OpenAEC-Foundation/frappe-errors-controllers
skills/source/errors/frappe-errors-controllers/SKILL.md
Use when debugging or preventing errors in Frappe Document Controllers. Prevents autoname failures, validate loops, on_submit without is_submittable, wrong lifecycle hook choice, get_list permission errors, NestedSet errors, extend_doctype_class conflicts, missing super() calls, and recursion without flags. Covers error diagnosis by lifecycle phase for v14/v15/v16. Keywords: controller error, autoname, validate loop, on_submit, is_submittable,, save fails, validate error, on_submit not working, autoname broken, controller crash. get_list, NestedSet, extend_doctype_class, super, flags, recursion guard.
$ install --global
skillsauthnpx skillsauth add OpenAEC-Foundation/ERPNext_Anthropic_Claude_Development_Skill_Package frappe-errors-controllersInstall this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.
Security Scan Results
3 of 9 scanners reported clean
Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.
3
Scanners Passed
9
Scanners in report
Clean
TrivyContainer and dependency vulnerability scanner
95%
Clean
SemgrepStatic code analysis for vulnerabilities
95%
Clean
mcp-scan (Snyk)Model Context Protocol security validation
95%
Skipped
Snyk (dep)Open source security scanning
50%
Skipped
Socket.devSupply chain security analysis
50%
Skipped
VirusTotalMulti-engine malware detection
50%
Skipped
CrowdStrikeAdvanced threat intelligence
50%
Skipped
OSV-ScannerOpen Source Vulnerability database check
50%
Skipped
OWASP Dep-Check
50%
Last scanned: Apr 25, 2026, 12:04 PM36.6s4 files scanned
SKILL.md
- name:
- frappe-errors-controllers
- description:
- >
- Keywords:
- controller error, autoname, validate loop, on_submit, is_submittable,, save fails, validate error, on_submit not working, autoname broken, controller crash.
- license:
- MIT
- compatibility:
- Claude Code, Claude.ai Projects, Claude API. Frappe v14-v16.
- author:
- OpenAEC-Foundation
- version:
- 2.0
Controller Errors — Diagnosis and Resolution
Cross-refs: frappe-syntax-controllers (syntax), frappe-impl-controllers (workflows), frappe-errors-serverscripts (server scripts).
Error Diagnosis by Lifecycle Phase
CONTROLLER ERROR
│
├─► NAMING PHASE (autoname / before_naming)
│ ├─► NamingSeries not set → Add naming_series field or autoname property
│ ├─► DuplicateEntryError → Name collision, check uniqueness
│ └─► "name cannot be set directly" → Use autoname method, not self.name = x
│
├─► VALIDATION PHASE (before_validate / validate / before_save)
│ ├─► Infinite recursion → doc.save() called inside validate
│ ├─► Validation skipped → Missing super().validate() in override
│ └─► Wrong error timing → Use validate, not on_update, to block save
│
├─► SAVE PHASE (before_save / on_update / after_insert)
│ ├─► Changes lost in on_update → Use db_set(), not self.field = x
│ ├─► Infinite loop → self.save() in on_update triggers on_update again
│ └─► Transaction broken → frappe.db.commit() in controller (DON'T)
│
├─► SUBMIT PHASE (before_submit / on_submit)
│ ├─► "Not allowed to submit" → DocType missing is_submittable = 1
│ ├─► Partial state → Validation in on_submit (too late, already submitted)
│ └─► Stock/GL failures → Entries fail but docstatus already = 1
│
├─► CANCEL PHASE (before_cancel / on_cancel)
│ ├─► "Cannot cancel: linked docs" → Check and handle linked documents
│ └─► Partial cleanup → One reversal fails, rest skipped
│
└─► PERMISSION PHASE (has_permission / get_list)
├─► "Not permitted" → has_permission returns None (should be True/False)
├─► get_list returns nothing → permission_query_conditions SQL error
└─► SQL injection → User input in conditions without escape
Error Message → Cause → Fix Table
| Error Message | Cause | Fix |
|---------------|-------|-----|
| NamingSeries is not set | DocType uses naming_series but field is missing | Add naming_series field to DocType or set autoname in controller |
| DuplicateEntryError | autoname generated non-unique name | Use naming_series with counter, or add hash suffix |
| Maximum recursion depth exceeded | self.save() called in validate/on_update | NEVER call self.save() in hooks; use self.db_set() in on_update |
| Not allowed to submit | DocType lacks is_submittable = 1 | Enable "Is Submittable" in DocType settings |
| Cannot cancel: linked docs exist | Submitted linked documents block cancellation | Cancel linked docs first, or use before_cancel to check |
| AttributeError: super() | Missing super() call in overridden hook | ALWAYS call super().method_name() first in overrides |
| Value missing for: field | Controller validate skipped parent logic | Ensure super().validate() is called |
| frappe.db.commit() breaks transactions | Manual commit in controller hook | NEVER call frappe.db.commit() in controllers |
| Changes lost in on_update | Set self.field = x instead of self.db_set() | Use self.db_set("field", value) after save hooks |
| NestedSet: root cannot be child | Parent set to itself or circular reference | Validate parent != self in validate, check lft/rgt |
| extend_doctype_class conflict [v16+] | Multiple apps extend same class with conflicting methods | Use MRO-aware design, check method resolution order |
| has_permission returns wrong result | Function returns None instead of True/False | ALWAYS return explicit True or False |
| permission_query_conditions SQL error | Malformed WHERE clause fragment | Test conditions string independently, use frappe.db.escape() |
Critical Error Patterns
1. Autoname Failures
# ❌ WRONG — Setting name directly fails
class CustomDoc(Document):
def autoname(self):
self.name = f"DOC-{self.customer}" # May cause DuplicateEntryError
# ✅ CORRECT — Use naming utilities
class CustomDoc(Document):
def autoname(self):
# Option 1: Naming series
from frappe.model.naming import set_name_by_naming_series
set_name_by_naming_series(self)
# Option 2: Safe format with counter
self.name = frappe.model.naming.make_autoname(
f"DOC-.{self.customer}.-.####"
)
# Option 3: Hash for guaranteed uniqueness
# Set autoname = "hash" in DocType JSON instead
Autoname options: naming_series, field:fieldname, format:PREFIX-{fieldname}-.####, hash, Prompt, or custom autoname() method.
2. Validate Loop: self.save() in Hooks
# ❌ WRONG — Infinite recursion
class SalesOrder(Document):
def validate(self):
self.calculate_totals()
self.save() # Triggers validate again → infinite loop!
def on_update(self):
self.status = "Updated"
self.save() # Triggers on_update again → infinite loop!
# ✅ CORRECT — Framework handles save; use db_set after save
class SalesOrder(Document):
def validate(self):
self.calculate_totals()
# No save() — framework saves after validate completes
def on_update(self):
self.db_set("status", "Updated") # Direct DB write, no trigger
3. on_submit Without is_submittable
# ❌ ERROR — "Not allowed to submit"
class MyDoc(Document):
def on_submit(self):
self.create_entries()
# This fails if DocType JSON lacks: "is_submittable": 1
# ✅ FIX — Enable in DocType definition
# In my_doc.json:
# { "is_submittable": 1 }
# Then before_submit and on_submit hooks work
4. Wrong Lifecycle Hook: Error Timing
# ❌ WRONG — Validation in on_submit (document already submitted!)
class SalesOrder(Document):
def on_submit(self):
if not self.has_stock():
frappe.throw(_("Insufficient stock")) # docstatus already = 1!
# ✅ CORRECT — ALWAYS validate in before_submit
class SalesOrder(Document):
def before_submit(self):
if not self.has_stock():
frappe.throw(_("Insufficient stock")) # Clean abort, stays Draft
def on_submit(self):
self.create_stock_entries() # Only post-submit actions here
Transaction Rollback Rules by Hook:
| Hook | frappe.throw() Effect |
|------|------------------------|
| validate / before_save | Full rollback — document NOT saved |
| before_submit | Full rollback — stays Draft |
| before_cancel | Full rollback — stays Submitted |
| on_update / after_insert | Document IS saved — error shown but doc persists |
| on_submit | docstatus = 1 — error shown but ALREADY submitted |
| on_cancel | docstatus = 2 — error shown but ALREADY cancelled |
5. Missing super() in Overrides
# ❌ WRONG — Parent validation completely skipped
from erpnext.selling.doctype.sales_order.sales_order import SalesOrder
class CustomSalesOrder(SalesOrder):
def validate(self):
# Parent validate() never runs! All ERPNext validations bypassed!
self.custom_check()
# ✅ CORRECT — ALWAYS call super() first
class CustomSalesOrder(SalesOrder):
def validate(self):
super().validate() # Run all parent validations first
self.custom_check() # Then add custom logic
6. extend_doctype_class [v16+]
# In hooks.py — v16+ preferred approach
extend_doctype_class = {
"Sales Order": ["myapp.overrides.sales_order.SalesOrderMixin"]
}
# myapp/overrides/sales_order.py
class SalesOrderMixin:
"""Mixin class — extends, does not replace."""
def validate(self):
super().validate() # ALWAYS call super — runs original + other mixins
self.custom_validation()
Resolution order: class ExtendedSalesOrder(Mixin2, Mixin1, OriginalSalesOrder) — last mixin listed has highest priority.
7. Flags for Recursion Guard
# ❌ WRONG — on_update of linked doc triggers this doc's on_update
class SalesOrder(Document):
def on_update(self):
self.update_quotation() # Quotation.on_update triggers back here
# ✅ CORRECT — Use flags to prevent recursion
class SalesOrder(Document):
def on_update(self):
if self.flags.get("skip_linked_update"):
return
self.flags.skip_linked_update = True
self.update_quotation()
def update_quotation(self):
if self.quotation:
q = frappe.get_doc("Quotation", self.quotation)
q.flags.skip_linked_update = True # Prevent back-trigger
q.db_set("status", "Ordered")
8. get_list Permission Errors
# ❌ WRONG — permission_query_conditions returns None (fallback to no filter)
def get_permission_query(user):
pass # Returns None — shows ALL records!
# ❌ WRONG — SQL injection
def get_permission_query(user):
dept = frappe.db.get_value("User", user, "department")
return f"department = '{dept}'" # INJECTION RISK
# ✅ CORRECT — Explicit conditions with escape
def get_permission_query(user):
if "System Manager" in frappe.get_roles(user):
return "" # No filter — full access
dept = frappe.db.get_value("User", user, "department")
if dept:
return f"department = {frappe.db.escape(dept)}"
return "owner = {0}".format(frappe.db.escape(user))
Note: permission_query_conditions affects frappe.db.get_list() only, NOT frappe.db.get_all().
9. NestedSet Errors
# ❌ WRONG — Circular reference causes lft/rgt corruption
class Territory(NestedSet):
def validate(self):
# No parent validation!
pass
# ✅ CORRECT — Validate parent chain
class Territory(NestedSet):
def validate(self):
super().validate()
if self.parent_territory == self.name:
frappe.throw(_("Territory cannot be its own parent"))
# NestedSet.validate() checks circular refs automatically
# but explicit check gives better error message
on_cancel: Isolate Cleanup Operations
# ❌ WRONG — First failure stops all cleanup
def on_cancel(self):
self.reverse_stock() # If this fails...
self.reverse_gl() # ...this never runs
self.update_linked() # ...neither does this
# ✅ CORRECT — Isolate each reversal
def on_cancel(self):
errors = []
for operation, label in [
(self.reverse_stock, "Stock reversal"),
(self.reverse_gl, "GL reversal"),
(self.update_linked, "Linked docs"),
]:
try:
operation()
except Exception as e:
errors.append(f"{label}: {str(e)}")
frappe.log_error(frappe.get_traceback(), f"{label} Error")
if errors:
frappe.msgprint(
_("Cancelled with errors:<br>{0}").format("<br>".join(errors)),
indicator="orange"
)
ALWAYS / NEVER Rules
ALWAYS
- Call
super().method()in overridden hooks — Preserve parent logic - Validate in
before_submitnoton_submit— Last clean abort point - Use
self.db_set()inon_update— Directself.field = xis lost - Use
self.flagsfor recursion guards — Prevent circular hook triggers - Isolate cleanup operations in
on_cancel— Don't let one failure stop all - Use
frappe.db.escape()in permission queries — Prevent SQL injection - Return explicit True/False from
has_permission— None falls back to default - Use
frappe.log_error()for unexpected exceptions — Never swallow silently - Use
_()wrapper for all user-facing error messages — Enable translation
NEVER
- NEVER call
self.save()in validate/on_update — Causes infinite recursion - NEVER call
frappe.db.commit()in controllers — Framework manages transactions - NEVER put blocking validation in
on_submit— Document already submitted - NEVER skip
super()in overridden methods — Breaks parent class logic - NEVER return None from
has_permission— Returns unpredictable results - NEVER swallow exceptions with bare
except: pass— Always log errors - NEVER use
override_doctype_classwhenextend_doctype_classworks [v16+] - NEVER put heavy operations in
validate— Usefrappe.enqueue()fromon_update
Reference Files
| File | Contents |
|------|----------|
| references/examples.md | Real controller error scenarios with diagnosis |
| references/anti-patterns.md | Common controller mistakes with fixes |
| references/patterns.md | Defensive error handling patterns by lifecycle hook |
Related Skills
OpenAEC-Foundation/frappe-impl-integrations
tools
VerifiedTrustedCommunity
Use when implementing OAuth providers, Connected Apps, Webhooks, Payment Gateways, or Data Import/Export in Frappe. Prevents authentication failures from wrong OAuth flow, missed webhook deliveries, and data corruption during bulk imports. Covers OAuth2 provider/client, Connected App DocType, Webhook DocType, Payment Gateway integration, Data Import, Data Export, frappe.integrations module. Keywords: OAuth, Connected App, Webhook, Payment Gateway, Data Import, Data Export, integration, API key, OAuth2, webhook trigger, connect to external service, OAuth setup, webhook configuration, import data, export data..
86SKILL.mdUpdated Apr 25, 2026
OpenAEC-Foundation/frappe-impl-hooks
development
VerifiedTrustedCommunity
Use when implementing hooks.py configurations in a Frappe custom app. Covers step-by-step workflows for doc_events, scheduler_events, override/extend_doctype_class, permission hooks, extend_bootinfo, fixtures, asset injection, website hooks, and doctype_js. Prevents broken transactions, missed migrations, and multi-app conflicts. Keywords: hooks.py, doc_events, scheduler_events, override doctype,, how to add hook, when to use doc_events, scheduler setup, override existing behavior. extend doctype class, permission hook, scheduler job, fixtures, doctype_js, extend_bootinfo, website hooks.
86SKILL.mdUpdated Apr 25, 2026
OpenAEC-Foundation/frappe-impl-customapp
development
VerifiedTrustedCommunity
Use when building a custom Frappe app from scratch. Covers bench new-app walkthrough, app structure decisions, adding DocTypes, hooks, patches, fixtures management, development workflow (bench migrate, build, clear-cache), testing, packaging, installing on another site, version management, and app dependencies for v14/v15/v16. Keywords: create custom app, new frappe app, bench new-app, app structure, module creation, doctype creation, fixtures, patches, deployment, packaging, data migration, patch file, patches.txt, migrate data between DocTypes, create new app from scratch.
86SKILL.mdUpdated Apr 25, 2026
OpenAEC-Foundation/frappe-impl-controllers
development
VerifiedTrustedCommunity
Use when building Document Controllers in a custom Frappe app: file creation, lifecycle hooks, validation, autoname, submittable workflows, controller override, child table controllers, flags system, migration from hooks.py and Server Scripts. Keywords: how to implement controller, which hook to use, validate vs on_update, override controller, submittable document, autoname, flags, extend_doctype_class, controller testing, child table controller, which hook to use, when does validate run, how to override save, document lifecycle.
86SKILL.mdUpdated Apr 25, 2026