Roundup Tracker

If you want to retire a tracker but keep it around in readonly mode do the following:

  1. add the readonly.py detector to the detectors subdirectory of your tracker

This will raise an error when anybody (other than the admin user) tries to change the data. However users will get a display that allows editing. It will just be rejected upon submission.

To fix this issue is more work but involves changing the roles to a read only role (e.g. you may be able to use Anonymous). If you want a dedicated ReadOnly role:

  1. add a ReadOnly Role to the schema

  2. replace roles for all users except user1 (admin) with ReadOnly

all these changes happen in your tracker's home directory.

Install readonly detector

Put the following in the detectors/readonly.py file:

   1 from roundup.exceptions import Reject
   2 
   3 def readonly(db, cl, nodeid, newvalues):
   4     if db.getuid() == '1': # allow admin user to make changes
   5        return
   6     # if db.user.has_role(db.getuid(),"Admin"): # allow user with Admin role to make changes
   7     #    return
   8     raise Reject('Tracker is read-only. Changes are not allowed.')
   9 
  10 def init(db):
  11     return
  12     # Find every class and register a set and create auditor for it
  13     # that blocks changes.
  14     for db_classname in db.getclasses():
  15         db_class=db.getclass(db_classname)
  16         db_class.audit('create', readonly)

Once this is added and the tracker restarted, any attempt to edit or create a new item in the database will result in an error. Only the user with id 1 (admin) will be able to change objects.

It will still display issues and other object in edit mode (rather than view mode). To fix that you need to change the roles for all users to a role that only has read access. Usually the Anonymous role can be used for this, but you may need to create a new ReadOnly role before you change all the user roles.

Replace roles for all users with ReadOnly or Anonymous

You must create the ReadOnly role before you can use it. However in many cases the Anonymous role can be used to allow read only access to the tracker.

Do this using the roundup-admin command line and a little shell scripting. In the examples below demo is the home directory for the tracker. Change the ReadOnly role to Anonymous as needed.

This replaces the roles for all users with ReadOnly.

for id in `roundup-admin -i demo -s list user id`; do
  roundup-admin -i demo set user$id roles=ReadOnly
done
roundup-admin -i demo set user1 roles=Admin  # permit admin user to make changes via web

If you think you will need to revert the roles, dump the existing roles using:

 roundup-admin -i demo table user id,roles > roles.archive

This generates a table like:

Id Roles
1  Admin
2  Anonymous
3  User
4  Anonymous
5  Provisional User
6  User, Agent
7  User
...

which can be reapplied using:

while read id roles; do
  roundup-admin -i demo set user$id roles="$roles"
done < roles.archive

Add ReadOnly role to schema.py

If you can't use the Anonymous role for read only access, add

db.security.addRole(name="ReadOnly", description="User has no edit capability")
db.security.addPermissionToRole('ReadOnly', 'Web Access')

Then you need to set up proper View permissions for the objects in the database.


CategoryDetectors CategorySchema