- 16 Nov, 2022 2 commits
-
-
Jérome Perrin authored
This does not seem to be an actual problem because the object is declared protected, but these missing security declarations make testSecurity fail.
-
Jérome Perrin authored
We have been using `filter(lambda x:'/erp5/' in x[0], error_list)` as a way to see only missing declarations from ERP5 code, but only ERP5 filesystem code contains /erp5/ in the filenames, in-ZODB components filename is set to something like <portal_components/document.erp5.FTPConnector> Change to also check methods for which filename contains <portal_components and also to print the ignored methods
-
- 10 Nov, 2022 4 commits
-
-
Jérome Perrin authored
The logic to guess groupable lines was considering source of destination side of an accounting transaction depending on preferences. This was not good, for two reasons: - with internal transactions we want to consider both the source and the destination - if user preferences are mis-configured, grouping would not work. switch to a logic where we consider both source and destination sides to prevent these problems.
-
Jérome Perrin authored
See merge request nexedi/erp5!1683
-
Jérome Perrin authored
from 45c03413 (comment 171160) See merge request !1689
-
Jérome Perrin authored
This is still needed for now, see 19327cc0
-
- 08 Nov, 2022 12 commits
-
-
Kazuhiko Shiozaki authored
because it contains legacy workflow objects.
-
Kazuhiko Shiozaki authored
-
Kazuhiko Shiozaki authored
-
Kazuhiko Shiozaki authored
-
Kazuhiko Shiozaki authored
-
Kazuhiko Shiozaki authored
because it contains legacy workflow objects.
-
Kazuhiko Shiozaki authored
-
Kazuhiko Shiozaki authored
-
Kazuhiko Shiozaki authored
-
Kazuhiko Shiozaki authored
workflow: provide legacy WorkflowHistoryList for backward compatibility even if WITH_LEGACY_WORKFLOW is False.
-
Kazuhiko Shiozaki authored
workflow: now another workflow script should be accessed by container.script_<SCRIPT_ID>, instead of container.<SCRIPT_ID>.
-
Kazuhiko Shiozaki authored
-
- 07 Nov, 2022 6 commits
-
-
Jérome Perrin authored
- the transaction is aborted in tearDown, no need to abort explicitly, for same reason if we want to delete documents, we need to explicitly commit (see TestERP5Person_getHateoas_mode_search) - simulate decorator should not commit the transaction to keep this semantic of abort by default, which keeps test isolated.
-
Jérome Perrin authored
There was a regression with 45c03413 (hal_json_style: prevent a translation of worklist with document count, 2021-05-10), the title of the worklist was translated twice. This was supposed to be catched by the test, by checking that the mocked gettext had only one call for "Draft to Validate", assuming that the translation of "Draft to Validate" was "Draft to Validate" and that a double translation would cause this to be translated twice, but because of a side effect of another test inserting a translation for "Draft to Validate", this problem was not noticed. This fixes the double translation and adjust the test to not depend on the actual content of message catalog.
-
Gabriel Monnerat authored
This business template contains a framework to integrate stripe checkout payments in ERP5. To configure the connector: - Create an account on stripe.com - In stripe.com's dashboard: Developers / API keys use "Create restricted key" to create a key with write access to "All Checkout resources". - Create a stripe connector in portal_web_services. Set URL to `https://api.stripe.com/v1/` and the restricted key created in the previous step - In stripe.com's dashboard: Developers / Webhooks use "Add endpoint", with "Endpoint URL" set to https://your.erp5.public.hostname/ERP5Site_receiveStripeWebHook and "Events to send" including all events from "checkout.session" category. To integrate in an ERP5 project: - Implement a custom script to start a checkout session. The script should call `StripePaymentSessionModule_createStripeSession` to initiate the session and redirect the end user to stripe checkout page. - Implement an interaction workfow on `Stripe Payment Session.complete` which inspects the value of `state_change['kwargs']['payment_status']` and implement the logic (such as create a payment transaction) depending on the status `"paid"` or `"unpaid"`. Example script to create session ```py web_site = context.getWebSiteValue() data = { # custom web sections for success and cancel URLs "success_url": web_site.stripe_payment_session_success.absolute_url(), "cancel_url": web_site.stripe_payment_session_cancel.absolute_url(), "line_items": { "price_data": { "currency": "EUR", "unit_amount": 2000, # for 20.00 EUR "product_data": { "name": "Product Name", } }, "quantity": 1 } } # this will redirect the user to stripe checkout page return module.StripePaymentSessionModule_createStripeSession( connector, data, context.getRelativeUrl(), resource="service_module/...", ) ``` Example interaction workflow script ```py if state_change['kwargs']['payment_status'] == 'paid': portal.accounting_module.newContent( portal_type='Payment Transaction', causality_value=state_change['object'], description="Stripe checkout ...", ... ) ``` Implementation notes: * Add new stripe connector in ERP5 to access retrieve Stripe session * New ERP5 functional module to handle Stripe Payment Sessions * Stripe Payment Session reflects a payment transaction/session initiated using the Stripe Checkout solution. * Workflow associated with Stripe Payment Sessions provides for the "draft", "open", "completed" and "expired" states in order to reflect the existing states on Stripe. * Each Stripe Payment Session offers a history and complete traceability of the HTTP exchanges carried out between ERP5 and Stripe from the start and the end of the payment transaction. All Stripe API calls (createSession, retrieveSession) and Stripe webhook POSTs are logged as system events (HTTP Exchange ERP5) related to a Stripe Payment Session. * Add alarm to handle Stripe Payment Sessions open whose date are expired * Set web service as source in Stripe Payment Session Reviewed-by: Jérome Perrin <jerome@nexedi.com> Reviewed-on: nexedi/erp5!1656
-
Gabriel Monnerat authored
-
Jérome Perrin authored
f0808ac6 (workflow: add workflow transition guard for non-user actions as well., 2015-11-18) broke some custom security configurations where doing an action on a document would modify an accounting transaction - but the user doing this action does not have access to accounting. This repairs the situation for accounting, by using the Associate role. The idea is that for such patterns where users "do something which will interact with accounting", the users also need an Associate role on accounting transaction portal types, which is in line with the meaning of Associate.
-
Jérome Perrin authored
To be consistent with slapos.core RSS and default values of fields in ERP5, where we only check the permission on the "context" document and tolerate displaying properties of context document even if accessing some properties of related documents caused an error. See also slapos.core!433
-
- 04 Nov, 2022 2 commits
-
-
Xiaowu Zhang authored
-
Vincent Pelletier authored
This reverts commit 035d099a. Installing BTs which do not come from produt/ERP5/bootstrap breaks site creation, except in unit tests. This commit is very desirable, but not ready, so unfortunately I have to revert it.
-
- 02 Nov, 2022 1 commit
-
-
Xiaowu Zhang authored
display service stably
-
- 31 Oct, 2022 3 commits
-
-
Jérome Perrin authored
python xmlsec's xmlsec.so contains multiple level module in the same .so (xmlsec, xmlsec.template etc) and this seem to cause problems to astroid, trying to lint a module containing: import xmlsec xmlsec.template.encrypted_data_create('...') cause an error: File "develop-eggs/astroid-1.3.8+slapospatched001-py2.7.egg/astroid/raw_building.py", line 360, in _set_proxied return _CONST_PROXY[const.value.__class__] KeyError: <type 'module'> and unlike similar error happening with ffi's module from cryptography, retrying does not help.
-
Jérome Perrin authored
This version of pylint tries to import the C modules for analysis and get confused by support ffi's CompiledFFI type. Use our utility _register_module_extender_from_live_module to register a stub module instead. This also reverts b21f83fc, "BusinessTemplate_getPythonSourceCodeMessageList: Retry in case of pylint internal failure." which is no longer necessary with these changes.
-
Jérome Perrin authored
-
- 24 Oct, 2022 2 commits
-
-
Thomas Gambier authored
-
Jérome Perrin authored
Grouping feature checks that the sum of all selected lines == 0, which is often not the case as the values are float. For that, our approach is to round the values with the precision of the accounting currency, since these precisions are usually small (typically 0, 2 or 3), we don't have problems with rounding. Using the section currency is not just a workaround for rounding, it's also correct because we don't consider more precise amounts in accounting transaction lines. The problem with this approach was for the case where no accounting currency is set on the section organisation, in that case we did not round and this sometimes led to "grouping is impossible" errors that are hard to find for users. At this level it's better to use a default rounding precision that would make it possible to use the grouping feature even when section currency is not set.
-
- 21 Oct, 2022 3 commits
-
-
Jérome Perrin authored
Some objects, in our case BTrees.Length.Length in a ZODB connection have a __str__ method that returns unicode on python2: u'<BTrees.Length.Length object at 0x7f850932e0d0 oid 0x1e334 in <Connection at 7f854bc0f190>>' They cause an unicode error in the history view when they are concatenated together with other str (encoded as UTF-8) properties, this can be observed when using history view with a "folderish" document (but not with a File as in test_ZODBHistoryBinaryData). To prevent this issue, we use the fact that ''.format unlike '' % seem to apply a str() on arguments and use it instead. Co-authored-by: Yusei Tahara <yusei@nexedi.com>
-
Yusei Tahara authored
Some objects become unicode when %s is applied and may cause UnicodeDecodeError, thus use %r insead.
-
Yusei Tahara authored
This reverts commit 40fded3e. It is not good to mix unicode and str for UI. Use utf8 str only.
-
- 19 Oct, 2022 5 commits
-
-
Vincent Pelletier authored
-
Vincent Pelletier authored
This should detect any Business Template with non-migrated workflows. Exclude the Business Template which is precisely made to test workflow migration.
-
Vincent Pelletier authored
Migrate oauth2_session_refresh_interaction_workflow to new-style workflows. This time, the migration should be complete.
-
Vincent Pelletier authored
-
Vincent Pelletier authored
This reverts commit e925dc0b. This commit is breaking more than it is fixing. Revert until I have a working version of this migration.
-