def validate_user(self, username, password, client, request, *args, **kwargs): """Ensure the username and password is valid. Method is used by: - Resource Owner Password Credentials Grant """ login_manager = LoginManager() login_manager.authenticate(username, password) request.user = login_manager.user return True
def __init__(self): # Get Environment variables self.domain = frappe.request.host if self.domain and self.domain.startswith('www.'): self.domain = self.domain[4:] if frappe.get_request_header('X-Forwarded-For'): frappe.local.request_ip = (frappe.get_request_header( 'X-Forwarded-For').split(",")[0]).strip() elif frappe.get_request_header('REMOTE_ADDR'): frappe.local.request_ip = frappe.get_request_header('REMOTE_ADDR') else: frappe.local.request_ip = '127.0.0.1' # language self.set_lang() # set db before jwt check, so token error handling can be stored # We get Internal Server Error otherwise self.connect() # JWT jwt_token = None # Check for Auth Header, if present, replace the request cookie value if frappe.get_request_header("Authorization"): token_header = frappe.get_request_header("Authorization").split( " ") if token_header[0].lower() not in ( "basic", "bearer") and ":" not in token_header[-1]: jwt_token = token_header[-1] elif frappe.request.path.startswith( '/private/files/') and frappe.request.args.get("token"): jwt_token = frappe.request.args.get("token") if jwt_token: headers = frappe._dict(frappe.request.headers) headers["Authorization"] = f"Bearer {jwt_token}" frappe.request.headers = headers # load cookies frappe.local.cookie_manager = CookieManagerJWT() # login frappe.local.login_manager = LoginManager() if frappe.form_dict._lang: lang = get_lang_code(frappe.form_dict._lang) if lang: frappe.local.lang = lang self.validate_csrf_token() # write out latest cookies frappe.local.cookie_manager.init_cookies() # check status check_session_stopped()
def test_brute_security(self): update_system_settings({ 'allow_consecutive_login_attempts': 3, 'allow_login_after_fail': 5 }) frappe.local.form_dict = frappe._dict({ 'cmd': 'login', 'sid': 'Guest', 'pwd': 'admin', 'usr': '******' }) frappe.local.cookie_manager = CookieManager() frappe.local.login_manager = LoginManager() auth_log = self.get_auth_log() self.assertEquals(auth_log.status, 'Success') # test user logout log frappe.local.login_manager.logout() auth_log = self.get_auth_log(operation='Logout') self.assertEquals(auth_log.status, 'Success') # test invalid login frappe.form_dict.update({'pwd': 'password'}) self.assertRaises(frappe.AuthenticationError, LoginManager) self.assertRaises(frappe.AuthenticationError, LoginManager) self.assertRaises(frappe.AuthenticationError, LoginManager) self.assertRaises(frappe.SecurityException, LoginManager) time.sleep(5) self.assertRaises(frappe.AuthenticationError, LoginManager) frappe.local.form_dict = frappe._dict()
def test_authentication_log(self): from frappe.auth import LoginManager, CookieManager # test user login log frappe.local.form_dict = {'cmd': 'login'} frappe.form_dict = { 'sid': 'Guest', 'pwd': 'admin', 'usr': '******' } frappe.local.cookie_manager = CookieManager() frappe.local.login_manager = LoginManager() auth_log = self.get_auth_log() self.assertEquals(auth_log.status, 'Success') # test user logout log frappe.local.login_manager.logout() auth_log = self.get_auth_log(operation='Logout') self.assertEquals(auth_log.status, 'Success') # test invalid login frappe.form_dict.update({'pwd': 'password'}) self.assertRaises(frappe.AuthenticationError, LoginManager) auth_log = self.get_auth_log() self.assertEquals(auth_log.status, 'Failed')
def test_activity_log(self): # test user login log frappe.local.form_dict = frappe._dict({ "cmd": "login", "sid": "Guest", "pwd": "admin", "usr": "******" }) frappe.local.cookie_manager = CookieManager() frappe.local.login_manager = LoginManager() auth_log = self.get_auth_log() self.assertEqual(auth_log.status, "Success") # test user logout log frappe.local.login_manager.logout() auth_log = self.get_auth_log(operation="Logout") self.assertEqual(auth_log.status, "Success") # test invalid login frappe.form_dict.update({"pwd": "password"}) self.assertRaises(frappe.AuthenticationError, LoginManager) auth_log = self.get_auth_log() self.assertEqual(auth_log.status, "Failed") frappe.local.form_dict = frappe._dict()
def login_via_token(login_token): sid = frappe.cache().get_value("login_token:{0}".format(login_token), expires=True) if not sid: frappe.respond_as_web_page(_("Invalid Request"), _("Invalid Login Token"), http_status_code=417) return frappe.local.form_dict.sid = sid frappe.local.login_manager = LoginManager() redirect_post_login(desk_user = frappe.db.get_value("User", frappe.session.user, "user_type")=="System User")
def login_instructor(usr, pwd): login_manager = LoginManager() login_manager.authenticate(usr, pwd) login_manager.post_login() if frappe.response['message'] == 'Logged In': instructor = frappe.db.get_value("Instructor", {"user": login_manager.user}, "name") if instructor: return instructor return "No Instructor Found."
def createSalesOrder(data): company = json.loads(data) logging.warning("blank+" + str(company)) from frappe.auth import LoginManager login_manager = LoginManager() login_manager.authenticate("Administrator", "Brillare09*") login_manager.post_login() #logging.warning("user+"+str(login_manager.user)+"info+"+str(login_manager.info)+"full name+"+str(login_manager.full_name)+"user type+"+str(login_manager.user_type)) logging.warning("info+" + str(login_manager.info)) #remote = FrappeClient("http://35.194.1.49:8000", "Administrator", "Brillare09*") doc = frappe.get_doc({ "docstatus": 0, "doctype": "Sales Order", "name": "New Sales Order 1", "__islocal": 1, "__unsaved": 1, "owner": "Administrator", "order_type": "Sales", "company": company["supplier"], "transaction_date": company["transaction_date"], "items": [], "taxes_and_charges": company["taxes_and_charges"], "customer_name": company["company"], "customer": company["company"], "delivery_date": company["schedule_date"] }) d = doc.insert(ignore_permissions=True) if d: for row in company["items"]: logging.warning("Item" + row["item_code"]) d1 = frappe.get_doc({ "docstatus": 0, "doctype": "Sales Order Item", "name": "New Sales Order Item 1", "__islocal": 1, "__unsaved": 1, "owner": "Administrator", "parent": str(d.name), "parentfield": "items", "parenttype": "Sales Order", "qty": row["qty"], "rate": row["rate"], "delivery_date": company["transaction_date"], "item_code": row["item_code"], "schedule_date": company["schedule_date"], "warehouse": "Finish Goods Warehouse - BSPL", "batch_no": "123" }) d1.insert() d2 = frappe.get_doc("Sales Order", d.name) d2.save()
def verify_otp(medium="sms", medium_id=None, otp=None, login_to_user=False, purpose="login"): """ Verify the OTP against the previously generated OTP. :param medium: 'email' or 'sms' :param medium_id: The actual email/mobile_no :param otp: User input :param login_to_user: Check this flag to login to the associated user :param purpose: If purpose was specified while calling generate_otp, it is mandatory to use the same here """ if medium not in ("sms", "email"): frappe.throw("medium can only be 'sms' or 'email'") if not medium_id: frappe.throw(f"medium_id is mandatory") def http_response(out): r = frappe._dict(status=out, medium=medium_id) return r user = None if login_to_user: user = get_linked_user(id_type=medium, id=medium_id) if not user: return http_response("no_linked_user") redis_key = get_otp_redis_key(medium, medium_id, purpose) hashed_otp = frappe.safe_decode(frappe.cache().get_value(redis_key, expires=True)) if not hashed_otp: return http_response("no_otp_for_mobile") if not passlibctx.verify(otp, hashed_otp): return http_response("invalid_otp") if login_to_user == 1: l = LoginManager() l.login_as(user) l.resume = False l.run_trigger('on_session_creation') return http_response("verified")
def validate_api_key_secret(api_key, api_secret): user = frappe.db.get_value( doctype="User", filters={"api_key": api_key}, fieldname=['name'] ) form_dict = frappe.local.form_dict user_secret = frappe.utils.password.get_decrypted_password( "User", user, fieldname='api_secret') if api_secret == user_secret: # frappe.set_user(user) from frappe.auth import LoginManager login = LoginManager() login.check_if_enabled(user) login.login_as(user) frappe.local.form_dict = form_dict
def test_brute_security(self): update_system_settings({ "allow_consecutive_login_attempts": 3, "allow_login_after_fail": 5 }) frappe.local.form_dict = frappe._dict({ "cmd": "login", "sid": "Guest", "pwd": "admin", "usr": "******" }) frappe.local.cookie_manager = CookieManager() frappe.local.login_manager = LoginManager() auth_log = self.get_auth_log() self.assertEquals(auth_log.status, "Success") # test user logout log frappe.local.login_manager.logout() auth_log = self.get_auth_log(operation="Logout") self.assertEquals(auth_log.status, "Success") # test invalid login frappe.form_dict.update({"pwd": "password"}) self.assertRaises(frappe.AuthenticationError, LoginManager) self.assertRaises(frappe.AuthenticationError, LoginManager) self.assertRaises(frappe.AuthenticationError, LoginManager) # REMOVE ME: current logic allows allow_consecutive_login_attempts+1 attempts # before raising security exception, remove below line when that is fixed. self.assertRaises(frappe.AuthenticationError, LoginManager) self.assertRaises(frappe.SecurityException, LoginManager) time.sleep(5) self.assertRaises(frappe.AuthenticationError, LoginManager) frappe.local.form_dict = frappe._dict()
def verify_sms_pin(): mobile = frappe.local.form_dict.mobile pin = frappe.local.form_dict.pin login = cint(frappe.local.form_dict.loginToUser or "0") if not mobile: frappe.throw("No Mobile Number") verify_pin = frappe.safe_decode(frappe.cache().get("sms:" + mobile)) user = get_linked_user(mobile) if user: # try to get from User pin_from_db = frappe.db.get_value("User", user, "renovation_sms_pin") if (not pin_from_db or len(pin_from_db) < 2) and verify_pin: frappe.db.set_value("User", user, "renovation_sms_pin", verify_pin) elif pin_from_db != verify_pin: # preference for db pin frappe.cache().set("sms:" + mobile, pin) verify_pin = pin_from_db out = "no_pin_for_mobile" if login: out = "no_linked_user" if verify_pin: out = "invalid_pin" if verify_pin and pin == verify_pin: out = "verified" if login == 1: if user: l = LoginManager() l.login_as(user) l.resume = False l.run_trigger('on_session_creation') else: out = "user_not_found" update_http_response({"status": out, "mobile": mobile})
def pin_login(user, pin, device=None): from frappe.sessions import clear_sessions login = LoginManager() login.check_if_enabled(user) p = frappe.db.get_value("User", user, "quick_login_pin") if pin != p: login.fail('Incorrect password', user=user) login.login_as(user) login.resume = False login.run_trigger('on_session_creation') if device: clear_sessions(user, True, device) return frappe.session.user
def get_token(user, pwd, expires_in=3600, expire_on=None, device=None): """ Get the JWT Token :param user: The user in ctx :param pwd: Pwd to auth :param expires_in: number of seconds till expiry :param expire_on: yyyy-mm-dd HH:mm:ss to specify the expiry (deprecated) :param device: The device in ctx """ if not frappe.db.exists("User", user): raise frappe.ValidationError(_("Invalide User")) from frappe.sessions import clear_sessions login = LoginManager() login.check_if_enabled(user) if not check_password(user, pwd): login.fail('Incorrect password', user=user) login.login_as(user) login.resume = False login.run_trigger('on_session_creation') _expires_in = 3600 if cint(expires_in): _expires_in = cint(expires_in) elif expire_on: _expires_in = (get_datetime(expire_on) - get_datetime()).total_seconds() token = get_bearer_token(user=user, expires_in=_expires_in) frappe.local.response["token"] = token["access_token"] frappe.local.response.update(token)
def get_token(user, pwd, expire_on=None, device=None): """ Get the JWT Token :param user: The user in ctx :param pwd: Pwd to auth :param expire_on: yyyy-mm-dd HH:mm:ss to specify the expiry :param device: The device in ctx """ if not frappe.db.exists("User", user): raise frappe.ValidationError(_("Invalide User")) from frappe.sessions import clear_sessions login = LoginManager() login.check_if_enabled(user) if not check_password(user, pwd): login.fail('Incorrect password', user=user) login.login_as(user) login.resume = False login.run_trigger('on_session_creation') clear_sessions(user, True, device) if expire_on: frappe.flags.jwt_expire_on = expire_on
def pin_login(user, pin, device=None): """ Login using the user's email and the quick login pin :param user: The active user :param pin: The quick login pin :param device: Clear all sessions of device """ from frappe.sessions import clear_sessions login = LoginManager() if not frappe.cache().get_value( f'can_use_quick_login_pin', user=user, expires=True): login.fail('Quick Login PIN time expired', user=user) login.check_if_enabled(user) if not check_password( user, pin, doctype='User', fieldname='quick_login_pin'): login.fail('Incorrect password', user=user) login.login_as(user) login.resume = False login.run_trigger('on_session_creation') if device: clear_sessions(user, True, device) return frappe.session.user
def changeLevel(data): from frappe.auth import LoginManager login_manager = LoginManager() login_manager.authenticate("Administrator","heyram108") login_manager.post_login() company=json.loads(data) logging.warning("blank+"+str(json.dumps(company))) if company["l1"]==None or company["l1"]=='': data=frappe.db.sql("""select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='L1'""",company["name"]) if data: delete(doctype='Item Price',name=data[0][0]) if company["l2"]==None or company["l2"]=='': data=frappe.db.sql("""select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='L2'""",company["name"]) if data: delete(doctype='Item Price',name=data[0][0]) if company["l3"]==None or company["l3"]=='': data=frappe.db.sql("""select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='L3'""",company["name"]) if data: delete(doctype='Item Price',name=data[0][0]) if company["l4"]==None or company["l4"]=='': data=frappe.db.sql("""select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='L4'""",company["name"]) if data: delete(doctype='Item Price',name=data[0][0]) if company["l5"]==None or company["l5"]=='': data=frappe.db.sql("""select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='L5'""",company["name"]) if data: delete(doctype='Item Price',name=data[0][0]) if company["l6"]==None or company["l6"]=='': data=frappe.db.sql("""select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='L6'""",company["name"]) if data: delete(doctype='Item Price',name=data[0][0]) if company["l7"]==None or company["l7"]=='': data=frappe.db.sql("""select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='L7'""",company["name"]) if data: delete(doctype='Item Price',name=data[0][0]) if company["l8"]==None or company["l8"]=='': data=frappe.db.sql("""select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='L8'""",company["name"]) if data: delete(doctype='Item Price',name=data[0][0]) if company["l9"]==None or company["l9"]=='': data=frappe.db.sql("""select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='L9'""",company["name"]) if data: delete(doctype='Item Price',name=data[0][0]) if company["l10"]==None or company["l10"]=='': data=frappe.db.sql("""select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='L10'""",company["name"]) if data: delete(doctype='Item Price',name=data[0][0]) if company["l11"]==None or company["l11"]=='': data=frappe.db.sql("""select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='L11'""",company["name"]) if data: delete(doctype='Item Price',name=data[0][0]) if company["l12"]==None or company["l12"]=='': data=frappe.db.sql("""select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='L12'""",company["name"]) if data: delete(doctype='Item Price',name=data[0][0]) if company["l13"]==None or company["l13"]=='': data=frappe.db.sql("""select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='L13'""",company["name"]) if data: delete(doctype='Item Price',name=data[0][0]) if company["l14"]==None or company["l14"]=='': data=frappe.db.sql("""select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='L14'""",company["name"]) if data: delete(doctype='Item Price',name=data[0][0]) if company["l15"]==None or company["l15"]=='': data=frappe.db.sql("""select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='L15'""",company["name"]) if data: delete(doctype='Item Price',name=data[0][0]) if company["l16"]==None or company["l16"]=='': data=frappe.db.sql("""select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='L16'""",company["name"]) if data: delete(doctype='Item Price',name=data[0][0]) if company["l17"]==None or company["l17"]=='': data=frappe.db.sql("""select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='L17'""",company["name"]) if data: delete(doctype='Item Price',name=data[0][0]) if company["l18"]==None or company["l18"]=='': data=frappe.db.sql("""select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='L18'""",company["name"]) if data: delete(doctype='Item Price',name=data[0][0]) if company["l19"]==None or company["l19"]=='': data=frappe.db.sql("""select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='L19'""",company["name"]) if data: delete(doctype='Item Price',name=data[0][0]) if company["l20"]==None or company["l20"]=='': data=frappe.db.sql("""select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='L20'""",company["name"]) if data: delete(doctype='Item Price',name=data[0][0]) if company["l1"]: data=frappe.db.sql("""select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='L1'""",company["name"]) if data: if not int(company["l1"])==int(data[0][1]): logging.warning("Inside+"+str(data[0][0])) d2=frappe.get_doc("Item Price",data[0][0]) d=frappe.get_doc({ "price_list_rate": company["l1"], "selling": 1, "name": data[0][0], "currency": "INR", "price_list":"L1", "item_code": company["name"], "doctype": "Item Price", "docstatus": 0, "buying": 0, "modified":d2.modified }) d1=d.save() else: d=frappe.get_doc({ "docstatus": 0, "doctype": "Item Price", "name": "New Item Price 1", "owner": "Administrator", "currency": "INR", "price_list": "L1", "buying": 0, "selling": 1, "item_code": str(company["name"]), "price_list_rate": company["l1"] }) d1=d.insert(ignore_permissions=True) if company["l2"]: data=frappe.db.sql("""select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='L2'""",company["name"]) if data: if not int(company["l2"])==int(data[0][1]): logging.warning("Inside+"+str(data[0][0])) d2=frappe.get_doc("Item Price",data[0][0]) d=frappe.get_doc({ "price_list_rate": company["l1"], "selling": 1, "name": data[0][0], "currency": "INR", "price_list":"L2", "item_code": company["name"], "doctype": "Item Price", "docstatus": 0, "buying": 0, "modified":d2.modified }) d1=d.save() else: d=frappe.get_doc({ "docstatus": 0, "doctype": "Item Price", "name": "New Item Price 1", "owner": "Administrator", "currency": "INR", "price_list": "L2", "buying": 0, "selling": 1, "item_code": str(company["name"]), "price_list_rate": company["l2"] }) d1=d.insert(ignore_permissions=True) if company["l3"]: data=frappe.db.sql("""select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='L3'""",company["name"]) if data: if not int(company["l3"])==int(data[0][1]): logging.warning("Inside+"+str(data[0][0])) d2=frappe.get_doc("Item Price",data[0][0]) d=frappe.get_doc({ "price_list_rate": company["l1"], "selling": 1, "name": data[0][0], "currency": "INR", "price_list":"L3", "item_code": company["name"], "doctype": "Item Price", "docstatus": 0, "buying": 0, "modified":d2.modified }) d1=d.save() else: d=frappe.get_doc({ "docstatus": 0, "doctype": "Item Price", "name": "New Item Price 1", "owner": "Administrator", "currency": "INR", "price_list": "L3", "buying": 0, "selling": 1, "item_code": str(company["name"]), "price_list_rate": company["l3"] }) d1=d.insert(ignore_permissions=True) if company["l4"]: data=frappe.db.sql("""select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='L4'""",company["name"]) if data: if not int(company["l4"])==int(data[0][1]): logging.warning("Inside+"+str(data[0][0])) d2=frappe.get_doc("Item Price",data[0][0]) d=frappe.get_doc({ "price_list_rate": company["l1"], "selling": 1, "name": data[0][0], "currency": "INR", "price_list":"L4", "item_code": company["name"], "doctype": "Item Price", "docstatus": 0, "buying": 0, "modified":d2.modified }) d1=d.save() else: d=frappe.get_doc({ "docstatus": 0, "doctype": "Item Price", "name": "New Item Price 1", "owner": "Administrator", "currency": "INR", "price_list": "L4", "buying": 0, "selling": 1, "item_code": str(company["name"]), "price_list_rate": company["l4"] }) d1=d.insert(ignore_permissions=True) if company["l5"]: data=frappe.db.sql("""select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='L5'""",company["name"]) if data: if not int(company["l5"])==int(data[0][1]): logging.warning("Inside+"+str(data[0][0])) d2=frappe.get_doc("Item Price",data[0][0]) d=frappe.get_doc({ "price_list_rate": company["l1"], "selling": 1, "name": data[0][0], "currency": "INR", "price_list":"L5", "item_code": company["name"], "doctype": "Item Price", "docstatus": 0, "buying": 0, "modified":d2.modified }) d1=d.save() else: d=frappe.get_doc({ "docstatus": 0, "doctype": "Item Price", "name": "New Item Price 1", "owner": "Administrator", "currency": "INR", "price_list": "L5", "buying": 0, "selling": 1, "item_code": str(company["name"]), "price_list_rate": company["l5"] }) d1=d.insert(ignore_permissions=True) if company["l6"]: data=frappe.db.sql("""select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='L6'""",company["name"]) if data: if not int(company["l6"])==int(data[0][1]): logging.warning("Inside+"+str(data[0][0])) d2=frappe.get_doc("Item Price",data[0][0]) d=frappe.get_doc({ "price_list_rate": company["l1"], "selling": 1, "name": data[0][0], "currency": "INR", "price_list":"L6", "item_code": company["name"], "doctype": "Item Price", "docstatus": 0, "buying": 0, "modified":d2.modified }) d1=d.save() else: d=frappe.get_doc({ "docstatus": 0, "doctype": "Item Price", "name": "New Item Price 1", "owner": "Administrator", "currency": "INR", "price_list": "L6", "buying": 0, "selling": 1, "item_code": str(company["name"]), "price_list_rate": company["l6"] }) d1=d.insert(ignore_permissions=True) if company["l7"]: data=frappe.db.sql("""select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='L7'""",company["name"]) if data: if not int(company["l7"])==int(data[0][1]): logging.warning("Inside+"+str(data[0][0])) d2=frappe.get_doc("Item Price",data[0][0]) d=frappe.get_doc({ "price_list_rate": company["l1"], "selling": 1, "name": data[0][0], "currency": "INR", "price_list":"L7", "item_code": company["name"], "doctype": "Item Price", "docstatus": 0, "buying": 0, "modified":d2.modified }) d1=d.save() else: d=frappe.get_doc({ "docstatus": 0, "doctype": "Item Price", "name": "New Item Price 1", "owner": "Administrator", "currency": "INR", "price_list": "L7", "buying": 0, "selling": 1, "item_code": str(company["name"]), "price_list_rate": company["l7"] }) d1=d.insert(ignore_permissions=True) if company["l8"]: data=frappe.db.sql("""select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='L8'""",company["name"]) if data: if not int(company["l8"])==int(data[0][1]): logging.warning("Inside+"+str(data[0][0])) d2=frappe.get_doc("Item Price",data[0][0]) d=frappe.get_doc({ "price_list_rate": company["l1"], "selling": 1, "name": data[0][0], "currency": "INR", "price_list":"L8", "item_code": company["name"], "doctype": "Item Price", "docstatus": 0, "buying": 0, "modified":d2.modified }) d1=d.save() else: d=frappe.get_doc({ "docstatus": 0, "doctype": "Item Price", "name": "New Item Price 1", "owner": "Administrator", "currency": "INR", "price_list": "L8", "buying": 0, "selling": 1, "item_code": str(company["name"]), "price_list_rate": company["l8"] }) d1=d.insert(ignore_permissions=True) if company["l9"]: data=frappe.db.sql("""select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='L9'""",company["name"]) if data: if not int(company["l9"])==int(data[0][1]): logging.warning("Inside+"+str(data[0][0])) d2=frappe.get_doc("Item Price",data[0][0]) d=frappe.get_doc({ "price_list_rate": company["l1"], "selling": 1, "name": data[0][0], "currency": "INR", "price_list":"L9", "item_code": company["name"], "doctype": "Item Price", "docstatus": 0, "buying": 0, "modified":d2.modified }) d1=d.save() else: d=frappe.get_doc({ "docstatus": 0, "doctype": "Item Price", "name": "New Item Price 1", "owner": "Administrator", "currency": "INR", "price_list": "L9", "buying": 0, "selling": 1, "item_code": str(company["name"]), "price_list_rate": company["l9"] }) d1=d.insert(ignore_permissions=True) if company["l10"]: data=frappe.db.sql("""select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='L10'""",company["name"]) if data: if not int(company["l10"])==int(data[0][1]): logging.warning("Inside+"+str(data[0][0])) d2=frappe.get_doc("Item Price",data[0][0]) d=frappe.get_doc({ "price_list_rate": company["l1"], "selling": 1, "name": data[0][0], "currency": "INR", "price_list":"L10", "item_code": company["name"], "doctype": "Item Price", "docstatus": 0, "buying": 0, "modified":d2.modified }) d1=d.save() else: d=frappe.get_doc({ "docstatus": 0, "doctype": "Item Price", "name": "New Item Price 1", "owner": "Administrator", "currency": "INR", "price_list": "L10", "buying": 0, "selling": 1, "item_code": str(company["name"]), "price_list_rate": company["l10"] }) d1=d.insert(ignore_permissions=True) if company["l11"]: data=frappe.db.sql("""select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='L11'""",company["name"]) if data: if not int(company["l11"])==int(data[0][1]): logging.warning("Inside+"+str(data[0][0])) d2=frappe.get_doc("Item Price",data[0][0]) d=frappe.get_doc({ "price_list_rate": company["l11"], "selling": 1, "name": data[0][0], "currency": "INR", "price_list":"L11", "item_code": company["name"], "doctype": "Item Price", "docstatus": 0, "buying": 0, "modified":d2.modified }) d1=d.save() else: d=frappe.get_doc({ "docstatus": 0, "doctype": "Item Price", "name": "New Item Price 1", "owner": "Administrator", "currency": "INR", "price_list": "L11", "buying": 0, "selling": 1, "item_code": str(company["name"]), "price_list_rate": company["l11"] }) d1=d.insert(ignore_permissions=True) if company["l12"]: data=frappe.db.sql("""select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='L12'""",company["name"]) if data: if not int(company["l12"])==int(data[0][1]): logging.warning("Inside+"+str(data[0][0])) d2=frappe.get_doc("Item Price",data[0][0]) d=frappe.get_doc({ "price_list_rate": company["l12"], "selling": 1, "name": data[0][0], "currency": "INR", "price_list":"L12", "item_code": company["name"], "doctype": "Item Price", "docstatus": 0, "buying": 0, "modified":d2.modified }) d1=d.save() else: d=frappe.get_doc({ "docstatus": 0, "doctype": "Item Price", "name": "New Item Price 1", "owner": "Administrator", "currency": "INR", "price_list": "L12", "buying": 0, "selling": 1, "item_code": str(company["name"]), "price_list_rate": company["l12"] }) d1=d.insert(ignore_permissions=True) if company["l13"]: data=frappe.db.sql("""select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='L13'""",company["name"]) if data: if not int(company["l13"])==int(data[0][1]): logging.warning("Inside+"+str(data[0][0])) d2=frappe.get_doc("Item Price",data[0][0]) d=frappe.get_doc({ "price_list_rate": company["l13"], "selling": 1, "name": data[0][0], "currency": "INR", "price_list":"L13", "item_code": company["name"], "doctype": "Item Price", "docstatus": 0, "buying": 0, "modified":d2.modified }) d1=d.save() else: d=frappe.get_doc({ "docstatus": 0, "doctype": "Item Price", "name": "New Item Price 1", "owner": "Administrator", "currency": "INR", "price_list": "L13", "buying": 0, "selling": 1, "item_code": str(company["name"]), "price_list_rate": company["l13"] }) d1=d.insert(ignore_permissions=True) if company["l14"]: data=frappe.db.sql("""select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='L14'""",company["name"]) if data: if not int(company["l14"])==int(data[0][1]): logging.warning("Inside+"+str(data[0][0])) d2=frappe.get_doc("Item Price",data[0][0]) d=frappe.get_doc({ "price_list_rate": company["l14"], "selling": 1, "name": data[0][0], "currency": "INR", "price_list":"L14", "item_code": company["name"], "doctype": "Item Price", "docstatus": 0, "buying": 0, "modified":d2.modified }) d1=d.save() else: d=frappe.get_doc({ "docstatus": 0, "doctype": "Item Price", "name": "New Item Price 1", "owner": "Administrator", "currency": "INR", "price_list": "L14", "buying": 0, "selling": 1, "item_code": str(company["name"]), "price_list_rate": company["l14"] }) d1=d.insert(ignore_permissions=True) if company["l15"]: data=frappe.db.sql("""select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='L15'""",company["name"]) if data: if not int(company["l15"])==int(data[0][1]): logging.warning("Inside+"+str(data[0][0])) d2=frappe.get_doc("Item Price",data[0][0]) d=frappe.get_doc({ "price_list_rate": company["l15"], "selling": 1, "name": data[0][0], "currency": "INR", "price_list":"L15", "item_code": company["name"], "doctype": "Item Price", "docstatus": 0, "buying": 0, "modified":d2.modified }) d1=d.save() else: d=frappe.get_doc({ "docstatus": 0, "doctype": "Item Price", "name": "New Item Price 1", "owner": "Administrator", "currency": "INR", "price_list": "L15", "buying": 0, "selling": 1, "item_code": str(company["name"]), "price_list_rate": company["l15"] }) d1=d.insert(ignore_permissions=True) if company["l16"]: data=frappe.db.sql("""select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='L16'""",company["name"]) if data: if not int(company["l16"])==int(data[0][1]): logging.warning("Inside+"+str(data[0][0])) d2=frappe.get_doc("Item Price",data[0][0]) d=frappe.get_doc({ "price_list_rate": company["l16"], "selling": 1, "name": data[0][0], "currency": "INR", "price_list":"L16", "item_code": company["name"], "doctype": "Item Price", "docstatus": 0, "buying": 0, "modified":d2.modified }) d1=d.save() else: d=frappe.get_doc({ "docstatus": 0, "doctype": "Item Price", "name": "New Item Price 1", "owner": "Administrator", "currency": "INR", "price_list": "L16", "buying": 0, "selling": 1, "item_code": str(company["name"]), "price_list_rate": company["l16"] }) d1=d.insert(ignore_permissions=True) if company["l17"]: data=frappe.db.sql("""select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='L17'""",company["name"]) if data: if not int(company["l17"])==int(data[0][1]): logging.warning("Inside+"+str(data[0][0])) d2=frappe.get_doc("Item Price",data[0][0]) d=frappe.get_doc({ "price_list_rate": company["l17"], "selling": 1, "name": data[0][0], "currency": "INR", "price_list":"L17", "item_code": company["name"], "doctype": "Item Price", "docstatus": 0, "buying": 0, "modified":d2.modified }) d1=d.save() else: d=frappe.get_doc({ "docstatus": 0, "doctype": "Item Price", "name": "New Item Price 1", "owner": "Administrator", "currency": "INR", "price_list": "L17", "buying": 0, "selling": 1, "item_code": str(company["name"]), "price_list_rate": company["l17"] }) d1=d.insert(ignore_permissions=True) if company["l18"]: data=frappe.db.sql("""select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='L18'""",company["name"]) if data: if not int(company["l18"])==int(data[0][1]): logging.warning("Inside+"+str(data[0][0])) d2=frappe.get_doc("Item Price",data[0][0]) d=frappe.get_doc({ "price_list_rate": company["l18"], "selling": 1, "name": data[0][0], "currency": "INR", "price_list":"L18", "item_code": company["name"], "doctype": "Item Price", "docstatus": 0, "buying": 0, "modified":d2.modified }) d1=d.save() else: d=frappe.get_doc({ "docstatus": 0, "doctype": "Item Price", "name": "New Item Price 1", "owner": "Administrator", "currency": "INR", "price_list": "L18", "buying": 0, "selling": 1, "item_code": str(company["name"]), "price_list_rate": company["l18"] }) d1=d.insert(ignore_permissions=True) if company["l19"]: data=frappe.db.sql("""select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='L19'""",company["name"]) if data: if not int(company["l19"])==int(data[0][1]): logging.warning("Inside+"+str(data[0][0])) d2=frappe.get_doc("Item Price",data[0][0]) d=frappe.get_doc({ "price_list_rate": company["l19"], "selling": 1, "name": data[0][0], "currency": "INR", "price_list":"L19", "item_code": company["name"], "doctype": "Item Price", "docstatus": 0, "buying": 0, "modified":d2.modified }) d1=d.save() else: d=frappe.get_doc({ "docstatus": 0, "doctype": "Item Price", "name": "New Item Price 1", "owner": "Administrator", "currency": "INR", "price_list": "L19", "buying": 0, "selling": 1, "item_code": str(company["name"]), "price_list_rate": company["l19"] }) d1=d.insert(ignore_permissions=True) if company["l20"]: data=frappe.db.sql("""select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='L20'""",company["name"]) if data: if not int(company["l20"])==int(data[0][1]): logging.warning("Inside+"+str(data[0][0])) d2=frappe.get_doc("Item Price",data[0][0]) d=frappe.get_doc({ "price_list_rate": company["l20"], "selling": 1, "name": data[0][0], "currency": "INR", "price_list":"L20", "item_code": company["name"], "doctype": "Item Price", "docstatus": 0, "buying": 0, "modified":d2.modified }) d1=d.save() else: d=frappe.get_doc({ "docstatus": 0, "doctype": "Item Price", "name": "New Item Price 1", "owner": "Administrator", "currency": "INR", "price_list": "L20", "buying": 0, "selling": 1, "item_code": str(company["name"]), "price_list_rate": company["l20"] }) d1=d.insert(ignore_permissions=True)
def changeLevel(data): from frappe.auth import LoginManager login_manager = LoginManager() login_manager.authenticate("Administrator", "heyram108") login_manager.post_login() company = json.loads(data) logging.warning("blank+" + str(json.dumps(company))) if company["l1"] == None or company["l1"] == '': data = frappe.db.sql( """select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='Small'""", company["name"]) if data: delete(doctype='Item Price', name=data[0][0]) if company["l2"] == None or company["l2"] == '': data = frappe.db.sql( """select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='Med'""", company["name"]) if data: delete(doctype='Item Price', name=data[0][0]) if company["l3"] == None or company["l3"] == '': data = frappe.db.sql( """select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='Wholesale'""", company["name"]) if data: delete(doctype='Item Price', name=data[0][0]) if company["l4"] == None or company["l4"] == '': data = frappe.db.sql( """select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='SMR'""", company["name"]) if data: delete(doctype='Item Price', name=data[0][0]) if company["l5"] == None or company["l5"] == '': data = frappe.db.sql( """select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='CC'""", company["name"]) if data: delete(doctype='Item Price', name=data[0][0]) if company["l6"] == None or company["l6"] == '': data = frappe.db.sql( """select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='OR/DUN'""", company["name"]) if data: delete(doctype='Item Price', name=data[0][0]) if company["l7"] == None or company["l7"] == '': data = frappe.db.sql( """select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='OM'""", company["name"]) if data: delete(doctype='Item Price', name=data[0][0]) if company["l8"] == None or company["l8"] == '': data = frappe.db.sql( """select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='BV'""", company["name"]) if data: delete(doctype='Item Price', name=data[0][0]) if company["l9"] == None or company["l9"] == '': data = frappe.db.sql( """select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='SFM'""", company["name"]) if data: delete(doctype='Item Price', name=data[0][0]) if company["l10"] == None or company["l10"] == '': data = frappe.db.sql( """select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='IFL/AFCH'""", company["name"]) if data: delete(doctype='Item Price', name=data[0][0]) if company["l11"] == None or company["l11"] == '': data = frappe.db.sql( """select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='IPP'""", company["name"]) if data: delete(doctype='Item Price', name=data[0][0]) if company["l12"] == None or company["l12"] == '': data = frappe.db.sql( """select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='GMBL'""", company["name"]) if data: delete(doctype='Item Price', name=data[0][0]) if company["l13"] == None or company["l13"] == '': data = frappe.db.sql( """select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='MNLY'""", company["name"]) if data: delete(doctype='Item Price', name=data[0][0]) if company["l14"] == None or company["l14"] == '': data = frappe.db.sql( """select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='HWAI'""", company["name"]) if data: delete(doctype='Item Price', name=data[0][0]) if company["l15"] == None or company["l15"] == '': data = frappe.db.sql( """select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='PANCH'""", company["name"]) if data: delete(doctype='Item Price', name=data[0][0]) if company["l16"] == None or company["l16"] == '': data = frappe.db.sql( """select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='NSS'""", company["name"]) if data: delete(doctype='Item Price', name=data[0][0]) if company["l17"] == None or company["l17"] == '': data = frappe.db.sql( """select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='WIN'""", company["name"]) if data: delete(doctype='Item Price', name=data[0][0]) if company["l18"] == None or company["l18"] == '': data = frappe.db.sql( """select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='IBF/R'""", company["name"]) if data: delete(doctype='Item Price', name=data[0][0]) if company["l19"] == None or company["l19"] == '': data = frappe.db.sql( """select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='IBI/K'""", company["name"]) if data: delete(doctype='Item Price', name=data[0][0]) if company["l20"] == None or company["l20"] == '': data = frappe.db.sql( """select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='BOND'""", company["name"]) if data: delete(doctype='Item Price', name=data[0][0]) if company["l1"]: data = frappe.db.sql( """select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='Small'""", company["name"]) if data: if not int(company["l1"]) == int(data[0][1]): logging.warning("Inside+" + str(data[0][0])) d2 = frappe.get_doc("Item Price", data[0][0]) d = frappe.get_doc({ "price_list_rate": company["l1"], "selling": 1, "name": data[0][0], "currency": "INR", "price_list": "Small", "item_code": company["name"], "doctype": "Item Price", "docstatus": 0, "buying": 0, "modified": d2.modified }) d1 = d.save() else: d = frappe.get_doc({ "docstatus": 0, "doctype": "Item Price", "name": "New Item Price 1", "owner": "Administrator", "currency": "INR", "price_list": "Small", "buying": 0, "selling": 1, "item_code": str(company["name"]), "price_list_rate": company["l1"] }) d1 = d.insert(ignore_permissions=True) if company["l2"]: data = frappe.db.sql( """select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='Med'""", company["name"]) if data: if not int(company["l2"]) == int(data[0][1]): logging.warning("Inside+" + str(data[0][0])) d2 = frappe.get_doc("Item Price", data[0][0]) d = frappe.get_doc({ "price_list_rate": company["l1"], "selling": 1, "name": data[0][0], "currency": "INR", "price_list": "Med", "item_code": company["name"], "doctype": "Item Price", "docstatus": 0, "buying": 0, "modified": d2.modified }) d1 = d.save() else: d = frappe.get_doc({ "docstatus": 0, "doctype": "Item Price", "name": "New Item Price 1", "owner": "Administrator", "currency": "INR", "price_list": "Med", "buying": 0, "selling": 1, "item_code": str(company["name"]), "price_list_rate": company["l2"] }) d1 = d.insert(ignore_permissions=True) if company["l3"]: data = frappe.db.sql( """select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='Wholesale'""", company["name"]) if data: if not int(company["l3"]) == int(data[0][1]): logging.warning("Inside+" + str(data[0][0])) d2 = frappe.get_doc("Item Price", data[0][0]) d = frappe.get_doc({ "price_list_rate": company["l1"], "selling": 1, "name": data[0][0], "currency": "INR", "price_list": "Wholesale", "item_code": company["name"], "doctype": "Item Price", "docstatus": 0, "buying": 0, "modified": d2.modified }) d1 = d.save() else: d = frappe.get_doc({ "docstatus": 0, "doctype": "Item Price", "name": "New Item Price 1", "owner": "Administrator", "currency": "INR", "price_list": "Wholesale", "buying": 0, "selling": 1, "item_code": str(company["name"]), "price_list_rate": company["l3"] }) d1 = d.insert(ignore_permissions=True) if company["l4"]: data = frappe.db.sql( """select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='SMR'""", company["name"]) if data: if not int(company["l4"]) == int(data[0][1]): logging.warning("Inside+" + str(data[0][0])) d2 = frappe.get_doc("Item Price", data[0][0]) d = frappe.get_doc({ "price_list_rate": company["l1"], "selling": 1, "name": data[0][0], "currency": "INR", "price_list": "SMR", "item_code": company["name"], "doctype": "Item Price", "docstatus": 0, "buying": 0, "modified": d2.modified }) d1 = d.save() else: d = frappe.get_doc({ "docstatus": 0, "doctype": "Item Price", "name": "New Item Price 1", "owner": "Administrator", "currency": "INR", "price_list": "SMR", "buying": 0, "selling": 1, "item_code": str(company["name"]), "price_list_rate": company["l4"] }) d1 = d.insert(ignore_permissions=True) if company["l5"]: data = frappe.db.sql( """select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='CC'""", company["name"]) if data: if not int(company["l5"]) == int(data[0][1]): logging.warning("Inside+" + str(data[0][0])) d2 = frappe.get_doc("Item Price", data[0][0]) d = frappe.get_doc({ "price_list_rate": company["l1"], "selling": 1, "name": data[0][0], "currency": "INR", "price_list": "CC", "item_code": company["name"], "doctype": "Item Price", "docstatus": 0, "buying": 0, "modified": d2.modified }) d1 = d.save() else: d = frappe.get_doc({ "docstatus": 0, "doctype": "Item Price", "name": "New Item Price 1", "owner": "Administrator", "currency": "INR", "price_list": "CC", "buying": 0, "selling": 1, "item_code": str(company["name"]), "price_list_rate": company["l5"] }) d1 = d.insert(ignore_permissions=True) if company["l6"]: data = frappe.db.sql( """select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='OR/DUN'""", company["name"]) if data: if not int(company["l6"]) == int(data[0][1]): logging.warning("Inside+" + str(data[0][0])) d2 = frappe.get_doc("Item Price", data[0][0]) d = frappe.get_doc({ "price_list_rate": company["l1"], "selling": 1, "name": data[0][0], "currency": "INR", "price_list": "OR/DUN", "item_code": company["name"], "doctype": "Item Price", "docstatus": 0, "buying": 0, "modified": d2.modified }) d1 = d.save() else: d = frappe.get_doc({ "docstatus": 0, "doctype": "Item Price", "name": "New Item Price 1", "owner": "Administrator", "currency": "INR", "price_list": "OR/DUN", "buying": 0, "selling": 1, "item_code": str(company["name"]), "price_list_rate": company["l6"] }) d1 = d.insert(ignore_permissions=True) if company["l7"]: data = frappe.db.sql( """select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='OM'""", company["name"]) if data: if not int(company["l7"]) == int(data[0][1]): logging.warning("Inside+" + str(data[0][0])) d2 = frappe.get_doc("Item Price", data[0][0]) d = frappe.get_doc({ "price_list_rate": company["l1"], "selling": 1, "name": data[0][0], "currency": "INR", "price_list": "OM", "item_code": company["name"], "doctype": "Item Price", "docstatus": 0, "buying": 0, "modified": d2.modified }) d1 = d.save() else: d = frappe.get_doc({ "docstatus": 0, "doctype": "Item Price", "name": "New Item Price 1", "owner": "Administrator", "currency": "INR", "price_list": "OM", "buying": 0, "selling": 1, "item_code": str(company["name"]), "price_list_rate": company["l7"] }) d1 = d.insert(ignore_permissions=True) if company["l8"]: data = frappe.db.sql( """select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='BV'""", company["name"]) if data: if not int(company["l8"]) == int(data[0][1]): logging.warning("Inside+" + str(data[0][0])) d2 = frappe.get_doc("Item Price", data[0][0]) d = frappe.get_doc({ "price_list_rate": company["l1"], "selling": 1, "name": data[0][0], "currency": "INR", "price_list": "BV", "item_code": company["name"], "doctype": "Item Price", "docstatus": 0, "buying": 0, "modified": d2.modified }) d1 = d.save() else: d = frappe.get_doc({ "docstatus": 0, "doctype": "Item Price", "name": "New Item Price 1", "owner": "Administrator", "currency": "INR", "price_list": "BV", "buying": 0, "selling": 1, "item_code": str(company["name"]), "price_list_rate": company["l8"] }) d1 = d.insert(ignore_permissions=True) if company["l9"]: data = frappe.db.sql( """select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='SFM'""", company["name"]) if data: if not int(company["l9"]) == int(data[0][1]): logging.warning("Inside+" + str(data[0][0])) d2 = frappe.get_doc("Item Price", data[0][0]) d = frappe.get_doc({ "price_list_rate": company["l1"], "selling": 1, "name": data[0][0], "currency": "INR", "price_list": "SFM", "item_code": company["name"], "doctype": "Item Price", "docstatus": 0, "buying": 0, "modified": d2.modified }) d1 = d.save() else: d = frappe.get_doc({ "docstatus": 0, "doctype": "Item Price", "name": "New Item Price 1", "owner": "Administrator", "currency": "INR", "price_list": "SFM", "buying": 0, "selling": 1, "item_code": str(company["name"]), "price_list_rate": company["l9"] }) d1 = d.insert(ignore_permissions=True) if company["l10"]: data = frappe.db.sql( """select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='IFL/AFCH'""", company["name"]) if data: if not int(company["l10"]) == int(data[0][1]): logging.warning("Inside+" + str(data[0][0])) d2 = frappe.get_doc("Item Price", data[0][0]) d = frappe.get_doc({ "price_list_rate": company["l1"], "selling": 1, "name": data[0][0], "currency": "INR", "price_list": "IFL/AFCH", "item_code": company["name"], "doctype": "Item Price", "docstatus": 0, "buying": 0, "modified": d2.modified }) d1 = d.save() else: d = frappe.get_doc({ "docstatus": 0, "doctype": "Item Price", "name": "New Item Price 1", "owner": "Administrator", "currency": "INR", "price_list": "IFL/AFCH", "buying": 0, "selling": 1, "item_code": str(company["name"]), "price_list_rate": company["l10"] }) d1 = d.insert(ignore_permissions=True) if company["l11"]: data = frappe.db.sql( """select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='IPP'""", company["name"]) if data: if not int(company["l11"]) == int(data[0][1]): logging.warning("Inside+" + str(data[0][0])) d2 = frappe.get_doc("Item Price", data[0][0]) d = frappe.get_doc({ "price_list_rate": company["l11"], "selling": 1, "name": data[0][0], "currency": "INR", "price_list": "IPP", "item_code": company["name"], "doctype": "Item Price", "docstatus": 0, "buying": 0, "modified": d2.modified }) d1 = d.save() else: d = frappe.get_doc({ "docstatus": 0, "doctype": "Item Price", "name": "New Item Price 1", "owner": "Administrator", "currency": "INR", "price_list": "IPP", "buying": 0, "selling": 1, "item_code": str(company["name"]), "price_list_rate": company["l11"] }) d1 = d.insert(ignore_permissions=True) if company["l12"]: data = frappe.db.sql( """select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='GMBL'""", company["name"]) if data: if not int(company["l12"]) == int(data[0][1]): logging.warning("Inside+" + str(data[0][0])) d2 = frappe.get_doc("Item Price", data[0][0]) d = frappe.get_doc({ "price_list_rate": company["l12"], "selling": 1, "name": data[0][0], "currency": "INR", "price_list": "GMBL", "item_code": company["name"], "doctype": "Item Price", "docstatus": 0, "buying": 0, "modified": d2.modified }) d1 = d.save() else: d = frappe.get_doc({ "docstatus": 0, "doctype": "Item Price", "name": "New Item Price 1", "owner": "Administrator", "currency": "INR", "price_list": "GMBL", "buying": 0, "selling": 1, "item_code": str(company["name"]), "price_list_rate": company["l12"] }) d1 = d.insert(ignore_permissions=True) if company["l13"]: data = frappe.db.sql( """select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='MNLY'""", company["name"]) if data: if not int(company["l13"]) == int(data[0][1]): logging.warning("Inside+" + str(data[0][0])) d2 = frappe.get_doc("Item Price", data[0][0]) d = frappe.get_doc({ "price_list_rate": company["l13"], "selling": 1, "name": data[0][0], "currency": "INR", "price_list": "MNLY", "item_code": company["name"], "doctype": "Item Price", "docstatus": 0, "buying": 0, "modified": d2.modified }) d1 = d.save() else: d = frappe.get_doc({ "docstatus": 0, "doctype": "Item Price", "name": "New Item Price 1", "owner": "Administrator", "currency": "INR", "price_list": "MNLY", "buying": 0, "selling": 1, "item_code": str(company["name"]), "price_list_rate": company["l13"] }) d1 = d.insert(ignore_permissions=True) if company["l14"]: data = frappe.db.sql( """select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='HWAI'""", company["name"]) if data: if not int(company["l14"]) == int(data[0][1]): logging.warning("Inside+" + str(data[0][0])) d2 = frappe.get_doc("Item Price", data[0][0]) d = frappe.get_doc({ "price_list_rate": company["l14"], "selling": 1, "name": data[0][0], "currency": "INR", "price_list": "HWAI", "item_code": company["name"], "doctype": "Item Price", "docstatus": 0, "buying": 0, "modified": d2.modified }) d1 = d.save() else: d = frappe.get_doc({ "docstatus": 0, "doctype": "Item Price", "name": "New Item Price 1", "owner": "Administrator", "currency": "INR", "price_list": "HWAI", "buying": 0, "selling": 1, "item_code": str(company["name"]), "price_list_rate": company["l14"] }) d1 = d.insert(ignore_permissions=True) if company["l15"]: data = frappe.db.sql( """select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='PANCH'""", company["name"]) if data: if not int(company["l15"]) == int(data[0][1]): logging.warning("Inside+" + str(data[0][0])) d2 = frappe.get_doc("Item Price", data[0][0]) d = frappe.get_doc({ "price_list_rate": company["l15"], "selling": 1, "name": data[0][0], "currency": "INR", "price_list": "PANCH", "item_code": company["name"], "doctype": "Item Price", "docstatus": 0, "buying": 0, "modified": d2.modified }) d1 = d.save() else: d = frappe.get_doc({ "docstatus": 0, "doctype": "Item Price", "name": "New Item Price 1", "owner": "Administrator", "currency": "INR", "price_list": "PANCH", "buying": 0, "selling": 1, "item_code": str(company["name"]), "price_list_rate": company["l15"] }) d1 = d.insert(ignore_permissions=True) if company["l16"]: data = frappe.db.sql( """select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='NSS'""", company["name"]) if data: if not int(company["l16"]) == int(data[0][1]): logging.warning("Inside+" + str(data[0][0])) d2 = frappe.get_doc("Item Price", data[0][0]) d = frappe.get_doc({ "price_list_rate": company["l16"], "selling": 1, "name": data[0][0], "currency": "INR", "price_list": "NSS", "item_code": company["name"], "doctype": "Item Price", "docstatus": 0, "buying": 0, "modified": d2.modified }) d1 = d.save() else: d = frappe.get_doc({ "docstatus": 0, "doctype": "Item Price", "name": "New Item Price 1", "owner": "Administrator", "currency": "INR", "price_list": "NSS", "buying": 0, "selling": 1, "item_code": str(company["name"]), "price_list_rate": company["l16"] }) d1 = d.insert(ignore_permissions=True) if company["l17"]: data = frappe.db.sql( """select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='WIN'""", company["name"]) if data: if not int(company["l17"]) == int(data[0][1]): logging.warning("Inside+" + str(data[0][0])) d2 = frappe.get_doc("Item Price", data[0][0]) d = frappe.get_doc({ "price_list_rate": company["l17"], "selling": 1, "name": data[0][0], "currency": "INR", "price_list": "WIN", "item_code": company["name"], "doctype": "Item Price", "docstatus": 0, "buying": 0, "modified": d2.modified }) d1 = d.save() else: d = frappe.get_doc({ "docstatus": 0, "doctype": "Item Price", "name": "New Item Price 1", "owner": "Administrator", "currency": "INR", "price_list": "WIN", "buying": 0, "selling": 1, "item_code": str(company["name"]), "price_list_rate": company["l17"] }) d1 = d.insert(ignore_permissions=True) if company["l18"]: data = frappe.db.sql( """select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='IBF/R'""", company["name"]) if data: if not int(company["l18"]) == int(data[0][1]): logging.warning("Inside+" + str(data[0][0])) d2 = frappe.get_doc("Item Price", data[0][0]) d = frappe.get_doc({ "price_list_rate": company["l18"], "selling": 1, "name": data[0][0], "currency": "INR", "price_list": "IBF/R", "item_code": company["name"], "doctype": "Item Price", "docstatus": 0, "buying": 0, "modified": d2.modified }) d1 = d.save() else: d = frappe.get_doc({ "docstatus": 0, "doctype": "Item Price", "name": "New Item Price 1", "owner": "Administrator", "currency": "INR", "price_list": "IBF/R", "buying": 0, "selling": 1, "item_code": str(company["name"]), "price_list_rate": company["l18"] }) d1 = d.insert(ignore_permissions=True) if company["l19"]: data = frappe.db.sql( """select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='IBI/K'""", company["name"]) if data: if not int(company["l19"]) == int(data[0][1]): logging.warning("Inside+" + str(data[0][0])) d2 = frappe.get_doc("Item Price", data[0][0]) d = frappe.get_doc({ "price_list_rate": company["l19"], "selling": 1, "name": data[0][0], "currency": "INR", "price_list": "IBI/K", "item_code": company["name"], "doctype": "Item Price", "docstatus": 0, "buying": 0, "modified": d2.modified }) d1 = d.save() else: d = frappe.get_doc({ "docstatus": 0, "doctype": "Item Price", "name": "New Item Price 1", "owner": "Administrator", "currency": "INR", "price_list": "IBI/K", "buying": 0, "selling": 1, "item_code": str(company["name"]), "price_list_rate": company["l19"] }) d1 = d.insert(ignore_permissions=True) if company["l20"]: data = frappe.db.sql( """select name,price_list_rate from `tabItem Price` where item_code=%s and price_list='BOND'""", company["name"]) if data: if not int(company["l20"]) == int(data[0][1]): logging.warning("Inside+" + str(data[0][0])) d2 = frappe.get_doc("Item Price", data[0][0]) d = frappe.get_doc({ "price_list_rate": company["l20"], "selling": 1, "name": data[0][0], "currency": "INR", "price_list": "BOND", "item_code": company["name"], "doctype": "Item Price", "docstatus": 0, "buying": 0, "modified": d2.modified }) d1 = d.save() else: d = frappe.get_doc({ "docstatus": 0, "doctype": "Item Price", "name": "New Item Price 1", "owner": "Administrator", "currency": "INR", "price_list": "BOND", "buying": 0, "selling": 1, "item_code": str(company["name"]), "price_list_rate": company["l20"] }) d1 = d.insert(ignore_permissions=True)
def get_token(user, pwd, expire_on=None, device=None): if not frappe.db.exists("User", user): raise frappe.ValidationError(_("Invalide User")) from frappe.sessions import clear_sessions login = LoginManager() login.check_if_enabled(user) if not check_password(user, pwd): login.fail('Incorrect password', user=user) login.login_as(user) login.resume = False login.run_trigger('on_session_creation') clear_sessions(user, True, device) if expire_on: frappe.flags.jwt_expire_on = expire_on
def test_reset_password(self): from frappe.auth import CookieManager, LoginManager from frappe.utils import set_request old_password = "******" new_password = "******" set_request(path="/random") frappe.local.cookie_manager = CookieManager() frappe.local.login_manager = LoginManager() frappe.set_user("*****@*****.**") test_user = frappe.get_doc("User", "*****@*****.**") test_user.reset_password() self.assertEqual( update_password(new_password, key=test_user.reset_password_key), "/app") self.assertEqual( update_password(new_password, key="wrong_key"), "The Link specified has either been used before or Invalid") # password verification should fail with old password self.assertRaises(frappe.exceptions.AuthenticationError, verify_password, old_password) verify_password(new_password) # reset password update_password(old_password, old_password=new_password) self.assertRaisesRegex(frappe.exceptions.ValidationError, "Invalid key type", update_password, "test", 1, ['like', '%']) password_strength_response = { "feedback": { "password_policy_validation_passed": False, "suggestions": ["Fix password"] } } # password strength failure test with patch.object(user_module, "test_password_strength", return_value=password_strength_response): self.assertRaisesRegex(frappe.exceptions.ValidationError, "Fix password", update_password, new_password, 0, test_user.reset_password_key) # test redirect URL for website users frappe.set_user("*****@*****.**") self.assertEqual( update_password(new_password, old_password=old_password), "/") # reset password update_password(old_password, old_password=new_password) # test API endpoint with patch.object(user_module.frappe, 'sendmail') as sendmail: frappe.clear_messages() test_user = frappe.get_doc("User", "*****@*****.**") self.assertEqual(reset_password(user="******"), None) test_user.reload() self.assertEqual( update_password(new_password, key=test_user.reset_password_key), "/") update_password(old_password, old_password=new_password) self.assertEqual( json.loads(frappe.message_log[0]), { "message": "Password reset instructions have been sent to your email" }) sendmail.assert_called_once() self.assertEqual(sendmail.call_args[1]["recipients"], "*****@*****.**") self.assertEqual(reset_password(user="******"), None) self.assertEqual(reset_password(user="******"), "not allowed") self.assertEqual(reset_password(user="******"), "not found")
def __init__(self): # Get Environment variables self.domain = frappe.request.host if self.domain and self.domain.startswith('www.'): self.domain = self.domain[4:] if frappe.get_request_header('X-Forwarded-For'): frappe.local.request_ip = (frappe.get_request_header( 'X-Forwarded-For').split(",")[0]).strip() elif frappe.get_request_header('REMOTE_ADDR'): frappe.local.request_ip = frappe.get_request_header('REMOTE_ADDR') else: frappe.local.request_ip = '127.0.0.1' # language self.set_lang() # set db before jwt check, so token error handling can be stored # We get Internal Server Error otherwise self.connect() # JWT jwt_token = None # Check for Auth Header, if present, replace the request cookie value if frappe.get_request_header("Authorization"): token_header = frappe.get_request_header("Authorization").split( " ") if token_header[0].lower() not in ( "basic", "bearer") and ":" not in token_header[-1]: jwt_token = token_header[-1] elif frappe.request.path.startswith( '/private/files/') and frappe.request.args.get("token"): jwt_token = frappe.request.args.get("token") if jwt_token: frappe.flags.jwt = jwt_token token_info = jwt.decode(jwt_token, frappe.utils.password.get_encryption_key()) # Not checking by IP since it could change on network change (Wifi -> Mobile Network) # if token_info.get('ip') != frappe.local.request_ip: # frappe.throw(frappe._("Invalide IP", frappe.AuthenticationError)) # werkzueg cookies structure is immutable frappe.request.cookies = frappe._dict(frappe.request.cookies) frappe.request.cookies['sid'] = token_info.get('sid') # load cookies frappe.local.cookie_manager = CookieManagerJWT() # login frappe.local.login_manager = LoginManager() if frappe.form_dict._lang: lang = get_lang_code(frappe.form_dict._lang) if lang: frappe.local.lang = lang self.validate_csrf_token() # write out latest cookies frappe.local.cookie_manager.init_cookies() # check status check_session_stopped()