slapos_erp5:

* drop project creation/deletion pages * configure Sale Supply like Sale Trade Condition Sale people manage Sale Supply * drop support request template local roles * getPreferredSupportRequestTemplate has been dropped * sale agent will manage support request unrelated to any project * customer is destination_decision on the Subscription Request * source/destination project have been inverted * customer will be Associate on Subscription Request In order to provid worklist for money deposit * Accountant will be Assign** on Currency * slapos_panel: allow to enter the API url on the web site panel * test: remove deleted script from coverage * xml update * system preference can not be fixed by the upgrader * drop Cloud Contract role definitions * fixup rebase * test: disable 2 tests * test: update Currency check * test: generate the compute node certificate * Sale person can be Assign* on Event * test: use source_project on the Sale Supply * test: use the same Sale Supply for Computer and Software * drop tests for dropped scripts * test: sale agent/manager can access Events * sale agt/manager can handle Regularisation/Support Request * drop slapos_crm_regularisation_request_template * drop regularisation request template * test: dropped script * drop testSlapOSERP5DefaultScenario * give read access to sale packing list to accountant and sale people * test: drop test_InternalPackingListLine* * drop code related to unused Trade Condition * test: noallocation compute node are still monitored * test: dropped scripts * drop slapos_crm_web_message_template local roles * fixup rebase * drop template_compute_node * drop template_software_instance * drop template_member * fixup rebase * drop ComputeNode_getSecurityCategoryFromValidationState * test: Assignment local roles * test Sale Supply local roles * test project local roles * nobody have to access Hosting Subscription for now * test Sale Packing List local roles * give read access to Open Order to sale/accountant people * test Sale Trade Condition local roles * update Subscription Request local roles * test Organisation local roles * drop Product local roles Unused for now * drop Campaign local roles Unused * fix Business Process local roles Accounting people can view the business process * fixup Bank Account local roles * test Instance/Remote Nodes local roles * fixup Service local roles * test Person local roles * test Login local roles * test PDF and Document Module local roles * test Query local roles * test Notification Message local roles * drop Incident Response roles Will be done later, as not critical. * test Credential Update Module local roles * test Access Token local roles * test Document Ingestion Module local roles * test Cash Register local roles * Contract Invitation Token does not seem to be used * drop Invitation Token Module local roles * drop User Consumption HTML File local roles Seems not used * drop Computer Consumption TioXML File local roles * only provide Author access to computer on Consumption Document Module * test Integration Site/Tool local roles * test: G-COMPAGNY group was dropped * test: skip coding style for some scripts * test: not existing script * test: skip some coding style * test: check that destroying a remote instance also destroy propagated instance * fixup rebase

slapos_erp5:
* drop project creation/deletion pages * configure Sale Supply like Sale Trade Condition Sale people manage Sale Supply * drop support request template local roles * getPreferredSupportRequestTemplate has been dropped * sale agent will manage support request unrelated to any project * customer is destination_decision on the Subscription Request * source/destination project have been inverted * customer will be Associate on Subscription Request In order to provid worklist for money deposit * Accountant will be Assign** on Currency * slapos_panel: allow to enter the API url on the web site panel * test: remove deleted script from coverage * xml update * system preference can not be fixed by the upgrader * drop Cloud Contract role definitions * fixup rebase * test: disable 2 tests * test: update Currency check * test: generate the compute node certificate * Sale person can be Assign* on Event * test: use source_project on the Sale Supply * test: use the same Sale Supply for Computer and Software * drop tests for dropped scripts * test: sale agent/manager can access Events * sale agt/manager can handle Regularisation/Support Request * drop slapos_crm_regularisation_request_template * drop regularisation request template * test: dropped script * drop testSlapOSERP5DefaultScenario * give read access to sale packing list to accountant and sale people * test: drop test_InternalPackingListLine* * drop code related to unused Trade Condition * test: noallocation compute node are still monitored * test: dropped scripts * drop slapos_crm_web_message_template local roles * fixup rebase * drop template_compute_node * drop template_software_instance * drop template_member * fixup rebase * drop ComputeNode_getSecurityCategoryFromValidationState * test: Assignment local roles * test Sale Supply local roles * test project local roles * nobody have to access Hosting Subscription for now * test Sale Packing List local roles * give read access to Open Order to sale/accountant people * test Sale Trade Condition local roles * update Subscription Request local roles * test Organisation local roles * drop Product local roles Unused for now * drop Campaign local roles Unused * fix Business Process local roles Accounting people can view the business process * fixup Bank Account local roles * test Instance/Remote Nodes local roles * fixup Service local roles * test Person local roles * test Login local roles * test PDF and Document Module local roles * test Query local roles * test Notification Message local roles * drop Incident Response roles Will be done later, as not critical. * test Credential Update Module local roles * test Access Token local roles * test Document Ingestion Module local roles * test Cash Register local roles * Contract Invitation Token does not seem to be used * drop Invitation Token Module local roles * drop User Consumption HTML File local roles Seems not used * drop Computer Consumption TioXML File local roles * only provide Author access to computer on Consumption Document Module * test Integration Site/Tool local roles * test: G-COMPAGNY group was dropped * test: skip coding style for some scripts * test: not existing script * test: skip some coding style * test: check that destroying a remote instance also destroy propagated instance * fixup rebase
a182e65b · Romain Courteaud · 5d6768d5 · a182e65b · a182e65b · 5d6768d5
Commit a182e65b authored Aug 22, 2023 by Romain Courteaud
155 changed files
--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/business_process_module.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/business_process_module.xml
 <local_roles_item>
 <local_roles>
+  <role id='F-ACCOUNTING*'>
+   <item>Auditor</item>
+  </role>
  <role id='F-SALE*'>
   <item>Auditor</item>
  </role>
 </local_roles>
 <local_role_group_ids>
  <local_role_group_id id='function'>
+    <principal id='F-ACCOUNTING*'>Auditor</principal>
    <principal id='F-SALE*'>Auditor</principal>
  </local_role_group_id>
 </local_role_group_ids>

--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/business_process_module/slapos_ultimate_business_process.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/business_process_module/slapos_ultimate_business_process.xml
 <local_roles_item>
 <local_roles>
+  <role id='F-ACCOUNTING*'>
+   <item>Auditor</item>
+  </role>
  <role id='F-SALE*'>
   <item>Auditor</item>
  </role>
 </local_roles>
 <local_role_group_ids>
  <local_role_group_id id='function'>
+    <principal id='F-ACCOUNTING*'>Auditor</principal>
    <principal id='F-SALE*'>Auditor</principal>
  </local_role_group_id>
 </local_role_group_ids>

--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/campaign_module.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/campaign_module.xml
-<local_roles_item>
- <local_roles>
-  <role id='G-COMPANY'>
-   <item>Auditor</item>
-   <item>Author</item>
-  </role>
- </local_roles>
- <local_role_group_ids>
-  <local_role_group_id id='group'>
-    <principal id='G-COMPANY'>Auditor</principal>
-    <principal id='G-COMPANY'>Author</principal>
-  </local_role_group_id>
- </local_role_group_ids>
-</local_roles_item>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/cloud_contract_module.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/cloud_contract_module.xml
 <local_roles_item>
 <local_roles>
-  <role id='G-COMPANY'>
-   <item>Auditor</item>
-   <item>Author</item>
-  </role>
-  <role id='R-MEMBER'>
-   <item>Auditor</item>
-  </role>
-  <role id='R-SHADOW-PERSON'>
-   <item>Auditor</item>
-  </role>
 </local_roles>
- <local_role_group_ids>
-  <local_role_group_id id='group'>
-    <principal id='G-COMPANY'>Auditor</principal>
-    <principal id='G-COMPANY'>Author</principal>
-  </local_role_group_id>
-  <local_role_group_id id='shadow'>
-    <principal id='R-SHADOW-PERSON'>Auditor</principal>
-  </local_role_group_id>
-  <local_role_group_id id='user'>
-    <principal id='R-MEMBER'>Auditor</principal>
-  </local_role_group_id>
- </local_role_group_ids>
 </local_roles_item>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/consumption_document_module.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/consumption_document_module.xml
 <local_roles_item>
 <local_roles>
-  <role id='G-COMPANY'>
-   <item>Auditor</item>
-   <item>Author</item>
-  </role>
  <role id='R-COMPUTER'>
   <item>Author</item>
  </role>
-  <role id='R-MEMBER'>
-   <item>Auditor</item>
-   <item>Author</item>
-  </role>
 </local_roles>
 <local_role_group_ids>
  <local_role_group_id id='computer'>
    <principal id='R-COMPUTER'>Author</principal>
  </local_role_group_id>
-  <local_role_group_id id='group'>
-    <principal id='G-COMPANY'>Auditor</principal>
-    <principal id='G-COMPANY'>Author</principal>
-  </local_role_group_id>
-  <local_role_group_id id='user'>
-    <principal id='R-MEMBER'>Auditor</principal>
-    <principal id='R-MEMBER'>Author</principal>
-  </local_role_group_id>
 </local_role_group_ids>
 </local_roles_item>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/credential_update_module.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/credential_update_module.xml
 <local_roles_item>
 <local_roles>
-  <role id='G-COMPANY'>
+  <role id='F-ACCOUNTING*'>
   <item>Auditor</item>
   <item>Author</item>
  </role>
-  <role id='R-MEMBER'>
+  <role id='F-CUSTOMER'>
+   <item>Auditor</item>
+   <item>Author</item>
+  </role>
+  <role id='F-PRODUCTION*'>
+   <item>Auditor</item>
+   <item>Author</item>
+  </role>
+  <role id='F-SALE*'>
   <item>Auditor</item>
   <item>Author</item>
  </role>
 </local_roles>
 <local_role_group_ids>
-  <local_role_group_id id='group'>
+  <local_role_group_id id='function'>
-    <principal id='G-COMPANY'>Auditor</principal>
+    <principal id='F-ACCOUNTING*'>Auditor</principal>
-    <principal id='G-COMPANY'>Author</principal>
+    <principal id='F-ACCOUNTING*'>Author</principal>
-  </local_role_group_id>
+    <principal id='F-CUSTOMER'>Auditor</principal>
-  <local_role_group_id id='user'>
+    <principal id='F-CUSTOMER'>Author</principal>
-    <principal id='R-MEMBER'>Auditor</principal>
+    <principal id='F-SALE*'>Auditor</principal>
-    <principal id='R-MEMBER'>Author</principal>
+    <principal id='F-SALE*'>Author</principal>
  </local_role_group_id>
 </local_role_group_ids>
 </local_roles_item>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/currency_module/CNY.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/currency_module/CNY.xml
 <local_roles_item>
 <local_roles>
-  <role id='F-ACCOUNTING*'>
+  <role id='F-ACCAGT'>
-   <item>Auditor</item>
+   <item>Assignee</item>
-   <item>Author</item>
+  </role>
+  <role id='F-ACCMAN'>
+   <item>Assignor</item>
  </role>
  <role id='F-CUSTOMER'>
   <item>Auditor</item>
@@ -18,6 +20,10 @@
  </role>
 </local_roles>
 <local_role_group_ids>
+  <local_role_group_id id='function'>
+    <principal id='F-ACCAGT'>Assignee</principal>
+    <principal id='F-ACCMAN'>Assignor</principal>
+  </local_role_group_id>
  <local_role_group_id id='shadow'>
    <principal id='R-SHADOW-PERSON'>Auditor</principal>
  </local_role_group_id>

--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/currency_module/EUR.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/currency_module/EUR.xml
 <local_roles_item>
 <local_roles>
-  <role id='F-ACCOUNTING*'>
+  <role id='F-ACCAGT'>
-   <item>Auditor</item>
+   <item>Assignee</item>
-   <item>Author</item>
+  </role>
+  <role id='F-ACCMAN'>
+   <item>Assignor</item>
  </role>
  <role id='F-CUSTOMER'>
   <item>Auditor</item>
@@ -18,6 +20,10 @@
  </role>
 </local_roles>
 <local_role_group_ids>
+  <local_role_group_id id='function'>
+    <principal id='F-ACCAGT'>Assignee</principal>
+    <principal id='F-ACCMAN'>Assignor</principal>
+  </local_role_group_id>
  <local_role_group_id id='shadow'>
    <principal id='R-SHADOW-PERSON'>Auditor</principal>
  </local_role_group_id>

--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/document_ingestion_module.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/document_ingestion_module.xml
 <local_roles_item>
 <local_roles>
-  <role id='G-COMPANY'>
+  <role id='F-ACCOUNTING*'>
   <item>Auditor</item>
   <item>Author</item>
  </role>
 </local_roles>
 <local_role_group_ids>
-  <local_role_group_id id='group'>
+  <local_role_group_id id='function'>
-    <principal id='G-COMPANY'>Auditor</principal>
+    <principal id='F-ACCOUNTING*'>Auditor</principal>
-    <principal id='G-COMPANY'>Author</principal>
+    <principal id='F-ACCOUNTING*'>Author</principal>
  </local_role_group_id>
 </local_role_group_ids>
 </local_roles_item>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/document_module.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/document_module.xml
 <local_roles_item>
 <local_roles>
+  <role id='F-ACCOUNTING*'>
+   <item>Auditor</item>
+   <item>Author</item>
+  </role>
 </local_roles>
+ <local_role_group_ids>
+  <local_role_group_id id='function'>
+    <principal id='F-ACCOUNTING*'>Auditor</principal>
+    <principal id='F-ACCOUNTING*'>Author</principal>
+  </local_role_group_id>
+ </local_role_group_ids>
 </local_roles_item>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/event_module/slapos_crm_web_message_template.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/event_module/slapos_crm_web_message_template.xml
-<local_roles_item>
- <local_roles>
-  <role id='G-COMPANY'>
-   <item>Assignor</item>
-  </role>
-  <role id='R-MEMBER'>
-   <item>Auditor</item>
-  </role>
- </local_roles>
- <local_role_group_ids>
-  <local_role_group_id id='group'>
-    <principal id='G-COMPANY'>Assignor</principal>
-  </local_role_group_id>
-  <local_role_group_id id='user'>
-    <principal id='R-MEMBER'>Auditor</principal>
-  </local_role_group_id>
- </local_role_group_ids>
-</local_roles_item>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/hosting_subscription_module.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/hosting_subscription_module.xml
 <local_roles_item>
 <local_roles>
-  <role id='F-CUSTOMER'>
-   <item>Auditor</item>
-  </role>
-  <role id='F-PRODUCTION*'>
-   <item>Auditor</item>
-  </role>
 </local_roles>
- <local_role_group_ids>
-  <local_role_group_id id='function'>
-    <principal id='F-CUSTOMER'>Auditor</principal>
-  </local_role_group_id>
- </local_role_group_ids>
 </local_roles_item>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/incident_response_module.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/incident_response_module.xml
 <local_roles_item>
 <local_roles>
-  <role id='G-COMPANY'>
-   <item>Auditor</item>
-   <item>Author</item>
-  </role>
 </local_roles>
- <local_role_group_ids>
-  <local_role_group_id id='group'>
-    <principal id='G-COMPANY'>Auditor</principal>
-    <principal id='G-COMPANY'>Author</principal>
-  </local_role_group_id>
- </local_role_group_ids>
 </local_roles_item>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/invitation_token_module.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/invitation_token_module.xml
 <local_roles_item>
 <local_roles>
-  <role id='G-COMPANY'>
-   <item>Auditor</item>
-   <item>Author</item>
-  </role>
 </local_roles>
- <local_role_group_ids>
-  <local_role_group_id id='group'>
-    <principal id='G-COMPANY'>Auditor</principal>
-    <principal id='G-COMPANY'>Author</principal>
-  </local_role_group_id>
- </local_role_group_ids>
 </local_roles_item>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/notification_message_module.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/notification_message_module.xml
 <local_roles_item>
 <local_roles>
-  <role id='G-COMPANY'>
+  <role id='F-SALE*'>
   <item>Auditor</item>
   <item>Author</item>
  </role>
 </local_roles>
 <local_role_group_ids>
-  <local_role_group_id id='group'>
+  <local_role_group_id id='function'>
-    <principal id='G-COMPANY'>Auditor</principal>
+    <principal id='F-SALE*'>Auditor</principal>
-    <principal id='G-COMPANY'>Author</principal>
+    <principal id='F-SALE*'>Author</principal>
  </local_role_group_id>
 </local_role_group_ids>
 </local_roles_item>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/open_sale_order_module.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/open_sale_order_module.xml
 <local_roles_item>
 <local_roles>
-  <role id='G-COMPANY'>
+  <role id='F-ACCOUNTING*'>
+   <item>Auditor</item>
+  </role>
+  <role id='F-SALE*'>
   <item>Auditor</item>
-   <item>Author</item>
  </role>
 </local_roles>
 <local_role_group_ids>
-  <local_role_group_id id='group'>
+  <local_role_group_id id='function'>
-    <principal id='G-COMPANY'>Auditor</principal>
+    <principal id='F-ACCOUNTING*'>Auditor</principal>
-    <principal id='G-COMPANY'>Author</principal>
+    <principal id='F-SALE*'>Auditor</principal>
  </local_role_group_id>
 </local_role_group_ids>
 </local_roles_item>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/portal_integrations.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/portal_integrations.xml
 <local_roles_item>
 <local_roles>
-  <role id='G-COMPANY'>
-   <item>Auditor</item>
-   <item>Author</item>
-  </role>
  <role id='R-SHADOW-PERSON'>
   <item>Auditor</item>
  </role>
 </local_roles>
 <local_role_group_ids>
-  <local_role_group_id id='group'>
-    <principal id='G-COMPANY'>Auditor</principal>
-    <principal id='G-COMPANY'>Author</principal>
-  </local_role_group_id>
  <local_role_group_id id='shadow'>
    <principal id='R-SHADOW-PERSON'>Auditor</principal>
  </local_role_group_id>

--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/portal_integrations/slapos_payzen_test_integration.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/portal_integrations/slapos_payzen_test_integration.xml
 <local_roles_item>
 <local_roles>
-  <role id='G-COMPANY'>
-   <item>Assignor</item>
-  </role>
  <role id='R-SHADOW-PERSON'>
   <item>Auditor</item>
   <item>Author</item>
  </role>
 </local_roles>
 <local_role_group_ids>
-  <local_role_group_id id='group'>
-    <principal id='G-COMPANY'>Assignor</principal>
-  </local_role_group_id>
  <local_role_group_id id='shadow'>
    <principal id='R-SHADOW-PERSON'>Auditor</principal>
    <principal id='R-SHADOW-PERSON'>Author</principal>

--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/portal_integrations/slapos_wechat_test_integration.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/portal_integrations/slapos_wechat_test_integration.xml
 <local_roles_item>
 <local_roles>
-  <role id='G-COMPANY'>
-   <item>Assignor</item>
-  </role>
  <role id='R-SHADOW-PERSON'>
   <item>Auditor</item>
   <item>Author</item>
  </role>
 </local_roles>
 <local_role_group_ids>
-  <local_role_group_id id='group'>
-    <principal id='G-COMPANY'>Assignor</principal>
-  </local_role_group_id>
  <local_role_group_id id='shadow'>
    <principal id='R-SHADOW-PERSON'>Auditor</principal>
    <principal id='R-SHADOW-PERSON'>Author</principal>

--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/product_module.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/product_module.xml
-<local_roles_item>
- <local_roles>
-  <role id='G-COMPANY'>
-   <item>Auditor</item>
-   <item>Author</item>
-  </role>
- </local_roles>
- <local_role_group_ids>
-  <local_role_group_id id='group'>
-    <principal id='G-COMPANY'>Auditor</principal>
-    <principal id='G-COMPANY'>Author</principal>
-  </local_role_group_id>
- </local_role_group_ids>
-</local_roles_item>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/regularisation_request_module/slapos_crm_regularisation_request_template.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/regularisation_request_module/slapos_crm_regularisation_request_template.xml
-<local_roles_item>
- <local_roles>
-  <role id='R-MEMBER'>
-   <item>Auditor</item>
-  </role>
- </local_roles>
- <local_role_group_ids>
-  <local_role_group_id id='user'>
-    <principal id='R-MEMBER'>Auditor</principal>
-  </local_role_group_id>
- </local_role_group_ids>
-</local_roles_item>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/sale_packing_list_module.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/sale_packing_list_module.xml
 <local_roles_item>
 <local_roles>
-  <role id='G-COMPANY'>
+  <role id='F-ACCOUNTING*'>
   <item>Auditor</item>
-   <item>Author</item>
  </role>
-  <role id='R-MEMBER'>
+  <role id='F-SALE*'>
   <item>Auditor</item>
  </role>
 </local_roles>
 <local_role_group_ids>
-  <local_role_group_id id='group'>
+  <local_role_group_id id='function'>
-    <principal id='G-COMPANY'>Auditor</principal>
+    <principal id='F-ACCOUNTING*'>Auditor</principal>
-    <principal id='G-COMPANY'>Author</principal>
+    <principal id='F-SALE*'>Auditor</principal>
-  </local_role_group_id>
-  <local_role_group_id id='user'>
-    <principal id='R-MEMBER'>Auditor</principal>
  </local_role_group_id>
 </local_role_group_ids>
 </local_roles_item>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/sale_supply_module.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/sale_supply_module.xml
@@ -3,9 +3,6 @@
  <role id='F-CUSTOMER'>
   <item>Auditor</item>
  </role>
-  <role id='F-PRODUCTION*'>
-   <item>Auditor</item>
-  </role>
  <role id='F-SALE*'>
   <item>Auditor</item>
   <item>Author</item>
@@ -14,6 +11,8 @@
 <local_role_group_ids>
  <local_role_group_id id='function'>
    <principal id='F-CUSTOMER'>Auditor</principal>
+    <principal id='F-SALE*'>Auditor</principal>
+    <principal id='F-SALE*'>Author</principal>
  </local_role_group_id>
 </local_role_group_ids>
 </local_roles_item>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module.xml
 <local_roles_item>
 <local_roles>
+  <role id='F-ACCOUNTING*'>
+   <item>Auditor</item>
+  </role>
  <role id='F-CUSTOMER'>
   <item>Auditor</item>
  </role>

--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/cpu_load_percent.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/cpu_load_percent.xml
 <local_roles_item>
 <local_roles>
+  <role id='F-ACCOUNTING*'>
+   <item>Auditor</item>
+  </role>
  <role id='F-CUSTOMER'>
   <item>Auditor</item>
  </role>

--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/memory_used.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/memory_used.xml
 <local_roles_item>
 <local_roles>
+  <role id='F-ACCOUNTING*'>
+   <item>Auditor</item>
+  </role>
  <role id='F-CUSTOMER'>
   <item>Auditor</item>
  </role>

--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_account_validation.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_account_validation.xml
 <local_roles_item>
 <local_roles>
+  <role id='F-ACCOUNTING*'>
+   <item>Auditor</item>
+  </role>
  <role id='F-CUSTOMER'>
   <item>Auditor</item>
  </role>

--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_compute_node_subscription.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_compute_node_subscription.xml
 <local_roles_item>
 <local_roles>
+  <role id='F-ACCOUNTING*'>
+   <item>Auditor</item>
+  </role>
  <role id='F-CUSTOMER'>
   <item>Auditor</item>
  </role>

--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_crm_acknowledgement.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_crm_acknowledgement.xml
 <local_roles_item>
 <local_roles>
+  <role id='F-ACCOUNTING*'>
+   <item>Auditor</item>
+  </role>
  <role id='F-CUSTOMER'>
   <item>Auditor</item>
  </role>

--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_crm_complaint.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_crm_complaint.xml
 <local_roles_item>
 <local_roles>
+  <role id='F-ACCOUNTING*'>
+   <item>Auditor</item>
+  </role>
  <role id='F-CUSTOMER'>
   <item>Auditor</item>
  </role>

--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_crm_delete_acknowledgement.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_crm_delete_acknowledgement.xml
 <local_roles_item>
 <local_roles>
+  <role id='F-ACCOUNTING*'>
+   <item>Auditor</item>
+  </role>
  <role id='F-CUSTOMER'>
   <item>Auditor</item>
  </role>

--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_crm_delete_reminder.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_crm_delete_reminder.xml
 <local_roles_item>
 <local_roles>
+  <role id='F-ACCOUNTING*'>
+   <item>Auditor</item>
+  </role>
  <role id='F-CUSTOMER'>
   <item>Auditor</item>
  </role>

--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_crm_information.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_crm_information.xml
 <local_roles_item>
 <local_roles>
+  <role id='F-ACCOUNTING*'>
+   <item>Auditor</item>
+  </role>
  <role id='F-CUSTOMER'>
   <item>Auditor</item>
  </role>

--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_crm_invoice_cancellation.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_crm_invoice_cancellation.xml
 <local_roles_item>
 <local_roles>
+  <role id='F-ACCOUNTING*'>
+   <item>Auditor</item>
+  </role>
  <role id='F-CUSTOMER'>
   <item>Auditor</item>
  </role>

--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_crm_monitoring.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_crm_monitoring.xml
 <local_roles_item>
 <local_roles>
+  <role id='F-ACCOUNTING*'>
+   <item>Auditor</item>
+  </role>
  <role id='F-CUSTOMER'>
   <item>Auditor</item>
  </role>

--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_crm_spam.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_crm_spam.xml
 <local_roles_item>
 <local_roles>
+  <role id='F-ACCOUNTING*'>
+   <item>Auditor</item>
+  </role>
  <role id='F-CUSTOMER'>
   <item>Auditor</item>
  </role>

--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_crm_stop_acknowledgement.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_crm_stop_acknowledgement.xml
 <local_roles_item>
 <local_roles>
+  <role id='F-ACCOUNTING*'>
+   <item>Auditor</item>
+  </role>
  <role id='F-CUSTOMER'>
   <item>Auditor</item>
  </role>

--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_crm_stop_reminder.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_crm_stop_reminder.xml
 <local_roles_item>
 <local_roles>
+  <role id='F-ACCOUNTING*'>
+   <item>Auditor</item>
+  </role>
  <role id='F-CUSTOMER'>
   <item>Auditor</item>
  </role>

--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_crm_upgrade.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_crm_upgrade.xml
 <local_roles_item>
 <local_roles>
+  <role id='F-ACCOUNTING*'>
+   <item>Auditor</item>
+  </role>
  <role id='F-CUSTOMER'>
   <item>Auditor</item>
  </role>

--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_discount.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_discount.xml
 <local_roles_item>
 <local_roles>
+  <role id='F-ACCOUNTING*'>
+   <item>Auditor</item>
+  </role>
  <role id='F-CUSTOMER'>
   <item>Auditor</item>
  </role>

--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_instance_cleanup.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_instance_cleanup.xml
 <local_roles_item>
 <local_roles>
+  <role id='F-ACCOUNTING*'>
+   <item>Auditor</item>
+  </role>
  <role id='F-CUSTOMER'>
   <item>Auditor</item>
  </role>

--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_instance_hosting.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_instance_hosting.xml
 <local_roles_item>
 <local_roles>
+  <role id='F-ACCOUNTING*'>
+   <item>Auditor</item>
+  </role>
  <role id='F-CUSTOMER'>
   <item>Auditor</item>
  </role>

--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_instance_setup.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_instance_setup.xml
 <local_roles_item>
 <local_roles>
+  <role id='F-ACCOUNTING*'>
+   <item>Auditor</item>
+  </role>
  <role id='F-CUSTOMER'>
   <item>Auditor</item>
  </role>

--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_instance_subscription.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_instance_subscription.xml
 <local_roles_item>
 <local_roles>
+  <role id='F-ACCOUNTING*'>
+   <item>Auditor</item>
+  </role>
  <role id='F-CUSTOMER'>
   <item>Auditor</item>
  </role>

--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_instance_update.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_instance_update.xml
 <local_roles_item>
 <local_roles>
+  <role id='F-ACCOUNTING*'>
+   <item>Auditor</item>
+  </role>
  <role id='F-CUSTOMER'>
   <item>Auditor</item>
  </role>

--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_netdrive_consumption.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_netdrive_consumption.xml
 <local_roles_item>
 <local_roles>
+  <role id='F-ACCOUNTING*'>
+   <item>Auditor</item>
+  </role>
  <role id='F-CUSTOMER'>
   <item>Auditor</item>
  </role>

--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_reservation_fee.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_reservation_fee.xml
 <local_roles_item>
 <local_roles>
+  <role id='F-ACCOUNTING*'>
+   <item>Auditor</item>
+  </role>
  <role id='F-CUSTOMER'>
   <item>Auditor</item>
  </role>

--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_reservation_refund.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_reservation_refund.xml
 <local_roles_item>
 <local_roles>
+  <role id='F-ACCOUNTING*'>
+   <item>Auditor</item>
+  </role>
  <role id='F-CUSTOMER'>
   <item>Auditor</item>
  </role>

--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_tax.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_tax.xml
 <local_roles_item>
 <local_roles>
+  <role id='F-ACCOUNTING*'>
+   <item>Auditor</item>
+  </role>
  <role id='F-CUSTOMER'>
   <item>Auditor</item>
  </role>

--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_virtual_master_subscription.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/slapos_virtual_master_subscription.xml
 <local_roles_item>
 <local_roles>
+  <role id='F-ACCOUNTING*'>
+   <item>Auditor</item>
+  </role>
  <role id='F-CUSTOMER'>
   <item>Auditor</item>
  </role>

--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/zero_emission_ratio.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/service_module/zero_emission_ratio.xml
 <local_roles_item>
 <local_roles>
+  <role id='F-ACCOUNTING*'>
+   <item>Auditor</item>
+  </role>
  <role id='F-CUSTOMER'>
   <item>Auditor</item>
  </role>

--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/subscription_request_module.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/subscription_request_module.xml
@@ -2,10 +2,6 @@
 <local_roles>
  <role id='F-CUSTOMER'>
   <item>Auditor</item>
-   <item>Author</item>
-  </role>
-  <role id='F-PRODUCTION*'>
-   <item>Auditor</item>
  </role>
  <role id='F-SALE*'>
   <item>Auditor</item>
@@ -15,8 +11,6 @@
 <local_role_group_ids>
  <local_role_group_id id='function'>
    <principal id='F-CUSTOMER'>Auditor</principal>
-    <principal id='F-CUSTOMER'>Author</principal>
-    <principal id='F-PRODUCTION*'>Auditor</principal>
    <principal id='F-SALE*'>Auditor</principal>
    <principal id='F-SALE*'>Author</principal>
  </local_role_group_id>

--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/support_request_module/slapos_crm_support_request_template.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/support_request_module/slapos_crm_support_request_template.xml
-<local_roles_item>
- <local_roles>
-  <role id='R-MEMBER'>
-   <item>Auditor</item>
-  </role>
- </local_roles>
- <local_role_group_ids>
-  <local_role_group_id id='user'>
-    <principal id='R-MEMBER'>Auditor</principal>
-  </local_role_group_id>
- </local_role_group_ids>
-</local_roles_item>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/ModuleTemplateItem/invitation_token_module.xml
+++ b/master/bt5/slapos_erp5/ModuleTemplateItem/invitation_token_module.xml
 <module>
 <category_list>
-  <category>business_application/base</category>
+  <category>business_application/slapos</category>
 </category_list>
 <id>invitation_token_module</id>
 <permission_list>

--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Acknowledgement.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Acknowledgement.xml
@@ -31,6 +31,20 @@
   <multi_property id='category'>function/production/manager</multi_property>
   <multi_property id='base_category'>destination_project</multi_property>
  </role>
+  <role id='Assignee'>
+   <property id='title'>Sale Agent</property>
+   <property id='condition'>python: (context.getDestinationProject('', portal_type='Project') == "") and (context.getSourceProject('', portal_type='Project') == "")</property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
+   <multi_property id='category'>function/sale/agent</multi_property>
+   <multi_property id='base_category'>function</multi_property>
+  </role>
+  <role id='Assignor'>
+   <property id='title'>Sale Manager</property>
+   <property id='condition'>python: (context.getDestinationProject('', portal_type='Project') == "") and (context.getSourceProject('', portal_type='Project') == "")</property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
+   <multi_property id='category'>function/sale/manager</multi_property>
+   <multi_property id='base_category'>function</multi_property>
+  </role>
  <role id='Assignee'>
   <property id='title'>Source Project Production Agent</property>
   <property id='description'>XXX add local role group</property>

--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Bank%20Account.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Bank%20Account.xml
 <type_roles>
+  <role id='Assignee'>
+   <property id='title'>Accountant Agent</property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
+   <multi_property id='category'>function/accounting/agent</multi_property>
+   <multi_property id='base_category'>function</multi_property>
+  </role>
  <role id='Assignor'>
-   <property id='title'>Group company</property>
+   <property id='title'>Accountant Manager</property>
-   <multi_property id='categories'>local_role_group/group</multi_property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
-   <multi_property id='category'>group/company</multi_property>
+   <multi_property id='category'>function/accounting/manager</multi_property>
-   <multi_property id='base_category'>group</multi_property>
+   <multi_property id='base_category'>function</multi_property>
  </role>
 </type_roles>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Business%20Process%20Module.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Business%20Process%20Module.xml
 <type_roles>
+  <role id='Auditor'>
+   <property id='title'>Accounting</property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
+   <multi_property id='category'>function/accounting*</multi_property>
+   <multi_property id='base_category'>function</multi_property>
+  </role>
  <role id='Auditor'>
   <property id='title'>Sale</property>
   <multi_property id='categories'>local_role_group/function</multi_property>

--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Business%20Process.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Business%20Process.xml
 <type_roles>
+  <role id='Auditor'>
+   <property id='title'>Accounting</property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
+   <multi_property id='category'>function/accounting*</multi_property>
+   <multi_property id='base_category'>function</multi_property>
+  </role>
  <role id='Auditor'>
   <property id='title'>Sale</property>
   <multi_property id='categories'>local_role_group/function</multi_property>

--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Campaign%20Module.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Campaign%20Module.xml
-<type_roles>
-  <role id='Auditor; Author'>
-   <property id='title'>Company group</property>
-   <multi_property id='categories'>local_role_group/group</multi_property>
-   <multi_property id='category'>group/company</multi_property>
-   <multi_property id='base_category'>group</multi_property>
-  </role>
-</type_roles>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Campaign.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Campaign.xml
-<type_roles>
-  <role id='Assignor'>
-   <property id='title'>Company group</property>
-   <multi_property id='categories'>local_role_group/group</multi_property>
-   <multi_property id='category'>group/company</multi_property>
-   <multi_property id='base_category'>group</multi_property>
-  </role>
-</type_roles>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Cash%20Register.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Cash%20Register.xml
 <type_roles>
+  <role id='Assignee'>
+   <property id='title'>Accountant Agent</property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
+   <multi_property id='category'>function/accounting/agent</multi_property>
+   <multi_property id='base_category'>function</multi_property>
+  </role>
  <role id='Assignor'>
-   <property id='title'>Group company</property>
+   <property id='title'>Accountant Manager</property>
-   <multi_property id='categories'>local_role_group/group</multi_property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
-   <multi_property id='category'>group/company</multi_property>
+   <multi_property id='category'>function/accounting/manager</multi_property>
-   <multi_property id='base_category'>group</multi_property>
+   <multi_property id='base_category'>function</multi_property>
  </role>
 </type_roles>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Certificate%20Login.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Certificate%20Login.xml
@@ -7,10 +7,18 @@
   <multi_property id='base_category'>aggregate</multi_property>
  </role>
  <role id='Assignee'>
-   <property id='title'>Compute Node Agent</property>
+   <property id='title'>Project Production Agent</property>
+   <property id='condition'>python: (here.getParentValue().getPortalType() == 'Compute Node') and (here.getParentValue().getFollowUp(None) is not None)</property>
   <property id='base_category_script'>ERP5Type_getSecurityCategoryFromParentContent</property>
-   <multi_property id='categories'>local_role_group/user</multi_property>
+   <multi_property id='category'>function/production/agent</multi_property>
-   <multi_property id='base_category'>source_administration</multi_property>
+   <multi_property id='base_category'>follow_up</multi_property>
+  </role>
+  <role id='Assignor'>
+   <property id='title'>Project Production Manager</property>
+   <property id='condition'>python: (here.getParentValue().getPortalType() == 'Compute Node') and (here.getParentValue().getFollowUp(None) is not None)</property>
+   <property id='base_category_script'>ERP5Type_getSecurityCategoryFromParentContent</property>
+   <multi_property id='category'>function/production/manager</multi_property>
+   <multi_property id='base_category'>follow_up</multi_property>
  </role>
  <role id='Assignee'>
   <property id='title'>The User Himself (Compute Node)</property>

--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Cloud%20Contract%20Module.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Cloud%20Contract%20Module.xml
 <type_roles>
-  <role id='Author; Auditor'>
-   <property id='title'>Group company</property>
-   <multi_property id='categories'>local_role_group/group</multi_property>
-   <multi_property id='category'>group/company</multi_property>
-   <multi_property id='base_category'>group</multi_property>
-  </role>
-  <role id='Auditor'>
-   <property id='title'>Member</property>
-   <multi_property id='categories'>local_role_group/user</multi_property>
-   <multi_property id='category'>role/member</multi_property>
-   <multi_property id='base_category'>role</multi_property>
-  </role>
-  <role id='Auditor'>
-   <property id='title'>Person Shadow</property>
-   <multi_property id='categories'>local_role_group/shadow</multi_property>
-   <multi_property id='category'>role/shadow/person</multi_property>
-   <multi_property id='base_category'>role</multi_property>
-  </role>
 </type_roles>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Cloud%20Contract.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Cloud%20Contract.xml
 <type_roles>
-  <role id='Auditor'>
-   <property id='title'>Customer</property>
-   <property id='description'>Monovalued role</property>
-   <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
-   <multi_property id='categories'>local_role_group/user</multi_property>
-   <multi_property id='base_category'>destination_section</multi_property>
-  </role>
-  <role id='Assignor'>
-   <property id='title'>Group company</property>
-   <multi_property id='categories'>local_role_group/group</multi_property>
-   <multi_property id='category'>group/company</multi_property>
-   <multi_property id='base_category'>group</multi_property>
-  </role>
-  <role id='Auditor'>
-   <property id='title'>Person Shadow</property>
-   <multi_property id='categories'>local_role_group/shadow</multi_property>
-   <multi_property id='category'>role/shadow/person</multi_property>
-   <multi_property id='base_category'>role</multi_property>
-  </role>
 </type_roles>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Computer%20Consumption%20TioXML%20File.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Computer%20Consumption%20TioXML%20File.xml
 <type_roles>
-  <role id='Assignor'>
-   <property id='title'>Group company</property>
-   <multi_property id='categories'>local_role_group/group</multi_property>
-   <multi_property id='category'>group/company</multi_property>
-   <multi_property id='base_category'>group</multi_property>
-  </role>
 </type_roles>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Consumption%20Document%20Module.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Consumption%20Document%20Module.xml
@@ -5,16 +5,4 @@
   <multi_property id='category'>role/computer</multi_property>
   <multi_property id='base_category'>role</multi_property>
  </role>
-  <role id='Author; Auditor'>
-   <property id='title'>Group company</property>
-   <multi_property id='categories'>local_role_group/group</multi_property>
-   <multi_property id='category'>group/company</multi_property>
-   <multi_property id='base_category'>group</multi_property>
-  </role>
-  <role id='Auditor; Author'>
-   <property id='title'>Member</property>
-   <multi_property id='categories'>local_role_group/user</multi_property>
-   <multi_property id='category'>role/member</multi_property>
-   <multi_property id='base_category'>role</multi_property>
-  </role>
 </type_roles>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Contract%20Invitation%20Token.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Contract%20Invitation%20Token.xml
 <type_roles>
-  <role id='Assignor'>
-   <property id='title'>Group company</property>
-   <multi_property id='categories'>local_role_group/group</multi_property>
-   <multi_property id='category'>group/company</multi_property>
-   <multi_property id='base_category'>group</multi_property>
-  </role>
 </type_roles>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Credential%20Update%20Module.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Credential%20Update%20Module.xml
 <type_roles>
-  <role id='Auditor; Author'>
+  <role id='Author; Auditor'>
-   <property id='title'>Group company</property>
+   <property id='title'>Accountant</property>
-   <multi_property id='categories'>local_role_group/group</multi_property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
-   <multi_property id='category'>group/company</multi_property>
+   <multi_property id='category'>function/accounting*</multi_property>
-   <multi_property id='base_category'>group</multi_property>
+   <multi_property id='base_category'>function</multi_property>
  </role>
-  <role id='Auditor; Author'>
+  <role id='Author; Auditor'>
   <property id='title'>Member</property>
-   <multi_property id='categories'>local_role_group/user</multi_property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
-   <multi_property id='category'>role/member</multi_property>
+   <multi_property id='category'>function/customer</multi_property>
-   <multi_property id='base_category'>role</multi_property>
+   <multi_property id='base_category'>function</multi_property>
+  </role>
+  <role id='Author; Auditor'>
+   <property id='title'>Production</property>
+   <multi_property id='category'>function/production*</multi_property>
+   <multi_property id='base_category'>function</multi_property>
+  </role>
+  <role id='Author; Auditor'>
+   <property id='title'>Sale</property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
+   <multi_property id='category'>function/sale*</multi_property>
+   <multi_property id='base_category'>function</multi_property>
  </role>
 </type_roles>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Currency.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Currency.xml
 <type_roles>
-  <role id='Author; Auditor'>
+  <role id='Assignee'>
-   <property id='title'>Accountant</property>
+   <property id='title'>Accountant Agent</property>
-   <multi_property id='category'>function/accounting*</multi_property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
+   <multi_property id='category'>function/accounting/agent</multi_property>
+   <multi_property id='base_category'>function</multi_property>
+  </role>
+  <role id='Assignor'>
+   <property id='title'>Accountant Manager</property>
+   <property id='description'>Only the accountant can validate new accounts.</property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
+   <multi_property id='category'>function/accounting/manager</multi_property>
   <multi_property id='base_category'>function</multi_property>
  </role>
  <role id='Auditor'>

--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Document%20Ingestion%20Module.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Document%20Ingestion%20Module.xml
 <type_roles>
  <role id='Author; Auditor'>
-   <property id='title'>Group company</property>
+   <property id='title'>Accountant</property>
-   <multi_property id='categories'>local_role_group/group</multi_property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
-   <multi_property id='category'>group/company</multi_property>
+   <multi_property id='category'>function/accounting*</multi_property>
-   <multi_property id='base_category'>group</multi_property>
+   <multi_property id='base_category'>function</multi_property>
  </role>
 </type_roles>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Document%20Module.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Document%20Module.xml
 <type_roles>
  <role id='Author; Auditor'>
-   <property id='title'>Group company</property>
+   <property id='title'>Accountant</property>
-   <multi_property id='categories'>local_role_group/group</multi_property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
-   <multi_property id='category'>group/company</multi_property>
+   <multi_property id='category'>function/accounting*</multi_property>
-   <multi_property id='base_category'>group</multi_property>
+   <multi_property id='base_category'>function</multi_property>
  </role>
 </type_roles>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Fax%20Message.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Fax%20Message.xml
@@ -31,6 +31,20 @@
   <multi_property id='category'>function/production/manager</multi_property>
   <multi_property id='base_category'>destination_project</multi_property>
  </role>
+  <role id='Assignee'>
+   <property id='title'>Sale Agent</property>
+   <property id='condition'>python: (context.getDestinationProject('', portal_type='Project') == "") and (context.getSourceProject('', portal_type='Project') == "")</property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
+   <multi_property id='category'>function/sale/agent</multi_property>
+   <multi_property id='base_category'>function</multi_property>
+  </role>
+  <role id='Assignor'>
+   <property id='title'>Sale Manager</property>
+   <property id='condition'>python: (context.getDestinationProject('', portal_type='Project') == "") and (context.getSourceProject('', portal_type='Project') == "")</property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
+   <multi_property id='category'>function/sale/manager</multi_property>
+   <multi_property id='base_category'>function</multi_property>
+  </role>
  <role id='Assignee'>
   <property id='title'>Source Project Production Agent</property>
   <property id='description'>XXX add local role group</property>

--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Hosting%20Subscription%20Module.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Hosting%20Subscription%20Module.xml
 <type_roles>
-  <role id='Auditor'>
-   <property id='title'>Member</property>
-   <multi_property id='categories'>local_role_group/function</multi_property>
-   <multi_property id='category'>function/customer</multi_property>
-   <multi_property id='base_category'>function</multi_property>
-  </role>
-  <role id='Auditor'>
-   <property id='title'>Production</property>
-   <multi_property id='category'>function/production*</multi_property>
-   <multi_property id='base_category'>function</multi_property>
-  </role>
 </type_roles>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Hosting%20Subscription.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Hosting%20Subscription.xml
 <type_roles>
-  <role id='Auditor'>
-   <property id='title'>Project Production Agent</property>
-   <property id='description'>XXX add local role group</property>
-   <property id='condition'>python: context.getFollowUp("") != ""</property>
-   <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
-   <multi_property id='category'>function/production/agent</multi_property>
-   <multi_property id='base_category'>follow_up</multi_property>
-  </role>
-  <role id='Auditor'>
-   <property id='title'>Project Production Manager</property>
-   <property id='description'>XXX add local role group</property>
-   <property id='condition'>python: context.getFollowUp("") != ""</property>
-   <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
-   <multi_property id='category'>function/production/manager</multi_property>
-   <multi_property id='base_category'>follow_up</multi_property>
-  </role>
 </type_roles>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Incident%20Response%20Module.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Incident%20Response%20Module.xml
 <type_roles>
-  <role id='Auditor; Author'>
-   <property id='title'>Company group</property>
-   <multi_property id='categories'>local_role_group/group</multi_property>
-   <multi_property id='category'>group/company</multi_property>
-   <multi_property id='base_category'>group</multi_property>
-  </role>
 </type_roles>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Incident%20Response.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Incident%20Response.xml
 <type_roles>
-  <role id='Assignor'>
-   <property id='title'>Project Compute Node Manager</property>
-   <property id='description'>XXX project local role group</property>
-   <property id='condition'>python: context.getSourceProject("", portal_type='Project') != ""</property>
-   <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
-   <multi_property id='category'>function/computer/manager</multi_property>
-   <multi_property id='base_category'>source_project</multi_property>
-  </role>
 </type_roles>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Integration%20Site.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Integration%20Site.xml
 <type_roles>
-  <role id='Assignor'>
-   <property id='title'>Group Company</property>
-   <multi_property id='categories'>local_role_group/group</multi_property>
-   <multi_property id='category'>group/company</multi_property>
-   <multi_property id='base_category'>group</multi_property>
-  </role>
  <role id='Auditor; Author'>
   <property id='title'>Person Shadow</property>
   <multi_property id='categories'>local_role_group/shadow</multi_property>

--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Integration%20Tool.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Integration%20Tool.xml
 <type_roles>
-  <role id='Author; Auditor'>
-   <property id='title'>Group Company</property>
-   <multi_property id='categories'>local_role_group/group</multi_property>
-   <multi_property id='category'>group/company</multi_property>
-   <multi_property id='base_category'>group</multi_property>
-  </role>
  <role id='Auditor'>
   <property id='title'>Person Shadow</property>
   <multi_property id='categories'>local_role_group/shadow</multi_property>

--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Invitation%20Token%20Module.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Invitation%20Token%20Module.xml
 <type_roles>
-  <role id='Author; Auditor'>
-   <property id='title'>Group company</property>
-   <multi_property id='categories'>local_role_group/group</multi_property>
-   <multi_property id='category'>group/company</multi_property>
-   <multi_property id='base_category'>group</multi_property>
-  </role>
 </type_roles>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Letter.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Letter.xml
@@ -31,6 +31,20 @@
   <multi_property id='category'>function/production/manager</multi_property>
   <multi_property id='base_category'>destination_project</multi_property>
  </role>
+  <role id='Assignee'>
+   <property id='title'>Sale Agent</property>
+   <property id='condition'>python: (context.getDestinationProject('', portal_type='Project') == "") and (context.getSourceProject('', portal_type='Project') == "")</property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
+   <multi_property id='category'>function/sale/agent</multi_property>
+   <multi_property id='base_category'>function</multi_property>
+  </role>
+  <role id='Assignor'>
+   <property id='title'>Sale Manager</property>
+   <property id='condition'>python: (context.getDestinationProject('', portal_type='Project') == "") and (context.getSourceProject('', portal_type='Project') == "")</property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
+   <multi_property id='category'>function/sale/manager</multi_property>
+   <multi_property id='base_category'>function</multi_property>
+  </role>
  <role id='Assignee'>
   <property id='title'>Source Project Production Agent</property>
   <property id='description'>XXX add local role group</property>

--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Mail%20Message.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Mail%20Message.xml
@@ -31,6 +31,20 @@
   <multi_property id='category'>function/production/manager</multi_property>
   <multi_property id='base_category'>destination_project</multi_property>
  </role>
+  <role id='Assignee'>
+   <property id='title'>Sale Agent</property>
+   <property id='condition'>python: (context.getDestinationProject('', portal_type='Project') == "") and (context.getSourceProject('', portal_type='Project') == "")</property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
+   <multi_property id='category'>function/sale/agent</multi_property>
+   <multi_property id='base_category'>function</multi_property>
+  </role>
+  <role id='Assignor'>
+   <property id='title'>Sale Manager</property>
+   <property id='condition'>python: (context.getDestinationProject('', portal_type='Project') == "") and (context.getSourceProject('', portal_type='Project') == "")</property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
+   <multi_property id='category'>function/sale/manager</multi_property>
+   <multi_property id='base_category'>function</multi_property>
+  </role>
  <role id='Assignee'>
   <property id='title'>Source Project Production Agent</property>
   <property id='description'>XXX add local role group</property>

--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Note.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Note.xml
@@ -31,6 +31,20 @@
   <multi_property id='category'>function/production/manager</multi_property>
   <multi_property id='base_category'>destination_project</multi_property>
  </role>
+  <role id='Assignee'>
+   <property id='title'>Sale Agent</property>
+   <property id='condition'>python: (context.getDestinationProject('', portal_type='Project') == "") and (context.getSourceProject('', portal_type='Project') == "")</property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
+   <multi_property id='category'>function/sale/agent</multi_property>
+   <multi_property id='base_category'>function</multi_property>
+  </role>
+  <role id='Assignor'>
+   <property id='title'>Sale Manager</property>
+   <property id='condition'>python: (context.getDestinationProject('', portal_type='Project') == "") and (context.getSourceProject('', portal_type='Project') == "")</property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
+   <multi_property id='category'>function/sale/manager</multi_property>
+   <multi_property id='base_category'>function</multi_property>
+  </role>
  <role id='Assignee'>
   <property id='title'>Source Project Production Agent</property>
   <property id='description'>XXX add local role group</property>

--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Notification%20Message%20Module.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Notification%20Message%20Module.xml
 <type_roles>
  <role id='Author; Auditor'>
-   <property id='title'>Group company</property>
+   <property id='title'>Sale</property>
-   <multi_property id='categories'>local_role_group/group</multi_property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
-   <multi_property id='category'>group/company</multi_property>
+   <multi_property id='category'>function/sale*</multi_property>
-   <multi_property id='base_category'>group</multi_property>
+   <multi_property id='base_category'>function</multi_property>
  </role>
 </type_roles>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Notification%20Message.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Notification%20Message.xml
 <type_roles>
+  <role id='Assignee'>
+   <property id='title'>Sale Agent</property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
+   <multi_property id='category'>function/sale/agent</multi_property>
+   <multi_property id='base_category'>function</multi_property>
+  </role>
  <role id='Assignor'>
-   <property id='title'>Group company</property>
+   <property id='title'>Sale Manager</property>
-   <multi_property id='categories'>local_role_group/group</multi_property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
-   <multi_property id='category'>group/company</multi_property>
+   <multi_property id='category'>function/sale/manager</multi_property>
-   <multi_property id='base_category'>group</multi_property>
+   <multi_property id='base_category'>function</multi_property>
  </role>
 </type_roles>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Open%20Sale%20Order%20Module.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Open%20Sale%20Order%20Module.xml
 <type_roles>
-  <role id='Author; Auditor'>
+  <role id='Auditor'>
-   <property id='title'>Group company</property>
+   <property id='title'>Accountant</property>
-   <multi_property id='categories'>local_role_group/group</multi_property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
-   <multi_property id='category'>group/company</multi_property>
+   <multi_property id='category'>function/accounting*</multi_property>
-   <multi_property id='base_category'>group</multi_property>
+   <multi_property id='base_category'>function</multi_property>
+  </role>
+  <role id='Auditor'>
+   <property id='title'>Sale</property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
+   <multi_property id='category'>function/sale*</multi_property>
+   <multi_property id='base_category'>function</multi_property>
  </role>
 </type_roles>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Open%20Sale%20Order.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Open%20Sale%20Order.xml
 <type_roles>
+  <role id='Auditor'>
+   <property id='title'>Accountant</property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
+   <multi_property id='category'>function/accounting*</multi_property>
+   <multi_property id='base_category'>function</multi_property>
+  </role>
+  <role id='Auditor'>
+   <property id='title'>Sale</property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
+   <multi_property id='category'>function/sale*</multi_property>
+   <multi_property id='base_category'>function</multi_property>
+  </role>
  <role id='Auditor'>
   <property id='title'>User</property>
   <property id='condition'>python: (here.getDestinationSection('', portal_type='Person') != '') and (context.getLedger("") == "automated")</property>

--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/PDF.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/PDF.xml
 <type_roles>
+  <role id='Assignee'>
+   <property id='title'>Accountant Agent</property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
+   <multi_property id='category'>function/accounting/agent</multi_property>
+   <multi_property id='base_category'>function</multi_property>
+  </role>
  <role id='Assignor'>
-   <property id='title'>Group company</property>
+   <property id='title'>Accountant Manager</property>
-   <multi_property id='categories'>local_role_group/group</multi_property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
-   <multi_property id='category'>group/company</multi_property>
+   <multi_property id='category'>function/accounting/manager</multi_property>
-   <multi_property id='base_category'>group</multi_property>
+   <multi_property id='base_category'>function</multi_property>
  </role>
 </type_roles>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Phone%20Call.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Phone%20Call.xml
@@ -31,6 +31,20 @@
   <multi_property id='category'>function/production/manager</multi_property>
   <multi_property id='base_category'>destination_project</multi_property>
  </role>
+  <role id='Assignee'>
+   <property id='title'>Sale Agent</property>
+   <property id='condition'>python: (context.getDestinationProject('', portal_type='Project') == "") and (context.getSourceProject('', portal_type='Project') == "")</property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
+   <multi_property id='category'>function/sale/agent</multi_property>
+   <multi_property id='base_category'>function</multi_property>
+  </role>
+  <role id='Assignor'>
+   <property id='title'>Sale Manager</property>
+   <property id='condition'>python: (context.getDestinationProject('', portal_type='Project') == "") and (context.getSourceProject('', portal_type='Project') == "")</property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
+   <multi_property id='category'>function/sale/manager</multi_property>
+   <multi_property id='base_category'>function</multi_property>
+  </role>
  <role id='Assignee'>
   <property id='title'>Source Project Production Agent</property>
   <property id='description'>XXX add local role group</property>

--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Product%20Module.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Product%20Module.xml
-<type_roles>
-  <role id='Author; Auditor'>
-   <property id='title'>Group company</property>
-   <multi_property id='categories'>local_role_group/group</multi_property>
-   <multi_property id='category'>group/company</multi_property>
-   <multi_property id='base_category'>group</multi_property>
-  </role>
-</type_roles>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Product.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Product.xml
-<type_roles>
-  <role id='Assignor'>
-   <property id='title'>Group company</property>
-   <multi_property id='categories'>local_role_group/group</multi_property>
-   <multi_property id='category'>group/company</multi_property>
-   <multi_property id='base_category'>group</multi_property>
-  </role>
-</type_roles>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Regularisation%20Request.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Regularisation%20Request.xml
@@ -22,12 +22,17 @@
   <multi_property id='category'>function/production/manager</multi_property>
   <multi_property id='base_category'>destination_project</multi_property>
  </role>
-  <role id='Auditor'>
+  <role id='Assignee'>
-   <property id='title'>Member can see template</property>
+   <property id='title'>Sale Agent</property>
-   <property id='condition'>python: here.getRelativeUrl() == here.getPortalObject().portal_preferences.getPreferredRegularisationRequestTemplate()</property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
-   <multi_property id='categories'>local_role_group/user</multi_property>
+   <multi_property id='category'>function/sale/agent</multi_property>
-   <multi_property id='category'>role/member</multi_property>
+   <multi_property id='base_category'>function</multi_property>
-   <multi_property id='base_category'>role</multi_property>
+  </role>
+  <role id='Assignor'>
+   <property id='title'>Sale Manager</property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
+   <multi_property id='category'>function/sale/manager</multi_property>
+   <multi_property id='base_category'>function</multi_property>
  </role>
  <role id='Assignee'>
   <property id='title'>Source Project Production Agent</property>

--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Restricted%20Access%20Token.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Restricted%20Access%20Token.xml
@@ -5,10 +5,4 @@
   <multi_property id='categories'>local_role_group/user</multi_property>
   <multi_property id='base_category'>agent</multi_property>
  </role>
-  <role id='Assignor'>
-   <property id='title'>Group company</property>
-   <multi_property id='categories'>local_role_group/group</multi_property>
-   <multi_property id='category'>group/company</multi_property>
-   <multi_property id='base_category'>group</multi_property>
-  </role>
 </type_roles>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Sale%20Packing%20List%20Module.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Sale%20Packing%20List%20Module.xml
 <type_roles>
-  <role id='Author; Auditor'>
+  <role id='Auditor'>
-   <property id='title'>Group company</property>
+   <property id='title'>Accountant</property>
-   <multi_property id='categories'>local_role_group/group</multi_property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
-   <multi_property id='category'>group/company</multi_property>
+   <multi_property id='category'>function/accounting*</multi_property>
-   <multi_property id='base_category'>group</multi_property>
+   <multi_property id='base_category'>function</multi_property>
  </role>
  <role id='Auditor'>
-   <property id='title'>Member</property>
+   <property id='title'>Sale</property>
-   <multi_property id='categories'>local_role_group/user</multi_property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
-   <multi_property id='category'>role/member</multi_property>
+   <multi_property id='category'>function/sale*</multi_property>
-   <multi_property id='base_category'>role</multi_property>
+   <multi_property id='base_category'>function</multi_property>
  </role>
 </type_roles>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Sale%20Packing%20List.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Sale%20Packing%20List.xml
 <type_roles>
  <role id='Auditor'>
-   <property id='title'>Group company</property>
+   <property id='title'>Accountant</property>
-   <multi_property id='categories'>local_role_group/group</multi_property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
-   <multi_property id='category'>group/company</multi_property>
+   <multi_property id='category'>function/accounting*</multi_property>
-   <multi_property id='base_category'>group</multi_property>
+   <multi_property id='base_category'>function</multi_property>
  </role>
  <role id='Auditor'>
-   <property id='title'>Subscription Customer</property>
+   <property id='title'>Sale</property>
-   <property id='description'>python: here.Base_useSaleTradeConditionReference(('slapos_subscription_trade_condition', 'slapos_aggregated_trade_condition', 'slapos_aggregated_subscription_trade_condition'))</property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
-   <property id='condition'>python: False</property>
+   <multi_property id='category'>function/sale*</multi_property>
-   <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
+   <multi_property id='base_category'>function</multi_property>
-   <multi_property id='categories'>local_role_group/user</multi_property>
-   <multi_property id='base_category'>destination_decision</multi_property>
  </role>
 </type_roles>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Sale%20Supply%20Module.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Sale%20Supply%20Module.xml
 <type_roles>
  <role id='Auditor'>
-   <property id='title'>Member</property>
+   <property id='title'>Customer</property>
   <multi_property id='categories'>local_role_group/function</multi_property>
   <multi_property id='category'>function/customer</multi_property>
   <multi_property id='base_category'>function</multi_property>
  </role>
-  <role id='Auditor'>
+  <role id='Author; Auditor'>
-   <property id='title'>Production</property>
-   <multi_property id='category'>function/production*</multi_property>
-   <multi_property id='base_category'>function</multi_property>
-  </role>
-  <role id='Auditor; Author'>
   <property id='title'>Sale</property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
   <multi_property id='category'>function/sale*</multi_property>
   <multi_property id='base_category'>function</multi_property>
  </role>

--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Sale%20Supply.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Sale%20Supply.xml
 <type_roles>
  <role id='Auditor'>
-   <property id='title'>Customer</property>
+   <property id='title'>Destination Member</property>
-   <property id='description'>Monovalued role</property>
+   <property id='condition'>python: (context.getValidationState() == 'validated') and (context.getDestination('', portal_type='Person') != "")
-   <property id='condition'>python: (here.getDestinationValue(portal_type='Person') is not None) and (here.getValidationState() == 'validated')</property>
+</property>
   <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
   <multi_property id='categories'>local_role_group/user</multi_property>
   <multi_property id='base_category'>destination</multi_property>
  </role>
  <role id='Auditor'>
-   <property id='title'>Destination Project Customer</property>
+   <property id='title'>Destination Project Member</property>
-   <property id='description'>XXX add local role group
+   <property id='condition'>python: (context.getValidationState() == 'validated') and (context.getDestination('') == "") and (context.getDestinationProject('') != "")
+</property>
-Only show to all project customer if it is not specific to a dedicated user</property>
-   <property id='condition'>python: (context.getDestinationProject("") != "") and (context.getDestination(None) is None) and (context.getValidationState() == 'validated')</property>
   <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
-   <multi_property id='category'>function/customer</multi_property>
+   <multi_property id='categories'>local_role_group/project</multi_property>
   <multi_property id='base_category'>destination_project</multi_property>
  </role>
  <role id='Assignee'>
-   <property id='title'>Destination Project Production Agent</property>
+   <property id='title'>Sale Agent</property>
-   <property id='description'>XXX add local role group</property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
-   <property id='condition'>python: context.getDestinationProject("") != ""</property>
+   <multi_property id='category'>function/sale/agent</multi_property>
-   <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
+   <multi_property id='base_category'>function</multi_property>
-   <multi_property id='category'>function/production/agent</multi_property>
-   <multi_property id='base_category'>destination_project</multi_property>
  </role>
  <role id='Assignor'>
-   <property id='title'>Destination Project Production Manager</property>
+   <property id='title'>Sale Manager</property>
-   <property id='description'>XXX add local role group</property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
-   <property id='condition'>python: context.getDestinationProject("") != ""</property>
+   <multi_property id='category'>function/sale/manager</multi_property>
-   <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
+   <multi_property id='base_category'>function</multi_property>
-   <multi_property id='category'>function/production/manager</multi_property>
-   <multi_property id='base_category'>destination_project</multi_property>
-  </role>
-  <role id='Auditor'>
-   <property id='title'>Source Project Customer</property>
-   <property id='description'>XXX add local role group
-Only show to all project customer if it is not specific to a dedicated user</property>
-   <property id='condition'>python: (context.getSourceProject("") != "") and (context.getSource(None) is None) and (context.getValidationState() == 'validated')</property>
-   <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
-   <multi_property id='category'>function/customer</multi_property>
-   <multi_property id='base_category'>source_project</multi_property>
-  </role>
-  <role id='Assignee'>
-   <property id='title'>Source Project Production Agent</property>
-   <property id='description'>XXX add local role group</property>
-   <property id='condition'>python: context.getSourceProject("") != ""</property>
-   <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
-   <multi_property id='category'>function/production/agent</multi_property>
-   <multi_property id='base_category'>source_project</multi_property>
-  </role>
-  <role id='Assignor'>
-   <property id='title'>Source Project Production Manager</property>
-   <property id='description'>XXX add local role group</property>
-   <property id='condition'>python: context.getSourceProject("") != ""</property>
-   <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
-   <multi_property id='category'>function/production/manager</multi_property>
-   <multi_property id='base_category'>source_project</multi_property>
  </role>
 </type_roles>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Service%20Module.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Service%20Module.xml
 <type_roles>
+  <role id='Auditor'>
+   <property id='title'>Accounting</property>
+   <property id='description'>`Sale` people can NOT create/modify `Service`. This comes from the `bt5`, and can be really fragile to change for now.</property>
+   <multi_property id='category'>function/accounting*</multi_property>
+   <multi_property id='base_category'>function</multi_property>
+  </role>
  <role id='Auditor'>
   <property id='title'>Project Compute Node Manager</property>
   <property id='description'>XXX TODO

--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Service.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Service.xml
 <type_roles>
+  <role id='Auditor'>
+   <property id='title'>Accounting</property>
+   <property id='description'>`Sale` people can NOT create/modify `Service`. This comes from the `bt5`, and can be really fragile to change for now.
+XXX TODO
+add local roles group</property>
+   <multi_property id='category'>function/accounting*</multi_property>
+   <multi_property id='base_category'>function</multi_property>
+  </role>
  <role id='Auditor'>
   <property id='title'>Project Compute Node Manager</property>
   <property id='description'>XXX TODO

--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Short%20Message.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Short%20Message.xml
@@ -31,6 +31,20 @@
   <multi_property id='category'>function/production/manager</multi_property>
   <multi_property id='base_category'>destination_project</multi_property>
  </role>
+  <role id='Assignee'>
+   <property id='title'>Sale Agent</property>
+   <property id='condition'>python: (context.getDestinationProject('', portal_type='Project') == "") and (context.getSourceProject('', portal_type='Project') == "")</property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
+   <multi_property id='category'>function/sale/agent</multi_property>
+   <multi_property id='base_category'>function</multi_property>
+  </role>
+  <role id='Assignor'>
+   <property id='title'>Sale Manager</property>
+   <property id='condition'>python: (context.getDestinationProject('', portal_type='Project') == "") and (context.getSourceProject('', portal_type='Project') == "")</property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
+   <multi_property id='category'>function/sale/manager</multi_property>
+   <multi_property id='base_category'>function</multi_property>
+  </role>
  <role id='Assignee'>
   <property id='title'>Source Project Production Agent</property>
   <property id='description'>XXX add local role group</property>

--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Site%20Message.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Site%20Message.xml
@@ -31,6 +31,20 @@
   <multi_property id='category'>function/production/manager</multi_property>
   <multi_property id='base_category'>destination_project</multi_property>
  </role>
+  <role id='Assignee'>
+   <property id='title'>Sale Agent</property>
+   <property id='condition'>python: (context.getDestinationProject('', portal_type='Project') == "") and (context.getSourceProject('', portal_type='Project') == "")</property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
+   <multi_property id='category'>function/sale/agent</multi_property>
+   <multi_property id='base_category'>function</multi_property>
+  </role>
+  <role id='Assignor'>
+   <property id='title'>Sale Manager</property>
+   <property id='condition'>python: (context.getDestinationProject('', portal_type='Project') == "") and (context.getSourceProject('', portal_type='Project') == "")</property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
+   <multi_property id='category'>function/sale/manager</multi_property>
+   <multi_property id='base_category'>function</multi_property>
+  </role>
  <role id='Assignee'>
   <property id='title'>Source Project Production Agent</property>
   <property id='description'>XXX add local role group</property>

--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Subscription%20Request%20Module.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Subscription%20Request%20Module.xml
 <type_roles>
-  <role id='Author; Auditor'>
+  <role id='Auditor'>
   <property id='title'>Member</property>
   <multi_property id='categories'>local_role_group/function</multi_property>
   <multi_property id='category'>function/customer</multi_property>
   <multi_property id='base_category'>function</multi_property>
  </role>
-  <role id='Auditor'>
+  <role id='Auditor; Author'>
-   <property id='title'>Production</property>
-   <multi_property id='categories'>local_role_group/function</multi_property>
-   <multi_property id='category'>function/production*</multi_property>
-   <multi_property id='base_category'>function</multi_property>
-  </role>
-  <role id='Author; Auditor'>
   <property id='title'>Sale</property>
   <multi_property id='categories'>local_role_group/function</multi_property>
   <multi_property id='category'>function/sale*</multi_property>

--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Subscription%20Request.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Subscription%20Request.xml
 <type_roles>
-  <role id='Auditor'>
+  <role id='Associate'>
-   <property id='title'>Sale Agent</property>
+   <property id='title'>Customer</property>
-   <multi_property id='categories'>local_role_group/function</multi_property>
+   <property id='condition'>python: context.getDestinationDecision('', portal_type='Person') != ""
-   <multi_property id='category'>function/sale/agent</multi_property>
+</property>
-   <multi_property id='base_category'>function</multi_property>
+   <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
+   <multi_property id='categories'>local_role_group/user</multi_property>
+   <multi_property id='base_category'>destination_decision</multi_property>
  </role>
  <role id='Auditor'>
-   <property id='title'>Sale Manager</property>
+   <property id='title'>Sale Agent</property>
   <multi_property id='categories'>local_role_group/function</multi_property>
-   <multi_property id='category'>function/sale/manager</multi_property>
+   <multi_property id='category'>function/sale*</multi_property>
   <multi_property id='base_category'>function</multi_property>
  </role>
-  <role id='Auditor'>
-   <property id='title'>Source Member</property>
-   <property id='condition'>python: context.getSource('', portal_type='Person') != ""
-</property>
-   <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
-   <multi_property id='categories'>local_role_group/user</multi_property>
-   <multi_property id='base_category'>source</multi_property>
-  </role>
 </type_roles>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Support%20Request.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Support%20Request.xml
@@ -22,12 +22,19 @@
   <multi_property id='category'>function/production/manager</multi_property>
   <multi_property id='base_category'>destination_project</multi_property>
  </role>
-  <role id='Auditor'>
+  <role id='Assignee'>
-   <property id='title'>Member can see template</property>
+   <property id='title'>Sale Agent</property>
-   <property id='condition'>python: here.getRelativeUrl() == here.getPortalObject().portal_preferences.getPreferredSupportRequestTemplate()</property>
+   <property id='condition'>python: (context.getDestinationProject('', portal_type='Project') == "") and (context.getSourceProject('', portal_type='Project') == "")</property>
-   <multi_property id='categories'>local_role_group/user</multi_property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
-   <multi_property id='category'>role/member</multi_property>
+   <multi_property id='category'>function/sale/agent</multi_property>
-   <multi_property id='base_category'>role</multi_property>
+   <multi_property id='base_category'>function</multi_property>
+  </role>
+  <role id='Assignor'>
+   <property id='title'>Sale Manager</property>
+   <property id='condition'>python: (context.getDestinationProject('', portal_type='Project') == "") and (context.getSourceProject('', portal_type='Project') == "")</property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
+   <multi_property id='category'>function/sale/manager</multi_property>
+   <multi_property id='base_category'>function</multi_property>
  </role>
  <role id='Assignee'>
   <property id='title'>Source Project Production Agent</property>

--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/User%20Consumption%20HTML%20File.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/User%20Consumption%20HTML%20File.xml
 <type_roles>
-  <role id='Assignor'>
-   <property id='title'>Group company</property>
-   <multi_property id='categories'>local_role_group/group</multi_property>
-   <multi_property id='category'>group/company</multi_property>
-   <multi_property id='base_category'>group</multi_property>
-  </role>
-  <role id='Assignee'>
-   <property id='title'>User</property>
-   <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
-   <multi_property id='categories'>local_role_group/user</multi_property>
-   <multi_property id='base_category'>contributor</multi_property>
-  </role>
 </type_roles>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Visit.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Visit.xml
@@ -31,6 +31,20 @@
   <multi_property id='category'>function/production/manager</multi_property>
   <multi_property id='base_category'>destination_project</multi_property>
  </role>
+  <role id='Assignee'>
+   <property id='title'>Sale Agent</property>
+   <property id='condition'>python: (context.getDestinationProject('', portal_type='Project') == "") and (context.getSourceProject('', portal_type='Project') == "")</property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
+   <multi_property id='category'>function/sale/agent</multi_property>
+   <multi_property id='base_category'>function</multi_property>
+  </role>
+  <role id='Assignor'>
+   <property id='title'>Sale Manager</property>
+   <property id='condition'>python: (context.getDestinationProject('', portal_type='Project') == "") and (context.getSourceProject('', portal_type='Project') == "")</property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
+   <multi_property id='category'>function/sale/manager</multi_property>
+   <multi_property id='base_category'>function</multi_property>
+  </role>
  <role id='Assignee'>
   <property id='title'>Source Project Production Agent</property>
   <property id='description'>XXX add local role group</property>

--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Web%20Message.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Web%20Message.xml
@@ -31,6 +31,20 @@
   <multi_property id='category'>function/production/manager</multi_property>
   <multi_property id='base_category'>destination_project</multi_property>
  </role>
+  <role id='Assignee'>
+   <property id='title'>Sale Agent</property>
+   <property id='condition'>python: (context.getDestinationProject('', portal_type='Project') == "") and (context.getSourceProject('', portal_type='Project') == "")</property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
+   <multi_property id='category'>function/sale/agent</multi_property>
+   <multi_property id='base_category'>function</multi_property>
+  </role>
+  <role id='Assignor'>
+   <property id='title'>Sale Manager</property>
+   <property id='condition'>python: (context.getDestinationProject('', portal_type='Project') == "") and (context.getSourceProject('', portal_type='Project') == "")</property>
+   <multi_property id='categories'>local_role_group/function</multi_property>
+   <multi_property id='category'>function/sale/manager</multi_property>
+   <multi_property id='base_category'>function</multi_property>
+  </role>
  <role id='Assignee'>
   <property id='title'>Source Project Production Agent</property>
   <property id='description'>XXX add local role group</property>

--- a/master/bt5/slapos_erp5/PropertySheetTemplateItem/portal_property_sheets/PreferenceSlapOSConstraintPreference/system_preference_consistency_constraint.xml
+++ b/master/bt5/slapos_erp5/PropertySheetTemplateItem/portal_property_sheets/PreferenceSlapOSConstraintPreference/system_preference_consistency_constraint.xml
@@ -22,7 +22,7 @@
            <key> <string>categories</string> </key>
            <value>
              <tuple>
-                <string>constraint_type/post_upgrade</string>
+                <string>constraint_type/configuration</string>
              </tuple>
            </value>
        </item>

--- a/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_administration/ERP5Site_updateAllLocalRolesOnSecurityGroupsForSlapOS.py
+++ b/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_administration/ERP5Site_updateAllLocalRolesOnSecurityGroupsForSlapOS.py
@@ -7,10 +7,4 @@ for portal_type in ("Access Token Module" ,"Account Module" ,"Account" ,"Account
  print portal_type
  portal.portal_types[portal_type].updateRoleMapping(priority=4)
-context.portal_catalog.searchAndActivate(
-  method_id="updateLocalRolesOnSecurityGroups",
-  default_specialise_uid = [context.sale_trade_condition_module.slapos_subscription_trade_condition.getUid(),
-                             context.sale_trade_condition_module.slapos_aggregated_trade_condition.getUid()],
-  portal_type="Sale Packing List")
 return printed
--- a/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_base/WebSection_getHostingJSPrecacheManifestList.py
+++ b/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_base/WebSection_getHostingJSPrecacheManifestList.py
@@ -14,8 +14,6 @@ url_list = [
  "gadget_erp5_page_slap_accept_upgrade_decision.js",
  "gadget_erp5_page_slap_project_get_invitation_link.js",
  "gadget_erp5_page_slap_project_get_invitation_link.html",
-  "gadget_erp5_page_slap_add_project.html",
-  "gadget_erp5_page_slap_add_project.js",
  "gadget_erp5_page_slap_compute_node_get_token.html",
  "gadget_erp5_page_slap_compute_node_get_token.js",
  "gadget_erp5_page_slap_facebook_login_view.html",
@@ -34,8 +32,6 @@ url_list = [
  "gadget_erp5_page_slap_request_contract_activation.html",
  "gadget_erp5_page_slap_controller.html",
  "gadget_erp5_page_slap_controller.js",
-  "gadget_erp5_page_slap_delete_project.html",
-  "gadget_erp5_page_slap_delete_project.js",
  "gadget_erp5_page_slap_intent.html",
  "gadget_erp5_page_slap_intent.js",
  "gadget_slapos_annotated_helper.js",

--- a/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/ComputeNode_getSecurityCategoryFromValidationState.py
+++ b/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/ComputeNode_getSecurityCategoryFromValidationState.py
-# XXX For now, this script requires proxy manager
-# base_category_list : list of category values we need to retrieve
-# user_name : string obtained from getSecurityManager().getUser().getUserName() [NuxUserGroup]
-#             or from getSecurityManager().getUser().getId() [PluggableAuthService with ERP5GroupManager]
-# object : object which we want to assign roles to.
-# portal_type : portal type of object
-# must always return a list of dicts
-if obj is None:
-  return []
-compute_node = obj
-if compute_node.getValidationState() == 'validated':
-  return {"Auditor": ["R-SHADOW-PERSON"]}
-return []
--- a/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/ComputeNode_getSecurityCategoryFromValidationState.xml
+++ b/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/ComputeNode_getSecurityCategoryFromValidationState.xml
-<?xml version="1.0"?>
-<ZopeData>
-  <record id="1" aka="AAAAAAAAAAE=">
-    <pickle>
-      <global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
-    </pickle>
-    <pickle>
-      <dictionary>
-        <item>
-            <key> <string>Script_magic</string> </key>
-            <value> <int>3</int> </value>
-        </item>
-        <item>
-            <key> <string>_bind_names</string> </key>
-            <value>
-              <object>
-                <klass>
-                  <global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
-                </klass>
-                <tuple/>
-                <state>
-                  <dictionary>
-                    <item>
-                        <key> <string>_asgns</string> </key>
-                        <value>
-                          <dictionary>
-                            <item>
-                                <key> <string>name_container</string> </key>
-                                <value> <string>container</string> </value>
-                            </item>
-                            <item>
-                                <key> <string>name_context</string> </key>
-                                <value> <string>context</string> </value>
-                            </item>
-                            <item>
-                                <key> <string>name_m_self</string> </key>
-                                <value> <string>script</string> </value>
-                            </item>
-                            <item>
-                                <key> <string>name_subpath</string> </key>
-                                <value> <string>traverse_subpath</string> </value>
-                            </item>
-                          </dictionary>
-                        </value>
-                    </item>
-                  </dictionary>
-                </state>
-              </object>
-            </value>
-        </item>
-        <item>
-            <key> <string>_params</string> </key>
-            <value> <string>base_category_list, user_name, obj, portal_type</string> </value>
-        </item>
-        <item>
-            <key> <string>_proxy_roles</string> </key>
-            <value>
-              <tuple>
-                <string>Manager</string>
-              </tuple>
-            </value>
-        </item>
-        <item>
-            <key> <string>id</string> </key>
-            <value> <string>ComputeNode_getSecurityCategoryFromValidationState</string> </value>
-        </item>
-      </dictionary>
-    </pickle>
-  </record>
-</ZopeData>
--- a/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference.xml
+++ b/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference.xml
-<?xml version="1.0"?>
-<ZopeData>
-  <record id="1" aka="AAAAAAAAAAE=">
-    <pickle>
-      <global name="ERP5 Form" module="erp5.portal_type"/>
-    </pickle>
-    <pickle>
-      <dictionary>
-        <item>
-            <key> <string>_bind_names</string> </key>
-            <value>
-              <object>
-                <klass>
-                  <global name="_reconstructor" module="copy_reg"/>
-                </klass>
-                <tuple>
-                  <global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
-                  <global name="object" module="__builtin__"/>
-                  <none/>
-                </tuple>
-                <state>
-                  <dictionary>
-                    <item>
-                        <key> <string>_asgns</string> </key>
-                        <value>
-                          <dictionary/>
-                        </value>
-                    </item>
-                  </dictionary>
-                </state>
-              </object>
-            </value>
-        </item>
-        <item>
-            <key> <string>_objects</string> </key>
-            <value>
-              <tuple/>
-            </value>
-        </item>
-        <item>
-            <key> <string>action</string> </key>
-            <value> <string>Base_edit</string> </value>
-        </item>
-        <item>
-            <key> <string>description</string> </key>
-            <value> <string></string> </value>
-        </item>
-        <item>
-            <key> <string>edit_order</string> </key>
-            <value>
-              <list/>
-            </value>
-        </item>
-        <item>
-            <key> <string>encoding</string> </key>
-            <value> <string>UTF-8</string> </value>
-        </item>
-        <item>
-            <key> <string>enctype</string> </key>
-            <value> <string>multipart/form-data</string> </value>
-        </item>
-        <item>
-            <key> <string>group_list</string> </key>
-            <value>
-              <list>
-                <string>left</string>
-                <string>right</string>
-                <string>center</string>
-              </list>
-            </value>
-        </item>
-        <item>
-            <key> <string>groups</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>center</string> </key>
-                    <value>
-                      <list>
-                        <string>my_configuration_content_security_policy</string>
-                        <string>my_configuration_x_frame_options</string>
-                      </list>
-                    </value>
-                </item>
-                <item>
-                    <key> <string>left</string> </key>
-                    <value>
-                      <list>
-                        <string>my_configuration_default_view_action_reference</string>
-                        <string>my_configuration_view_action_category</string>
-                        <string>my_configuration_application_title</string>
-                        <string>my_configuration_hateoas_url</string>
-                        <string>my_configuration_frontpage_gadget_url</string>
-                        <string>my_configuration_default_jio_document_page_gadget_url</string>
-                        <string>my_configuration_stylesheet_url</string>
-                        <string>my_configuration_wallpaper_url</string>
-                        <string>my_configuration_icon_url</string>
-                        <string>my_configuration_payment_url_template</string>
-                        <string>my_configuration_slapos_master_api</string>
-                        <string>my_configuration_compute_node_install_command_line</string>
-                      </list>
-                    </value>
-                </item>
-                <item>
-                    <key> <string>right</string> </key>
-                    <value>
-                      <list>
-                        <string>my_configuration_panel_gadget_url</string>
-                        <string>my_configuration_jio_gadget_url</string>
-                        <string>my_configuration_translation_gadget_url</string>
-                        <string>my_configuration_router_gadget_url</string>
-                        <string>my_configuration_header_gadget_url</string>
-                        <string>my_configuration_manifest_url</string>
-                        <string>my_configuration_webapp_manifest_url</string>
-                        <string>my_configuration_service_worker_url</string>
-                        <string>my_modification_date</string>
-                        <string>my_configuration_precache_manifest_script_list</string>
-                      </list>
-                    </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>id</string> </key>
-            <value> <string>WebSection_viewSlapOSRenderJSPreference</string> </value>
-        </item>
-        <item>
-            <key> <string>method</string> </key>
-            <value> <string>POST</string> </value>
-        </item>
-        <item>
-            <key> <string>name</string> </key>
-            <value> <string>WebSection_viewHateoasPreference</string> </value>
-        </item>
-        <item>
-            <key> <string>pt</string> </key>
-            <value> <string>form_view</string> </value>
-        </item>
-        <item>
-            <key> <string>row_length</string> </key>
-            <value> <int>4</int> </value>
-        </item>
-        <item>
-            <key> <string>stored_encoding</string> </key>
-            <value> <string>UTF-8</string> </value>
-        </item>
-        <item>
-            <key> <string>title</string> </key>
-            <value> <string>Web Section Preference</string> </value>
-        </item>
-        <item>
-            <key> <string>unicode_mode</string> </key>
-            <value> <int>0</int> </value>
-        </item>
-        <item>
-            <key> <string>update_action</string> </key>
-            <value> <string></string> </value>
-        </item>
-        <item>
-            <key> <string>update_action_title</string> </key>
-            <value> <string></string> </value>
-        </item>
-      </dictionary>
-    </pickle>
-  </record>
-</ZopeData>
--- a/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_configuration_application_title.xml
+++ b/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_configuration_application_title.xml
-<?xml version="1.0"?>
-<ZopeData>
-  <record id="1" aka="AAAAAAAAAAE=">
-    <pickle>
-      <global name="ProxyField" module="Products.ERP5Form.ProxyField"/>
-    </pickle>
-    <pickle>
-      <dictionary>
-        <item>
-            <key> <string>delegated_list</string> </key>
-            <value>
-              <list>
-                <string>title</string>
-              </list>
-            </value>
-        </item>
-        <item>
-            <key> <string>id</string> </key>
-            <value> <string>my_configuration_application_title</string> </value>
-        </item>
-        <item>
-            <key> <string>message_values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>external_validator_failed</string> </key>
-                    <value> <string>The input failed the external validator.</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>overrides</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>tales</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string>my_view_mode_reference</string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string>Base_viewFieldLibrary</string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string>Click to edit the target</string> </value>
-                </item>
-                <item>
-                    <key> <string>title</string> </key>
-                    <value> <string>Application Title</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-      </dictionary>
-    </pickle>
-  </record>
-</ZopeData>
--- a/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_configuration_compute_node_install_command_line.xml
+++ b/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_configuration_compute_node_install_command_line.xml
-<?xml version="1.0"?>
-<ZopeData>
-  <record id="1" aka="AAAAAAAAAAE=">
-    <pickle>
-      <global name="ProxyField" module="Products.ERP5Form.ProxyField"/>
-    </pickle>
-    <pickle>
-      <dictionary>
-        <item>
-            <key> <string>delegated_list</string> </key>
-            <value>
-              <list>
-                <string>default</string>
-                <string>description</string>
-                <string>title</string>
-              </list>
-            </value>
-        </item>
-        <item>
-            <key> <string>id</string> </key>
-            <value> <string>my_configuration_compute_node_install_command_line</string> </value>
-        </item>
-        <item>
-            <key> <string>message_values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>external_validator_failed</string> </key>
-                    <value> <string>The input failed the external validator.</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>overrides</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>tales</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>default</string> </key>
-                    <value>
-                      <persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
-                    </value>
-                </item>
-                <item>
-                    <key> <string>description</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>title</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>default</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>description</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string>my_string_field</string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string>Base_viewFieldLibrary</string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string>Click to edit the target</string> </value>
-                </item>
-                <item>
-                    <key> <string>title</string> </key>
-                    <value> <string>Compute Node Install Command Line</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-      </dictionary>
-    </pickle>
-  </record>
-  <record id="2" aka="AAAAAAAAAAI=">
-    <pickle>
-      <global name="TALESMethod" module="Products.Formulator.TALESField"/>
-    </pickle>
-    <pickle>
-      <dictionary>
-        <item>
-            <key> <string>_text</string> </key>
-            <value> <string>python: here.getLayoutProperty("configuration_compute_node_install_command_line", default="wget https://deploy.erp5.net/slapos ; bash slapos")</string> </value>
-        </item>
-      </dictionary>
-    </pickle>
-  </record>
-</ZopeData>
--- a/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_configuration_content_security_policy.xml
+++ b/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_configuration_content_security_policy.xml
-<?xml version="1.0"?>
-<ZopeData>
-  <record id="1" aka="AAAAAAAAAAE=">
-    <pickle>
-      <global name="ProxyField" module="Products.ERP5Form.ProxyField"/>
-    </pickle>
-    <pickle>
-      <dictionary>
-        <item>
-            <key> <string>delegated_list</string> </key>
-            <value>
-              <list>
-                <string>title</string>
-              </list>
-            </value>
-        </item>
-        <item>
-            <key> <string>id</string> </key>
-            <value> <string>my_configuration_content_security_policy</string> </value>
-        </item>
-        <item>
-            <key> <string>message_values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>external_validator_failed</string> </key>
-                    <value> <string>The input failed the external validator.</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>overrides</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>tales</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string>my_view_mode_reference</string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string>Base_viewFieldLibrary</string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string>Click to edit the target</string> </value>
-                </item>
-                <item>
-                    <key> <string>title</string> </key>
-                    <value> <string>Content Security Policy</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-      </dictionary>
-    </pickle>
-  </record>
-</ZopeData>
--- a/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_configuration_default_jio_document_page_gadget_url.xml
+++ b/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_configuration_default_jio_document_page_gadget_url.xml
-<?xml version="1.0"?>
-<ZopeData>
-  <record id="1" aka="AAAAAAAAAAE=">
-    <pickle>
-      <global name="ProxyField" module="Products.ERP5Form.ProxyField"/>
-    </pickle>
-    <pickle>
-      <dictionary>
-        <item>
-            <key> <string>delegated_list</string> </key>
-            <value>
-              <list>
-                <string>title</string>
-              </list>
-            </value>
-        </item>
-        <item>
-            <key> <string>id</string> </key>
-            <value> <string>my_configuration_default_jio_document_page_gadget_url</string> </value>
-        </item>
-        <item>
-            <key> <string>message_values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>external_validator_failed</string> </key>
-                    <value> <string>The input failed the external validator.</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>overrides</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>tales</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string>my_view_mode_reference</string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string>Base_viewFieldLibrary</string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string>Click to edit the target</string> </value>
-                </item>
-                <item>
-                    <key> <string>title</string> </key>
-                    <value> <string>Default Jio Document Page Gadget</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-      </dictionary>
-    </pickle>
-  </record>
-</ZopeData>
--- a/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_configuration_default_view_action_reference.xml
+++ b/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_configuration_default_view_action_reference.xml
-<?xml version="1.0"?>
-<ZopeData>
-  <record id="1" aka="AAAAAAAAAAE=">
-    <pickle>
-      <global name="ProxyField" module="Products.ERP5Form.ProxyField"/>
-    </pickle>
-    <pickle>
-      <dictionary>
-        <item>
-            <key> <string>delegated_list</string> </key>
-            <value>
-              <list>
-                <string>title</string>
-              </list>
-            </value>
-        </item>
-        <item>
-            <key> <string>id</string> </key>
-            <value> <string>my_configuration_default_view_action_reference</string> </value>
-        </item>
-        <item>
-            <key> <string>message_values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>external_validator_failed</string> </key>
-                    <value> <string>The input failed the external validator.</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>overrides</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>tales</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string>my_view_mode_reference</string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string>Base_viewFieldLibrary</string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string>Click to edit the target</string> </value>
-                </item>
-                <item>
-                    <key> <string>title</string> </key>
-                    <value> <string>Default View Action Reference</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-      </dictionary>
-    </pickle>
-  </record>
-</ZopeData>
--- a/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_configuration_frontpage_gadget_url.xml
+++ b/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_configuration_frontpage_gadget_url.xml
-<?xml version="1.0"?>
-<ZopeData>
-  <record id="1" aka="AAAAAAAAAAE=">
-    <pickle>
-      <global name="ProxyField" module="Products.ERP5Form.ProxyField"/>
-    </pickle>
-    <pickle>
-      <dictionary>
-        <item>
-            <key> <string>delegated_list</string> </key>
-            <value>
-              <list>
-                <string>title</string>
-              </list>
-            </value>
-        </item>
-        <item>
-            <key> <string>id</string> </key>
-            <value> <string>my_configuration_frontpage_gadget_url</string> </value>
-        </item>
-        <item>
-            <key> <string>message_values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>external_validator_failed</string> </key>
-                    <value> <string>The input failed the external validator.</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>overrides</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>tales</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string>my_view_mode_reference</string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string>Base_viewFieldLibrary</string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string>Click to edit the target</string> </value>
-                </item>
-                <item>
-                    <key> <string>title</string> </key>
-                    <value> <string>Front Page Gadget</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-      </dictionary>
-    </pickle>
-  </record>
-</ZopeData>
--- a/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_configuration_hateoas_url.xml
+++ b/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_configuration_hateoas_url.xml
-<?xml version="1.0"?>
-<ZopeData>
-  <record id="1" aka="AAAAAAAAAAE=">
-    <pickle>
-      <global name="ProxyField" module="Products.ERP5Form.ProxyField"/>
-    </pickle>
-    <pickle>
-      <dictionary>
-        <item>
-            <key> <string>delegated_list</string> </key>
-            <value>
-              <list>
-                <string>title</string>
-              </list>
-            </value>
-        </item>
-        <item>
-            <key> <string>id</string> </key>
-            <value> <string>my_configuration_hateoas_url</string> </value>
-        </item>
-        <item>
-            <key> <string>message_values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>external_validator_failed</string> </key>
-                    <value> <string>The input failed the external validator.</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>overrides</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>tales</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string>my_view_mode_reference</string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string>Base_viewFieldLibrary</string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string>Click to edit the target</string> </value>
-                </item>
-                <item>
-                    <key> <string>title</string> </key>
-                    <value> <string>Hateoas URL</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-      </dictionary>
-    </pickle>
-  </record>
-</ZopeData>
--- a/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_configuration_header_gadget_url.xml
+++ b/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_configuration_header_gadget_url.xml
-<?xml version="1.0"?>
-<ZopeData>
-  <record id="1" aka="AAAAAAAAAAE=">
-    <pickle>
-      <global name="ProxyField" module="Products.ERP5Form.ProxyField"/>
-    </pickle>
-    <pickle>
-      <dictionary>
-        <item>
-            <key> <string>delegated_list</string> </key>
-            <value>
-              <list>
-                <string>title</string>
-              </list>
-            </value>
-        </item>
-        <item>
-            <key> <string>id</string> </key>
-            <value> <string>my_configuration_header_gadget_url</string> </value>
-        </item>
-        <item>
-            <key> <string>message_values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>external_validator_failed</string> </key>
-                    <value> <string>The input failed the external validator.</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>overrides</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>tales</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string>my_view_mode_reference</string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string>Base_viewFieldLibrary</string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string>Click to edit the target</string> </value>
-                </item>
-                <item>
-                    <key> <string>title</string> </key>
-                    <value> <string>Header Gadget</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-      </dictionary>
-    </pickle>
-  </record>
-</ZopeData>
--- a/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_configuration_icon_url.xml
+++ b/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_configuration_icon_url.xml
-<?xml version="1.0"?>
-<ZopeData>
-  <record id="1" aka="AAAAAAAAAAE=">
-    <pickle>
-      <global name="ProxyField" module="Products.ERP5Form.ProxyField"/>
-    </pickle>
-    <pickle>
-      <dictionary>
-        <item>
-            <key> <string>delegated_list</string> </key>
-            <value>
-              <list>
-                <string>title</string>
-              </list>
-            </value>
-        </item>
-        <item>
-            <key> <string>id</string> </key>
-            <value> <string>my_configuration_icon_url</string> </value>
-        </item>
-        <item>
-            <key> <string>message_values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>external_validator_failed</string> </key>
-                    <value> <string>The input failed the external validator.</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>overrides</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>tales</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string>my_view_mode_reference</string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string>Base_viewFieldLibrary</string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string>Click to edit the target</string> </value>
-                </item>
-                <item>
-                    <key> <string>title</string> </key>
-                    <value> <string>Icon Url</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-      </dictionary>
-    </pickle>
-  </record>
-</ZopeData>
--- a/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_configuration_jio_gadget_url.xml
+++ b/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_configuration_jio_gadget_url.xml
-<?xml version="1.0"?>
-<ZopeData>
-  <record id="1" aka="AAAAAAAAAAE=">
-    <pickle>
-      <global name="ProxyField" module="Products.ERP5Form.ProxyField"/>
-    </pickle>
-    <pickle>
-      <dictionary>
-        <item>
-            <key> <string>delegated_list</string> </key>
-            <value>
-              <list>
-                <string>title</string>
-              </list>
-            </value>
-        </item>
-        <item>
-            <key> <string>id</string> </key>
-            <value> <string>my_configuration_jio_gadget_url</string> </value>
-        </item>
-        <item>
-            <key> <string>message_values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>external_validator_failed</string> </key>
-                    <value> <string>The input failed the external validator.</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>overrides</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>tales</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string>my_view_mode_reference</string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string>Base_viewFieldLibrary</string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string>Click to edit the target</string> </value>
-                </item>
-                <item>
-                    <key> <string>title</string> </key>
-                    <value> <string>Jio Gadget</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-      </dictionary>
-    </pickle>
-  </record>
-</ZopeData>
--- a/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_configuration_manifest_url.xml
+++ b/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_configuration_manifest_url.xml
-<?xml version="1.0"?>
-<ZopeData>
-  <record id="1" aka="AAAAAAAAAAE=">
-    <pickle>
-      <global name="ProxyField" module="Products.ERP5Form.ProxyField"/>
-    </pickle>
-    <pickle>
-      <dictionary>
-        <item>
-            <key> <string>delegated_list</string> </key>
-            <value>
-              <list>
-                <string>title</string>
-              </list>
-            </value>
-        </item>
-        <item>
-            <key> <string>id</string> </key>
-            <value> <string>my_configuration_manifest_url</string> </value>
-        </item>
-        <item>
-            <key> <string>message_values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>external_validator_failed</string> </key>
-                    <value> <string>The input failed the external validator.</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>overrides</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>tales</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string>my_view_mode_reference</string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string>Base_viewFieldLibrary</string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string>Click to edit the target</string> </value>
-                </item>
-                <item>
-                    <key> <string>title</string> </key>
-                    <value> <string>Manifest URL</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-      </dictionary>
-    </pickle>
-  </record>
-</ZopeData>
--- a/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_configuration_panel_gadget_url.xml
+++ b/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_configuration_panel_gadget_url.xml
-<?xml version="1.0"?>
-<ZopeData>
-  <record id="1" aka="AAAAAAAAAAE=">
-    <pickle>
-      <global name="ProxyField" module="Products.ERP5Form.ProxyField"/>
-    </pickle>
-    <pickle>
-      <dictionary>
-        <item>
-            <key> <string>delegated_list</string> </key>
-            <value>
-              <list>
-                <string>title</string>
-              </list>
-            </value>
-        </item>
-        <item>
-            <key> <string>id</string> </key>
-            <value> <string>my_configuration_panel_gadget_url</string> </value>
-        </item>
-        <item>
-            <key> <string>message_values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>external_validator_failed</string> </key>
-                    <value> <string>The input failed the external validator.</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>overrides</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>tales</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string>my_view_mode_reference</string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string>Base_viewFieldLibrary</string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string>Click to edit the target</string> </value>
-                </item>
-                <item>
-                    <key> <string>title</string> </key>
-                    <value> <string>Panel Gadget</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-      </dictionary>
-    </pickle>
-  </record>
-</ZopeData>
--- a/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_configuration_payment_url_template.xml
+++ b/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_configuration_payment_url_template.xml
-<?xml version="1.0"?>
-<ZopeData>
-  <record id="1" aka="AAAAAAAAAAE=">
-    <pickle>
-      <global name="ProxyField" module="Products.ERP5Form.ProxyField"/>
-    </pickle>
-    <pickle>
-      <dictionary>
-        <item>
-            <key> <string>delegated_list</string> </key>
-            <value>
-              <list>
-                <string>title</string>
-              </list>
-            </value>
-        </item>
-        <item>
-            <key> <string>id</string> </key>
-            <value> <string>my_configuration_payment_url_template</string> </value>
-        </item>
-        <item>
-            <key> <string>message_values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>external_validator_failed</string> </key>
-                    <value> <string>The input failed the external validator.</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>overrides</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>tales</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string>my_view_mode_reference</string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string>Base_viewFieldLibrary</string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string>Click to edit the target</string> </value>
-                </item>
-                <item>
-                    <key> <string>title</string> </key>
-                    <value> <string>Payment URL Template</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-      </dictionary>
-    </pickle>
-  </record>
-</ZopeData>
--- a/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_configuration_precache_manifest_script_list.xml
+++ b/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_configuration_precache_manifest_script_list.xml
-<?xml version="1.0"?>
-<ZopeData>
-  <record id="1" aka="AAAAAAAAAAE=">
-    <pickle>
-      <global name="ProxyField" module="Products.ERP5Form.ProxyField"/>
-    </pickle>
-    <pickle>
-      <dictionary>
-        <item>
-            <key> <string>delegated_list</string> </key>
-            <value>
-              <list>
-                <string>title</string>
-                <string>width</string>
-              </list>
-            </value>
-        </item>
-        <item>
-            <key> <string>id</string> </key>
-            <value> <string>my_configuration_precache_manifest_script_list</string> </value>
-        </item>
-        <item>
-            <key> <string>message_values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>external_validator_failed</string> </key>
-                    <value> <string>The input failed the external validator.</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>overrides</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>tales</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string>my_text_area_field</string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string>Base_viewFieldLibrary</string> </value>
-                </item>
-                <item>
-                    <key> <string>title</string> </key>
-                    <value> <string>Service Worker Precache Manifest Script List</string> </value>
-                </item>
-                <item>
-                    <key> <string>width</string> </key>
-                    <value> <int>40</int> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-      </dictionary>
-    </pickle>
-  </record>
-</ZopeData>
--- a/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_configuration_router_gadget_url.xml
+++ b/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_configuration_router_gadget_url.xml
-<?xml version="1.0"?>
-<ZopeData>
-  <record id="1" aka="AAAAAAAAAAE=">
-    <pickle>
-      <global name="ProxyField" module="Products.ERP5Form.ProxyField"/>
-    </pickle>
-    <pickle>
-      <dictionary>
-        <item>
-            <key> <string>delegated_list</string> </key>
-            <value>
-              <list>
-                <string>title</string>
-              </list>
-            </value>
-        </item>
-        <item>
-            <key> <string>id</string> </key>
-            <value> <string>my_configuration_router_gadget_url</string> </value>
-        </item>
-        <item>
-            <key> <string>message_values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>external_validator_failed</string> </key>
-                    <value> <string>The input failed the external validator.</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>overrides</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>tales</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string>my_view_mode_reference</string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string>Base_viewFieldLibrary</string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string>Click to edit the target</string> </value>
-                </item>
-                <item>
-                    <key> <string>title</string> </key>
-                    <value> <string>Router Gadget</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-      </dictionary>
-    </pickle>
-  </record>
-</ZopeData>
--- a/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_configuration_service_worker_url.xml
+++ b/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_configuration_service_worker_url.xml
-<?xml version="1.0"?>
-<ZopeData>
-  <record id="1" aka="AAAAAAAAAAE=">
-    <pickle>
-      <global name="ProxyField" module="Products.ERP5Form.ProxyField"/>
-    </pickle>
-    <pickle>
-      <dictionary>
-        <item>
-            <key> <string>delegated_list</string> </key>
-            <value>
-              <list>
-                <string>title</string>
-              </list>
-            </value>
-        </item>
-        <item>
-            <key> <string>id</string> </key>
-            <value> <string>my_configuration_service_worker_url</string> </value>
-        </item>
-        <item>
-            <key> <string>message_values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>external_validator_failed</string> </key>
-                    <value> <string>The input failed the external validator.</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>overrides</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>tales</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string>my_view_mode_reference</string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string>Base_viewFieldLibrary</string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string>Click to edit the target</string> </value>
-                </item>
-                <item>
-                    <key> <string>title</string> </key>
-                    <value> <string>Service Worker URL</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-      </dictionary>
-    </pickle>
-  </record>
-</ZopeData>
--- a/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_configuration_slapos_master_api.xml
+++ b/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_configuration_slapos_master_api.xml
-<?xml version="1.0"?>
-<ZopeData>
-  <record id="1" aka="AAAAAAAAAAE=">
-    <pickle>
-      <global name="ProxyField" module="Products.ERP5Form.ProxyField"/>
-    </pickle>
-    <pickle>
-      <dictionary>
-        <item>
-            <key> <string>delegated_list</string> </key>
-            <value>
-              <list>
-                <string>default</string>
-                <string>description</string>
-                <string>title</string>
-              </list>
-            </value>
-        </item>
-        <item>
-            <key> <string>id</string> </key>
-            <value> <string>my_configuration_slapos_master_api</string> </value>
-        </item>
-        <item>
-            <key> <string>message_values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>external_validator_failed</string> </key>
-                    <value> <string>The input failed the external validator.</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>overrides</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>tales</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>default</string> </key>
-                    <value>
-                      <persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
-                    </value>
-                </item>
-                <item>
-                    <key> <string>description</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>title</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>default</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>description</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string>my_string_field</string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string>Base_viewFieldLibrary</string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string>Click to edit the target</string> </value>
-                </item>
-                <item>
-                    <key> <string>title</string> </key>
-                    <value> <string>SlapOS Master API Url</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-      </dictionary>
-    </pickle>
-  </record>
-  <record id="2" aka="AAAAAAAAAAI=">
-    <pickle>
-      <global name="TALESMethod" module="Products.Formulator.TALESField"/>
-    </pickle>
-    <pickle>
-      <dictionary>
-        <item>
-            <key> <string>_text</string> </key>
-            <value> <string>python: here.getLayoutProperty("configuration_slapos_master_api", default="https://slap.vifib.com")</string> </value>
-        </item>
-      </dictionary>
-    </pickle>
-  </record>
-</ZopeData>
--- a/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_configuration_stylesheet_url.xml
+++ b/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_configuration_stylesheet_url.xml
-<?xml version="1.0"?>
-<ZopeData>
-  <record id="1" aka="AAAAAAAAAAE=">
-    <pickle>
-      <global name="ProxyField" module="Products.ERP5Form.ProxyField"/>
-    </pickle>
-    <pickle>
-      <dictionary>
-        <item>
-            <key> <string>delegated_list</string> </key>
-            <value>
-              <list>
-                <string>title</string>
-              </list>
-            </value>
-        </item>
-        <item>
-            <key> <string>id</string> </key>
-            <value> <string>my_configuration_stylesheet_url</string> </value>
-        </item>
-        <item>
-            <key> <string>message_values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>external_validator_failed</string> </key>
-                    <value> <string>The input failed the external validator.</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>overrides</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>tales</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string>my_view_mode_reference</string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string>Base_viewFieldLibrary</string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string>Click to edit the target</string> </value>
-                </item>
-                <item>
-                    <key> <string>title</string> </key>
-                    <value> <string>Stylesheet Url</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-      </dictionary>
-    </pickle>
-  </record>
-</ZopeData>
--- a/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_configuration_translation_gadget_url.xml
+++ b/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_configuration_translation_gadget_url.xml
-<?xml version="1.0"?>
-<ZopeData>
-  <record id="1" aka="AAAAAAAAAAE=">
-    <pickle>
-      <global name="ProxyField" module="Products.ERP5Form.ProxyField"/>
-    </pickle>
-    <pickle>
-      <dictionary>
-        <item>
-            <key> <string>delegated_list</string> </key>
-            <value>
-              <list>
-                <string>title</string>
-              </list>
-            </value>
-        </item>
-        <item>
-            <key> <string>id</string> </key>
-            <value> <string>my_configuration_translation_gadget_url</string> </value>
-        </item>
-        <item>
-            <key> <string>message_values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>external_validator_failed</string> </key>
-                    <value> <string>The input failed the external validator.</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>overrides</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>tales</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string>my_view_mode_reference</string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string>Base_viewFieldLibrary</string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string>Click to edit the target</string> </value>
-                </item>
-                <item>
-                    <key> <string>title</string> </key>
-                    <value> <string>Translation Gadget</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-      </dictionary>
-    </pickle>
-  </record>
-</ZopeData>
--- a/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_configuration_view_action_category.xml
+++ b/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_configuration_view_action_category.xml
-<?xml version="1.0"?>
-<ZopeData>
-  <record id="1" aka="AAAAAAAAAAE=">
-    <pickle>
-      <global name="ProxyField" module="Products.ERP5Form.ProxyField"/>
-    </pickle>
-    <pickle>
-      <dictionary>
-        <item>
-            <key> <string>delegated_list</string> </key>
-            <value>
-              <list>
-                <string>title</string>
-              </list>
-            </value>
-        </item>
-        <item>
-            <key> <string>id</string> </key>
-            <value> <string>my_configuration_view_action_category</string> </value>
-        </item>
-        <item>
-            <key> <string>message_values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>external_validator_failed</string> </key>
-                    <value> <string>The input failed the external validator.</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>overrides</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>tales</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string>my_view_mode_reference</string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string>Base_viewFieldLibrary</string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string>Click to edit the target</string> </value>
-                </item>
-                <item>
-                    <key> <string>title</string> </key>
-                    <value> <string>View Action Category</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-      </dictionary>
-    </pickle>
-  </record>
-</ZopeData>
--- a/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_configuration_wallpaper_url.xml
+++ b/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_configuration_wallpaper_url.xml
-<?xml version="1.0"?>
-<ZopeData>
-  <record id="1" aka="AAAAAAAAAAE=">
-    <pickle>
-      <global name="ProxyField" module="Products.ERP5Form.ProxyField"/>
-    </pickle>
-    <pickle>
-      <dictionary>
-        <item>
-            <key> <string>delegated_list</string> </key>
-            <value>
-              <list>
-                <string>title</string>
-              </list>
-            </value>
-        </item>
-        <item>
-            <key> <string>id</string> </key>
-            <value> <string>my_configuration_wallpaper_url</string> </value>
-        </item>
-        <item>
-            <key> <string>message_values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>external_validator_failed</string> </key>
-                    <value> <string>The input failed the external validator.</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>overrides</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>tales</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string>my_view_mode_reference</string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string>Base_viewFieldLibrary</string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string>Click to edit the target</string> </value>
-                </item>
-                <item>
-                    <key> <string>title</string> </key>
-                    <value> <string>Wallpaper</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-      </dictionary>
-    </pickle>
-  </record>
-</ZopeData>
--- a/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_configuration_webapp_manifest_url.xml
+++ b/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_configuration_webapp_manifest_url.xml
-<?xml version="1.0"?>
-<ZopeData>
-  <record id="1" aka="AAAAAAAAAAE=">
-    <pickle>
-      <global name="ProxyField" module="Products.ERP5Form.ProxyField"/>
-    </pickle>
-    <pickle>
-      <dictionary>
-        <item>
-            <key> <string>delegated_list</string> </key>
-            <value>
-              <list>
-                <string>title</string>
-              </list>
-            </value>
-        </item>
-        <item>
-            <key> <string>id</string> </key>
-            <value> <string>my_configuration_webapp_manifest_url</string> </value>
-        </item>
-        <item>
-            <key> <string>message_values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>external_validator_failed</string> </key>
-                    <value> <string>The input failed the external validator.</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>overrides</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>tales</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string>my_view_mode_reference</string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string>Base_viewFieldLibrary</string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string>Click to edit the target</string> </value>
-                </item>
-                <item>
-                    <key> <string>title</string> </key>
-                    <value> <string>Web App Manifest</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-      </dictionary>
-    </pickle>
-  </record>
-</ZopeData>
--- a/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_configuration_x_frame_options.xml
+++ b/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_configuration_x_frame_options.xml
-<?xml version="1.0"?>
-<ZopeData>
-  <record id="1" aka="AAAAAAAAAAE=">
-    <pickle>
-      <global name="ProxyField" module="Products.ERP5Form.ProxyField"/>
-    </pickle>
-    <pickle>
-      <dictionary>
-        <item>
-            <key> <string>delegated_list</string> </key>
-            <value>
-              <list>
-                <string>default</string>
-                <string>description</string>
-                <string>title</string>
-              </list>
-            </value>
-        </item>
-        <item>
-            <key> <string>id</string> </key>
-            <value> <string>my_configuration_x_frame_options</string> </value>
-        </item>
-        <item>
-            <key> <string>message_values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>external_validator_failed</string> </key>
-                    <value> <string>The input failed the external validator.</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>overrides</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>tales</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>default</string> </key>
-                    <value>
-                      <persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
-                    </value>
-                </item>
-                <item>
-                    <key> <string>description</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>title</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>default</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>description</string> </key>
-                    <value> <string>Set Value to "ALLOW-FROM-ALL" to disable this header</string> </value>
-                </item>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string>my_string_field</string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string>Base_viewFieldLibrary</string> </value>
-                </item>
-                <item>
-                    <key> <string>target</string> </key>
-                    <value> <string>Click to edit the target</string> </value>
-                </item>
-                <item>
-                    <key> <string>title</string> </key>
-                    <value> <string>X-Frame-Options</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-      </dictionary>
-    </pickle>
-  </record>
-  <record id="2" aka="AAAAAAAAAAI=">
-    <pickle>
-      <global name="TALESMethod" module="Products.Formulator.TALESField"/>
-    </pickle>
-    <pickle>
-      <dictionary>
-        <item>
-            <key> <string>_text</string> </key>
-            <value> <string>python: here.getLayoutProperty("configuration_x_frame_options", default="SAMEORIGIN")</string> </value>
-        </item>
-      </dictionary>
-    </pickle>
-  </record>
-</ZopeData>
--- a/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_modification_date.xml
+++ b/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_erp5/WebSection_viewSlapOSRenderJSPreference/my_modification_date.xml
-<?xml version="1.0"?>
-<ZopeData>
-  <record id="1" aka="AAAAAAAAAAE=">
-    <pickle>
-      <global name="ProxyField" module="Products.ERP5Form.ProxyField"/>
-    </pickle>
-    <pickle>
-      <dictionary>
-        <item>
-            <key> <string>delegated_list</string> </key>
-            <value>
-              <list>
-                <string>date_only</string>
-                <string>editable</string>
-                <string>title</string>
-              </list>
-            </value>
-        </item>
-        <item>
-            <key> <string>id</string> </key>
-            <value> <string>my_modification_date</string> </value>
-        </item>
-        <item>
-            <key> <string>message_values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>external_validator_failed</string> </key>
-                    <value> <string>The input failed the external validator.</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>overrides</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>tales</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string></string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-        <item>
-            <key> <string>values</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>date_only</string> </key>
-                    <value> <int>0</int> </value>
-                </item>
-                <item>
-                    <key> <string>editable</string> </key>
-                    <value> <int>0</int> </value>
-                </item>
-                <item>
-                    <key> <string>field_id</string> </key>
-                    <value> <string>my_date_time_field</string> </value>
-                </item>
-                <item>
-                    <key> <string>form_id</string> </key>
-                    <value> <string>Base_viewFieldLibrary</string> </value>
-                </item>
-                <item>
-                    <key> <string>title</string> </key>
-                    <value> <string>Service Worker Cache Key</string> </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-      </dictionary>
-    </pickle>
-  </record>
-</ZopeData>
--- a/master/bt5/slapos_erp5/TestTemplateItem/portal_components/test.erp5.testSlapOSAuthenticationPolicy.py
+++ b/master/bt5/slapos_erp5/TestTemplateItem/portal_components/test.erp5.testSlapOSAuthenticationPolicy.py
@@ -64,10 +64,7 @@ class TestSlapOSAuthenticationPolicyL(SlapOSTestCaseMixin):
  def _makeDummySoftwareInstance(self):
    software_instance = self.portal.software_instance_module\
-        .template_software_instance.Base_createCloneDocument(batch_mode=1)
+        .newContent(portal_type="Software Instance")
-    software_instance = self.portal.software_instance_module\
-        .template_software_instance.Base_createCloneDocument(batch_mode=1)
    software_instance.edit(
        title=self.generateNewSoftwareTitle(),
@@ -212,20 +209,6 @@ class TestSlapOSAuthenticationPolicyL(SlapOSTestCaseMixin):
      document=person,
      login_portal_type="ERP5 Login")
-<<<<<<< HEAD
-=======
-  def test_expire_ERP5Login_without_password_on_compute_node(self):
-    self._test_expire_when_passoword_is_set(
-      document=self._makeComputeNode(self.addProject())[0],
-      login_portal_type="ERP5 Login"
-    )
-  def test_expire_ERP5Login_without_password_on_software_instance(self):
-    self._test_expire_when_passoword_is_set(
-      document=self._makeDummySoftwareInstance(),
-      login_portal_type="ERP5 Login")
->>>>>>> df93206e7 (slapos_erp5: project needed when create person/compute node)
  def test_expire_CertificateLogin_without_password_on_person(self):
    person = self.makePerson(self.addProject(), user=0)
    person.edit(

--- a/master/bt5/slapos_erp5/TestTemplateItem/portal_components/test.erp5.testSlapOSCodingStyle.py
+++ b/master/bt5/slapos_erp5/TestTemplateItem/portal_components/test.erp5.testSlapOSCodingStyle.py
@@ -71,10 +71,21 @@ def makeTestSlapOSCodingStyleTestCase(tested_business_template):
      CodingStyleTestCase.coverage_ignore_path_list = [
        'erp5_interaction_drop/InvoiceTransaction_postGeneration',
+        'slapos_cloud/AllocationSupplyCell_asPredicate',
+        'slapos_cloud/AllocationSupplyLine_asPredicate',
+        'slapos_cloud/ERP5Type_asSecurityGroupId',
+        'slapos_cloud/InstanceTree_getDefaultImageAbsoluteUrl',
+        'slapos_cloud/InstanceTree_getSoftwareProduct',
+        'slapos_cloud/InstanceTree_requestParameterChange',
+        'slapos_cloud/OneTimeVirtualMasterAccessToken_getUserValue',
+        'slapos_cloud/Project_getSoftwareProductPredicateList',
+        'slapos_cloud/SoftwareInstallation_getInstallationState',
        'slapos_cloud/AlarmTool_checkComputeNodeMigrationConsistency',
        'slapos_cloud/AlarmTool_checkInstanceTreeMigrationConsistency',
        'slapos_cloud/AlarmTool_checkPredecessorToSuccessorMigrationConsistency',
        'slapos_cloud/ComputeNode_afterClone',
+        'slapos_cloud/InstanceNode_afterClone',
+        'slapos_cloud/RemoteNode_afterClone',
        'slapos_cloud/ComputeNode_applyComputerModel',
        'slapos_cloud/ComputeNode_getBusyComputePartitionList',
        'slapos_cloud/ComputeNode_getFreeComputePartitionCount',
@@ -83,8 +94,9 @@ def makeTestSlapOSCodingStyleTestCase(tested_business_template):
        'slapos_cloud/ComputeNode_getSoftwareReleaseUsage',
        'slapos_cloud/ComputeNode_getUsageReportUrl',
        'slapos_cloud/ComputeNode_init',
+        'slapos_cloud/InstanceNode_init',
+        'slapos_cloud/RemoteNode_init',
        'slapos_cloud/ComputePartition_getAvailableSoftwareReleaseUrlStringList',
-        'slapos_cloud/ComputePartition_getCustomAllocationParameterDict',
        'slapos_cloud/ComputePartition_getInstanceTreeUrlString',
        'slapos_cloud/ComputePartition_getInstanceUrlString',
        'slapos_cloud/ComputePartition_getLastestContactedDate',
@@ -96,21 +108,12 @@ def makeTestSlapOSCodingStyleTestCase(tested_business_template):
        'slapos_cloud/ComputePartition_isFreeForRequest',
        'slapos_cloud/ComputerNetwork_afterClone',
        'slapos_cloud/ComputerNetwork_getSoftwareInstanceAmount',
-        'slapos_cloud/ComputerNetwork_getSoftwareReleaseAllocableState',
-        'slapos_cloud/ERP5Type_asSecurityGroupId',
-        'slapos_cloud/InstanceTree_getDefaultImageAbsoluteUrl',
-        'slapos_cloud/InstanceTree_requestDestroy',
-        'slapos_cloud/InstanceTree_requestStart',
-        'slapos_cloud/InstanceTree_requestStop',
-        'slapos_cloud/InstanceTree_requestParameterChange',
        'slapos_cloud/Organisation_afterClone',
        'slapos_cloud/Organisation_init',
        'slapos_cloud/Person_findPartition',
        'slapos_cloud/Project_getComputeNodeReferenceList',
        'slapos_cloud/Project_init',
        'slapos_cloud/Resource_zGetTrackingList',
-        'slapos_cloud/SoftwareInstallation_requestDestruction',
-        'slapos_cloud/SoftwareInstallation_getInstallationState',
        'slapos_cloud/SoftwareInstance_afterClone',
        'slapos_cloud/SoftwareInstance_checkPredecessorToSuccessorMigrationConsistency',
        'slapos_cloud/SoftwareInstance_getComputeNodeUrl',
@@ -126,7 +129,6 @@ def makeTestSlapOSCodingStyleTestCase(tested_business_template):
        'slapos_cloud/SoftwareInstance_checkDuplicationOnInstanceTreeConsistency',
        'slapos_cloud/ComputerNetwork_getRelatedSoftwareReleaseList',
        'slapos_crm_monitoring/ComputeNode_checkInstanceOnCloseAllocation',
-        'slapos_crm_monitoring/SiteMessage_setSlapOSUserSourceAndDestinatationList',
        'slapos_crm_monitoring/SupportRequestModule_exportMonitoringOPMLDescriptionList',
        'slapos_crm_monitoring/SupportRequestModule_getInstanceMessageList',
        'slapos_crm_monitoring/SupportRequestModule_getMonitoringOPMLDescriptionList',
@@ -137,17 +139,17 @@ def makeTestSlapOSCodingStyleTestCase(tested_business_template):
        'slapos_crm_monitoring/Event_checkCustomerAsSourceOrDestinationConsistency',
        'slapos_crm_monitoring/SupportRequest_checkCausalitySourceDestinationConsistency',
        'slapos_crm_monitoring/SupportRequest_getLastEvent',
-        'slapos_crm/Person_getSubscriptionRequestFirstUnpaidInvoiceList',
+        'slapos_crm_monitoring/Entity_createTicketFromTradeCondition',
+        'slapos_crm_monitoring/Project_createSupportRequestWithCausality',
        'slapos_crm/RegularisationRequest_afterClone',
        'slapos_crm/RegularisationRequest_getResourceItemList',
        'slapos_crm/RegularisationRequest_init',
        'slapos_pdm/UpgradeDecision_afterClone',
        'slapos_pdm/UpgradeDecision_getResourceItemList',
        'slapos_pdm/UpgradeDecision_init',
-        'slapos_contract/CloudContractLine_getRemainingInvoiceCredit',
+        'slapos_pdm/UpgradeDecision_getAggregateUrlString',
        'slapos_simulation/DeliveryBuilder_selectSlapOSConfirmedInvoiceList',
        'slapos_simulation/DeliveryBuilder_selectSlapOSMovement',
-        'slapos_simulation/InstanceTree_getRuleReference',
        'slapos_simulation/PackingList_getRuleReference',
        'slapos_simulation/PaymentTransaction_getRuleReference',
        'slapos_simulation/SaleInvoiceTransaction_postSlapOSGeneration',
@@ -160,9 +162,6 @@ def makeTestSlapOSCodingStyleTestCase(tested_business_template):
        'slapos_simulation/SimulationMovement_testInvoiceTransactionSimulationRule',
        'slapos_simulation/SimulationMovement_testPaymentSimulationRule',
        'slapos_simulation/SimulationMovement_testTradeModelSimulationRule',
-        'slapos_accounting/Base_testSlapOSValidTradeCondition',
-        'slapos_accounting/OrderBuilder_generateSlapOSAggregatedMovementList',
-        'slapos_accounting/OrderBuilder_selectSlapOSAggregatedDeliveryList',
        'slapos_accounting/PaymentTransaction_getExternalPaymentId',
        'slapos_accounting/PaymentTransaction_postOrderBuild',
        'slapos_accounting/SaleInvoiceTransaction_init',
@@ -172,12 +171,6 @@ def makeTestSlapOSCodingStyleTestCase(tested_business_template):
        'slapos_accounting/PaymentTransaction_redirectToManualFreePayment',
        'slapos_accounting/PaymentTransaction_redirectToManualContactUsPayment',
        'slapos_accounting/SalePackingList_jumpToRelatedAggregatedSalePackingList',
-        'slapos_accounting/SalePackingList_jumpToRelatedGroupedSalePackingList',
-        'slapos_accounting/SalePackingList_postSlapOSAggregatedDeliveryBuilder',
-        'slapos_accounting/SubscriptionRequest_getAggregatedConsumptionDelivery',
-        'slapos_accounting/SubscriptionRequest_setAggregatedConsumptionDelivery',
-        'slapos_configurator/BusinessConfiguration_runPostUpgradeConsistency',
-        'slapos_configurator/BusinessConfiguration_setupSlapOSMasterStandardBT5',
        'slapos_consumption/Base_getConsumptionListAsODSReport',
        'slapos_consumption/Base_getResourceServiceTitleUitList',
        'slapos_consumption/Base_getUserConsumptionDetailList',
@@ -206,14 +199,6 @@ def makeTestSlapOSCodingStyleTestCase(tested_business_template):
        'slapos_upgrader/ERP5Site_upgradeUpgraderBusinessTemplate',
        'slapos_rss_style/SubscriptionRequest_getRSSDescription',
        'slapos_rss_style/WebSection_getLegacyMessageList',
-        'slapos_subscription_request/Person_applyContractInvitation',
-        'slapos_subscription_request/SubscriptionRequestModule_notifyActiveSubscriberList',
-        'slapos_subscription_request/SubscriptionRequest_checkRelatedAccounting',
-        'slapos_subscription_request/SubscriptionRequest_generateReservationRefoundSalePackingList',
-        'slapos_subscription_request/SubscriptionRequest_getRelatedAccountingTransactionList',
-        'slapos_subscription_request/SubscriptionRequest_notifyPaymentIsReady',
-        'slapos_subscription_request/SubscriptionRequest_processStopped',
-        'slapos_subscription_request/SubscriptionRequest_testSkippedReservationFree',
        'slapos_hal_json_style/AccountingTransaction_getPaymentStateAsHateoas',
        'slapos_hal_json_style/AcknowledgementTool_getUserUnreadAcknowledgementValueList',
        'slapos_hal_json_style/Base_getComputerToken',
@@ -286,8 +271,6 @@ def makeTestSlapOSCodingStyleTestCase(tested_business_template):
        'slapos_administration/z_get_uid_group_from_roles_and_users',
        'slapos_administration/SoftwareInstance_renewCertificate',
        'slapos_core/Base_updateSlapOSLocalRolesOnSecurityGroups',
-        'slapos_core/ComputePartition_getSecurityCategoryFromUser',
-        'slapos_core/ERP5Type_getSecurityCategoryFromAggregateRelatedSoftwareInstanceInstanceTree',
        'slapos_core/ERP5Type_getSecurityCategoryMapping',
        'slapos_core/SlaveInstance_getSecurityCategoryFromSoftwareInstance',
        'slapos_disaster_recovery/ERP5Site_checkDeletedDocumentList',

--- a/master/bt5/slapos_erp5/TestTemplateItem/portal_components/test.erp5.testSlapOSCoreSkins.py
+++ b/master/bt5/slapos_erp5/TestTemplateItem/portal_components/test.erp5.testSlapOSCoreSkins.py
@@ -209,43 +209,6 @@ class TestPayzenEvent_getSecurityCategoryFromUserr(TestSlapOSCoreMixin):
    self.assertEqual({'Assignee': [shadow_user_id]},
      self.portal.PayzenEvent_getSecurityCategoryFromUser(["couscous", "destination_section"], None, event, None)) 
-class TestComputeNode_getSecurityCategoryFromAllocationScope(TestSlapOSCoreMixin):
-  def test(self):
-    person = self.createPerson()
-    node = self.portal.compute_node_module.newContent(
-      portal_type='Compute Node', source_administration_value=person)
-    self.assertEqual([],
-      self.portal.ComputeNode_getSecurityCategoryFromAllocationScope([], None, None, None))
-    self.assertEqual([],
-      self.portal.ComputeNode_getSecurityCategoryFromAllocationScope([], None, node, None)) 
-    self.assertEqual([],
-      self.portal.ComputeNode_getSecurityCategoryFromAllocationScope(["destination_section"], None, node, None)) 
-    node.setAllocationScope('open/personal')
-    shadow_user_id = 'SHADOW-%s' % person.getUserId()
-    self.assertEqual({'Auditor': [shadow_user_id]},
-      self.portal.ComputeNode_getSecurityCategoryFromAllocationScope([], None, node, None)) 
-    self.assertEqual({'Auditor': [shadow_user_id]},
-      self.portal.ComputeNode_getSecurityCategoryFromAllocationScope(["destination_section"], None, node, None)) 
-    node.setAllocationScope('open/subscription')
-    self.assertEqual({'Auditor': ["R-SHADOW-PERSON"]},
-      self.portal.ComputeNode_getSecurityCategoryFromAllocationScope([], None, node, None)) 
-    self.assertEqual({'Auditor': ["R-SHADOW-PERSON"]},
-      self.portal.ComputeNode_getSecurityCategoryFromAllocationScope(["destination_section"], None, node, None)) 
-    node.setAllocationScope('open/public')
-    self.assertEqual({'Auditor': ["R-SHADOW-PERSON"]},
-      self.portal.ComputeNode_getSecurityCategoryFromAllocationScope([], None, node, None)) 
-    self.assertEqual({'Auditor': ["R-SHADOW-PERSON"]},
-      self.portal.ComputeNode_getSecurityCategoryFromAllocationScope(["destination_section"], None, node, None)) 
 class TestERP5Type_getSecurityCategoryFromChildAssignmentList(TestSlapOSCoreMixin):
  def test(self):
@@ -272,655 +235,3 @@ class TestERP5Type_getSecurityCategoryFromChildAssignmentList(TestSlapOSCoreMixi
      self.portal.ERP5Type_getSecurityCategoryFromChildAssignmentList(
        ["destination_section", "destination_project"], None, person, None))
-class TestSoftwareInstance_getSecurityCategoryFromMovementSpecialiseDestinationProject(TestSlapOSCoreMixin):
-  def test(self):
-    person = self.createPerson()
-    instance_tree = self.createInstanceTree(person)
-    instance = self.portal.software_instance_module.newContent(
-      portal_type='Software Instance')
-    self.assertEqual([],
-      self.portal.SoftwareInstance_getSecurityCategoryFromMovementSpecialiseDestinationProject(
-        [], None, None, None)) 
-    self.assertEqual([],
-      self.portal.SoftwareInstance_getSecurityCategoryFromMovementSpecialiseDestinationProject(
-        [], None, instance, None)) 
-    instance.edit(specialise=instance_tree.getRelativeUrl())
-    project = self.portal.project_module.newContent(
-        portal_type='Project')
-    self.tic()
-    self.login(person.getUserId())
-    instance_tree.requestTransfer(
-      destination_project=project.getRelativeUrl(),
-      destination=None)
-    self.login()
-    self.tic()
-    self.assertEqual([],
-      self.portal.SoftwareInstance_getSecurityCategoryFromMovementSpecialiseDestinationProject(
-        [], None, None, None)) 
-    self.assertEqual([{'destination_project': [project.getRelativeUrl()]}],
-      self.portal.SoftwareInstance_getSecurityCategoryFromMovementSpecialiseDestinationProject(
-        [], None, instance, None)) 
-    self.assertEqual([{'destination_project': [project.getRelativeUrl()]}],
-      self.portal.SoftwareInstance_getSecurityCategoryFromMovementSpecialiseDestinationProject(
-        ["destination_section"], None, instance, None)) 
-    self.assertEqual([{'destination_project': [project.getRelativeUrl()]}],
-      self.portal.SoftwareInstance_getSecurityCategoryFromMovementSpecialiseDestinationProject(
-        ["destination_project"], None, instance, None)) 
-    self.assertEqual([{'destination_project': [project.getRelativeUrl()]}],
-      self.portal.SoftwareInstance_getSecurityCategoryFromMovementSpecialiseDestinationProject(
-        ["destination_section", "destination_project"], None, instance, None))
-class TestSoftwareInstance_getSecurityCategoryFromMovementSpecialiseDestination(TestSlapOSCoreMixin):
-  def test(self):
-    person = self.createPerson()
-    instance_tree = self.createInstanceTree(person)
-    instance = self.portal.software_instance_module.newContent(
-      portal_type='Software Instance')
-    self.assertEqual([],
-      self.portal.SoftwareInstance_getSecurityCategoryFromMovementSpecialiseDestination(
-        [], None, None, None)) 
-    self.assertEqual([],
-      self.portal.SoftwareInstance_getSecurityCategoryFromMovementSpecialiseDestination(
-        [], None, instance, None)) 
-    instance.edit(specialise=instance_tree.getRelativeUrl())
-    org = self.portal.organisation_module.newContent(
-        portal_type='Organisation')
-    self.tic()
-    self.login(person.getUserId())
-    instance_tree.requestTransfer(
-      destination_project=None,
-      destination=org.getRelativeUrl())
-    self.login()
-    self.tic()
-    self.assertEqual([],
-      self.portal.SoftwareInstance_getSecurityCategoryFromMovementSpecialiseDestination(
-        [], None, None, None)) 
-    self.assertEqual([{'destination': [org.getRelativeUrl()]}],
-      self.portal.SoftwareInstance_getSecurityCategoryFromMovementSpecialiseDestination(
-        [], None, instance, None)) 
-    self.assertEqual([{'destination': [org.getRelativeUrl()]}],
-      self.portal.SoftwareInstance_getSecurityCategoryFromMovementSpecialiseDestination(
-        ["destination_section"], None, instance, None)) 
-    self.assertEqual([{'destination': [org.getRelativeUrl()]}],
-      self.portal.SoftwareInstance_getSecurityCategoryFromMovementSpecialiseDestination(
-        ["destination"], None, instance, None)) 
-    self.assertEqual([{'destination': [org.getRelativeUrl()]}],
-      self.portal.SoftwareInstance_getSecurityCategoryFromMovementSpecialiseDestination(
-        ["destination_section", "destination_project"], None, instance, None))
-class TestItem_getSecurityCategoryFromMovementDestination(TestSlapOSCoreMixin):
-  def test(self):
-    person = self.createPerson()
-    node = self.createComputeNode(person)
-    org = self.portal.organisation_module.newContent(
-        portal_type='Organisation')
-    self.tic()
-    self.login(person.getUserId())
-    node.requestTransfer(
-      destination_project=None,
-      destination_section=None,
-      destination=org.getRelativeUrl())
-    self.login()
-    self.tic()
-    self.assertEqual([],
-      self.portal.Item_getSecurityCategoryFromMovementDestination(
-        [], None, None, None)) 
-    self.assertEqual([{'destination': [org.getRelativeUrl()]}],
-      self.portal.Item_getSecurityCategoryFromMovementDestination(
-        [], None, node, None)) 
-    self.assertEqual([{'destination': [org.getRelativeUrl()]}],
-      self.portal.Item_getSecurityCategoryFromMovementDestination(
-        ["destination_section"], None, node, None)) 
-    self.assertEqual([{'destination': [org.getRelativeUrl()]}],
-      self.portal.Item_getSecurityCategoryFromMovementDestination(
-        ["destination"], None, node, None)) 
-    self.assertEqual([{'destination': [org.getRelativeUrl()]}],
-      self.portal.Item_getSecurityCategoryFromMovementDestination(
-        ["destination_section", "destination_project"], None, node, None))
-class TestItem_getSecurityCategoryFromMovementDestinationSection(TestSlapOSCoreMixin):
-  def test(self):
-    person = self.createPerson()
-    node = self.createComputeNode(person)
-    org = self.portal.organisation_module.newContent(
-        portal_type='Organisation')
-    self.tic()
-    self.login(person.getUserId())
-    node.requestTransfer(
-      destination_project=None,
-      destination=org.getRelativeUrl(),
-      destination_section=org.getRelativeUrl())
-    self.login()
-    self.tic()
-    self.assertEqual([],
-      self.portal.Item_getSecurityCategoryFromMovementDestinationSection(
-        [], None, None, None)) 
-    self.assertEqual([{'destination_section': [org.getRelativeUrl()]}],
-      self.portal.Item_getSecurityCategoryFromMovementDestinationSection(
-        [], None, node, None)) 
-    self.assertEqual([{'destination_section': [org.getRelativeUrl()]}],
-      self.portal.Item_getSecurityCategoryFromMovementDestinationSection(
-        ["destination_section"], None, node, None)) 
-    self.assertEqual([{'destination_section': [org.getRelativeUrl()]}],
-      self.portal.Item_getSecurityCategoryFromMovementDestinationSection(
-        ["destination"], None, node, None)) 
-    self.assertEqual([{'destination_section': [org.getRelativeUrl()]}],
-      self.portal.Item_getSecurityCategoryFromMovementDestinationSection(
-        ["destination_section", "destination_project"], None, node, None))
-class TestItem_getSecurityCategoryFromMovementDestinationProject(TestSlapOSCoreMixin):
-  def test(self):
-    person = self.createPerson()
-    node = self.createComputeNode(person)
-    org = self.portal.organisation_module.newContent(
-        portal_type='Organisation')
-    project = self.portal.project_module.newContent(
-        portal_type='Project')
-    self.tic()
-    self.login(person.getUserId())
-    node.requestTransfer(
-      destination_project=project.getRelativeUrl(),
-      destination=org.getRelativeUrl(),
-      destination_section=None)
-    self.login()
-    self.tic()
-    self.assertEqual([],
-      self.portal.Item_getSecurityCategoryFromMovementDestinationProject(
-        [], None, None, None)) 
-    self.assertEqual([{'destination_project': [project.getRelativeUrl()]}],
-      self.portal.Item_getSecurityCategoryFromMovementDestinationProject(
-        [], None, node, None)) 
-    self.assertEqual([{'destination_project': [project.getRelativeUrl()]}],
-      self.portal.Item_getSecurityCategoryFromMovementDestinationProject(
-        ["destination_section"], None, node, None)) 
-    self.assertEqual([{'destination_project': [project.getRelativeUrl()]}],
-      self.portal.Item_getSecurityCategoryFromMovementDestinationProject(
-        ["destination"], None, node, None)) 
-    self.assertEqual([{'destination_project': [project.getRelativeUrl()]}],
-      self.portal.Item_getSecurityCategoryFromMovementDestinationProject(
-        ["destination_section", "destination_project"], None, node, None))
-class TestItem_getSecurityCategoryFromMovementLineAggregateDestination(TestSlapOSCoreMixin):
-  def test(self):
-    person = self.createPerson()
-    instance_tree = self.createInstanceTree(person)
-    ud = self.portal.upgrade_decision_module.newContent(
-      portal_type="Upgrade Decision")
-    ud.newContent(
-      portal_type="Upgrade Decision Line",
-      aggregate=instance_tree.getRelativeUrl())
-    org = self.portal.organisation_module.newContent(
-        portal_type='Organisation')
-    self.tic()
-    self.login(person.getUserId())
-    instance_tree.requestTransfer(
-      destination_project=None,
-      destination_section=None,
-      destination=org.getRelativeUrl())
-    self.login()
-    self.tic()
-    self.assertEqual([],
-      self.portal.Item_getSecurityCategoryFromMovementLineAggregateDestination(
-        [], None, None, None)) 
-    self.assertEqual([{'destination': [org.getRelativeUrl()]}],
-      self.portal.Item_getSecurityCategoryFromMovementLineAggregateDestination(
-        [], None, ud, None)) 
-    self.assertEqual([{'destination': [org.getRelativeUrl()]}],
-      self.portal.Item_getSecurityCategoryFromMovementLineAggregateDestination(
-        ["destination_section"], None, ud, None)) 
-    self.assertEqual([{'destination': [org.getRelativeUrl()]}],
-      self.portal.Item_getSecurityCategoryFromMovementLineAggregateDestination(
-        ["destination"], None, ud, None)) 
-    self.assertEqual([{'destination': [org.getRelativeUrl()]}],
-      self.portal.Item_getSecurityCategoryFromMovementLineAggregateDestination(
-        ["destination_section", "destination_project"], None, ud, None))
-class TestItem_getSecurityCategoryFromMovementLineAggregateComputeNodeDestinationSection(TestSlapOSCoreMixin):
-  def test(self):
-    person = self.createPerson()
-    node = self.createComputeNode(person)
-    ud = self.portal.upgrade_decision_module.newContent(
-      portal_type="Upgrade Decision")
-    ud.newContent(
-      portal_type="Upgrade Decision Line",
-      aggregate=node.getRelativeUrl())
-    org = self.portal.organisation_module.newContent(
-        portal_type='Organisation')
-    self.tic()
-    self.login(person.getUserId())
-    node.requestTransfer(
-      destination_project=None,
-      destination=org.getRelativeUrl(),
-      destination_section=org.getRelativeUrl())
-    self.login()
-    self.tic()
-    self.assertEqual([],
-      self.portal.Item_getSecurityCategoryFromMovementLineAggregateComputeNodeDestinationSection(
-        [], None, None, None)) 
-    self.assertEqual([{'destination_section': [org.getRelativeUrl()]}],
-      self.portal.Item_getSecurityCategoryFromMovementLineAggregateComputeNodeDestinationSection(
-        [], None, ud, None)) 
-    self.assertEqual([{'destination_section': [org.getRelativeUrl()]}],
-      self.portal.Item_getSecurityCategoryFromMovementLineAggregateComputeNodeDestinationSection(
-        ["destination_section"], None, ud, None)) 
-    self.assertEqual([{'destination_section': [org.getRelativeUrl()]}],
-      self.portal.Item_getSecurityCategoryFromMovementLineAggregateComputeNodeDestinationSection(
-        ["destination"], None, ud, None)) 
-    self.assertEqual([{'destination_section': [org.getRelativeUrl()]}],
-      self.portal.Item_getSecurityCategoryFromMovementLineAggregateComputeNodeDestinationSection(
-        ["destination_section", "destination_project"], None, ud, None))
-class TestItem_getSecurityCategoryFromMovementLineAggregateDestinationProject(TestSlapOSCoreMixin):
-  def test(self):
-    person = self.createPerson()
-    node = self.createComputeNode(person)
-    ud = self.portal.upgrade_decision_module.newContent(
-      portal_type="Upgrade Decision")
-    ud.newContent(
-      portal_type="Upgrade Decision Line",
-      aggregate=node.getRelativeUrl())
-    org = self.portal.organisation_module.newContent(
-        portal_type='Organisation')
-    project = self.portal.project_module.newContent(
-        portal_type='Project')
-    self.tic()
-    self.login(person.getUserId())
-    node.requestTransfer(
-      destination_project=project.getRelativeUrl(),
-      destination=org.getRelativeUrl(),
-      destination_section=None)
-    self.login()
-    self.tic()
-    self.assertEqual([],
-      self.portal.Item_getSecurityCategoryFromMovementLineAggregateDestinationProject(
-        [], None, None, None)) 
-    self.assertEqual([{'destination_project': [project.getRelativeUrl()]}],
-      self.portal.Item_getSecurityCategoryFromMovementLineAggregateDestinationProject(
-        [], None, ud, None)) 
-    self.assertEqual([{'destination_project': [project.getRelativeUrl()]}],
-      self.portal.Item_getSecurityCategoryFromMovementLineAggregateDestinationProject(
-        ["destination_section"], None, ud, None)) 
-    self.assertEqual([{'destination_project': [project.getRelativeUrl()]}],
-      self.portal.Item_getSecurityCategoryFromMovementLineAggregateDestinationProject(
-        ["destination"], None, ud, None)) 
-    self.assertEqual([{'destination_project': [project.getRelativeUrl()]}],
-      self.portal.Item_getSecurityCategoryFromMovementLineAggregateDestinationProject(
-        ["destination_section", "destination_project"], None, ud, None))
-class TestItem_getSecurityCategoryFromMovementAggregateDestination(TestSlapOSCoreMixin):
-  def test(self):
-    person = self.createPerson()
-    instance_tree = self.createInstanceTree(person)
-    support = self.portal.support_request_module.newContent(
-      portal_type="Support Request",
-      aggregate=instance_tree.getRelativeUrl()
-    )
-    org = self.portal.organisation_module.newContent(
-        portal_type='Organisation')
-    self.tic()
-    self.login(person.getUserId())
-    instance_tree.requestTransfer(
-      destination_project=None,
-      destination_section=None,
-      destination=org.getRelativeUrl())
-    self.login()
-    self.tic()
-    self.assertEqual([],
-      self.portal.Item_getSecurityCategoryFromMovementAggregateDestination(
-        [], None, None, None)) 
-    self.assertEqual([{'destination': [org.getRelativeUrl()]}],
-      self.portal.Item_getSecurityCategoryFromMovementAggregateDestination(
-        [], None, support, None)) 
-    self.assertEqual([{'destination': [org.getRelativeUrl()]}],
-      self.portal.Item_getSecurityCategoryFromMovementAggregateDestination(
-        ["destination_section"], None, support, None)) 
-    self.assertEqual([{'destination': [org.getRelativeUrl()]}],
-      self.portal.Item_getSecurityCategoryFromMovementAggregateDestination(
-        ["destination"], None, support, None)) 
-    self.assertEqual([{'destination': [org.getRelativeUrl()]}],
-      self.portal.Item_getSecurityCategoryFromMovementAggregateDestination(
-        ["destination_section", "destination_project"], None, support, None))
-class TestItem_getSecurityCategoryFromMovementAggregateDestinationSection(TestSlapOSCoreMixin):
-  def test(self):
-    person = self.createPerson()
-    node = self.createComputeNode(person)
-    support = self.portal.support_request_module.newContent(
-      portal_type="Support Request",
-      aggregate=node.getRelativeUrl()
-    )
-    org = self.portal.organisation_module.newContent(
-        portal_type='Organisation')
-    self.tic()
-    self.login(person.getUserId())
-    node.requestTransfer(
-      destination_project=None,
-      destination=org.getRelativeUrl(),
-      destination_section=org.getRelativeUrl())
-    self.login()
-    self.tic()
-    self.assertEqual([],
-      self.portal.Item_getSecurityCategoryFromMovementAggregateDestinationSection(
-        [], None, None, None)) 
-    self.assertEqual([{'destination_section': [org.getRelativeUrl()]}],
-      self.portal.Item_getSecurityCategoryFromMovementAggregateDestinationSection(
-        [], None, support, None)) 
-    self.assertEqual([{'destination_section': [org.getRelativeUrl()]}],
-      self.portal.Item_getSecurityCategoryFromMovementAggregateDestinationSection(
-        ["destination_section"], None, support, None)) 
-    self.assertEqual([{'destination_section': [org.getRelativeUrl()]}],
-      self.portal.Item_getSecurityCategoryFromMovementAggregateDestinationSection(
-        ["destination"], None, support, None)) 
-    self.assertEqual([{'destination_section': [org.getRelativeUrl()]}],
-      self.portal.Item_getSecurityCategoryFromMovementAggregateDestinationSection(
-        ["destination_section", "destination_project"], None, support, None))
-class TestItem_getSecurityCategoryFromMovementAggregateDestinationProject(TestSlapOSCoreMixin):
-  def test(self):
-    person = self.createPerson()
-    node = self.createComputeNode(person)
-    support = self.portal.support_request_module.newContent(
-      portal_type="Support Request",
-      aggregate=node.getRelativeUrl()
-    )
-    org = self.portal.organisation_module.newContent(
-        portal_type='Organisation')
-    project = self.portal.project_module.newContent(
-        portal_type='Project')
-    self.tic()
-    self.login(person.getUserId())
-    node.requestTransfer(
-      destination_project=project.getRelativeUrl(),
-      destination=org.getRelativeUrl(),
-      destination_section=None)
-    self.login()
-    self.tic()
-    self.assertEqual([],
-      self.portal.Item_getSecurityCategoryFromMovementAggregateDestinationProject(
-        [], None, None, None)) 
-    self.assertEqual([{'destination_project': [project.getRelativeUrl()]}],
-      self.portal.Item_getSecurityCategoryFromMovementAggregateDestinationProject(
-        [], None, support, None)) 
-    self.assertEqual([{'destination_project': [project.getRelativeUrl()]}],
-      self.portal.Item_getSecurityCategoryFromMovementAggregateDestinationProject(
-        ["destination_section"], None, support, None)) 
-    self.assertEqual([{'destination_project': [project.getRelativeUrl()]}],
-      self.portal.Item_getSecurityCategoryFromMovementAggregateDestinationProject(
-        ["destination"], None, support, None)) 
-    self.assertEqual([{'destination_project': [project.getRelativeUrl()]}],
-      self.portal.Item_getSecurityCategoryFromMovementAggregateDestinationProject(
-        ["destination_section", "destination_project"], None, support, None))
-class TestItem_getSecurityCategoryFromMovementAggregateComputeNodeDestinationSection(TestSlapOSCoreMixin):
-  def test(self):
-    person = self.createPerson()
-    node = self.createComputeNode(person)
-    support = self.portal.support_request_module.newContent(
-      portal_type="Support Request",
-      aggregate=node.getRelativeUrl()
-    )
-    org = self.portal.organisation_module.newContent(
-        portal_type='Organisation')
-    self.tic()
-    self.login(person.getUserId())
-    node.requestTransfer(
-      destination_project=None,
-      destination=org.getRelativeUrl(),
-      destination_section=org.getRelativeUrl())
-    self.login()
-    self.tic()
-    self.assertEqual([],
-      self.portal.Item_getSecurityCategoryFromMovementAggregateComputeNodeDestinationSection(
-        [], None, None, None)) 
-    self.assertEqual([{'destination_section': [org.getRelativeUrl()]}],
-      self.portal.Item_getSecurityCategoryFromMovementAggregateComputeNodeDestinationSection(
-        [], None, support, None)) 
-    self.assertEqual([{'destination_section': [org.getRelativeUrl()]}],
-      self.portal.Item_getSecurityCategoryFromMovementAggregateComputeNodeDestinationSection(
-        ["destination_section"], None, support, None)) 
-    self.assertEqual([{'destination_section': [org.getRelativeUrl()]}],
-      self.portal.Item_getSecurityCategoryFromMovementAggregateComputeNodeDestinationSection(
-        ["destination"], None, support, None)) 
-    self.assertEqual([{'destination_section': [org.getRelativeUrl()]}],
-      self.portal.Item_getSecurityCategoryFromMovementAggregateComputeNodeDestinationSection(
-        ["destination_section", "destination_project"], None, support, None))
-class TestEvent_getSecurityCategoryFromMovementFollowUpAggregateDestination(TestSlapOSCoreMixin):
-  def test(self):
-    person = self.createPerson()
-    instance_tree = self.createInstanceTree(person)
-    support = self.portal.support_request_module.newContent(
-      portal_type="Support Request",
-      aggregate=instance_tree.getRelativeUrl()
-    )
-    event = self.portal.event_module.newContent(
-      portal_type="Web Message",
-      follow_up=support.getRelativeUrl()
-    )
-    org = self.portal.organisation_module.newContent(
-        portal_type='Organisation')
-    self.tic()
-    self.login(person.getUserId())
-    instance_tree.requestTransfer(
-      destination_project=None,
-      destination_section=None,
-      destination=org.getRelativeUrl())
-    self.login()
-    self.tic()
-    self.assertEqual([],
-      self.portal.Event_getSecurityCategoryFromMovementFollowUpAggregateDestination(
-        [], None, None, None)) 
-    self.assertEqual([{'destination': [org.getRelativeUrl()]}],
-      self.portal.Event_getSecurityCategoryFromMovementFollowUpAggregateDestination(
-        [], None, event, None)) 
-    self.assertEqual([{'destination': [org.getRelativeUrl()]}],
-      self.portal.Event_getSecurityCategoryFromMovementFollowUpAggregateDestination(
-        ["destination_section"], None, event, None)) 
-    self.assertEqual([{'destination': [org.getRelativeUrl()]}],
-      self.portal.Event_getSecurityCategoryFromMovementFollowUpAggregateDestination(
-        ["destination"], None, event, None)) 
-    self.assertEqual([{'destination': [org.getRelativeUrl()]}],
-      self.portal.Event_getSecurityCategoryFromMovementFollowUpAggregateDestination(
-        ["destination_section", "destination_project"], None, event, None))
-class TestEvent_getSecurityCategoryFromMovementFollowUpAggregateComputeNodeDestinationSection(TestSlapOSCoreMixin):
-  def test(self):
-    person = self.createPerson()
-    node = self.createComputeNode(person)
-    support = self.portal.support_request_module.newContent(
-      portal_type="Support Request",
-      aggregate=node.getRelativeUrl()
-    )
-    event = self.portal.event_module.newContent(
-      portal_type="Web Message",
-      follow_up=support.getRelativeUrl()
-    )
-    org = self.portal.organisation_module.newContent(
-        portal_type='Organisation')
-    self.tic()
-    self.login(person.getUserId())
-    node.requestTransfer(
-      destination_project=None,
-      destination=org.getRelativeUrl(),
-      destination_section=org.getRelativeUrl())
-    self.login()
-    self.tic()
-    self.assertEqual([],
-      self.portal.Event_getSecurityCategoryFromMovementFollowUpAggregateComputeNodeDestinationSection(
-        [], None, None, None)) 
-    self.assertEqual([{'destination_section': [org.getRelativeUrl()]}],
-      self.portal.Event_getSecurityCategoryFromMovementFollowUpAggregateComputeNodeDestinationSection(
-        [], None, event, None)) 
-    self.assertEqual([{'destination_section': [org.getRelativeUrl()]}],
-      self.portal.Event_getSecurityCategoryFromMovementFollowUpAggregateComputeNodeDestinationSection(
-        ["destination_section"], None, event, None)) 
-    self.assertEqual([{'destination_section': [org.getRelativeUrl()]}],
-      self.portal.Event_getSecurityCategoryFromMovementFollowUpAggregateComputeNodeDestinationSection(
-        ["destination"], None, event, None)) 
-    self.assertEqual([{'destination_section': [org.getRelativeUrl()]}],
-      self.portal.Event_getSecurityCategoryFromMovementFollowUpAggregateComputeNodeDestinationSection(
-        ["destination_section", "destination_project"], None, event, None))
-class TestEvent_getSecurityCategoryFromMovementFollowUpAggregateDestinationProject(TestSlapOSCoreMixin):
-  def test(self):
-    person = self.createPerson()
-    node = self.createComputeNode(person)
-    support = self.portal.support_request_module.newContent(
-      portal_type="Support Request",
-      aggregate=node.getRelativeUrl()
-    )
-    event = self.portal.event_module.newContent(
-      portal_type="Web Message",
-      follow_up=support.getRelativeUrl()
-    )
-    org = self.portal.organisation_module.newContent(
-        portal_type='Organisation')
-    project = self.portal.project_module.newContent(
-        portal_type='Project')
-    self.tic()
-    self.login(person.getUserId())
-    node.requestTransfer(
-      destination_project=project.getRelativeUrl(),
-      destination=org.getRelativeUrl(),
-      destination_section=None)
-    self.login()
-    self.tic()
-    self.assertEqual([],
-      self.portal.Event_getSecurityCategoryFromMovementFollowUpAggregateDestinationProject(
-        [], None, None, None)) 
-    self.assertEqual([{'destination_project': [project.getRelativeUrl()]}],
-      self.portal.Event_getSecurityCategoryFromMovementFollowUpAggregateDestinationProject(
-        [], None, event, None)) 
-    self.assertEqual([{'destination_project': [project.getRelativeUrl()]}],
-      self.portal.Event_getSecurityCategoryFromMovementFollowUpAggregateDestinationProject(
-        ["destination_section"], None, event, None)) 
-    self.assertEqual([{'destination_project': [project.getRelativeUrl()]}],
-      self.portal.Event_getSecurityCategoryFromMovementFollowUpAggregateDestinationProject(
-        ["destination"], None, event, None)) 
-    self.assertEqual([{'destination_project': [project.getRelativeUrl()]}],
-      self.portal.Event_getSecurityCategoryFromMovementFollowUpAggregateDestinationProject(
-        ["destination_section", "destination_project"], None, event, None))
--- a/master/bt5/slapos_erp5/TestTemplateItem/portal_components/test.erp5.testSlapOSERP5DefaultScenario.py
+++ b/master/bt5/slapos_erp5/TestTemplateItem/portal_components/test.erp5.testSlapOSERP5DefaultScenario.py
-# -*- coding:utf-8 -*-
-##############################################################################
-#
-# Copyright (c) 2022 Nexedi SA and Contributors. All Rights Reserved.
-#
-# This program is Free Software; you can redistribute it and/or
-# modify it under the terms of the GNU General Public License
-# as published by the Free Software Foundation; either version 2
-# of the License, or (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-#
-##############################################################################
-from erp5.component.test.SlapOSTestCaseDefaultScenarioMixin import DefaultScenarioMixin
-from DateTime import DateTime
-import re
-class TestSlapOSDefaultScenario(DefaultScenarioMixin):
-  """
-  def addSlapOSAdministratorAssignment(self, person):
-    person.newContent(
-      portal_type='Assignment',
-      # XXX should be project/function instead
-      group='company'
-    ).open()
-"""
-  def addProjectProductionManagerAssignment(self, person, project):
-    person.newContent(
-      portal_type='Assignment',
-      destination_project_value=project,
-      function='production/manager'
-    ).open()
-  def addProjectCustomerAssignment(self, person, project):
-    person.newContent(
-      portal_type='Assignment',
-      destination_project_value=project,
-      function='customer'
-    ).open()
-  def addProject(self):
-    project = self.portal.project_module.newContent(
-      portal_type='Project',
-      title='project-%s' % self.generateNewId()
-    )
-    project.validate()
-    return project
-  def test_new_default_scenario(self):
-    # create a default project
-    project = self.addProject()
-    # some preparation
-    self.logout()
-    self.web_site = self.portal.web_site_module.hostingjs
-    # lets join as slapos administrator, which will own few compute_nodes
-    owner_reference = 'owner-%s' % self.generateNewId()
-    self.joinSlapOS(self.web_site, owner_reference)
-    self.login()
-    owner_person = self.portal.portal_catalog.getResultValue(
-      portal_type="ERP5 Login",
-      reference=owner_reference).getParentValue()
-    # first slapos administrator assignment can only be created by
-    # the erp5 manager
-    self.addProjectProductionManagerAssignment(owner_person, project)
-    self.tic()
-    # hooray, now it is time to create compute_nodes
-    self.login(owner_person.getUserId())
-    public_server_title = 'Public Server for %s' % owner_reference
-    public_server_id = self.requestComputeNode(public_server_title, project.getReference())
-    public_server = self.portal.portal_catalog.getResultValue(
-        portal_type='Compute Node', reference=public_server_id)
-    self.setAccessToMemcached(public_server)
-    self.assertNotEqual(None, public_server)
-    self.setServerOpenPublic(public_server)
-    # and install some software on them
-    public_server_software = self.generateNewSoftwareReleaseUrl()
-    self.supplySoftware(public_server, public_server_software)
-    # format the compute_nodes
-    self.formatComputeNode(public_server)
-    # join as the another visitor and request software instance on public
-    # compute_node
-    self.logout()
-    public_reference = 'public-%s' % self.generateNewId()
-    self.joinSlapOS(self.web_site, public_reference)
-    self.login()
-    public_person = self.portal.portal_catalog.getResultValue(
-      portal_type="ERP5 Login",
-      reference=public_reference).getParentValue()
-    self.addProjectCustomerAssignment(public_person, project)
-    public_instance_title = 'Public title %s' % self.generateNewId()
-    public_instance_type = 'public type'
-    self.checkInstanceAllocation(public_person.getUserId(),
-        public_reference, public_instance_title,
-        public_server_software, public_instance_type,
-        public_server, project.getReference())
-    # turn public guy to a friend and check that he can allocate slave
-    # instance on instance provided by friend
-    self.login()
-    public_person = self.portal.portal_catalog.getResultValue(
-      portal_type='ERP5 Login', reference=public_reference).getParentValue()
-    self.login(owner_person.getUserId())
-    # and the instances
-    self.checkInstanceUnallocation(public_person.getUserId(),
-        public_reference, public_instance_title,
-        public_server_software, public_instance_type, public_server,
-        project.getReference())
-    # and uninstall some software on them
-    self.logout()
-    self.login(owner_person.getUserId())
-    self.supplySoftware(public_server, public_server_software,
-                        state='destroyed')
-    self.logout()
-    # Uninstall from compute_node
-    self.login()
-    self.simulateSlapgridSR(public_server)
-    # check the Open Sale Order coverage
-    self.stepCallSlaposRequestUpdateInstanceTreeOpenSaleOrderAlarm()
-    self.tic()
-    self.logout()
-    self.login()
-    self.assertOpenSaleOrderCoverage(public_reference)
-    # generate simulation for open order
-    self.stepCallUpdateOpenOrderSimulationAlarm()
-    self.tic()
-    # build subscription packing list
-    self.stepCallSlaposTriggerBuildAlarm()
-    self.tic()
-    # stabilise build deliveries and expand them
-    self.stepCallSlaposManageBuildingCalculatingDeliveryAlarm()
-    self.tic()
-    # build aggregated packing list
-    self.stepCallSlaposTriggerAggregatedDeliveryOrderBuilderAlarm()
-    self.tic()
-    # stabilise aggregated deliveries and expand them
-    self.stepCallSlaposManageBuildingCalculatingDeliveryAlarm()
-    self.tic()
-    # start aggregated deliveries
-    self.stepCallSlaposStartConfirmedAggregatedSalePackingListAlarm(
-        accounting_date=DateTime('2222/01/01'))
-    self.tic()
-    # stabilise aggregated deliveries and expand them
-    self.stepCallSlaposManageBuildingCalculatingDeliveryAlarm()
-    self.tic()
-    # deliver aggregated deliveries
-    self.stepCallSlaposDeliverStartedAggregatedSalePackingListAlarm()
-    self.tic()
-    # stabilise aggregated deliveries and expand them
-    self.stepCallSlaposManageBuildingCalculatingDeliveryAlarm()
-    self.tic()
-    # build aggregated invoices
-    self.stepCallSlaposTriggerBuildAlarm()
-    self.tic()
-    # stabilise aggregated invoices and expand them
-    self.stepCallSlaposManageBuildingCalculatingDeliveryAlarm()
-    self.tic()
-    # update invoices with their tax & discount
-    self.stepCallSlaposTriggerBuildAlarm()
-    self.tic()
-    self.stepCallSlaposManageBuildingCalculatingDeliveryAlarm()
-    self.tic()
-    # update invoices with their tax & discount transaction lines
-    self.stepCallSlaposTriggerBuildAlarm()
-    self.tic()
-    self.stepCallSlaposManageBuildingCalculatingDeliveryAlarm()
-    self.tic()
-    # stop the invoices and solve them again
-    self.stepCallSlaposStopConfirmedAggregatedSaleInvoiceTransactionAlarm()
-    self.tic()
-    self.stepCallSlaposManageBuildingCalculatingDeliveryAlarm()
-    self.tic()
-    builder = self.portal.portal_orders.slapos_payment_transaction_builder
-    for _ in range(500):
-      # build the aggregated payment
-      self.stepCallSlaposTriggerPaymentTransactionOrderBuilderAlarm()
-      self.tic()
-      # If there is something unbuild recall alarm.
-      if len(builder.OrderBuilder_generateUnrelatedInvoiceList()):
-        break
-    # start the payzen payment
-    self.stepCallSlaposPayzenUpdateConfirmedPaymentAlarm()
-    self.tic()
-    # stabilise the payment deliveries and expand them
-    self.stepCallSlaposManageBuildingCalculatingDeliveryAlarm()
-    self.tic()
-    """
-    self.logout()
-    self.login('ERP5TypeTestCase')
-    # trigger the CRM interaction
-    self.stepCallSlaposCrmCreateRegularisationRequestAlarm()
-    self.tic()
-    self.logout()
-    self.login()
-    # check final document state
-    for person_reference in (owner_reference, ):
-      person = self.portal.portal_catalog.getResultValue(
-        portal_type='ERP5 Login', reference=person_reference).getParentValue()
-      self.assertPersonDocumentCoverage(person)
-"""
-  def test_default_scenario(self):
-    # some preparation
-    self.logout()
-    self.web_site = self.portal.web_site_module.hostingjs
-    # lets join as owner, which will own few compute_nodes
-    owner_reference = 'owner-%s' % self.generateNewId()
-    self.joinSlapOS(self.web_site, owner_reference)
-    self.login()
-    owner_person = self.portal.portal_catalog.getResultValue(
-      portal_type="ERP5 Login",
-      reference=owner_reference).getParentValue()
-    # hooray, now it is time to create compute_nodes
-    self.login(owner_person.getUserId())
-    public_server_title = 'Public Server for %s' % owner_reference
-    public_server_id = self.requestComputeNode(public_server_title, 'XXX')
-    public_server = self.portal.portal_catalog.getResultValue(
-        portal_type='Compute Node', reference=public_server_id)
-    self.setAccessToMemcached(public_server)
-    self.assertNotEqual(None, public_server)
-    self.setServerOpenPublic(public_server)
-    public_server.generateCertificate()
-    personal_server_title = 'Personal Server for %s' % owner_reference
-    personal_server_id = self.requestComputeNode(personal_server_title, 'XXX')
-    personal_server = self.portal.portal_catalog.getResultValue(
-        portal_type='Compute Node', reference=personal_server_id)
-    self.setAccessToMemcached(personal_server)
-    self.assertNotEqual(None, personal_server)
-    self.setServerOpenPersonal(personal_server)
-    personal_server.generateCertificate()
-    # and install some software on them
-    public_server_software = self.generateNewSoftwareReleaseUrl()
-    self.supplySoftware(public_server, public_server_software)
-    personal_server_software = self.generateNewSoftwareReleaseUrl()
-    self.supplySoftware(personal_server, personal_server_software)
-    # format the compute_nodes
-    self.formatComputeNode(public_server)
-    self.formatComputeNode(personal_server)
-    # join as the another visitor and request software instance on public
-    # compute_node
-    self.logout()
-    public_reference = 'public-%s' % self.generateNewId()
-    self.joinSlapOS(self.web_site, public_reference)
-    self.login()
-    public_person = self.portal.portal_catalog.getResultValue(
-      portal_type="ERP5 Login",
-      reference=public_reference).getParentValue()
-    public_instance_title = 'Public title %s' % self.generateNewId()
-    public_instance_type = 'public type'
-    self.checkInstanceAllocation(public_person.getUserId(),
-        public_reference, public_instance_title,
-        public_server_software, public_instance_type,
-        public_server, 'XXX')
-    # join as other person and request a software instance on compute_node
-    # configured by owner
-    self.logout()
-    other_reference = 'other-%s' % self.generateNewId()
-    self.joinSlapOS(self.web_site, other_reference)
-    self.login()
-    other_person = self.portal.portal_catalog.getResultValue(
-        portal_type='ERP5 Login', reference=other_reference).getParentValue()
-    # allow other to alloce on public compute_node
-    self.login(owner_person.getUserId())
-    other_instance_title = 'Other title %s' % self.generateNewId()
-    other_instance_type = 'other_type'
-    self.checkInstanceAllocation(other_person.getUserId(), other_reference,
-        other_instance_title, public_server_software, other_instance_type,
-        public_server)
-    # check that other person is able to request slave instance matching the
-    # public's compute_node software instance
-    other_slave_instance_title = 'Other slave title %s' % self.\
-        generateNewId()
-    self.checkSlaveInstanceAllocation(other_person.getUserId(),
-        other_reference, other_slave_instance_title, public_server_software,
-        public_instance_type, public_server)
-    # turn public guy to a other person and check that he can allocate slave
-    # instance on instance provided by other person
-    self.login()
-    public_person = self.portal.portal_catalog.getResultValue(
-      portal_type='ERP5 Login', reference=public_reference).getParentValue()
-    # now deallocate the slaves
-    self.login(owner_person.getUserId())
-    self.checkSlaveInstanceUnallocation(other_person.getUserId(),
-        other_reference, other_slave_instance_title, public_server_software,
-        other_instance_type, public_server)
-    # and the instances
-    self.checkInstanceUnallocation(public_person.getUserId(),
-        public_reference, public_instance_title,
-        public_server_software, public_instance_type, public_server, 'XXX')
-    self.checkInstanceUnallocation(other_person.getUserId(),
-       other_reference, other_instance_title,
-       public_server_software, other_instance_type, public_server
-)
-    # and uninstall some software on them
-    self.logout()
-    self.login(owner_person.getUserId())
-    self.supplySoftware(public_server, public_server_software,
-                        state='destroyed')
-    self.supplySoftware(personal_server, personal_server_software,
-                        state='destroyed')
-    self.logout()
-    # Uninstall from compute_node
-    self.login()
-    self.simulateSlapgridSR(public_server)
-    self.simulateSlapgridSR(personal_server)
-    # check the Open Sale Order coverage
-    self.stepCallSlaposRequestUpdateInstanceTreeOpenSaleOrderAlarm()
-    self.tic()
-    self.login()
-    self.assertOpenSaleOrderCoverage(owner_reference)
-    self.assertOpenSaleOrderCoverage(other_reference)
-    self.assertOpenSaleOrderCoverage(public_reference)
-    # generate simulation for open order
-    self.stepCallUpdateOpenOrderSimulationAlarm()
-    self.tic()
-    # build subscription packing list
-    self.stepCallSlaposTriggerBuildAlarm()
-    self.tic()
-    # stabilise build deliveries and expand them
-    self.stepCallSlaposManageBuildingCalculatingDeliveryAlarm()
-    self.tic()
-    # build aggregated packing list
-    self.stepCallSlaposTriggerAggregatedDeliveryOrderBuilderAlarm()
-    self.tic()
-    # stabilise aggregated deliveries and expand them
-    self.stepCallSlaposManageBuildingCalculatingDeliveryAlarm()
-    self.tic()
-    # start aggregated deliveries
-    self.stepCallSlaposStartConfirmedAggregatedSalePackingListAlarm(
-        accounting_date=DateTime('2222/01/01'))
-    self.tic()
-    # stabilise aggregated deliveries and expand them
-    self.stepCallSlaposManageBuildingCalculatingDeliveryAlarm()
-    self.tic()
-    # deliver aggregated deliveries
-    self.stepCallSlaposDeliverStartedAggregatedSalePackingListAlarm()
-    self.tic()
-    # stabilise aggregated deliveries and expand them
-    self.stepCallSlaposManageBuildingCalculatingDeliveryAlarm()
-    self.tic()
-    # build aggregated invoices
-    self.stepCallSlaposTriggerBuildAlarm()
-    self.tic()
-    # stabilise aggregated invoices and expand them
-    self.stepCallSlaposManageBuildingCalculatingDeliveryAlarm()
-    self.tic()
-    # update invoices with their tax & discount
-    self.stepCallSlaposTriggerBuildAlarm()
-    self.tic()
-    self.stepCallSlaposManageBuildingCalculatingDeliveryAlarm()
-    self.tic()
-    # update invoices with their tax & discount transaction lines
-    self.stepCallSlaposTriggerBuildAlarm()
-    self.tic()
-    self.stepCallSlaposManageBuildingCalculatingDeliveryAlarm()
-    self.tic()
-    # stop the invoices and solve them again
-    self.stepCallSlaposStopConfirmedAggregatedSaleInvoiceTransactionAlarm()
-    self.tic()
-    self.stepCallSlaposManageBuildingCalculatingDeliveryAlarm()
-    self.tic()
-    # trigger the CRM interaction
-    self.stepCallSlaposCrmCreateRegularisationRequestAlarm()
-    self.tic()
-    # check final document state
-    for person_reference in (owner_reference, other_reference,
-        public_reference):
-      person = self.portal.portal_catalog.getResultValue(
-        portal_type='ERP5 Login', reference=person_reference).getParentValue()
-      self.assertPersonDocumentCoverage(person)
-    self.login(public_person.getUserId())
-    self.usePaymentManually(self.web_site, public_person.getUserId())
-    self.login(other_person.getUserId())
-    self.usePaymentManually(self.web_site, other_person.getUserId())
-class TestSlapOSDefaultCRMEscalation(DefaultScenarioMixin):
-  def trickCrmEvent(self, service_id, day, person_reference):
-    self.login()
-    person = self.portal.portal_catalog.getResultValue(portal_type='ERP5 Login',
-        reference=person_reference).getParentValue()
-    ticket = self.portal.portal_catalog.getResultValue(
-        portal_type='Regularisation Request',
-        simulation_state='suspended',
-        default_source_project_uid=person.getUid()
-    )
-    self.assertNotEqual(ticket, None)
-    event = self.portal.portal_catalog.getResultValue(
-      portal_type='Mail Message',
-      default_resource_uid=self.portal.service_module[service_id].getUid(),
-      default_follow_up_uid=ticket.getUid(),
-    )
-    event.edit(start_date=event.getStartDate()-day)
-    data = event.getData()
-    data = re.sub(
-      "\nDate: .*\n",
-      "\nDate: %s\n" % (event.getStartDate()-day).rfc822(),
-      data)
-    event.edit(data=data)
-  def assertOpenSaleOrderCoverage(self, person_reference):
-    self.login()
-    person = self.portal.portal_catalog.getResultValue(
-       portal_type='ERP5 Login',
-       reference=person_reference).getParentValue()
-    instance_tree_list = self.portal.portal_catalog(
-        portal_type='Instance Tree',
-        default_destination_section_uid=person.getUid()
-    )
-    open_sale_order_list = self.portal.portal_catalog(
-        portal_type='Open Sale Order',
-        default_destination_uid=person.getUid(),
-    )
-    if len(instance_tree_list) == 0:
-      self.assertEqual(0, len(open_sale_order_list))
-      return
-    self.assertEqual(1, len(open_sale_order_list))
-    open_sale_order = open_sale_order_list[0]
-    line_list = open_sale_order.contentValues(
-        portal_type='Open Sale Order Line')
-    self.assertEqual(len(instance_tree_list), len(line_list))
-    self.assertSameSet(
-        [q.getRelativeUrl() for q in instance_tree_list],
-        [q.getAggregate(portal_type="Instance Tree") for q in line_list]
-    )
-    # Every line must have 2 aggregate categories:
-    # one Instance Tree and one Hosting Subscription
-    for line in line_list:
-      self.assertEqual(2, len(line.getAggregateList()))
-      self.assertEqual(1, len(line.getAggregateList(portal_type="Hosting Subscription")))
-  def assertAggregatedSalePackingList(self, delivery):
-    self.assertEqual('delivered', delivery.getSimulationState())
-    self.assertEqual('solved', delivery.getCausalityState())
-    invoice_list= delivery.getCausalityRelatedValueList(
-        portal_type='Sale Invoice Transaction')
-    self.assertEqual(1, len(invoice_list))
-    invoice = invoice_list[0].getObject()
-    causality_list = invoice.getCausalityValueList()
-    self.assertSameSet([delivery], causality_list)
-    self.assertEqual('stopped', invoice.getSimulationState())
-    self.assertEqual('solved', invoice.getCausalityState())
-    payment_list = invoice.getCausalityRelatedValueList(
-        portal_type='Payment Transaction')
-    self.assertEqual(0, len(payment_list))
-    # Check reverse invoice
-    reverse_invoice_list = invoice.getCausalityRelatedValueList(
-        portal_type='Sale Invoice Transaction')
-    self.assertEqual(1, len(reverse_invoice_list))
-    reverse_invoice = reverse_invoice_list[0].getObject()
-    causality_list = reverse_invoice.getCausalityValueList()
-    self.assertSameSet([invoice], causality_list)
-    self.assertEqual('stopped', reverse_invoice.getSimulationState())
-    self.assertEqual('draft', reverse_invoice.getCausalityState())
-    payment_list = reverse_invoice.getCausalityRelatedValueList(
-        portal_type='Payment Transaction')
-    self.assertEqual(0, len(payment_list))
-  def test_crm_escalation(self):
-    # some preparation
-    self.logout()
-    self.web_site = self.portal.web_site_module.hostingjs
-    # join as the another visitor and request software instance on public
-    # compute_node
-    self.logout()
-    public_reference = 'public-%s' % self.generateNewId()
-    self.joinSlapOS(self.web_site, public_reference)
-    self.login()
-    self.tic()
-    person = self.portal.portal_catalog.getResultValue(
-      portal_type="ERP5 Login", reference=public_reference).getParentValue()
-    public_instance_title = 'Public title %s' % self.generateNewId()
-    public_instance_type = 'public type'
-    public_server_software = self.generateNewSoftwareReleaseUrl()
-    self.requestInstance(person.getUserId(), public_instance_title,
-        public_server_software, public_instance_type, 'XXX')
-    # check the Open Sale Order coverage
-    self.stepCallSlaposRequestUpdateInstanceTreeOpenSaleOrderAlarm()
-    self.tic()
-    self.login()
-    self.assertOpenSaleOrderCoverage(public_reference)
-    # generate simulation for open order
-    self.stepCallUpdateOpenOrderSimulationAlarm()
-    self.tic()
-    # build subscription packing list
-    self.stepCallSlaposTriggerBuildAlarm()
-    self.tic()
-    # stabilise build deliveries and expand them
-    self.stepCallSlaposManageBuildingCalculatingDeliveryAlarm()
-    self.tic()
-    # build aggregated packing list
-    self.stepCallSlaposTriggerAggregatedDeliveryOrderBuilderAlarm()
-    self.tic()
-    # stabilise aggregated deliveries and expand them
-    self.stepCallSlaposManageBuildingCalculatingDeliveryAlarm()
-    self.tic()
-    # start aggregated deliveries
-    self.stepCallSlaposStartConfirmedAggregatedSalePackingListAlarm(
-        accounting_date=DateTime('2222/01/01'))
-    self.tic()
-    # stabilise aggregated deliveries and expand them
-    self.stepCallSlaposManageBuildingCalculatingDeliveryAlarm()
-    self.tic()
-    # deliver aggregated deliveries
-    self.stepCallSlaposDeliverStartedAggregatedSalePackingListAlarm()
-    self.tic()
-    # stabilise aggregated deliveries and expand them
-    self.stepCallSlaposManageBuildingCalculatingDeliveryAlarm()
-    self.tic()
-    # build aggregated invoices
-    self.stepCallSlaposTriggerBuildAlarm()
-    self.tic()
-    # stabilise aggregated invoices and expand them
-    self.stepCallSlaposManageBuildingCalculatingDeliveryAlarm()
-    self.tic()
-    # update invoices with their tax & discount
-    self.stepCallSlaposTriggerBuildAlarm()
-    self.tic()
-    self.stepCallSlaposManageBuildingCalculatingDeliveryAlarm()
-    self.tic()
-    # update invoices with their tax & discount transaction lines
-    self.stepCallSlaposTriggerBuildAlarm()
-    self.tic()
-    self.stepCallSlaposManageBuildingCalculatingDeliveryAlarm()
-    self.tic()
-    # stop the invoices and solve them again
-    self.stepCallSlaposStopConfirmedAggregatedSaleInvoiceTransactionAlarm()
-    self.tic()
-    self.stepCallSlaposManageBuildingCalculatingDeliveryAlarm()
-    self.tic()
-    # create the regularisation request
-    self.stepCallSlaposCrmCreateRegularisationRequestAlarm()
-    self.tic()
-    # escalate 1
-    self.trickCrmEvent('slapos_crm_acknowledgement', 15, public_reference)
-    self.stepCallSlaposCrmTriggerAcknowledgmentEscalationAlarm()
-    self.tic()
-    # escalate 2
-    self.trickCrmEvent('slapos_crm_stop_reminder', 7, public_reference)
-    self.stepCallSlaposCrmTriggerStopReminderEscalationAlarm()
-    self.tic()
-    # stop the subscription
-    self.stepCallSlaposCrmStopInstanceTreeAlarm()
-    self.tic()
-    self.assertSubscriptionStopped(person)
-    # escalate 3
-    self.trickCrmEvent('slapos_crm_stop_acknowledgement', 7, public_reference)
-    self.stepCallSlaposCrmTriggerStopAcknowledgmentEscalationAlarm()
-    self.tic()
-    # escalate 4
-    self.trickCrmEvent('slapos_crm_delete_reminder', 10, public_reference)
-    self.stepCallSlaposCrmTriggerDeleteReminderEscalationAlarm()
-    self.tic()
-    # delete the subscription
-    self.stepCallSlaposCrmDeleteInstanceTreeAlarm()
-    self.tic()
-    self.assertSubscriptionDestroyed(person)
-    # check the Open Sale Order coverage
-    self.stepCallSlaposRequestUpdateInstanceTreeOpenSaleOrderAlarm()
-    self.tic()
-    # Manually cancel the users invoice
-    invoice_list = person.Entity_getOutstandingAmountList()
-    self.assertEqual(len(invoice_list), 1)
-    sale_transaction_invoice = invoice_list[0].getObject()
-    sale_transaction_invoice.SaleInvoiceTransaction_createReversalSaleInvoiceTransaction(batch_mode=1)
-    self.tic()
-    # close the ticket
-    self.stepCallSlaposCrmInvalidateSuspendedRegularisationRequestAlarm()
-    self.tic()
-    # update open order simulation
-    self.stepCallUpdateOpenOrderSimulationAlarm()
-    self.tic()
-    # build subscription packing list
-    self.stepCallSlaposTriggerBuildAlarm()
-    self.tic()
-    # stabilise build deliveries and expand them
-    self.stepCallSlaposManageBuildingCalculatingDeliveryAlarm()
-    self.tic()
-    # build aggregated packing list
-    self.stepCallSlaposTriggerAggregatedDeliveryOrderBuilderAlarm()
-    self.tic()
-    # stabilise aggregated deliveries and expand them
-    self.stepCallSlaposManageBuildingCalculatingDeliveryAlarm()
-    self.tic()
-    # start aggregated deliveries
-    self.stepCallSlaposStartConfirmedAggregatedSalePackingListAlarm(
-        accounting_date=DateTime('2222/01/01'))
-    self.tic()
-    # stabilise aggregated deliveries and expand them
-    self.stepCallSlaposManageBuildingCalculatingDeliveryAlarm()
-    self.tic()
-    # deliver aggregated deliveries
-    self.stepCallSlaposDeliverStartedAggregatedSalePackingListAlarm()
-    self.tic()
-    # stabilise aggregated deliveries and expand them
-    self.stepCallSlaposManageBuildingCalculatingDeliveryAlarm()
-    self.tic()
-    # build aggregated invoices
-    self.stepCallSlaposTriggerBuildAlarm()
-    self.tic()
-    # stabilise aggregated invoices and expand them
-    self.stepCallSlaposManageBuildingCalculatingDeliveryAlarm()
-    self.tic()
-    # update invoices with their tax & discount
-    self.stepCallSlaposTriggerBuildAlarm()
-    self.tic()
-    self.stepCallSlaposManageBuildingCalculatingDeliveryAlarm()
-    self.tic()
-    # update invoices with their tax & discount transaction lines
-    self.stepCallSlaposTriggerBuildAlarm()
-    self.tic()
-    self.stepCallSlaposManageBuildingCalculatingDeliveryAlarm()
-    self.tic()
-    # stop the invoices and solve them again
-    self.stepCallSlaposStopConfirmedAggregatedSaleInvoiceTransactionAlarm()
-    self.tic()
-    self.stepCallSlaposManageBuildingCalculatingDeliveryAlarm()
-    self.tic()
-    # check final document state
-    self.assertPersonDocumentCoverage(person)
--- a/master/bt5/slapos_erp5/TestTemplateItem/portal_components/test.erp5.testSlapOSERP5DefaultScenario.xml
+++ b/master/bt5/slapos_erp5/TestTemplateItem/portal_components/test.erp5.testSlapOSERP5DefaultScenario.xml
-<?xml version="1.0"?>
-<ZopeData>
-  <record id="1" aka="AAAAAAAAAAE=">
-    <pickle>
-      <global name="Test Component" module="erp5.portal_type"/>
-    </pickle>
-    <pickle>
-      <dictionary>
-        <item>
-            <key> <string>default_reference</string> </key>
-            <value> <string>testSlapOSERP5DefaultScenario</string> </value>
-        </item>
-        <item>
-            <key> <string>description</string> </key>
-            <value>
-              <none/>
-            </value>
-        </item>
-        <item>
-            <key> <string>id</string> </key>
-            <value> <string>test.erp5.testSlapOSERP5DefaultScenario</string> </value>
-        </item>
-        <item>
-            <key> <string>portal_type</string> </key>
-            <value> <string>Test Component</string> </value>
-        </item>
-        <item>
-            <key> <string>sid</string> </key>
-            <value>
-              <none/>
-            </value>
-        </item>
-        <item>
-            <key> <string>text_content_error_message</string> </key>
-            <value>
-              <tuple/>
-            </value>
-        </item>
-        <item>
-            <key> <string>text_content_warning_message</string> </key>
-            <value>
-              <tuple/>
-            </value>
-        </item>
-        <item>
-            <key> <string>version</string> </key>
-            <value> <string>erp5</string> </value>
-        </item>
-        <item>
-            <key> <string>workflow_history</string> </key>
-            <value>
-              <persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
-            </value>
-        </item>
-      </dictionary>
-    </pickle>
-  </record>
-  <record id="2" aka="AAAAAAAAAAI=">
-    <pickle>
-      <global name="PersistentMapping" module="Persistence.mapping"/>
-    </pickle>
-    <pickle>
-      <dictionary>
-        <item>
-            <key> <string>data</string> </key>
-            <value>
-              <dictionary>
-                <item>
-                    <key> <string>component_validation_workflow</string> </key>
-                    <value>
-                      <persistent> <string encoding="base64">AAAAAAAAAAM=</string> </persistent>
-                    </value>
-                </item>
-              </dictionary>
-            </value>
-        </item>
-      </dictionary>
-    </pickle>
-  </record>
-  <record id="3" aka="AAAAAAAAAAM=">
-    <pickle>
-      <global name="WorkflowHistoryList" module="Products.ERP5Type.Workflow"/>
-    </pickle>
-    <pickle>
-      <dictionary>
-        <item>
-            <key> <string>_log</string> </key>
-            <value>
-              <list>
-                <dictionary>
-                  <item>
-                      <key> <string>action</string> </key>
-                      <value> <string>validate</string> </value>
-                  </item>
-                  <item>
-                      <key> <string>validation_state</string> </key>
-                      <value> <string>validated</string> </value>
-                  </item>
-                </dictionary>
-              </list>
-            </value>
-        </item>
-      </dictionary>
-    </pickle>
-  </record>
-</ZopeData>
--- a/master/bt5/slapos_erp5/TestTemplateItem/portal_components/test.erp5.testSlapOSERP5GroupRoleSecurity.py
+++ b/master/bt5/slapos_erp5/TestTemplateItem/portal_components/test.erp5.testSlapOSERP5GroupRoleSecurity.py
@@ -22,6 +22,7 @@
 ##############################################################################
 from erp5.component.test.SlapOSTestCaseMixin import SlapOSTestCaseMixinWithAbort
 from AccessControl import getSecurityManager
+import transaction
 class TestSlapOSGroupRoleSecurityCoverage(SlapOSTestCaseMixinWithAbort):
  maxDiff = None
@@ -377,13 +378,14 @@ class TestAllocationSupply(TestSlapOSGroupRoleSecurityMixin):
 class TestAssignment(TestSlapOSGroupRoleSecurityMixin):
-  def test_Assignment_Company_Group(self):
+  def test_Assignment_Sale(self):
    assignment = self.portal.person_module.newContent(
        portal_type='Person').newContent(portal_type='Assignment')
    self.assertSecurityGroup(assignment,
-        ['F-IS*', self.user_id], False)
+        [self.user_id, 'F-SALEAGT', 'F-SALEMAN'], False)
-    self.assertRoles(assignment, 'F-IS*', ['Auditor'])
    self.assertRoles(assignment, self.user_id, ['Owner'])
+    self.assertRoles(assignment, 'F-SALEMAN', ['Assignor'])
+    self.assertRoles(assignment, 'F-SALEAGT', ['Assignee'])
 class TestComputeNodeModule(TestSlapOSGroupRoleSecurityMixin):
@@ -435,974 +437,126 @@ class TestComputeNode(TestSlapOSGroupRoleSecurityMixin):
    self.assertRoles(compute_node, '%s_R-INSTANCE' % project.getReference(), ['Auditor'])
-class TestComputerModelModule(TestSlapOSGroupRoleSecurityMixin):
+class TestInstanceNode(TestSlapOSGroupRoleSecurityMixin):
-  def test_ComputerModelModule(self):
+  def test_InstanceNode_userId(self):
-    module = self.portal.computer_model_module
+    compute_node = self.portal.compute_node_module.newContent(portal_type='Instance Node')
-    self.assertSecurityGroup(module,
+    self.assertSecurityGroup(compute_node,
-        ['F-PRODUCTION*', 'F-CUSTOMER', 'R-SHADOW-PERSON', module.Base_getOwnerId()],
+        [self.user_id], False)
-        False)
+    self.assertRoles(compute_node, self.user_id, ['Owner'])
-    self.assertRoles(module, 'F-CUSTOMER', ['Auditor'])
-    self.assertRoles(module, 'F-PRODUCTION*', ['Auditor', 'Author'])
-    self.assertRoles(module, 'R-SHADOW-PERSON', ['Auditor'])
-    self.assertRoles(module, module.Base_getOwnerId(), ['Owner'])
-class TestComputerModel(TestSlapOSGroupRoleSecurityMixin):
+    compute_node.edit(user_id=None)
-  document_portal_type = 'Computer Model'
+    self.assertSecurityGroup(compute_node,
-  def test_ComputerModel_default(self):
+        [self.user_id], False)
-    model = self.portal.getDefaultModuleValue(self.document_portal_type).newContent(
+    self.assertRoles(compute_node, self.user_id, ['Owner'])
-        portal_type=self.document_portal_type)
-    self.assertSecurityGroup(model,
-        ['R-SHADOW-PERSON', self.user_id], False)
-    self.assertRoles(model, 'R-SHADOW-PERSON', ['Auditor'])
-    self.assertRoles(model, self.user_id, ['Owner'])
-  def test_ComputerModel_ProjectMember(self):
+  def test_InstanceNode_ProjectMember(self):
    project = self.addProject()
-    compute_node = self.portal.getDefaultModuleValue(self.document_portal_type).newContent(
+    compute_node = self.portal.compute_node_module.newContent(
-        portal_type=self.document_portal_type)
+        portal_type='Instance Node')
    compute_node.edit(
        follow_up_value=project)
    self.assertSecurityGroup(compute_node, [
      self.user_id,
-      'R-SHADOW-PERSON',
      '%s_F-PRODAGNT' % project.getReference(),
      '%s_F-PRODMAN' % project.getReference(),
      '%s_F-CUSTOMER' % project.getReference(),
    ], False)
    self.assertRoles(compute_node, self.user_id, ['Owner'])
-    self.assertRoles(compute_node, 'R-SHADOW-PERSON', ['Auditor'])
+    self.assertRoles(compute_node, '%s_F-PRODAGNT' % project.getReference(), ['Assignee'])
-    self.assertRoles(compute_node, '%s_F-PRODAGNT' % project.getReference(), ['Assignee'])
+    self.assertRoles(compute_node, '%s_F-PRODMAN' % project.getReference(), ['Assignor'])
-    self.assertRoles(compute_node, '%s_F-PRODMAN' % project.getReference(), ['Assignor'])
+    self.assertRoles(compute_node, '%s_F-CUSTOMER' % project.getReference(), ['Auditor'])
-    self.assertRoles(compute_node, '%s_F-CUSTOMER' % project.getReference(), ['Auditor'])
-class TestComputerNetworkModule(TestSlapOSGroupRoleSecurityMixin):
-  def test_ComputerNetworkModule(self):
-    module = self.portal.computer_network_module
-    self.assertSecurityGroup(module,
-        ['F-PRODUCTION*', 'F-CUSTOMER', 'R-SHADOW-PERSON', module.Base_getOwnerId()],
-        False)
-    self.assertRoles(module, 'F-CUSTOMER', ['Auditor'])
-    self.assertRoles(module, 'F-PRODUCTION*', ['Auditor', 'Author'])
-    self.assertRoles(module, 'R-SHADOW-PERSON', ['Auditor'])
-    self.assertRoles(module, module.Base_getOwnerId(), ['Owner'])
-class TestComputerNetwork(TestComputerModel):
-  document_portal_type = 'Computer Network'
-class TestComputerNetworkModule(TestSlapOSGroupRoleSecurityMixin):
-  def test(self):
-    module = self.portal.computer_network_module
-    self.changeOwnership(module)
-    self.assertSecurityGroup(module,
-        ['F-PRODUCTION*', 'F-CUSTOMER', 'R-SHADOW-PERSON', self.user_id],
-        False)
-    self.assertRoles(module, 'F-CUSTOMER', ['Auditor'])
-    self.assertRoles(module, 'F-PRODUCTION*', ['Auditor', 'Author'])
-    self.assertRoles(module, 'R-SHADOW-PERSON', ['Auditor'])
-    self.assertRoles(module, self.user_id, ['Owner'])
-class TestCredentialUpdateModule(TestSlapOSGroupRoleSecurityMixin):
-  def test(self):
-    module = self.portal.credential_update_module
-    self.changeOwnership(module)
-    self.assertSecurityGroup(module,
-        [self.user_id, 'R-MEMBER', 'G-COMPANY'], False)
-    self.assertRoles(module, 'R-MEMBER', ['Auditor', 'Author'])
-    self.assertRoles(module, 'G-COMPANY', ['Auditor', 'Author'])
-    self.assertRoles(module, self.user_id, ['Owner'])
-class TestDataSet(TestSlapOSGroupRoleSecurityMixin):
-  def test(self):
-    data_set = self.portal.data_set_module.newContent(portal_type='Data Set')
-    data_set.updateLocalRolesOnSecurityGroups()
-    self.assertSecurityGroup(data_set,
-        [self.user_id, 'G-COMPANY'],
-        False)
-    self.assertRoles(data_set, 'G-COMPANY', ['Assignor'])
-    self.assertRoles(data_set, self.user_id, ['Owner'])
-class TestDataSetModule(TestSlapOSGroupRoleSecurityMixin):
-  def test(self):
-    module = self.portal.data_set_module
-    self.changeOwnership(module)
-    self.assertSecurityGroup(module,
-        ['G-COMPANY', self.user_id], False)
-    self.assertRoles(module, 'G-COMPANY', ['Author', 'Auditor'])
-    self.assertRoles(module, self.user_id, ['Owner'])
-class TestInstanceTree(TestSlapOSGroupRoleSecurityMixin):
-  def test_RelatedSoftwareInstanceGroup(self):
-    reference = 'TESTHS-%s' % self.generateNewId()
-    subscription = self.portal.instance_tree_module.newContent(
-        portal_type='Instance Tree', reference=reference)
-    subscription.updateLocalRolesOnSecurityGroups()
-    self.assertSecurityGroup(subscription, [self.user_id, reference], False)
-    self.assertRoles(subscription, reference, ['Assignee'])
-    self.assertRoles(subscription, self.user_id, ['Owner'])
-  def test_CustomOfTheInstanceTree(self):
-    customer_reference = 'TESTPERSON-%s' % self.generateNewId()
-    customer = self.portal.person_module.newContent(
-        portal_type='Person', reference=customer_reference)
-    reference = 'TESTHS-%s' % self.generateNewId()
-    subscription = self.portal.instance_tree_module.newContent(
-        portal_type='Instance Tree', reference=reference,
-        destination_section=customer.getRelativeUrl())
-    subscription.updateLocalRolesOnSecurityGroups()
-    self.assertSecurityGroup(subscription, [self.user_id, reference,
-        customer.getUserId()], False)
-    self.assertRoles(subscription, reference, ['Assignee'])
-    self.assertRoles(subscription, customer.getUserId(), ['Assignee'])
-    self.assertRoles(subscription, self.user_id, ['Owner'])
-  def test_ProjectMember(self):
-    project = self.addProject()
-    reference = 'TESTHS-%s' % self.generateNewId()
-    project = self.portal.project_module.newContent(
-        portal_type='Project')
-    subscription = self.portal.instance_tree_module.newContent(
-        portal_type='Instance Tree', reference=reference,
-        follow_up_value=project)
-    subscription.updateLocalRolesOnSecurityGroups()
-    self.assertSecurityGroup(subscription, [self.user_id, reference,
-        '%s_F-PRODAGNT' % project.getReference(),
-        '%s_F-PRODMAN' % project.getReference()], False)
-    self.assertRoles(subscription, reference, ['Assignee'])
-    self.assertRoles(subscription, self.user_id, ['Owner'])
-    self.assertRoles(subscription, '%s_F-PRODMAN' % project.getReference(), ['Assignor'])
-    self.assertRoles(subscription, '%s_F-PRODAGNT' % project.getReference(), ['Assignee'])
-class TestInstanceTreeModule(TestSlapOSGroupRoleSecurityMixin):
-  def test(self):
-    module = self.portal.instance_tree_module
-    self.changeOwnership(module)
-    self.assertSecurityGroup(module,
-        ['F-PRODUCTION*', 'R-COMPUTER', 'F-CUSTOMER', 'R-INSTANCE', self.user_id], False)
-    self.assertRoles(module, 'F-CUSTOMER', ['Auditor', 'Author'])
-    self.assertRoles(module, 'R-COMPUTER', ['Auditor'])
-    self.assertRoles(module, 'R-INSTANCE', ['Auditor'])
-    self.assertRoles(module, 'F-PRODUCTION*', ['Auditor'])
-    self.assertRoles(module, self.user_id, ['Owner'])
-class TestOrganisation(TestSlapOSGroupRoleSecurityMixin):
-  def test(self):
-    organisation = self.portal.organisation_module.newContent(
-        portal_type='Organisation')
-    organisation.setReference("TESTORG-%s" % self.generateNewId())
-    organisation.updateLocalRolesOnSecurityGroups()
-    self.assertSecurityGroup(organisation,
-        ['G-COMPANY', self.user_id, organisation.getReference(), 'R-SHADOW-PERSON'], False)
-    self.assertRoles(organisation, 'G-COMPANY', ['Assignor'])
-    self.assertRoles(organisation, organisation.getReference(), ['Assignee'])
-    self.assertRoles(organisation, 'R-SHADOW-PERSON', ['Auditor'])
-    self.assertRoles(organisation, self.user_id, ['Owner', 'Assignee'])
-  def test_without_reference(self):
-    organisation = self.portal.organisation_module.newContent(
-        portal_type='Organisation')
-    organisation.updateLocalRolesOnSecurityGroups()
-    self.assertSecurityGroup(organisation,
-        ['G-COMPANY', self.user_id, 'R-SHADOW-PERSON'], False)
-    self.assertRoles(organisation, 'G-COMPANY', ['Assignor'])
-    self.assertRoles(organisation, 'R-SHADOW-PERSON', ['Auditor'])
-    self.assertRoles(organisation, self.user_id, ['Owner', 'Assignee'])
-  def test_RoleAdmin(self):
-    organisation = self.portal.organisation_module.newContent(
-        portal_type='Organisation')
-    organisation.setReference("TESTORG-%s" % self.generateNewId())
-    organisation.setRole("admin")
-    organisation.updateLocalRolesOnSecurityGroups()
-    self.assertSecurityGroup(organisation,
-        ['G-COMPANY', self.user_id, organisation.getReference(), 'R-SHADOW-PERSON', 'R-MEMBER'], False)
-    self.assertRoles(organisation, 'G-COMPANY', ['Assignor'])
-    self.assertRoles(organisation, organisation.getReference(), ['Assignee'])
-    self.assertRoles(organisation, 'R-MEMBER', ['Auditor'])
-    self.assertRoles(organisation, 'R-SHADOW-PERSON', ['Auditor'])
-    self.assertRoles(organisation, self.user_id, ['Owner', 'Assignee'])
-  def test_defaultSlapOSOrganisation(self):
-    # Test to ensure slapos organisation is well configured by default
-    organisation = self.portal.organisation_module.slapos
-    self.changeOwnership(organisation)
-    organisation.updateLocalRolesOnSecurityGroups()
-    self.assertSecurityGroup(organisation,
-        ['G-COMPANY', self.user_id, 'R-SHADOW-PERSON', 'R-MEMBER'], False)
-    self.assertRoles(organisation, 'G-COMPANY', ['Assignor'])
-    self.assertRoles(organisation, 'R-MEMBER', ['Auditor'])
-    self.assertRoles(organisation, 'R-SHADOW-PERSON', ['Auditor'])
-    self.assertRoles(organisation, self.user_id, ['Owner', 'Assignee'])
-class TestOrganisationModule(TestSlapOSGroupRoleSecurityMixin):
-  def test(self):
-    module = self.portal.organisation_module
-    self.changeOwnership(module)
-    self.assertSecurityGroup(module,
-        ['G-COMPANY', 'R-COMPUTER', 'R-MEMBER', self.user_id, 'R-SHADOW-PERSON'], False)
-    self.assertRoles(module, 'R-MEMBER', ['Auditor', 'Author'])
-    self.assertRoles(module, 'R-COMPUTER', ['Auditor'])
-    self.assertRoles(module, 'G-COMPANY', ['Auditor', 'Author'])
-    self.assertRoles(module, 'R-SHADOW-PERSON', ['Auditor'])
-    self.assertRoles(module, self.user_id, ['Owner'])
-class TestProjectModule(TestSlapOSGroupRoleSecurityMixin):
-  def test(self):
-    module = self.portal.project_module
-    self.changeOwnership(module)
-    self.assertSecurityGroup(module,
-        ['G-COMPANY', 'R-COMPUTER', 'R-MEMBER', self.user_id, 'R-SHADOW-PERSON'], True)
-    self.assertRoles(module, 'R-MEMBER', ['Auditor', 'Author'])
-    self.assertRoles(module, 'R-COMPUTER', ['Auditor'])
-    self.assertRoles(module, 'G-COMPANY', ['Auditor', 'Author'])
-    self.assertRoles(module, 'R-SHADOW-PERSON', ['Auditor'])
-    self.assertRoles(module, self.user_id, ['Owner'])
-class TestProject(TestSlapOSGroupRoleSecurityMixin):
-  def test_with_user(self):
-    project = self.addProject()
-    person = self.makePerson(project, user=1)
-    project = self.portal.project_module.newContent(
-        portal_type='Project',
-        destination_decision_value=person)
-    project.updateLocalRolesOnSecurityGroups()
-    self.assertSecurityGroup(project,
-        ['G-COMPANY', self.user_id, person.getUserId(), project.getReference(), 'R-SHADOW-PERSON'], False)
-    self.assertRoles(project, 'G-COMPANY', ['Assignor'])
-    self.assertRoles(project, project.getReference(), ['Assignee'])
-    self.assertRoles(project, 'R-SHADOW-PERSON', ['Auditor'])
-    self.assertRoles(project, self.user_id, ['Owner'])
-    self.assertRoles(project, person.getUserId(), ['Assignee'])
-  def test(self):
-    project = self.portal.project_module.newContent(
-        portal_type='Project')
-    project.updateLocalRolesOnSecurityGroups()
-    self.assertSecurityGroup(project,
-        ['G-COMPANY', self.user_id, project.getReference(), 'R-SHADOW-PERSON'], False)
-    self.assertRoles(project, 'G-COMPANY', ['Assignor'])
-    self.assertRoles(project, project.getReference(), ['Assignee'])
-    self.assertRoles(project, 'R-SHADOW-PERSON', ['Auditor'])
-    self.assertRoles(project, self.user_id, ['Owner'])
-class TestPerson(TestSlapOSGroupRoleSecurityMixin):
-  def test_GroupCompany(self):
-    person = self.portal.person_module.newContent(portal_type='Person')
-    person.updateLocalRolesOnSecurityGroups()
-    self.assertSecurityGroup(person,
-        ['G-COMPANY', self.user_id], False)
-    self.assertRoles(person, 'G-COMPANY', ['Assignor'])
-    self.assertRoles(person, self.user_id, ['Owner'])
-  def test_TheUserHimself(self, login_portal_type="ERP5 Login"):
-    person = self.portal.person_module.newContent(portal_type='Person')
-    person.newContent(portal_type=login_portal_type)
-    person.updateLocalRolesOnSecurityGroups()
-    shadow_reference = 'SHADOW-%s' % person.getUserId()
-    self.assertSecurityGroup(person,
-        ['G-COMPANY', self.user_id, person.getUserId(), shadow_reference], False)
-    self.assertRoles(person, 'G-COMPANY', ['Assignor'])
-    self.assertRoles(person, person.getUserId(), ['Assignee'])
-    self.assertRoles(person, shadow_reference, ['Auditor'])
-    self.assertRoles(person, self.user_id, ['Owner'])
-  def test_TheUserHimself_Facebook(self):
-    self.test_TheUserHimself(login_portal_type="Facebook Login")
-  def test_TheUserHimself_Google(self):
-    self.test_TheUserHimself(login_portal_type="Google Login")
-  def test_TheUserHimself_Certificate(self):
-    self.test_TheUserHimself(login_portal_type="Certificate Login")
-  def test_ProjectMember(self, login_portal_type="ERP5 Login"):
-    person = self.portal.person_module.newContent(portal_type='Person')
-    person.newContent(portal_type=login_portal_type)
-    project = self.portal.project_module.newContent(
-      portal_type="Project"
-    )
-    project.validate()
-    person.newContent(portal_type='Assignment',
-      destination_project_value=project).open()
-    self.tic()
-    person.updateLocalRolesOnSecurityGroups()
-    shadow_reference = 'SHADOW-%s' % person.getUserId()
-    self.assertSecurityGroup(person,
-        ['G-COMPANY', self.user_id, person.getUserId(), shadow_reference, 
-        project.getReference()], False)
-    self.assertRoles(person, 'G-COMPANY', ['Assignor'])
-    self.assertRoles(person, person.getUserId(), ['Assignee'])
-    self.assertRoles(person, shadow_reference, ['Auditor'])
-    self.assertRoles(person, project.getReference(), ['Auditor'])
-    self.assertRoles(person, self.user_id, ['Owner'])
-class TestCertificateLogin(TestSlapOSGroupRoleSecurityMixin):
-  login_portal_type = "Certificate Login"
-  def test_PersonCanAccessLoginDocument(self):
-    person = self.portal.person_module.newContent(portal_type='Person')
-    login = person.newContent(portal_type=self.login_portal_type)
-    person.updateLocalRolesOnSecurityGroups()
-    login.updateLocalRolesOnSecurityGroups()
-    self.assertSecurityGroup(login,
-        [self.user_id, person.getUserId()], False)
-    self.assertRoles(login, person.getUserId(), ['Assignee'])
-    self.assertRoles(login, self.user_id, ['Owner'])
-  def test_ComputeNodeCanAccessSoftwareInstanceLoginDocument(self):
-    software_instance = self.portal.software_instance_module.newContent(portal_type='Software Instance')
-    login = software_instance.newContent(portal_type=self.login_portal_type)
-    compute_node_reference = 'TESTCOMP-%s' % self.generateNewId()
-    compute_node = self.portal.compute_node_module.template_compute_node\
-        .Base_createCloneDocument(batch_mode=1)
-    compute_node.edit(reference=compute_node_reference)
-    partition = compute_node.newContent(portal_type='Compute Partition')
-    software_instance.edit(aggregate=partition.getRelativeUrl())
-    compute_node.updateLocalRolesOnSecurityGroups()
-    software_instance.updateLocalRolesOnSecurityGroups()
-    login.updateLocalRolesOnSecurityGroups()
-    self.assertSecurityGroup(login,
-      [self.user_id, software_instance.getUserId(),
-       compute_node.getUserId()], False)
-    self.assertRoles(login, software_instance.getUserId(), ['Assignee'])
-    self.assertRoles(login, self.user_id, ['Owner'])
-    self.assertRoles(login, compute_node.getUserId(), ['Assignor'])
-  def test_ComputeNodeCanAccessLoginDocument(self):
-    compute_node = self.portal.compute_node_module.newContent(portal_type='Compute Node')
-    login = compute_node.newContent(portal_type=self.login_portal_type)
-    compute_node.updateLocalRolesOnSecurityGroups()
-    login.updateLocalRolesOnSecurityGroups()
-    self.assertSecurityGroup(login,
-        [self.user_id, compute_node.getUserId()], False)
-    self.assertRoles(login, compute_node.getUserId(), ['Assignee'])
-    self.assertRoles(login, self.user_id, ['Owner'])
-  def test_ComputeNodeSourceAdministrationCanAccessLoginDocument(self):
-    person = self.portal.person_module.newContent(portal_type='Person')
-    compute_node = self.portal.compute_node_module.newContent(
-      portal_type='Compute Node', source_administration=person.getRelativeUrl())
-    login = compute_node.newContent(portal_type=self.login_portal_type)
-    compute_node.updateLocalRolesOnSecurityGroups()
-    login.updateLocalRolesOnSecurityGroups()
-    self.assertSecurityGroup(login,
-        [self.user_id, compute_node.getUserId(),
-         person.getUserId()], False)
-    self.assertRoles(login, compute_node.getUserId(), ['Assignee'])
-    self.assertRoles(login, self.user_id, ['Owner'])
-    self.assertRoles(login, person.getUserId(), ['Assignee'])
-  def test_SoftwareInstanceCanAccessLoginDocument(self):
-    software_instance = self.portal.software_instance_module.newContent(portal_type='Software Instance')
-    login = software_instance.newContent(portal_type=self.login_portal_type)
-    software_instance.updateLocalRolesOnSecurityGroups()
-    login.updateLocalRolesOnSecurityGroups()
-    self.assertSecurityGroup(login,
-        [self.user_id, software_instance.getUserId()], False)
-    self.assertRoles(login, software_instance.getUserId(), ['Assignee'])
-    self.assertRoles(login, self.user_id, ['Owner'])
-class TestERP5Login(TestSlapOSGroupRoleSecurityMixin):
-  login_portal_type = "ERP5 Login"
-  def test_PersonCanAccessLoginDocument(self):
-    person = self.portal.person_module.newContent(portal_type='Person')
-    login = person.newContent(portal_type=self.login_portal_type)
-    person.updateLocalRolesOnSecurityGroups()
-    login.updateLocalRolesOnSecurityGroups()
-    self.assertSecurityGroup(login,
-        [self.user_id, person.getUserId()], False)
-    self.assertRoles(login, person.getUserId(), ['Assignee'])
-    self.assertRoles(login, self.user_id, ['Owner'])
-class TestGoogleLogin(TestERP5Login):
-  login_portal_type = "Google Login"
-class TestFacebookLogin(TestERP5Login):
-  login_portal_type = "Facebook Login"
-class TestPersonModule(TestSlapOSGroupRoleSecurityMixin):
-  def test(self):
-    module = self.portal.person_module
-    self.changeOwnership(module)
-    self.assertSecurityGroup(module,
-        ['G-COMPANY', 'R-MEMBER', self.user_id, 'R-SHADOW-PERSON'], False)
-    self.assertRoles(module, 'R-MEMBER', ['Auditor'])
-    self.assertRoles(module, 'G-COMPANY', ['Auditor', 'Author'])
-    self.assertRoles(module, 'R-SHADOW-PERSON', ['Auditor'])
-    self.assertRoles(module, self.user_id, ['Owner'])
-class TestSlaveInstance(TestSlapOSGroupRoleSecurityMixin):
-  def test_default(self):
-    instance = self.portal.software_instance_module.newContent(
-        portal_type='Slave Instance')
-    instance.updateLocalRolesOnSecurityGroups()
-    self.assertSecurityGroup(instance, [self.user_id], False)
-    self.assertRoles(instance, self.user_id, ['Owner'])
-  def test_CustomerOfTheInstance(self):
-    customer_reference = 'TESTPERSON-%s' % self.generateNewId()
-    customer = self.portal.person_module.newContent(
-        portal_type='Person', reference=customer_reference)
-    subscription_reference = 'TESTHS-%s ' % self.generateNewId()
-    subscription = self.portal.instance_tree_module.newContent(
-        portal_type='Instance Tree',
-        reference=subscription_reference,
-        destination_section=customer.getRelativeUrl())
-    instance = self.portal.software_instance_module.newContent(
-        portal_type='Slave Instance', specialise=subscription.getRelativeUrl())
-    instance.updateLocalRolesOnSecurityGroups()
-    self.assertSecurityGroup(instance, [customer.getUserId(),
-        subscription_reference, self.user_id], False)
-    self.assertRoles(instance, customer.getUserId(), ['Assignee'])
-    self.assertRoles(instance, subscription_reference, ['Assignee'])
-    self.assertRoles(instance, self.user_id, ['Owner'])
-  def test_ProjectMember(self):
-    project = self.addProject()
-    instance = self.portal.software_instance_module.newContent(
-      portal_type='Slave Instance',
-      follow_up_value=project
-    )
-    instance.updateLocalRolesOnSecurityGroups()
-    self.assertSecurityGroup(instance, [
-      self.user_id,
-      '%s_F-PRODAGNT' % project.getReference(),
-      '%s_F-PRODMAN' % project.getReference()
-    ], False)
-    self.assertRoles(instance, self.user_id, ['Owner'])
-    self.assertRoles(instance, '%s_F-PRODAGNT' % project.getReference(), ['Assignee'])
-    self.assertRoles(instance, '%s_F-PRODMAN' % project.getReference(), ['Assignor'])
-  def test_SoftwareInstanceWhichProvidesThisSlaveInstance(self):
-    compute_node_reference = 'TESTCOMP-%s' % self.generateNewId()
-    compute_node = self.portal.compute_node_module.template_compute_node\
-        .Base_createCloneDocument(batch_mode=1)
-    compute_node.edit(reference=compute_node_reference)
-    partition = compute_node.newContent(portal_type='Compute Partition')
-    provider_reference = 'TESTSI-%s' % self.generateNewId()
-    provider = self.portal.software_instance_module\
-        .template_software_instance.Base_createCloneDocument(batch_mode=1)
-    provider.edit(reference=provider_reference,
-        aggregate=partition.getRelativeUrl())
-    provider.validate()
-    self.tic()
-    instance = self.portal.software_instance_module.newContent(
-        portal_type='Slave Instance', aggregate=partition.getRelativeUrl())
-    instance.updateLocalRolesOnSecurityGroups()
-    self.assertSecurityGroup(instance, [provider.getUserId(),
-        compute_node.getUserId(), self.user_id], False)
-    self.assertRoles(instance, provider.getUserId(), ['Assignor'])
-    self.assertRoles(instance, compute_node.getUserId(), ['Assignor'])
-    self.assertRoles(instance, self.user_id, ['Owner'])
-class TestSoftwareInstallation(TestSlapOSGroupRoleSecurityMixin):
-  def test_default(self):
-    installation = self.portal.software_installation_module.newContent(
-        portal_type='Software Installation')
-    installation.updateLocalRolesOnSecurityGroups()
-    self.assertSecurityGroup(installation, [self.user_id], False)
-    self.assertRoles(installation, self.user_id, ['Owner'])
-  def test_ComputeNode(self):
-    compute_node_reference = 'TESTCOMP-%s' % self.generateNewId()
-    compute_node = self.portal.compute_node_module.template_compute_node\
-        .Base_createCloneDocument(batch_mode=1)
-    compute_node.edit(reference=compute_node_reference)
-    installation = self.portal.software_installation_module.newContent(
-        portal_type='Software Installation',
-        aggregate=compute_node.getRelativeUrl())
-    installation.updateLocalRolesOnSecurityGroups()
-    self.assertSecurityGroup(installation, [self.user_id,
-        compute_node.getUserId()], False)
-    self.assertRoles(installation, compute_node.getUserId(), ['Assignor'])
-    self.assertRoles(installation, self.user_id, ['Owner'])
-  def test_ProjectMember(self):
-    project = self.addProject()
-    installation = self.portal.software_installation_module.newContent(
-        portal_type='Software Installation',
-        follow_up_value=project)
-    installation.updateLocalRolesOnSecurityGroups()
-    self.assertSecurityGroup(installation, [
-      self.user_id,
-      '%s_F-PRODAGNT' % project.getReference(),
-      '%s_F-PRODMAN' % project.getReference(),
-      '%s_F-CUSTOMER' % project.getReference(),
-    ], False)
-    self.assertRoles(installation, self.user_id, ['Owner'])
-    self.assertRoles(installation, '%s_F-PRODAGNT' % project.getReference(), ['Assignee'])
-    self.assertRoles(installation, '%s_F-PRODMAN' % project.getReference(), ['Assignor'])
-    self.assertRoles(installation, '%s_F-CUSTOMER' % project.getReference(), ['Auditor'])
-class TestSoftwareInstallationModule(TestSlapOSGroupRoleSecurityMixin):
-  def test(self):
-    module = self.portal.software_installation_module
-    self.changeOwnership(module)
-    self.assertSecurityGroup(module,
-        ['F-PRODUCTION*', 'F-CUSTOMER', 'R-COMPUTER', self.user_id], False)
-    self.assertRoles(module, 'R-COMPUTER', ['Auditor'])
-    self.assertRoles(module, 'F-CUSTOMER', ['Auditor'])
-    self.assertRoles(module, 'F-PRODUCTION*', ['Auditor', 'Author'])
-    self.assertRoles(module, self.user_id, ['Owner'])
-class TestSoftwareInstance(TestSlapOSGroupRoleSecurityMixin):
-  def test_default(self):
-    instance = self.portal.software_instance_module.newContent(
-        portal_type='Software Instance')
-    instance.updateLocalRolesOnSecurityGroups()
-    self.assertSecurityGroup(instance, [self.user_id], False)
-    self.assertRoles(instance, self.user_id, ['Owner'])
-  def test_CustomerOfTheInstance(self):
-    customer_reference = 'TESTPERSON-%s' % self.generateNewId()
-    customer = self.portal.person_module.newContent(
-        portal_type='Person', reference=customer_reference)
-    subscription_reference = 'TESTHS-%s ' % self.generateNewId()
-    subscription = self.portal.instance_tree_module.newContent(
-        portal_type='Instance Tree',
-        reference=subscription_reference,
-        destination_section=customer.getRelativeUrl())
-    instance = self.portal.software_instance_module.newContent(
-        portal_type='Software Instance', specialise=subscription.getRelativeUrl())
-    instance.updateLocalRolesOnSecurityGroups()
-    self.assertSecurityGroup(instance, [customer.getUserId(),
-        subscription_reference, self.user_id], False)
-    self.assertRoles(instance, customer.getUserId(), ['Assignee'])
-    self.assertRoles(instance, subscription_reference, ['Assignee'])
-    self.assertRoles(instance, self.user_id, ['Owner'])
-  def test_ProjectMember(self):
-    project = self.addProject()
-    instance = self.portal.software_instance_module.newContent(
-      portal_type='Software Instance',
-      follow_up_value=project
-    )
-    instance.updateLocalRolesOnSecurityGroups()
-    self.assertSecurityGroup(instance, [
-      self.user_id,
-      '%s_F-PRODAGNT' % project.getReference(),
-      '%s_F-PRODMAN' % project.getReference(),
-    ], False)
-    self.assertRoles(instance, self.user_id, ['Owner'])
-    self.assertRoles(instance, '%s_F-PRODAGNT' % project.getReference(), ['Assignee'])
-    self.assertRoles(instance, '%s_F-PRODMAN' % project.getReference(), ['Assignor'])
-  def test_ComputeNode(self):
-    compute_node_reference = 'TESTCOMP-%s' % self.generateNewId()
-    compute_node = self.portal.compute_node_module.template_compute_node\
-        .Base_createCloneDocument(batch_mode=1)
-    compute_node.edit(reference=compute_node_reference)
-    partition = compute_node.newContent(portal_type='Compute Partition')
-    self.commit()
-    instance = self.portal.software_instance_module.newContent(
-        portal_type='Software Instance', aggregate=partition.getRelativeUrl())
-    instance.updateLocalRolesOnSecurityGroups()
-    self.assertSecurityGroup(instance, [compute_node.getUserId(),
-        self.user_id], False)
-    self.assertRoles(instance, compute_node.getUserId(), ['Assignor'])
-    self.assertRoles(instance, self.user_id, ['Owner'])
-class TestSoftwareInstanceModule(TestSlapOSGroupRoleSecurityMixin):
-  def test(self):
-    module = self.portal.software_instance_module
-    self.changeOwnership(module)
-    self.assertSecurityGroup(module,
-        ['F-PRODUCTION*', 'R-COMPUTER', 'R-INSTANCE', 'F-CUSTOMER', self.user_id], False)
-    self.assertRoles(module, 'F-CUSTOMER', ['Auditor', 'Author'])
-    self.assertRoles(module, 'F-PRODUCTION*', ['Auditor'])
-    self.assertRoles(module, 'R-COMPUTER', ['Auditor'])
-    self.assertRoles(module, 'R-INSTANCE', ['Auditor', 'Author'])
-    self.assertRoles(module, self.user_id, ['Owner'])
-class TestSoftwareProduct(TestSlapOSGroupRoleSecurityMixin):
-  def test_default(self):
-    product = self.portal.software_product_module.newContent(
-        portal_type='Software Product')
-    product.updateLocalRolesOnSecurityGroups()
-    self.assertSecurityGroup(product,
-        [self.user_id], False)
-    self.assertRoles(product, self.user_id, ['Owner'])
-  def test_Project(self):
-    project = self.addProject()
-    product = self.portal.software_product_module.newContent(
-        portal_type='Software Product',
-        follow_up_value=project)
-    product.updateLocalRolesOnSecurityGroups()
-    self.assertSecurityGroup(product, [self.user_id,
-        '%s_F-CUSTOMER' % project.getReference(),
-        '%s_F-PRODAGNT' % project.getReference(),
-        '%s_F-PRODMAN' % project.getReference()], False)
-    self.assertRoles(product, self.user_id, ['Owner'])
-    self.assertRoles(product, '%s_F-PRODMAN' % project.getReference(), ['Assignor'])
-    self.assertRoles(product, '%s_F-PRODAGNT' % project.getReference(), ['Assignee'])
-    self.assertRoles(product, '%s_F-CUSTOMER' % project.getReference(), ['Auditor'])
-class TestSoftwareProductModule(TestSlapOSGroupRoleSecurityMixin):
-  def test(self):
-    module = self.portal.software_product_module
-    self.changeOwnership(module)
-    self.assertSecurityGroup(module,
-        ['F-PRODUCTION*', 'F-CUSTOMER', self.user_id], False)
-    self.assertRoles(module, 'F-CUSTOMER', ['Auditor'])
-    self.assertRoles(module, 'F-PRODUCTION*', ['Auditor', 'Author'])
-    self.assertRoles(module, self.user_id, ['Owner'])
-class TestOpenSaleOrderModule(TestSlapOSGroupRoleSecurityMixin):
-  def test(self):
-    module = self.portal.open_sale_order_module
-    self.changeOwnership(module)
-    self.assertSecurityGroup(module,
-        ['G-COMPANY', self.user_id], False)
-    self.assertRoles(module, 'G-COMPANY', ['Auditor', 'Author'])
-    self.assertRoles(module, self.user_id, ['Owner'])
-class TestOpenSaleOrder(TestSlapOSGroupRoleSecurityMixin):
-  def test_GroupCompany(self):
-    product = self.portal.open_sale_order_module.newContent(
-        portal_type='Open Sale Order')
-    product.updateLocalRolesOnSecurityGroups()
-    self.assertSecurityGroup(product,
-        ['G-COMPANY', self.user_id], False)
-    self.assertRoles(product, 'G-COMPANY', ['Assignor'])
-    self.assertRoles(product, self.user_id, ['Owner'])
-class TestSalePackingListModule(TestSlapOSGroupRoleSecurityMixin):
-  def test(self):
-    module = self.portal.sale_packing_list_module
-    self.changeOwnership(module)
-    self.assertSecurityGroup(module,
-        ['G-COMPANY', self.user_id, 'R-MEMBER'], False)
-    self.assertRoles(module, 'G-COMPANY', ['Auditor', 'Author'])
-    self.assertRoles(module, self.user_id, ['Owner'])
-    self.assertRoles(module, 'R-MEMBER', ['Auditor'])
-class TestSalePackingList(TestSlapOSGroupRoleSecurityMixin):
-  def test_GroupCompany(self):
-    product = self.portal.sale_packing_list_module.newContent(
-        portal_type='Sale Packing List')
-    product.updateLocalRolesOnSecurityGroups()
-    self.assertSecurityGroup(product,
-        ['G-COMPANY', self.user_id], False)
-    self.assertRoles(product, 'G-COMPANY', ['Auditor'])
-    self.assertRoles(product, self.user_id, ['Owner'])
-  def test_GroupCustomerSubscription(self):
-    reference = 'TESTPERSON-%s' % self.generateNewId()
-    person = self.portal.person_module.newContent(portal_type='Person',
-        reference=reference)
-    product = self.portal.sale_packing_list_module.newContent(
-        portal_type='Sale Packing List',
-        destination_decision_value=person,
-        specialise_value=self.portal.sale_trade_condition_module.\
-                           slapos_subscription_trade_condition,
-        )
-    product.updateLocalRolesOnSecurityGroups()
-    self.assertSecurityGroup(product,
-        ['G-COMPANY', self.user_id, person.getUserId()], False)
-    self.assertRoles(product, 'G-COMPANY', ['Auditor'])
-    self.assertRoles(product, self.user_id, ['Owner'])
-    self.assertRoles(product, person.getUserId(), ['Auditor'])
-  def test_GroupCustomerAggregation(self):
-    reference = 'TESTPERSON-%s' % self.generateNewId()
-    person = self.portal.person_module.newContent(portal_type='Person',
-        reference=reference)
-    product = self.portal.sale_packing_list_module.newContent(
-        portal_type='Sale Packing List',
-        destination_decision_value=person,
-        specialise_value=self.portal.sale_trade_condition_module.\
-                           slapos_aggregated_trade_condition,
-        )
-    product.updateLocalRolesOnSecurityGroups()
-    self.assertSecurityGroup(product,
-        ['G-COMPANY', self.user_id, person.getUserId()], False)
-    self.assertRoles(product, 'G-COMPANY', ['Auditor'])
-    self.assertRoles(product, self.user_id, ['Owner'])
-    self.assertRoles(product, person.getUserId(), ['Auditor'])
-  def test_GroupCustomerAggregatedSubscription(self):
-    reference = 'TESTPERSON-%s' % self.generateNewId()
-    person = self.portal.person_module.newContent(portal_type='Person',
-        reference=reference)
-    product = self.portal.sale_packing_list_module.newContent(
-        portal_type='Sale Packing List',
-        destination_decision_value=person,
-        specialise_value=self.portal.sale_trade_condition_module.\
-                           slapos_aggregated_subscription_trade_condition,
-        )
-    product.updateLocalRolesOnSecurityGroups()
-    self.assertSecurityGroup(product,
-        ['G-COMPANY', self.user_id, person.getUserId()], False)
-    self.assertRoles(product, 'G-COMPANY', ['Auditor'])
-    self.assertRoles(product, self.user_id, ['Owner'])
-    self.assertRoles(product, person.getUserId(), ['Auditor'])
-class TestAccountingTransactionModule(TestSlapOSGroupRoleSecurityMixin):
-  def test(self):
-    module = self.portal.accounting_module
-    self.changeOwnership(module)
-    self.assertSecurityGroup(module,
-        ['F-ACCOUNTING*', 'F-PRODUCTION*', self.user_id,
-         'R-SHADOW-PERSON', 'F-CUSTOMER'], True)
-    self.assertRoles(module, 'F-ACCOUNTING*', ['Auditor', 'Author'])
-    self.assertRoles(module, 'R-SHADOW-PERSON', ['Assignor'])
-    self.assertRoles(module, 'F-PRODUCTION*', ['Auditor'])
-    self.assertRoles(module, 'F-CUSTOMER', ['Auditor'])
-    self.assertRoles(module, self.user_id, ['Owner'])
-class TestAccountingTransaction(TestSlapOSGroupRoleSecurityMixin):
-  def test_AccountingFunction_LedgerNotAutomated(self):
-    product = self.portal.accounting_module.newContent(
-        portal_type='Accounting Transaction')
-    product.updateLocalRolesOnSecurityGroups()
-    self.assertSecurityGroup(product,
-        ['F-ACCMAN', 'F-ACCAGT', self.user_id], False)
-    self.assertRoles(product, 'F-ACCMAN', ['Assignor'])
-    self.assertRoles(product, 'F-ACCAGT', ['Assignee'])
-    self.assertRoles(product, self.user_id, ['Owner'])
-  def test_AccountingFunction_LedgerAutomated(self):
-    product = self.portal.accounting_module.newContent(
-        portal_type='Accounting Transaction')
-    product.edit(ledger='automated')
-    product.updateLocalRolesOnSecurityGroups()
-    self.assertSecurityGroup(product,
-        ['F-ACCOUNTING*', self.user_id], False)
-    self.assertRoles(product, 'F-ACCOUNTING*', ['Auditor'])
-    self.assertRoles(product, self.user_id, ['Owner'])
-class TestBalanceTransaction(TestSlapOSGroupRoleSecurityMixin):
-  def test_AccountingFunction_LedgerNotAutomated(self):
-    product = self.portal.accounting_module.newContent(
-        portal_type='Balance Transaction')
-    product.updateLocalRolesOnSecurityGroups()
-    self.assertSecurityGroup(product,
-        ['F-ACCMAN', 'F-ACCAGT', self.user_id], False)
-    self.assertRoles(product, 'F-ACCMAN', ['Assignor'])
-    self.assertRoles(product, 'F-ACCAGT', ['Assignee'])
-    self.assertRoles(product, self.user_id, ['Owner'])
-  def test_AccountingFunction_LedgerAutomated(self):
-    product = self.portal.accounting_module.newContent(
-        portal_type='Balance Transaction')
-    product.edit(ledger='automated')
-    product.updateLocalRolesOnSecurityGroups()
-    self.assertSecurityGroup(product,
-        ['F-ACCOUNTING*', self.user_id], False)
-    self.assertRoles(product, 'F-ACCOUNTING*', ['Auditor'])
-    self.assertRoles(product, self.user_id, ['Owner'])
-class TestPaymentTransaction(TestSlapOSGroupRoleSecurityMixin):
-  def test_AccountingFunction_LedgerNotAutomated(self):
-    product = self.portal.accounting_module.newContent(
-        portal_type='Payment Transaction')
-    product.updateLocalRolesOnSecurityGroups()
-    self.assertSecurityGroup(product,
-        ['F-ACCMAN', 'F-ACCAGT', self.user_id], False)
-    self.assertRoles(product, 'F-ACCMAN', ['Assignor'])
-    self.assertRoles(product, 'F-ACCAGT', ['Assignee'])
-    self.assertRoles(product, self.user_id, ['Owner'])
-  def test_AccountingFunction_LedgerAutomated(self):
+class TestRemoteNode(TestSlapOSGroupRoleSecurityMixin):
-    product = self.portal.accounting_module.newContent(
+  def test_RemoteNode_userId(self):
-        portal_type='Payment Transaction')
+    compute_node = self.portal.compute_node_module.newContent(portal_type='Remote Node')
-    product.edit(ledger='automated')
+    self.assertSecurityGroup(compute_node,
-    product.updateLocalRolesOnSecurityGroups()
+        [self.user_id], False)
-    self.assertSecurityGroup(product,
+    self.assertRoles(compute_node, self.user_id, ['Owner'])
-        ['F-ACCOUNTING*', 'R-SHADOW-PERSON', self.user_id], False)
-    self.assertRoles(product, 'F-ACCOUNTING*', ['Auditor'])
-    self.assertRoles(product, 'R-SHADOW-PERSON', ['Assignee'])
-    self.assertRoles(product, self.user_id, ['Owner'])
-  def test_UserWithoutLedger(self):
+    compute_node.edit(user_id=None)
-    reference = 'TESTPERSON-%s' % self.generateNewId()
+    self.assertSecurityGroup(compute_node,
-    person = self.portal.person_module.newContent(portal_type='Person',
+        [self.user_id], False)
-        reference=reference)
+    self.assertRoles(compute_node, self.user_id, ['Owner'])
-    product = self.portal.accounting_module.newContent(
-        portal_type='Payment Transaction')
-    product.edit(
-        destination_section_value=person,
-        )
-    product.updateLocalRolesOnSecurityGroups()
-    self.assertSecurityGroup(product,
-        ['F-ACCMAN', 'F-ACCAGT', self.user_id], False)
-    self.assertRoles(product, 'F-ACCMAN', ['Assignor'])
-    self.assertRoles(product, 'F-ACCAGT', ['Assignee'])
-    self.assertRoles(product, self.user_id, ['Owner'])
-  def test_UserLedger(self):
+  def test_RemoteNode_ProjectMember(self):
-    reference = 'TESTPERSON-%s' % self.generateNewId()
+    project = self.addProject()
-    person = self.portal.person_module.newContent(portal_type='Person',
+    compute_node = self.portal.compute_node_module.newContent(
-        reference=reference)
+        portal_type='Remote Node')
-    product = self.portal.accounting_module.newContent(
+    compute_node.edit(
-        portal_type='Payment Transaction')
+        follow_up_value=project)
-    product.edit(
-        destination_section_value=person,
-        ledger='automated'
-        )
-    product.updateLocalRolesOnSecurityGroups()
-    shadow_user_id = 'SHADOW-%s' % person.getUserId()
-    self.assertSecurityGroup(product,
-        ['F-ACCOUNTING*', self.user_id, person.getUserId(),
-         shadow_user_id], False)
-    self.assertRoles(product, 'F-ACCOUNTING*', ['Auditor'])
-    self.assertRoles(product, shadow_user_id, ['Auditor'])
-    self.assertRoles(product, person.getUserId(), ['Auditor'])
-    self.assertRoles(product, self.user_id, ['Owner'])
+    self.assertSecurityGroup(compute_node, [
+      self.user_id,
+      '%s_F-PRODAGNT' % project.getReference(),
+      '%s_F-PRODMAN' % project.getReference(),
+      '%s_F-CUSTOMER' % project.getReference(),
+    ], False)
+    self.assertRoles(compute_node, self.user_id, ['Owner'])
+    self.assertRoles(compute_node, '%s_F-PRODAGNT' % project.getReference(), ['Assignee'])
+    self.assertRoles(compute_node, '%s_F-PRODMAN' % project.getReference(), ['Assignor'])
+    self.assertRoles(compute_node, '%s_F-CUSTOMER' % project.getReference(), ['Auditor'])
-class TestPurchaseInvoiceTransaction(TestSlapOSGroupRoleSecurityMixin):
-  def test_AccountingFunction_LedgerNotAutomated(self):
-    product = self.portal.accounting_module.newContent(
-        portal_type='Purchase Invoice Transaction')
-    product.updateLocalRolesOnSecurityGroups()
-    self.assertSecurityGroup(product,
-        ['F-ACCMAN', 'F-ACCAGT', self.user_id], False)
-    self.assertRoles(product, 'F-ACCMAN', ['Assignor'])
-    self.assertRoles(product, 'F-ACCAGT', ['Assignee'])
-    self.assertRoles(product, self.user_id, ['Owner'])
-  def test_AccountingFunction_LedgerAutomated(self):
+class TestComputerModelModule(TestSlapOSGroupRoleSecurityMixin):
-    product = self.portal.accounting_module.newContent(
+  def test_ComputerModelModule(self):
-        portal_type='Purchase Invoice Transaction')
+    module = self.portal.computer_model_module
-    product.edit(ledger='automated')
+    self.assertSecurityGroup(module,
-    product.updateLocalRolesOnSecurityGroups()
+        ['F-PRODUCTION*', 'F-CUSTOMER', 'R-SHADOW-PERSON', module.Base_getOwnerId()],
-    self.assertSecurityGroup(product,
+        False)
-        ['F-ACCOUNTING*', self.user_id], False)
+    self.assertRoles(module, 'F-CUSTOMER', ['Auditor'])
-    self.assertRoles(product, 'F-ACCOUNTING*', ['Auditor'])
+    self.assertRoles(module, 'F-PRODUCTION*', ['Auditor', 'Author'])
-    self.assertRoles(product, self.user_id, ['Owner'])
+    self.assertRoles(module, 'R-SHADOW-PERSON', ['Auditor'])
+    self.assertRoles(module, module.Base_getOwnerId(), ['Owner'])
-class TestSaleInvoiceTransaction(TestSlapOSGroupRoleSecurityMixin):
-  def test_AccountingFunction_LedgerNotAutomated(self):
-    product = self.portal.accounting_module.newContent(
-        portal_type='Sale Invoice Transaction')
-    product.updateLocalRolesOnSecurityGroups()
-    self.assertSecurityGroup(product,
-        ['F-ACCMAN', 'F-ACCAGT', self.user_id], False)
-    self.assertRoles(product, 'F-ACCMAN', ['Assignor'])
-    self.assertRoles(product, 'F-ACCAGT', ['Assignee'])
-    self.assertRoles(product, self.user_id, ['Owner'])
-  def test_AccountingFunction_LedgerAutomated(self):
+class TestComputerModel(TestSlapOSGroupRoleSecurityMixin):
-    product = self.portal.accounting_module.newContent(
+  document_portal_type = 'Computer Model'
-        portal_type='Sale Invoice Transaction')
+  def test_ComputerModel_default(self):
-    product.edit(ledger='automated')
+    model = self.portal.getDefaultModuleValue(self.document_portal_type).newContent(
-    product.updateLocalRolesOnSecurityGroups()
+        portal_type=self.document_portal_type)
-    self.assertSecurityGroup(product,
+    self.assertSecurityGroup(model,
-        ['F-ACCOUNTING*', self.user_id, 'R-SHADOW-PERSON'], False)
+        ['R-SHADOW-PERSON', self.user_id], False)
-    self.assertRoles(product, 'F-ACCOUNTING*', ['Auditor'])
+    self.assertRoles(model, 'R-SHADOW-PERSON', ['Auditor'])
-    self.assertRoles(product, 'R-SHADOW-PERSON', ['Assignee'])
+    self.assertRoles(model, self.user_id, ['Owner'])
-    self.assertRoles(product, self.user_id, ['Owner'])
-  def test_User(self):
+  def test_ComputerModel_ProjectMember(self):
-    reference = 'TESTPERSON-%s' % self.generateNewId()
+    project = self.addProject()
-    person = self.portal.person_module.newContent(portal_type='Person',
+    compute_node = self.portal.getDefaultModuleValue(self.document_portal_type).newContent(
-        reference=reference)
+        portal_type=self.document_portal_type)
-    product = self.portal.accounting_module.newContent(
+    compute_node.edit(
-        portal_type='Sale Invoice Transaction')
+        follow_up_value=project)
-    product.edit(
-        ledger='automated',
-        destination_section_value=person,
-        )
-    product.updateLocalRolesOnSecurityGroups()
-    self.assertSecurityGroup(product,
-        ['F-ACCOUNTING*', self.user_id, person.getUserId(),
-         'R-SHADOW-PERSON'], False)
-    self.assertRoles(product, 'F-ACCOUNTING*', ['Auditor'])
-    self.assertRoles(product, person.getUserId(), ['Auditor'])
-    self.assertRoles(product, 'R-SHADOW-PERSON', ['Assignee'])
-    self.assertRoles(product, self.user_id, ['Owner'])
-class TestServiceModule(TestSlapOSGroupRoleSecurityMixin):
+    self.assertSecurityGroup(compute_node, [
-  def test(self):
+      self.user_id,
-    module = self.portal.service_module
+      'R-SHADOW-PERSON',
-    self.changeOwnership(module)
+      '%s_F-PRODAGNT' % project.getReference(),
-    self.assertSecurityGroup(module,
+      '%s_F-PRODMAN' % project.getReference(),
-        ['G-COMPANY', self.user_id, 'R-MEMBER'], True)
+      '%s_F-CUSTOMER' % project.getReference(),
-    self.assertRoles(module, 'G-COMPANY', ['Auditor', 'Author'])
+    ], False)
-    self.assertRoles(module, 'R-MEMBER', ['Auditor'])
+    self.assertRoles(compute_node, self.user_id, ['Owner'])
-    self.assertRoles(module, self.user_id, ['Owner'])
+    self.assertRoles(compute_node, 'R-SHADOW-PERSON', ['Auditor'])
+    self.assertRoles(compute_node, '%s_F-PRODAGNT' % project.getReference(), ['Assignee'])
+    self.assertRoles(compute_node, '%s_F-PRODMAN' % project.getReference(), ['Assignor'])
+    self.assertRoles(compute_node, '%s_F-CUSTOMER' % project.getReference(), ['Auditor'])
-class TestService(TestSlapOSGroupRoleSecurityMixin):
-  def test_GroupCompany(self):
-    product = self.portal.service_module.newContent(
-        portal_type='Service')
-    product.updateLocalRolesOnSecurityGroups()
-    self.assertSecurityGroup(product,
-        ['G-COMPANY', self.user_id, 'R-MEMBER'], False)
-    self.assertRoles(product, 'G-COMPANY', ['Assignor'])
-    self.assertRoles(product, 'R-MEMBER', ['Auditor'])
-    self.assertRoles(product, self.user_id, ['Owner'])
-class TestAccountModule(TestSlapOSGroupRoleSecurityMixin):
+class TestComputerNetworkModule(TestSlapOSGroupRoleSecurityMixin):
-  def test(self):
+  def test_ComputerNetworkModule(self):
-    module = self.portal.account_module
+    module = self.portal.computer_network_module
-    self.changeOwnership(module)
    self.assertSecurityGroup(module,
-        ['F-ACCOUNTING*', self.user_id, 'R-SHADOW-PERSON'], False)
+        ['F-PRODUCTION*', 'F-CUSTOMER', 'R-SHADOW-PERSON', module.Base_getOwnerId()],
-    self.assertRoles(module, 'F-ACCOUNTING*', ['Auditor', 'Author'])
+        False)
+    self.assertRoles(module, 'F-CUSTOMER', ['Auditor'])
+    self.assertRoles(module, 'F-PRODUCTION*', ['Auditor', 'Author'])
    self.assertRoles(module, 'R-SHADOW-PERSON', ['Auditor'])
-    self.assertRoles(module, self.user_id, ['Owner'])
+    self.assertRoles(module, module.Base_getOwnerId(), ['Owner'])
+class TestComputerNetwork(TestComputerModel):
+  document_portal_type = 'Computer Network'
-class TestAccount(TestSlapOSGroupRoleSecurityMixin):
-  def test_AccountingFunction(self):
-    product = self.portal.account_module.newContent(
-        portal_type='Account')
-    product.updateLocalRolesOnSecurityGroups()
-    self.assertSecurityGroup(product,
-        ['F-ACCMAN', 'F-ACCAGT', self.user_id, 'R-SHADOW-PERSON'], False)
-    self.assertRoles(product, 'F-ACCMAN', ['Assignor'])
-    self.assertRoles(product, 'F-ACCAGT', ['Assignee'])
-    self.assertRoles(product, 'R-SHADOW-PERSON', ['Auditor'])
-    self.assertRoles(product, self.user_id, ['Owner'])
 class TestCurrencyModule(TestSlapOSGroupRoleSecurityMixin):
@@ -1424,9 +578,10 @@ class TestCurrency(TestSlapOSGroupRoleSecurityMixin):
    product = self.portal.currency_module.newContent(
        portal_type='Currency')
    self.assertSecurityGroup(product,
-        ['F-ACCOUNTING*', 'F-PRODUCTION*', self.user_id,
+        ['F-ACCMAN', 'F-ACCAGT', 'F-PRODUCTION*', self.user_id,
         'R-SHADOW-PERSON', 'F-CUSTOMER', 'F-SALE*'], False)
-    self.assertRoles(product, 'F-ACCOUNTING*', ['Auditor', 'Author'])
+    self.assertRoles(product, 'F-ACCMAN', ['Assignor'])
+    self.assertRoles(product, 'F-ACCAGT', ['Assignee'])
    self.assertRoles(product, 'R-SHADOW-PERSON', ['Auditor'])
    self.assertRoles(product, 'F-PRODUCTION*', ['Auditor'])
    self.assertRoles(product, 'F-CUSTOMER', ['Auditor'])
@@ -1450,8 +605,10 @@ class TestMailMessage(TestSlapOSGroupRoleSecurityMixin):
    product = self.portal.event_module.newContent(
        portal_type=self.event_portal_type)
    self.assertSecurityGroup(product,
-        [self.user_id], False)
+        [self.user_id, 'F-SALEAGT', 'F-SALEMAN'], False)
    self.assertRoles(product, self.user_id, ['Owner'])
+    self.assertRoles(product, 'F-SALEMAN', ['Assignor'])
+    self.assertRoles(product, 'F-SALEAGT', ['Assignee'])
  def test_SourceCustomer(self):
    reference = 'TESTPERSON-%s' % self.generateNewId()
@@ -1463,9 +620,11 @@ class TestMailMessage(TestSlapOSGroupRoleSecurityMixin):
        source_value=person,
        )
    self.assertSecurityGroup(product,
-        [person.getUserId(), self.user_id], False)
+        [person.getUserId(), self.user_id, 'F-SALEAGT', 'F-SALEMAN'], False)
    self.assertRoles(product, person.getUserId(), ['Auditor'])
    self.assertRoles(product, self.user_id, ['Owner'])
+    self.assertRoles(product, 'F-SALEMAN', ['Assignor'])
+    self.assertRoles(product, 'F-SALEAGT', ['Assignee'])
  def test_DestinationCustomer(self):
    reference = 'TESTPERSON-%s' % self.generateNewId()
@@ -1477,9 +636,11 @@ class TestMailMessage(TestSlapOSGroupRoleSecurityMixin):
        destination_value=person,
        )
    self.assertSecurityGroup(product,
-        [person.getUserId(), self.user_id], False)
+        [person.getUserId(), self.user_id, 'F-SALEAGT', 'F-SALEMAN'], False)
    self.assertRoles(product, person.getUserId(), ['Auditor'])
    self.assertRoles(product, self.user_id, ['Owner'])
+    self.assertRoles(product, 'F-SALEMAN', ['Assignor'])
+    self.assertRoles(product, 'F-SALEAGT', ['Assignee'])
  def test_SourceProject(self):
    project = self.addProject()
@@ -1618,8 +779,8 @@ class TestSoftwareInstallation(TestSlapOSGroupRoleSecurityMixin):
  def test_SoftwareInstallation_ComputeNode(self):
    compute_node_reference = 'TESTCOMP-%s' % self.generateNewId()
-    compute_node = self.portal.compute_node_module.template_compute_node\
+    compute_node = self.portal.compute_node_module\
-        .Base_createCloneDocument(batch_mode=1)
+        .newContent(portal_type="Compute Node")
    compute_node.edit(reference=compute_node_reference)
    installation = self.portal.software_installation_module.newContent(
@@ -1712,8 +873,8 @@ class TestSoftwareInstance(TestSlapOSGroupRoleSecurityMixin):
  def test_SoftwareInstance_ComputeNode(self):
    compute_node_reference = 'TESTCOMP-%s' % self.generateNewId()
-    compute_node = self.portal.compute_node_module.template_compute_node\
+    compute_node = self.portal.compute_node_module\
-        .Base_createCloneDocument(batch_mode=1)
+        .newContent(portal_type="Compute Node")
    compute_node.edit(reference=compute_node_reference)
    partition = compute_node.newContent(portal_type='Compute Partition')
@@ -1777,15 +938,15 @@ class TestSlaveInstance(TestSlapOSGroupRoleSecurityMixin):
  def test_SlaveInstance_SoftwareInstanceWhichProvidesThisSlaveInstance(self):
    compute_node_reference = 'TESTCOMP-%s' % self.generateNewId()
-    compute_node = self.portal.compute_node_module.template_compute_node\
+    compute_node = self.portal.compute_node_module\
-        .Base_createCloneDocument(batch_mode=1)
+        .newContent(portal_type="Compute Node")
    compute_node.edit(reference=compute_node_reference)
    partition = compute_node.newContent(portal_type='Compute Partition')
    provider_reference = 'TESTSI-%s' % self.generateNewId()
    provider = self.portal.software_instance_module\
-        .template_software_instance.Base_createCloneDocument(batch_mode=1)
+        .newContent(portal_type="Software Instance")
    provider.edit(reference=provider_reference,
        aggregate=partition.getRelativeUrl())
@@ -1854,8 +1015,10 @@ class TestSupportRequest(TestSlapOSGroupRoleSecurityMixin):
    support_request = self.portal.getDefaultModuleValue(self.ticket_portal_type).newContent(
        portal_type=self.ticket_portal_type)
    self.assertSecurityGroup(support_request,
-        [self.user_id], False)
+        [self.user_id, 'F-SALEAGT', 'F-SALEMAN'], False)
    self.assertRoles(support_request, self.user_id, ['Owner'])
+    self.assertRoles(support_request, 'F-SALEMAN', ['Assignor'])
+    self.assertRoles(support_request, 'F-SALEAGT', ['Assignee'])
  def test_SupportRequest_Customer(self):
    reference = 'TESTPERSON-%s' % self.generateNewId()
@@ -1867,24 +1030,77 @@ class TestSupportRequest(TestSlapOSGroupRoleSecurityMixin):
        destination_decision_value=person,
        )
    self.assertSecurityGroup(support_request,
-        [person.getUserId(), self.user_id], False)
+        [person.getUserId(), self.user_id, 'F-SALEAGT', 'F-SALEMAN'], False)
+    self.assertRoles(support_request, person.getUserId(), ['Auditor'])
+    self.assertRoles(support_request, self.user_id, ['Owner'])
+    self.assertRoles(support_request, 'F-SALEMAN', ['Assignor'])
+    self.assertRoles(support_request, 'F-SALEAGT', ['Assignee'])
+  def test_SupportRequest_SourceProject(self):
+    project = self.addProject()
+    support_request = self.portal.getDefaultModuleValue(self.ticket_portal_type).newContent(
+        portal_type=self.ticket_portal_type)
+    support_request.edit(
+        source_project_value=project)
+    self.assertSecurityGroup(support_request, [self.user_id,
+        '%s_F-PRODAGNT' % project.getReference(),
+        '%s_F-PRODMAN' % project.getReference()], False)
+    self.assertRoles(support_request, self.user_id, ['Owner'])
+    self.assertRoles(support_request, '%s_F-PRODMAN' % project.getReference(), ['Assignor'])
+    self.assertRoles(support_request, '%s_F-PRODAGNT' % project.getReference(), ['Assignee'])
+  def test_SupportRequest_DestinationProject(self):
+    project = self.addProject()
+    support_request = self.portal.getDefaultModuleValue(self.ticket_portal_type).newContent(
+        portal_type=self.ticket_portal_type)
+    support_request.edit(
+        destination_project_value=project)
+    self.assertSecurityGroup(support_request, [self.user_id,
+        '%s_F-PRODAGNT' % project.getReference(),
+        '%s_F-PRODMAN' % project.getReference()], False)
+    self.assertRoles(support_request, self.user_id, ['Owner'])
+    self.assertRoles(support_request, '%s_F-PRODMAN' % project.getReference(), ['Assignor'])
+    self.assertRoles(support_request, '%s_F-PRODAGNT' % project.getReference(), ['Assignee'])
+class TestRegularisationRequestModule(TestSlapOSGroupRoleSecurityMixin):
+  def test(self):
+    module = self.portal.regularisation_request_module
+    self.assertSecurityGroup(module,
+        ['F-PRODUCTION*', 'F-CUSTOMER', module.Base_getOwnerId()], True)
+    self.assertRoles(module, 'F-PRODUCTION*', ['Auditor'])
+    self.assertRoles(module, 'F-CUSTOMER', ['Auditor'])
+    self.assertRoles(module, module.Base_getOwnerId(), ['Owner'])
+class TestRegularisationRequest(TestSlapOSGroupRoleSecurityMixin):
+  ticket_portal_type = 'Regularisation Request'
+  def test_RegularisationRequest_default(self):
+    support_request = self.portal.getDefaultModuleValue(self.ticket_portal_type).newContent(
+        portal_type=self.ticket_portal_type)
+    self.assertSecurityGroup(support_request,
+        [self.user_id, 'F-SALEAGT', 'F-SALEMAN'], False)
+    self.assertRoles(support_request, self.user_id, ['Owner'])
+    self.assertRoles(support_request, 'F-SALEMAN', ['Assignor'])
+    self.assertRoles(support_request, 'F-SALEAGT', ['Assignee'])
+  def test_RegularisationRequest_Customer(self):
+    reference = 'TESTPERSON-%s' % self.generateNewId()
+    person = self.portal.person_module.newContent(portal_type='Person',
+        reference=reference)
+    support_request = self.portal.getDefaultModuleValue(self.ticket_portal_type).newContent(
+        portal_type=self.ticket_portal_type)
+    support_request.edit(
+        destination_decision_value=person,
+        )
+    self.assertSecurityGroup(support_request,
+        [person.getUserId(), self.user_id, 'F-SALEAGT', 'F-SALEMAN'], False)
    self.assertRoles(support_request, person.getUserId(), ['Auditor'])
    self.assertRoles(support_request, self.user_id, ['Owner'])
+    self.assertRoles(support_request, 'F-SALEMAN', ['Assignor'])
+    self.assertRoles(support_request, 'F-SALEAGT', ['Assignee'])
-  def test_SupportRequest_Template(self):
+  def test_RegularisationRequest_SourceProject(self):
-    support_request = self.portal.restrictedTraverse(getattr(
-      self.portal.portal_preferences,
-      'getPreferred%sTemplate' % self.ticket_portal_type.title().replace(' ', '')
-    )())
-    assert support_request.getPortalType() == self.ticket_portal_type
-    self.assertSecurityGroup(support_request,
-        [support_request.Base_getOwnerId(), 'R-MEMBER'], False)
-    self.assertRoles(support_request, support_request.Base_getOwnerId(), ['Owner'])
-    self.assertRoles(support_request, 'R-MEMBER', ['Auditor'])
-    self.assertPermissionsOfRole(support_request, 'Auditor',
-        ['Access contents information', 'View'])
-  def test_SupportRequest_SourceProject(self):
    project = self.addProject()
    support_request = self.portal.getDefaultModuleValue(self.ticket_portal_type).newContent(
        portal_type=self.ticket_portal_type)
@@ -1892,12 +1108,15 @@ class TestSupportRequest(TestSlapOSGroupRoleSecurityMixin):
        source_project_value=project)
    self.assertSecurityGroup(support_request, [self.user_id,
        '%s_F-PRODAGNT' % project.getReference(),
-        '%s_F-PRODMAN' % project.getReference()], False)
+        '%s_F-PRODMAN' % project.getReference(),
+        'F-SALEAGT', 'F-SALEMAN'], False)
    self.assertRoles(support_request, self.user_id, ['Owner'])
    self.assertRoles(support_request, '%s_F-PRODMAN' % project.getReference(), ['Assignor'])
    self.assertRoles(support_request, '%s_F-PRODAGNT' % project.getReference(), ['Assignee'])
+    self.assertRoles(support_request, 'F-SALEMAN', ['Assignor'])
+    self.assertRoles(support_request, 'F-SALEAGT', ['Assignee'])
-  def test_SupportRequest_DestinationProject(self):
+  def test_RegularisationRequest_DestinationProject(self):
    project = self.addProject()
    support_request = self.portal.getDefaultModuleValue(self.ticket_portal_type).newContent(
        portal_type=self.ticket_portal_type)
@@ -1905,23 +1124,13 @@ class TestSupportRequest(TestSlapOSGroupRoleSecurityMixin):
        destination_project_value=project)
    self.assertSecurityGroup(support_request, [self.user_id,
        '%s_F-PRODAGNT' % project.getReference(),
-        '%s_F-PRODMAN' % project.getReference()], False)
+        '%s_F-PRODMAN' % project.getReference(),
+        'F-SALEAGT', 'F-SALEMAN'], False)
    self.assertRoles(support_request, self.user_id, ['Owner'])
    self.assertRoles(support_request, '%s_F-PRODMAN' % project.getReference(), ['Assignor'])
    self.assertRoles(support_request, '%s_F-PRODAGNT' % project.getReference(), ['Assignee'])
+    self.assertRoles(support_request, 'F-SALEMAN', ['Assignor'])
+    self.assertRoles(support_request, 'F-SALEAGT', ['Assignee'])
-class TestRegularisationRequestModule(TestSlapOSGroupRoleSecurityMixin):
-  def test(self):
-    module = self.portal.regularisation_request_module
-    self.assertSecurityGroup(module,
-        ['F-PRODUCTION*', 'F-CUSTOMER', module.Base_getOwnerId()], True)
-    self.assertRoles(module, 'F-PRODUCTION*', ['Auditor'])
-    self.assertRoles(module, 'F-CUSTOMER', ['Auditor'])
-    self.assertRoles(module, module.Base_getOwnerId(), ['Owner'])
-class TestRegularisationRequest(TestSupportRequest):
-  ticket_portal_type = 'Regularisation Request'
 class TestSystemEventModule(TestSlapOSGroupRoleSecurityMixin):
@@ -2096,3 +1305,727 @@ class TestSecurePaymentTool(TestSlapOSGroupRoleSecurityMixin):
    self.assertAcquiredPermissions(tool, ['Add ERP5 SQL Methods'])
+class TestSaleSupplyModule(TestSlapOSGroupRoleSecurityMixin):
+  def test_SaleSupplyModule(self):
+    module = self.portal.sale_supply_module
+    # Why does the the sale_supply_module acquire the local roles
+    self.assertSecurityGroup(module,
+        ['F-SALE*', 'F-CUSTOMER', module.Base_getOwnerId()], True)
+    self.assertRoles(module, 'F-SALE*', ['Auditor', 'Author'])
+    self.assertRoles(module, 'F-CUSTOMER', ['Auditor'])
+    self.assertRoles(module, module.Base_getOwnerId(), ['Owner'])
+class TestSaleSupply(TestSlapOSGroupRoleSecurityMixin):
+  def test_SaleSupply_default(self):
+    supply = self.portal.sale_supply_module.newContent(
+        portal_type='Sale Supply')
+    self.assertSecurityGroup(supply,
+        ['F-SALEAGT', 'F-SALEMAN', self.user_id], False)
+    self.assertRoles(supply, self.user_id, ['Owner'])
+    self.assertRoles(supply, 'F-SALEAGT', ['Assignee'])
+    self.assertRoles(supply, 'F-SALEMAN', ['Assignor'])
+  def test_SaleSupply_DestinationCustomer(self):
+    reference = 'TESTPERSON-%s' % self.generateNewId()
+    person = self.portal.person_module.newContent(portal_type='Person',
+        reference=reference)
+    supply = self.portal.sale_supply_module.newContent(
+        portal_type='Sale Supply')
+    supply.edit(
+        destination_value=person,
+        )
+    self.assertSecurityGroup(supply,
+        ['F-SALEAGT', 'F-SALEMAN', self.user_id], False)
+    self.assertRoles(supply, self.user_id, ['Owner'])
+    self.assertRoles(supply, 'F-SALEAGT', ['Assignee'])
+    self.assertRoles(supply, 'F-SALEMAN', ['Assignor'])
+    supply.validate()
+    self.assertSecurityGroup(supply,
+        ['F-SALEAGT', 'F-SALEMAN', person.getUserId(), self.user_id], False)
+    self.assertRoles(supply, self.user_id, ['Owner'])
+    self.assertRoles(supply, 'F-SALEAGT', ['Assignee'])
+    self.assertRoles(supply, 'F-SALEMAN', ['Assignor'])
+    self.assertRoles(supply, person.getUserId(), ['Auditor'])
+    supply.invalidate()
+    self.assertSecurityGroup(supply,
+        ['F-SALEAGT', 'F-SALEMAN', self.user_id], False)
+    self.assertRoles(supply, self.user_id, ['Owner'])
+    self.assertRoles(supply, 'F-SALEAGT', ['Assignee'])
+    self.assertRoles(supply, 'F-SALEMAN', ['Assignor'])
+  def test_SaleSupply_DestinationProject(self):
+    project = self.addProject()
+    supply = self.portal.sale_supply_module.newContent(
+        portal_type='Sale Supply')
+    supply.edit(
+        destination_project_value=project,
+        )
+    self.assertSecurityGroup(supply,
+        ['F-SALEAGT', 'F-SALEMAN', self.user_id], False)
+    self.assertRoles(supply, self.user_id, ['Owner'])
+    self.assertRoles(supply, 'F-SALEAGT', ['Assignee'])
+    self.assertRoles(supply, 'F-SALEMAN', ['Assignor'])
+    supply.validate()
+    self.assertSecurityGroup(supply,
+        ['F-SALEAGT', 'F-SALEMAN', project.getReference(), self.user_id], False)
+    self.assertRoles(supply, self.user_id, ['Owner'])
+    self.assertRoles(supply, 'F-SALEAGT', ['Assignee'])
+    self.assertRoles(supply, 'F-SALEMAN', ['Assignor'])
+    self.assertRoles(supply, project.getReference(), ['Auditor'])
+    supply.invalidate()
+    self.assertSecurityGroup(supply,
+        ['F-SALEAGT', 'F-SALEMAN', self.user_id], False)
+    self.assertRoles(supply, self.user_id, ['Owner'])
+    self.assertRoles(supply, 'F-SALEAGT', ['Assignee'])
+    self.assertRoles(supply, 'F-SALEMAN', ['Assignor'])
+class TestProjectModule(TestSlapOSGroupRoleSecurityMixin):
+  def test_ProjectModule(self):
+    module = self.portal.project_module
+    self.assertSecurityGroup(module,
+        ['F-SALE*', 'F-ACCOUNTING*', 'F-PRODUCTION*', 'F-CUSTOMER',
+         'R-INSTANCE', 'R-COMPUTER', module.Base_getOwnerId()], True)
+    self.assertRoles(module, 'F-SALE*', ['Auditor', 'Author'])
+    self.assertRoles(module, 'F-CUSTOMER', ['Auditor'])
+    self.assertRoles(module, 'F-ACCOUNTING*', ['Auditor'])
+    self.assertRoles(module, 'F-PRODUCTION*', ['Auditor'])
+    self.assertRoles(module, 'F-CUSTOMER', ['Auditor'])
+    self.assertRoles(module, 'R-INSTANCE', ['Auditor'])
+    self.assertRoles(module, 'R-COMPUTER', ['Auditor'])
+    self.assertRoles(module, module.Base_getOwnerId(), ['Owner'])
+class TestProject(TestSlapOSGroupRoleSecurityMixin):
+  def test_Project_default(self):
+    project = self.portal.project_module.newContent(
+        portal_type='Project')
+    # Local roles are recalculated at the end of the transaction
+    transaction.commit()
+    self.assertSecurityGroup(project,
+        ['F-SALEAGT', 'F-SALEMAN', 'F-ACCOUNTING*',
+         project.getReference(), self.user_id], False)
+    self.assertRoles(project, self.user_id, ['Owner'])
+    self.assertRoles(project, 'F-SALEAGT', ['Assignee'])
+    self.assertRoles(project, 'F-SALEMAN', ['Assignor'])
+    self.assertRoles(project, 'F-ACCOUNTING*', ['Auditor'])
+    self.assertRoles(project, project.getReference(), ['Auditor'])
+class TestHostingSubscriptionModule(TestSlapOSGroupRoleSecurityMixin):
+  def test_HostingSubscriptionModule(self):
+    module = self.portal.hosting_subscription_module
+    self.assertSecurityGroup(module,
+        [module.Base_getOwnerId()], False)
+    self.assertRoles(module, module.Base_getOwnerId(), ['Owner'])
+class TestHostingSubscription(TestSlapOSGroupRoleSecurityMixin):
+  def test_HostingSubscription_default(self):
+    hosting_subscription = self.portal.hosting_subscription_module.newContent(
+        portal_type='Hosting Subscription')
+    self.assertSecurityGroup(hosting_subscription,
+        [self.user_id], False)
+    self.assertRoles(hosting_subscription, self.user_id, ['Owner'])
+class TestSalePackingListModule(TestSlapOSGroupRoleSecurityMixin):
+  def test_SalePackingListModule(self):
+    module = self.portal.sale_packing_list_module
+    self.assertSecurityGroup(module,
+        ['F-SALE*', 'F-ACCOUNTING*', module.Base_getOwnerId()], False)
+    self.assertRoles(module, 'F-SALE*', ['Auditor'])
+    self.assertRoles(module, 'F-ACCOUNTING*', ['Auditor'])
+    self.assertRoles(module, module.Base_getOwnerId(), ['Owner'])
+class TestSalePackingList(TestSlapOSGroupRoleSecurityMixin):
+  def test_SalePackingList_default(self):
+    delivery = self.portal.sale_packing_list_module.newContent(
+        portal_type='Sale Packing List')
+    self.assertSecurityGroup(delivery,
+        ['F-SALE*', 'F-ACCOUNTING*', self.user_id], False)
+    self.assertRoles(delivery, self.user_id, ['Owner'])
+    self.assertRoles(delivery, 'F-SALE*', ['Auditor'])
+    self.assertRoles(delivery, 'F-ACCOUNTING*', ['Auditor'])
+class TestOpenSaleOrderModule(TestSlapOSGroupRoleSecurityMixin):
+  def test_OpenSaleOrderModule(self):
+    module = self.portal.open_sale_order_module
+    self.assertSecurityGroup(module,
+        ['F-SALE*', 'F-ACCOUNTING*', module.Base_getOwnerId()], False)
+    self.assertRoles(module, 'F-SALE*', ['Auditor'])
+    self.assertRoles(module, 'F-ACCOUNTING*', ['Auditor'])
+    self.assertRoles(module, module.Base_getOwnerId(), ['Owner'])
+class TestOpenSaleOrder(TestSlapOSGroupRoleSecurityMixin):
+  def test_OpenSaleOrder_default(self):
+    delivery = self.portal.open_sale_order_module.newContent(
+        portal_type='Open Sale Order')
+    self.assertSecurityGroup(delivery,
+        ['F-SALE*', 'F-ACCOUNTING*', self.user_id], False)
+    self.assertRoles(delivery, self.user_id, ['Owner'])
+    self.assertRoles(delivery, 'F-SALE*', ['Auditor'])
+    self.assertRoles(delivery, 'F-ACCOUNTING*', ['Auditor'])
+  def test_OpenSaleOrder_user(self):
+    reference = 'TESTPERSON-%s' % self.generateNewId()
+    person = self.portal.person_module.newContent(portal_type='Person',
+        reference=reference)
+    delivery = self.portal.open_sale_order_module.newContent(
+        portal_type='Open Sale Order')
+    delivery.edit(
+      ledger='automated',
+      destination_section_value=person
+    )
+    self.assertSecurityGroup(delivery,
+        ['F-SALE*', 'F-ACCOUNTING*', self.user_id, person.getUserId()], False)
+    self.assertRoles(delivery, self.user_id, ['Owner'])
+    self.assertRoles(delivery, 'F-SALE*', ['Auditor'])
+    self.assertRoles(delivery, 'F-ACCOUNTING*', ['Auditor'])
+    self.assertRoles(delivery, person.getUserId(), ['Auditor'])
+    delivery.edit(
+      ledger=None
+    )
+    self.assertSecurityGroup(delivery,
+        ['F-SALE*', 'F-ACCOUNTING*', self.user_id], False)
+    self.assertRoles(delivery, self.user_id, ['Owner'])
+    self.assertRoles(delivery, 'F-SALE*', ['Auditor'])
+    self.assertRoles(delivery, 'F-ACCOUNTING*', ['Auditor'])
+    delivery.edit(
+      ledger='automated',
+      destination_section_value=None
+    )
+    self.assertSecurityGroup(delivery,
+        ['F-SALE*', 'F-ACCOUNTING*', self.user_id], False)
+    self.assertRoles(delivery, self.user_id, ['Owner'])
+    self.assertRoles(delivery, 'F-SALE*', ['Auditor'])
+    self.assertRoles(delivery, 'F-ACCOUNTING*', ['Auditor'])
+class TestSaleTradeConditionModule(TestSlapOSGroupRoleSecurityMixin):
+  def test_SaleTradeConditionModule(self):
+    module = self.portal.sale_trade_condition_module
+    self.assertSecurityGroup(module,
+        ['F-SALE*', 'F-ACCOUNTING*', 'F-CUSTOMER',
+         'R-SHADOW-PERSON', module.Base_getOwnerId()], False)
+    self.assertRoles(module, 'F-SALE*', ['Auditor', 'Author'])
+    self.assertRoles(module, 'F-ACCOUNTING*', ['Auditor'])
+    self.assertRoles(module, 'F-CUSTOMER', ['Auditor'])
+    self.assertRoles(module, 'R-SHADOW-PERSON', ['Auditor'])
+    self.assertRoles(module, module.Base_getOwnerId(), ['Owner'])
+class TestSaleTradeCondition(TestSlapOSGroupRoleSecurityMixin):
+  def test_SaleTradeCondition_default(self):
+    delivery = self.portal.sale_trade_condition_module.newContent(
+        portal_type='Sale Trade Condition')
+    self.assertSecurityGroup(delivery,
+        ['F-SALEAGT', 'F-SALEMAN', 'F-ACCOUNTING*', 'R-SHADOW-PERSON',
+         self.user_id], False)
+    self.assertRoles(delivery, self.user_id, ['Owner'])
+    self.assertRoles(delivery, 'F-SALEAGT', ['Assignee'])
+    self.assertRoles(delivery, 'F-SALEMAN', ['Assignor'])
+    self.assertRoles(delivery, 'F-ACCOUNTING*', ['Auditor'])
+    self.assertRoles(delivery, 'R-SHADOW-PERSON', ['Auditor'])
+  def test_SaleTradeCondition_allUsers(self):
+    delivery = self.portal.sale_trade_condition_module.newContent(
+        portal_type='Sale Trade Condition')
+    delivery.validate()
+    self.assertSecurityGroup(delivery,
+        ['F-SALEAGT', 'F-SALEMAN', 'F-ACCOUNTING*', 'R-SHADOW-PERSON',
+         'F-CUSTOMER', self.user_id], False)
+    self.assertRoles(delivery, self.user_id, ['Owner'])
+    self.assertRoles(delivery, 'F-SALEAGT', ['Assignee'])
+    self.assertRoles(delivery, 'F-SALEMAN', ['Assignor'])
+    self.assertRoles(delivery, 'F-ACCOUNTING*', ['Auditor'])
+    self.assertRoles(delivery, 'F-CUSTOMER', ['Auditor'])
+    self.assertRoles(delivery, 'R-SHADOW-PERSON', ['Auditor'])
+    delivery.invalidate()
+    self.assertSecurityGroup(delivery,
+        ['F-SALEAGT', 'F-SALEMAN', 'F-ACCOUNTING*', 'R-SHADOW-PERSON',
+         self.user_id], False)
+    self.assertRoles(delivery, self.user_id, ['Owner'])
+    self.assertRoles(delivery, 'F-SALEAGT', ['Assignee'])
+    self.assertRoles(delivery, 'F-SALEMAN', ['Assignor'])
+    self.assertRoles(delivery, 'F-ACCOUNTING*', ['Auditor'])
+    self.assertRoles(delivery, 'R-SHADOW-PERSON', ['Auditor'])
+  def test_SaleTradeCondition_singleUser(self):
+    reference = 'TESTPERSON-%s' % self.generateNewId()
+    person = self.portal.person_module.newContent(portal_type='Person',
+        reference=reference)
+    delivery = self.portal.sale_trade_condition_module.newContent(
+        portal_type='Sale Trade Condition')
+    delivery.validate()
+    delivery.edit(destination_value=person)
+    self.assertSecurityGroup(delivery,
+        ['F-SALEAGT', 'F-SALEMAN', 'F-ACCOUNTING*', 'R-SHADOW-PERSON',
+         self.user_id, person.getUserId()], False)
+    self.assertRoles(delivery, self.user_id, ['Owner'])
+    self.assertRoles(delivery, 'F-SALEAGT', ['Assignee'])
+    self.assertRoles(delivery, 'F-SALEMAN', ['Assignor'])
+    self.assertRoles(delivery, 'F-ACCOUNTING*', ['Auditor'])
+    self.assertRoles(delivery, person.getUserId(), ['Auditor'])
+    self.assertRoles(delivery, 'R-SHADOW-PERSON', ['Auditor'])
+    delivery.invalidate()
+    self.assertSecurityGroup(delivery,
+        ['F-SALEAGT', 'F-SALEMAN', 'F-ACCOUNTING*', 'R-SHADOW-PERSON',
+         self.user_id], False)
+    self.assertRoles(delivery, self.user_id, ['Owner'])
+    self.assertRoles(delivery, 'F-SALEAGT', ['Assignee'])
+    self.assertRoles(delivery, 'F-SALEMAN', ['Assignor'])
+    self.assertRoles(delivery, 'F-ACCOUNTING*', ['Auditor'])
+    self.assertRoles(delivery, 'R-SHADOW-PERSON', ['Auditor'])
+  def test_SaleTradeCondition_project(self):
+    project = self.portal.project_module.newContent(portal_type='Project')
+    delivery = self.portal.sale_trade_condition_module.newContent(
+        portal_type='Sale Trade Condition')
+    delivery.validate()
+    delivery.edit(destination_project_value=project)
+    self.assertSecurityGroup(delivery,
+        ['F-SALEAGT', 'F-SALEMAN', 'F-ACCOUNTING*', 'R-SHADOW-PERSON',
+         self.user_id, project.getReference()], False)
+    self.assertRoles(delivery, self.user_id, ['Owner'])
+    self.assertRoles(delivery, 'F-SALEAGT', ['Assignee'])
+    self.assertRoles(delivery, 'F-SALEMAN', ['Assignor'])
+    self.assertRoles(delivery, 'F-ACCOUNTING*', ['Auditor'])
+    self.assertRoles(delivery, project.getReference(), ['Auditor'])
+    self.assertRoles(delivery, 'R-SHADOW-PERSON', ['Auditor'])
+    delivery.invalidate()
+    self.assertSecurityGroup(delivery,
+        ['F-SALEAGT', 'F-SALEMAN', 'F-ACCOUNTING*', 'R-SHADOW-PERSON',
+         self.user_id], False)
+    self.assertRoles(delivery, self.user_id, ['Owner'])
+    self.assertRoles(delivery, 'F-SALEAGT', ['Assignee'])
+    self.assertRoles(delivery, 'F-SALEMAN', ['Assignor'])
+    self.assertRoles(delivery, 'F-ACCOUNTING*', ['Auditor'])
+    self.assertRoles(delivery, 'R-SHADOW-PERSON', ['Auditor'])
+class TestSubscriptionRequestModule(TestSlapOSGroupRoleSecurityMixin):
+  def test_SubscriptionRequestModule(self):
+    module = self.portal.subscription_request_module
+    self.assertSecurityGroup(module,
+        ['F-SALE*', 'F-CUSTOMER', module.Base_getOwnerId()], False)
+    self.assertRoles(module, 'F-SALE*', ['Auditor', 'Author'])
+    self.assertRoles(module, 'F-CUSTOMER', ['Auditor'])
+    self.assertRoles(module, module.Base_getOwnerId(), ['Owner'])
+class TestSubscriptionRequest(TestSlapOSGroupRoleSecurityMixin):
+  def test_SubscriptionRequest_default(self):
+    delivery = self.portal.subscription_request_module.newContent(
+        portal_type='Subscription Request')
+    self.assertSecurityGroup(delivery,
+        ['F-SALE*', self.user_id], False)
+    self.assertRoles(delivery, self.user_id, ['Owner'])
+    self.assertRoles(delivery, 'F-SALE*', ['Auditor'])
+  def test_SubscriptionRequest_user(self):
+    reference = 'TESTPERSON-%s' % self.generateNewId()
+    person = self.portal.person_module.newContent(portal_type='Person',
+        reference=reference)
+    delivery = self.portal.subscription_request_module.newContent(
+        portal_type='Subscription Request')
+    delivery.edit(destination_decision_value=person, ledger="automated")
+    self.assertSecurityGroup(delivery,
+        ['F-SALE*', self.user_id, person.getUserId()], False)
+    self.assertRoles(delivery, self.user_id, ['Owner'])
+    self.assertRoles(delivery, 'F-SALE*', ['Auditor'])
+    self.assertRoles(delivery, person.getUserId(), ['Associate'])
+class TestOrganisationModule(TestSlapOSGroupRoleSecurityMixin):
+  def test_OrganisationModule(self):
+    module = self.portal.organisation_module
+    self.assertSecurityGroup(module,
+        ['F-SALE*', 'F-ACCOUNTING*', 'R-SHADOW-PERSON',
+         module.Base_getOwnerId()], False)
+    self.assertRoles(module, 'F-SALE*', ['Auditor', 'Author'])
+    self.assertRoles(module, 'F-ACCOUNTING*', ['Auditor', 'Author'])
+    self.assertRoles(module, 'R-SHADOW-PERSON', ['Auditor'])
+    self.assertRoles(module, module.Base_getOwnerId(), ['Owner'])
+class TestOrganisation(TestSlapOSGroupRoleSecurityMixin):
+  def test_Organisation_default(self):
+    delivery = self.portal.organisation_module.newContent(
+        portal_type='Organisation')
+    self.assertSecurityGroup(delivery,
+        ['F-ACCAGT', 'F-ACCMAN', 'F-SALEAGT', 'F-SALEMAN',
+         'R-SHADOW-PERSON', self.user_id], False)
+    self.assertRoles(delivery, self.user_id, ['Owner'])
+    self.assertRoles(delivery, 'F-ACCAGT', ['Assignee'])
+    self.assertRoles(delivery, 'F-ACCMAN', ['Assignor'])
+    self.assertRoles(delivery, 'F-SALEAGT', ['Assignee'])
+    self.assertRoles(delivery, 'F-SALEMAN', ['Assignor'])
+    self.assertRoles(delivery, 'R-SHADOW-PERSON', ['Auditor'])
+class TestBankAccount(TestSlapOSGroupRoleSecurityMixin):
+  def test_BankAccount_default(self):
+    delivery = self.portal.organisation_module.newContent(
+        portal_type='Organisation').newContent(portal_type="Bank Account")
+    self.assertSecurityGroup(delivery,
+        ['F-ACCAGT', 'F-ACCMAN', self.user_id], False)
+    self.assertRoles(delivery, self.user_id, ['Owner'])
+    self.assertRoles(delivery, 'F-ACCAGT', ['Assignee'])
+    self.assertRoles(delivery, 'F-ACCMAN', ['Assignor'])
+class TestCashRegister(TestSlapOSGroupRoleSecurityMixin):
+  def test_CashRegister_default(self):
+    delivery = self.portal.organisation_module.newContent(
+        portal_type='Organisation').newContent(portal_type="Cash Register")
+    self.assertSecurityGroup(delivery,
+        ['F-ACCAGT', 'F-ACCMAN', self.user_id], False)
+    self.assertRoles(delivery, self.user_id, ['Owner'])
+    self.assertRoles(delivery, 'F-ACCAGT', ['Assignee'])
+    self.assertRoles(delivery, 'F-ACCMAN', ['Assignor'])
+class TestBusinessProcessModule(TestSlapOSGroupRoleSecurityMixin):
+  def test_BusinessProcessModule(self):
+    module = self.portal.business_process_module
+    self.assertSecurityGroup(module,
+        ['F-SALE*', 'F-ACCOUNTING*',
+         module.Base_getOwnerId()], False)
+    self.assertRoles(module, 'F-SALE*', ['Auditor'])
+    self.assertRoles(module, 'F-ACCOUNTING*', ['Auditor'])
+    self.assertRoles(module, module.Base_getOwnerId(), ['Owner'])
+class TestBusinessProcess(TestSlapOSGroupRoleSecurityMixin):
+  def test_BusinessProcess_default(self):
+    delivery = self.portal.business_process_module.newContent(
+        portal_type='Business Process')
+    self.assertSecurityGroup(delivery,
+        ['F-SALE*', 'F-ACCOUNTING*', self.user_id], False)
+    self.assertRoles(delivery, self.user_id, ['Owner'])
+    self.assertRoles(delivery, 'F-SALE*', ['Auditor'])
+    self.assertRoles(delivery, 'F-ACCOUNTING*', ['Auditor'])
+class TestServiceModule(TestSlapOSGroupRoleSecurityMixin):
+  def test_ServiceModule(self):
+    module = self.portal.service_module
+    # XXX why does this module acquires local roles
+    self.assertSecurityGroup(module,
+        ['F-SALE*', 'F-ACCOUNTING*', 'F-CUSTOMER', 'F-PRODUCTION*',
+         module.Base_getOwnerId()], True)
+    self.assertRoles(module, 'F-SALE*', ['Auditor'])
+    self.assertRoles(module, 'F-ACCOUNTING*', ['Auditor'])
+    self.assertRoles(module, 'F-CUSTOMER', ['Auditor'])
+    self.assertRoles(module, 'F-PRODUCTION*', ['Auditor'])
+    self.assertRoles(module, module.Base_getOwnerId(), ['Owner'])
+class TestService(TestSlapOSGroupRoleSecurityMixin):
+  def test_Service_default(self):
+    delivery = self.portal.service_module.newContent(
+        portal_type='Service')
+    self.assertSecurityGroup(delivery,
+        ['F-SALE*', 'F-ACCOUNTING*', 'F-CUSTOMER', 'F-PRODUCTION*',
+         self.user_id], False)
+    self.assertRoles(delivery, self.user_id, ['Owner'])
+    self.assertRoles(delivery, 'F-SALE*', ['Auditor'])
+    self.assertRoles(delivery, 'F-ACCOUNTING*', ['Auditor'])
+    self.assertRoles(delivery, 'F-CUSTOMER', ['Auditor'])
+    self.assertRoles(delivery, 'F-PRODUCTION*', ['Auditor'])
+class TestPersonModule(TestSlapOSGroupRoleSecurityMixin):
+  def test_PersonModule(self):
+    module = self.portal.person_module
+    self.assertSecurityGroup(module,
+        ['F-SALE*', 'F-ACCOUNTING*', 'F-CUSTOMER', 'F-PRODUCTION*',
+         'R-SHADOW-PERSON', module.Base_getOwnerId()], False)
+    self.assertRoles(module, 'F-SALE*', ['Auditor', 'Author'])
+    self.assertRoles(module, 'F-ACCOUNTING*', ['Auditor', 'Author'])
+    self.assertRoles(module, 'F-CUSTOMER', ['Auditor'])
+    self.assertRoles(module, 'R-SHADOW-PERSON', ['Auditor'])
+    self.assertRoles(module, 'F-PRODUCTION*', ['Auditor'])
+    self.assertRoles(module, module.Base_getOwnerId(), ['Owner'])
+class TestPerson(TestSlapOSGroupRoleSecurityMixin):
+  def test_Person_default(self):
+    delivery = self.portal.person_module.newContent(
+        portal_type='Person')
+    self.assertSecurityGroup(delivery,
+        ['F-ACCMAN', 'F-SALEAGT', 'F-ACCAGT', 'F-SALEMAN',
+         self.user_id], False)
+    self.assertRoles(delivery, self.user_id, ['Owner'])
+    self.assertRoles(delivery, 'F-SALEAGT', ['Assignee'])
+    self.assertRoles(delivery, 'F-SALEMAN', ['Assignor'])
+    self.assertRoles(delivery, 'F-ACCMAN', ['Assignor'])
+    self.assertRoles(delivery, 'F-ACCAGT', ['Assignee'])
+  def test_Person_selfUser(self):
+    delivery = self.portal.person_module.newContent(
+        portal_type='Person')
+    delivery.newContent(portal_type='ERP5 Login')
+    self.assertSecurityGroup(delivery,
+        ['F-ACCMAN', 'F-SALEAGT', 'F-ACCAGT', 'F-SALEMAN',
+         delivery.getUserId(), 'SHADOW-%s' % delivery.getUserId(),
+         self.user_id], False)
+    self.assertRoles(delivery, self.user_id, ['Owner'])
+    self.assertRoles(delivery, 'F-SALEAGT', ['Assignee'])
+    self.assertRoles(delivery, 'F-SALEMAN', ['Assignor'])
+    self.assertRoles(delivery, 'F-ACCMAN', ['Assignor'])
+    self.assertRoles(delivery, 'F-ACCAGT', ['Assignee'])
+    self.assertRoles(delivery, delivery.getUserId(), ['Assignee'])
+    self.assertRoles(delivery, 'SHADOW-%s' % delivery.getUserId(), ['Auditor'])
+class TestERP5Login(TestSlapOSGroupRoleSecurityMixin):
+  def test_ERP5Login_selfUser(self):
+    delivery = self.portal.person_module.newContent(
+        portal_type='Person').newContent(portal_type='ERP5 Login')
+    self.assertSecurityGroup(delivery,
+        [delivery.getParentValue().getUserId(), self.user_id], False)
+    self.assertRoles(delivery, self.user_id, ['Owner'])
+    self.assertRoles(delivery, delivery.getParentValue().getUserId(), ['Assignee'])
+class TestFacebookLogin(TestSlapOSGroupRoleSecurityMixin):
+  def test_FacebookLogin_selfUser(self):
+    delivery = self.portal.person_module.newContent(
+        portal_type='Person').newContent(portal_type='Facebook Login')
+    self.assertSecurityGroup(delivery,
+        [delivery.getParentValue().getUserId(), self.user_id], False)
+    self.assertRoles(delivery, self.user_id, ['Owner'])
+    self.assertRoles(delivery, delivery.getParentValue().getUserId(), ['Assignee'])
+class TestGoogleLogin(TestSlapOSGroupRoleSecurityMixin):
+  def test_GoogleLogin_selfUser(self):
+    delivery = self.portal.person_module.newContent(
+        portal_type='Person').newContent(portal_type='Google Login')
+    self.assertSecurityGroup(delivery,
+        [delivery.getParentValue().getUserId(), self.user_id], False)
+    self.assertRoles(delivery, self.user_id, ['Owner'])
+    self.assertRoles(delivery, delivery.getParentValue().getUserId(), ['Assignee'])
+class TestCertificateLogin(TestSlapOSGroupRoleSecurityMixin):
+  def test_CertificateLogin_person(self):
+    delivery = self.portal.person_module.newContent(
+        portal_type='Person').newContent(portal_type='Certificate Login')
+    self.assertSecurityGroup(delivery,
+        [delivery.getParentValue().getUserId(), self.user_id], False)
+    self.assertRoles(delivery, self.user_id, ['Owner'])
+    self.assertRoles(delivery, delivery.getParentValue().getUserId(), ['Assignee'])
+  def test_CertificateLogin_computeNode(self):
+    delivery = self.portal.compute_node_module.newContent(
+        portal_type='Compute Node').newContent(portal_type='Certificate Login')
+    self.assertSecurityGroup(delivery,
+        [delivery.getParentValue().getUserId(), self.user_id], False)
+    self.assertRoles(delivery, self.user_id, ['Owner'])
+    self.assertRoles(delivery, delivery.getParentValue().getUserId(), ['Assignee'])
+  def test_CertificateLogin_computeNodeManager(self):
+    project = self.portal.project_module.newContent(portal_type='Project')
+    compute_node = self.portal.compute_node_module.newContent(
+        portal_type='Compute Node')
+    login = compute_node.newContent(portal_type='Certificate Login')
+    compute_node.edit(follow_up_value=project)
+    self.assertSecurityGroup(login,
+        [compute_node.getUserId(), self.user_id,
+         '%s_F-PRODAGNT' % project.getReference(),
+         '%s_F-PRODMAN' % project.getReference()], False)
+    self.assertRoles(login, self.user_id, ['Owner'])
+    self.assertRoles(login, compute_node.getUserId(), ['Assignee'])
+    self.assertRoles(login, '%s_F-PRODMAN' % project.getReference(), ['Assignor'])
+    self.assertRoles(login, '%s_F-PRODAGNT' % project.getReference(), ['Assignee'])
+  def test_CertificateLogin_softwareInstance(self):
+    delivery = self.portal.software_instance_module.newContent(
+        portal_type='Software Instance').newContent(portal_type='Certificate Login')
+    self.assertSecurityGroup(delivery,
+        [delivery.getParentValue().getUserId(), self.user_id], False)
+    self.assertRoles(delivery, self.user_id, ['Owner'])
+    self.assertRoles(delivery, delivery.getParentValue().getUserId(), ['Assignee'])
+  def test_CertificateLogin_aggregateSoftwareInstance(self):
+    compute_node = self.portal.compute_node_module.newContent(portal_type='Compute Node')
+    partition = compute_node.newContent(portal_type='Compute Partition')
+    delivery = self.portal.software_instance_module.newContent(
+        portal_type='Software Instance').newContent(portal_type='Certificate Login')
+    delivery.getParentValue().edit(aggregate_value=partition)
+    self.assertSecurityGroup(delivery,
+        [delivery.getParentValue().getUserId(),
+         compute_node.getUserId(), self.user_id], False)
+    self.assertRoles(delivery, self.user_id, ['Owner'])
+    self.assertRoles(delivery, delivery.getParentValue().getUserId(), ['Assignee'])
+    self.assertRoles(delivery, compute_node.getUserId(), ['Assignor'])
+class TestDocumentIngestionModule(TestSlapOSGroupRoleSecurityMixin):
+  def test_DocumentIngestionModule(self):
+    module = self.portal.document_ingestion_module
+    # XXX Why does it acquire local roles
+    self.assertSecurityGroup(module,
+        ['F-ACCOUNTING*', module.Base_getOwnerId()], True)
+    self.assertRoles(module, 'F-ACCOUNTING*', ['Auditor', 'Author'])
+    self.assertRoles(module, module.Base_getOwnerId(), ['Owner'])
+class TestDocumentModule(TestSlapOSGroupRoleSecurityMixin):
+  def test_DocumentModule(self):
+    module = self.portal.document_module
+    self.assertSecurityGroup(module,
+        ['F-ACCOUNTING*', module.Base_getOwnerId()], False)
+    self.assertRoles(module, 'F-ACCOUNTING*', ['Auditor', 'Author'])
+    self.assertRoles(module, module.Base_getOwnerId(), ['Owner'])
+class TestPDF(TestSlapOSGroupRoleSecurityMixin):
+  def test_PDF_default(self):
+    delivery = self.portal.document_module.newContent(
+        portal_type='PDF')
+    self.assertSecurityGroup(delivery,
+        ['F-ACCMAN', 'F-ACCAGT',
+         self.user_id], False)
+    self.assertRoles(delivery, self.user_id, ['Owner'])
+    self.assertRoles(delivery, 'F-ACCMAN', ['Assignor'])
+    self.assertRoles(delivery, 'F-ACCAGT', ['Assignee'])
+class TestQuery(TestSlapOSGroupRoleSecurityMixin):
+  def test_Query_default(self):
+    delivery = self.portal.query_module.newContent(
+      portal_type='Query'
+    )
+    self.assertSecurityGroup(delivery,
+        [self.user_id], False)
+    self.assertRoles(delivery, self.user_id, ['Owner'])
+  def test_Query_agent(self):
+    # There is no interaction workflow to recalculate local roles
+    person = self.portal.person_module.newContent(portal_type='Person')
+    delivery = self.portal.query_module.newContent(
+      agent_value=person,
+      portal_type='Query'
+    )
+    self.assertSecurityGroup(delivery,
+        [self.user_id], False)
+    self.assertRoles(delivery, self.user_id, ['Owner'])
+    self.assertRoles(delivery, person.getUserId(), [])
+class TestNotificationMessageModule(TestSlapOSGroupRoleSecurityMixin):
+  def test_NotificationMessageModule(self):
+    module = self.portal.notification_message_module
+    self.assertSecurityGroup(module,
+        ['F-SALE*', module.Base_getOwnerId()], False)
+    self.assertRoles(module, 'F-SALE*', ['Auditor', 'Author'])
+    self.assertRoles(module, module.Base_getOwnerId(), ['Owner'])
+class TestNotificationMessage(TestSlapOSGroupRoleSecurityMixin):
+  def test_NotificationMessage_default(self):
+    delivery = self.portal.notification_message_module.newContent(
+      portal_type='Notification Message'
+    )
+    self.assertSecurityGroup(delivery,
+        ['F-SALEAGT', 'F-SALEMAN', self.user_id], False)
+    self.assertRoles(delivery, self.user_id, ['Owner'])
+    self.assertRoles(delivery, 'F-SALEAGT', ['Assignee'])
+    self.assertRoles(delivery, 'F-SALEMAN', ['Assignor'])
+class TestCredentialUpdateModule(TestSlapOSGroupRoleSecurityMixin):
+  def test_CredentialUpdateModule(self):
+    module = self.portal.credential_update_module
+    self.assertSecurityGroup(module,
+        ['F-ACCOUNTING*', 'F-PRODUCTION*', module.Base_getOwnerId(),
+         'F-CUSTOMER', 'F-SALE*'], False)
+    self.assertRoles(module, 'F-ACCOUNTING*', ['Auditor', 'Author'])
+    self.assertRoles(module, 'F-PRODUCTION*', ['Auditor', 'Author'])
+    self.assertRoles(module, 'F-CUSTOMER', ['Auditor', 'Author'])
+    self.assertRoles(module, 'F-SALE*', ['Auditor', 'Author'])
+    self.assertRoles(module, module.Base_getOwnerId(), ['Owner'])
+class TestAccessTokenModule(TestSlapOSGroupRoleSecurityMixin):
+  def test_AccessTokenModule(self):
+    module = self.portal.access_token_module
+    self.assertSecurityGroup(module,
+        ['F-PRODUCTION*', module.Base_getOwnerId()], False)
+    self.assertRoles(module, 'F-PRODUCTION*', ['Author'])
+    self.assertRoles(module, module.Base_getOwnerId(), ['Owner'])
+class TestRestrictedAccessToken(TestSlapOSGroupRoleSecurityMixin):
+  def test_RestrictedAccessToken_default(self):
+    delivery = self.portal.access_token_module.newContent(
+      portal_type='Restricted Access Token'
+    )
+    self.assertSecurityGroup(delivery,
+        [self.user_id], False)
+    self.assertRoles(delivery, self.user_id, ['Owner'])
+  def test_RestrictedAccessToken_agent(self):
+    # There is no interaction workflow to recalculate local roles
+    person = self.portal.person_module.newContent(portal_type='Person')
+    delivery = self.portal.access_token_module.newContent(
+      agent_value=person,
+      portal_type='Restricted Access Token'
+    )
+    self.assertSecurityGroup(delivery,
+        [person.getUserId(), self.user_id], False)
+    self.assertRoles(delivery, self.user_id, ['Owner'])
+    self.assertRoles(delivery, person.getUserId(), ['Auditor'])
+class TestConsumptionDocumentModule(TestSlapOSGroupRoleSecurityMixin):
+  def test_ConsumptionDocumentModule(self):
+    module = self.portal.consumption_document_module
+    self.assertSecurityGroup(module,
+        ['R-COMPUTER', module.Base_getOwnerId()], False)
+    self.assertRoles(module, 'R-COMPUTER', ['Author'])
+    self.assertRoles(module, module.Base_getOwnerId(), ['Owner'])
+class TestIntegrationTool(TestSlapOSGroupRoleSecurityMixin):
+  def test_IntegrationTool(self):
+    module = self.portal.portal_integrations
+    self.assertSecurityGroup(module,
+        ['R-SHADOW-PERSON', module.Base_getOwnerId()], False)
+    self.assertRoles(module, 'R-SHADOW-PERSON', ['Auditor'])
+    self.assertRoles(module, module.Base_getOwnerId(), ['Owner'])
+class TestIntegrationSite(TestSlapOSGroupRoleSecurityMixin):
+  def test_IntegrationSite_default(self):
+    delivery = self.portal.portal_integrations.newContent(
+      portal_type='Integration Site'
+    )
+    self.assertSecurityGroup(delivery,
+        ['R-SHADOW-PERSON', self.user_id], False)
+    self.assertRoles(delivery, self.user_id, ['Owner'])
+    self.assertRoles(delivery, 'R-SHADOW-PERSON', ['Auditor', 'Author'])
--- a/master/bt5/slapos_erp5/TestTemplateItem/portal_components/test.erp5.testSlapOSERP5InteractionWorkflow.py
+++ b/master/bt5/slapos_erp5/TestTemplateItem/portal_components/test.erp5.testSlapOSERP5InteractionWorkflow.py
@@ -102,4 +102,5 @@ class TestSlapOSERP5InteractionWorkflowComputeNodeSetAllocationScope(
  def test_ComputeNode_setAllocationScope_closed_noallocation(self):
    self._test_ComputeNode_setAllocationScope_closed(
      allocation_scope="close/noallocation",
+      monitor_scope="enabled"
    )
--- a/master/bt5/slapos_erp5/TestTemplateItem/portal_components/test.erp5.testSlapOSERP5LocalPermissionSlapOSInteractionWorkflow.py
+++ b/master/bt5/slapos_erp5/TestTemplateItem/portal_components/test.erp5.testSlapOSERP5LocalPermissionSlapOSInteractionWorkflow.py
@@ -19,14 +19,13 @@
 #
 ##############################################################################
 from erp5.component.test.testSlapOSERP5GroupRoleSecurity import TestSlapOSGroupRoleSecurityMixin
-from DateTime import DateTime
 class TestSlapOSLocalPermissionSlapOSInteractionWorkflow(
    TestSlapOSGroupRoleSecurityMixin):
  def _makePerson(self):
    new_id = self.generateNewId()
-    self.person_user = self.portal.person_module.template_member.\
+    self.person_user = self.portal.person_module\
-                                 Base_createCloneDocument(batch_mode=1)
+                                  .newContent(portal_type="Person")
    self.person_user.edit(
      title="live_test_%s" % new_id,
      reference="live_test_%s" % new_id,
@@ -36,8 +35,8 @@ class TestSlapOSLocalPermissionSlapOSInteractionWorkflow(
  def test_ComputeNode_reindexObject(self):
-    compute_node = self.portal.compute_node_module.template_compute_node\
+    compute_node = self.portal.compute_node_module\
-        .Base_createCloneDocument(batch_mode=1)
+        .newContent(portal_type="Compute Node")
    self.tic()
    comment = 'recursiveReindexObject triggered on reindexObject'
    def verify_recursiveReindexObject_call(self, *args, **kw):
@@ -66,21 +65,25 @@ class TestSlapOSLocalPermissionSlapOSInteractionWorkflow(
    # updateLocalRolesOnSecurityGroups.
    person = self.portal.person_module.newContent(portal_type='Person')
-    self.assertSecurityGroup(person, [self.user_id, 'G-COMPANY'], False)
+    self.assertSecurityGroup(person, [self.user_id, 'F-ACCMAN',
+      'F-SALEAGT', 'F-ACCAGT', 'F-SALEMAN'], False)
    person.edit(reference='TESTPER-%s' % self.generateNewId())
    self.commit()
-    self.assertSecurityGroup(person, [self.user_id, 'G-COMPANY'], False)
+    self.assertSecurityGroup(person, [self.user_id, 'F-ACCMAN',
+      'F-SALEAGT', 'F-ACCAGT', 'F-SALEMAN'], False)
  def test_Person_newContent(self):
    person = self.portal.person_module.newContent(portal_type='Person')
-    self.assertSecurityGroup(person, [self.user_id, 'G-COMPANY'], False)
+    self.assertSecurityGroup(person, [self.user_id, 'F-ACCMAN',
+      'F-SALEAGT', 'F-ACCAGT', 'F-SALEMAN'], False)
    person.newContent(portal_type="ERP5 Login")
    self.commit()
-    self.assertSecurityGroup(person, [self.user_id, 'G-COMPANY',
+    self.assertSecurityGroup(person, [self.user_id, 'F-ACCMAN',
+      'F-SALEAGT', 'F-ACCAGT', 'F-SALEMAN',
        person.getUserId(), 'SHADOW-%s' % person.getUserId()], False)
@@ -110,43 +113,12 @@ class TestSlapOSLocalPermissionSlapOSInteractionWorkflow(
        integration_site.workflow_history['edit_workflow'][-1]['comment'])
-  def test_SalePackingList_setSpecialise(self):
-    self._makePerson()
-    sale_packing_list = self.portal.sale_packing_list_module.newContent(
-      destination_decision_value=self.person_user,
-      portal_type='Sale Packing List')
-    self.assertSecurityGroup(sale_packing_list, ['G-COMPANY', self.user_id], False)
-    sale_packing_list.edit(
-      specialise="sale_trade_condition_module/slapos_subscription_trade_condition")
-    self.commit()
-    self.assertSecurityGroup(sale_packing_list, ['G-COMPANY', self.user_id,
-        self.person_user_id], False)
-  def test_SalePackingList_setDestinationDecision(self):
-    self._makePerson()
-    sale_packing_list = self.portal.sale_packing_list_module.newContent(
-      specialise="sale_trade_condition_module/slapos_subscription_trade_condition",
-      portal_type='Sale Packing List')
-    self.assertSecurityGroup(sale_packing_list, ['G-COMPANY', self.user_id], False)
-    sale_packing_list.edit(
-      destination_decision_value=self.person_user)
-    self.commit()
-    self.assertSecurityGroup(sale_packing_list, ['G-COMPANY', self.user_id,
-        self.person_user_id], False)
  def test_RestrictedAccessToken_setAgent(self):
    self._makePerson()
    token = self.portal.access_token_module.newContent(
        portal_type='Restricted Access Token')
-    self.assertSecurityGroup(token, [self.user_id,
+    self.assertSecurityGroup(token, [self.user_id],
-        'G-COMPANY'],
        False)
    token.edit(
@@ -154,194 +126,6 @@ class TestSlapOSLocalPermissionSlapOSInteractionWorkflow(
    self.commit()
    self.assertSecurityGroup(token, [self.user_id,
-        'G-COMPANY', self.person_user.getUserId()],
+        self.person_user.getUserId()],
        False)
-  def test_InternalPackingListLine_setAggregate_instance_tree(self):
-    self._makePerson()
-    project = self.portal.project_module.newContent(
-      portal_type="Project",
-    )
-    instance_tree = self.portal.instance_tree_module.newContent(
-        portal_type='Instance Tree',
-        reference='TESTHS-%s' % self.generateNewId())
-    internal_packing_list = self.portal.internal_packing_list_module.newContent(
-        portal_type='Internal Packing List')
-    internal_packing_list_line = internal_packing_list.newContent(
-        portal_type='Internal Packing List Line')
-    internal_packing_list.edit(source_value=self.person_user,
-                               source_section_value=self.person_user,
-                             source_project_value=project,
-                             destination=self.person_user.getRelativeUrl(),
-                             destination_section=self.person_user.getRelativeUrl(),
-                             source_decision=self.person_user.getRelativeUrl(),
-                             destination_decision=self.person_user.getRelativeUrl(),
-                             destination_project_value=project,
-                             start_date=DateTime()-1,
-                             stop_date=DateTime()-1)
-    internal_packing_list.confirm()
-    internal_packing_list.stop()
-    internal_packing_list.deliver()
-    software_instance = self.portal.software_instance_module.newContent(
-        portal_type='Software Instance')
-    software_instance.edit(specialise=instance_tree.getRelativeUrl())
-    slave_instance = self.portal.software_instance_module.newContent(
-        portal_type='Slave Instance')
-    slave_instance.edit(specialise=instance_tree.getRelativeUrl())
-    support_request = self.portal.support_request_module.newContent(
-        portal_type="Support Request"
-    )
-    support_request.edit(aggregate=instance_tree.getRelativeUrl())
-    upgrade_decision = self.portal.upgrade_decision_module.newContent(
-        portal_type="Upgrade Decision"
-    )
-    upgrade_decision_line = upgrade_decision.newContent(
-      portal_type="Upgrade Decision Line"
-    )
-    upgrade_decision_line.edit(aggregate=instance_tree.getRelativeUrl())
-    self.tic()
-    self.assertSecurityGroup(internal_packing_list, [self.user_id,],
-        False)
-    self.assertSecurityGroup(instance_tree, [self.user_id, 'G-COMPANY', 
-        instance_tree.getReference()],
-        False)
-    self.assertSecurityGroup(software_instance, [self.user_id, 'G-COMPANY',
-        instance_tree.getReference()], False)
-    self.assertSecurityGroup(slave_instance, [self.user_id, 'G-COMPANY',
-        instance_tree.getReference()], False)
-    self.assertSecurityGroup(support_request, [self.user_id, 'G-COMPANY'], False)
-    self.assertSecurityGroup(upgrade_decision, [self.user_id, 'G-COMPANY'], False)
-    internal_packing_list_line.edit(
-        #quantity_unit="unit",
-        resource_value=self.portal.product_module.compute_node,
-        price=0.0,
-        quantity=1.0,
-        aggregate_value=instance_tree)
-    self.tic()
-    self.assertSecurityGroup(internal_packing_list, [self.user_id,],
-        False)
-    self.assertSecurityGroup(instance_tree, [self.user_id, 'G-COMPANY', 
-        project.getReference(),
-        instance_tree.getReference()],
-        False)
-    self.assertSecurityGroup(software_instance, [self.user_id, 'G-COMPANY',
-        project.getReference(),
-        instance_tree.getReference()], False)
-    self.assertSecurityGroup(slave_instance, [self.user_id, 'G-COMPANY',
-        project.getReference(),
-        instance_tree.getReference()], False)
-    self.assertSecurityGroup(support_request, [self.user_id, 'G-COMPANY',
-        project.getReference()], False)
-    self.assertSecurityGroup(upgrade_decision, [self.user_id, 'G-COMPANY',
-        project.getReference()], False)
-  def test_InternalPackingListLine_setAggregate_compute_node(self):
-    self._makePerson()
-    project = self.portal.project_module.newContent(
-      portal_type="Project",
-    )
-    compute_node = self.portal.compute_node_module.newContent(
-        portal_type='Compute Node',
-        reference='TESTCOMP-%s' % self.generateNewId())
-    internal_packing_list = self.portal.internal_packing_list_module.newContent(
-        portal_type='Internal Packing List')
-    internal_packing_list_line = internal_packing_list.newContent(
-        portal_type='Internal Packing List Line')
-    internal_packing_list.edit(source_value=self.person_user,
-                               source_section_value=self.person_user,
-                             source_project_value=project,
-                             destination=self.person_user.getRelativeUrl(),
-                             destination_section=self.person_user.getRelativeUrl(),
-                             source_decision=self.person_user.getRelativeUrl(),
-                             destination_decision=self.person_user.getRelativeUrl(),
-                             destination_project_value=project,
-                             start_date=DateTime()-1,
-                             stop_date=DateTime()-1)
-    internal_packing_list.confirm()
-    internal_packing_list.stop()
-    internal_packing_list.deliver()
-    installation = self.portal.software_installation_module.newContent(
-        portal_type='Software Installation')
-    installation.edit(aggregate=compute_node.getRelativeUrl())
-    support_request = self.portal.support_request_module.newContent(
-        portal_type="Support Request"
-    )
-    support_request.edit(aggregate=compute_node.getRelativeUrl())
-    upgrade_decision = self.portal.upgrade_decision_module.newContent(
-        portal_type="Upgrade Decision"
-    )
-    upgrade_decision_line = upgrade_decision.newContent(
-      portal_type="Upgrade Decision Line"
-    )
-    upgrade_decision_line.edit(aggregate=compute_node.getRelativeUrl())
-    self.tic()
-    self.assertSecurityGroup(internal_packing_list, [self.user_id,],
-        False)
-    self.assertSecurityGroup(compute_node, [self.user_id, 'G-COMPANY',
-        compute_node.getUserId()],
-        False)
-    self.assertSecurityGroup(installation, [self.user_id, 'G-COMPANY',
-        compute_node.getUserId()], False)
-    self.assertSecurityGroup(support_request, [self.user_id, 'G-COMPANY'], False)
-    self.assertSecurityGroup(upgrade_decision, [self.user_id, 'G-COMPANY'], False)
-    internal_packing_list_line.edit(
-        #quantity_unit="unit",
-        resource_value=self.portal.product_module.compute_node,
-        price=0.0,
-        quantity=1.0,
-        aggregate_value=compute_node)
-    self.tic()
-    self.assertSecurityGroup(internal_packing_list, [self.user_id,],
-        False)
-    self.assertSecurityGroup(compute_node, [self.user_id, 'G-COMPANY',
-        project.getReference(), compute_node.getUserId()],
-        False)
-    self.assertSecurityGroup(installation, [self.user_id, 'G-COMPANY',
-        project.getReference(), compute_node.getUserId()], False)
-    self.assertSecurityGroup(support_request, [self.user_id, 'G-COMPANY',
-        project.getReference()], False)
-    self.assertSecurityGroup(upgrade_decision, [self.user_id, 'G-COMPANY',
-        project.getReference()], False)
--- a/master/bt5/slapos_erp5/TestTemplateItem/portal_components/test.erp5.testSlapOSERP5SkinSelection.py
+++ b/master/bt5/slapos_erp5/TestTemplateItem/portal_components/test.erp5.testSlapOSERP5SkinSelection.py
@@ -86,7 +86,8 @@ erp5_gadget
 erp5_glossary
 erp5_graph_editor"""
-common_folder_list = """erp5_json_type
+common_folder_list = """erp5_json_editor
+erp5_json_type
 erp5_monaco_editor
 erp5_multimedia
 erp5_notebook
@@ -376,6 +377,7 @@ erp5_integration
 erp5_invoicing
 erp5_jquery
 erp5_jquery_sheet_editor
+erp5_json_editor
 erp5_json_type
 erp5_km_widget_library
 %(common_folder_list)s

--- a/master/bt5/slapos_erp5/TestTemplateItem/portal_components/test.erp5.testSlapOSERP5VirtualMasterScenario.py
+++ b/master/bt5/slapos_erp5/TestTemplateItem/portal_components/test.erp5.testSlapOSERP5VirtualMasterScenario.py
@@ -288,6 +288,7 @@ class TestSlapOSVirtualMasterScenario(TestSlapOSVirtualMasterScenarioMixin):
    self.setAccessToMemcached(public_server)
    self.assertNotEqual(None, public_server)
    self.setServerOpenPublic(public_server)
+    public_server.generateCertificate()
    # and install some software on them
    public_server_software = self.generateNewSoftwareReleaseUrl()
@@ -457,27 +458,20 @@ class TestSlapOSVirtualMasterScenario(TestSlapOSVirtualMasterScenarioMixin):
      "instance product", project, public_server_software, public_instance_type
    )
+    self.logout()
+    self.login(sale_person.getUserId())
    sale_supply = self.portal.sale_supply_module.newContent(
      portal_type="Sale Supply",
-      title="price for %s" % software_product.getRelativeUrl(),
+      title="price for %s" % project.getRelativeUrl(),
      source_project_value=project,
      price_currency_value=currency
    )
-    # XXX Put price in sale supply module
    sale_supply.newContent(
      portal_type="Sale Supply Line",
      base_price=9,
      resource_value=software_product
    )
-    sale_supply.validate()
-    sale_supply = self.portal.sale_supply_module.newContent(
-      portal_type="Sale Supply",
-      title="price for compute node",
-      destination_project_value=project,
-      price_currency_value=currency
-    )
-    # XXX Put price in sale supply module
    sale_supply.newContent(
      portal_type="Sale Supply Line",
      base_price=99,
@@ -512,6 +506,7 @@ class TestSlapOSVirtualMasterScenario(TestSlapOSVirtualMasterScenarioMixin):
    self.setAccessToMemcached(public_server)
    self.assertNotEqual(None, public_server)
    self.setServerOpenPublic(public_server)
+    public_server.generateCertificate()
    self.addAllocationSupply("for compute node", public_server, software_product,
                             release_variation, type_variation)
@@ -573,7 +568,7 @@ class TestSlapOSVirtualMasterScenario(TestSlapOSVirtualMasterScenarioMixin):
      'group_by_variation': True,
      'resource_uid': software_product.getUid(),
      'node_uid': public_person.getUid(),
-      'project_uid': project.getUid(),
+      'project_uid': None,
      'ledger_uid': self.portal.portal_categories.ledger.automated.getUid()
    })
    assert len(inventory_list) == 1, len(inventory_list)
@@ -603,13 +598,13 @@ class TestSlapOSVirtualMasterScenario(TestSlapOSVirtualMasterScenarioMixin):
    # 5 (can reduce to 2) assignment
    # 16 simulation mvt
    # 3 packing list / line
-    # 4 sale supply / line
+    # 3 sale supply / line
    # 2 sale trade condition
    # 1 software installation
    # 1 software instance
    # 1 software product
    # 3 subscription requests
-    self.assertRelatedObjectCount(project, 52)
+    self.assertRelatedObjectCount(project, 51)
    self.checkERP5StateBeforeExit()
@@ -661,6 +656,7 @@ class TestSlapOSVirtualMasterScenario(TestSlapOSVirtualMasterScenarioMixin):
    self.setAccessToMemcached(public_server)
    self.assertNotEqual(None, public_server)
    self.setServerOpenPublic(public_server)
+    public_server.generateCertificate()
    # and install some software on them
    public_server_software = self.generateNewSoftwareReleaseUrl()
@@ -809,6 +805,7 @@ class TestSlapOSVirtualMasterScenario(TestSlapOSVirtualMasterScenarioMixin):
    self.setAccessToMemcached(public_server)
    self.assertNotEqual(None, public_server)
    self.setServerOpenPublic(public_server)
+    public_server.generateCertificate()
    # and install some software on them
    public_server_software = self.generateNewSoftwareReleaseUrl()
@@ -924,6 +921,7 @@ class TestSlapOSVirtualMasterScenario(TestSlapOSVirtualMasterScenarioMixin):
    self.setAccessToMemcached(remote_server)
    self.assertNotEqual(None, remote_server)
    self.setServerOpenPublic(remote_server)
+    remote_server.generateCertificate()
    # and install some software on them
    remote_server_software = self.generateNewSoftwareReleaseUrl()
@@ -1058,8 +1056,21 @@ class TestSlapOSVirtualMasterScenario(TestSlapOSVirtualMasterScenarioMixin):
        remote_compute_node, project.getReference(),
        connection_dict_to_check=owner_software_instance.getConnectionXmlAsDict())
+    # Destroy the instance, and ensure the remote one is destroyed too
+    self.checkRemoteInstanceUnallocation(public_person.getUserId(),
+        public_reference, public_instance_title,
+        public_server_software, public_instance_type,
+        remote_compute_node, project.getReference())
    self.login()
+    # Report destruction from compute_node
+    self.simulateSlapgridUR(remote_server)
+    self.assertEqual(
+      "",
+      owner_software_instance.getAggregate("")
+    )
    # Ensure no unexpected object has been created
    # 3 allocation supply/line/cell
    # 2 compute/remote node
@@ -1141,6 +1152,7 @@ class TestSlapOSVirtualMasterScenario(TestSlapOSVirtualMasterScenarioMixin):
    self.setAccessToMemcached(remote_server)
    self.assertNotEqual(None, remote_server)
    self.setServerOpenPublic(remote_server)
+    remote_server.generateCertificate()
    # and install some software on them
    remote_server_software = self.generateNewSoftwareReleaseUrl()
@@ -1330,7 +1342,7 @@ class TestSlapOSVirtualMasterScenario(TestSlapOSVirtualMasterScenarioMixin):
    self.checkERP5StateBeforeExit()
+"""
  def test_open_order_with_service_scenario(self):
    # create a default project
@@ -1555,7 +1567,7 @@ class TestSlapOSVirtualMasterScenario(TestSlapOSVirtualMasterScenarioMixin):
      'group_by_variation': True,
      'resource_uid': software_product.getUid(),
      'node_uid': person.getUid(),
-      'project_uid': project.getUid(),
+      'project_uid': None,
      'ledger_uid': hosting_subscription.getLedgerUid()
    })
    assert len(inventory_list) == 1, len(inventory_list)
@@ -1587,4 +1599,4 @@ class TestSlapOSVirtualMasterScenario(TestSlapOSVirtualMasterScenarioMixin):
    # after accept, an email is send containing the reset link
    last_message = self.portal.MailHost._last_message
    assert last_message is None, last_message
+"""
--- a/master/bt5/slapos_erp5/WorkflowTemplateItem/portal_workflow/local_permission_slapos_interaction_workflow/interaction_ComputeNode_edit.xml
+++ b/master/bt5/slapos_erp5/WorkflowTemplateItem/portal_workflow/local_permission_slapos_interaction_workflow/interaction_ComputeNode_edit.xml
@@ -11,6 +11,7 @@
            <value>
              <tuple>
                <string>after_script/portal_workflow/local_permission_slapos_interaction_workflow/script_Base_updateAllLocalRoles</string>
+                <string>after_script/portal_workflow/local_permission_slapos_interaction_workflow/script_Base_updateAllChildrenLocalRoles</string>
              </tuple>
            </value>
        </item>

--- a/master/bt5/slapos_erp5/WorkflowTemplateItem/portal_workflow/local_permission_slapos_interaction_workflow/interaction_OpenSaleOrder_edit.xml
+++ b/master/bt5/slapos_erp5/WorkflowTemplateItem/portal_workflow/local_permission_slapos_interaction_workflow/interaction_OpenSaleOrder_edit.xml
@@ -56,7 +56,7 @@
            <key> <string>trigger_method_id</string> </key>
            <value>
              <tuple>
-                <string>_setDestination.*</string>
+                <string>_setDestinationSection.*</string>
                <string>_setLedger.*</string>
              </tuple>
            </value>

--- a/master/bt5/slapos_erp5/WorkflowTemplateItem/portal_workflow/local_permission_slapos_interaction_workflow/interaction_SalePackingList_edit.xml
+++ b/master/bt5/slapos_erp5/WorkflowTemplateItem/portal_workflow/local_permission_slapos_interaction_workflow/interaction_SalePackingList_edit.xml
-<?xml version="1.0"?>
-<ZopeData>
-  <record id="1" aka="AAAAAAAAAAE=">
-    <pickle>
-      <global name="Interaction Workflow Interaction" module="erp5.portal_type"/>
-    </pickle>
-    <pickle>
-      <dictionary>
-        <item>
-            <key> <string>categories</string> </key>
-            <value>
-              <tuple>
-                <string>after_script/portal_workflow/local_permission_slapos_interaction_workflow/script_Base_updateAllLocalRoles</string>
-              </tuple>
-            </value>
-        </item>
-        <item>
-            <key> <string>description</string> </key>
-            <value>
-              <none/>
-            </value>
-        </item>
-        <item>
-            <key> <string>id</string> </key>
-            <value> <string>interaction_SalePackingList_edit</string> </value>
-        </item>
-        <item>
-            <key> <string>portal_type</string> </key>
-            <value> <string>Interaction Workflow Interaction</string> </value>
-        </item>
-        <item>
-            <key> <string>portal_type_filter</string> </key>
-            <value>
-              <tuple>
-                <string>Sale Packing List</string>
-              </tuple>
-            </value>
-        </item>
-        <item>
-            <key> <string>portal_type_group_filter</string> </key>
-            <value>
-              <tuple/>
-            </value>
-        </item>
-        <item>
-            <key> <string>temporary_document_disallowed</string> </key>
-            <value> <int>1</int> </value>
-        </item>
-        <item>
-            <key> <string>trigger_method_id</string> </key>
-            <value>
-              <tuple>
-                <string>_setDestinationDecision.*</string>
-                <string>_setSpecialise.*</string>
-              </tuple>
-            </value>
-        </item>
-        <item>
-            <key> <string>trigger_once_per_transaction</string> </key>
-            <value> <int>0</int> </value>
-        </item>
-        <item>
-            <key> <string>trigger_type</string> </key>
-            <value> <int>2</int> </value>
-        </item>
-      </dictionary>
-    </pickle>
-  </record>
-</ZopeData>
--- a/master/bt5/slapos_erp5/WorkflowTemplateItem/portal_workflow/local_permission_slapos_interaction_workflow/interaction_SubscriptionRequest_edit.xml
+++ b/master/bt5/slapos_erp5/WorkflowTemplateItem/portal_workflow/local_permission_slapos_interaction_workflow/interaction_SubscriptionRequest_edit.xml
@@ -56,7 +56,8 @@
            <key> <string>trigger_method_id</string> </key>
            <value>
              <tuple>
-                <string>_setSource.*</string>
+                <string>_setDestinationDecision.*</string>
+                <string>_setLedger.*</string>
              </tuple>
            </value>
        </item>

--- a/master/bt5/slapos_erp5/bt/template_extension_id_list
+++ b/master/bt5/slapos_erp5/bt/template_extension_id_list
 extension.erp5.SlapOSAdministration
 extension.erp5.SlapOSLogin
\ No newline at end of file
--- a/master/bt5/slapos_erp5/bt/template_local_role_list
+++ b/master/bt5/slapos_erp5/bt/template_local_role_list
@@ -16,7 +16,6 @@ accounting_module
 allocation_supply_module
 business_process_module
 business_process_module/slapos_ultimate_business_process
-campaign_module
 cloud_contract_module
 compute_node_module
 computer_model_module
@@ -29,7 +28,6 @@ currency_module/EUR
 document_ingestion_module
 document_module
 event_module
-event_module/slapos_crm_web_message_template
 hosting_subscription_module
 incident_response_module
 instance_tree_module
@@ -41,10 +39,8 @@ person_module
 portal_integrations
 portal_integrations/slapos_payzen_test_integration
 portal_integrations/slapos_wechat_test_integration
-product_module
 project_module
 regularisation_request_module
-regularisation_request_module/slapos_crm_regularisation_request_template
 sale_packing_list_module
 sale_supply_module
 sale_trade_condition_module
@@ -81,7 +77,6 @@ software_instance_module
 software_product_module
 subscription_request_module
 support_request_module
-support_request_module/slapos_crm_support_request_template
 system_event_module
 upgrade_decision_module
 web_page_module
\ No newline at end of file
--- a/master/bt5/slapos_erp5/bt/template_portal_type_role_list
+++ b/master/bt5/slapos_erp5/bt/template_portal_type_role_list
@@ -12,8 +12,6 @@ Balance Transaction
 Bank Account
 Business Process
 Business Process Module
-Campaign
-Campaign Module
 Cash Register
 Certificate Login
 Cloud Contract
@@ -64,8 +62,6 @@ Payzen Event
 Person
 Person Module
 Phone Call
-Product
-Product Module
 Project
 Project Module
 Purchase Invoice Transaction

--- a/master/bt5/slapos_erp5/bt/template_property_sheet_id_list
+++ b/master/bt5/slapos_erp5/bt/template_property_sheet_id_list
 CatalogToolNoneCreationDateConstraint
 CertificateAuthorityToolConsistencyConstraint
-SlapOSModuleIdGeneratorConstraint
 GeographicOrganisation
-MemcachedToolServerConstraint
 OAuthToolDefaultSlapOSConnector
 PreferenceSlapOSConstraintPreference
 ShacacheSystemPreference
 SlapOSModuleIdGeneratorConstraint
+SlapOSModuleIdGeneratorConstraint
 TemplateToolBusinessApplicationModuleCategoryConstraint
 WebSiteModuleShacacheConstraint
\ No newline at end of file
--- a/master/bt5/slapos_erp5/bt/template_test_id_list
+++ b/master/bt5/slapos_erp5/bt/template_test_id_list
@@ -2,17 +2,15 @@ test.erp5.testSlapOSAuthenticationPolicy
 test.erp5.testSlapOSCodingStyle
 test.erp5.testSlapOSCoreSkins
 test.erp5.testSlapOSERP5Alarm
-test.erp5.testSlapOSERP5DefaultScenario
 test.erp5.testSlapOSERP5GroupRoleSecurity
 test.erp5.testSlapOSERP5InteractionWorkflow
 test.erp5.testSlapOSERP5LocalPermissionSlapOSInteractionWorkflow
 test.erp5.testSlapOSERP5SiteDump
 test.erp5.testSlapOSERP5SkinSelection
-test.erp5.testSlapOSPrecacheManifest
-test.erp5.testSlapOSWendelinCoreTwo
-test.erp5.testSlapOSXHTML
-test.erp5.testSlapOSERP5VirtualMasterInvoicingScenario
 test.erp5.testSlapOSERP5VirtualMasterScenario
 test.erp5.testSlapOSPrecacheManifest
+test.erp5.testSlapOSPrecacheManifest
+test.erp5.testSlapOSWendelinCoreTwo
 test.erp5.testSlapOSWendelinCoreTwo
+test.erp5.testSlapOSXHTML
 test.erp5.testSlapOSXHTML
\ No newline at end of file