Base, WebSection, Sound, OOoDocumentExtensibleTraversableMixin: set Cache-Control header in 304 Not Modified response case as well.

- Use portal_status_level when redirecting
- Check that password and confirmation match
- Fix  wrong argument name `password_confirmation` sometimes used

See merge request nexedi/erp5!1792

If mapping is not a dict, we store a message that would fail later when
being viewed, typically breaking History tab when used in workflow
history.

Instead of displaying the same ImportError without any detail for both
cases of a non existant module or of an existing module which cause
error during import, improve the second case by displaying a different
message containing the original traceback.

The pattern of using > will start by erasing the file, so if mysqldump
does not run to completion developer will loose the previous dump, but
in such case, that previous dump was better than nothing.

User is usually interested by last movement in stock, not by several
months/years old movement. Thus display first fresh movement, and user
could then go to next pages to see oldest movements if needed.

nexedi/erp5@21f85a6f
added zope2 compatibility, but nexedi/erp5@21f85a6f (comment 180420) noted
the given assumption isn't true, which is why fixup commit nexedi/erp5@7a2c616e was
added. But nexedi/erp5@21f85a6f (comment 184548) noted
that nexedi/erp5@7a2c616e missed one case,
which is why this fixup commit is added. Now everything should be ok.

Because these two plugins implement the refresh of the authentication
token (unlike the facebook plugin), we can use a longer cache here.
With the previous value of 1 day, when not using the site for more than
1 day, token would expire from cache and user have to authenticate again.
Because the scenario of "access is revoked from authorization server"
is handled by refreshing the access token, we can use a longer duration
here, so that user do not have to login again after not using for two
days.

After server restarts, mariadb uses an error 1927 which is mariadb
specific, with no corresponding constant in CR module when server
restart. This is the case at least with mariadb 10.3.38.

This fix the following problem:
 - start zope and use mariadb connection
 - restart mariadb
 - use mariadb connection again, see an error:
    Error Type: OperationalError
    Error Value: (1927, 'Connection was killed')

This change to treat 1927 as an error for which we can reconnect and
retry the query. Some other connectors do it, for example sqlalchemy in
https://github.com/sqlalchemy/sqlalchemy/issues/5493

This prevents tracebacks during shutdown:

  Unhandled exception in thread started by <bound method Thread.__bootstrap of <Thread(Thread-1, stopped daemon 139820471113472)>>
  Traceback (most recent call last):
    File "soft/lib/python2.7/threading.py", line 774, in __bootstrap
      self.__bootstrap_inner()
    File "soft/lib/python2.7/threading.py", line 814, in __bootstrap_inner
      (self.name, _format_exc()))
    File "soft/lib/python2.7/traceback.py", line 242, in format_exc
      return ''.join(format_exception(etype, value, tb, limit))
    File "soft/lib/python2.7/traceback.py", line 141, in format_exception
      list = list + format_tb(tb, limit)
    File "soft/lib/python2.7/traceback.py", line 76, in format_tb
      return format_list(extract_tb(tb, limit))
    File "soft/lib/python2.7/traceback.py", line 100, in extract_tb
      linecache.checkcache(filename)
  TypeError: 'NoneType' object is not callable

Also rename the method because this is not longer *Z*server.

This waitress close() API is not public part of API, so we still ignore
the case where the server thread does not stop after 5 seconds. This
happens if some HTTP connections are still open at the end of test.

See merge request nexedi/erp5!1772

This is supposed to be catched by an external validator on the field,
but checking the one more time here supports custom dialogs where there
might not be form level validation.

to indicate success or failure

Also add a code comment about the changes from e50e45e4 (erp5_core:
Password Tool should not leak info on users, 2020-12-30), because while
looking at this code it seems there was a mistake here.

It was wrongly named password_confirmation in some places and this was
silently ignored because the parameter is not used at the moment and
because of **kw in the signature.

This is a preparatory commit so that we can check that the password and
the confirmation match

Rewrite to not use legacy "Sequence", some python3 fixes, use urllib
to assert URLs, use more consistent passwords.

Also extend coverage a bit: check that the email contains the key, check
that login lookup does not use catalog search syntax.

There is no zmi_icon on Zope2.

See merge request nexedi/erp5!1791

See merge request nexedi/erp5!1789

   This is expected that constraints can call getConstraintType() if they are filtered:

    return context.checkConsistency(fixit=1, filter={'constraint_type': 'post_upgrade'},)
  Module Products.ERP5Type.Core.Folder, line 1476, in checkConsistency
    error_list.extend(obj.fixConsistency(filter=filter, **kw))
  Module Products.ERP5Type.Base, line 2714, in fixConsistency
    return self.checkConsistency(fixit=True, filter=filter, **kw)
  Module Products.ERP5Type.Core.Folder, line 1476, in checkConsistency
    error_list.extend(obj.fixConsistency(filter=filter, **kw))
  Module Products.ERP5Type.Base, line 2714, in fixConsistency
    return self.checkConsistency(fixit=True, filter=filter, **kw)
  Module Products.ERP5Type.Core.Folder, line 1462, in checkConsistency
    **kw
  Module Products.ERP5Type.Base, line 2686, in checkConsistency
    for constraint_instance in self._filteredConstraintList(filter):
  Module Products.ERP5Type.Base, line 2739, in _filteredConstraintList
    constraints = [x for x in constraints if x.__of__(self).getConstraintType() in \
AttributeError: 'RequestContainer' object has no attribute 'getConstraintType'

   There is a missing "r" on the link, acording to apache documentation:

    Additionally you have to create symbolic links named hash-value.rN. And you should always make sure this directory contains the appropriate symbolic links.

    See: https://httpd.apache.org/docs/2.4/mod/mod_ssl.html

This reverts commit 89aa2a6b.
The assumption that FOR UPDATE was unnecessary is wrong: when SQLDict
reserves similar activities, it will race against these primo-reservations.
So this change actually opens the possibility for duplicate activity
reservation.
Revert this change until (hopefully) a better fix is implemented.

In case of network problems, the http requests made to google during
login may take too long and cause global unavailability of the ERP5
instance.

Today we saw in long request logs:

    2023-05-29 07:10:35,662 - Thread 140596157511424: Started on 1685336511.6; Running for 524.1 secs; Same.

oauth2client does not expose an API to set a timeout, but it allows
passing a custom http instance where we can set a timeout.

On Zope2 this method does not exist and this caused a test failure

======================================================================
FAIL: test_method_protection (testSecurity.TestSecurity)
----------------------------------------------------------------------
Traceback (most recent call last):
  File "parts/erp5/Products/ERP5/tests/testSecurity.py", line 110, in test_method_protection
    self.fail(message)
AssertionError:
The following 1 methods have a docstring but have no security assertions.
	parts/erp5/product/ERP5Type/patches/BTreeFolder2.py:111 manage_delAllObjects

See merge request nexedi/erp5!1786

To write a pid file so that logrotate can send us signals. This is
still needed for neo storage for now.

See nexedi/slapos!1395

Loading ZConfig will initialize storage and generally might do things
that will cause messages to be emitted.
One actual problem is with neo storage, which configure root logger
when it's not already configured [1], this was causing all logged
messages to be logged in the console when using neo storage.

1: https://lab.nexedi.com/nexedi/neoppod/blob/fd87e153/neo/lib/logger.py#L63-64

It is easy to see contents ordered by id by default in ERP5Site.

Protect data from human error. There are unbelievable mistakes. ERP5
is a place to store important data that must not be deleted easily.