From 93656417774c8b48e1d9bc18225e1547e00982e4 Mon Sep 17 00:00:00 2001 From: Rushabh Mehta Date: Thu, 6 Apr 2017 18:24:34 +0530 Subject: [PATCH] [added] frappe.safe_eval --- erpnext/controllers/status_updater.py | 4 ++-- erpnext/hr/doctype/salary_slip/salary_slip.py | 4 ++-- erpnext/stock/doctype/stock_entry/test_stock_entry.py | 10 +++++----- erpnext/templates/pages/demo.html | 2 +- 4 files changed, 10 insertions(+), 10 deletions(-) diff --git a/erpnext/controllers/status_updater.py b/erpnext/controllers/status_updater.py index 55bcaf387f..0421580563 100644 --- a/erpnext/controllers/status_updater.py +++ b/erpnext/controllers/status_updater.py @@ -3,7 +3,7 @@ from __future__ import unicode_literals import frappe -from frappe.utils import flt, comma_or, nowdate, getdate +from frappe.utils import flt, comma_or from frappe import _ from frappe.model.document import Document @@ -119,7 +119,7 @@ class StatusUpdater(Document): self.status = s[0] break elif s[1].startswith("eval:"): - if eval(s[1][5:]): + if frappe.safe_eval(s[1][5:]): self.status = s[0] break elif getattr(self, s[1])(): diff --git a/erpnext/hr/doctype/salary_slip/salary_slip.py b/erpnext/hr/doctype/salary_slip/salary_slip.py index 6840f2503c..afd45b5367 100644 --- a/erpnext/hr/doctype/salary_slip/salary_slip.py +++ b/erpnext/hr/doctype/salary_slip/salary_slip.py @@ -76,12 +76,12 @@ class SalarySlip(TransactionBase): def eval_condition_and_formula(self, d, data): try: if d.condition: - if not eval(d.condition, {}, data): + if not frappe.safe_eval(d.condition, None, data): return None amount = d.amount if d.amount_based_on_formula: if d.formula: - amount = eval(d.formula, None, data) + amount = frappe.safe_eval(d.formula, None, data) if amount: data[d.abbr] = amount diff --git a/erpnext/stock/doctype/stock_entry/test_stock_entry.py b/erpnext/stock/doctype/stock_entry/test_stock_entry.py index 79df591349..b16dee940d 100644 --- a/erpnext/stock/doctype/stock_entry/test_stock_entry.py +++ b/erpnext/stock/doctype/stock_entry/test_stock_entry.py @@ -44,30 +44,30 @@ class TestStockEntry(unittest.TestCase): make_stock_entry(item_code=item_code, target=warehouse, qty=1, basic_rate=10) sle = get_sle(item_code = item_code, warehouse = warehouse)[0] - self.assertEqual([[1, 10]], eval(sle.stock_queue)) + self.assertEqual([[1, 10]], frappe.safe_eval(sle.stock_queue)) # negative qty make_stock_entry(item_code=item_code, source=warehouse, qty=2, basic_rate=10) sle = get_sle(item_code = item_code, warehouse = warehouse)[0] - self.assertEqual([[-1, 10]], eval(sle.stock_queue)) + self.assertEqual([[-1, 10]], frappe.safe_eval(sle.stock_queue)) # further negative make_stock_entry(item_code=item_code, source=warehouse, qty=1) sle = get_sle(item_code = item_code, warehouse = warehouse)[0] - self.assertEqual([[-2, 10]], eval(sle.stock_queue)) + self.assertEqual([[-2, 10]], frappe.safe_eval(sle.stock_queue)) # move stock to positive make_stock_entry(item_code=item_code, target=warehouse, qty=3, basic_rate=20) sle = get_sle(item_code = item_code, warehouse = warehouse)[0] - self.assertEqual([[1, 20]], eval(sle.stock_queue)) + self.assertEqual([[1, 20]], frappe.safe_eval(sle.stock_queue)) # incoming entry with diff rate make_stock_entry(item_code=item_code, target=warehouse, qty=1, basic_rate=30) sle = get_sle(item_code = item_code, warehouse = warehouse)[0] - self.assertEqual([[1, 20],[1, 30]], eval(sle.stock_queue)) + self.assertEqual([[1, 20],[1, 30]], frappe.safe_eval(sle.stock_queue)) frappe.db.set_default("allow_negative_stock", 0) diff --git a/erpnext/templates/pages/demo.html b/erpnext/templates/pages/demo.html index 108319fcf1..f94a7c4591 100644 --- a/erpnext/templates/pages/demo.html +++ b/erpnext/templates/pages/demo.html @@ -44,7 +44,7 @@ $(document).ready(function() { {% endblock %} {% block title %} -{{ _("Login") }} +{{ _("ERPNext Demo") }} {% endblock %} {% block page_content %}