See merge request nexedi/erp5!1528

- image editor
- web table editor

- text editor
- slide editor
- svg editor
- javascript editor
- pdf viewer

erp5_ui_test_core: Make waitForActivities independent from the number of activities processed per tic.

That number was vastly decreased, causing UI tests to bail with "tic is
looping forever" for no good reason.
Convert such logic into a deadline one.

This is intended to replace portal_workflow.doActionFor with edit_action,
which was only available for users with modify portal content permission
on the document and also is a bit low level.

It is a common, especially in project specific code that we use
edit_action to leave notes in history and provide better traceability
and we sometimes do this on documents where user does not have the
modify portal content permission.

We don't need Permissions.ModifyPortalContent, Permissions.AccessContentsInformation
is enough. This is consistent with the security declarations in Base and
Folder.

https://lab.nexedi.com/nexedi/erp5/blob/08be2f8cc936fbdc3d5bafb4355c3a475198abc1/product/ERP5Type/Base.py#L2632

https://lab.nexedi.com/nexedi/erp5/blob/08be2f8cc936fbdc3d5bafb4355c3a475198abc1/product/ERP5Type/Core/Folder.py#L1434

I did not identify this monkey-patch.

- Ignore node preference when spawning activities.
  Otherwise, activities which are not spawned with a preferred node will
  get an effective priority penalty compared to same-priority activities
  spawned *with* a node preference, despite both being to execute by the
  same processing node.
- Break activity processing loop when the current processing node is also
  the activity validation node.
  This avoids pathological cases of activity accumulation, for example when
  reindexing an entire site: _recurseCallMethod is spawned in
  processing_node=0, but immediateReindexObject is spawned in
  processing_node=-1 because of serialization_tag dependency, so with such
  loop _recurseCallMethod will be executed over and over, piling indexation
  activities up until _recurseCallMethod does not self-respawn.
  In turn, such activity accumulation lead to an increased overhead, and
  decreased activity processing efficiency.
  This may also allow multi-node instances to more reliably use the
  validation node as a processing node.

The cost for multi-node instances of these changes should be absolutely
minimal (no extra IO necessary, minimal extra code).
A possible drawback on single-node instances is that tic period may become
more important because process_timer will return more often.

If one callable has the default ID '1', it will break nearly all newContent calls on empty object

See merge request nexedi/erp5!1512

See merge request nexedi/erp5!1522

Adding **kw prevents "Unexpected keyword argument 'select_favorite'".
The removed arguments url, user and password aren't used by the Script and can therefore be removed.

Allows using an empty fallback value with "replace" set to trigger header
removal.

See merge request nexedi/erp5!1501

erp5_openid_connect_client_login: Add dedicated cache factory to work with open id connect

erp5_openid_connect_client_login: Add Scope, Client Metadata and state

* Add configurable scope to connector
* Client Metadata is a JSON defined on connector
* Add state parameter to make redirect non repeatable

erp5_openid_connect_client_login: Update OpenId Connect to be be fully functionnal

erp5_openid_connect_client_login: Add tests and some minor fixup

erp5_openid_connect_client_login: Don't call create user on each call to callback

erp5_openid_connect_client_login: Test create connector in portal web services

erp5_openid_connect_client_login: Fix test on open Id connector creation in afterSetUp

OpenIDConnect: Add Extraction Plugin

openidconnect: Have functionnal Extractor

erp5_core: Add Case of OpenId Connect Client

erp5_xhtml_style: Add OpenId Connect to Login Form

erp5_web: Add OpenId Connect Logout

erp5_web_renderjs_ui: Add OpenId Connect to Login Form and Logout

erp5_credential: Add OpenId Connect to login form

It is GPDR compliant, as no cookie is set

Use CSP to improve protection against XSS and improve user privacy.

No javascript is supposed to be executed on the error page.

Such web sites are meant for anonymous access only, to improve CDN usage.

Do not load any JS, because the gadget may crash too, as no erp5 field is rendered

Allow users to go to the homepage.

Prevent img to increase the page width.

Most listbox functionnalities are not supported by web_js_style for now, as no form is used by default

Their contents is already provided by the HTML page template.