Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

frappe.db.get_list not returning all the fields with wildcard * from client side #25441

Closed
india081947 opened this issue Mar 14, 2024 · 4 comments
Closed

frappe.db.get_list not returning all the fields with wildcard * from client side #25441

india081947 opened this issue Mar 14, 2024 · 4 comments
Labels
bug

Comments

@india081947
Copy link

Description of the issue

Context information (for bug reports)

Output of bench version

erpnext 15.14.3
frappe 15.8.1
india_compliance 15.0.2

Steps to reproduce the issue

Call from chrome console:

await frappe.db.get_list(
            'Sales Invoice Item',
            {
                fields: ["*"],
                limit: 20,
                parent_doctype: 'Sales Invoice'
            }
        );

Observed result

Received only default fields

"doctype",
"name",
"owner",
"creation",
"modified",
"modified_by",
"docstatus",
"idx",

Expected result

All the fields due to wildcard * in fields:

name
creation
modified
modified_by
owner
docstatus
idx
barcode
has_item_scanned
item_code
item_name
customer_item_code
description
item_group
brand
image
qty
stock_uom
uom
conversion_factor
stock_qty
price_list_rate
base_price_list_rate
margin_type
margin_rate_or_amount
rate_with_margin
.....

Additional information

This use to send all the fields but after the release of pull request #20810 it seems it has cause the problem.

File:
frappe/desk/reportview.py

Function Trace:
get_list > get_form_params > validate_args > validate_fields > update_wildcard_field_param > get_permitted_fields

Cause:
After the change get_permitted_fields added additional param as parenttype.

if we send it along with get_list call then it will throw error in Database.execute as parenttype not a valid arugument parameter, because DatabaseQuery.execute expects parent_doctype as param and not parenttype for check_read_permission and hence it throws error.


await frappe.db.get_list(
            'Sales Invoice Item',
            {
                fields: ["*"],
                limit: 20,
                parenttype: 'Sales Invoice'
            }
        );

Traceback (most recent call last):
  File "apps/frappe/frappe/app.py", line 110, in application
    response = frappe.api.handle(request)
               ^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "apps/frappe/frappe/api/__init__.py", line 49, in handle
    data = endpoint(**arguments)
           ^^^^^^^^^^^^^^^^^^^^^
  File "apps/frappe/frappe/api/v1.py", line 36, in handle_rpc_call
    return frappe.handler.handle()
           ^^^^^^^^^^^^^^^^^^^^^^^
  File "apps/frappe/frappe/handler.py", line 49, in handle
    data = execute_cmd(cmd)
           ^^^^^^^^^^^^^^^^
  File "apps/frappe/frappe/handler.py", line 85, in execute_cmd
    return frappe.call(method, **frappe.form_dict)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "apps/frappe/frappe/__init__.py", line 1716, in call
    return fn(*args, **newargs)
           ^^^^^^^^^^^^^^^^^^^^
  File "apps/frappe/frappe/utils/typing_validations.py", line 31, in wrapper
    return func(*args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^
  File "apps/frappe/frappe/__init__.py", line 876, in wrapper_fn
    retval = fn(*args, **get_newargs(fn, kwargs))
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "apps/frappe/frappe/desk/reportview.py", line 42, in get_list
    data = execute(**args)
           ^^^^^^^^^^^^^^^
  File "apps/frappe/frappe/desk/reportview.py", line 64, in execute
    return DatabaseQuery(doctype).execute(*args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
TypeError: DatabaseQuery.execute() got an unexpected keyword argument 'parenttype'

and if we dont pass parenttype or parent_doctype(which is required for read persmission of child doc) then it throws below error

await frappe.db.get_list(
            'Sales Invoice Item',
            {
                fields: ["*"],
                limit: 20
            }
        );

Traceback (most recent call last):
  File "apps/frappe/frappe/app.py", line 110, in application
    response = frappe.api.handle(request)
               ^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "apps/frappe/frappe/api/__init__.py", line 49, in handle
    data = endpoint(**arguments)
           ^^^^^^^^^^^^^^^^^^^^^
  File "apps/frappe/frappe/api/v1.py", line 36, in handle_rpc_call
    return frappe.handler.handle()
           ^^^^^^^^^^^^^^^^^^^^^^^
  File "apps/frappe/frappe/handler.py", line 49, in handle
    data = execute_cmd(cmd)
           ^^^^^^^^^^^^^^^^
  File "apps/frappe/frappe/handler.py", line 85, in execute_cmd
    return frappe.call(method, **frappe.form_dict)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "apps/frappe/frappe/__init__.py", line 1716, in call
    return fn(*args, **newargs)
           ^^^^^^^^^^^^^^^^^^^^
  File "apps/frappe/frappe/utils/typing_validations.py", line 31, in wrapper
    return func(*args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^
  File "apps/frappe/frappe/__init__.py", line 876, in wrapper_fn
    retval = fn(*args, **get_newargs(fn, kwargs))
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "apps/frappe/frappe/desk/reportview.py", line 42, in get_list
    data = execute(**args)
           ^^^^^^^^^^^^^^^
  File "apps/frappe/frappe/desk/reportview.py", line 64, in execute
    return DatabaseQuery(doctype).execute(*args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "apps/frappe/frappe/model/db_query.py", line 115, in execute
    self.check_read_permission(self.doctype, parent_doctype=parent_doctype)
  File "apps/frappe/frappe/model/db_query.py", line 510, in check_read_permission
    self._set_permission_map(doctype, parent_doctype)
  File "apps/frappe/frappe/model/db_query.py", line 516, in _set_permission_map
    frappe.has_permission(
  File "apps/frappe/frappe/__init__.py", line 1041, in has_permission
    raise frappe.PermissionError
frappe.exceptions.PermissionError

Possible Solution:
frappe/desk/reportview.py > update_wildcard_field_param

	data.fields = get_permitted_fields(data.doctype, parenttype= data.parenttype if data.parenttype else data.parent_doctype)

so that if the data.parent_doctype is passed then it will be set, and it will be used only if parenttype is not present so that it avoid breaking any dependency
@india081947
Copy link
Author

@gavindsouza requesting your suggestion on the same.

@agatho-daemon
Copy link

Further to the above (in bench console):

In [2]: frappe.db.get_list('Dynamic Link',
   ...: filters={
   ...: 'link_doctype': 'Customer',
   ...: 'link_name': 'CUST-2024-0001',
   ...: 'parenttype': 'Address'
   ...: },
   ...: fields=['name', 'parent','parenttype','link_name','link_doctype'])
Out[2]: [{'name': 'f433d7931f', 'parenttype': 'Address', 'link_doctype': 'Customer'}]

Noting that the user is reporeted by frappe.session.user is 'Administrator' with full permissions.

Using default Python3 and MariaDB versions on Ubuntu 24.04.

@agatho-daemon
Copy link

Looks like there is an undocumented argument in both get_list() and get_all(): ignore_permissions=True.

In both methods it returns expected output whether all ('*') or selected fields.

@klahap klahap mentioned this issue May 23, 2024
Merged
This was referenced May 24, 2024
Closed
Merged
@akhilnarang
Copy link
Member

#26543

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jun 20, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@akhilnarang @agatho-daemon @india081947