We randomly have unkilled firefox process remaining. Make sure
to kill them.

/bug #20190204-1BF3A5A
https://nexedijs.erp5.net/#/bug_module/20190204-1BF3A5A

/reviewed-on nexedi/erp5!848

- local_roles: ( Assignee OR Assignor ) AND other_unknown_id: value

    [All criterions (AND)_______ v]
    [-][local_roles_____________ v] -> |Type             |  -.
       [Equal to (at least one)_ v]    |Modification Date|   :
       [Assignee________________  ]    |Title            |   :
       [Assignor________________  ]    |Reference        |   :
       [________________________  ]    |Description      |   : search_column_list
                                       |State            |   :
    [-][other_unknown_id________ v]    |Searchable Text  |   :
       [Equal to________________ v]    |Search Expression|  -'
       [value___________________  ]    |local_roles      |  -.
                                       |other_unknown_id |  -' additional_search_column_list

- the "Equal to (at least one)" operator is displayed in the same listbox as "Equal to" and "Contains" ;
- this filter item can have multiple input value field ;
- one input value field has to be filled (required) like on the other filter items ;
- when extended_search is `title: ( "One" OR "Two" )`, behavior changed :

    ________before________  ______________now______________

         Filter Editor               Filter Editor
    [ At least one (OR) v]  [ All criterions (AND)______ v]
    [-][ Title_________ v]  [-][ Title__________________ v]
       [ Equal to______ v]     [ Equal to (at least one) v]
       [ One___________ x]     [ One____________________ x]
    [-][ Title_________ v]     [ Two____________________ x]
       [ Equal to______ v]     [ _______________________  ]
       [ Two___________ x]  [+]
    [+]

         Search bar                  Search bar
    [One][Two][ _______  ]  [One][Two][ ________________  ]

Activate copy/paste/delete buttons on form list and form view.

When selection listbox lines, only use what is visible / checked.
This is required because of list methods which do not support catalog queries.

This changes the behaviour of mass workflow transition action and delete action,
but at least, it is consistent everywhere now, and so, easier to explain (what you see is what you change).

The listboxes in mass delete / state change dialogs are only used to confirm the lines selection.

/reviewed-on nexedi/erp5!852

/reviewed-on nexedi/erp5!850

Introduce a new ERP5Site_resetAccountingTransactionLineGroupingReference
script to reset grouping reference on accounting transaction lines.

This solve a problem with the way we activated on
AccountingTransactionLine_resetGroupingReference the context of the
line, if line was removed from OFS before activity was executed, the
activity was discarded and grouping references on related lines was not
reset.

Also drop the unused `keep_if_valid_group` parameter, it was not making
sense.

/reviewed-on nexedi/erp5!849

Also, make some existing sanitation happen earlier than before, to store
values in a cleaner format.

default is to run all tests

When there was parallel execution of this alarm with lots of non grouped lines, it can happen that lines are grouped but not indexed yet.

With recent changes in CMFActivity, getServerAddress is now used
when setting up the site, before the ZServer is started, which means:
- getServerAddress memoized a wrong return value;
- the test didn't fail with --load.

The button "Subscribe/Unsubscribe from Timer Service" does not clearly 
explain the fact that it determines whether or not Alarms are enabled in
ERP5. It is very counter-intuitive to see Alarms on "enabled" in the 
"Configure Alarms" screen and yet not have them being run because the
Alarm Node is not subscribed to the Timer Service.

/reviewed-on nexedi/erp5!539

Since the introduction of ERP5 Login, authentication by Access Token is broken, and it is only working if `erp5_login.getReference() == person.getUserId()`

The scriptable part of access token changed, now scripts must return a user object - on which the plugin will call `getUserId` (it was not clear what they should return before, maybe login, but they should return a user id, not a login, as the token plays the same role as a login). To make it clear and to intentionally break compatibility as this is now something different, these scripts have been renamed to be `getUserValue` type based methods.

/reviewed-on nexedi/erp5!838

(because my editor runs python3 pytlint)

/reviewed-on !839

This fallback seems useless in this context, getClientAddr should be
available.

This test does not need to create an actual user as it just check
plugin extract login & password from request.
This test does not need to install the plugin in PAS, the actual check
instanciate another ERP5DumbHTTPExtractionPlugin.

- no longer needed to have same user id and logins.
- upgrader activate the plugin

This keep the current behavior. Invalidating all logins is also a way to
disable login for this user without having to find all tokens and
invalidate them one by one

for compatibility with login/password

Because this was broken, we took the liberty to introduce a breaking
change to fix naming, now type based scripts are *_getUserValue and must
return a user document, with a getUserId method returning the user id.

Make this plugin also an IAuthenticationPlugin which does all the job of
returning the user id.
It does not really make sense to delegate this to default authenticator.
A side effect is that token can still authenticate users with no
assignments, since tokens are scriptable, if this is a requirement, it
can be implemented in scripts.

also update test:

 - plugin must be enabled for IAuthenticationPlugin
 - check complete authentication sequence, not just extraction
 - update scripts to new names
 - simplify transaction management
 - don't set self.person, it was not used anywhere
 - update _createPerson to reindex, as said in docstring
 - merge all tests in on test component

benefit is very small and unusable for user

nexedi/erp5@1f254aa7

This is called when checking access permission on objects, which happens
very often. CachingMethod has a hit cost which is too high for this use.
Instead, generate this method as part of the portal type class, removing
all call-time logic.

It is superseded by __self__, which (where applicable) prevents
acquisition and getattr-based traversal, improving performance.
Patch AccessControl.users.BasicUser._check_context to extend this change
to zope code (and simplify it in the process).
Also, make __ac_local_roles__ accesses consistent with other places in
our own code as well as in PAS & AccessControl.