GitLab

All workflow methods became published a few years ago, maybe when we updated CMF or Zope. This properly implements in ERP5 the protection of workflow methods, it should not be able to pass a workflow method transition from an HTTP request, unless this transition wraps a method that is publishable.

WIP: At this point, this MR just "repair ERP5", the next step can be to remove guards on workflow methods on all default workflows, like it was done here for validation_workflow.