fix(Leave Balance Report): total allocated leaves not calculated properly (#16969)
* fix: total alloted leaves not calculated properly
* fix: Possible SQL injection
* typo fix in sql query
* prevent sql injection again ?
* Use ORM for query
diff --git a/erpnext/hr/doctype/leave_application/leave_application.py b/erpnext/hr/doctype/leave_application/leave_application.py
index 692db8e..b73d0e5 100755
--- a/erpnext/hr/doctype/leave_application/leave_application.py
+++ b/erpnext/hr/doctype/leave_application/leave_application.py
@@ -399,6 +399,19 @@
return flt(allocation.total_leaves_allocated) - (flt(leaves_taken) + flt(leaves_encashed))
+def get_total_allocated_leaves(employee, leave_type, date):
+ filters= {
+ 'from_date': ['<=', date],
+ 'to_date': ['>=', date],
+ 'docstatus': 1,
+ 'leave_type': leave_type,
+ 'employee': employee
+ }
+
+ leave_allocation_records = frappe.db.get_all('Leave Allocation', filters=filters, fields=['total_leaves_allocated'])
+
+ return flt(leave_allocation_records[0]['total_leaves_allocated']) if leave_allocation_records else flt(0)
+
def get_leaves_for_period(employee, leave_type, from_date, to_date, status, docname=None):
leave_applications = frappe.db.sql("""
select name, employee, leave_type, from_date, to_date, total_leave_days
diff --git a/erpnext/hr/report/employee_leave_balance/employee_leave_balance.py b/erpnext/hr/report/employee_leave_balance/employee_leave_balance.py
index ed44d63..95cb30b 100644
--- a/erpnext/hr/report/employee_leave_balance/employee_leave_balance.py
+++ b/erpnext/hr/report/employee_leave_balance/employee_leave_balance.py
@@ -5,21 +5,21 @@
import frappe
from frappe import _
from erpnext.hr.doctype.leave_application.leave_application \
- import get_leave_allocation_records, get_leave_balance_on, get_approved_leaves_for_period
+ import get_leave_allocation_records, get_leave_balance_on, get_approved_leaves_for_period, get_total_allocated_leaves
def execute(filters=None):
leave_types = frappe.db.sql_list("select name from `tabLeave Type` order by name asc")
-
+
columns = get_columns(leave_types)
data = get_data(filters, leave_types)
-
+
return columns, data
-
+
def get_columns(leave_types):
columns = [
- _("Employee") + ":Link/Employee:150",
- _("Employee Name") + "::200",
+ _("Employee") + ":Link/Employee:150",
+ _("Employee Name") + "::200",
_("Department") +"::150"
]
@@ -27,18 +27,18 @@
columns.append(_(leave_type) + " " + _("Opening") + ":Float:160")
columns.append(_(leave_type) + " " + _("Taken") + ":Float:160")
columns.append(_(leave_type) + " " + _("Balance") + ":Float:160")
-
+
return columns
-
+
def get_data(filters, leave_types):
user = frappe.session.user
allocation_records_based_on_to_date = get_leave_allocation_records(filters.to_date)
allocation_records_based_on_from_date = get_leave_allocation_records(filters.from_date)
- active_employees = frappe.get_all("Employee",
- filters = { "status": "Active", "company": filters.company},
+ active_employees = frappe.get_all("Employee",
+ filters = { "status": "Active", "company": filters.company},
fields = ["name", "employee_name", "department", "user_id"])
-
+
data = []
for employee in active_employees:
leave_approvers = get_approvers(employee.department)
@@ -51,8 +51,7 @@
filters.from_date, filters.to_date)
# opening balance
- opening = get_leave_balance_on(employee.name, leave_type, filters.from_date,
- allocation_records_based_on_from_date.get(employee.name, frappe._dict()))
+ opening = get_total_allocated_leaves(employee.name, leave_type, filters.to_date)
# closing balance
closing = get_leave_balance_on(employee.name, leave_type, filters.to_date,
@@ -61,7 +60,7 @@
row += [opening, leaves_taken, closing]
data.append(row)
-
+
return data
def get_approvers(department):