- 11 Jul, 2024 4 commits
-
-
Kazuhiko Shiozaki authored
-
Jérome Perrin authored
cookie crumbler uses username:password base64 encoded and this relies on extracting the username from the cookie to set the session, but other authentication methods do not embed the username, but still share the same scripts to set the authentication cookie (so that we have one central point setting cookie with all the necessary attributes for security). The problem is that it's incorrect to try to decode an username with cookies from other authentication methods, simply because they do not contain the username. On python2 this was not causing visible error because everything is str, but the decoding error on python3 revealed this.
-
Jérome Perrin authored
-
Jérome Perrin authored
-
- 09 Jul, 2024 11 commits
-
-
Kazuhiko Shiozaki authored
in Python 2, _aq_dynamic() returns None without try..except but it raises ValueError in Python 3. (python 2) > /SR/parts/erp5/product/ZSQLCatalog/Extensions/zsqlbrain.py(31)_aq_dynamic() 31 -> def _aq_dynamic(self, name): 32 """Acquire an attribute from a real object. 33 """ 34 if name.startswith('__') : 35 return None 36 return getattr(self.getObject(), name, None) ((Pdb)) getattr(self.getObject(), name, None) *** ValueError: Unable to getObject from ZSQLBrain if ZSQL Method does not retrieve the `path` column from catalog table. ((Pdb)) r --Return-- > /SR/parts/erp5/product/ZSQLCatalog/Extensions/zsqlbrain.py(36)_aq_dynamic()->None # <-- !!! Co-authored-by: Jérome Perrin <jerome@nexedi.com>
-
Jérome Perrin authored
-
Jérome Perrin authored
- HTMLParseError no longer exist, on python3 parse_declaration throws AttributeError py2: https://github.com/python/cpython/blob/2.7/Lib/markupbase.py#L135-L140 https://github.com/python/cpython/blob/2.7/Lib/HTMLParser.py#L124 py3: https://github.com/python/cpython/blob/3.12/Lib/_markupbase.py#L130-L134 - scrubHTML must pass `html` as unicode on python2 and str on python3, adjust the check to cover both py2 / py3
-
Jérome Perrin authored
-
Jérome Perrin authored
On python2, attributes of new style classes (classes, not instances) were not properly validated. On python3, attributes of classes were not.
-
Jérome Perrin authored
In current versions, sorted is allowed in RestrictedPython. Also, our implementation of sorted was not correct with generators, it consumed the generator by iterating on it a first time to check the values.
-
Jérome Perrin authored
-
Jérome Perrin authored
-
Jérome Perrin authored
otherwise we will have an Exception in Python 3 while importing a Business Template, if a new portal type and its documents exist in the same Business Template. while importing a content file, like *.js... (BusinessTemplate.py) try: setattr(obj, property_name, data) except BrokenModified: obj.__Broken_state__[property_name] = data # <-- !!! obj._p_changed = 1 obj.__Broken_state__ access here also raises BrokenModified. while importing an XML file... (ZODB/broken.py) def __new__(class_, *args): result = object.__new__(class_) # <-- !!! result.__dict__['__Broken_newargs__'] = args return result we get an exception 'TypeError: object.__new__(Portal Type) is not safe, use Base.__new__()' Co-authored-by: Kazuhiko SHIOZAKI <kazuhiko@nexedi.com>
-
Rafael Monnerat authored
This prevents be confuse while editing the Connector.
-
Rafael Monnerat authored
This allow user know what is he configuring or accessing
-
- 07 Jul, 2024 1 commit
-
-
Kazuhiko Shiozaki authored
-
- 06 Jul, 2024 2 commits
-
-
Kazuhiko Shiozaki authored
One problem with hexdigest is that it's longer and the column was created as binary(16). We don't have a mechanism to run migrations on this table, so we use UNHEX in SQL to have the equivalent as digest() from hexdigest() Co-authored-by: Jérome Perrin <jerome@nexedi.com>
-
Arnaud Fontaine authored
SOAPpy.wstools import was working with python2 (and no longer with python3) because SOAPpy __init__ imported wstools but this was right anyway...
-
- 05 Jul, 2024 3 commits
-
-
Kazuhiko Shiozaki authored
-
Kazuhiko Shiozaki authored
-
Jérome Perrin authored
this works with astroid 3.2.0 and pylint 3.2.0
-
- 04 Jul, 2024 19 commits
-
-
Kazuhiko Shiozaki authored
Co-authored-by: Arnaud Fontaine <arnaud.fontaine@nexedi.com>
-
Jérome Perrin authored
-
Jérome Perrin authored
This reverts 8a5f5b5b (ZMySQLDA: fix string_literal usage, 2023-03-14) to apply this logic one step lower, because CMFActivity uses db.string_literal directly.
-
Jérome Perrin authored
-
Romain Courteaud authored
-
Romain Courteaud authored
-
Romain Courteaud authored
-
Romain Courteaud authored
-
Romain Courteaud authored
-
Romain Courteaud authored
-
Romain Courteaud authored
-
Romain Courteaud authored
erp5_officejs_support_request_ui_test: wait for gadget_erp5_page_support_request_fast_view_dialog to refresh the select field
-
Jérome Perrin authored
on python2, we use have a [python patch][patch] to globally make asyncore use poll, at that time we were using medusa and it was not exposing an option to use something else than select. [patch]: https://lab.nexedi.com/nexedi/slapos/-/blob/180f1553fa7774f05ae8e739dfef43fa2ae56c0a/component/python-2.7/asyncore_poll_insteadof_select.patch
-
Jérome Perrin authored
also add the missing tests
-
Jérome Perrin authored
page templates unicode resolver already takes care of coercing when needed and this is directly compatible with python2 and python3 Co-authored-by: Kazuhiko SHIOZAKI <kazuhiko@nexedi.com>
-
Jérome Perrin authored
This only works on python2
-
Kazuhiko Shiozaki authored
-
Carlos Ramos Carreño authored
The test testCMFActivity.TestCMFActivity.test_onErrorCallback was failing because some weak references were not dropped. The reason was that _DequeueMessageException was declared as global and it kept a traceback including the variables pointed by the weak references, preventing their garbage collection. This was fixed by using a class for the _DequeueMessageException instead of a singleton, and creating a new instance on every raise.
-
Jérome Perrin authored
This test assumed that activating a method with a string of length `n+x` as argument would be serialized in `x` more bytes that activating the same method with a string of length `n` as argument, which is only true for protocol 0 for multiple reasons ( short strings and long strings are serialized differently, "frames" are used with protocol 5) and db.string_literal seems to introduce a difference. Change the test to mock Message.dump to produce longer dumps instead of relying on this assumption.
-