feat: Password protected salary slips (#17380)
* feat: Added check for encrypting salary slips and password policy field
* feat: make password policy mandatory if encrypt option is selected
* feat: added password logic to email_salary_slip
* fix: import error
* chore: Minor enhancement to validations in salary slip
* fix: travis patch
* feat: Modified email body for password protected salary slips
diff --git a/erpnext/hr/doctype/hr_settings/hr_settings.js b/erpnext/hr/doctype/hr_settings/hr_settings.js
index 6ab523e..58ce422 100644
--- a/erpnext/hr/doctype/hr_settings/hr_settings.js
+++ b/erpnext/hr/doctype/hr_settings/hr_settings.js
@@ -4,5 +4,18 @@
frappe.ui.form.on('HR Settings', {
refresh: function(frm) {
+ },
+
+ encrypt_salary_slips_in_emails: function(frm) {
+ let encrypt_state = frm.doc.encrypt_salary_slips_in_emails;
+ frm.set_df_property('password_policy', 'reqd', encrypt_state);
+ },
+
+ validate: function(frm) {
+ let policy = frm.doc.password_policy;
+ if (policy.includes(' ') || policy.includes('--')) {
+ frappe.msgprint("Password policy cannot contain spaces or simultaneous hyphens. The format will be restructured automatically");
+ }
+ frm.set_value('password_policy', policy.split(new RegExp(" |-", 'g')).filter((token) => token).join('-'));
}
});
diff --git a/erpnext/hr/doctype/hr_settings/hr_settings.json b/erpnext/hr/doctype/hr_settings/hr_settings.json
index 225785d..5502ce8 100644
--- a/erpnext/hr/doctype/hr_settings/hr_settings.json
+++ b/erpnext/hr/doctype/hr_settings/hr_settings.json
@@ -1,5 +1,6 @@
{
"allow_copy": 0,
+ "allow_events_in_timeline": 0,
"allow_guest_to_view": 0,
"allow_import": 0,
"allow_rename": 0,
@@ -13,10 +14,12 @@
"fields": [
{
"allow_bulk_edit": 0,
+ "allow_in_quick_entry": 0,
"allow_on_submit": 0,
"bold": 0,
"collapsible": 0,
"columns": 0,
+ "fetch_if_empty": 0,
"fieldname": "employee_settings",
"fieldtype": "Section Break",
"hidden": 0,
@@ -43,12 +46,14 @@
},
{
"allow_bulk_edit": 0,
+ "allow_in_quick_entry": 0,
"allow_on_submit": 0,
"bold": 0,
"collapsible": 0,
"columns": 0,
"default": "",
"description": "Enter retirement age in years",
+ "fetch_if_empty": 0,
"fieldname": "retirement_age",
"fieldtype": "Data",
"hidden": 0,
@@ -76,12 +81,14 @@
},
{
"allow_bulk_edit": 0,
+ "allow_in_quick_entry": 0,
"allow_on_submit": 0,
"bold": 0,
"collapsible": 0,
"columns": 0,
"default": "Naming Series",
"description": "Employee record is created using selected field. ",
+ "fetch_if_empty": 0,
"fieldname": "emp_created_by",
"fieldtype": "Select",
"hidden": 0,
@@ -109,11 +116,13 @@
},
{
"allow_bulk_edit": 0,
+ "allow_in_quick_entry": 0,
"allow_on_submit": 0,
"bold": 0,
"collapsible": 0,
"columns": 0,
"default": "",
+ "fetch_if_empty": 0,
"fieldname": "leave_approval_notification_template",
"fieldtype": "Link",
"hidden": 0,
@@ -142,10 +151,12 @@
},
{
"allow_bulk_edit": 0,
+ "allow_in_quick_entry": 0,
"allow_on_submit": 0,
"bold": 0,
"collapsible": 0,
"columns": 0,
+ "fetch_if_empty": 0,
"fieldname": "leave_status_notification_template",
"fieldtype": "Link",
"hidden": 0,
@@ -174,10 +185,12 @@
},
{
"allow_bulk_edit": 0,
+ "allow_in_quick_entry": 0,
"allow_on_submit": 0,
"bold": 0,
"collapsible": 0,
"columns": 0,
+ "fetch_if_empty": 0,
"fieldname": "column_break_4",
"fieldtype": "Column Break",
"hidden": 0,
@@ -204,11 +217,13 @@
},
{
"allow_bulk_edit": 0,
+ "allow_in_quick_entry": 0,
"allow_on_submit": 0,
"bold": 0,
"collapsible": 0,
"columns": 0,
"description": "Don't send Employee Birthday Reminders",
+ "fetch_if_empty": 0,
"fieldname": "stop_birthday_reminders",
"fieldtype": "Check",
"hidden": 0,
@@ -235,10 +250,12 @@
},
{
"allow_bulk_edit": 0,
+ "allow_in_quick_entry": 0,
"allow_on_submit": 0,
"bold": 0,
"collapsible": 0,
"columns": 0,
+ "fetch_if_empty": 0,
"fieldname": "maintain_bill_work_hours_same",
"fieldtype": "Check",
"hidden": 0,
@@ -266,11 +283,13 @@
},
{
"allow_bulk_edit": 0,
+ "allow_in_quick_entry": 0,
"allow_on_submit": 0,
"bold": 0,
"collapsible": 0,
"columns": 0,
"default": "1",
+ "fetch_if_empty": 0,
"fieldname": "leave_approver_mandatory_in_leave_application",
"fieldtype": "Check",
"hidden": 0,
@@ -298,11 +317,13 @@
},
{
"allow_bulk_edit": 0,
+ "allow_in_quick_entry": 0,
"allow_on_submit": 0,
"bold": 0,
"collapsible": 0,
"columns": 0,
"default": "1",
+ "fetch_if_empty": 0,
"fieldname": "expense_approver_mandatory_in_expense_claim",
"fieldtype": "Check",
"hidden": 0,
@@ -330,10 +351,13 @@
},
{
"allow_bulk_edit": 0,
+ "allow_in_quick_entry": 0,
"allow_on_submit": 0,
"bold": 0,
"collapsible": 0,
"columns": 0,
+ "depends_on": "",
+ "fetch_if_empty": 0,
"fieldname": "payroll_settings",
"fieldtype": "Section Break",
"hidden": 0,
@@ -360,11 +384,13 @@
},
{
"allow_bulk_edit": 0,
+ "allow_in_quick_entry": 0,
"allow_on_submit": 0,
"bold": 0,
"collapsible": 0,
"columns": 0,
"description": "If checked, Total no. of Working Days will include holidays, and this will reduce the value of Salary Per Day",
+ "fetch_if_empty": 0,
"fieldname": "include_holidays_in_total_working_days",
"fieldtype": "Check",
"hidden": 0,
@@ -391,12 +417,14 @@
},
{
"allow_bulk_edit": 0,
+ "allow_in_quick_entry": 0,
"allow_on_submit": 0,
"bold": 0,
"collapsible": 0,
"columns": 0,
"default": "1",
"description": "Emails salary slip to employee based on preferred email selected in Employee",
+ "fetch_if_empty": 0,
"fieldname": "email_salary_slip_to_employee",
"fieldtype": "Check",
"hidden": 0,
@@ -424,10 +452,82 @@
},
{
"allow_bulk_edit": 0,
+ "allow_in_quick_entry": 0,
"allow_on_submit": 0,
"bold": 0,
"collapsible": 0,
"columns": 0,
+ "depends_on": "eval: doc.email_salary_slip_to_employee == 1;",
+ "description": "The salary slip emailed to the employee will be password protected, the password will be generated based on the password policy.",
+ "fetch_if_empty": 0,
+ "fieldname": "encrypt_salary_slips_in_emails",
+ "fieldtype": "Check",
+ "hidden": 0,
+ "ignore_user_permissions": 0,
+ "ignore_xss_filter": 0,
+ "in_filter": 0,
+ "in_global_search": 0,
+ "in_list_view": 0,
+ "in_standard_filter": 0,
+ "label": "Encrypt Salary Slips in Emails",
+ "length": 0,
+ "no_copy": 0,
+ "permlevel": 0,
+ "precision": "",
+ "print_hide": 0,
+ "print_hide_if_no_value": 0,
+ "read_only": 0,
+ "remember_last_selected_value": 0,
+ "report_hide": 0,
+ "reqd": 0,
+ "search_index": 0,
+ "set_only_once": 0,
+ "translatable": 0,
+ "unique": 0
+ },
+ {
+ "allow_bulk_edit": 0,
+ "allow_in_quick_entry": 0,
+ "allow_on_submit": 0,
+ "bold": 0,
+ "collapsible": 0,
+ "columns": 0,
+ "depends_on": "eval: doc.encrypt_salary_slips_in_emails == 1",
+ "description": "<b>Example:</b> SAL-{first_name}-{date_of_birth.year} <br>This will generate a password like SAL-Jane-1972",
+ "fetch_if_empty": 0,
+ "fieldname": "password_policy",
+ "fieldtype": "Data",
+ "hidden": 0,
+ "ignore_user_permissions": 0,
+ "ignore_xss_filter": 0,
+ "in_filter": 0,
+ "in_global_search": 0,
+ "in_list_view": 1,
+ "in_standard_filter": 0,
+ "label": "Password Policy",
+ "length": 0,
+ "no_copy": 0,
+ "permlevel": 0,
+ "precision": "",
+ "print_hide": 0,
+ "print_hide_if_no_value": 0,
+ "read_only": 0,
+ "remember_last_selected_value": 0,
+ "report_hide": 0,
+ "reqd": 0,
+ "search_index": 0,
+ "set_only_once": 0,
+ "translatable": 0,
+ "unique": 0
+ },
+ {
+ "allow_bulk_edit": 0,
+ "allow_in_quick_entry": 0,
+ "allow_on_submit": 0,
+ "bold": 0,
+ "collapsible": 0,
+ "columns": 0,
+ "fetch_if_empty": 0,
"fieldname": "max_working_hours_against_timesheet",
"fieldtype": "Float",
"hidden": 0,
@@ -455,10 +555,12 @@
},
{
"allow_bulk_edit": 0,
+ "allow_in_quick_entry": 0,
"allow_on_submit": 0,
"bold": 0,
"collapsible": 0,
"columns": 0,
+ "fetch_if_empty": 0,
"fieldname": "leave_settings",
"fieldtype": "Section Break",
"hidden": 0,
@@ -481,14 +583,17 @@
"reqd": 0,
"search_index": 0,
"set_only_once": 0,
+ "translatable": 0,
"unique": 0
},
{
"allow_bulk_edit": 0,
+ "allow_in_quick_entry": 0,
"allow_on_submit": 0,
"bold": 0,
"collapsible": 0,
"columns": 0,
+ "fetch_if_empty": 0,
"fieldname": "show_leaves_of_all_department_members_in_calendar",
"fieldtype": "Check",
"hidden": 0,
@@ -511,22 +616,21 @@
"reqd": 0,
"search_index": 0,
"set_only_once": 0,
+ "translatable": 0,
"unique": 0
}
],
"has_web_view": 0,
- "hide_heading": 0,
"hide_toolbar": 0,
"icon": "fa fa-cog",
"idx": 1,
- "image_view": 0,
"in_create": 0,
"is_submittable": 0,
"issingle": 1,
"istable": 0,
"max_attachments": 0,
- "modified": "2018-05-03 15:36:13.015466",
- "modified_by": "Administrator",
+ "modified": "2019-04-25 15:08:12.983571",
+ "modified_by": "shivam@example.com",
"module": "HR",
"name": "HR Settings",
"owner": "Administrator",
@@ -553,9 +657,9 @@
],
"quick_entry": 0,
"read_only": 0,
- "read_only_onload": 0,
"show_name_in_global_search": 0,
"sort_order": "ASC",
"track_changes": 0,
- "track_seen": 0
+ "track_seen": 0,
+ "track_views": 0
}
\ No newline at end of file
diff --git a/erpnext/hr/doctype/hr_settings/hr_settings.py b/erpnext/hr/doctype/hr_settings/hr_settings.py
index 964eaee..78095b3 100644
--- a/erpnext/hr/doctype/hr_settings/hr_settings.py
+++ b/erpnext/hr/doctype/hr_settings/hr_settings.py
@@ -5,11 +5,21 @@
from __future__ import unicode_literals
import frappe
+from frappe import _
from frappe.model.document import Document
class HRSettings(Document):
def validate(self):
+ self.set_naming_series()
+ self.validate_password_policy()
+
+ def set_naming_series(self):
from erpnext.setup.doctype.naming_series.naming_series import set_by_naming_series
set_by_naming_series("Employee", "employee_number",
self.get("emp_created_by")=="Naming Series", hide_name_field=True)
+
+ def validate_password_policy(self):
+ if self.email_salary_slip_to_employee and self.encrypt_salary_slips_in_emails:
+ if not self.password_policy:
+ frappe.throw(_("Password policy for Salary Slips is not set"))
\ No newline at end of file
diff --git a/erpnext/hr/doctype/salary_slip/salary_slip.py b/erpnext/hr/doctype/salary_slip/salary_slip.py
index fbfa3af..5f6ddfc 100644
--- a/erpnext/hr/doctype/salary_slip/salary_slip.py
+++ b/erpnext/hr/doctype/salary_slip/salary_slip.py
@@ -520,13 +520,20 @@
def email_salary_slip(self):
receiver = frappe.db.get_value("Employee", self.employee, "prefered_email")
+ hr_settings = frappe.get_single("HR Settings")
+ message = "Please see attachment"
+ password = None
+ if hr_settings.encrypt_salary_slips_in_emails:
+ password = generate_password_for_pdf(hr_settings.password_policy, self.employee)
+ message += """<br>Note: Your salary slip is password protected,
+ the password to unlock the PDF is of the format {0}. """.format(hr_settings.password_policy)
if receiver:
email_args = {
"recipients": [receiver],
- "message": _("Please see attachment"),
+ "message": _(message),
"subject": 'Salary Slip - from {0} to {1}'.format(self.start_date, self.end_date),
- "attachments": [frappe.attach_print(self.doctype, self.name, file_name=self.name)],
+ "attachments": [frappe.attach_print(self.doctype, self.name, file_name=self.name, password=password)],
"reference_doctype": self.doctype,
"reference_name": self.name
}
@@ -843,3 +850,7 @@
for ss in linked_ss:
ss_doc = frappe.get_doc("Salary Slip", ss)
frappe.db.set_value("Salary Slip", ss_doc.name, "journal_entry", "")
+
+def generate_password_for_pdf(policy_template, employee):
+ employee = frappe.get_doc("Employee", employee)
+ return policy_template.format(**employee.as_dict())
diff --git a/erpnext/patches.txt b/erpnext/patches.txt
index 01270e4..bdc1ed4 100644
--- a/erpnext/patches.txt
+++ b/erpnext/patches.txt
@@ -512,6 +512,7 @@
erpnext.patches.v11_0.move_leave_approvers_from_employee #13-06-2018
erpnext.patches.v11_0.update_department_lft_rgt
erpnext.patches.v11_0.add_default_email_template_for_leave
+execute:frappe.reload_doc("HR", "doctype", "HR Settings")
erpnext.patches.v11_0.set_default_email_template_in_hr #08-06-2018
erpnext.patches.v11_0.uom_conversion_data #30-06-2018
erpnext.patches.v10_0.taxes_issue_with_pos
diff --git a/erpnext/patches/v11_0/set_default_email_template_in_hr.py b/erpnext/patches/v11_0/set_default_email_template_in_hr.py
index e895eae..14954fb 100644
--- a/erpnext/patches/v11_0/set_default_email_template_in_hr.py
+++ b/erpnext/patches/v11_0/set_default_email_template_in_hr.py
@@ -2,7 +2,6 @@
import frappe
def execute():
-
hr_settings = frappe.get_single("HR Settings")
hr_settings.leave_approval_notification_template = "Leave Approval Notification"
hr_settings.leave_status_notification_template = "Leave Status Notification"