new test with ERP5-style workflow to cover python3 migration

with ROUND_DOWN, we have a different behaviour between py2/py3, that caused failures in
erp5_simplified_invoicing:testTradeModelLine.

Here is what happened in _round(1.9999999999999998) in
bt5/erp5_simulation/DocumentTemplateItem/portal_components/document.erp5.FloatEquivalenceTester.py

* py2
decimal.Decimal(str(1.9999999999999998)).quantize(decimal.Decimal('0.000001'), 'ROUND_DOWN')
=> Decimal('2.000000')
(because str(1.9999999999999998) is '2.0')

* py3
decimal.Decimal(str(1.9999999999999998)).quantize(decimal.Decimal('0.000001'), 'ROUND_DOWN')
=> Decimal('1.999999')
(because str(1.9999999999999998) is '1.9999999999999998')

But ROUND_DOWN result of 1.9999999999999998 with 0.000001 precision should be 1.999999 thus py2 behaviour is wrong.

Run zope with ERP5_COMPONENT_OVERRIDE_PATH set to a : separated list of
path containing components files to load components from files instead
of portal_components.

This can be used to repair zope after a bad edit of component.

for pylint 3 to understand erp5 dynamic modules

We want these columns to be "binary" so that mariadbd compares them
without any collation, but we don't want to use binary type, because on
python 3 the brain attributes are bytes (user ids are strings everywhere
else).

This also normalize the same columns present in worklist cache table.

I don't know a PYTHONHASHSEED to see the problem on python2, but on
python 3 erp5_payroll_l10n_fr:testSimplifiedPayslipReport fails all the
time with this.

On python3 the percentages are sometimes printed as 6.8500000000000005%

cookie crumbler uses username:password base64 encoded and this relies
on extracting the username from the cookie to set the session, but
other authentication methods do not embed the username, but still share
the same scripts to set the authentication cookie (so that we have one
central point setting cookie with all the necessary attributes for
security).
The problem is that it's incorrect to try to decode an username with
cookies from other authentication methods, simply because they do not
contain the username. On python2 this was not causing visible error
because everything is str, but the decoding error on python3 revealed
this.

in Python 2, _aq_dynamic() returns None without try..except but it raises ValueError in Python 3.

(python 2)
> /SR/parts/erp5/product/ZSQLCatalog/Extensions/zsqlbrain.py(31)_aq_dynamic()
 31  ->   def _aq_dynamic(self, name):
 32         """Acquire an attribute from a real object.
 33         """
 34         if name.startswith('__') :
 35           return None
 36         return getattr(self.getObject(), name, None)
((Pdb)) getattr(self.getObject(), name, None)
*** ValueError: Unable to getObject from ZSQLBrain if ZSQL Method does not retrieve the `path` column from catalog table.
((Pdb)) r
--Return--
> /SR/parts/erp5/product/ZSQLCatalog/Extensions/zsqlbrain.py(36)_aq_dynamic()->None # <-- !!!
Co-authored-by: Jérome Perrin <jerome@nexedi.com>

- HTMLParseError no longer exist, on python3 parse_declaration throws
AttributeError

py2:
  https://github.com/python/cpython/blob/2.7/Lib/markupbase.py#L135-L140
  https://github.com/python/cpython/blob/2.7/Lib/HTMLParser.py#L124
py3:
  https://github.com/python/cpython/blob/3.12/Lib/_markupbase.py#L130-L134

- scrubHTML must pass `html` as unicode on python2 and str on python3,
adjust the check to cover both py2 / py3

On python2, attributes of new style classes (classes, not instances)
were not properly validated. On python3, attributes of classes were not.

In current versions, sorted is allowed in RestrictedPython.

Also, our implementation of sorted was not correct with generators,
it consumed the generator by iterating on it a first time to check the
values.

otherwise we will have an Exception in Python 3 while importing a Business Template,
if a new portal type and its documents exist in the same Business Template.

while importing a content file, like *.js...

(BusinessTemplate.py)
  try:
    setattr(obj, property_name, data)
  except BrokenModified:
    obj.__Broken_state__[property_name] = data # <-- !!!
    obj._p_changed = 1

obj.__Broken_state__ access here also raises BrokenModified.

while importing an XML file...

(ZODB/broken.py)
  def __new__(class_, *args):
    result = object.__new__(class_) # <-- !!!
    result.__dict__['__Broken_newargs__'] = args
    return result

we get an exception 'TypeError: object.__new__(Portal Type) is not safe, use Base.__new__()'
Co-authored-by: Kazuhiko SHIOZAKI <kazuhiko@nexedi.com>

  This prevents be confuse while editing the Connector.

  This allow user know what is he configuring or accessing

One problem with hexdigest is that it's longer and the column was
created as binary(16). We don't have a mechanism to run migrations on
this table, so we use UNHEX in SQL to have the equivalent as digest()
from hexdigest()
Co-authored-by: Jérome Perrin <jerome@nexedi.com>

SOAPpy.wstools import was working with python2 (and no longer with python3)
because SOAPpy __init__ imported wstools but this was right anyway...

this works with astroid 3.2.0 and pylint 3.2.0

Co-authored-by: Arnaud Fontaine <arnaud.fontaine@nexedi.com>

This reverts 8a5f5b5b (ZMySQLDA: fix string_literal usage, 2023-03-14)
to apply this logic one step lower, because CMFActivity uses
db.string_literal directly.