slapos_administration: migrate to new business template format

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_administration/ActiveProcess_deleteSelf.py

+from zExceptions import Unauthorized
+if REQUEST is not None:
+  raise Unauthorized
+
+if context.getPortalType() != 'Active Process':
+  raise TypeError('Call me on Active Process')
+
+context.getParentValue().deleteContent(context.getId())

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_administration/ActiveProcess_deleteSelf.xml

@@ -48,18 +48,6 @@
               </object>
             </value>
         </item>
-        <item>
-            <key> <string>_body</string> </key>
-            <value> <string>from zExceptions import Unauthorized\n
-if REQUEST is not None:\n
-  raise Unauthorized\n
-\n
-if context.getPortalType() != \'Active Process\':\n
-  raise TypeError(\'Call me on Active Process\')\n
-\n
-context.getParentValue().deleteContent(context.getId())\n
-</string> </value>
-        </item>
         <item>
             <key> <string>_params</string> </key>
             <value> <string>REQUEST=None</string> </value>

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_administration/Alarm_checkUnindexedSecurityUid.py

+from Products.CMFActivity.ActiveResult import ActiveResult
+
+portal = context.getPortalObject()
+active_process = context.newActiveProcess().getRelativeUrl()
+
+missing_security_uid_list = portal.z_search_unindexed_security_uid()
+
+if len(missing_security_uid_list) > 0:
+  if fixit:
+    summary = "Security UIDs were inconsistent (fixing it)"
+    portal.z_refresh_roles_and_users()
+  else:
+    summary="Security UIDs are inconsistent"
+     
+  active_process.postResult(ActiveResult(
+         summary=summary,
+         severity=100,
+         detail="Missing Security Uid List: %s " % missing_security_uid_list))

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_administration/Alarm_checkUnindexedSecurityUid.xml

@@ -48,32 +48,6 @@
               </object>
             </value>
         </item>
-        <item>
-            <key> <string>_body</string> </key>
-            <value> <string encoding="cdata"><![CDATA[
-
-from Products.CMFActivity.ActiveResult import ActiveResult\n
-\n
-portal = context.getPortalObject()\n
-active_process = context.newActiveProcess().getRelativeUrl()\n
-\n
-missing_security_uid_list = portal.z_search_unindexed_security_uid()\n
-\n
-if len(missing_security_uid_list) > 0:\n
-  if fixit:\n
-    summary = "Security UIDs were inconsistent (fixing it)"\n
-    portal.z_refresh_roles_and_users()\n
-  else:\n
-    summary="Security UIDs are inconsistent"\n
-     \n
-  active_process.postResult(ActiveResult(\n
-         summary=summary,\n
-         severity=100,\n
-         detail="Missing Security Uid List: %s " % missing_security_uid_list))\n
-
-
-]]></string> </value>
-        </item>
         <item>
             <key> <string>_params</string> </key>
             <value> <string>tag, fixit, **kw</string> </value>

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_administration/Alarm_cleanupBusinessTemplate.py

+active_process = context.newActiveProcess().getRelativeUrl()
+
+context.portal_templates.TemplateTool_deleteObsoleteTemplateList(
+  fixit=fixit, tag=tag, active_process=active_process)
+  
+context.portal_templates.TemplateTool_unindexDeletedObjectList(
+  fixit=fixit, tag=tag, active_process=active_process)

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_administration/Alarm_cleanupBusinessTemplate.xml

@@ -48,17 +48,6 @@
               </object>
             </value>
         </item>
-        <item>
-            <key> <string>_body</string> </key>
-            <value> <string>active_process = context.newActiveProcess().getRelativeUrl()\n
-\n
-context.portal_templates.TemplateTool_deleteObsoleteTemplateList(\n
-  fixit=fixit, tag=tag, active_process=active_process)\n
-  \n
-context.portal_templates.TemplateTool_unindexDeletedObjectList(\n
-  fixit=fixit, tag=tag, active_process=active_process)\n
-</string> </value>
-        </item>
         <item>
             <key> <string>_params</string> </key>
             <value> <string>tag,fixit, **kw</string> </value>

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_administration/Alarm_initiateActiveProcessCleanup.py

+from Products.ERP5Type.DateUtils import addToDate
+from Products.ZSQLCatalog.SQLCatalog import Query
+from DateTime import DateTime
+
+context.portal_catalog.searchAndActivate(
+  portal_type='Active Process',
+  creation_date=Query(creation_date=addToDate(DateTime(), to_add={'day': -21}), range="max"),
+  method_id='ActiveProcess_deleteSelf',
+  activate_kw={'tag': tag}
+)
+
+
+# register activity on alarm object waiting for own tag in order to have only one alarm
+# running in same time
+context.activate(after_tag=tag).getId()

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_administration/Alarm_initiateActiveProcessCleanup.xml

@@ -48,25 +48,6 @@
               </object>
             </value>
         </item>
-        <item>
-            <key> <string>_body</string> </key>
-            <value> <string>from Products.ERP5Type.DateUtils import addToDate\n
-from Products.ZSQLCatalog.SQLCatalog import Query\n
-from DateTime import DateTime\n
-\n
-context.portal_catalog.searchAndActivate(\n
-  portal_type=\'Active Process\',\n
-  creation_date=Query(creation_date=addToDate(DateTime(), to_add={\'day\': -21}), range="max"),\n
-  method_id=\'ActiveProcess_deleteSelf\',\n
-  activate_kw={\'tag\': tag}\n
-)\n
-\n
-\n
-# register activity on alarm object waiting for own tag in order to have only one alarm\n
-# running in same time\n
-context.activate(after_tag=tag).getId()\n
-</string> </value>
-        </item>
         <item>
             <key> <string>_params</string> </key>
             <value> <string>tag, fixit, params</string> </value>

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_administration/Alarm_searchDuplicatedSoftwareInstance.py

+active_process = context.newActiveProcess().getRelativeUrl()
+
+context.getPortalObject().portal_catalog.searchAndActivate(
+      method_id='HostingSubscription_checkDuplicatedInstance',
+      method_kw=dict(fixit=fixit, active_process=active_process),
+      activate_kw=dict(tag=tag, priority=5),
+      portal_type="Hosting Subscription", 
+      validation_state="validated")

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_administration/Alarm_searchDuplicatedSoftwareInstance.xml

@@ -48,18 +48,6 @@
               </object>
             </value>
         </item>
-        <item>
-            <key> <string>_body</string> </key>
-            <value> <string>active_process = context.newActiveProcess().getRelativeUrl()\n
-\n
-context.getPortalObject().portal_catalog.searchAndActivate(\n
-      method_id=\'HostingSubscription_checkDuplicatedInstance\',\n
-      method_kw=dict(fixit=fixit, active_process=active_process),\n
-      activate_kw=dict(tag=tag, priority=5),\n
-      portal_type="Hosting Subscription", \n
-      validation_state="validated")\n
-</string> </value>
-        </item>
         <item>
             <key> <string>_params</string> </key>
             <value> <string>tag, fixit, **kw</string> </value>

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_administration/ERP5Site_getSecurityUidListForRecreateTable.py

+security_uid_entry_list = []
+for item in context.getPortalObject().portal_catalog.getSQLCatalog().getRoleAndSecurityUidList():
+  if isinstance(item[0], tuple):
+    for role in item[0]:
+      security_uid_entry_list.append((item[1], role))
+
+return security_uid_entry_list

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_administration/ERP5Site_getSecurityUidListForRecreateTable.xml

@@ -48,17 +48,6 @@
               </object>
             </value>
         </item>
-        <item>
-            <key> <string>_body</string> </key>
-            <value> <string>security_uid_entry_list = []\n
-for item in context.getPortalObject().portal_catalog.getSQLCatalog().getRoleAndSecurityUidList():\n
-  if isinstance(item[0], tuple):\n
-    for role in item[0]:\n
-      security_uid_entry_list.append((item[1], role))\n
-\n
-return security_uid_entry_list\n
-</string> </value>
-        </item>
         <item>
             <key> <string>_params</string> </key>
             <value> <string></string> </value>

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_administration/HostingSubscription_checkDuplicatedInstance.py

+from Products.CMFActivity.ActiveResult import ActiveResult
+portal = context.getPortalObject()
+
+software_instance_list = context.getSpecialiseRelatedValueList(
+  portal_type=["Slave Instance", "Software Instance"])
+
+if len(software_instance_list) == 1:
+  return 
+
+title_dict = {}
+
+active_process = portal.restrictedTraverse(active_process)
+
+for software_instance in software_instance_list:
+  if software_instance.getSlapState() == "destroy_requested":
+    continue
+
+  title = software_instance.getTitle() 
+  if title in title_dict:
+    title_dict[title].append(software_instance.getObject())
+  else:
+    title_dict[title] = [software_instance.getObject()]
+
+
+for title in title_dict:
+  if len(title_dict[title]) > 1:
+    if fixit:
+      for software_instance in title_dict[title]:
+        if len(software_instance.getAggregate([])) == 0:
+          active_process.postResult(ActiveResult(
+            summary="Fixing %s which duplication and is not allocated (%s)" \
+                % (software_instance.getRelativeUrl(), context.getRelativeUrl()),
+            severity=0,
+            detail=""))
+          software_instance.activate().SoftwareInstance_destroyAsSelf()          
+    else:
+      active_process.postResult(ActiveResult(
+         summary="%s has duplication" % context.getRelativeUrl(),
+         severity=100,
+         detail="%s has duplication on %s (%s)" % (context.getRelativeUrl(), title, len(title_dict[title]))))

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_administration/HostingSubscription_checkDuplicatedInstance.xml

@@ -48,54 +48,6 @@
               </object>
             </value>
         </item>
-        <item>
-            <key> <string>_body</string> </key>
-            <value> <string encoding="cdata"><![CDATA[
-
-from Products.CMFActivity.ActiveResult import ActiveResult\n
-portal = context.getPortalObject()\n
-\n
-software_instance_list = context.getSpecialiseRelatedValueList(\n
-  portal_type=["Slave Instance", "Software Instance"])\n
-\n
-if len(software_instance_list) == 1:\n
-  return \n
-\n
-title_dict = {}\n
-\n
-active_process = portal.restrictedTraverse(active_process)\n
-\n
-for software_instance in software_instance_list:\n
-  if software_instance.getSlapState() == "destroy_requested":\n
-    continue\n
-\n
-  title = software_instance.getTitle() \n
-  if title in title_dict:\n
-    title_dict[title].append(software_instance.getObject())\n
-  else:\n
-    title_dict[title] = [software_instance.getObject()]\n
-\n
-\n
-for title in title_dict:\n
-  if len(title_dict[title]) > 1:\n
-    if fixit:\n
-      for software_instance in title_dict[title]:\n
-        if len(software_instance.getAggregate([])) == 0:\n
-          active_process.postResult(ActiveResult(\n
-            summary="Fixing %s which duplication and is not allocated (%s)" \\\n
-                % (software_instance.getRelativeUrl(), context.getRelativeUrl()),\n
-            severity=0,\n
-            detail=""))\n
-          software_instance.activate().SoftwareInstance_destroyAsSelf()          \n
-    else:\n
-      active_process.postResult(ActiveResult(\n
-         summary="%s has duplication" % context.getRelativeUrl(),\n
-         severity=100,\n
-         detail="%s has duplication on %s (%s)" % (context.getRelativeUrl(), title, len(title_dict[title]))))\n
-
-
-]]></string> </value>
-        </item>
         <item>
             <key> <string>_params</string> </key>
             <value> <string>fixit, active_process</string> </value>

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_administration/SoftwareInstance_destroyAsSelf.py

+from zExceptions import Unauthorized
+if REQUEST is not None:
+  raise Unauthorized
+
+if context.getAggregate() is not None:
+  raise ValueError('Do not destroy allocated instances automatically!')
+
+# Change desired state
+promise_kw = {
+    'instance_xml': context.getTextContent(),
+    'software_type': context.getSourceReference(),
+    'sla_xml': context.getSlaXml(),
+    'software_release': context.getUrlString(),
+    'shared': context.getPortalType()=="Slave Instance",
+  }
+
+request_software_instance_url = context.getRelativeUrl()
+context.REQUEST.set('request_instance', context)
+
+context.requestDestroy(**promise_kw)
+
+title = context.getTitle()
+context.setTitle(title + "_renamed_and_destroyed")
+
+context.REQUEST.set('request_instance', None)

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_administration/SoftwareInstance_destroyAsSelf.xml

@@ -48,35 +48,6 @@
               </object>
             </value>
         </item>
-        <item>
-            <key> <string>_body</string> </key>
-            <value> <string>from zExceptions import Unauthorized\n
-if REQUEST is not None:\n
-  raise Unauthorized\n
-\n
-if context.getAggregate() is not None:\n
-  raise ValueError(\'Do not destroy allocated instances automatically!\')\n
-\n
-# Change desired state\n
-promise_kw = {\n
-    \'instance_xml\': context.getTextContent(),\n
-    \'software_type\': context.getSourceReference(),\n
-    \'sla_xml\': context.getSlaXml(),\n
-    \'software_release\': context.getUrlString(),\n
-    \'shared\': context.getPortalType()=="Slave Instance",\n
-  }\n
-\n
-request_software_instance_url = context.getRelativeUrl()\n
-context.REQUEST.set(\'request_instance\', context)\n
-\n
-context.requestDestroy(**promise_kw)\n
-\n
-title = context.getTitle()\n
-context.setTitle(title + "_renamed_and_destroyed")\n
-\n
-context.REQUEST.set(\'request_instance\', None)\n
-</string> </value>
-        </item>
         <item>
             <key> <string>_params</string> </key>
             <value> <string>REQUEST=None</string> </value>

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_administration/TemplateTool_deleteObsoleteTemplateList.py

+"""
+  This is a custom version, because we don't want to definitly delete the objects
+  but only change state to 'deleted'.
+  
+  This script can also include custom deletions, which comes from legacy 
+  implementations and/or garbage left behind from upgrader.
+"""
+
+from Products.CMFActivity.ActiveResult import ActiveResult
+portal = context.getPortalObject()
+active_process = portal.restrictedTraverse(active_process)
+
+
+portal_templates = context.getPortalObject().portal_templates
+delete_list = []
+bt_list = portal_templates.objectValues()
+for bt in bt_list:
+  bt_id = bt.getId()
+  installation_state = bt.getInstallationState()
+  if installation_state in ('replaced'):
+    if fixit:
+      bt.getObject().delete()
+      summary="%s was deleted." % bt.getRelativeUrl()
+    else:
+      summary="%s is going to be deleted." % bt.getRelativeUrl()
+    active_process.postResult(ActiveResult(
+         summary=summary,
+         severity=2,
+         detail=""))
+
+  elif installation_state == 'not_installed':
+    title = bt.getTitle()
+    modification_date = bt.getModificationDate()
+    for x in bt_list:
+      if (x.getTitle() == title and
+          x.getInstallationState() in ('installed', 'not_installed') and
+          x.getModificationDate() > modification_date):
+        if fixit:
+          bt.getObject().delete()
+          summary="%s was deleted." % bt.getRelativeUrl()
+        else:
+          summary="%s is going to be deleted." % bt.getRelativeUrl()
+        active_process.postResult(ActiveResult(
+             summary=summary,
+             severity=2,
+             detail=""))
+        break
+
+  elif bt.getTitle().startswith("vifib_") and bt.getVersion() == "999": 
+    delete_list.append(bt_id)
+
+if len(delete_list):
+  if fixit:
+    context.portal_templates.manage_delObjects(delete_list)
+    summary="The bt5 with the followed ids were deleted forever: %s" % delete_list
+  else:
+    summary="The bt5 with the followed ids are going to be deleted forever: %s" % delete_list
+  active_process.postResult(ActiveResult(
+     summary=summary,
+     severity=2,
+     detail=""))

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_administration/TemplateTool_deleteObsoleteTemplateList.xml

@@ -48,75 +48,6 @@
               </object>
             </value>
         </item>
-        <item>
-            <key> <string>_body</string> </key>
-            <value> <string encoding="cdata"><![CDATA[
-
-"""\n
-  This is a custom version, because we don\'t want to definitly delete the objects\n
-  but only change state to \'deleted\'.\n
-  \n
-  This script can also include custom deletions, which comes from legacy \n
-  implementations and/or garbage left behind from upgrader.\n
-"""\n
-\n
-from Products.CMFActivity.ActiveResult import ActiveResult\n
-portal = context.getPortalObject()\n
-active_process = portal.restrictedTraverse(active_process)\n
-\n
-\n
-portal_templates = context.getPortalObject().portal_templates\n
-delete_list = []\n
-bt_list = portal_templates.objectValues()\n
-for bt in bt_list:\n
-  bt_id = bt.getId()\n
-  installation_state = bt.getInstallationState()\n
-  if installation_state in (\'replaced\'):\n
-    if fixit:\n
-      bt.getObject().delete()\n
-      summary="%s was deleted." % bt.getRelativeUrl()\n
-    else:\n
-      summary="%s is going to be deleted." % bt.getRelativeUrl()\n
-    active_process.postResult(ActiveResult(\n
-         summary=summary,\n
-         severity=2,\n
-         detail=""))\n
-\n
-  elif installation_state == \'not_installed\':\n
-    title = bt.getTitle()\n
-    modification_date = bt.getModificationDate()\n
-    for x in bt_list:\n
-      if (x.getTitle() == title and\n
-          x.getInstallationState() in (\'installed\', \'not_installed\') and\n
-          x.getModificationDate() > modification_date):\n
-        if fixit:\n
-          bt.getObject().delete()\n
-          summary="%s was deleted." % bt.getRelativeUrl()\n
-        else:\n
-          summary="%s is going to be deleted." % bt.getRelativeUrl()\n
-        active_process.postResult(ActiveResult(\n
-             summary=summary,\n
-             severity=2,\n
-             detail=""))\n
-        break\n
-\n
-  elif bt.getTitle().startswith("vifib_") and bt.getVersion() == "999": \n
-    delete_list.append(bt_id)\n
-\n
-if len(delete_list):\n
-  if fixit:\n
-    context.portal_templates.manage_delObjects(delete_list)\n
-    summary="The bt5 with the followed ids were deleted forever: %s" % delete_list\n
-  else:\n
-    summary="The bt5 with the followed ids are going to be deleted forever: %s" % delete_list\n
-  active_process.postResult(ActiveResult(\n
-     summary=summary,\n
-     severity=2,\n
-     detail=""))\n
-
-
-]]></string> </value>
-        </item>
         <item>
             <key> <string>_params</string> </key>
             <value> <string>tag, fixit, active_process, **kw</string> </value>

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_administration/TemplateTool_unindexDeletedObjectList.py

+"""
+  Unindexed deleted business template in order to the manager don't see it.
+  
+  This is script is probably a workarround.
+"""
+
+from Products.CMFActivity.ActiveResult import ActiveResult
+portal = context.getPortalObject()
+active_process = portal.restrictedTraverse(active_process)
+
+unindexed_list = []
+for i in context.portal_templates.portal_catalog(portal_type="Business Template"):
+  if i.getInstallationState() == "deleted":
+    unindexed_list.append(i.path)
+    if fixit:
+      context.portal_catalog.activate(
+        activity="SQLQueue").unindexObject(uid=i.uid)
+
+if len(unindexed_list):
+  if fixit:
+    summary="The followed bt5 were unindexed: %s" % unindexed_list
+  else:
+    summary="The followed bt5 are going to be unindexed: %s" % unindexed_list
+  active_process.postResult(ActiveResult(
+     summary=summary,
+     severity=2,
+     detail=""))

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_administration/TemplateTool_unindexDeletedObjectList.xml

@@ -48,37 +48,6 @@
               </object>
             </value>
         </item>
-        <item>
-            <key> <string>_body</string> </key>
-            <value> <string>"""\n
-  Unindexed deleted business template in order to the manager don\'t see it.\n
-  \n
-  This is script is probably a workarround.\n
-"""\n
-\n
-from Products.CMFActivity.ActiveResult import ActiveResult\n
-portal = context.getPortalObject()\n
-active_process = portal.restrictedTraverse(active_process)\n
-\n
-unindexed_list = []\n
-for i in context.portal_templates.portal_catalog(portal_type="Business Template"):\n
-  if i.getInstallationState() == "deleted":\n
-    unindexed_list.append(i.path)\n
-    if fixit:\n
-      context.portal_catalog.activate(\n
-        activity="SQLQueue").unindexObject(uid=i.uid)\n
-\n
-if len(unindexed_list):\n
-  if fixit:\n
-    summary="The followed bt5 were unindexed: %s" % unindexed_list\n
-  else:\n
-    summary="The followed bt5 are going to be unindexed: %s" % unindexed_list\n
-  active_process.postResult(ActiveResult(\n
-     summary=summary,\n
-     severity=2,\n
-     detail=""))\n
-</string> </value>
-        </item>
         <item>
             <key> <string>_params</string> </key>
             <value> <string>tag, fixit, active_process, **kw</string> </value>

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_administration/z_refresh_roles_and_users.sql

+DELETE FROM roles_and_users
+<dtml-var sql_delimiter>
+INSERT INTO roles_and_users (uid, allowedRolesAndUsers) VALUES
+<dtml-in prefix="role" expr="ERP5Site_getSecurityUidListForRecreateTable()">
+(<dtml-sqlvar sequence-key type="int">,<dtml-sqlvar expr="role_item" type="string">)<dtml-if sequence-end><dtml-else>,</dtml-if>
+</dtml-in>
\ No newline at end of file

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_administration/z_refresh_roles_and_users.xml

@@ -24,19 +24,6 @@
             <key> <string>id</string> </key>
             <value> <string>z_refresh_roles_and_users</string> </value>
         </item>
-        <item>
-            <key> <string>src</string> </key>
-            <value> <string encoding="cdata"><![CDATA[
-
-DELETE FROM roles_and_users\n
-<dtml-var sql_delimiter>\n
-INSERT INTO roles_and_users (uid, allowedRolesAndUsers) VALUES\n
-<dtml-in prefix="role" expr="ERP5Site_getSecurityUidListForRecreateTable()">\n
-(<dtml-sqlvar sequence-key type="int">,<dtml-sqlvar expr="role_item" type="string">)<dtml-if sequence-end><dtml-else>,</dtml-if>\n
-</dtml-in>
-
-]]></string> </value>
-        </item>
         <item>
             <key> <string>title</string> </key>
             <value> <string></string> </value>

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_administration/z_search_unindexed_security_uid.sql

+select 
+  distinct catalog.security_uid, path, portal_type, uid  
+
+from 
+  catalog 
+
+where 
+  portal_type != "Business Template" 
+  and path not like "deleted" 
+  and not exists (
+     select  
+       roles_and_users.uid 
+     from 
+       roles_and_users 
+    where 
+       catalog.security_uid = roles_and_users.uid
+    )
\ No newline at end of file

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_administration/z_search_unindexed_security_uid.xml

@@ -97,26 +97,6 @@
             <key> <string>id</string> </key>
             <value> <string>z_search_unindexed_security_uid</string> </value>
         </item>
-        <item>
-            <key> <string>src</string> </key>
-            <value> <string>select \n
-  distinct catalog.security_uid, path, portal_type, uid  \n
-\n
-from \n
-  catalog \n
-\n
-where \n
-  portal_type != "Business Template" \n
-  and path not like "deleted" \n
-  and not exists (\n
-     select  \n
-       roles_and_users.uid \n
-     from \n
-       roles_and_users \n
-    where \n
-       catalog.security_uid = roles_and_users.uid\n
-    )</string> </value>
-        </item>
         <item>
             <key> <string>title</string> </key>
             <value> <string></string> </value>

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/ComputerType_getSecurityCategoryFromAllocationScope.py

+# XXX For now, this script requires proxy manager
+
+# base_category_list : list of category values we need to retrieve
+# user_name : string obtained from getSecurityManager().getUser().getUserName() [NuxUserGroup]
+#             or from getSecurityManager().getUser().getId() [PluggableAuthService with ERP5GroupManager]
+# object : object which we want to assign roles to.
+# portal_type : portal type of object
+
+# must always return a list of dicts
+
+if obj is None:
+  return []
+
+portal = obj.getPortalObject()
+computer = obj
+
+category_list = []
+
+scope = computer.getAllocationScope()
+if scope == 'open/public':
+  return {"Auditor": ["R-SHADOW-PERSON"]}
+elif scope == 'open/personal':
+  person = computer.getSourceAdministrationValue(portal_type="Person")
+  if person is not None:
+    return {"Auditor": ["SHADOW-%s" % person.getReference()]}
+elif scope == 'open/friend':
+  person_list = computer.getDestinationSectionValueList(portal_type="Person")
+  if person_list:
+    return {"Auditor": ["SHADOW-%s" % x.getReference() for x in person_list]}
+
+return category_list

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/ComputerType_getSecurityCategoryFromAllocationScope.xml

@@ -48,41 +48,6 @@
               </object>
             </value>
         </item>
-        <item>
-            <key> <string>_body</string> </key>
-            <value> <string># XXX For now, this script requires proxy manager\n
-\n
-# base_category_list : list of category values we need to retrieve\n
-# user_name : string obtained from getSecurityManager().getUser().getUserName() [NuxUserGroup]\n
-#             or from getSecurityManager().getUser().getId() [PluggableAuthService with ERP5GroupManager]\n
-# object : object which we want to assign roles to.\n
-# portal_type : portal type of object\n
-\n
-# must always return a list of dicts\n
-\n
-if obj is None:\n
-  return []\n
-\n
-portal = obj.getPortalObject()\n
-computer = obj\n
-\n
-category_list = []\n
-\n
-scope = computer.getAllocationScope()\n
-if scope == \'open/public\':\n
-  return {"Auditor": ["R-SHADOW-PERSON"]}\n
-elif scope == \'open/personal\':\n
-  person = computer.getSourceAdministrationValue(portal_type="Person")\n
-  if person is not None:\n
-    return {"Auditor": ["SHADOW-%s" % person.getReference()]}\n
-elif scope == \'open/friend\':\n
-  person_list = computer.getDestinationSectionValueList(portal_type="Person")\n
-  if person_list:\n
-    return {"Auditor": ["SHADOW-%s" % x.getReference() for x in person_list]}\n
-\n
-return category_list\n
-</string> </value>
-        </item>
         <item>
             <key> <string>_params</string> </key>
             <value> <string>base_category_list, user_name, obj, portal_type</string> </value>

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/ERP5Site_viewWorklist.xml

@@ -2,7 +2,7 @@
 <ZopeData>
   <record id="1" aka="AAAAAAAAAAE=">
     <pickle>
-      <global name="Form" module="erp5.portal_type"/>
+      <global name="ERP5 Form" module="erp5.portal_type"/>
     </pickle>
     <pickle>
       <dictionary>

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/ERP5Type_acquireSecurityFromOwner.py

+"""
+WARNING: this script requires proxy manager
+
+This script tries to acquire category values from other objects
+
+base_category_list - list of category values we need to retrieve
+object             - object which we want to assign roles to.
+"""
+
+result_list = []
+user_name = object.Base_getOwnerId()
+
+# XXX Hardcoded role
+return {
+  'Assignee': [user_name],
+}

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/ERP5Type_acquireSecurityFromOwner.xml

@@ -48,26 +48,6 @@
               </object>
             </value>
         </item>
-        <item>
-            <key> <string>_body</string> </key>
-            <value> <string>"""\n
-WARNING: this script requires proxy manager\n
-\n
-This script tries to acquire category values from other objects\n
-\n
-base_category_list - list of category values we need to retrieve\n
-object             - object which we want to assign roles to.\n
-"""\n
-\n
-result_list = []\n
-user_name = object.Base_getOwnerId()\n
-\n
-# XXX Hardcoded role\n
-return {\n
-  \'Assignee\': [user_name],\n
-}\n
-</string> </value>
-        </item>
         <item>
             <key> <string>_params</string> </key>
             <value> <string>base_category_list, user_name, object, portal_type</string> </value>

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/ERP5Type_getSecurityCategoryFromAggregateRelatedSoftwareInstanceHostingSubscription.py

+"""This scripts set ups role of aggregate related Software Instance
+
+This is simple implementation, instead of generic related category with portal type,
+which would not be configurable in Role Definition anyway."""
+
+category_list = []
+
+if obj is None:
+  return []
+
+software_instance_list = obj.getPortalObject().portal_catalog(
+  portal_type='Software Instance',
+  default_aggregate_uid=obj.getUid(),
+  limit=2
+)
+
+if len(software_instance_list) == 1:
+  hosting_subscription = software_instance_list[0].getSpecialise(portal_type='Hosting Subscription')
+  for base_category in base_category_list:
+    category_list.append({base_category: hosting_subscription})
+
+return category_list

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/ERP5Type_getSecurityCategoryFromAggregateRelatedSoftwareInstanceHostingSubscription.xml

@@ -48,32 +48,6 @@
               </object>
             </value>
         </item>
-        <item>
-            <key> <string>_body</string> </key>
-            <value> <string>"""This scripts set ups role of aggregate related Software Instance\n
-\n
-This is simple implementation, instead of generic related category with portal type,\n
-which would not be configurable in Role Definition anyway."""\n
-\n
-category_list = []\n
-\n
-if obj is None:\n
-  return []\n
-\n
-software_instance_list = obj.getPortalObject().portal_catalog(\n
-  portal_type=\'Software Instance\',\n
-  default_aggregate_uid=obj.getUid(),\n
-  limit=2\n
-)\n
-\n
-if len(software_instance_list) == 1:\n
-  hosting_subscription = software_instance_list[0].getSpecialise(portal_type=\'Hosting Subscription\')\n
-  for base_category in base_category_list:\n
-    category_list.append({base_category: hosting_subscription})\n
-\n
-return category_list\n
-</string> </value>
-        </item>
         <item>
             <key> <string>_params</string> </key>
             <value> <string>base_category_list, user_name, obj, portal_type</string> </value>

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/ERP5Type_getSecurityCategoryFromContentParent.py

+"""
+This script returns a list of dictionaries which represent
+the security groups which a person is member of. It extracts
+the categories from the current content. It is useful in the
+following cases:
+
+- calculate a security group based on a given
+  category of the current object (ex. group). This
+  is used for example in ERP5 DMS to calculate
+  document security.
+
+- assign local roles to a document based on
+  the person which the object related to through
+  a given base category (ex. destination). This
+  is used for example in ERP5 Project to calculate
+  Task / Task Report security.
+
+The parameters are
+
+  base_category_list -- list of category values we need to retrieve
+  user_name          -- string obtained from getSecurityManager().getUser().getId()
+  object             -- object which we want to assign roles to
+  portal_type        -- portal type of object
+
+NOTE: for now, this script requires proxy manager
+"""
+
+category_list = []
+
+if obj is None:
+  return []
+
+for base_category in base_category_list:
+  category_list.append({base_category: [x.getParentValue().getRelativeUrl() for x in obj.getValueList(base_category)]})
+
+return category_list

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/ERP5Type_getSecurityCategoryFromContentParent.xml

@@ -48,46 +48,6 @@
               </object>
             </value>
         </item>
-        <item>
-            <key> <string>_body</string> </key>
-            <value> <string>"""\n
-This script returns a list of dictionaries which represent\n
-the security groups which a person is member of. It extracts\n
-the categories from the current content. It is useful in the\n
-following cases:\n
-\n
-- calculate a security group based on a given\n
-  category of the current object (ex. group). This\n
-  is used for example in ERP5 DMS to calculate\n
-  document security.\n
-\n
-- assign local roles to a document based on\n
-  the person which the object related to through\n
-  a given base category (ex. destination). This\n
-  is used for example in ERP5 Project to calculate\n
-  Task / Task Report security.\n
-\n
-The parameters are\n
-\n
-  base_category_list -- list of category values we need to retrieve\n
-  user_name          -- string obtained from getSecurityManager().getUser().getId()\n
-  object             -- object which we want to assign roles to\n
-  portal_type        -- portal type of object\n
-\n
-NOTE: for now, this script requires proxy manager\n
-"""\n
-\n
-category_list = []\n
-\n
-if obj is None:\n
-  return []\n
-\n
-for base_category in base_category_list:\n
-  category_list.append({base_category: [x.getParentValue().getRelativeUrl() for x in obj.getValueList(base_category)]})\n
-\n
-return category_list\n
-</string> </value>
-        </item>
         <item>
             <key> <string>_params</string> </key>
             <value> <string>base_category_list, user_name, obj, portal_type</string> </value>

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/ERP5Type_getSecurityCategoryMapping.py

+"""
+Core security script - defines the way to get security groups of the current user.
+
+WARNING: providing such script in erp5_dms could be dangerous
+if this conflicts with an existing production site which uses
+deprecated ERP5Type_asSecurityGroupIdList
+"""
+
+return (
+  # Person security
+  ('ERP5Type_getSecurityCategoryFromAssignment', ['group']),
+  ('ERP5Type_getSecurityCategoryFromAssignment', ['role']),
+
+  # Computer security
+  ('ERP5Type_getComputerSecurityCategory', ['role']),
+
+  # Instance security
+  ('ERP5Type_getSoftwareInstanceSecurityCategory', ['role']),
+  ('ERP5Type_getSoftwareInstanceSecurityCategory', ['aggregate']),
+
+)

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/ERP5Type_getSecurityCategoryMapping.xml

@@ -48,31 +48,6 @@
               </object>
             </value>
         </item>
-        <item>
-            <key> <string>_body</string> </key>
-            <value> <string>"""\n
-Core security script - defines the way to get security groups of the current user.\n
-\n
-WARNING: providing such script in erp5_dms could be dangerous\n
-if this conflicts with an existing production site which uses\n
-deprecated ERP5Type_asSecurityGroupIdList\n
-"""\n
-\n
-return (\n
-  # Person security\n
-  (\'ERP5Type_getSecurityCategoryFromAssignment\', [\'group\']),\n
-  (\'ERP5Type_getSecurityCategoryFromAssignment\', [\'role\']),\n
-\n
-  # Computer security\n
-  (\'ERP5Type_getComputerSecurityCategory\', [\'role\']),\n
-\n
-  # Instance security\n
-  (\'ERP5Type_getSoftwareInstanceSecurityCategory\', [\'role\']),\n
-  (\'ERP5Type_getSoftwareInstanceSecurityCategory\', [\'aggregate\']),\n
-\n
-)\n
-</string> </value>
-        </item>
         <item>
             <key> <string>_params</string> </key>
             <value> <string></string> </value>

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/InstanceType_getSecurityCategoryFromUser.py

+"""
+This script returns a list of dictionaries which represent
+the security groups which a person is member of. It extracts
+the categories from the current content. It is useful in the
+following cases:
+
+- calculate a security group based on a given
+  category of the current object (ex. group). This
+  is used for example in ERP5 DMS to calculate
+  document security.
+
+- assign local roles to a document based on
+  the person which the object related to through
+  a given base category (ex. destination). This
+  is used for example in ERP5 Project to calculate
+  Task / Task Report security.
+
+The parameters are
+
+  base_category_list -- list of category values we need to retrieve
+  user_name          -- string obtained from getSecurityManager().getUser().getId()
+  object             -- object which we want to assign roles to
+  portal_type        -- portal type of object
+
+NOTE: for now, this script requires proxy manager
+"""
+
+category_list = []
+
+if obj is None:
+  return []
+
+hosting_subscription = obj.getSpecialiseValue(portal_type="Hosting Subscription")
+if hosting_subscription is not None:
+  person = hosting_subscription.getDestinationSectionValue(portal_type="Person")
+  if person is not None:
+
+    for base_category in base_category_list:
+      category_list.append({base_category: [person.getRelativeUrl()]})
+
+return category_list

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/InstanceType_getSecurityCategoryFromUser.xml

@@ -48,51 +48,6 @@
               </object>
             </value>
         </item>
-        <item>
-            <key> <string>_body</string> </key>
-            <value> <string>"""\n
-This script returns a list of dictionaries which represent\n
-the security groups which a person is member of. It extracts\n
-the categories from the current content. It is useful in the\n
-following cases:\n
-\n
-- calculate a security group based on a given\n
-  category of the current object (ex. group). This\n
-  is used for example in ERP5 DMS to calculate\n
-  document security.\n
-\n
-- assign local roles to a document based on\n
-  the person which the object related to through\n
-  a given base category (ex. destination). This\n
-  is used for example in ERP5 Project to calculate\n
-  Task / Task Report security.\n
-\n
-The parameters are\n
-\n
-  base_category_list -- list of category values we need to retrieve\n
-  user_name          -- string obtained from getSecurityManager().getUser().getId()\n
-  object             -- object which we want to assign roles to\n
-  portal_type        -- portal type of object\n
-\n
-NOTE: for now, this script requires proxy manager\n
-"""\n
-\n
-category_list = []\n
-\n
-if obj is None:\n
-  return []\n
-\n
-hosting_subscription = obj.getSpecialiseValue(portal_type="Hosting Subscription")\n
-if hosting_subscription is not None:\n
-  person = hosting_subscription.getDestinationSectionValue(portal_type="Person")\n
-  if person is not None:\n
-\n
-    for base_category in base_category_list:\n
-      category_list.append({base_category: [person.getRelativeUrl()]})\n
-\n
-return category_list\n
-</string> </value>
-        </item>
         <item>
             <key> <string>_params</string> </key>
             <value> <string>base_category_list, user_name, obj, portal_type</string> </value>

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/PartitionType_getSecurityCategoryFromUser.py

+"""
+This script returns a list of dictionaries which represent
+the security groups which a person is member of. It extracts
+the categories from the current content. It is useful in the
+following cases:
+
+- calculate a security group based on a given
+  category of the current object (ex. group). This
+  is used for example in ERP5 DMS to calculate
+  document security.
+
+- assign local roles to a document based on
+  the person which the object related to through
+  a given base category (ex. destination). This
+  is used for example in ERP5 Project to calculate
+  Task / Task Report security.
+
+The parameters are
+
+  base_category_list -- list of category values we need to retrieve
+  user_name          -- string obtained from getSecurityManager().getUser().getId()
+  object             -- object which we want to assign roles to
+  portal_type        -- portal type of object
+
+NOTE: for now, this script requires proxy manager
+"""
+
+category_list = []
+
+if obj is None:
+  return []
+
+partition = obj
+for instance in partition.getPortalObject().portal_catalog(
+    portal_type=["Software Instance", "Slave Instance"],
+    validation_state="validated",
+    default_aggregate_uid=partition.getUid()):
+  if instance is not None:
+    hosting_subscription = instance.getSpecialiseValue(portal_type="Hosting Subscription")
+    if hosting_subscription is not None:
+      person = hosting_subscription.getDestinationSectionValue(portal_type="Person")
+      if person is not None:
+        for base_category in base_category_list:
+          category_list.append({base_category: [person.getRelativeUrl()]})
+
+return category_list

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/PartitionType_getSecurityCategoryFromUser.xml

@@ -48,56 +48,6 @@
               </object>
             </value>
         </item>
-        <item>
-            <key> <string>_body</string> </key>
-            <value> <string>"""\n
-This script returns a list of dictionaries which represent\n
-the security groups which a person is member of. It extracts\n
-the categories from the current content. It is useful in the\n
-following cases:\n
-\n
-- calculate a security group based on a given\n
-  category of the current object (ex. group). This\n
-  is used for example in ERP5 DMS to calculate\n
-  document security.\n
-\n
-- assign local roles to a document based on\n
-  the person which the object related to through\n
-  a given base category (ex. destination). This\n
-  is used for example in ERP5 Project to calculate\n
-  Task / Task Report security.\n
-\n
-The parameters are\n
-\n
-  base_category_list -- list of category values we need to retrieve\n
-  user_name          -- string obtained from getSecurityManager().getUser().getId()\n
-  object             -- object which we want to assign roles to\n
-  portal_type        -- portal type of object\n
-\n
-NOTE: for now, this script requires proxy manager\n
-"""\n
-\n
-category_list = []\n
-\n
-if obj is None:\n
-  return []\n
-\n
-partition = obj\n
-for instance in partition.getPortalObject().portal_catalog(\n
-    portal_type=["Software Instance", "Slave Instance"],\n
-    validation_state="validated",\n
-    default_aggregate_uid=partition.getUid()):\n
-  if instance is not None:\n
-    hosting_subscription = instance.getSpecialiseValue(portal_type="Hosting Subscription")\n
-    if hosting_subscription is not None:\n
-      person = hosting_subscription.getDestinationSectionValue(portal_type="Person")\n
-      if person is not None:\n
-        for base_category in base_category_list:\n
-          category_list.append({base_category: [person.getRelativeUrl()]})\n
-\n
-return category_list\n
-</string> </value>
-        </item>
         <item>
             <key> <string>_params</string> </key>
             <value> <string>base_category_list, user_name, obj, portal_type</string> </value>

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/PaymentTransactionType_getSecurityCategoryFromUser.py

+"""
+This script returns a list of dictionaries which represent
+the security groups which a person is member of. It extracts
+the categories from the current content. It is useful in the
+following cases:
+
+- calculate a security group based on a given
+  category of the current object (ex. group). This
+  is used for example in ERP5 DMS to calculate
+  document security.
+
+- assign local roles to a document based on
+  the person which the object related to through
+  a given base category (ex. destination). This
+  is used for example in ERP5 Project to calculate
+  Task / Task Report security.
+
+The parameters are
+
+  base_category_list -- list of category values we need to retrieve
+  user_name          -- string obtained from getSecurityManager().getUser().getId()
+  object             -- object which we want to assign roles to
+  portal_type        -- portal type of object
+
+NOTE: for now, this script requires proxy manager
+"""
+
+category_list = []
+
+if obj is None:
+  return []
+
+person = obj.getDestinationSectionValue(portal_type="Person")
+if person is not None:
+  for base_category in base_category_list:
+    return {"Auditor": ["SHADOW-%s" % person.getReference()]}
+
+return category_list

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/PaymentTransactionType_getSecurityCategoryFromUser.xml

@@ -48,48 +48,6 @@
               </object>
             </value>
         </item>
-        <item>
-            <key> <string>_body</string> </key>
-            <value> <string>"""\n
-This script returns a list of dictionaries which represent\n
-the security groups which a person is member of. It extracts\n
-the categories from the current content. It is useful in the\n
-following cases:\n
-\n
-- calculate a security group based on a given\n
-  category of the current object (ex. group). This\n
-  is used for example in ERP5 DMS to calculate\n
-  document security.\n
-\n
-- assign local roles to a document based on\n
-  the person which the object related to through\n
-  a given base category (ex. destination). This\n
-  is used for example in ERP5 Project to calculate\n
-  Task / Task Report security.\n
-\n
-The parameters are\n
-\n
-  base_category_list -- list of category values we need to retrieve\n
-  user_name          -- string obtained from getSecurityManager().getUser().getId()\n
-  object             -- object which we want to assign roles to\n
-  portal_type        -- portal type of object\n
-\n
-NOTE: for now, this script requires proxy manager\n
-"""\n
-\n
-category_list = []\n
-\n
-if obj is None:\n
-  return []\n
-\n
-person = obj.getDestinationSectionValue(portal_type="Person")\n
-if person is not None:\n
-  for base_category in base_category_list:\n
-    return {"Auditor": ["SHADOW-%s" % person.getReference()]}\n
-\n
-return category_list\n
-</string> </value>
-        </item>
         <item>
             <key> <string>_params</string> </key>
             <value> <string>base_category_list, user_name, obj, portal_type</string> </value>

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/PayzenEventType_getSecurityCategoryFromUser.py

+"""
+This script returns a list of dictionaries which represent
+the security groups which a person is member of. It extracts
+the categories from the current content. It is useful in the
+following cases:
+
+- calculate a security group based on a given
+  category of the current object (ex. group). This
+  is used for example in ERP5 DMS to calculate
+  document security.
+
+- assign local roles to a document based on
+  the person which the object related to through
+  a given base category (ex. destination). This
+  is used for example in ERP5 Project to calculate
+  Task / Task Report security.
+
+The parameters are
+
+  base_category_list -- list of category values we need to retrieve
+  user_name          -- string obtained from getSecurityManager().getUser().getId()
+  object             -- object which we want to assign roles to
+  portal_type        -- portal type of object
+
+NOTE: for now, this script requires proxy manager
+"""
+
+category_list = []
+
+if obj is None:
+  return []
+
+person = obj.getDestinationSectionValue(portal_type="Person")
+if person is not None:
+  for base_category in base_category_list:
+    return {"Assignee": ["SHADOW-%s" % person.getReference()]}
+
+return category_list

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/PayzenEventType_getSecurityCategoryFromUser.xml

@@ -48,48 +48,6 @@
               </object>
             </value>
         </item>
-        <item>
-            <key> <string>_body</string> </key>
-            <value> <string>"""\n
-This script returns a list of dictionaries which represent\n
-the security groups which a person is member of. It extracts\n
-the categories from the current content. It is useful in the\n
-following cases:\n
-\n
-- calculate a security group based on a given\n
-  category of the current object (ex. group). This\n
-  is used for example in ERP5 DMS to calculate\n
-  document security.\n
-\n
-- assign local roles to a document based on\n
-  the person which the object related to through\n
-  a given base category (ex. destination). This\n
-  is used for example in ERP5 Project to calculate\n
-  Task / Task Report security.\n
-\n
-The parameters are\n
-\n
-  base_category_list -- list of category values we need to retrieve\n
-  user_name          -- string obtained from getSecurityManager().getUser().getId()\n
-  object             -- object which we want to assign roles to\n
-  portal_type        -- portal type of object\n
-\n
-NOTE: for now, this script requires proxy manager\n
-"""\n
-\n
-category_list = []\n
-\n
-if obj is None:\n
-  return []\n
-\n
-person = obj.getDestinationSectionValue(portal_type="Person")\n
-if person is not None:\n
-  for base_category in base_category_list:\n
-    return {"Assignee": ["SHADOW-%s" % person.getReference()]}\n
-\n
-return category_list\n
-</string> </value>
-        </item>
         <item>
             <key> <string>_params</string> </key>
             <value> <string>base_category_list, user_name, obj, portal_type</string> </value>

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/PersonType_getSecurityCategoryFromSelfShadow.py

+"""
+This script returns a list of dictionaries which represent
+the security groups which a person is member of. It extracts
+the categories from the current content and associates
+it to a given base_category. It is useful in the
+following cases:
+
+- calculate a security group based current object 
+  in the context of a base category (ex. source_project).
+  This is used for example in ERP5 DMS to calculate
+  project security.
+
+The parameters are
+
+  base_category_list -- list of category values we need to retrieve
+  user_name          -- string obtained from getSecurityManager().getUser().getId()
+  object             -- object which we want to assign roles to
+  portal_type        -- portal type of object
+
+NOTE: for now, this script requires proxy manager
+"""
+
+category_list = []
+
+if obj is None:
+  return []
+
+return {'Auditor': ['SHADOW-%s' % obj.getReference()]}

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/PersonType_getSecurityCategoryFromSelfShadow.xml

@@ -48,38 +48,6 @@
               </object>
             </value>
         </item>
-        <item>
-            <key> <string>_body</string> </key>
-            <value> <string>"""\n
-This script returns a list of dictionaries which represent\n
-the security groups which a person is member of. It extracts\n
-the categories from the current content and associates\n
-it to a given base_category. It is useful in the\n
-following cases:\n
-\n
-- calculate a security group based current object \n
-  in the context of a base category (ex. source_project).\n
-  This is used for example in ERP5 DMS to calculate\n
-  project security.\n
-\n
-The parameters are\n
-\n
-  base_category_list -- list of category values we need to retrieve\n
-  user_name          -- string obtained from getSecurityManager().getUser().getId()\n
-  object             -- object which we want to assign roles to\n
-  portal_type        -- portal type of object\n
-\n
-NOTE: for now, this script requires proxy manager\n
-"""\n
-\n
-category_list = []\n
-\n
-if obj is None:\n
-  return []\n
-\n
-return {\'Auditor\': [\'SHADOW-%s\' % obj.getReference()]}\n
-</string> </value>
-        </item>
         <item>
             <key> <string>_params</string> </key>
             <value> <string>base_category_list, user_name, obj, portal_type</string> </value>

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/SlaveInstanceType_getSecurityCategoryFromSoftwareInstance.py

+"""
+This script returns a list of dictionaries which represent
+the security groups which a person is member of. It extracts
+the categories from the current content. It is useful in the
+following cases:
+
+- calculate a security group based on a given
+  category of the current object (ex. group). This
+  is used for example in ERP5 DMS to calculate
+  document security.
+
+- assign local roles to a document based on
+  the person which the object related to through
+  a given base category (ex. destination). This
+  is used for example in ERP5 Project to calculate
+  Task / Task Report security.
+
+The parameters are
+
+  base_category_list -- list of category values we need to retrieve
+  user_name          -- string obtained from getSecurityManager().getUser().getId()
+  object             -- object which we want to assign roles to
+  portal_type        -- portal type of object
+
+NOTE: for now, this script requires proxy manager
+"""
+
+category_list = []
+
+if obj is None:
+  return []
+
+partition = obj.getAggregateValue(portal_type="Computer Partition")
+if partition is not None:
+  software_instance = partition.getPortalObject().portal_catalog.getResultValue(
+    portal_type="Software Instance", validation_state="validated", default_aggregate_uid=partition.getUid())
+  if software_instance is not None:
+    for base_category in base_category_list:
+      category_list.append({base_category: [software_instance.getRelativeUrl()]})
+
+return category_list

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/SlaveInstanceType_getSecurityCategoryFromSoftwareInstance.xml

@@ -48,51 +48,6 @@
               </object>
             </value>
         </item>
-        <item>
-            <key> <string>_body</string> </key>
-            <value> <string>"""\n
-This script returns a list of dictionaries which represent\n
-the security groups which a person is member of. It extracts\n
-the categories from the current content. It is useful in the\n
-following cases:\n
-\n
-- calculate a security group based on a given\n
-  category of the current object (ex. group). This\n
-  is used for example in ERP5 DMS to calculate\n
-  document security.\n
-\n
-- assign local roles to a document based on\n
-  the person which the object related to through\n
-  a given base category (ex. destination). This\n
-  is used for example in ERP5 Project to calculate\n
-  Task / Task Report security.\n
-\n
-The parameters are\n
-\n
-  base_category_list -- list of category values we need to retrieve\n
-  user_name          -- string obtained from getSecurityManager().getUser().getId()\n
-  object             -- object which we want to assign roles to\n
-  portal_type        -- portal type of object\n
-\n
-NOTE: for now, this script requires proxy manager\n
-"""\n
-\n
-category_list = []\n
-\n
-if obj is None:\n
-  return []\n
-\n
-partition = obj.getAggregateValue(portal_type="Computer Partition")\n
-if partition is not None:\n
-  software_instance = partition.getPortalObject().portal_catalog.getResultValue(\n
-    portal_type="Software Instance", validation_state="validated", default_aggregate_uid=partition.getUid())\n
-  if software_instance is not None:\n
-    for base_category in base_category_list:\n
-      category_list.append({base_category: [software_instance.getRelativeUrl()]})\n
-\n
-return category_list\n
-</string> </value>
-        </item>
         <item>
             <key> <string>_params</string> </key>
             <value> <string>base_category_list, user_name, obj, portal_type</string> </value>

master/bt5/slapos_erp5/WorkflowTemplateItem/portal_workflow/local_permission_slapos_interaction_workflow/scripts/Base_recursiveReindexObject.py

+state_change['object'].recursiveReindexObject()

master/bt5/slapos_erp5/WorkflowTemplateItem/portal_workflow/local_permission_slapos_interaction_workflow/scripts/Base_recursiveReindexObject.xml

@@ -48,11 +48,6 @@
               </object>
             </value>
         </item>
-        <item>
-            <key> <string>_body</string> </key>
-            <value> <string>state_change[\'object\'].recursiveReindexObject()\n
-</string> </value>
-        </item>
         <item>
             <key> <string>_params</string> </key>
             <value> <string>state_change</string> </value>

master/bt5/slapos_erp5/WorkflowTemplateItem/portal_workflow/local_permission_slapos_interaction_workflow/scripts/Base_updateAllLocalRoles.py

+"""
+This script updates all local roles on the object. It requires Assignor
+proxy role since it may be called by owner in draft state.
+"""
+state_change['object'].updateLocalRolesOnSecurityGroups()

master/bt5/slapos_erp5/WorkflowTemplateItem/portal_workflow/local_permission_slapos_interaction_workflow/scripts/Base_updateAllLocalRoles.xml

@@ -48,15 +48,6 @@
               </object>
             </value>
         </item>
-        <item>
-            <key> <string>_body</string> </key>
-            <value> <string>"""\n
-This script updates all local roles on the object. It requires Assignor\n
-proxy role since it may be called by owner in draft state.\n
-"""\n
-state_change[\'object\'].updateLocalRolesOnSecurityGroups()\n
-</string> </value>
-        </item>
         <item>
             <key> <string>_params</string> </key>
             <value> <string>state_change</string> </value>

master/bt5/slapos_erp5/WorkflowTemplateItem/portal_workflow/local_permission_slapos_interaction_workflow/scripts/SoftwareInstance_updateComputerPartitionLocalRoles.py

+portal_type_list = ['Computer Partition']
+software_instance = state_change['object']
+after_tag = (software_instance.getPath(), ('immediateReindexObject', 'recursiveImmediateReindexObject'))
+for object_ in software_instance.getAggregateValueList(portal_type=portal_type_list):
+  object_.activate(after_path_and_method_id=after_tag).updateLocalRolesOnSecurityGroups()

master/bt5/slapos_erp5/WorkflowTemplateItem/portal_workflow/local_permission_slapos_interaction_workflow/scripts/SoftwareInstance_updateComputerPartitionLocalRoles.xml

@@ -48,15 +48,6 @@
               </object>
             </value>
         </item>
-        <item>
-            <key> <string>_body</string> </key>
-            <value> <string>portal_type_list = [\'Computer Partition\']\n
-software_instance = state_change[\'object\']\n
-after_tag = (software_instance.getPath(), (\'immediateReindexObject\', \'recursiveImmediateReindexObject\'))\n
-for object_ in software_instance.getAggregateValueList(portal_type=portal_type_list):\n
-  object_.activate(after_path_and_method_id=after_tag).updateLocalRolesOnSecurityGroups()\n
-</string> </value>
-        </item>
         <item>
             <key> <string>_params</string> </key>
             <value> <string>state_change</string> </value>