The accessor was added in 99cd5823 (erp5_property_sheets: Add
Predicate/empty_criterion_valid_property ., 2013-11-20) it's been
long enough to assume that every site have this property now.

For same reasons as on Web Sections: clicking the Contents tab search
for all documents

Tools also contain documents, so it makes sense to check them as well

This disable price lookup on domains, because it errors and because the
meaning is not clear.

It errors because Domains are MetaResources, so they are subclass of
Resource and they inherit the price lookup mechanism, which does not
work on domains because of their different `getRelativeUrl` implementation.

check_consistency alarm checks that every document created satisfy
contraints. This is done in order to verify that configurator it self
create consistent documents and also that all default documents from a
realistic configuration are consistent.

When users with no password set try to login, this should be refused.

It was not possible to login but because of an error (pw_validate does
not support to be called with None). The error was catched by PAS and
logged with level debug, so we did not notice.

These changes are mostly about covering this in a test to make sure this
does not regress and we also change the code not to raise the error.

If by code we create a login with:

    user.newContent(
        portal_type='ERP5 Login',
        password=None,
        login='login')

this created a login with password 'None'.

Note that happens for newContent, not for login.edit(password=None),
because newContent calls edit with force_update=1 (see [1] for code
reference), so this probably only happened in this test.

To prevent accidentally setting a password to None when force_update=1
is used, we add the same None check in _setPassword than the one we
already had in setPassword.

[1] https://lab.nexedi.com/nexedi/erp5/blob/ab62760f5321cc015aec613df7c178ec137bc3ce/

EncryptedPasswordMixin.setPassword is public and does its own security
checks, this is since 7d0882ef (setPassword have to do explicit
security checks…, 2007-11-12), but a few months after this, we teached
edit to check security - in d1312cdb (make edit check the security
remove all useless security declaration on private method, 2008-05-23).

In the end what really matters is that end users can not change passwords
through the user interface when editing logins documents.

Theses methods have always been using user_id, but where written at
a time where there was not such disctinction

This test case tries to provide message helpful for debugging in case
of assertion failure for assertUserCanPassWorkflowTransition, but
this was not correctly using new workflow API and in case of failure
there was an error like this:

  File ".../custom/test.py"
    self.assertUserCanPassWorkflowTransition(user, 'stop_action', packing_list)
  File "product/ERP5Type/tests/SecurityTestCase.py", line 237, in failUnlessUserCanPassWorkflowTransition
    if wf_transition.trigger_type == TRIGGER_USER_ACTION:
AttributeError: 'NoneType' object has no attribute 'trigger_type'

The previous implementation was using getGuardSummary, which no
longer exist in new workflow, so we implement similar logic here.

The new message changes a bit, it now look like this:

    AssertionError: User X can NOT pass stop_action transition on Internal Packing List at /erp5/internal_packing_list_module/20220218-22A38 (draft on delivery_causality_workflow, draft on internal_packing_list_notification_workflow, started on packing_list_workflow).
     Roles: [Owner, Member, Authenticated, Associate]
     Available transitions:
              deliver_action[packing_list_workflow]
                    Expression:
                    Permissions:
                    Groups:
            * stop_action[packing_list_workflow]
                    Expression: python: not(state_change['object'].getPortalType() == "Sale Packing List" and state_change['object'].getSimulationState() == "confirmed")
                    Permissions:
                    Groups:

1b1dbf60 (tests: also consider python unittest failures in
functional tests, 2021-06-16) was not counting properly the cases
where we have selenium failures. In that case we only want to count
selenium failures, if we add with the python failures from
status_dict, we report one extra failures.

The correct approach is to count selenium failures if any and otherwise
count python failures
Co-authored-by: Vincent Pelletier <vincent@nexedi.com>

Avoids duplicating items from that list.

Both so that changes to the list of core business templates are applied on
upgrade, and to avoid uninstalling core business templates, if no other
maintained-up-to-date business templates depend on them.
Also, improve the documentation of the erp5_upgrader version of this
script.

But make it non-publishable.

The main reason is to use portal type setters, and not set the properties
directly: setting the properties directly bypasses interactions which
trigger type refresh, which hence prevents such changes from being applied
to the types until something else would cause a reload.
While at it:
- modify the property sheet list once only instead of once per added
  property sheet
- only modify the property sheet list when fixit is true
- improve constraint message to actually tell what is being detected
- do not report a constraint error when no change is necessary
- follow naming conventions: avoid abbreviations, variables holding
  documents must end in "_value"
- avoid single-use local variables

This reverts commit 77b3f202.
For some obscure reason, this affects unit tests related to inventory
unit conversion. There seems to be too much code to cleanup to keep this
patch for now, so drop it.

Fallback to modification_date if a document does not have an effective_date.

Indexation activities may spawn further activities, and for_each_activity
expects the number of activities after a test to be zero.

System user should be more reliable than whatever user has ownership of
catalog tool (which may have its account closed or its roles changed).

CMFActivity: Fix ActivityRuntimeEnvironment.getPriority when activity was not loaded from an SQL queue.

This happens when activities are being flushed from the ActivityBuffer
directly, without being inserted into and then loaded from the SQL queue.
It is unclear whether there are uses of this pattern besides
testCMFActivity, but it is easy enough to fix.

Checking activity presence/absence is not enough: it risks both false
negatives and false positives. Instead, manually poison the catalog's
content and check which value we retrieve after executing spawned
activities (if any).

it's not finished, rework if need

- Remove trailing whitespaces
- Follow guidelines
- Fixup types

Also, use it in Products.ERP5Type.tests.ERP5TypeTestCase.

The only use 'my_' has above 'your_' is to provide a default field value
without needing a TALES expression. This only gets applied based on the
field ID in the form being rendered. Field libraries are never meant to be
rendered, so using 'my_' is always (if harmless) pointless. What really
matters for the field naming convention (which exist to avoid collisions
with form properties) is that *some* prefix is used, be it 'my_' or
'your_'.
So update this check rule to tolerate 'your_' prefixes in addition to
'my_'.
Also, use 'not any([...])' instead of 'not 1 in [...]'.

I guess this is the intention of the unnecessary pair or parentheses.

"Certificate Authority" is a bit long, especially as it is often followed
by some other word ("Certificate", ...).

Abbreviations must be upper-case.