.. except from Draft and Submitted state.

Document security should be based on group, site, function defined on
document, sometimes publication section and or follow up, but the owner
should only be considered in draft state.

For conveniance (and compatibility), Owner is also allowed to view in
Submitted state. The use case is for when a user submit a document he
will not be allowed to see, for example because he made a mistake when
choosing properties, user is still allowed to view the document and
there's no unauthorized error.

We want to allow a user to set properties before publishing a document
and later, once the document is no longer draft, the security of the
document will be depending on these properties.

We want to prevent users to get permissions on a PDF document that would
be created by interactions and they are not supposed to see. For exemple
when we generate a PDF invoice and store it in document module. In this
case, as the interaction runs as the user, this user will have Owner
role implicitely.

This way it is easier to further extend it without risking key conflicts
in catalog parameters, which in turn would either lead to simple TypeErrors
("multiple values for parameter ...") or to criterion being accidentally
ignored.
Update callers.
These methods are young enough that no other callers should exist yet.

* This kind of query: 'foo:("bar", "couscous")' is currently not supported by query storage

follow_up | Related Object
creation_date | Creation Date
translated_validation_state_title | State

This action should only be possible if user have View History
permission.

erp5_data_protection relies on removing the "View History" permission to
make sure users cannot see the properties before protection in the
history tab. This was supported by Base_viewHistory, but not by ZODB
History

If we call Base_translateString before storing the message in the
history, the message will be translated when this action is used and
stored as translated using the language of the user executing this action.

The proper way is to store a message in history, so that it is rendered
when displayed.

Clone of nexedi/erp5!339

/reviewed-on nexedi/erp5!391

Also, document that value order in base_category_dict is meaningless.

@Nicolas uses worklist as one of many gadgets in one page thus stackable empty worklist is necessary (before it was positioned as an fixed element).

/reviewed-on nexedi/erp5!387

fixes #20170911-1AD62FB

Reports is easier to read if lines are sorted by third party name then
by date.

We also sort by transaction title to keep stable ordering of lines.

Use portal_membership.getAuthenticatedMember().getUserValue() instead.

This issue was reported by Nicolas. When embedding the
support request application in other App. The `options`
parameter in the `render` function is undefined, so the
`field_listbox_begin_from` can not be found. Use
`getUrlParameter` to retrieve it from URL.

The commit 1fbf9ba9 put
the title in wrong order. Correct it. This commit is not
a revert, it is a fixing.

- "Restore Filter" button.
Allow to remove the filters applied on the homepage
listbox. Disabled when no filter applied.

- Generate RSS button.
Generate the RSS link. Click this button will generate
a RSS link for an anchor tag and hide the button itself.

- Create Support Request button.
Make the appearance same in desktop and iphone browser.

/reviewed-on nexedi/erp5!386

Currently, the domain selection is implictly on node_category

`portal_catalog/erp5_mysql_innodb/SQLCatalog_makeFullTextQuery` is
provided by full text implementation business template.

The scriptable key definition is intentionnaly left in this business
template because we don't have a mechanism like template_keep_path_list
to prevent uninstalling the scriptable key when business template is
updated.

/fixes #20170620-8BDEBE
/reviewed-on nexedi/erp5!300

state_dict.items doesn't exist and trying to access it raises an error

And update appcache

/reviewed-on nexedi/erp5!381

[officejs_monitoring] Some performances improvement, speed up hosting subscription list page rendering

Speed up display of hosting subscription list by reducing the amount of queries.
If a document is not synced (due to an error) change the status of that document to WARNING so that monitor will
tell when instances/servers are offline.

Since by default insecure and unrestricted code execution is disabled
and manual intervention by the user is required reflect this in
description.

Before executing any code check if server side is configured to execute
unrestricted code.