Shiloh/brotherton-erpnext
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

removed single quote from sql query

Browse Source
This commit is contained in:
Nabin Hait 2011-09-08 11:37:50 +05:30
parent 3fe30954f2
commit 94afaa8697
1 changed files with 165 additions and 167 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
setup/doctype/authorization_control/authorization_control.py
View File

@ -32,9 +32,9 @@ class DocType(TransactionBase):
amt_list.append(flt(x[0])) amt_list.append(flt(x[0]))
max_amount = max(amt_list) max_amount = max(amt_list)
app_dtl = sql("select approving_user, approving_role from `tabAuthorization Rule` where transaction = '%s' and (value = '%s' or value > '%s') and docstatus != 2 and based_on = '%s' and company = '%s' %s" % (doctype_name, flt(max_amount), total, based_on, company, condition)) app_dtl = sql("select approving_user, approving_role from `tabAuthorization Rule` where transaction = %s and (value = %s or value > %s) and docstatus != 2 and based_on = %s and company = %s %s", (doctype_name, flt(max_amount), total, based_on, company, condition))
if not app_dtl: if not app_dtl:
app_dtl = sql("select approving_user, approving_role from `tabAuthorization Rule` where transaction = '%s' and (value = '%s' or value > '%s') and docstatus != 2 and based_on = '%s' and ifnull(company,'') = '' %s" % (doctype_name, flt(max_amount), total, based_on, condition)) app_dtl = sql("select approving_user, approving_role from `tabAuthorization Rule` where transaction = %s and (value = %s or value > %s) and docstatus != 2 and based_on = %s and ifnull(company,'') = '' %s", (doctype_name, flt(max_amount), total, based_on, condition))
for d in app_dtl: for d in app_dtl:
if(d[0]): appr_users.append(d[0]) if(d[0]): appr_users.append(d[0])
if(d[1]): appr_roles.append(d[1]) if(d[1]): appr_roles.append(d[1])
@ -61,17 +61,17 @@ class DocType(TransactionBase):
add_cond1,add_cond2 = '','' add_cond1,add_cond2 = '',''
if based_on == 'Itemwise Discount': if based_on == 'Itemwise Discount':
add_cond1 += " and master_name = '"+cstr(item)+"'" add_cond1 += " and master_name = '"+cstr(item)+"'"
itemwise_exists = sql("select value from `tabAuthorization Rule` where transaction = '%s' and value <= '%s' and based_on = '%s' and company = '%s' and docstatus != 2 %s %s" % (doctype_name, total, based_on, company, cond, add_cond1)) itemwise_exists = sql("select value from `tabAuthorization Rule` where transaction = %s and value <= %s and based_on = %s and company = %s and docstatus != 2 %s %s", (doctype_name, total, based_on, company, cond, add_cond1))
if not itemwise_exists: if not itemwise_exists:
itemwise_exists = sql("select value from `tabAuthorization Rule` where transaction = '%s' and value <= '%s' and based_on = '%s' and ifnull(company,'') = '' and docstatus != 2 %s %s" % (doctype_name, total, based_on, cond, add_cond1)) itemwise_exists = sql("select value from `tabAuthorization Rule` where transaction = %s and value <= %s and based_on = %s and ifnull(company,'') = '' and docstatus != 2 %s %s", (doctype_name, total, based_on, cond, add_cond1))
if itemwise_exists: if itemwise_exists:
self.get_appr_user_role(itemwise_exists, doctype_name, total, based_on, cond+add_cond1, item,company) self.get_appr_user_role(itemwise_exists, doctype_name, total, based_on, cond+add_cond1, item,company)
chk = 0 chk = 0
if chk == 1: if chk == 1:
if based_on == 'Itemwise Discount': add_cond2 += " and ifnull(master_name,'') = ''" if based_on == 'Itemwise Discount': add_cond2 += " and ifnull(master_name,'') = ''"
appr = sql("select value from `tabAuthorization Rule` where transaction = '%s' and value <= '%s' and based_on = '%s' and company = '%s' and docstatus != 2 %s %s" % (doctype_name, total, based_on, company, cond, add_cond2)) appr = sql("select value from `tabAuthorization Rule` where transaction = %s and value <= %s and based_on = %s and company = %s and docstatus != 2 %s %s", (doctype_name, total, based_on, company, cond, add_cond2))
if not appr: if not appr:
appr = sql("select value from `tabAuthorization Rule` where transaction = '%s' and value <= '%s' and based_on = '%s' and ifnull(company,'') = '' and docstatus != 2 %s %s" % (doctype_name, total, based_on, cond, add_cond2)) appr = sql("select value from `tabAuthorization Rule` where transaction = %s and value <= %s and based_on = %s and ifnull(company,'') = '' and docstatus != 2 %s %s", (doctype_name, total, based_on, cond, add_cond2))
self.get_appr_user_role(appr, doctype_name, total, based_on, cond+add_cond2, item, company) self.get_appr_user_role(appr, doctype_name, total, based_on, cond+add_cond2, item, company)
@ -116,7 +116,7 @@ class DocType(TransactionBase):
# ================ # ================
# Check for authorization set for individual user # Check for authorization set for individual user
based_on = [x[0] for x in sql("select distinct based_on from `tabAuthorization Rule` where transaction = '%s' and system_user = '%s' and (company = '%s' or ifnull(company,'')='') and docstatus != 2" %(doctype_name, session['user'], company))] based_on = [x[0] for x in sql("select distinct based_on from `tabAuthorization Rule` where transaction = %s and system_user = %s and (company = %s or ifnull(company,'')='') and docstatus != 2", (doctype_name, session['user'], company))]
for d in based_on: for d in based_on:
self.bifurcate_based_on_type(doctype_name, total, av_dis, d, doc_obj, 1, company) self.bifurcate_based_on_type(doctype_name, total, av_dis, d, doc_obj, 1, company)
@ -128,8 +128,7 @@ class DocType(TransactionBase):
# Specific Role # Specific Role
# =============== # ===============
# Check for authorization set on particular roles # Check for authorization set on particular roles
#based_on = [x[0] for x in sql("select based_on from `tabAuthorization Rule` where transaction = '%s' and system_role IN %s and based_on IN %s and docstatus != 2" %(doctype_name, "('"+"','".join(session['data']['profile']['roles'])+"')", "('"+"','".join(final_based_on)+"')"))] based_on = [x[0] for x in sql("select based_on from `tabAuthorization Rule` where transaction = %s and system_role IN %s and based_on IN %s and (company = %s or ifnull(company,'')='') and docstatus != 2", (doctype_name, "('"+"','".join(webnotes.user.get_roles())+"')", "('"+"','".join(final_based_on)+"')",company))]
based_on = [x[0] for x in sql("select based_on from `tabAuthorization Rule` where transaction = '%s' and system_role IN %s and based_on IN %s and (company = '%s' or ifnull(company,'')='') and docstatus != 2" %(doctype_name, "('"+"','".join(webnotes.user.get_roles())+"')", "('"+"','".join(final_based_on)+"')",company))]
for d in based_on: for d in based_on:
self.bifurcate_based_on_type(doctype_name, total, av_dis, d, doc_obj, 2, company) self.bifurcate_based_on_type(doctype_name, total, av_dis, d, doc_obj, 2, company)
@ -149,8 +148,7 @@ class DocType(TransactionBase):
val_lst =[] val_lst =[]
val = sql("select value from `tabAuthorization Rule` where transaction=%s and (to_emp=%s or to_designation IN (select designation from `tabEmployee` where name=%s)) and ifnull(value,0)< %s and company = %s and docstatus!=2",(doctype_name,employee,employee,total_claimed_amount,company)) val = sql("select value from `tabAuthorization Rule` where transaction=%s and (to_emp=%s or to_designation IN (select designation from `tabEmployee` where name=%s)) and ifnull(value,0)< %s and company = %s and docstatus!=2",(doctype_name,employee,employee,total_claimed_amount,company))
if not val: if not val:
val = sql("select value from `tabAuthorization Rule` where transaction=%s and (to_emp=%s or to_designation IN (select designation from `tabEmployee` where name=%s)) and ifnull(value,0)< %s and ifnull(company,'') = '' and docstatus!=2",(doctype_name,employee,employee,total_claimed_amount)) val = sql("select value from `tabAuthorization Rule` where transaction=%s and (to_emp=%s or to_designation IN (select designation from `tabEmployee` where name=%s)) and ifnull(value,0)< %s and ifnull(company,'') = '' and docstatus!=2",(doctype_name, employee, employee, total_claimed_amount))
if val: if val:
val_lst = [y[0] for y in val] val_lst = [y[0] for y in val]