[MERGE] Forward-port of latest 7.0 bugfixes, up to rev. 5139 rev-id: dle@openerp...

bzr revid: odo@openerp.com-20131120102545-2tlp031yib6viz35
bzr revid: chs@openerp.com-20131120161708-c8sbom592moukwxw
bzr revid: dle@openerp.com-20131121155457-lh7fzouk2upeiu16

diff --cc openerp/addons/base/currency_data.xml
Simple merge

diff --cc openerp/addons/base/ir/ir_attachment.py
Simple merge

diff --cc openerp/addons/base/ir/ir_translation.py
Simple merge

diff --cc openerp/addons/base/res/res_country_data.xml
Simple merge

diff --cc openerp/modules/loading.py
index 390ac77,311e00b..e4b9a04
--- 1/openerp/modules/loading.py
--- 2/openerp/modules/loading.py
+++ b/openerp/modules/loading.py
@@@ -340,7 -362,8 +340,7 @@@ def load_modules(db, force_demo=False, 
          if processed_modules:
              cr.execute("""select model,name from ir_model where id NOT IN (select distinct model_id from ir_model_access)""")
              for (model, name) in cr.fetchall():
-                 if model in registry and not registry[model].is_transient():
 -                model_obj = pool.get(model)
 -                if model_obj and not model_obj.is_transient() and not isinstance(model_obj, openerp.osv.orm.AbstractModel):
++                if model in registry and not registry[model].is_transient() and isinstance(registry[model], openerp.osv.orm.AbstractModel):
                      _logger.warning('The model %s has no access rules, consider adding one. E.g. access_%s,access_%s,model_%s,,1,1,1,1',
                          model, model.replace('.', '_'), model.replace('.', '_'), model.replace('.', '_'))
  

diff --cc openerp/modules/registry.py
Simple merge

diff --cc openerp/osv/orm.py
Simple merge

diff --cc openerp/tools/mail.py
index ff73a3e,b0605bf..97af274
--- 1/openerp/tools/mail.py
--- 2/openerp/tools/mail.py
+++ b/openerp/tools/mail.py
@@@ -58,45 -53,20 +58,47 @@@ def html_sanitize(src, silent=True)
      part = re.compile(r"(<(([^a<>]|a[^<>\s])[^<>]*)@[^<>]+>)", re.IGNORECASE | re.DOTALL)
      src = part.sub(lambda m: cgi.escape(m.group(1)), src)
  
 -    # some corner cases make the parser crash (such as <SCRIPT/XSS SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT> in test_mail)
 +    kwargs = {
 +        'page_structure': True,
 +        'style': False,             # do not remove style attributes
 +        'forms': True,              # remove form tags
 +        'remove_unknown_tags': False,
 +        'allow_tags': allowed_tags,
 +    }
 +    if etree.LXML_VERSION >= (2, 3, 1):
 +        # kill_tags attribute has been added in version 2.3.1
 +        kwargs.update({
 +            'kill_tags': tags_to_kill,
 +            'remove_tags': tags_to_remove,
 +        })
 +    else:
 +        kwargs['remove_tags'] = tags_to_kill + tags_to_remove
 +
 +    if etree.LXML_VERSION >= (3, 1, 0):
 +        kwargs.update({
 +            'safe_attrs_only': True,
 +            'safe_attrs': safe_attrs,
 +        })
 +    else:
 +        # lxml < 3.1.0 does not allow to specify safe_attrs. We keep all attributes in order to keep "style"
 +        kwargs['safe_attrs_only'] = False
 +
      try:
 -        cleaner = clean.Cleaner(page_structure=True, style=False, safe_attrs_only=False, forms=False, kill_tags=tags_to_kill, remove_tags=tags_to_remove)
 +        # some corner cases make the parser crash (such as <SCRIPT/XSS SRC=\"http://ha.ckers.org/xss.js\"></SCRIPT> in test_mail)
 +        cleaner = clean.Cleaner(**kwargs)
          cleaned = cleaner.clean_html(src)
-     except etree.ParserError:
 -    except TypeError:
 -        # lxml.clean version < 2.3.1 does not have a kill_tags attribute
 -        # to remove in 2014
 -        cleaner = clean.Cleaner(page_structure=True, style=False, safe_attrs_only=False, forms=False, remove_tags=tags_to_kill + tags_to_remove)
 -        cleaned = cleaner.clean_html(src)
 -    except Exception, e:
 -        if isinstance(e, etree.ParserError) and 'empty' in str(e):
 -            return ""
 -        _logger.warning('html_sanitize failed to parse %s' % (src))
 -        cleaned = '<p>Impossible to parse</p>'
++    except etree.ParserError, e:
++      if 'empty' in str(e):
++          return ""
 +        if not silent:
 +            raise
 +        logger.warning('ParserError obtained when sanitizing %r', src, exc_info=True)
 +        cleaned = '<p>ParserError when sanitizing</p>'
 +    except Exception:
 +        if not silent:
 +            raise
 +        logger.warning('unknown error obtained when sanitizing %r', src, exc_info=True)
 +        cleaned = '<p>Unknown error when sanitizing</p>'
      return cleaned