When creating two simulation movements: one adding items in a stock for a
non-zero price, and another adding items in the same stock for a zero price,
the second movement is recorded in the `stock` SQL table with a NULL
`total_price`. This creates issues when computing stock value using the FIFO
method: the total stock value would show as zero in the case described above.

This behaviour is due to operations on NULLs in SQL propagating the NULL value
(eg. 1 + NULL = NULL), which is not what is expected when computing stocks.
This commit treats all NULL prices as zeroes when requesting a stock value
using the FIFO method, which fixes calculation in a right way.

Prevent potential errors to be returned with 201 status

Follow nexedi/erp5@a659b01c

Same behaviour than File/Image

It is needed if a module contains multiple object's portal types.

- this reverts commit d8119beb.
- risk of allowing JS injection

Fix po_import behavior in Python 2.

Newer versions of polib accept only unicode strings in the
`pofile` function (because they check if they start by the decoded
version of the BOM).
I changed the `data` that is passed to `pofile` to be a unicode
string in Python 2 too. This seems to work locally in my old
version of polib, so that at least the old behavior should be
kept the same.
Co-authored-by: Carlos Ramos Carreño <carlos.ramos@nexedi.com>
Co-authored-by: Jérome Perrin <jerome@nexedi.com>

See merge request nexedi/erp5!1953

Because the librairies used here were never ported to python3.

Notable changes:

  - ERP5Site_createGoogleUserToOAuth is dropped
  - internal API changed radically, so customizations made by overriding
    scripts are broken.
  - the core logic is now implemented in a connector class (still in
    portal_oauth for simplicity, but it would be simpler to move it to
    portal_web_services)

No changes required in the google console, the redirect uri is still
ERP5Site_receiveGoogleCallback

See merge request nexedi/erp5!1949

to make sure test terminates in case of problems with webdav server

When a test needs to login as manager again, the best way is to use
${manager_username} and ${manager_password} set in cookies before
running tests.

This is continuation of 445e8fa8 (ERP5TypeTestCase: rework default
manager password generation, 2024-05-27)

form_dialog was different from form_render (that is used in form_view
and form_list) regarding the <legend> element for form groups:

 - the element was unconditionally present, unlike form_render where it
 is only displayed if non empty
 - the text was not translated

See merge request nexedi/erp5!1950

as it is done in other places of this file

When pasting an image in CKEditor, the image was displayed twice.
This behaviour is due to the new paste-as-base64 feature implemented in CKE,
which conflict with existing plugins implementing the same feature.

To solve it, add `clipboard_handleImages` option to the CKE configuration object,
which disables its own image-pasting feature.

See https://github.com/ckeditor/ckeditor4/issues/4874 for the corresponding issue on CKEditor’s repository.

/cc @jerome @romain @tomo
/reviewed-by @jerome
/reviewed-on nexedi/erp5!1951

Otherwise, we may get error if we have special characters

fix convertToERP5Workflow() for the case where permission_roles is not yet configured.

if acquire_permission is not yet set in a Workflow State, we should consider it as 'acquire all permissions', like DCWorkflow implementation.

If state_permission_role_list_dict is not yet set in a Workflow State, the UI displays permission/role table with all unchecked.
Once we save it in Permissions tab without checking anything, state_permission_role_list_dict will become like
  {'Access contents information': (),
   'Add portal content': (),
   'Modify portal content': (),
   'View': ()}
This commit will make the behaviour same for these 'before save' and 'after save' cases as the UI displays exactly same.

See merge request nexedi/erp5!1941

In Check Source Code report on business template and CodingStyle tests,
the lines were off by 1 and column off by 2 for python scripts.

The default manager user (ERP5TypeTestCase) now have a random password
generated at the beginning of test. The password is stored as a class
attribute of the test case instance.
Many tests have been updated to not generate manager user and use the
existing one instead. When tests need to create users (for example
users in the root acl_users), we try to give them a random password and
to delete the users afterward.

For functional tests, the approach is that ERP5TypeFunctionalTestCase
sets cookies with manager username and password before running zelenium
tests, so that in case tests want to log in again as manager, they can
read the username and password from cookies.

Another significant changes is that we no longer have the same user in
ERP5/acl_users and /acl_users, some tests were logging in as the root
user in ways that never seemed intentional.

This also revealed (through test_manager_actions_on_portal from
testERP5Core) that some tests were running with a user without all the
expected permissions and the "Manager Components" actions was not
visible for the default manager user. Fixing this also revealed that
two actions ("Manage Components" and "Manage Callables") had the same
priority, so the later was modified to use a different priority.