1. 28 Sep, 2023 13 commits
    • Jérome Perrin's avatar
      WIP ERP5: XXX dumps() parameter for longrequest promise 🚧 · c00f1c66
      Jérome Perrin authored
      Not sure why it was OK on python2 and not sure if this has to be done
      or the promise code needs to cast the results of getConfig()
      c00f1c66
    • Jérome Perrin's avatar
      ERP5 py3: WIP changes · dc451bcb
      Jérome Perrin authored
      dc451bcb
    • Arnaud Fontaine's avatar
      XXX-zope4py3: zodbpickle: Dirty hack to have encoding sets to utf-8. · d0fbc804
      Arnaud Fontaine authored
      Otherwise it fails with the following exception because of non-ASCII characters
      (`[A-Z&é@{]{3,7})`) (see unconvert()) below):
      
        => erp5_core/PathTemplateItem/portal_preferences/default_site_preference.xml
           File "zodbpickle-2.0.0-py3.7-linux-x86_64.egg/zodbpickle/pickle_3.py", line 844, in load
              dispatch[key[0]](self)
           File "zodbpickle-2.0.0-py3.7-linux-x86_64.egg/zodbpickle/pickle_3.py", line 1035, in load_short_binstring
              self.append(self.decode_string(data))
           File "zodbpickle-2.0.0-py3.7-linux-x86_64.egg/zodbpickle/pickle_3.py", line 989, in decode_string
              return value.decode(self.encoding, self.errors)
        UnicodeDecodeError: 'ascii' codec can't decode byte 0xc3 in position 19: ordinal not in range(128)
      d0fbc804
    • Jérome Perrin's avatar
      software/slapos-sr-testing: add erp5-py3 · 0e6b9453
      Jérome Perrin authored
      0e6b9453
    • Bryton Lacquement's avatar
    • Kazuhiko Shiozaki's avatar
    • Kazuhiko Shiozaki's avatar
      a571008c
    • Jérome Perrin's avatar
    • Jérome Perrin's avatar
    • Jérome Perrin's avatar
      ebfd611b
    • Jérome Perrin's avatar
      ERP5: rework frontend instance parameter · 9bd91d9b
      Jérome Perrin authored
      This change the format or the (mostly) unused frontend parameter to
      support requesting more than one frontend and also enable the request of
      a frontend by default, so that requesting a frontend separately is no
      longer needed.
      
      The `frontend` parameter now also supports requesting frontends for
      specific paths on the ERP5 backend, the example below requests a
      frontend serving directly a web site, with the necessary rewrite rules:
      
      ```js
      {
        "frontend": {
          "default": {
            "internal-path": "/erp5/web_site_module/renderjs_runner/"
          }
        }
      }
      ```
      
      The example below requests a default frontend to the erp5 root, to
      access the ZMI or erp5_xhtml_style interface and two web sites:
      
      ```js
      {
        "frontend": {
          "default": {},
          "erp5js": {
            "internal-path": "/erp5/web_site_module/renderjs_runner/"
          },
          "crm": {
            "internal-path": "/erp5/web_site_module/erp5_officejs_support_request_ui/"
          }
        }
      }
      ```
      
      The example below has an explicit definition of the zope families using
      `zope-partition-dict` parameter, because there are no family named
      "default", no frontend is requested by default:
      
      ```js
      {
        "zope-partition-dict": {
          "backoffice": {
            "family": "backoffice"
          },
          "web": {
            "family": "web"
          },
          "activities": {
            "family": "activities"
          }
        }
      }
      ```
      
      Continuing this example, to have frontends for backoffice and web
      families, the frontend request can specify the families, like it is
      demonstrated in the example below. In this example, we don't specify an
      entry for "activities" family, so no frontend will be requested for
      this family.
      
      ```js
      {
        "frontend": {
          "backoffice": {
            "zope-family": "backoffice"
          },
          "web": {
            "zope-family": "web",
            "internal-path": "/erp5/web_site_module/web_site/"
          }
        }
        "zope-partition-dict": {
          "backoffice": {
            "family": "backoffice"
          },
          "web": {
            "family": "web"
          },
          "activities": {
            "family": "activities"
          }
        }
      }
      ```
      9bd91d9b
    • Jérome Perrin's avatar
      stack/erp5: serve balancer requests when client certificate is not verified · d58bbbba
      Jérome Perrin authored
      We configure haproxy with "verify optional", which makes haproxy request
      a client certificate, but accept the case where client does not present
      a certificate, but as described in [1], if client present a certificate
      and this certificate can not be verified, handshake is aborted. This is
      not what we want, we want to treat the case of a non verified
      certificate same as the case of the absence of certificate.
      
      This configures haproxy accordingly, using "crt-ignore-err all" to allow
      handshake anyway.
      
      Once this was fixed, there was a remaining problem with
      client_cert_verified acl, haproxy acl are OR, but this rule was supposed
      to be a AND (client present a certificate AND it is verified), this was
      rewritten to use inline condition which are AND.
      
      [1]: https://cbonte.github.io/haproxy-dconv/1.8/configuration.html#5.1-verify
      
      Also adjust test_x_forwarded_for_stripped_when_no_certificate to assert
      that there is no X-Forwarded-For header at all when no client
      certificate.
      d58bbbba
    • Xavier Thompson's avatar
      2ffda605
  2. 27 Sep, 2023 9 commits
  3. 26 Sep, 2023 4 commits
  4. 25 Sep, 2023 2 commits
  5. 22 Sep, 2023 9 commits
  6. 20 Sep, 2023 1 commit
  7. 18 Sep, 2023 1 commit
  8. 14 Sep, 2023 1 commit