Corentin Forler

- [ ] Need to migrate `boto3_offsite_backup_session` for audit

Also noticed that these failed jobs are marked as Successful: see https://github.com/frappe/press/issues/1923

`File` access is checked on the reference document, not the file itself. You have to share the reference document (e.g. a Sales Invoice, or any other doctype). If there is...

> @cogk can you add GIFs for the changes done? @ruchamahabal Done! I added a GIF in the PR description. 

`get_url` returns the URL without the trailing slash, which is expected by the rest of the code. Hopefully fixed in #464

Basically we would need a **string-like class** that could automatically resolve property access to `frappe.db.get_value`? When setting a `doc.my_link = "Lorem"` value, we would automagically upgrade the string to this...

Also vulnerable to the _extremely theoretical_ [timing attacks](https://security.stackexchange.com/questions/111040/should-i-worry-about-remote-timing-attacks-on-string-comparison), given perfect network conditions, because of the string comparison 😄 To be fair, a long enough token should prevent brute-force attacks, probably.

Maybe we _could_ remove _Custom Fields_ and _Property Setters_ that are marked `is_system_generated` on **migrate**, but this means that apps must ensure that all fields added `on_migrate` have `is_system_generated: 1`,...