1. 03 Jun, 2024 2 commits
    • Kazuhiko Shiozaki's avatar
      fixup! ERP5Workflow: DC Workflows are now ERP5 objects (!1378). · 16ab007c
      Kazuhiko Shiozaki authored
      if acquire_permission is not yet set in a Workflow State, we should consider it as 'acquire all permissions', like DCWorkflow implementation.
      16ab007c
    • Kazuhiko Shiozaki's avatar
      fixup! ERP5Workflow: DC Workflows are now ERP5 objects (!1378). · 9d3a3fc6
      Kazuhiko Shiozaki authored
      If state_permission_role_list_dict is not yet set in a Workflow State, the UI displays permission/role table with all unchecked.
      Once we save it in Permissions tab without checking anything, state_permission_role_list_dict will become like
        {'Access contents information': (),
         'Add portal content': (),
         'Modify portal content': (),
         'View': ()}
      This commit will make the behaviour same for these 'before save' and 'after save' cases as the UI displays exactly same.
      9d3a3fc6
  2. 31 May, 2024 4 commits
    • Jérome Perrin's avatar
      simple fixes from python3 port · fe7a66eb
      Jérome Perrin authored
      See merge request !1941
      fe7a66eb
    • Jérome Perrin's avatar
      administration,core: wrong location when reporting pylint errors · 0b8b8475
      Jérome Perrin authored
      In Check Source Code report on business template and CodingStyle tests,
      the lines were off by 1 and column off by 2 for python scripts.
      0b8b8475
    • Jérome Perrin's avatar
      ERP5TypeTestCase: rework default manager password generation · 445e8fa8
      Jérome Perrin authored
      The default manager user (ERP5TypeTestCase) now have a random password
      generated at the beginning of test. The password is stored as a class
      attribute of the test case instance.
      Many tests have been updated to not generate manager user and use the
      existing one instead. When tests need to create users (for example
      users in the root acl_users), we try to give them a random password and
      to delete the users afterward.
      
      For functional tests, the approach is that ERP5TypeFunctionalTestCase
      sets cookies with manager username and password before running zelenium
      tests, so that in case tests want to log in again as manager, they can
      read the username and password from cookies.
      
      Another significant changes is that we no longer have the same user in
      ERP5/acl_users and /acl_users, some tests were logging in as the root
      user in ways that never seemed intentional.
      
      This also revealed (through test_manager_actions_on_portal from
      testERP5Core) that some tests were running with a user without all the
      expected permissions and the "Manager Components" actions was not
      visible for the default manager user. Fixing this also revealed that
      two actions ("Manage Components" and "Manage Callables") had the same
      priority, so the later was modified to use a different priority.
      445e8fa8
    • Jérome Perrin's avatar
      ERP5Security/ERP5KeyAuthPlugin: replace pycrypto by cryptography · 9964c13d
      Jérome Perrin authored
      pycrypto is unmaintained and the python3 version no longer work with
      buildout 3 (it uses a tricky way to run 2to3 in setup.py that no longer
      happens with pip based buildout3)
      
      Also make the rest of this file python3 compatible.
      9964c13d
  3. 29 May, 2024 2 commits
  4. 28 May, 2024 2 commits
  5. 27 May, 2024 3 commits
  6. 22 May, 2024 4 commits
  7. 20 May, 2024 8 commits
  8. 19 May, 2024 2 commits
    • Jérome Perrin's avatar
      core: make Base_edit raise in case of wrong matrixbox keys · b4227bb9
      Jérome Perrin authored
      This should not happens, but if this happens we should not just return
      in the middle of the loop, because this returned value is not used,
      so we would just silently edit partially.
      b4227bb9
    • Jérome Perrin's avatar
      Security of tester accessors · 63dcec59
      Jérome Perrin authored
      The first commit of this merge request was introduced for zope4py3 branch but it revealed issues on py2 as well, i.e. we don't have roles in auto-generated tester methods.
      
      ```
      ======================================================================
      FAIL: test_method_protection (testSecurity.TestSecurity)
      This test will list all implicitly Public methods in any objects in ZODB.
      ----------------------------------------------------------------------
      Traceback (most recent call last):
        File "/(SR)/parts/erp5/Products/ERP5/tests/testSecurity.py", line 113, in test_method_protection
          self.fail(message)
      AssertionError: 
      The following 7 methods have a docstring but have no security assertions.
      	/(SR)/parts/erp5/product/ERP5Form/PreferenceTool.py:65 isPreferredVcsPushMode
      	/srv/slapgrid/slappart19/t/eiy/soft/8a7759fd7b65b20d9f87713605745d05/parts/erp5/product/ERP5Type/Accessor/AcquiredProperty.py:217 hasTelephoneValidationState
      	/(SR)/parts/erp5/product/ERP5Type/Accessor/Base.py:219 hasViewFormIdList
      	/(SR)/parts/erp5/product/ERP5Type/Accessor/Constant.py:94 isWebDocumentType
      	/(SR)/parts/erp5/product/ERP5Type/Accessor/Content.py:224 hasImage
      	/(SR)/parts/erp5/product/ERP5Type/Accessor/ContentProperty.py:283 hasImageWidthList
      	/(SR)/parts/erp5/product/ERP5Type/Accessor/Translation.py:233 hasFrTranslatedTitle
      
      ----------------------------------------------------------------------
      ```
      
      See merge request nexedi/erp5!1911
      63dcec59
  9. 17 May, 2024 10 commits
  10. 16 May, 2024 3 commits