Only use what is visible / checked

The listboxes  in mass delete / state change dialogs are only used to confirm the lines selection.

Fetch usage can be bypassed to do not use service worker when not needed.

As appcache has been dropped on Firefox, this change will improve the speed on Firefox.

No change is expected on Chrome/Safari.

Allow edition in the new UI

This make everything slow as hell and prevent to quickly save.

/reviewed-on !850

Introduce a new ERP5Site_resetAccountingTransactionLineGroupingReference
script to reset grouping reference on accounting transaction lines.

This solve a problem with the way we activated on
AccountingTransactionLine_resetGroupingReference the context of the
line, if line was removed from OFS before activity was executed, the
activity was discarded and grouping references on related lines was not
reset.

Also drop the unused `keep_if_valid_group` parameter, it was not making
sense.

/reviewed-on !849

Also, make some existing sanitation happen earlier than before, to store
values in a cleaner format.

default is to run all tests

When there was parallel execution of this alarm with lots of non grouped lines, it can happen that lines are grouped but not indexed yet.

With recent changes in CMFActivity, getServerAddress is now used
when setting up the site, before the ZServer is started, which means:
- getServerAddress memoized a wrong return value;
- the test didn't fail with --load.

The button "Subscribe/Unsubscribe from Timer Service" does not clearly 
explain the fact that it determines whether or not Alarms are enabled in
ERP5. It is very counter-intuitive to see Alarms on "enabled" in the 
"Configure Alarms" screen and yet not have them being run because the
Alarm Node is not subscribed to the Timer Service.

/reviewed-on nexedi/erp5!539

Since the introduction of ERP5 Login, authentication by Access Token is broken, and it is only working if `erp5_login.getReference() == person.getUserId()`

The scriptable part of access token changed, now scripts must return a user object - on which the plugin will call `getUserId` (it was not clear what they should return before, maybe login, but they should return a user id, not a login, as the token plays the same role as a login). To make it clear and to intentionally break compatibility as this is now something different, these scripts have been renamed to be `getUserValue` type based methods.

/reviewed-on nexedi/erp5!838

(because my editor runs python3 pytlint)

/reviewed-on nexedi/erp5!839

This fallback seems useless in this context, getClientAddr should be
available.

This test does not need to create an actual user as it just check
plugin extract login & password from request.
This test does not need to install the plugin in PAS, the actual check
instanciate another ERP5DumbHTTPExtractionPlugin.

- no longer needed to have same user id and logins.
- upgrader activate the plugin

This keep the current behavior. Invalidating all logins is also a way to
disable login for this user without having to find all tokens and
invalidate them one by one

for compatibility with login/password

Because this was broken, we took the liberty to introduce a breaking
change to fix naming, now type based scripts are *_getUserValue and must
return a user document, with a getUserId method returning the user id.

Make this plugin also an IAuthenticationPlugin which does all the job of
returning the user id.
It does not really make sense to delegate this to default authenticator.
A side effect is that token can still authenticate users with no
assignments, since tokens are scriptable, if this is a requirement, it
can be implemented in scripts.

also update test:

 - plugin must be enabled for IAuthenticationPlugin
 - check complete authentication sequence, not just extraction
 - update scripts to new names
 - simplify transaction management
 - don't set self.person, it was not used anywhere
 - update _createPerson to reindex, as said in docstring
 - merge all tests in on test component

benefit is very small and unusable for user

nexedi/erp5@1f254aa7