ERP5TypeTestCase: rework user / passord generation

Manager username and password are now available as class attributes.

To prevent accidentally exposing access to instances when running tests,
subclasses are not allowed to define these class attributes.

Another significant changes is that we no longer have the same user in
ERP5/acl_users and /acl_users, some tests were logging in as the root
user in ways that never seemed intentional.

Many tests have been updated to not generate manager user and use the
existing one instead. When tests need to create users (for example
users in the root acl_users), we try to delete the users afterward.

ERP5TypeFunctionalTestCase was updated to use self.manager_username and
manager_password instead of hardcoding ERP5TypeTestCase: and also some
cleanups, the HTTP server is already started at this point and host/port
were not used.

bt5/erp5_advanced_invoicing/TestTemplateItem/portal_components/test.erp5.testAdvancedInvoicing.py

@@ -462,10 +462,7 @@ class TestAdvancedSaleInvoice(TestAdvancedInvoice):
     portal = self.getPortal()
     builder = portal.portal_deliveries.advanced_sale_invoice_transaction_builder
     delivery_movement_group_list = builder.getDeliveryMovementGroupList()
-    uf = self.getPortal().acl_users
-    uf._doAddUser('admin', '', ['Manager'], [])
-    user = uf.getUserById('admin').__of__(uf)
-    newSecurityManager(None, user)
+    self.login()
     for movement_group in delivery_movement_group_list:
       if movement_group.getPortalType() == 'Property Movement Group':
         # it contains 'start_date' and 'stop_date' only, so we remove
@@ -476,6 +473,7 @@ class TestAdvancedSaleInvoice(TestAdvancedInvoice):
           collect_order_group='delivery',
           int_index=len(delivery_movement_group_list)+1
           )
+        uf = portal.acl_users
         user = uf.getUserById('test_user').__of__(uf)
         newSecurityManager(None, user)
 

bt5/erp5_authentication_policy/TestTemplateItem/portal_components/test.erp5.testAuthenticationPolicy.py

@@ -43,10 +43,6 @@ class TestAuthenticationPolicy(ERP5TypeTestCase):
   """
   Test for erp5_authentication_policy business template.
   """
-  manager_username = 'zope'
-  manager_password = 'zope'
-
-  credential = '%s:%s' % (manager_username, manager_password)
   def getTitle(self):
     return "TestAuthenticationPolicy"
 
@@ -63,12 +59,7 @@ class TestAuthenticationPolicy(ERP5TypeTestCase):
             'erp5_authentication_policy',)
 
   def afterSetUp(self):
-    portal = self.getPortal()
-
-    uf = portal.acl_users
-    uf._doAddUser(self.manager_username, self.manager_password, ['Manager'], [])
-    self.loginByUserName(self.manager_username)
-
+    portal = self.portal
     kw = dict(portal_type='ERP5 Login',
               reference='test')
     if portal.portal_catalog.getResultValue(**kw) is None:

bt5/erp5_core_test/TestTemplateItem/portal_components/test.erp5.testAutoLogout.py

@@ -43,10 +43,6 @@ class TestAuoLogout(ERP5TypeTestCase):
   """
   Test for erp5_auto_logout business template.
   """
-  manager_username = 'zope'
-  manager_password = 'zope'
-
-  credential = '%s:%s' % (manager_username, manager_password)
   def getTitle(self):
     return "TestAuthenticationPolicy"
 
@@ -60,10 +56,6 @@ class TestAuoLogout(ERP5TypeTestCase):
   def afterSetUp(self):
     portal = self.getPortal()
 
-    uf = portal.acl_users
-    uf._doAddUser(self.manager_username, self.manager_password, ['Manager'], [])
-    self.loginByUserName(self.manager_username)
-
     # setup short auto-logout period
     portal.portal_preferences.default_site_preference.setPreferredMaxUserInactivityDuration(5)
     portal.portal_preferences.default_site_preference.enable()

bt5/erp5_core_test/TestTemplateItem/portal_components/test.erp5.testERP5Core.py

@@ -107,18 +107,9 @@ class TestERP5Core(ERP5TypeTestCase, ZopeTestCase.Functional):
   run_all_test = 1
   quiet = 1
 
-  manager_username = 'rc'
-  manager_password = 'w'
-
   def getTitle(self):
     return "ERP5Core"
 
-  def login(self, quiet=0, run=run_all_test):
-    uf = self.getPortal().acl_users
-    uf._doAddUser(self.manager_username, self.manager_password, ['Manager'], [])
-    user = uf.getUserById(self.manager_username).__of__(uf)
-    newSecurityManager(None, user)
-
   def afterSetUp(self):
     self.login()
     self.portal_id = self.portal.getId()
@@ -534,8 +525,6 @@ class TestERP5Core(ERP5TypeTestCase, ZopeTestCase.Functional):
     organisation = self.portal.organisation_module.newContent()
     person = self.portal.person_module.newContent(
       default_career_subordination_value=organisation)
-    for obj in person, organisation:
-      obj.manage_addLocalRoles(self.manager_username, ['Assignor'])
     self.commit()
     self.assertEqual(0, organisation.getRelationCountForDeletion())
     self.tic()
@@ -633,7 +622,6 @@ class TestERP5Core(ERP5TypeTestCase, ZopeTestCase.Functional):
     # Login as the above user
     newSecurityManager(None, user)
     self.auth = '%s:%s' % (login_name, password)
-    self.commit()
     self.tic()
 
     _, api_netloc, _, _, _ = urlparse.urlsplit(self.portal.absolute_url())

bt5/erp5_crm/TestTemplateItem/portal_components/test.erp5.testEditorField.py

@@ -48,18 +48,10 @@ class TestEditorField(ERP5TypeTestCase, ZopeTestCase.Functional):
     Please refer to the ERP5 developer howto for more explanation
       http://www.erp5.org/HowToDisplayOrEditHTML
   """
-  manager_username = 'zope'
-  manager_password = 'zope'
 
   def getTitle(self):
     return "EditorField"
 
-  def login(self, *args, **kw):
-    uf = self.getPortal().acl_users
-    uf._doAddUser(self.manager_username, self.manager_password, ['Manager', ], [])
-    user = uf.getUserById(self.manager_username).__of__(uf)
-    newSecurityManager(None, user)
-
   def getBusinessTemplateList(self):
     """
     Return the list of required business templates.

bt5/erp5_discussion/TestTemplateItem/portal_components/test.erp5.testERP5Discussion.py

@@ -38,10 +38,6 @@ from erp5.component.test.testDms import makeFileUpload
 class TestERP5Discussion(ERP5TypeTestCase):
   """Test for erp5_discussion business template.
   """
-
-  manager_username = 'manager'
-  manager_password = 'pwd'
-
   def getTitle(self):
     return "Test ERP5 Discussion"
 
@@ -59,17 +55,6 @@ class TestERP5Discussion(ERP5TypeTestCase):
             'erp5_jquery',
             'erp5_discussion', )
 
-  def login(self, *args, **kw):
-    uf = self.getPortal().acl_users
-    uf._doAddUser(self.manager_username, self.manager_password, ['Manager'], [])
-    user = uf.getUserById(self.manager_username).__of__(uf)
-    newSecurityManager(None, user)
-
-  def afterSetUp(self):
-    self.login()
-    self.portal_id = self.portal.getId()
-    self.auth = '%s:%s' % (self.manager_username, self.manager_password)
-
   def beforeTearDown(self):
     self.abort()
     for module in (self.portal.discussion_thread_module,):

bt5/erp5_dms/TestTemplateItem/portal_components/test.erp5.testDms.py

@@ -48,12 +48,14 @@
 import unittest
 import time
 import StringIO
+import base64
 from subprocess import Popen, PIPE
 from unittest import expectedFailure
 
 from Products.ERP5Type.tests.ERP5TypeTestCase import ERP5TypeTestCase
 from Products.ERP5Type.tests.utils import FileUpload
 from Products.ERP5Type.tests.utils import DummyLocalizer
+from Products.ERP5Type.Utils import bytes2str, str2bytes
 from Products.ERP5OOo.OOoUtils import OOoBuilder
 from AccessControl.SecurityManagement import newSecurityManager
 from AccessControl import getSecurityManager
@@ -226,8 +228,8 @@ class TestDocument(TestDocumentMixin):
     return (width, height)
 
   def getURLSizeList(self, uri, **kw):
-    # __ac=RVJQNVR5cGVUZXN0Q2FzZTo%3D is encoded ERP5TypeTestCase with empty password
-    url = '%s?%s&__ac=%s' %(uri, make_query(kw), 'RVJQNVR5cGVUZXN0Q2FzZTo%3D')
+    kw['__ac'] = bytes2str(base64.b64encode(str2bytes('%s:%s' % (self.manager_username, self.manager_password))))
+    url = '%s?%s' % (uri, make_query(kw))
     format_=kw.get('format', 'jpeg')
     infile = urllib.urlopen(url)
     # save as file with proper incl. format filename (for some reasons PIL uses this info)
@@ -1186,7 +1188,7 @@ class TestDocument(TestDocumentMixin):
     self.tic()
 
     # login as another user
-    super(TestDocument, self).loginByUserName('user1')
+    self.loginByUserName('user1')
     document_4 = portal.document_module.newContent(
                    portal_type = 'Presentation',
                    description = 'owner different user contributing document',
@@ -1269,7 +1271,7 @@ class TestDocument(TestDocumentMixin):
     self.assertSameSet([], getAdvancedSearchStringResultList(**kw))
 
     # only my docs
-    super(TestDocument, self).loginByUserName('user1')
+    self.loginByUserName('user1')
     kw = {'searchabletext_any': 'owner'}
     # should return all documents matching a word no matter if we're owner or not
     self.assertSameSet([web_page_1, document_4], getAdvancedSearchStringResultList(**kw))
@@ -1705,7 +1707,7 @@ class TestDocument(TestDocumentMixin):
     self.tic()
 
     # login as first one
-    super(TestDocument, self).loginByUserName('contributor1')
+    self.loginByUserName('contributor1')
     doc = document_module.newContent(portal_type='File',
                                      title='Test1')
     self.tic()
@@ -1714,7 +1716,7 @@ class TestDocument(TestDocumentMixin):
                        doc.getContributorValueList())
 
     # login as second one
-    super(TestDocument, self).loginByUserName('contributor2')
+    self.loginByUserName('contributor2')
     doc.manage_setLocalRoles(person2.Person_getUserId(), ['Assignor',])
     doc.edit(title='Test2')
     self.tic()
@@ -1971,8 +1973,7 @@ document.write('<sc'+'ript type="text/javascript" src="http://somosite.bg/utb.ph
                                              response.getHeader('content-type')
           assert response.getStatus() == httplib.OK
 
-    # assume there is no password
-    credential = '%s:' % (getSecurityManager().getUser().getId(),)
+    credential = '%s:%s' % (self.manager_username, self.manager_password)
     tested_list = []
     frame_list = range(pages_number)
     # assume that ZServer is configured with 4 Threads
@@ -2158,10 +2159,15 @@ return 1
       Test extensible content of some DMS types. As this is possible only on URL traversal use publish.
     """
     # Create a root level zope user
-    root_user_folder = self.getPortalObject().aq_parent.acl_users
-    if not root_user_folder.getUserById('zope_user'):
-      root_user_folder._doAddUser('zope_user', '', ['Manager',], [])
-      self.commit()
+    root_user_folder = self.app.acl_users
+    assert not root_user_folder.getUserById('zope_user')
+    zope_user_password = self.newPassword()
+    root_user_folder._doAddUser('zope_user', zope_user_password, ['Manager',], [])
+    def remove_user():
+      root_user_folder._doDelUsers(('zope_user', ))
+      self.tic()
+    self.addCleanUp(remove_user)
+
     # Create document with good content
     document = self.portal.document_module.newContent(portal_type='Presentation')
     upload_file = makeFileUpload('TEST-en-003.odp')
@@ -2169,7 +2175,7 @@ return 1
     self.tic()
     self.assertEqual('converted', document.getExternalProcessingState())
     for object_url in ('img1.html', 'img2.html', 'text1.html', 'text2.html'):
-      for credential in ['ERP5TypeTestCase:', 'zope_user:']:
+      for credential in ['%s:%s' % (self.manager_username, self.manager_password), 'zope_user:%s' % zope_user_password]:
         response = self.publish('%s/%s' %(document.getPath(), object_url),
                                 basic=credential)
         self.assertIn('200 OK', response.getOutput())
@@ -2372,8 +2378,8 @@ return 1
       Return original content on traversal.
     """
     def getURL(uri, **kw):
-      # __ac=RVJQNVR5cGVUZXN0Q2FzZTo%3D is encoded ERP5TypeTestCase with empty password
-      url = '%s?%s&__ac=%s' %(uri, urllib.urlencode(kw), 'RVJQNVR5cGVUZXN0Q2FzZTo%3D')
+      kw['__ac'] = base64.b64encode('%s:%s' % (self.manager_username, self.manager_password))
+      url = '%s?%s' % (uri, make_query(kw))
       return urllib.urlopen(url)
 
     ooo_document = self.portal.document_module.newContent(portal_type='Presentation')
@@ -2961,17 +2967,18 @@ return 1
       [sub_document_value]
     )
 
-class TestDocumentWithSecurity(TestDocumentMixin):
 
-  username = 'yusei'
+class TestDocumentWithSecurity(TestDocumentMixin):
 
   def getTitle(self):
     return "DMS with security"
 
-  def login(self, *args, **kw):
-    uf = self.getPortal().acl_users
-    uf._doAddUser(self.username, '', ['Auditor', 'Author'], [])
-    user = uf.getUserById(self.username).__of__(uf)
+  def afterSetUp(self):
+    super(TestDocumentWithSecurity, self).afterSetUp()
+    # login as a user with only Auditor / Author roles
+    uf = self.portal.acl_users
+    uf._doAddUser(self.id(), self.newPassword(), ['Auditor', 'Author'], [])
+    user = uf.getUserById(self.id()).__of__(uf)
     newSecurityManager(None, user)
 
   def test_ShowPreviewAfterSubmitted(self):
@@ -3030,7 +3037,6 @@ class TestDocumentWithSecurity(TestDocumentMixin):
     those properties are taken into account when the user
     views an image
     """
-    super(TestDocumentWithSecurity, self).login('yusei')
     preference_tool = self.portal.portal_preferences
     #get the thumbnail sizes defined by default on default site preference
     default_thumbnail_image_height = \

bt5/erp5_dms/TestTemplateItem/portal_components/test.erp5.testERP5WebWithDms.py

@@ -117,19 +117,11 @@ class TestERP5WebWithDms(ERP5TypeTestCase, ZopeTestCase.Functional):
   """
   run_all_test = 1
   quiet = 0
-  manager_username = 'zope'
-  manager_password = 'zope'
   website_id = 'test'
 
   def getTitle(self):
     return "ERP5WebWithDms"
 
-  def login(self, quiet=0, run=run_all_test):
-    uf = self.getPortal().acl_users
-    uf._doAddUser(self.manager_username, self.manager_password, ['Manager'], [])
-    user = uf.getUserById(self.manager_username).__of__(uf)
-    newSecurityManager(None, user)
-
   def getBusinessTemplateList(self):
     """
     Return the list of required business templates.
@@ -551,7 +543,7 @@ class TestERP5WebWithDms(ERP5TypeTestCase, ZopeTestCase.Functional):
                                     reference=image_reference)
     image.publish()
     self.tic()
-    credential = 'ERP5TypeTestCase:'
+    credential = '%s:%s' % (self.manager_username, self.manager_password)
     # testing TextDocument
     response = self.publish(website.absolute_url_path() + '/' +\
                             web_page_reference, credential)
@@ -705,8 +697,15 @@ return True
 
     request = portal.REQUEST
     request['PARENTS'] = [self.app]
-    self.getPortalObject().aq_parent.acl_users._doAddUser(
-      'zope_user', '', ['Manager',], [])
+    root_user_folder = self.app.acl_users
+    assert not root_user_folder.getUserById('zope_user')
+    zope_user_password = self.newPassword()
+    root_user_folder._doAddUser('zope_user', zope_user_password, ['Manager',], [])
+    def remove_user():
+      root_user_folder._doDelUsers(('zope_user', ))
+      self.tic()
+    self.addCleanUp(remove_user)
+
     website = self.setupWebSite()
     web_section_portal_type = 'Web Section'
     website.newContent(portal_type=web_section_portal_type)
@@ -718,7 +717,10 @@ return True
                                           reference=document_reference,
                                           file=upload_file)
     self.tic()
-    credential_list = ['ERP5TypeTestCase:', 'zope_user:']
+    credential_list = [
+        '%s:%s' % (self.manager_username, self.manager_password),
+        'zope_user:%s' % zope_user_password
+    ]
 
     for credential in credential_list:
       # first, preview the draft in its physical location (in document module)
@@ -813,7 +815,7 @@ return True
                                     reference=image_reference)
     image.publish()
     self.tic()
-    credential = 'ERP5TypeTestCase:'
+    credential = '%s:%s' % (self.manager_username, self.manager_password)
 
     # testing Image conversions, raw
 

bt5/erp5_dms/TestTemplateItem/portal_components/test.erp5.testWebDavSupport.py

@@ -54,9 +54,6 @@ def makeFileUpload(name, as_name=None):
 class TestWebDavSupport(ERP5TypeTestCase):
   """Test for WEBDAV access.
   """
-
-  authentication = 'ERP5TypeTestCase:'
-
   def getTitle(self):
     return "Test WebDav Support"
 
@@ -72,7 +69,7 @@ class TestWebDavSupport(ERP5TypeTestCase):
             )
 
   def afterSetUp(self):
-    pass
+    self.authentication = '%s:%s' % (self.manager_username, self.manager_password)
 
   def clearModule(self, module):
     module.manage_delObjects(list(module.objectIds()))

bt5/erp5_external_account/TestTemplateItem/portal_components/test.erp5.testExternalAccount.py

@@ -35,10 +35,6 @@ class TestExternalAccount(ERP5TypeTestCase):
   """
   Test for erp5_authentication_policy business template.
   """
-  manager_username = 'zope'
-  manager_password = 'zope'
-
-  credential = '%s:%s' % (manager_username, manager_password)
   def getTitle(self):
     return "TestExternalAccount"
 
@@ -54,10 +50,6 @@ class TestExternalAccount(ERP5TypeTestCase):
   def afterSetUp(self):
     portal = self.getPortal()
 
-    uf = portal.acl_users
-    uf._doAddUser(self.manager_username, self.manager_password, ['Manager'], [])
-    self.loginByUserName(self.manager_username)
-
     # Setup auth policy
     preference = portal.portal_preferences.newContent(
                                              portal_type = 'System Preference',

bt5/erp5_km/TestTemplateItem/portal_components/test.erp5.testKM.py

@@ -43,9 +43,6 @@ class TestKMMixIn(TestDocumentMixin):
   """
     Mix in class for Knowledge Management system.
   """
-
-  manager_username = 'ivan'
-  manager_password = ''
   website_id = 'km_test'
   business_template_list = ['erp5_core_proxy_field_legacy',
                             'erp5_full_text_mroonga_catalog','erp5_base',
@@ -85,12 +82,6 @@ class TestKMMixIn(TestDocumentMixin):
     self.tic()
     return website
 
-  def login(self, *args, **kw):
-    uf = self.getPortal().acl_users
-    uf._doAddUser('ivan', '', ['Manager'], [])
-    uf._doAddUser('ERP5TypeTestCase', '', ['Manager'], [])
-    user = uf.getUserById('ivan').__of__(uf)
-    newSecurityManager(None, user)
 
 class TestKM(TestKMMixIn):
   """

bt5/erp5_rss_style/TestTemplateItem/portal_components/test.erp5.testRSS.py

@@ -57,16 +57,7 @@ class TestRSS(ERP5TypeTestCase):
     return ('erp5_base', 'erp5_rss_style')
 
   def afterSetUp(self):
-    self.portal = self.getPortal()
     self.makeDataObjects()
-    #self.login()
-
-  def login(self, quiet=0, run=run_all_test):
-    uf = self.getPortal().acl_users
-    uf._doAddUser('seb', '', ['Manager'], [])
-    uf._doAddUser('ERP5TypeTestCase', '', ['Manager'], [])
-    user = uf.getUserById('seb').__of__(uf)
-    newSecurityManager(None, user)
 
   def makeDataObjects(self, quiet=0, run=run_all_test):
     """

bt5/erp5_trade/TestTemplateItem/portal_components/test.erp5.testAmount.py

@@ -59,29 +59,6 @@ class TestAmount(ERP5TypeTestCase):
     """
     return ('erp5_base', 'erp5_pdm', 'erp5_simulation', 'erp5_trade', 'erp5_apparel')
 
-  def login(self, quiet=0, run=run_all_test):
-    uf = self.getPortal().acl_users
-    uf._doAddUser('rc', '', ['Manager'], [])
-    user = uf.getUserById('rc').__of__(uf)
-    newSecurityManager(None, user)
-
-  def enableLightInstall(self):
-    """
-    You can override this.
-    Return if we should do a light install (1) or not (0)
-    """
-    return 1
-
-  def enableActivityTool(self):
-    """
-    You can override this.
-    Return if we should create (1) or not (0) an activity tool.
-    """
-    return 1
-
-  def afterSetUp(self, *args, **kw):
-    self.login()
-
   def stepCreateResource(self, sequence=None, sequence_list=None, **kw):
     """
       Create a resource

bt5/erp5_trade/TestTemplateItem/portal_components/test.erp5.testResource.py

@@ -70,12 +70,6 @@ class TestResource(ERP5TypeTestCase):
   def getTitle(self):
     return "Resource"
 
-  def login(self, *args, **kw):
-    uf = self.getPortal().acl_users
-    uf._doAddUser('rc', '', ['Manager'], [])
-    user = uf.getUserById('rc').__of__(uf)
-    newSecurityManager(None, user)
-
   def setUpPreferences(self):
     #create apparel variation preferences
     portal_preferences = self.getPreferenceTool()

bt5/erp5_ui_test/TestTemplateItem/portal_components/test.erp5.testListBox.py

@@ -70,15 +70,6 @@ class TestListBox(ERP5TypeTestCase):
   def getTitle(self):
     return "ListBox"
 
-  def afterSetUp(self):
-    self.login()
-
-  def login(self, *args, **kw):
-    uf = self.getPortal().acl_users
-    uf._doAddUser('seb', '', ['Manager'], [])
-    user = uf.getUserById('seb').__of__(uf)
-    newSecurityManager(None, user)
-
   def stepCreateObjects(self, sequence = None, sequence_list = None, **kw):
     # Make sure that the status is clean.
     portal = self.getPortal()

bt5/erp5_ui_test/TestTemplateItem/portal_components/test.erp5.testPlanningBox.py

@@ -57,15 +57,6 @@ class TestPlanningBox(ERP5TypeTestCase):
   def getTitle(self):
     return "PlanningBox"
 
-  def afterSetUp(self):
-    self.login()
-
-  def login(self, *args, **kw):
-    uf = self.getPortal().acl_users
-    uf._doAddUser('seb', '', ['Manager'], [])
-    user = uf.getUserById('seb').__of__(uf)
-    newSecurityManager(None, user)
-
   def stepCreateObjects(self, sequence = None, sequence_list = None, **kw):
     # Make sure that the status is clean.
     portal = self.getPortal()

bt5/erp5_web/TestTemplateItem/portal_components/test.erp5.testERP5Web.py

@@ -129,10 +129,7 @@ class TestWebSectionTraversalHook(WebTraversalHookTestMixin, ERP5TypeTestCase):
 class TestERP5Web(ERP5TypeTestCase):
   """Test for erp5_web business template.
   """
-  manager_username = 'zope'
-  manager_password = 'zope'
   website_id = 'test'
-  credential = '%s:%s' % (manager_username, manager_password)
 
   def getTitle(self):
     return "ERP5Web"
@@ -148,17 +145,11 @@ class TestERP5Web(ERP5TypeTestCase):
             )
 
   def afterSetUp(self):
-    portal = self.getPortal()
-
-    uf = portal.acl_users
-    uf._doAddUser(self.manager_username,
-                  self.manager_password,
-                  ['Manager'], [])
-    self.loginByUserName(self.manager_username)
+    self.credential = '%s:%s' % (self.manager_username, self.manager_password)
 
     self.web_page_module = self.portal.getDefaultModule('Web Page Module')
     self.web_site_module = self.portal.getDefaultModule('Web Site Module')
-    portal.Localizer.manage_changeDefaultLang(language='en')
+    self.portal.Localizer.manage_changeDefaultLang(language='en')
     self.portal_id = self.portal.getId()
 
   def clearModule(self, module):
@@ -1394,7 +1385,7 @@ Hé Hé Hé!""", page.asText().strip())
     response = self.publish('/%s/%s/%s/%s/Base_editAndEditAsWeb' % \
                     (self.portal.getId(), website.getRelativeUrl(),
                      language, websection.getId()),
-                     basic='ERP5TypeTestCase:',
+                     basic='%s:%s' % (self.manager_username, self.manager_password),
                      request_method='POST',
                      stdin=StringIO(urlencode({
                        'form_id': 'WebSection_view',
@@ -1412,7 +1403,9 @@ Hé Hé Hé!""", page.asText().strip())
 
     self.tic()
 
-    response = self.publish(new_location, basic='ERP5TypeTestCase:',)
+    response = self.publish(
+        new_location,
+        basic='%s:%s' % (self.manager_username, self.manager_password),)
     self.assertEqual(HTTP_OK, response.getStatus())
     self.assertEqual('text/html; charset=utf-8',
                       response.getHeader('content-type'))
@@ -1450,7 +1443,7 @@ Hé Hé Hé!""", page.asText().strip())
     response = self.publish('/%s/%s/%s/Base_editAndEditAsWeb' % \
                     (self.portal.getId(), website.getRelativeUrl(),
                      language),
-                     basic='ERP5TypeTestCase:',
+                     basic='%s:%s' % (self.manager_username, self.manager_password),
                      request_method='POST',
                      stdin=StringIO(urlencode({
                        'form_id': 'WebSite_view',
@@ -1468,7 +1461,9 @@ Hé Hé Hé!""", page.asText().strip())
 
     self.tic()
 
-    response = self.publish(new_location, basic='ERP5TypeTestCase:',)
+    response = self.publish(
+        new_location,
+        basic='%s:%s' % (self.manager_username, self.manager_password),)
     self.assertEqual(HTTP_OK, response.getStatus())
     self.assertEqual('text/html; charset=utf-8',
                       response.getHeader('content-type'))

bt5/erp5_web/TestTemplateItem/portal_components/test.erp5.testOOoChart.py

@@ -47,7 +47,7 @@ class TestOOoChartMixin(ERP5TypeTestCase, ZopeTestCase.Functional):
   content_type = 'application/vnd.oasis.opendocument.graphics'
 
   def afterSetUp(self):
-    self.auth = 'ERP5TypeTestCase:'
+    self.auth = '%s:%s' % (self.manager_username, self.manager_password)
     portal = self.getPortal()
     container = portal.portal_skins.custom
     if self.form_id not in container.objectIds():

product/CMFActivity/tests/testCMFActivity.py

@@ -159,8 +159,7 @@ class TestCMFActivity(ERP5TypeTestCase, LogInterceptor):
 
   def login(self):
     uf = self.portal.acl_users
-    uf._doAddUser('seb', '', ['Manager'], [])
-    uf._doAddUser('ERP5TypeTestCase', '', ['Manager'], [])
+    uf._doAddUser('seb', self.newPassword(), ['Manager'], [])
     user = uf.getUserById('seb').__of__(uf)
     newSecurityManager(None, user)
 
@@ -715,7 +714,7 @@ class TestCMFActivity(ERP5TypeTestCase, LogInterceptor):
     organisation =  self.getOrganisation()
     # Add new user toto
     uf = self.portal.acl_users
-    uf._doAddUser('toto', '', ['Manager'], [])
+    uf._doAddUser('toto', self.newPassword(), ['Manager'], [])
     user = uf.getUserById('toto').__of__(uf)
     newSecurityManager(None, user)
     # Execute something as toto

product/ERP5/tests/testInvalidationBug.py

@@ -115,8 +115,11 @@ class TestInvalidationBug(ERP5TypeTestCase):
     ## make sure activity tool's OOBTree for family mapping is loaded before the test
     _ = activity_tool.getCurrentNodeFamilyIdSet()
     ## url to create some content using another zope
-    new_content_url = "http://ERP5TypeTestCase:@%s%s/Folder_create" % (
-      node_list[0], self.portal.organisation_module.getPath())
+    new_content_url = "http://%s:%s@%s%s/Folder_create" % (
+        self.manager_username,
+        self.manager_password,
+        node_list[0],
+        self.portal.organisation_module.getPath())
     ## prepare freeze/unfreeze of ZEO storage
     zeo_connection = storage._connection
     socket_map = zeo_connection._map

product/ERP5/tests/testInventoryAPI.py

@@ -144,13 +144,6 @@ class InventoryAPITestCase(ERP5TypeTestCase):
 
     self.tic()
 
-  def login(self, quiet=0, run=1):
-    uf = self.getPortal().acl_users
-    uf._doAddUser('alex', '', ['Manager', 'Assignee', 'Assignor',
-                               'Associate', 'Auditor', 'Author'], [])
-    user = uf.getUserById('alex').__of__(uf)
-    newSecurityManager(None, user)
-
   def createCategories(self):
     """Create the categories for our test. """
     # create categories

product/ERP5/tests/testXHTML.py

@@ -439,18 +439,7 @@ class TestXHTML(TestXHTMLMixin):
     )
 
   def afterSetUp(self):
-    self.portal = self.getPortal()
-
-    uf = self.getPortal().acl_users
-    uf._doAddUser('seb', '', ['Manager'], [])
-
-    self.loginByUserName('seb')
-    addUserToDeveloperRole('seb') # required to create content in portal_components
-    self.enableDefaultSitePreference()
-
-  def enableDefaultSitePreference(self):
-    portal_preferences = getToolByName(self.portal, 'portal_preferences')
-    default_site_preference = portal_preferences.default_site_preference
+    default_site_preference = self.portal.portal_preferences.default_site_preference
     if self.portal.portal_workflow.isTransitionPossible(default_site_preference, 'enable'):
       default_site_preference.enable()
 

product/ERP5OOo/tests/TestFormPrintoutMixin.py

@@ -40,12 +40,6 @@ class TestFormPrintoutMixin(ERP5TypeTestCase):
   def getBusinessTemplateList(self):
     return ('erp5_base', 'erp5_ui_test', 'erp5_odt_style')
 
-  def login(self):
-    uf = self.getPortal().acl_users
-    uf._doAddUser('zope', '', ['Manager'], [])
-    user = uf.getUserById('zope').__of__(uf)
-    newSecurityManager(None, user)
-
   def _validate(self, odf_file_data):
     error_list = self.validator.validate(odf_file_data)
     if error_list:

product/ERP5OOo/tests/testIngestion.py

@@ -37,7 +37,7 @@ from lxml import etree
 from AccessControl.SecurityManagement import newSecurityManager
 from AccessControl import Unauthorized
 from DateTime import DateTime
-from Products.ERP5Type.Utils import convertToUpperCase
+from Products.ERP5Type.Utils import bytes2str, convertToUpperCase, str2bytes
 from Products.ERP5Type.tests.ERP5TypeTestCase import (
   ERP5TypeTestCase, _getConversionServerUrlList)
 from Products.CMFCore.WorkflowCore import WorkflowException
@@ -2057,7 +2057,7 @@ return result
                                         'disable_cookie_login__': 1,
                                         }), headers={
        'Authorization': 'Basic %s' %
-         base64.b64encode('ERP5TypeTestCase:')
+         bytes2str(base64.b64encode(str2bytes('%s:%s' % (self.manager_username, self.manager_password))))
       })
     # disable_cookie_login__ is required to force zope to raise Unauthorized (401)
     # then HTTPDigestAuthHandler can perform HTTP Authentication

product/ERP5OOo/tests/testOOoBatchMode.py

@@ -33,21 +33,6 @@ from AccessControl.SecurityManagement import newSecurityManager
 from Products.ERP5Type.tests.ERP5TypeTestCase import ERP5TypeTestCase
 
 class TestOoodResponse(ERP5TypeTestCase):
-
-  manager_username = 'rie'
-  manager_password = 'rie'
-  quiet = 1
-  run_all_test = 1
-
-  def getTitle(self):
-    return "TestOOoBatchMode"
-
-  def login(self):
-    uf = self.getPortal().acl_users
-    uf._doAddUser(self.manager_username, self.manager_password, ['Manager'], [])
-    user = uf.getUserById(self.manager_username).__of__(uf)
-    newSecurityManager(None, user)
-
   def getBusinessTemplateList(self):
     return ('erp5_base',)
 

product/ERP5OOo/tests/testOOoDynamicStyle.py

@@ -39,8 +39,6 @@ from Products.ERP5OOo.OOoUtils import OOoBuilder
 
 
 class TestOooDynamicStyle(ERP5TypeTestCase):
-  manager_username = 'tatuya'
-  manager_password = 'tatuya'
   content_type_writer = 'application/vnd.oasis.opendocument.text'
   content = "<office:document-content xmlns:draw='urn:oasis:names:tc:opendocument:xmlns:drawing:1.0' xmlns:office='urn:oasis:names:tc:opendocument:xmlns:office:1.0' xmlns:text='urn:oasis:names:tc:opendocument:xmlns:text:1.0' xmlns:ooo='http://openoffice.org/2004/office' xmlns:number='urn:oasis:names:tc:opendocument:xmlns:datastyle:1.0' xmlns:dc='http://purl.org/dc/elements/1.1/' xmlns:meta='urn:oasis:names:tc:opendocument:xmlns:meta:1.0' xmlns:table='urn:oasis:names:tc:opendocument:xmlns:table:1.0' xmlns:dr3d='urn:oasis:names:tc:opendocument:xmlns:dr3d:1.0' xmlns:fo='urn:oasis:names:tc:opendocument:xmlns:xsl-fo-compatible:1.0' xmlns:style='urn:oasis:names:tc:opendocument:xmlns:style:1.0' xmlns:xforms='http://www.w3.org/2002/xforms' xmlns:form='urn:oasis:names:tc:opendocument:xmlns:form:1.0' xmlns:script='urn:oasis:names:tc:opendocument:xmlns:script:1.0' xmlns:ooow='http://openoffice.org/2004/writer' xmlns:svg='urn:oasis:names:tc:opendocument:xmlns:svg-compatible:1.0' xmlns:chart='urn:oasis:names:tc:opendocument:xmlns:chart:1.0' xmlns:dom='http://www.w3.org/2001/xml-events' xmlns:xlink='http://www.w3.org/1999/xlink' xmlns:xsd='http://www.w3.org/2001/XMLSchema' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' xmlns:oooc='http://openoffice.org/2004/calc' xmlns:math='http://www.w3.org/1998/Math/MathML' xmlns:tal='http://xml.zope.org/namespaces/tal' office:version='1.2'><office:scripts /><office:font-face-decls /><office:automatic-styles /><office:body><office:text /></office:body></office:document-content>"
 

product/ERP5OOo/tests/testOOoImport.py

@@ -399,7 +399,7 @@ class TestOOoImport(TestOOoImportMixin):
 
     user_name = 'author'
     user_folder = self.portal.acl_users
-    user_folder._doAddUser(user_name, '', ['Author', 'Member'], [])
+    user_folder._doAddUser(user_name, self.newPassword(), ['Author', 'Member'], [])
     user = user_folder.getUserById(user_name).__of__(user_folder)
     newSecurityManager(None, user)
 

product/ERP5OOo/tests/testOOoStyle.py

@@ -62,7 +62,7 @@ class TestOOoStyle(ERP5TypeTestCase, ZopeTestCase.Functional):
       gender.newContent(id='male')
       self.portal.portal_caches.clearAllCache()
 
-    self.auth = 'ERP5TypeTestCase:'
+    self.auth = '%s:%s' % (self.manager_user, self.manager_password)
     person_module = self.portal.person_module
     if person_module._getOb('pers', None) is None:
       person_module.newContent(id='pers', portal_type='Person')

product/ERP5Security/tests/testERP5Security.py

@@ -1603,7 +1603,7 @@ class TestOwnerRole(UserManagementTestCase):
       role_list = ['Member', 'Assignee', 'Assignor', 'Author', 'Auditor',
           'Associate']
     uf = self.portal.acl_users
-    uf._doAddUser(login, '', role_list, [])
+    uf._doAddUser(login, self.newPassword(), role_list, [])
 
   def test_owner_local_role_on_clone(self):
     # check that tested stuff is ok

product/ERP5Type/tests/ERP5TypeFunctionalTestCase.py

@@ -197,14 +197,9 @@ class FunctionalTestRunner:
   # There is no test that can take more than 6 hours
   timeout = 6.0 * 3600
 
-  def __init__(self, host, port, testcase):
-    self.instance_home = os.environ['INSTANCE_HOME']
-
-    # Such information should be automatically loaded
-    self.user = 'ERP5TypeTestCase'
-    self.password = ''
+  def __init__(self, testcase):
     self.testcase = testcase
-    profile_dir = os.path.join(self.instance_home, 'profile')
+    self.instance_home = os.environ['INSTANCE_HOME']
 
   def getStatus(self):
     transaction.begin()
@@ -326,10 +321,10 @@ class FunctionalTestRunner:
       EC.presence_of_element_located((By.ID, 'name')),
     )
     login_field.clear()
-    login_field.send_keys(self.user)
+    login_field.send_keys(self.testcase.manager_username)
     password_field = browser.find_element_by_id('password')
     password_field.clear()
-    password_field.send_keys(self.password)
+    password_field.send_keys(self.testcase.manager_password)
     login_form_url = browser.current_url
     # Note: password_field.submit() (and in general, x.submit(), even if x is
     # an <input type="submit"...>) does not work: it seems to submit only
@@ -444,8 +439,7 @@ class ERP5TypeFunctionalTestCase(ERP5TypeTestCase):
     # non-recursive results clean of portal_tests/ or portal_tests/``run_only``
     self.portal.portal_tests.TestTool_cleanUpTestResults(self.run_only or None)
     self.tic()
-    host, port = self.startHTTPServer()
-    self.runner = FunctionalTestRunner(host, port, self)
+    self.runner = FunctionalTestRunner(self)
 
   def setSystemPreference(self):
     self.portal.Zuite_setPreference(

product/ERP5Type/tests/ERP5TypeLiveTestCase.py

@@ -151,12 +151,6 @@ class ERP5TypeLiveTestCase(ERP5TypeTestCaseMixin):
     def _setup(self):
         '''Change some site properties in order to be ready for live test
         '''
-        # force a random password for ERP5TypeTestCase user by removing
-        # any existing one
-        try:
-          self.portal.acl_users.zodb_users.removeUser('ERP5TypeTestCase')
-        except (AttributeError, KeyError):
-          pass
         # Disabling portal_activities is required in order to avoid
         # conflict with other threads doing tic in the same time
         self.login()

product/ERP5Type/tests/ERP5TypeTestCase.py

@@ -218,6 +218,9 @@ class ERP5TypeTestCaseRequestConnection(object):
 class ERP5TypeTestCaseMixin(ProcessingNodeTestCase, PortalTestCase, functional.Functional):
     """Mixin class for ERP5 based tests.
     """
+    manager_username = 'ERP5TypeTestCase'
+    manager_password = None  # will be generated at setup
+
     def __init__(self, *args, **kw):
       super(ERP5TypeTestCaseMixin, self).__init__(*args, **kw)
       self.sequence_string_registry = {}
@@ -239,12 +242,33 @@ class ERP5TypeTestCaseMixin(ProcessingNodeTestCase, PortalTestCase, functional.F
       """
       return str(self.__class__)
 
-    def addERP5TypeTestCaseUser(self, password=None, user_folder=None):
-      if password is None:
-        password = self.newPassword()
-      if user_folder is None:
-        user_folder = self.portal.acl_users
-      user_folder._doAddUser('ERP5TypeTestCase', password, ['Manager', 'Member', 'Assignee',
+    def setUpManagerUser(self, quiet=False):
+      """Adds default manager user with all roles.
+      """
+      self._setUpManagerPassword()
+      uf = self.portal.acl_users
+      user = uf.getUser(self.manager_username)
+      if user is not None:
+        uf.zodb_users.removeUser(self.manager_username)
+
+      self._addUserWithAllRoles(
+        user_folder=uf,
+        username=self.manager_username,
+        password=self.manager_password,
+      )
+      if not quiet:
+        ZopeTestCase._print(
+          'Added %s user with password %s ...\n' % (
+            self.manager_username, self.manager_password))
+
+    def _setUpManagerPassword(self):
+      if self.manager_password is None:
+        ERP5TypeTestCaseMixin.manager_password = self.newPassword()
+
+    def _addUserWithAllRoles(self, user_folder, username, password):
+      """Adds a user with all roles.
+      """
+      assert user_folder._doAddUser(username, password, ['Manager', 'Member', 'Assignee',
                     'Assignor', 'Author', 'Auditor', 'Associate'], [])
 
     def newPassword(self):
@@ -259,14 +283,7 @@ class ERP5TypeTestCaseMixin(ProcessingNodeTestCase, PortalTestCase, functional.F
       reality. If you want to login by user_name, use loginByUserName()
       instead.
       """
-      try:
-        PortalTestCase.login(self, user_name)
-      except AttributeError:
-        if user_name == 'ERP5TypeTestCase':
-          self.addERP5TypeTestCaseUser()
-          return PortalTestCase.login(self, user_name)
-        else:
-          raise
+      return PortalTestCase.login(self, user_name)
 
     def loginByUserName(self, user_name='ERP5TypeTestCase', quiet=0):
       """
@@ -274,13 +291,6 @@ class ERP5TypeTestCaseMixin(ProcessingNodeTestCase, PortalTestCase, functional.F
       """
       uf = self.portal.acl_users
       user = uf.getUser(user_name)
-      if user is None:
-        if user_name == 'ERP5TypeTestCase':
-          self.addERP5TypeTestCaseUser(password='', user_folder=uf)
-          user = uf.getUser(user_name)
-        else:
-          raise RuntimeError("Could not find username '%s'" % user_name)
-
       if not hasattr(user, 'aq_base'):
         user = user.__of__(uf)
       newSecurityManager(None, user)
@@ -348,7 +358,7 @@ class ERP5TypeTestCaseMixin(ProcessingNodeTestCase, PortalTestCase, functional.F
           self.REQUEST.other.pop(key, None)
 
     def _setupUser(self):
-      '''Creates the default user.'''
+      '''Creates the default member user (for PortalTestCase).'''
       uf = self.portal.acl_users
       # do nothing if the user already exists
       if not uf.getUserById(user_name):
@@ -537,7 +547,7 @@ class ERP5TypeTestCaseMixin(ProcessingNodeTestCase, PortalTestCase, functional.F
     def createSimpleUser(self, title, reference, function):
       """
         Helper function to create a Simple ERP5 User.
-        User password is the reference.
+        User password is randomly generated.
       """
       user = self.createUser(reference, person_kw=dict(title=title))
       assignment = self.createUserAssignment(user, assignment_kw=dict(function=function))
@@ -546,11 +556,11 @@ class ERP5TypeTestCaseMixin(ProcessingNodeTestCase, PortalTestCase, functional.F
     def createUser(self, reference, password=None, person_kw=None):
       """
         Create an ERP5 User.
-        Default password is the reference.
+        Default password is randomly generated.
         person_kw is passed as additional arguments when creating the person
       """
       if password is None:
-        password = reference
+        password = self.newPassword()
       if person_kw is None:
         person_kw = {}
 
@@ -904,9 +914,6 @@ class ERP5TypeTestCaseMixin(ProcessingNodeTestCase, PortalTestCase, functional.F
 class ERP5TypeCommandLineTestCase(ERP5TypeTestCaseMixin):
     __original_ZMySQLDA_connect = None
 
-    def addERP5TypeTestCaseUser(self, password=None, **kw):
-      return super(ERP5TypeCommandLineTestCase, self).addERP5TypeTestCaseUser(password='', **kw)
-
     def getPortalName(self):
       """
         Return the name of a portal for this test case.
@@ -1009,6 +1016,7 @@ class ERP5TypeCommandLineTestCase(ERP5TypeTestCaseMixin):
       light_install = self.enableLightInstall()
       create_activities = self.enableActivityTool()
       hot_reindexing = self.enableHotReindexing()
+      self._setUpManagerPassword()
       self.setUpERP5Site(business_template_list=template_list,
                          light_install=light_install,
                          create_activities=create_activities,
@@ -1238,17 +1246,20 @@ class ERP5TypeCommandLineTestCase(ERP5TypeTestCaseMixin):
             self._getBTPathAndIdList(business_template_list)
           try:
             _start = time.time()
-            # Add user and log in
-            if not quiet:
-              ZopeTestCase._print('Adding ERP5TypeTestCase user ...\n')
+            # Add user at the root and log in
             uf = app.acl_users
-            self.addERP5TypeTestCaseUser(user_folder=uf)
-            user = uf.getUserById('ERP5TypeTestCase').__of__(uf)
+            root_username = 'ERP5TypeTestCase.root'
+            self._addUserWithAllRoles(
+              user_folder=uf,
+              username=root_username,
+              password=self.manager_password,
+            )
+            user = uf.getUserById(root_username).__of__(uf)
             newSecurityManager(None, user)
 
             # bt5s contain ZODB Components which can be only installed if the
             # user has Developer Role
-            addUserToDeveloperRole('ERP5TypeTestCase')
+            addUserToDeveloperRole(root_username)
 
             # Add ERP5 Site
             reindex = 1
@@ -1292,10 +1303,12 @@ class ERP5TypeCommandLineTestCase(ERP5TypeTestCaseMixin):
             self._recreateCatalog()
             self._updateConversionServerConfiguration()
             self._updateMemcachedConfiguration()
-            # Create a Manager user at the Portal level
-            uf = self.getPortal().acl_users
-            self.addERP5TypeTestCaseUser()
-            user = uf.getUserById('ERP5TypeTestCase').__of__(uf)
+            # Create a Manager user at the Portal level.
+            self.setUpManagerUser(quiet=quiet)
+            uf = self.portal.acl_users
+            user = uf.getUserById(self.manager_username).__of__(uf)
+            newSecurityManager(None, user)
+            addUserToDeveloperRole(self.manager_username)
 
             self._callSetUpOnce()
             self._reindexSite()

product/ERP5Type/tests/testDynamicClassGeneration.py

@@ -1564,7 +1564,7 @@ class TestZodbModuleComponent(SecurityTestCase):
     uf = self.portal.acl_users
     if not uf.getUserById('ERP5TypeTestCase_NonDeveloper'):
       uf._doAddUser('ERP5TypeTestCase_NonDeveloper',
-                    '', ['Manager', 'Member', 'Assignee',
+                    self.newPassword(), ['Manager', 'Member', 'Assignee',
                          'Assignor', 'Author', 'Auditor', 'Associate'], [])
 
     reference = self._generateReference('TestValidateInvalidateComponent')
@@ -2694,8 +2694,10 @@ def foobar(self, a, b="portal_type"):
 
     external_method.manage_setGuard({'guard_roles': 'Member'})
     self.assertEqual(self.portal.TestPythonScript(a='portal_ids'), 'Id Tool')
-    self.assertEqual(self.publish(base + '/portal_types/TestExternalMethod?'
-      'a=Types Tool&b=type_class', 'ERP5TypeTestCase:').getBody(), 'TypesTool')
+    self.assertEqual(self.publish(
+      base + '/portal_types/TestExternalMethod?a=Types Tool&b=type_class',
+      '%s:%s' % (self.manager_username, self.manager_password)
+    ).getBody(), b'TypesTool')
 
     sm = getSecurityManager()
     try:

product/ZMySQLDA/tests/testDeferredConnection.py

@@ -69,15 +69,6 @@ class TestDeferredConnection(ERP5TypeTestCase):
   def getTitle(self):
     return "Deferred Connection"
 
-  def afterSetUp(self):
-    self.login()
-
-  def login(self):
-    uf = self.getPortal().acl_users
-    uf._doAddUser('vincent', '', ['Manager'], [])
-    user = uf.getUserById('vincent').__of__(uf)
-    newSecurityManager(None, user)
-
   def monkeypatchConnection(self, connection):
     """
       Apply monkey patch on db and reset connection state to "unconnected".