of broken image links")) else: raise
def insert_user_social_login(user, modified_by, provider, idx, userid=None, username=None): source_cols = get_standard_cols() creation_time = frappe.utils.get_datetime_str(frappe.utils.get_datetime()) values = [ frappe.generate_hash(length=10), creation_time, creation_time, user, modified_by, user, "User", "social_logins", cstr(idx), provider ] if userid: source_cols.append("userid") values.append(userid) if username: source_cols.append("username") values.append(username) query = """INSERT INTO `tabUser Social Login` ({source_cols}) VALUES ({values}) """.format( source_cols = "`" + "`, `".join(source_cols) + "`", values= "'" + "', '".join([frappe.db.escape(d) for d in values]) + "'" ) frappe.db.sql(query)
def start(self): """start a new session""" # generate sid if self.user=='Guest': sid = 'Guest' else: sid = frappe.generate_hash() self.data['user'] = self.user self.data['sid'] = sid self.data['data']['user'] = self.user self.data['data']['session_ip'] = frappe.get_request_header('REMOTE_ADDR') if self.user != "Guest": self.data['data']['last_updated'] = frappe.utils.now() self.data['data']['session_expiry'] = get_expiry_period() self.data['data']['session_country'] = get_geo_ip_country(frappe.get_request_header('REMOTE_ADDR')) # insert session if self.user!="Guest": frappe.db.begin() self.insert_session_record() # update user frappe.db.sql("""UPDATE tabUser SET last_login = %s, last_ip = %s where name=%s""", (frappe.utils.now(), frappe.get_request_header('REMOTE_ADDR'), self.data['user'])) frappe.db.commit()
def start(self): """start a new session""" # generate sid if self.user == "Guest": sid = "Guest" else: sid = frappe.generate_hash() self.data["user"] = self.user self.data["sid"] = sid self.data["data"]["user"] = self.user self.data["data"]["session_ip"] = frappe.get_request_header("REMOTE_ADDR") if self.user != "Guest": self.data["data"]["last_updated"] = frappe.utils.now() self.data["data"]["session_expiry"] = get_expiry_period() self.data["data"]["session_country"] = get_geo_ip_country(frappe.get_request_header("REMOTE_ADDR")) # insert session if self.user != "Guest": frappe.db.begin() self.insert_session_record() # update user frappe.db.sql( """UPDATE tabUser SET last_login = %s, last_ip = %s where name=%s""", (frappe.utils.now(), frappe.get_request_header("REMOTE_ADDR"), self.data["user"]), ) frappe.db.commit()
def login_oauth_user(data=None, provider=None, state=None, email_id=None, key=None, generate_login_token=False): # NOTE: This could lead to security issue as the signed in user can type any email address in complete_signup # if email_id and key: # data = json.loads(frappe.db.get_temp(key)) # # What if data is missing because of an invalid key # data["email"] = email_id # # elif not (data.get("email") and get_first_name(data)) and not frappe.db.exists("User", data.get("email")): # # ask for user email # key = frappe.db.set_temp(json.dumps(data)) # frappe.db.commit() # frappe.local.response["type"] = "redirect" # frappe.local.response["location"] = "/complete_signup?key=" + key # return # json.loads data and state if isinstance(data, basestring): data = json.loads(data) if isinstance(state, basestring): state = json.loads(state) if not (state and state["token"]): frappe.respond_as_web_page(_("Invalid Request"), _("Token is missing"), http_status_code=417) return token = frappe.cache().get_value("{0}:{1}".format(provider, state["token"]), expires=True) if not token: frappe.respond_as_web_page(_("Invalid Request"), _("Invalid Token"), http_status_code=417) return user = data["email"] if not user: frappe.respond_as_web_page(_("Invalid Request"), _("Please ensure that your profile has an email address")) return try: if update_oauth_user(user, data, provider) is False: return except SignupDisabledError: return frappe.respond_as_web_page( "Signup is Disabled", "Sorry. Signup from Website is disabled.", success=False, http_status_code=403 ) frappe.local.login_manager.user = user frappe.local.login_manager.post_login() # because of a GET request! frappe.db.commit() if frappe.utils.cint(generate_login_token): login_token = frappe.generate_hash(length=32) frappe.cache().set_value("login_token:{0}".format(login_token), frappe.local.session.sid, expires_in_sec=120) frappe.response["login_token"] = login_token else: redirect_post_login(desk_user=frappe.local.response.get("message") == "Logged In")
def start(self): """start a new session""" # generate sid if self.user == "Guest": sid = "Guest" else: sid = frappe.generate_hash() self.data.user = self.user self.data.sid = sid self.data.data.user = self.user self.data.data.session_ip = frappe.local.request_ip if self.user != "Guest": self.data.data.update( { "last_updated": frappe.utils.now(), "session_expiry": get_expiry_period(self.device), "full_name": self.full_name, "user_type": self.user_type, "device": self.device, "session_country": get_geo_ip_country(frappe.local.request_ip), } ) # insert session if self.user != "Guest": self.insert_session_record() # update user frappe.db.sql( """UPDATE tabUser SET last_login = %s, last_ip = %s where name=%s""", (frappe.utils.now(), frappe.local.request_ip, self.data["user"]), ) frappe.db.commit()
def get_pdf(html, options=None): if not options: options = {} options.update({ "print-media-type": None, "background": None, "images": None, 'margin-top': '15mm', 'margin-right': '15mm', 'margin-bottom': '15mm', 'margin-left': '15mm', 'encoding': "UTF-8", 'quiet': None, 'no-outline': None }) if not options.get("page-size"): options['page-size'] = frappe.db.get_single_value("Print Settings", "pdf_page_size") or "A4" html = scrub_urls(html) fname = os.path.join("/tmp", frappe.generate_hash() + ".pdf") pdfkit.from_string(html, fname, options=options or {}) with open(fname, "rb") as fileobj: filedata = fileobj.read() os.remove(fname) return filedata
def make_autoname(key='', doctype='', doc=''): """ Creates an autoname from the given key: **Autoname rules:** * The key is separated by '.' * '####' represents a series. The string before this part becomes the prefix: Example: ABC.#### creates a series ABC0001, ABC0002 etc * 'MM' represents the current month * 'YY' and 'YYYY' represent the current year *Example:* * DE/./.YY./.MM./.##### will create a series like DE/09/01/0001 where 09 is the year, 01 is the month and 0001 is the series """ if key=="hash": return frappe.generate_hash(doctype, 10) if not "#" in key: key = key + ".#####" elif not "." in key: frappe.throw(_("Invalid naming series (. missing)") + (_(" for {0}").format(doctype) if doctype else "")) parts = key.split('.') n = parse_naming_series(parts, doctype, doc) return n
def validate(self): self.check_demo() # clear new password self.__new_password = self.new_password self.new_password = "" if not frappe.flags.in_test: self.password_strength_test() if self.name not in STANDARD_USERS: self.validate_email_type(self.email) self.validate_email_type(self.name) self.add_system_manager_role() self.set_system_user() self.set_full_name() self.check_enable_disable() self.ensure_unique_roles() self.remove_all_roles_for_guest() self.validate_username() self.remove_disabled_roles() self.validate_user_email_inbox() ask_pass_update() self.validate_roles() self.validate_user_image() if self.language == "Loading...": self.language = None if (self.name not in ["Administrator", "Guest"]) and (not self.frappe_userid): self.frappe_userid = frappe.generate_hash(length=39)
def get_pdf(html, options=None, output=None): html = scrub_urls(html) html, options = prepare_options(html, options) fname = os.path.join("/tmp", "frappe-pdf-{0}.pdf".format(frappe.generate_hash())) try: pdfkit.from_string(html, fname, options=options or {}) if output: append_pdf(PdfFileReader(file(fname, "rb")), output) else: with open(fname, "rb") as fileobj: filedata = fileobj.read() except IOError, e: if ( "ContentNotFoundError" in e.message or "ContentOperationNotPermittedError" in e.message or "UnknownContentError" in e.message or "RemoteHostClosedError" in e.message ): # allow pdfs with missing images if file got created if os.path.exists(fname): with open(fname, "rb") as fileobj: filedata = fileobj.read() else: frappe.throw(_("PDF generation failed because of broken image links")) else: raise
def print_by_server(doctype, name, print_format=None, doc=None, no_letterhead=0): print_settings = frappe.get_doc("Print Settings") try: import cups except ImportError: frappe.throw("You need to install pycups to use this feature!") return try: cups.setServer(print_settings.server_ip) cups.setPort(print_settings.port) conn = cups.Connection() output = PdfFileWriter() output = frappe.get_print(doctype, name, print_format, doc=doc, no_letterhead=no_letterhead, as_pdf = True, output = output) file = os.path.join("/", "tmp", "frappe-pdf-{0}.pdf".format(frappe.generate_hash())) output.write(open(file,"wb")) conn.printFile(print_settings.printer_name,file , name, {}) except IOError as e: if ("ContentNotFoundError" in e.message or "ContentOperationNotPermittedError" in e.message or "UnknownContentError" in e.message or "RemoteHostClosedError" in e.message): frappe.throw(_("PDF generation failed")) except cups.IPPError: frappe.throw(_("Printing failed")) finally: cleanup(file,{})
def start(self): """start a new session""" # generate sid if self.user=='Guest': sid = 'Guest' else: sid = frappe.generate_hash() self.data.user = self.user self.data.sid = sid self.data.data.user = self.user self.data.data.session_ip = frappe.local.request_ip if self.user != "Guest": self.data.data.update({ "last_updated": frappe.utils.now(), "session_expiry": get_expiry_period(self.device), "full_name": self.full_name, "user_type": self.user_type, "device": self.device, "session_country": get_geo_ip_country(frappe.local.request_ip) if frappe.local.request_ip else None, }) # insert session if self.user!="Guest": self.insert_session_record() # update user frappe.db.sql("""UPDATE tabUser SET last_login = %(now)s, last_ip = %(ip)s, last_active = %(now)s where name=%(name)s""", { "now": frappe.utils.now(), "ip": frappe.local.request_ip, "name": self.data['user'] }) frappe.db.commit()
def make_error_snapshot(exception): if frappe.conf.disable_error_snapshot: return logger = frappe.get_logger() try: error_id = '{timestamp:s}-{ip:s}-{hash:s}'.format( timestamp=cstr(datetime.datetime.now()), ip=frappe.local.request_ip or '127.0.0.1', hash=frappe.generate_hash(length=3) ) snapshot_folder = get_error_snapshot_path() frappe.create_folder(snapshot_folder) snapshot_file_path = os.path.join(snapshot_folder, "{0}.json".format(error_id)) snapshot = get_snapshot(exception) with open(encode(snapshot_file_path), 'wb') as error_file: error_file.write(encode(frappe.as_json(snapshot))) logger.error('New Exception collected with id: {}'.format(error_id)) except Exception, e: logger.error('Could not take error snapshot: {0}'.format(e))
def update_password(user, pwd, doctype='User', fieldname='password'): salt = frappe.generate_hash() frappe.db.sql("""insert into __Auth (doctype, name, fieldname, `password`, salt, encrypted) values (%(doctype)s, %(name)s, %(fieldname)s, password(concat(%(pwd)s, %(salt)s)), %(salt)s, 0) on duplicate key update `password`=password(concat(%(pwd)s, %(salt)s)), salt=%(salt)s, encrypted=0""", { 'doctype': doctype, 'name': user, 'fieldname': fieldname, 'pwd': pwd, 'salt': salt })
def update_oauth_user(user, data, provider): if isinstance(data.get("location"), dict): data["location"] = data.get("location").get("name") save = False if not frappe.db.exists("User", user): # is signup disabled? if frappe.utils.cint(frappe.db.get_single_value("Website Settings", "disable_signup")): raise SignupDisabledError save = True user = frappe.new_doc("User") user.update({ "doctype":"User", "first_name": get_first_name(data), "last_name": get_last_name(data), "email": data["email"], "gender": (data.get("gender") or "").title(), "enabled": 1, "new_password": frappe.generate_hash(data["email"]), "location": data.get("location"), "user_type": "Website User", "user_image": data.get("picture") or data.get("avatar_url") }) else: user = frappe.get_doc("User", user) if not user.enabled: frappe.respond_as_web_page(_('Not Allowed'), _('User {0} is disabled').format(user.email)) return False if provider=="facebook" and not user.get("fb_userid"): save = True user.update({ "fb_username": data.get("username"), "fb_userid": data["id"], "user_image": "https://graph.facebook.com/{id}/picture".format(id=data["id"]) }) elif provider=="google" and not user.get("google_userid"): save = True user.google_userid = data["id"] elif provider=="github" and not user.get("github_userid"): save = True user.github_userid = data["id"] user.github_username = data["login"] elif provider=="frappe" and not user.get("frappe_userid"): save = True user.frappe_userid = data["sub"] if save: user.flags.ignore_permissions = True user.flags.no_welcome_mail = True user.save()
def read_multi_pdf(output): # Get the content of the merged pdf files fname = os.path.join("/tmp", "frappe-pdf-{0}.pdf".format(frappe.generate_hash())) output.write(open(fname,"wb")) with open(fname, "rb") as fileobj: filedata = fileobj.read() return filedata
def generate_keys(user): """ generate api key and api secret :param user: str """ if "System Manager" in frappe.get_roles(): user_details = frappe.get_doc("User", user) api_secret = frappe.generate_hash(length=15) # if api key is not set generate api key if not user_details.api_key: api_key = frappe.generate_hash(length=15) user_details.api_key = api_key user_details.api_secret = api_secret user_details.save() return {"api_secret": api_secret} frappe.throw(frappe._("Not Permitted"), frappe.PermissionError)
def autoname(self): """Set name for folder""" if self.is_folder: if self.folder: self.name = self.get_name_based_on_parent_folder() else: # home self.name = self.file_name else: self.name = frappe.generate_hash("", 10)
def generate_csrf_token(): frappe.local.session.data.csrf_token = frappe.generate_hash() frappe.local.session_obj.update(force=True) # send sid and csrf token to the user # handles the case when a user logs in again from another tab # and it leads to invalid request in the current tab frappe.publish_realtime(event="csrf_generated", message={"sid": frappe.local.session.sid, "csrf_token": frappe.local.session.data.csrf_token}, user=frappe.session.user)
def get_link_for_qrcode(user, totp_uri): '''Get link to temporary page showing QRCode.''' key = frappe.generate_hash(length=20) key_user = "******".format(key) key_uri = "{}_uri".format(key) lifespan = int(frappe.db.get_value('System Settings', 'System Settings', 'lifespan_qrcode_image')) if lifespan<=0: lifespan = 240 frappe.cache().set_value(key_uri, totp_uri, expires_in_sec=lifespan) frappe.cache().set_value(key_user, user, expires_in_sec=lifespan) return get_url('/qrcode?k={}'.format(key))
def token(): dtoken = frappe.new_doc('Chat Token') dtoken.token = frappe.generate_hash() dtoken.ip_address = frappe.local.request_ip country = get_geo_ip_country(dtoken.ip_address) if country: dtoken.country = country['iso_code'] dtoken.save(ignore_permissions = True) return dtoken.token
def execute(): doctypes_to_skip = [] for doctype in ['Appraisal', 'Leave Allocation', 'Expense Claim', 'Instructor', 'Salary Slip', 'Attendance', 'Training Feedback', 'Training Result Employee', 'Leave Application', 'Employee Advance', 'Activity Cost', 'Training Event Employee', 'Timesheet', 'Sales Person', 'Payroll Employee Detail']: if frappe.db.exists('Custom Field', { 'dt': doctype, 'fieldname': 'department'}): continue doctypes_to_skip.append(doctype) frappe.reload_doctype('User Permission') user_permissions = frappe.get_all("User Permission", filters=[['allow', '=', 'Department'], ['applicable_for', 'in', [None] + doctypes_to_skip]], fields=['name', 'applicable_for']) user_permissions_to_delete = [] new_user_permissions_list = [] for user_permission in user_permissions: if user_permission.applicable_for: # simply delete user permission record since it needs to be skipped. user_permissions_to_delete.append(user_permission.name) else: # if applicable_for is `None` it means that user permission is applicable for every doctype # to avoid this we need to create other user permission records and only skip the listed doctypes in this patch linked_doctypes = get_linked_doctypes(user_permission.allow, True).keys() applicable_for_doctypes = list(set(linked_doctypes) - set(doctypes_to_skip)) user_permissions_to_delete.append(user_permission.name) for doctype in applicable_for_doctypes: if doctype: # Maintain sequence (name, user, allow, for_value, applicable_for, apply_to_all_doctypes) new_user_permissions_list.append(( frappe.generate_hash("", 10), user_permission.user, user_permission.allow, user_permission.for_value, doctype, 0 )) if new_user_permissions_list: frappe.db.sql(''' INSERT INTO `tabUser Permission` (`name`, `user`, `allow`, `for_value`, `applicable_for`, `apply_to_all_doctypes`) VALUES {}'''.format(', '.join(['%s'] * len(new_user_permissions_list))), # nosec tuple(new_user_permissions_list) ) if user_permissions_to_delete: frappe.db.sql('DELETE FROM `tabUser Permission` WHERE `name` IN ({})'.format( # nosec ','.join(['%s'] * len(user_permissions_to_delete)) ), tuple(user_permissions_to_delete))
def get_name_from_hash(): """ Get a name for a Batch by generating a unique hash. :return: The hash that was generated. """ temp = None while not temp: temp = frappe.generate_hash()[:7].upper() if frappe.db.exists('Batch', temp): temp = None return temp
def authenticate_for_2factor(user): '''Authenticate two factor for enabled user before login.''' if frappe.form_dict.get('otp'): return otp_secret = get_otpsecret_for_(user) token = int(pyotp.TOTP(otp_secret).now()) tmp_id = frappe.generate_hash(length=8) cache_2fa_data(user, token, otp_secret, tmp_id) verification_obj = get_verification_obj(user, token, otp_secret) # Save data in local frappe.local.response['verification'] = verification_obj frappe.local.response['tmp_id'] = tmp_id
def make_autoname(key='', doctype='', doc=''): """ Creates an autoname from the given key: **Autoname rules:** * The key is separated by '.' * '####' represents a series. The string before this part becomes the prefix: Example: ABC.#### creates a series ABC0001, ABC0002 etc * 'MM' represents the current month * 'YY' and 'YYYY' represent the current year *Example:* * DE/./.YY./.MM./.##### will create a series like DE/09/01/0001 where 09 is the year, 01 is the month and 0001 is the series """ if key=="hash": return frappe.generate_hash(doctype, 10) if not "#" in key: key = key + ".#####" elif not "." in key: frappe.throw(_("Invalid naming series (. missing)") + (_(" for {0}").format(doctype) if doctype else "")) n = '' l = key.split('.') series_set = False today = now_datetime() for e in l: part = '' if e.startswith('#'): if not series_set: digits = len(e) part = getseries(n, digits, doctype) series_set = True elif e=='YY': part = today.strftime('%y') elif e=='MM': part = today.strftime('%m') elif e=='DD': part = today.strftime("%d") elif e=='YYYY': part = today.strftime('%Y') elif doc and doc.get(e): part = doc.get(e) else: part = e if isinstance(part, basestring): n+=part return n
def qrcode_as_png(user, totp_uri): '''Save temporary Qrcode to server.''' from frappe.utils.file_manager import save_file folder = create_barcode_folder() png_file_name = '{}.png'.format(frappe.generate_hash(length=20)) file_obj = save_file(png_file_name, png_file_name, 'User', user, folder=folder) frappe.db.commit() file_url = get_url(file_obj.file_url) file_path = os.path.join(frappe.get_site_path('public', 'files'), file_obj.file_name) url = qrcreate(totp_uri) with open(file_path, 'w') as png_file: url.png(png_file, scale=8, module_color=[0, 0, 0, 180], background=[0xff, 0xff, 0xcc]) return file_url
def validate_settings(self): if self.enable_sync: if not self.secret: self.set("secret", frappe.generate_hash()) if not self.woocommerce_server_url: frappe.throw(_("Please enter Woocommerce Server URL")) if not self.api_consumer_key: frappe.throw(_("Please enter API Consumer Key")) if not self.api_consumer_secret: frappe.throw(_("Please enter API Consumer Secret"))
def get_random_group(): doc = frappe.get_doc({ "doctype": "Student Group", "student_group_name": "_Test Student Group-" + frappe.generate_hash(length=5), "group_based_on": "Activity" }).insert() student_list = frappe.get_all('Student', limit=5) doc.extend("students", [{"student":d.name, "active": 1} for d in student_list]) doc.save() return doc
def get_pdf(html, options=None): if not options: options = {} options.update({ "print-media-type": None, "background": None, "images": None, 'margin-top': '15mm', 'margin-right': '15mm', 'margin-bottom': '15mm', 'margin-left': '15mm', 'encoding': "UTF-8", 'quiet': None, 'no-outline': None, }) if frappe.session and frappe.session.sid: options['cookie'] = [('sid', '{0}'.format(frappe.session.sid))] if not options.get("page-size"): options['page-size'] = frappe.db.get_single_value( "Print Settings", "pdf_page_size") or "A4" html = scrub_urls(html) fname = os.path.join("/tmp", frappe.generate_hash() + ".pdf") try: pdfkit.from_string( html, fname, options=options or {}, ) with open(fname, "rb") as fileobj: filedata = fileobj.read() except IOError, e: if "ContentNotFoundError" in e.message or "ContentOperationNotPermittedError" in e.message: # allow pdfs with missing images if file got created if os.path.exists(fname): with open(fname, "rb") as fileobj: filedata = fileobj.read() else: frappe.throw( _("PDF generation failed because of broken image links")) else: raise
def get_template(doctype=None, parent_doctype=None, all_doctypes="No", with_data="No", select_columns=None, from_data_import="No", excel_format="No"): all_doctypes = all_doctypes == "Yes" if select_columns: select_columns = json.loads(select_columns) docs_to_export = {} if doctype: if isinstance(doctype, string_types): doctype = [doctype] if len(doctype) > 1: docs_to_export = doctype[1] doctype = doctype[0] if not parent_doctype: parent_doctype = doctype column_start_end = {} if all_doctypes: child_doctypes = [] for df in frappe.get_meta(doctype).get_table_fields(): child_doctypes.append( dict(doctype=df.options, parentfield=df.fieldname)) def get_data_keys_definition(): return get_data_keys() def add_main_header(): w.writerow([_('Data Import Template')]) w.writerow([get_data_keys_definition().main_table, doctype]) if parent_doctype != doctype: w.writerow( [get_data_keys_definition().parent_table, parent_doctype]) else: w.writerow(['']) w.writerow(['']) w.writerow([_('Notes:')]) w.writerow([_('Please do not change the template headings.')]) w.writerow([_('First data column must be blank.')]) w.writerow([ _('If you are uploading new records, leave the "name" (ID) column blank.' ) ]) w.writerow([ _('If you are uploading new records, "Naming Series" becomes mandatory, if present.' ) ]) w.writerow([ _('Only mandatory fields are necessary for new records. You can delete non-mandatory columns if you wish.' ) ]) w.writerow([_('For updating, you can update only selective columns.')]) w.writerow([ _('You can only upload upto 5000 records in one go. (may be less in some cases)' ) ]) if key == "parent": w.writerow([ _('"Parent" signifies the parent table in which this row must be added' ) ]) w.writerow([ _('If you are updating, please select "Overwrite" else existing rows will not be deleted.' ) ]) def build_field_columns(dt, parentfield=None): meta = frappe.get_meta(dt) # build list of valid docfields tablecolumns = [] for f in frappe.db.sql('desc `tab%s`' % dt): field = meta.get_field(f[0]) if field and ((select_columns and f[0] in select_columns[dt]) or not select_columns): tablecolumns.append(field) tablecolumns.sort(key=lambda a: int(a.idx)) _column_start_end = frappe._dict(start=0) if dt == doctype: _column_start_end = frappe._dict(start=0) else: _column_start_end = frappe._dict(start=len(columns)) append_field_column( frappe._dict({ "fieldname": "name", "parent": dt, "label": "ID", "fieldtype": "Data", "reqd": 1, "idx": 0, "info": _("Leave blank for new records") }), True) for docfield in tablecolumns: append_field_column(docfield, True) # all non mandatory fields for docfield in tablecolumns: append_field_column(docfield, False) # if there is one column, add a blank column (?) if len(columns) - _column_start_end.start == 1: append_empty_field_column() # append DocType name tablerow[_column_start_end.start + 1] = dt if parentfield: tablerow[_column_start_end.start + 2] = parentfield _column_start_end.end = len(columns) + 1 column_start_end[(dt, parentfield)] = _column_start_end def append_field_column(docfield, for_mandatory): if not docfield: return if for_mandatory and not docfield.reqd: return if not for_mandatory and docfield.reqd: return if docfield.fieldname in ('parenttype', 'trash_reason'): return if docfield.hidden: return if select_columns and docfield.fieldname not in select_columns.get( docfield.parent, []): return tablerow.append("") fieldrow.append(docfield.fieldname) labelrow.append(_(docfield.label)) mandatoryrow.append(docfield.reqd and 'Yes' or 'No') typerow.append(docfield.fieldtype) inforow.append(getinforow(docfield)) columns.append(docfield.fieldname) def append_empty_field_column(): tablerow.append("~") fieldrow.append("~") labelrow.append("") mandatoryrow.append("") typerow.append("") inforow.append("") columns.append("") def getinforow(docfield): """make info comment for options, links etc.""" if docfield.fieldtype == 'Select': if not docfield.options: return '' else: return _("One of") + ': %s' % ', '.join( filter(None, docfield.options.split('\n'))) elif docfield.fieldtype == 'Link': return 'Valid %s' % docfield.options elif docfield.fieldtype == 'Int': return 'Integer' elif docfield.fieldtype == "Check": return "0 or 1" elif docfield.fieldtype in ["Date", "Datetime"]: return cstr(frappe.defaults.get_defaults().date_format) elif hasattr(docfield, "info"): return docfield.info else: return '' def add_field_headings(): w.writerow(tablerow) w.writerow(labelrow) w.writerow(fieldrow) w.writerow(mandatoryrow) w.writerow(typerow) w.writerow(inforow) w.writerow([get_data_keys_definition().data_separator]) def add_data(): def add_data_row(row_group, dt, parentfield, doc, rowidx): d = doc.copy() meta = frappe.get_meta(dt) if all_doctypes: d.name = '"' + d.name + '"' if len(row_group) < rowidx + 1: row_group.append([""] * (len(columns) + 1)) row = row_group[rowidx] _column_start_end = column_start_end.get((dt, parentfield)) if _column_start_end: for i, c in enumerate(columns[_column_start_end. start:_column_start_end.end]): df = meta.get_field(c) fieldtype = df.fieldtype if df else "Data" value = d.get(c, "") if value: if fieldtype == "Date": value = formatdate(value) elif fieldtype == "Datetime": value = format_datetime(value) row[_column_start_end.start + i + 1] = value if with_data == 'Yes': frappe.permissions.can_export(parent_doctype, raise_exception=True) # sort nested set doctypes by `lft asc` order_by = None table_columns = frappe.db.get_table_columns(parent_doctype) if 'lft' in table_columns and 'rgt' in table_columns: order_by = '`tab{doctype}`.`lft` asc'.format( doctype=parent_doctype) # get permitted data only data = frappe.get_list(doctype, fields=["*"], limit_page_length=None, order_by=order_by) for doc in data: op = docs_to_export.get("op") names = docs_to_export.get("name") if names and op: if op == '=' and doc.name not in names: continue elif op == '!=' and doc.name in names: continue elif names: try: sflags = docs_to_export.get("flags", "I,U").upper() flags = 0 for a in re.split('\W+', sflags): flags = flags | reflags.get(a, 0) c = re.compile(names, flags) m = c.match(doc.name) if not m: continue except: if doc.name not in names: continue # add main table row_group = [] add_data_row(row_group, doctype, None, doc, 0) if all_doctypes: # add child tables for c in child_doctypes: for ci, child in enumerate( frappe.db.sql("""select * from `tab{0}` where parent=%s and parentfield=%s order by idx""".format(c['doctype']), (doc.name, c['parentfield']), as_dict=1)): add_data_row(row_group, c['doctype'], c['parentfield'], child, ci) for row in row_group: w.writerow(row) w = UnicodeWriter() key = 'parent' if parent_doctype != doctype else 'name' add_main_header() w.writerow(['']) tablerow = [get_data_keys_definition().doctype, ""] labelrow = [_("Column Labels:"), "ID"] fieldrow = [get_data_keys_definition().columns, key] mandatoryrow = [_("Mandatory:"), _("Yes")] typerow = [_('Type:'), 'Data (text)'] inforow = [_('Info:'), ''] columns = [key] build_field_columns(doctype) if all_doctypes: for d in child_doctypes: append_empty_field_column() if (select_columns and select_columns.get( d['doctype'], None)) or not select_columns: # if atleast one column is selected for this doctype build_field_columns(d['doctype'], d['parentfield']) add_field_headings() add_data() if from_data_import == "Yes" and excel_format == "Yes": filename = frappe.generate_hash("", 10) with open(filename, 'wb') as f: f.write(cstr(w.getvalue()).encode("utf-8")) f = open(filename) # increase the field limit in case of larger fields # works for Python 2.x and 3.x csv.field_size_limit(sys.maxsize) reader = csv.reader(f) from frappe.utils.xlsxutils import make_xlsx xlsx_file = make_xlsx(reader, "Data Import Template") f.close() os.remove(filename) # write out response as a xlsx type frappe.response['filename'] = doctype + '.xlsx' frappe.response['filecontent'] = xlsx_file.getvalue() frappe.response['type'] = 'binary' else: # write out response as a type csv frappe.response['result'] = cstr(w.getvalue()) frappe.response['type'] = 'csv' frappe.response['doctype'] = doctype
def execute(): contact_details = frappe.db.sql(""" SELECT `name`, `email_id`, `phone`, `mobile_no`, `modified_by`, `creation`, `modified` FROM `tabContact` """, as_dict=True) frappe.reload_doc("contacts", "doctype", "contact_email") frappe.reload_doc("contacts", "doctype", "contact_phone") frappe.reload_doc("contacts", "doctype", "contact") email_values = [] phone_values = [] for count, contact_detail in enumerate(contact_details): phone_counter = 1 is_primary = 1 if contact_detail.email_id: email_values.append( (1, frappe.generate_hash(contact_detail.email_id, 10), contact_detail.email_id, 'email_ids', 'Contact', contact_detail.name, 1, contact_detail.creation, contact_detail.modified, contact_detail.modified_by)) if contact_detail.phone: is_primary_phone = 1 if phone_counter == 1 else 0 phone_values.append( (phone_counter, frappe.generate_hash(contact_detail.email_id, 10), contact_detail.phone, 'phone_nos', 'Contact', contact_detail.name, is_primary_phone, 0, contact_detail.creation, contact_detail.modified, contact_detail.modified_by)) phone_counter += 1 if contact_detail.mobile_no: is_primary_mobile_no = 1 if phone_counter == 1 else 0 phone_values.append( (phone_counter, frappe.generate_hash(contact_detail.email_id, 10), contact_detail.mobile_no, 'phone_nos', 'Contact', contact_detail.name, 0, is_primary_mobile_no, contact_detail.creation, contact_detail.modified, contact_detail.modified_by)) if email_values and (count % 10000 == 0 or count == len(contact_details) - 1): frappe.db.sql( """ INSERT INTO `tabContact Email` (`idx`, `name`, `email_id`, `parentfield`, `parenttype`, `parent`, `is_primary`, `creation`, `modified`, `modified_by`) VALUES {} """.format(", ".join(['%s'] * len(email_values))), tuple(email_values)) email_values = [] if phone_values and (count % 10000 == 0 or count == len(contact_details) - 1): frappe.db.sql( """ INSERT INTO `tabContact Phone` (`idx`, `name`, `phone`, `parentfield`, `parenttype`, `parent`, `is_primary_phone`, `is_primary_mobile_no`, `creation`, `modified`, `modified_by`) VALUES {} """.format(", ".join(['%s'] * len(phone_values))), tuple(phone_values)) phone_values = [] frappe.db.add_index("Contact Phone", ["phone"]) frappe.db.add_index("Contact Email", ["email_id"])
def update_oauth_user(user, data, provider): if isinstance(data.get("location"), dict): data["location"] = data.get("location").get("name") save = False if not frappe.db.exists("User", user): # is signup disabled? if frappe.utils.cint( frappe.db.get_single_value("Website Settings", "disable_signup")): raise SignupDisabledError save = True user = frappe.new_doc("User") user.update({ "doctype": "User", "first_name": get_first_name(data), "last_name": get_last_name(data), "email": data["email"], "gender": (data.get("gender") or "").title(), "enabled": 1, "new_password": frappe.generate_hash(data["email"]), "location": data.get("location"), "user_type": "Website User", "user_image": data.get("picture") or data.get("avatar_url") }) else: user = frappe.get_doc("User", user) if not user.enabled: frappe.respond_as_web_page( _('Not Allowed'), _('User {0} is disabled').format(user.email)) return False if provider == "facebook" and not user.get_social_login_userid(provider): save = True user.set_social_login_userid(provider, userid=data["id"], username=data.get("username")) user.update({ "user_image": "https://graph.facebook.com/{id}/picture".format(id=data["id"]) }) elif provider == "google" and not user.get_social_login_userid(provider): save = True user.set_social_login_userid(provider, userid=data["id"]) elif provider == "github" and not user.get_social_login_userid(provider): save = True user.set_social_login_userid(provider, userid=data["id"], username=data.get("login")) elif provider == "frappe" and not user.get_social_login_userid(provider): save = True user.set_social_login_userid(provider, userid=data["sub"]) elif provider == "office_365" and not user.get_social_login_userid( provider): save = True user.set_social_login_userid(provider, userid=data["sub"]) if save: user.flags.ignore_permissions = True user.flags.no_welcome_mail = True user.save()
def generate_hash(*args, **kwargs): return frappe.generate_hash(*args, **kwargs)
def generate_csrf_token(): frappe.local.session.data.csrf_token = frappe.generate_hash() frappe.local.session_obj.update(force=True)
def execute(): if not frappe.get_all('Pricing Rule', limit=1): return frappe.reload_doc('accounts', 'doctype', 'pricing_rule_detail') doctypes = { 'Supplier Quotation': 'buying', 'Purchase Order': 'buying', 'Purchase Invoice': 'accounts', 'Purchase Receipt': 'stock', 'Quotation': 'selling', 'Sales Order': 'selling', 'Sales Invoice': 'accounts', 'Delivery Note': 'stock' } for doctype, module in doctypes.items(): frappe.reload_doc(module, 'doctype', frappe.scrub(doctype)) child_doc = frappe.scrub(doctype) + '_item' frappe.reload_doc(module, 'doctype', child_doc) child_doctype = doctype + ' Item' frappe.db.sql( """ UPDATE `tab{child_doctype}` SET pricing_rules = pricing_rule WHERE docstatus < 2 and pricing_rule is not null and pricing_rule != '' """.format(child_doctype=child_doctype)) data = frappe.db.sql(""" SELECT pricing_rule, name, parent, parenttype, creation, modified, docstatus, modified_by, owner, name FROM `tab{child_doc}` where docstatus < 2 and pricing_rule is not null and pricing_rule != ''""".format(child_doc=child_doctype), as_dict=1) values = [] for d in data: values.append( (d.pricing_rule, d.name, d.parent, 'pricing_rules', d.parenttype, d.creation, d.modified, d.docstatus, d.modified_by, d.owner, frappe.generate_hash("", 10))) if values: frappe.db.sql( """ INSERT INTO `tabPricing Rule Detail` (`pricing_rule`, `child_docname`, `parent`, `parentfield`, `parenttype`, `creation`, `modified`, `docstatus`, `modified_by`, `owner`, `name`) VALUES {values} """.format(values=', '.join(['%s'] * len(values))), tuple(values)) frappe.reload_doc('accounts', 'doctype', 'pricing_rule') for doctype, apply_on in { 'Pricing Rule Item Code': 'Item Code', 'Pricing Rule Item Group': 'Item Group', 'Pricing Rule Brand': 'Brand' }.items(): frappe.reload_doc('accounts', 'doctype', frappe.scrub(doctype)) field = frappe.scrub(apply_on) data = frappe.get_all('Pricing Rule', fields=[ field, "name", "creation", "modified", "owner", "modified_by" ], filters={'apply_on': apply_on}) values = [] for d in data: values.append( (d.get(field), d.name, parentfield.get(field), 'Pricing Rule', d.creation, d.modified, d.owner, d.modified_by, frappe.generate_hash("", 10))) if values: frappe.db.sql( """ INSERT INTO `tab{doctype}` ({field}, parent, parentfield, parenttype, creation, modified, owner, modified_by, name) VALUES {values} """.format(doctype=doctype, field=field, values=', '.join(['%s'] * len(values))), tuple(values))
def autoname(self): """ Temporarily name doc for fast insertion name will be changed using autoname options (in a scheduled job) """ self.name = frappe.generate_hash(txt="", length=10)
def execute(): ''' Fields to move from the item to item defaults child table [ default_warehouse, buying_cost_center, expense_account, selling_cost_center, income_account ] ''' if not frappe.db.has_column('Item', 'default_warehouse'): return frappe.reload_doc('stock', 'doctype', 'item_default') frappe.reload_doc('stock', 'doctype', 'item') companies = frappe.get_all("Company") if len(companies) == 1 and not frappe.get_all("Item Default", limit=1): try: frappe.db.sql(''' INSERT INTO `tabItem Default` (name, parent, parenttype, parentfield, idx, company, default_warehouse, buying_cost_center, selling_cost_center, expense_account, income_account, default_supplier) SELECT SUBSTRING(SHA2(name,224), 1, 10) as name, name as parent, 'Item' as parenttype, 'item_defaults' as parentfield, 1 as idx, %s as company, default_warehouse, buying_cost_center, selling_cost_center, expense_account, income_account, default_supplier FROM `tabItem`; ''', companies[0].name) except: pass else: item_details = frappe.db.sql(""" SELECT name, default_warehouse, buying_cost_center, expense_account, selling_cost_center, income_account FROM tabItem WHERE name not in (select distinct parent from `tabItem Default`) and ifnull(disabled, 0) = 0""", as_dict=1) items_default_data = {} for item_data in item_details: for d in [["default_warehouse", "Warehouse"], ["expense_account", "Account"], ["income_account", "Account"], [ "buying_cost_center", "Cost Center"], ["selling_cost_center", "Cost Center"]]: if item_data.get(d[0]): company = frappe.get_value( d[1], item_data.get(d[0]), "company", cache=True) if item_data.name not in items_default_data: items_default_data[item_data.name] = {} company_wise_data = items_default_data[item_data.name] if company not in company_wise_data: company_wise_data[company] = {} default_data = company_wise_data[company] default_data[d[0]] = item_data.get(d[0]) to_insert_data = [] # items_default_data data structure will be as follow # { # 'item_code 1': {'company 1': {'default_warehouse': 'Test Warehouse 1'}}, # 'item_code 2': { # 'company 1': {'default_warehouse': 'Test Warehouse 1'}, # 'company 2': {'default_warehouse': 'Test Warehouse 1'} # } # } for item_code, companywise_item_data in items_default_data.items(): for company, item_default_data in companywise_item_data.items(): to_insert_data.append(( frappe.generate_hash("", 10), item_code, 'Item', 'item_defaults', company, item_default_data.get('default_warehouse'), item_default_data.get('expense_account'), item_default_data.get('income_account'), item_default_data.get('buying_cost_center'), item_default_data.get('selling_cost_center'), )) if to_insert_data: frappe.db.sql(''' INSERT INTO `tabItem Default` ( `name`, `parent`, `parenttype`, `parentfield`, `company`, `default_warehouse`, `expense_account`, `income_account`, `buying_cost_center`, `selling_cost_center` ) VALUES {} '''.format(', '.join(['%s'] * len(to_insert_data))), tuple(to_insert_data))
def convert_item_to_batched(item_code): """ - how is batch defined ? where is the qty details of the batch stored ? where is it fetched ? and on move where is it taken ? --> no qty info stored in tabBatch everything from stock ledger - One batch per item ? yes - How is reference to an item tracked on deletion ? - check_if_doc_is_linked `from frappe.model.rename_doc import get_link_fields(doctype)` - parent doctype is obtained if doctype contains field batch_no: update; --> obtain field list `frappe.db.get_table(doctype)` - check_if_doc_is_dynamically_linked create new batch named 'x' for item y with total qty = total incoming qty total qty = sum(positive actual_qty from tabStock Ledger Entry) - no need to update the qtys anywhere all such details comes from stock ledger entries """ if frappe.db.get_value("Item", item_code, "has_batch_no"): print("Already batched item.") return frappe.db.begin() try: frappe.db.set_value("Item", item_code, "has_batch_no", 1) frappe.db.set_value("Item", item_code, "create_new_batch", 1) batch_doc = frappe.new_doc("Batch") temp = None while not temp: temp = frappe.generate_hash()[:7].upper() if frappe.db.exists("Batch", temp): temp = None batch_doc.batch_id = temp batch_doc.item = item_code batch_doc.description = "Auto Generated - Console ERP Solutions" batch_doc.insert() # static links # ignoring dynamic links # refer frappe.model.delete_doc.check_if_doc_is_dynamically_linked from frappe.model.rename_doc import get_link_fields links = get_link_fields("Item") for link_field in links: if link_field.issingle: continue columns = frappe.db.get_table_columns(link_field.parent) if not "item_code" in columns or not "batch_no" in columns: continue frappe.db.sql("UPDATE `%s` SET batch_no=%s where item_code=%s;" % ('tab' + link_field.parent, "%s", "%s"), (batch_doc.batch_id, item_code), debug=1) frappe.db.sql("UPDATE `tabStock Ledger Entry` SET batch_no=%s WHERE item_code=%s;", (batch_doc.batch_id, item_code), debug=1) from frappe.sessions import clear_cache print("Successfully converted") except Exception: frappe.db.rollback() raise else: frappe.db.commit()
def share_mandat_and_related_docs(mandat, user_to_add): related_docs = [ 'Vollmacht', 'Anforderung Patientendossier', 'Medizinischer Bericht', 'Triage', 'Abschlussbericht', 'Freies Schreiben', 'SPO Anhang' ] for related_doc in related_docs: doc_type = related_doc doc_names = frappe.db.sql( """SELECT `name` FROM `tab{doc_type}` WHERE `mandat` = '{mandat}'""" .format(doc_type=doc_type, mandat=mandat), as_dict=True) for doc_name in doc_names: doc_name = doc_name.name # check if already exist and update if neccesary existing = frappe.db.sql( """SELECT `name` FROM `tabDocShare` WHERE `user` = '{user_to_add}' AND `share_doctype` = '{doc_type}' AND `share_name` = '{doc_name}'""" .format(user_to_add=user_to_add, doc_type=doc_type, doc_name=doc_name), as_dict=True) if len(existing) > 0: for shared_doc in existing: frappe.db.sql( """UPDATE `tabDocShare` SET `read` = 1, `share` = 1, `write` = 1, `modified` = '{datetime}' WHERE `name` = '{name}'""" .format(name=shared_doc.name, datetime=now_datetime()), as_list=True) else: # if not exist, create new hash = frappe.generate_hash('DocShare', 10) frappe.db.sql("""INSERT INTO `tabDocShare` (`name`, `creation`, `modified`, `modified_by`, `owner`, `docstatus`, `idx`, `everyone`, `share_name`, `read`, `share`, `write`, `notify_by_email`, `user`, `share_doctype`) VALUES ('{hash}', '{datetime}', '{datetime}', '{user}', '{user}', 0, 0, 0, '{doc_name}', 1, 1, 1, 1, '{user_to_add}', '{doc_type}')""" .format(hash=hash, datetime=now_datetime(), user=frappe.session.user, doc_name=doc_name, user_to_add=user_to_add, doc_type=doc_type), as_list=True) doc_type = 'Mandat' doc_name = mandat # check if already exist and update if neccesary existing = frappe.db.sql( """SELECT `name` FROM `tabDocShare` WHERE `user` = '{user_to_add}' AND `share_doctype` = '{doc_type}' AND `share_name` = '{doc_name}'""" .format(user_to_add=user_to_add, doc_type=doc_type, doc_name=doc_name), as_dict=True) if len(existing) > 0: for shared_doc in existing: frappe.db.sql( """UPDATE `tabDocShare` SET `read` = 1, `share` = 1, `write` = 1, `modified` = '{datetime}' WHERE `name` = '{name}'""" .format(name=shared_doc.name, datetime=now_datetime()), as_list=True) else: # if not exist, create new hash = frappe.generate_hash('DocShare', 10) frappe.db.sql("""INSERT INTO `tabDocShare` (`name`, `creation`, `modified`, `modified_by`, `owner`, `docstatus`, `idx`, `everyone`, `share_name`, `read`, `share`, `write`, `notify_by_email`, `user`, `share_doctype`) VALUES ('{hash}', '{datetime}', '{datetime}', '{user}', '{user}', 0, 0, 0, '{doc_name}', 1, 1, 1, 1, '{user_to_add}', '{doc_type}')""" .format(hash=hash, datetime=now_datetime(), user=frappe.session.user, doc_name=doc_name, user_to_add=user_to_add, doc_type=doc_type), as_list=True) frappe.db.commit() return 'ok'
def update_oauth_user(user, data, provider): if isinstance(data.get("location"), dict): data["location"] = data.get("location").get("name") save = False if not frappe.db.exists("User", user): # is signup disabled? if frappe.utils.cint( frappe.db.get_single_value("Website Settings", "disable_signup")): raise SignupDisabledError save = True user = frappe.new_doc("User") gender = data.get("gender", "").title() if gender and not frappe.db.exists("Gender", gender): doc = frappe.new_doc("Gender", {"gender": gender}) doc.insert(ignore_permissions=True) user.update({ "doctype": "User", "first_name": get_first_name(data), "last_name": get_last_name(data), "email": get_email(data), "gender": gender, "enabled": 1, "new_password": frappe.generate_hash(get_email(data)), "location": data.get("location"), "user_type": "Website User", "user_image": data.get("picture") or data.get("avatar_url") }) else: user = frappe.get_doc("User", user) if not user.enabled: frappe.respond_as_web_page( _('Not Allowed'), _('User {0} is disabled').format(user.email)) return False if provider == "facebook" and not user.get_social_login_userid(provider): save = True user.set_social_login_userid(provider, userid=data["id"], username=data.get("username")) user.update({ "user_image": "https://graph.facebook.com/{id}/picture".format(id=data["id"]) }) elif provider == "google" and not user.get_social_login_userid(provider): save = True user.set_social_login_userid(provider, userid=data["id"]) elif provider == "github" and not user.get_social_login_userid(provider): save = True user.set_social_login_userid(provider, userid=data["id"], username=data.get("login")) elif provider == "frappe" and not user.get_social_login_userid(provider): save = True user.set_social_login_userid(provider, userid=data["sub"]) elif provider == "office_365" and not user.get_social_login_userid( provider): save = True user.set_social_login_userid(provider, userid=data["sub"]) elif provider == "salesforce" and not user.get_social_login_userid( provider): save = True user.set_social_login_userid(provider, userid="/".join( data["sub"].split("/")[-2:])) elif not user.get_social_login_userid(provider): save = True user_id_property = frappe.db.get_value("Social Login Key", provider, "user_id_property") or "sub" user.set_social_login_userid(provider, userid=data[user_id_property]) if save: user.flags.ignore_permissions = True user.flags.no_welcome_mail = True # set default signup role as per Portal Settings default_role = frappe.db.get_single_value("Portal Settings", "default_role") if default_role: user.add_roles(default_role) user.save()
def update_oauth_user(user, data, provider): if isinstance(data.get("location"), dict): data["location"] = data.get("location").get("name") save = False barcode=get_barcode() args={ "person_firstname":data.get("first_name") or data.get("given_name") or data.get("name"), "person_middlename":"add", "person_lastname": data.get("last_name") or data.get("family_name"), "email":data.get("email"), "mobile":"", "received_from":"Desktop", "provider":"false", "barcode":str(barcode) } if not frappe.db.exists("User", user): # is signup disabled? if frappe.utils.cint(frappe.db.get_single_value("Website Settings", "disable_signup")): raise SignupDisabledError profile_res=create_profile_in_solr(args) response=json.loads(profile_res) if response['returncode']==101: path=get_image_path(barcode,response['entityid']) file_path='/files/'+response['entityid']+'/'+response['entityid']+".svg" save = True user = frappe.new_doc("User") user.update({ "doctype":"User", "profile_id":response['entityid'], "first_name": data.get("first_name") or data.get("given_name") or data.get("name"), "last_name": data.get("last_name") or data.get("family_name"), "email": data["email"], "gender": (data.get("gender") or "").title(), "enabled": 1, "new_password": frappe.generate_hash(data["email"]), "location": data.get("location"), "user_type": "Website User", "access_type":"Patient", "user_image": data.get("picture") or data.get("avatar_url"), "created_via":"Desktop", "barcode":file_path }) else: save = True user = frappe.new_doc("User") user.update({ "doctype":"User", "first_name": data.get("first_name") or data.get("given_name") or data.get("name"), "last_name": data.get("last_name") or data.get("family_name"), "email": data["email"], "gender": (data.get("gender") or "").title(), "enabled": 1, "new_password": frappe.generate_hash(data["email"]), "location": data.get("location"), "user_type": "Website User", "user_image": data.get("picture") or data.get("avatar_url") }) else: user = frappe.get_doc("User", user) save = True if not user.profile_id and not user.access_type=="Provider": profile_res=create_profile_in_solr(args) if response['returncode']==101: path=get_image_path(barcode,response['entityid']) file_path='/files/'+response['entityid']+'/'+response['entityid']+".svg" if not barcode: user.update({ "barcode":file_path, "profile_id":response['entityid'] }) else: user.update({ "profile_id":response['entityid'] }) if provider=="facebook" and not user.get("fb_userid"): save = True user.update({ "fb_username": data.get("username"), "fb_userid": data["id"], "user_image": "https://graph.facebook.com/{id}/picture".format(id=data["id"]) }) elif provider=="google" and not user.get("google_userid"): save = True user.google_userid = data["id"] elif provider=="github" and not user.get("github_userid"): save = True user.github_userid = data["id"] user.github_username = data["login"] if save: user.ignore_permissions = True user.no_welcome_mail = True user.save()
def set_temp(self, value): """Set a temperory value and return a key.""" key = frappe.generate_hash() frappe.cache().hset("temp", key, value) return key
def login_oauth_user(data=None, provider=None, state=None, email_id=None, key=None, generate_login_token=False): # NOTE: This could lead to security issue as the signed in user can type any email address in complete_signup # if email_id and key: # data = json.loads(frappe.db.get_temp(key)) # # What if data is missing because of an invalid key # data["email"] = email_id # # elif not (data.get("email") and get_first_name(data)) and not frappe.db.exists("User", data.get("email")): # # ask for user email # key = frappe.db.set_temp(json.dumps(data)) # frappe.db.commit() # frappe.local.response["type"] = "redirect" # frappe.local.response["location"] = "/complete_signup?key=" + key # return # json.loads data and state if isinstance(data, string_types): data = json.loads(data) if isinstance(state, string_types): state = json.loads(state) if not (state and state["token"]): frappe.respond_as_web_page(_("Invalid Request"), _("Token is missing"), http_status_code=417) return token = frappe.cache().get_value("{0}:{1}".format(provider, state["token"]), expires=True) if not token: frappe.respond_as_web_page(_("Invalid Request"), _("Invalid Token"), http_status_code=417) return user = data["email"] if not user: frappe.respond_as_web_page( _("Invalid Request"), _("Please ensure that your profile has an email address")) return try: if update_oauth_user(user, data, provider) is False: return except SignupDisabledError: return frappe.respond_as_web_page( "Signup is Disabled", "Sorry. Signup from Website is disabled.", success=False, http_status_code=403) frappe.local.login_manager.user = user frappe.local.login_manager.post_login() # because of a GET request! frappe.db.commit() if frappe.utils.cint(generate_login_token): login_token = frappe.generate_hash(length=32) frappe.cache().set_value("login_token:{0}".format(login_token), frappe.local.session.sid, expires_in_sec=120) frappe.response["login_token"] = login_token else: redirect_post_login( desk_user=frappe.local.response.get('message') == 'Logged In')
def set_id(doc, method): doc._id = frappe.generate_hash("User", 15)
def execute(): frappe.reload_doctype("User Permission") # to check if we need to migrate from skip_for_doctype has_skip_for_doctype = frappe.db.has_column("User Permission", "skip_for_doctype") skip_for_doctype_map = {} new_user_permissions_list = [] user_permissions_to_delete = [] for user_permission in frappe.get_all("User Permission", fields=["*"]): skip_for_doctype = [] # while migrating from v11 -> v11 if has_skip_for_doctype: if not user_permission.skip_for_doctype: continue skip_for_doctype = user_permission.skip_for_doctype.split("\n") else: # while migrating from v10 -> v11 if skip_for_doctype_map.get( (user_permission.allow, user_permission.user)) == None: skip_for_doctype = get_doctypes_to_skip( user_permission.allow, user_permission.user) # cache skip for doctype for same user and doctype skip_for_doctype_map[(user_permission.allow, user_permission.user)] = skip_for_doctype else: skip_for_doctype = skip_for_doctype_map[(user_permission.allow, user_permission.user)] if skip_for_doctype: # only specific doctypes are selected # split this into multiple records and delete linked_doctypes = get_linked_doctypes(user_permission.allow, True).keys() linked_doctypes = list(linked_doctypes) # append the doctype for which we have build the user permission linked_doctypes += [user_permission.allow] applicable_for_doctypes = list( set(linked_doctypes) - set(skip_for_doctype)) user_permissions_to_delete.append(user_permission.name) user_permission.name = None user_permission.skip_for_doctype = None for doctype in applicable_for_doctypes: if doctype: # Maintain sequence (name, user, allow, for_value, applicable_for, apply_to_all_doctypes, creation, modified) new_user_permissions_list.append(( frappe.generate_hash("", 10), user_permission.user, user_permission.allow, user_permission.for_value, doctype, 0, user_permission.creation, user_permission.modified, )) else: # No skip_for_doctype found! Just update apply_to_all_doctypes. frappe.db.set_value("User Permission", user_permission.name, "apply_to_all_doctypes", 1) if new_user_permissions_list: frappe.db.sql( """ INSERT INTO `tabUser Permission` (`name`, `user`, `allow`, `for_value`, `applicable_for`, `apply_to_all_doctypes`, `creation`, `modified`) VALUES {} """.format( # nosec ", ".join(["%s"] * len(new_user_permissions_list))), tuple(new_user_permissions_list), ) if user_permissions_to_delete: frappe.db.sql( "DELETE FROM `tabUser Permission` WHERE `name` in ({})". format( # nosec ",".join(["%s"] * len(user_permissions_to_delete))), tuple(user_permissions_to_delete), )
def generate_secret(): woocommerce_settings = frappe.get_doc("Woocommerce Settings") woocommerce_settings.secret = frappe.generate_hash() woocommerce_settings.save()