From 7637837d68d94f5378ab33b96a525c34b7438b8f Mon Sep 17 00:00:00 2001 From: rohitwaghchaure Date: Mon, 19 Jun 2017 18:01:07 +0530 Subject: [PATCH 1/8] Invalid comparisison of password strenth score with minimum password score (#3503) --- frappe/core/doctype/user/user.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/frappe/core/doctype/user/user.py b/frappe/core/doctype/user/user.py index 94618948e3..48d2139360 100644 --- a/frappe/core/doctype/user/user.py +++ b/frappe/core/doctype/user/user.py @@ -549,7 +549,7 @@ def test_password_strength(new_password, key=None, old_password=None, user_data= minimum_password_score = cint(frappe.db.get_single_value("System Settings", "minimum_password_score")) or 0 password_policy_validation_passed = False - if result['score'] > minimum_password_score: + if result['score'] >= minimum_password_score: password_policy_validation_passed = True result['feedback']['password_policy_validation_passed'] = password_policy_validation_passed From 99d39ea0a97671eb67752246819393ada31739e0 Mon Sep 17 00:00:00 2001 From: Rohit Waghchaure Date: Tue, 20 Jun 2017 15:00:15 +0530 Subject: [PATCH 2/8] [fix] Auto email report not working --- frappe/email/doctype/auto_email_report/auto_email_report.js | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/frappe/email/doctype/auto_email_report/auto_email_report.js b/frappe/email/doctype/auto_email_report/auto_email_report.js index bad77c6939..59f721e4dd 100644 --- a/frappe/email/doctype/auto_email_report/auto_email_report.js +++ b/frappe/email/doctype/auto_email_report/auto_email_report.js @@ -66,7 +66,9 @@ frappe.ui.form.on('Auto Email Report', { var filters = JSON.parse(frm.doc.filters || '{}'); var report_filters = frappe.query_reports[frm.doc.report].filters; - frm.set_value('filter_meta', JSON.stringify(report_filters)); + if(report_filters.length > 0) { + frm.set_value('filter_meta', JSON.stringify(report_filters)); + } report_filters_list = [] $.each(report_filters, function(key, val){ From 2e81ebee5b980222b04be316d6895c97e99d9315 Mon Sep 17 00:00:00 2001 From: Manas Solanki Date: Tue, 20 Jun 2017 16:06:46 +0530 Subject: [PATCH 3/8] Add the empty row in the excel report in order to preserve the visible row no, fixes #9377 --- frappe/desk/query_report.py | 11 +++++------ frappe/public/js/frappe/views/reports/query_report.js | 2 +- 2 files changed, 6 insertions(+), 7 deletions(-) diff --git a/frappe/desk/query_report.py b/frappe/desk/query_report.py index 24a37725ad..13a8659d4a 100644 --- a/frappe/desk/query_report.py +++ b/frappe/desk/query_report.py @@ -146,18 +146,17 @@ def export_query(): # build table from dict if isinstance(data.result[0], dict): - for row in data.result: - if row: + for i,row in enumerate(data.result): + # only rows which are visible in the report + if row and (i+1 in visible_idx): row_list = [] for idx in range(len(data.columns)): row_list.append(row.get(columns[idx]["fieldname"],"")) result.append(row_list) + elif not row: + result.append([]) else: result = result + data.result - - # filter rows by slickgrid's inline filter - if visible_idx: - result = [x for idx, x in enumerate(result) if idx == 0 or idx in visible_idx] from frappe.utils.xlsxutils import make_xlsx xlsx_file = make_xlsx(result, "Query Report") diff --git a/frappe/public/js/frappe/views/reports/query_report.js b/frappe/public/js/frappe/views/reports/query_report.js index 5277aaef15..1ce9f0e938 100644 --- a/frappe/public/js/frappe/views/reports/query_report.js +++ b/frappe/public/js/frappe/views/reports/query_report.js @@ -827,7 +827,7 @@ frappe.views.QueryReport = Class.extend({ var view_data = frappe.slickgrid_tools.get_view_data(me.columns, me.dataView); var result = view_data.map(row => row.splice(1)); - // rows filtered by inline_filter of slickgrid + // to download only visible rows var visible_idx = view_data.map(row => row[0]).filter(sr_no => sr_no !== 'Sr No'); if (data.file_format_type == "CSV") { From 0d1ae7aac81c806632749d0214b73331937852ef Mon Sep 17 00:00:00 2001 From: mbauskar Date: Tue, 20 Jun 2017 18:02:53 +0530 Subject: [PATCH 4/8] [fixes] fixed password strength, ignore password strength if password policy is disabled --- frappe/core/doctype/user/test_user.py | 9 ++------- frappe/core/doctype/user/user.py | 29 ++++++++++++++++++--------- 2 files changed, 21 insertions(+), 17 deletions(-) diff --git a/frappe/core/doctype/user/test_user.py b/frappe/core/doctype/user/test_user.py index f0384c55f5..b2206a8d37 100644 --- a/frappe/core/doctype/user/test_user.py +++ b/frappe/core/doctype/user/test_user.py @@ -222,15 +222,10 @@ class TestUser(unittest.TestCase): def test_password_strength(self): # Test Password without Password Strenth Policy frappe.db.set_value("System Settings", "System Settings", "enable_password_policy", 0) - frappe.db.set_value("System Settings", "System Settings", "minimum_password_score", "") - # Score 0; should fail + # password policy is disabled, test_password_strength should be ignored result = test_password_strength("test_password") - self.assertEqual(result['feedback']['password_policy_validation_passed'], False) - - # Score 1; should pass - result = test_password_strength("bee2ve") - self.assertEqual(result['feedback']['password_policy_validation_passed'], True) + self.assertFalse(result.get("feedback", None)) # Test Password with Password Strenth Policy Set frappe.db.set_value("System Settings", "System Settings", "enable_password_policy", 1) diff --git a/frappe/core/doctype/user/user.py b/frappe/core/doctype/user/user.py index 48d2139360..f83e953b0b 100644 --- a/frappe/core/doctype/user/user.py +++ b/frappe/core/doctype/user/user.py @@ -412,11 +412,12 @@ class User(Document): def password_strength_test(self): """ test password strength """ - if frappe.db.get_single_value("System Settings", "enable_password_policy") and self.__new_password: + if self.__new_password: user_data = (self.first_name, self.middle_name, self.last_name, self.email, self.birth_date) result = test_password_strength(self.__new_password, '', None, user_data) + feedback = result.get("feedback", None) - if not result['feedback']['password_policy_validation_passed']: + if feedback and not feedback.get('password_policy_validation_passed', False): handle_password_test_fail(result) def suggest_username(self): @@ -507,8 +508,9 @@ def get_perm_info(role): @frappe.whitelist(allow_guest=True) def update_password(new_password, key=None, old_password=None): result = test_password_strength(new_password, key, old_password) + feedback = result.get("feedback", None) - if not result['feedback']['password_policy_validation_passed']: + if feedback and not feedback.get('password_policy_validation_passed', False): handle_password_test_fail(result) res = _get_user_for_update_password(key, old_password) @@ -539,21 +541,28 @@ def update_password(new_password, key=None, old_password=None): def test_password_strength(new_password, key=None, old_password=None, user_data=[]): from frappe.utils.password_strength import test_password_strength as _test_password_strength + password_policy = frappe.db.get_value("System Settings", None, + ["enable_password_policy", "minimum_password_score"], as_dict=True) + + enable_password_policy = cint(password_policy.get("enable_password_policy", 0)) + minimum_password_score = cint(password_policy.get("minimum_password_score", 0)) + + if not enable_password_policy: + return {} + if not user_data: - user_data = frappe.db.get_value('User', frappe.session.user, ['first_name', 'middle_name', 'last_name', 'email', 'birth_date']) + user_data = frappe.db.get_value('User', frappe.session.user, + ['first_name', 'middle_name', 'last_name', 'email', 'birth_date']) if new_password: result = _test_password_strength(new_password, user_inputs=user_data) - - enable_password_policy = cint(frappe.db.get_single_value("System Settings", "enable_password_policy")) and True or False - minimum_password_score = cint(frappe.db.get_single_value("System Settings", "minimum_password_score")) or 0 - password_policy_validation_passed = False - if result['score'] >= minimum_password_score: + + # score should be greater than 0 and minimum_password_score + if result.get('score') and result.get('score') >= minimum_password_score: password_policy_validation_passed = True result['feedback']['password_policy_validation_passed'] = password_policy_validation_passed - return result #for login From acba96bf2a39100d1c264fa04189cbe20fc14c44 Mon Sep 17 00:00:00 2001 From: Makarand Bauskar Date: Tue, 20 Jun 2017 19:02:10 +0530 Subject: [PATCH 5/8] minor fixes in auto email report --- frappe/email/doctype/auto_email_report/auto_email_report.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/frappe/email/doctype/auto_email_report/auto_email_report.js b/frappe/email/doctype/auto_email_report/auto_email_report.js index 59f721e4dd..dcc51130c0 100644 --- a/frappe/email/doctype/auto_email_report/auto_email_report.js +++ b/frappe/email/doctype/auto_email_report/auto_email_report.js @@ -66,7 +66,7 @@ frappe.ui.form.on('Auto Email Report', { var filters = JSON.parse(frm.doc.filters || '{}'); var report_filters = frappe.query_reports[frm.doc.report].filters; - if(report_filters.length > 0) { + if(report_filters && report_filters.length > 0) { frm.set_value('filter_meta', JSON.stringify(report_filters)); } From 2510e4509ad683e18e12b1574a2ff9c62c18d7db Mon Sep 17 00:00:00 2001 From: Saurabh Date: Tue, 20 Jun 2017 20:01:00 +0530 Subject: [PATCH 6/8] [fix] set queue timeout explicitly while enqueuing a job --- .../integrations/doctype/dropbox_settings/dropbox_settings.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/frappe/integrations/doctype/dropbox_settings/dropbox_settings.py b/frappe/integrations/doctype/dropbox_settings/dropbox_settings.py index 3461afbbf9..a425de4187 100644 --- a/frappe/integrations/doctype/dropbox_settings/dropbox_settings.py +++ b/frappe/integrations/doctype/dropbox_settings/dropbox_settings.py @@ -104,7 +104,7 @@ def dropbox_callback(oauth_token=None, not_approved=False): @frappe.whitelist() def take_backup(): "Enqueue longjob for taking backup to dropbox" - enqueue("frappe.integrations.doctype.dropbox_settings.dropbox_settings.take_backup_to_dropbox", queue='long') + enqueue("frappe.integrations.doctype.dropbox_settings.dropbox_settings.take_backup_to_dropbox", queue='long', timeout=1500) frappe.msgprint(_("Queued for backup. It may take a few minutes to an hour.")) def take_backups_daily(): From 264af6ad3d018b4fbe4df716d093e081ce66c09f Mon Sep 17 00:00:00 2001 From: bcornwellmott Date: Tue, 20 Jun 2017 10:35:19 -0700 Subject: [PATCH 7/8] Make upload files private by default This unchecks the private box when uploading files by default. It's better to accidentally attach as private something that is meant to be public than to accidentally attach something as public which is meant to be private. --- frappe/public/js/frappe/upload.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/frappe/public/js/frappe/upload.js b/frappe/public/js/frappe/upload.js index 3508d76eb6..f1817f742f 100644 --- a/frappe/public/js/frappe/upload.js +++ b/frappe/public/js/frappe/upload.js @@ -53,7 +53,7 @@ frappe.upload = { $uploaded_files_wrapper.removeClass('hidden').empty(); file_array = file_array.map( - file => Object.assign(file, {is_private: opts.is_private || 0}) + file => Object.assign(file, {is_private: opts.is_private || 1}) ) $upload.data('attached_files', file_array); @@ -379,4 +379,4 @@ frappe.upload = { d.show(); opts.confirm_is_private = 0; } -} \ No newline at end of file +} From 61aa008182f1a3cbd532837dea3b4654ab4f243c Mon Sep 17 00:00:00 2001 From: mbauskar Date: Wed, 21 Jun 2017 13:52:46 +0600 Subject: [PATCH 8/8] bumped to version 8.0.70 --- frappe/__init__.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/frappe/__init__.py b/frappe/__init__.py index dcf5251968..a1ef87b1b0 100644 --- a/frappe/__init__.py +++ b/frappe/__init__.py @@ -13,7 +13,7 @@ import os, sys, importlib, inspect, json from .exceptions import * from .utils.jinja import get_jenv, get_template, render_template -__version__ = '8.0.69' +__version__ = '8.0.70' __title__ = "Frappe Framework" local = Local()