fix(minor): Server Script can return values in frappe.flags

frappe/core/doctype/server_script/server_script.py

@@ -24,8 +24,8 @@ class ServerScript(Document):
 			# validate if guest is allowed
 			if frappe.session.user == 'Guest' and not self.allow_guest:
 				raise frappe.PermissionError
-			safe_exec(self.script)
-			return frappe.flags # output can be stored in flags
+			_globals, _locals = safe_exec(self.script)
+			return _globals.frappe.flags # output can be stored in flags
 		else:
 			# wrong report type!
 			raise frappe.DoesNotExistError

frappe/core/doctype/server_script/test_server_script.py

@@ -36,6 +36,15 @@ if "validate" in doc.description:
 		allow_guest = 1,
 		script = '''
 frappe.response['message'] = 'hello'
+'''
+	),
+	dict(
+		name='test_return_value',
+		script_type = 'API',
+		api_method = 'test_return_value',
+		allow_guest = 1,
+		script = '''
+frappe.flags = 'hello'
 '''
 	)
 ]
@@ -73,3 +82,6 @@ class TestServerScript(unittest.TestCase):
 		response = requests.post(get_site_url(frappe.local.site) + "/api/method/test_server_script")
 		self.assertEqual(response.status_code, 200)
 		self.assertEqual("hello", response.json()["message"])
+
+	def test_api_return(self):
+		self.assertEqual(frappe.get_doc('Server Script', 'test_return_value').execute_method(), 'hello')

frappe/utils/safe_exec.py

@@ -28,6 +28,8 @@ def safe_exec(script, _globals=None, _locals=None):
 	# execute script compiled by RestrictedPython
 	exec(compile_restricted(script), exec_globals, _locals) # pylint: disable=exec-used
 
+	return exec_globals, _locals
+
 def get_safe_globals():
 	datautils = frappe._dict()
 	if frappe.db:
@@ -146,8 +148,7 @@ def read_sql(query, *args, **kwargs):
 
 def run_script(script):
 	'''run another server script'''
-	frappe.get_doc('Server Script', script).execute_method()
-	return frappe.flags
+	return frappe.get_doc('Server Script', script).execute_method()
 
 def _getitem(obj, key):
 	# guard function for RestrictedPython