On python2, attributes of new style classes (classes, not instances)
were not properly validated. On python3, attributes of classes were not.

In current versions, sorted is allowed in RestrictedPython.

Also, our implementation of sorted was not correct with generators,
it consumed the generator by iterating on it a first time to check the
values.

otherwise we will have an Exception in Python 3 while importing a Business Template,
if a new portal type and its documents exist in the same Business Template.

while importing a content file, like *.js...

(BusinessTemplate.py)
  try:
    setattr(obj, property_name, data)
  except BrokenModified:
    obj.__Broken_state__[property_name] = data # <-- !!!
    obj._p_changed = 1

obj.__Broken_state__ access here also raises BrokenModified.

while importing an XML file...

(ZODB/broken.py)
  def __new__(class_, *args):
    result = object.__new__(class_) # <-- !!!
    result.__dict__['__Broken_newargs__'] = args
    return result

we get an exception 'TypeError: object.__new__(Portal Type) is not safe, use Base.__new__()'
Co-authored-by: Kazuhiko SHIOZAKI <kazuhiko@nexedi.com>

  This prevents be confuse while editing the Connector.

  This allow user know what is he configuring or accessing

One problem with hexdigest is that it's longer and the column was
created as binary(16). We don't have a mechanism to run migrations on
this table, so we use UNHEX in SQL to have the equivalent as digest()
from hexdigest()
Co-authored-by: Jérome Perrin <jerome@nexedi.com>

SOAPpy.wstools import was working with python2 (and no longer with python3)
because SOAPpy __init__ imported wstools but this was right anyway...

this works with astroid 3.2.0 and pylint 3.2.0

Co-authored-by: Arnaud Fontaine <arnaud.fontaine@nexedi.com>

This reverts 8a5f5b5b (ZMySQLDA: fix string_literal usage, 2023-03-14)
to apply this logic one step lower, because CMFActivity uses
db.string_literal directly.

erp5_officejs_support_request_ui_test: wait for gadget_erp5_page_support_request_fast_view_dialog to refresh the select field

on python2, we use have a [python patch][patch] to globally make
asyncore use poll, at that time we were using medusa and it was not
exposing an option to use something else than select.

[patch]: https://lab.nexedi.com/nexedi/slapos/-/blob/180f1553fa7774f05ae8e739dfef43fa2ae56c0a/component/python-2.7/asyncore_poll_insteadof_select.patch

also add the missing tests

page templates unicode resolver already takes care of coercing when
needed and this is directly compatible with python2 and python3
Co-authored-by: Kazuhiko SHIOZAKI <kazuhiko@nexedi.com>

This only works on python2

The test testCMFActivity.TestCMFActivity.test_onErrorCallback was
failing because some weak references were not dropped.
The reason was that _DequeueMessageException was declared as global
and it kept a traceback including the variables pointed by the weak
references, preventing their garbage collection.
This was fixed by using a class for the _DequeueMessageException
instead of a singleton, and creating a new instance on every raise.

This test assumed that activating a method with a string of length `n+x`
as argument would be serialized in `x` more bytes that activating the
same method with a string of length `n` as argument, which is only true
for protocol 0 for multiple reasons ( short strings and long strings
are serialized differently, "frames" are used with protocol 5) and
db.string_literal seems to introduce a difference.

Change the test to mock Message.dump to produce longer dumps instead of
relying on this assumption.

_resultForDoCleanups no longer exists on python3, getting the status
of a test in teardown is very different accross python versions ( see
https://stackoverflow.com/q/4414234 ) and just executing this code when
the test failed only has the problem that a test method may count as
two failures or errors, which is after all not a big problem.

On recent pylint, this is flagged as unnecessary-pass

Also update the link that was pointing to python2 doc

   On login pages

  This is helpfull to display or not the buttons on login page

  If the login button isnt suppose to work, dont display it.

We may want to set autocomplete 'off' or whatever other value

Activity distribution (actually: validation) is fundamentally a bottleneck
of the current CMFActivity design: there can be only one distribution/
validation node, and it must check every single activity which express a
dependency over any activity, until these dependencies are satisfied.
As a result, distribution/validation is in the critical path between an
activity being spawned and it being executed, and this work cannot be
parallelised. So care should be taken to waste as little time as possible,
in order to reduce the activity execution latency.

Before this change, CMFActivity would distribute at most 1000 activities
(MAX_VALIDATED_LIMIT) per queue per timerserver wake-up.
In a typical ERP5 setup, timerserver ticks once per second, which means
CMFActivity was unable to validate more than 1000 activities per second
per queue. Maybe there are more activities which are possible to validate
but still the code was forcing the node to sleep until the next wake-up,
which is a tremendous waste of time.

This change fixes that issue by having ActivityTool.distribute keep looping
until there has been an iteration over all activity queues which
simultaneously did not find any activity they could validate. This lets
Zope yield CPU control when it would be better spent processing activities
(those which are preventing the validation of any activities remaining to
validate) without imposing a maximum effective validation-per-second
hard limit.

Committing serves two purposes:
- obviously: it makes any transactional data change persistent
- less obviously: it releases the database transactional snapshot taken by
  any previously issued query, allowing that snapshot and all snapshots
  after it to be also freed (ex: garbage collecting the data records that
  no other transaction can see)
In the current state of the code flow, this does not change much: after
this method returns the code flow should quickly hit a commit anyway,
either in dequeueMessage or before handing control back to timerserver,
thereby ending the Zope-initiated transaction.
But this will not be true in a future version of the code.