nsinnovations/erpnext
2
0
Fork 0
mirror of https://github.com/frappe/erpnext.git synced 2026-05-13 02:01:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

refactor: Format and sanitise user inputs to search queries. (#23091)

Browse Source 
* refactor: Sanitize whitelisted method inputs

Co-authored-by: Prssanna Desai <prssud@gmail.com>
Co-authored-by: Shivam Mishra <scmmishra@users.noreply.github.com>

* refactor: Format and sanitize tax_account_query inputs

Co-authored-by: Nabin Hait <nabinhait@gmail.com>
Co-authored-by: Prssanna Desai <prssud@gmail.com>
Co-authored-by: Shivam Mishra <scmmishra@users.noreply.github.com>

* refactor: Validate and sanitize search inputs via decorator

Co-authored-by: Nabin Hait <nabinhait@gmail.com>
Co-authored-by: Prssanna Desai <prssud@gmail.com>
Co-authored-by: Shivam Mishra <scmmishra@users.noreply.github.com>

* style: Minor formatting fix

* refactor: Validate and sanitize search inputs using decorator

* fix: Typo

* fix: Remove unwanted import statement

* refactor: Repalce validate_and_sanitize_search_inputs() with validate_and_sanitize_search_inputs

Co-authored-by: Prssanna Desai <prssud@gmail.com>
Co-authored-by: Shivam Mishra <scmmishra@users.noreply.github.com>

Co-authored-by: Prssanna Desai <prssud@gmail.com>
Co-authored-by: Shivam Mishra <scmmishra@users.noreply.github.com>
Co-authored-by: Nabin Hait <nabinhait@gmail.com>
This commit is contained in:
Suraj Shetty
2020-08-20 11:27:19 +05:30
committed by GitHub
parent c7c72b76c6
commit 4ff1a4361d
32 changed files with 123 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
erpnext/hr/doctype/department_approver/department_approver.py
View File

@@ -11,6 +11,7 @@ class DepartmentApprover(Document):
pass
@frappe.whitelist()
@frappe.validate_and_sanitize_search_inputs
def get_approvers(doctype, txt, searchfield, start, page_len, filters):
if not filters.get("employee"):

1
erpnext/hr/doctype/employee_benefit_application/employee_benefit_application.py
View File

@@ -224,6 +224,7 @@ def get_benefit_amount_based_on_pro_rata(sal_struct, component_max_benefit):
@frappe.whitelist()
@frappe.validate_and_sanitize_search_inputs
def get_earning_components(doctype, txt, searchfield, start, page_len, filters):
if len(filters) < 2:
return {}

1
erpnext/hr/doctype/payroll_entry/payroll_entry.py
View File

@@ -574,6 +574,7 @@ def submit_salary_slips_for_employees(payroll_entry, salary_slips, publish_progr
frappe.msgprint(_("Could not submit some Salary Slips"))
@frappe.whitelist()
@frappe.validate_and_sanitize_search_inputs
def get_payroll_entries_for_jv(doctype, txt, searchfield, start, page_len, filters):
return frappe.db.sql("""
select name from `tabPayroll Entry`