From 374999b048896cd0f08656b0e1fd0d4fc49028c3 Mon Sep 17 00:00:00 2001 From: Shivam Mishra Date: Wed, 8 May 2019 17:30:08 +0530 Subject: [PATCH] feat: Password protected salary slips (#17380) * feat: Added check for encrypting salary slips and password policy field * feat: make password policy mandatory if encrypt option is selected * feat: added password logic to email_salary_slip * fix: import error * chore: Minor enhancement to validations in salary slip * fix: travis patch * feat: Modified email body for password protected salary slips --- erpnext/hr/doctype/hr_settings/hr_settings.js | 13 ++ .../hr/doctype/hr_settings/hr_settings.json | 116 +++++++++++++++++- erpnext/hr/doctype/hr_settings/hr_settings.py | 10 ++ erpnext/hr/doctype/salary_slip/salary_slip.py | 15 ++- erpnext/patches.txt | 1 + .../v11_0/set_default_email_template_in_hr.py | 1 - 6 files changed, 147 insertions(+), 9 deletions(-) diff --git a/erpnext/hr/doctype/hr_settings/hr_settings.js b/erpnext/hr/doctype/hr_settings/hr_settings.js index 6ab523eb763..58ce4226e91 100644 --- a/erpnext/hr/doctype/hr_settings/hr_settings.js +++ b/erpnext/hr/doctype/hr_settings/hr_settings.js @@ -4,5 +4,18 @@ frappe.ui.form.on('HR Settings', { refresh: function(frm) { + }, + + encrypt_salary_slips_in_emails: function(frm) { + let encrypt_state = frm.doc.encrypt_salary_slips_in_emails; + frm.set_df_property('password_policy', 'reqd', encrypt_state); + }, + + validate: function(frm) { + let policy = frm.doc.password_policy; + if (policy.includes(' ') || policy.includes('--')) { + frappe.msgprint("Password policy cannot contain spaces or simultaneous hyphens. The format will be restructured automatically"); + } + frm.set_value('password_policy', policy.split(new RegExp(" |-", 'g')).filter((token) => token).join('-')); } }); diff --git a/erpnext/hr/doctype/hr_settings/hr_settings.json b/erpnext/hr/doctype/hr_settings/hr_settings.json index 225785d305d..5502ce81e34 100644 --- a/erpnext/hr/doctype/hr_settings/hr_settings.json +++ b/erpnext/hr/doctype/hr_settings/hr_settings.json @@ -1,5 +1,6 @@ { "allow_copy": 0, + "allow_events_in_timeline": 0, "allow_guest_to_view": 0, "allow_import": 0, "allow_rename": 0, @@ -13,10 +14,12 @@ "fields": [ { "allow_bulk_edit": 0, + "allow_in_quick_entry": 0, "allow_on_submit": 0, "bold": 0, "collapsible": 0, "columns": 0, + "fetch_if_empty": 0, "fieldname": "employee_settings", "fieldtype": "Section Break", "hidden": 0, @@ -43,12 +46,14 @@ }, { "allow_bulk_edit": 0, + "allow_in_quick_entry": 0, "allow_on_submit": 0, "bold": 0, "collapsible": 0, "columns": 0, "default": "", "description": "Enter retirement age in years", + "fetch_if_empty": 0, "fieldname": "retirement_age", "fieldtype": "Data", "hidden": 0, @@ -76,12 +81,14 @@ }, { "allow_bulk_edit": 0, + "allow_in_quick_entry": 0, "allow_on_submit": 0, "bold": 0, "collapsible": 0, "columns": 0, "default": "Naming Series", "description": "Employee record is created using selected field. ", + "fetch_if_empty": 0, "fieldname": "emp_created_by", "fieldtype": "Select", "hidden": 0, @@ -109,11 +116,13 @@ }, { "allow_bulk_edit": 0, + "allow_in_quick_entry": 0, "allow_on_submit": 0, "bold": 0, "collapsible": 0, "columns": 0, "default": "", + "fetch_if_empty": 0, "fieldname": "leave_approval_notification_template", "fieldtype": "Link", "hidden": 0, @@ -142,10 +151,12 @@ }, { "allow_bulk_edit": 0, + "allow_in_quick_entry": 0, "allow_on_submit": 0, "bold": 0, "collapsible": 0, "columns": 0, + "fetch_if_empty": 0, "fieldname": "leave_status_notification_template", "fieldtype": "Link", "hidden": 0, @@ -174,10 +185,12 @@ }, { "allow_bulk_edit": 0, + "allow_in_quick_entry": 0, "allow_on_submit": 0, "bold": 0, "collapsible": 0, "columns": 0, + "fetch_if_empty": 0, "fieldname": "column_break_4", "fieldtype": "Column Break", "hidden": 0, @@ -204,11 +217,13 @@ }, { "allow_bulk_edit": 0, + "allow_in_quick_entry": 0, "allow_on_submit": 0, "bold": 0, "collapsible": 0, "columns": 0, "description": "Don't send Employee Birthday Reminders", + "fetch_if_empty": 0, "fieldname": "stop_birthday_reminders", "fieldtype": "Check", "hidden": 0, @@ -235,10 +250,12 @@ }, { "allow_bulk_edit": 0, + "allow_in_quick_entry": 0, "allow_on_submit": 0, "bold": 0, "collapsible": 0, "columns": 0, + "fetch_if_empty": 0, "fieldname": "maintain_bill_work_hours_same", "fieldtype": "Check", "hidden": 0, @@ -266,11 +283,13 @@ }, { "allow_bulk_edit": 0, + "allow_in_quick_entry": 0, "allow_on_submit": 0, "bold": 0, "collapsible": 0, "columns": 0, "default": "1", + "fetch_if_empty": 0, "fieldname": "leave_approver_mandatory_in_leave_application", "fieldtype": "Check", "hidden": 0, @@ -298,11 +317,13 @@ }, { "allow_bulk_edit": 0, + "allow_in_quick_entry": 0, "allow_on_submit": 0, "bold": 0, "collapsible": 0, "columns": 0, "default": "1", + "fetch_if_empty": 0, "fieldname": "expense_approver_mandatory_in_expense_claim", "fieldtype": "Check", "hidden": 0, @@ -330,10 +351,13 @@ }, { "allow_bulk_edit": 0, + "allow_in_quick_entry": 0, "allow_on_submit": 0, "bold": 0, "collapsible": 0, "columns": 0, + "depends_on": "", + "fetch_if_empty": 0, "fieldname": "payroll_settings", "fieldtype": "Section Break", "hidden": 0, @@ -360,11 +384,13 @@ }, { "allow_bulk_edit": 0, + "allow_in_quick_entry": 0, "allow_on_submit": 0, "bold": 0, "collapsible": 0, "columns": 0, "description": "If checked, Total no. of Working Days will include holidays, and this will reduce the value of Salary Per Day", + "fetch_if_empty": 0, "fieldname": "include_holidays_in_total_working_days", "fieldtype": "Check", "hidden": 0, @@ -391,12 +417,14 @@ }, { "allow_bulk_edit": 0, + "allow_in_quick_entry": 0, "allow_on_submit": 0, "bold": 0, "collapsible": 0, "columns": 0, "default": "1", "description": "Emails salary slip to employee based on preferred email selected in Employee", + "fetch_if_empty": 0, "fieldname": "email_salary_slip_to_employee", "fieldtype": "Check", "hidden": 0, @@ -424,10 +452,82 @@ }, { "allow_bulk_edit": 0, + "allow_in_quick_entry": 0, "allow_on_submit": 0, "bold": 0, "collapsible": 0, "columns": 0, + "depends_on": "eval: doc.email_salary_slip_to_employee == 1;", + "description": "The salary slip emailed to the employee will be password protected, the password will be generated based on the password policy.", + "fetch_if_empty": 0, + "fieldname": "encrypt_salary_slips_in_emails", + "fieldtype": "Check", + "hidden": 0, + "ignore_user_permissions": 0, + "ignore_xss_filter": 0, + "in_filter": 0, + "in_global_search": 0, + "in_list_view": 0, + "in_standard_filter": 0, + "label": "Encrypt Salary Slips in Emails", + "length": 0, + "no_copy": 0, + "permlevel": 0, + "precision": "", + "print_hide": 0, + "print_hide_if_no_value": 0, + "read_only": 0, + "remember_last_selected_value": 0, + "report_hide": 0, + "reqd": 0, + "search_index": 0, + "set_only_once": 0, + "translatable": 0, + "unique": 0 + }, + { + "allow_bulk_edit": 0, + "allow_in_quick_entry": 0, + "allow_on_submit": 0, + "bold": 0, + "collapsible": 0, + "columns": 0, + "depends_on": "eval: doc.encrypt_salary_slips_in_emails == 1", + "description": "Example: SAL-{first_name}-{date_of_birth.year}
This will generate a password like SAL-Jane-1972", + "fetch_if_empty": 0, + "fieldname": "password_policy", + "fieldtype": "Data", + "hidden": 0, + "ignore_user_permissions": 0, + "ignore_xss_filter": 0, + "in_filter": 0, + "in_global_search": 0, + "in_list_view": 1, + "in_standard_filter": 0, + "label": "Password Policy", + "length": 0, + "no_copy": 0, + "permlevel": 0, + "precision": "", + "print_hide": 0, + "print_hide_if_no_value": 0, + "read_only": 0, + "remember_last_selected_value": 0, + "report_hide": 0, + "reqd": 0, + "search_index": 0, + "set_only_once": 0, + "translatable": 0, + "unique": 0 + }, + { + "allow_bulk_edit": 0, + "allow_in_quick_entry": 0, + "allow_on_submit": 0, + "bold": 0, + "collapsible": 0, + "columns": 0, + "fetch_if_empty": 0, "fieldname": "max_working_hours_against_timesheet", "fieldtype": "Float", "hidden": 0, @@ -455,10 +555,12 @@ }, { "allow_bulk_edit": 0, + "allow_in_quick_entry": 0, "allow_on_submit": 0, "bold": 0, "collapsible": 0, "columns": 0, + "fetch_if_empty": 0, "fieldname": "leave_settings", "fieldtype": "Section Break", "hidden": 0, @@ -481,14 +583,17 @@ "reqd": 0, "search_index": 0, "set_only_once": 0, + "translatable": 0, "unique": 0 }, { "allow_bulk_edit": 0, + "allow_in_quick_entry": 0, "allow_on_submit": 0, "bold": 0, "collapsible": 0, "columns": 0, + "fetch_if_empty": 0, "fieldname": "show_leaves_of_all_department_members_in_calendar", "fieldtype": "Check", "hidden": 0, @@ -511,22 +616,21 @@ "reqd": 0, "search_index": 0, "set_only_once": 0, + "translatable": 0, "unique": 0 } ], "has_web_view": 0, - "hide_heading": 0, "hide_toolbar": 0, "icon": "fa fa-cog", "idx": 1, - "image_view": 0, "in_create": 0, "is_submittable": 0, "issingle": 1, "istable": 0, "max_attachments": 0, - "modified": "2018-05-03 15:36:13.015466", - "modified_by": "Administrator", + "modified": "2019-04-25 15:08:12.983571", + "modified_by": "shivam@example.com", "module": "HR", "name": "HR Settings", "owner": "Administrator", @@ -553,9 +657,9 @@ ], "quick_entry": 0, "read_only": 0, - "read_only_onload": 0, "show_name_in_global_search": 0, "sort_order": "ASC", "track_changes": 0, - "track_seen": 0 + "track_seen": 0, + "track_views": 0 } \ No newline at end of file diff --git a/erpnext/hr/doctype/hr_settings/hr_settings.py b/erpnext/hr/doctype/hr_settings/hr_settings.py index 964eaee7ed0..78095b30869 100644 --- a/erpnext/hr/doctype/hr_settings/hr_settings.py +++ b/erpnext/hr/doctype/hr_settings/hr_settings.py @@ -5,11 +5,21 @@ from __future__ import unicode_literals import frappe +from frappe import _ from frappe.model.document import Document class HRSettings(Document): def validate(self): + self.set_naming_series() + self.validate_password_policy() + + def set_naming_series(self): from erpnext.setup.doctype.naming_series.naming_series import set_by_naming_series set_by_naming_series("Employee", "employee_number", self.get("emp_created_by")=="Naming Series", hide_name_field=True) + + def validate_password_policy(self): + if self.email_salary_slip_to_employee and self.encrypt_salary_slips_in_emails: + if not self.password_policy: + frappe.throw(_("Password policy for Salary Slips is not set")) \ No newline at end of file diff --git a/erpnext/hr/doctype/salary_slip/salary_slip.py b/erpnext/hr/doctype/salary_slip/salary_slip.py index fbfa3af6cd9..5f6ddfc8fc3 100644 --- a/erpnext/hr/doctype/salary_slip/salary_slip.py +++ b/erpnext/hr/doctype/salary_slip/salary_slip.py @@ -520,13 +520,20 @@ class SalarySlip(TransactionBase): def email_salary_slip(self): receiver = frappe.db.get_value("Employee", self.employee, "prefered_email") + hr_settings = frappe.get_single("HR Settings") + message = "Please see attachment" + password = None + if hr_settings.encrypt_salary_slips_in_emails: + password = generate_password_for_pdf(hr_settings.password_policy, self.employee) + message += """
Note: Your salary slip is password protected, + the password to unlock the PDF is of the format {0}. """.format(hr_settings.password_policy) if receiver: email_args = { "recipients": [receiver], - "message": _("Please see attachment"), + "message": _(message), "subject": 'Salary Slip - from {0} to {1}'.format(self.start_date, self.end_date), - "attachments": [frappe.attach_print(self.doctype, self.name, file_name=self.name)], + "attachments": [frappe.attach_print(self.doctype, self.name, file_name=self.name, password=password)], "reference_doctype": self.doctype, "reference_name": self.name } @@ -843,3 +850,7 @@ def unlink_ref_doc_from_salary_slip(ref_no): for ss in linked_ss: ss_doc = frappe.get_doc("Salary Slip", ss) frappe.db.set_value("Salary Slip", ss_doc.name, "journal_entry", "") + +def generate_password_for_pdf(policy_template, employee): + employee = frappe.get_doc("Employee", employee) + return policy_template.format(**employee.as_dict()) diff --git a/erpnext/patches.txt b/erpnext/patches.txt index 01270e47797..bdc1ed4f100 100644 --- a/erpnext/patches.txt +++ b/erpnext/patches.txt @@ -512,6 +512,7 @@ erpnext.patches.v11_0.rename_employee_loan_to_loan erpnext.patches.v11_0.move_leave_approvers_from_employee #13-06-2018 erpnext.patches.v11_0.update_department_lft_rgt erpnext.patches.v11_0.add_default_email_template_for_leave +execute:frappe.reload_doc("HR", "doctype", "HR Settings") erpnext.patches.v11_0.set_default_email_template_in_hr #08-06-2018 erpnext.patches.v11_0.uom_conversion_data #30-06-2018 erpnext.patches.v10_0.taxes_issue_with_pos diff --git a/erpnext/patches/v11_0/set_default_email_template_in_hr.py b/erpnext/patches/v11_0/set_default_email_template_in_hr.py index e895eaeb653..14954fbeb31 100644 --- a/erpnext/patches/v11_0/set_default_email_template_in_hr.py +++ b/erpnext/patches/v11_0/set_default_email_template_in_hr.py @@ -2,7 +2,6 @@ from __future__ import unicode_literals import frappe def execute(): - hr_settings = frappe.get_single("HR Settings") hr_settings.leave_approval_notification_template = "Leave Approval Notification" hr_settings.leave_status_notification_template = "Leave Status Notification"