Introduce an action script which redirects to the alarm, so that
"something happen" and user can see that the method was invoked. This
also makes it possible to use this action in selenium tests

With ERP5 workflows, transition id is different (it has a prefix),
we must use transition reference

by using getDocumentValueList to lookup all documents at once instead
of using getDocumentValue for each document

test names are easily longer than the 20 characters that was set
in this field

See merge request !1693

This does not seem to be an actual problem because the object is
declared protected, but these missing security declarations make
testSecurity fail.

We have been using `filter(lambda x:'/erp5/' in x[0], error_list)` as a
way to see only missing declarations from ERP5 code, but only ERP5
filesystem code contains /erp5/ in the filenames, in-ZODB components
filename is set to something like <portal_components/document.erp5.FTPConnector>

Change to also check methods for which filename contains <portal_components
and also to print the ignored methods

The logic to guess groupable lines was considering source of
destination side of an accounting transaction depending on
preferences. This was not good, for two reasons:
 - with internal transactions we want to consider both the source
  and the destination
 - if user preferences are mis-configured, grouping would not work.

switch to a logic where we consider both source and destination
sides to prevent these problems.

See merge request nexedi/erp5!1683

from 45c03413 (comment 171160)

See merge request !1689

This is still needed for now, see 19327cc0

because it contains legacy workflow objects.

because it contains legacy workflow objects.

workflow: provide legacy WorkflowHistoryList for backward compatibility even if WITH_LEGACY_WORKFLOW is False.

workflow: now another workflow script should be accessed by container.script_<SCRIPT_ID>, instead of container.<SCRIPT_ID>.

 - the transaction is aborted in tearDown, no need to abort
  explicitly, for same reason if we want to delete documents, we
  need to explicitly commit (see TestERP5Person_getHateoas_mode_search)
 - simulate decorator should not commit the transaction to keep this
  semantic of abort by default, which keeps test isolated.

There was a regression with 45c03413 (hal_json_style: prevent a
translation of worklist with document count, 2021-05-10), the title
of the worklist was translated twice. This was supposed to be
catched by the test, by checking that the mocked gettext had only
one call for "Draft to Validate", assuming that the translation of
"Draft to Validate" was "Draft to Validate" and that a double
translation would cause this to be translated twice, but because of
a side effect of another test inserting a translation for
"Draft to Validate", this problem was not noticed.

This fixes the double translation and adjust the test to not depend
on the actual content of message catalog.

This business template contains a framework to integrate stripe checkout payments in ERP5.

To configure the connector:

 - Create an account on stripe.com
 - In stripe.com's dashboard: Developers / API keys use "Create restricted key" to create a key with write access to "All Checkout resources".
 - Create a stripe connector in portal_web_services. Set URL to `https://api.stripe.com/v1/` and the restricted key created in the previous step
 - In stripe.com's dashboard: Developers / Webhooks use "Add endpoint", with "Endpoint URL" set to https://your.erp5.public.hostname/ERP5Site_receiveStripeWebHook and "Events to send" including all events from "checkout.session" category.

To integrate in an ERP5 project:

 - Implement a custom script to start a checkout session. The script should call `StripePaymentSessionModule_createStripeSession` to initiate the session and redirect the end user to stripe checkout page.
 - Implement an interaction workfow on `Stripe Payment Session.complete` which inspects the value of `state_change['kwargs']['payment_status']` and implement the logic (such as create a payment transaction) depending on the status `"paid"` or `"unpaid"`.

Example script to create session

```py
web_site = context.getWebSiteValue()
data = {
  # custom web sections for success and cancel URLs
  "success_url": web_site.stripe_payment_session_success.absolute_url(),
  "cancel_url": web_site.stripe_payment_session_cancel.absolute_url(),
  "line_items": {
      "price_data": {
        "currency": "EUR",
        "unit_amount": 2000, # for 20.00 EUR
        "product_data": {
          "name": "Product Name",
        }
      },
      "quantity": 1
    }
}

 # this will redirect the user to stripe checkout page
return module.StripePaymentSessionModule_createStripeSession(
  connector,
  data,
  context.getRelativeUrl(),
  resource="service_module/...",
)
```

Example interaction workflow script

```py
if state_change['kwargs']['payment_status'] == 'paid':
  portal.accounting_module.newContent(
    portal_type='Payment Transaction',
    causality_value=state_change['object'],
    description="Stripe checkout ...",
    ...
  )

```

Implementation notes:

* Add new stripe connector in ERP5 to access retrieve Stripe session
* New ERP5 functional module to handle Stripe Payment Sessions
* Stripe Payment Session reflects a payment transaction/session initiated using the Stripe Checkout solution.
* Workflow associated with Stripe Payment Sessions provides for the "draft", "open", "completed" and "expired" states in order to reflect the existing states on Stripe.
* Each Stripe Payment Session offers a history and complete traceability of the HTTP exchanges carried out between ERP5 and Stripe from the start and the end of the payment transaction. All Stripe API calls (createSession, retrieveSession) and Stripe webhook POSTs are logged as system events (HTTP Exchange ERP5) related to a Stripe Payment Session.
* Add alarm to handle Stripe Payment Sessions open whose date are expired
* Set web service as source in Stripe Payment Session
Reviewed-by: Jérome Perrin <jerome@nexedi.com>
Reviewed-on: nexedi/erp5!1656

f0808ac6 (workflow: add workflow transition guard for non-user
actions as well., 2015-11-18) broke some custom security
configurations where doing an action on a document would modify an
accounting transaction - but the user doing this action does not have
access to accounting.

This repairs the situation for accounting, by using the Associate
role. The idea is that for such patterns where users "do something
which will interact with accounting", the users also need an
Associate role on accounting transaction portal types, which is in
line with the meaning of Associate.

To be consistent with slapos.core RSS and default values of fields
in ERP5, where we only check the permission on the "context" document
and tolerate displaying properties of context document even if
accessing some properties of related documents caused an error.

See also nexedi/slapos.core!433

This reverts commit 035d099a.
Installing BTs which do not come from produt/ERP5/bootstrap breaks site
creation, except in unit tests.
This commit is very desirable, but not ready, so unfortunately I have
to revert it.

display service stably

python xmlsec's xmlsec.so contains multiple level module in the same
.so (xmlsec, xmlsec.template etc) and this seem to cause problems to
astroid, trying to lint a module containing:

  import xmlsec
  xmlsec.template.encrypted_data_create('...')

cause an error:

   File "develop-eggs/astroid-1.3.8+slapospatched001-py2.7.egg/astroid/raw_building.py", line 360, in _set_proxied
      return _CONST_PROXY[const.value.__class__]
  KeyError: <type 'module'>

and unlike similar error happening with ffi's module from cryptography,
retrying does not help.

This version of pylint tries to import the C modules for analysis and
get confused by support ffi's CompiledFFI type.

Use our utility  _register_module_extender_from_live_module to register
a stub module instead.

This also reverts b21f83fc,
"BusinessTemplate_getPythonSourceCodeMessageList: Retry in case of
pylint internal failure." which is no longer necessary with these
changes.