Hi All, What would be the best-practice way to hide a doctype field based on the value of an entry in a site’s site_config.json?
I’m thinking to call a whitelisted method on refresh and toggle_display on the field if a certain value is returned.
Hi All, What would be the best-practice way to hide a doctype field based on the value of an entry in a site’s site_config.json?
I’m thinking to call a whitelisted method on refresh and toggle_display on the field if a certain value is returned.
Use case would be helpful? I don’t think what you are planning is elegant
Use case: We’ve moved the activation/deactivation of 2FA to the site_config. If deactivated, we don’t want the 2FA-related fields to show up in System Settings.
@Chude_Osiegbu maybe just add a validation in System Settings that 2FA is not enabled. I assume this is just an additional requirement (?)
You can also add the config values in onload
of System Settings and then conditionally hide the fields in JS. Either ways, add both options for those who use ERPNext only via the API.
Edit: I am planning to test and merge the 2FA today. Let me know if its good to go
They don’t . Our philosophy is that it’s an organisational decision and not a user opt-in. We had initially put the ability to switch it on/off in the System Settings but this risks shutting the Administrator out if, for any reason, there is a problem delivering the tokens. It’s also insecure to exclude the Administrator from 2FA as we had originally done. So, we decided to activate/deactivate from the site config.
Setting in site config allows the admin intervene and deactivate 2FA when there’s an issue
Open to alternative approaches.
Ok I am moving it back to System Settings
Will add a simple bench command to switch off 2FA
bench --site [sitename] execute frappe.twofactor.disable
Ok
Merged! Btw, I think I will remove it from the Setup Wizard. This is not really important to set upfront.
Hmm… On the fence about that. One could argue that it’s a good opportunity to start secure and make the Admin/organisation aware of it from the start.
This seems to be a good solution
And I agree with the idea of removing it from the setup wizard. In my opinion, there is already too much initially.
For discovery, maybe we can learn from Slack. When you login to slack, while the app loads, there are messages - sometimes random ones, some introducing features. Maybe we can replace the blue E with useful content for ERPNext (configurable of course).