122b87223635527cf3414295ba5a857db77aa391
1 ===================
2 Customising Roundup
3 ===================
5 :Version: $Revision: 1.70 $
7 .. This document borrows from the ZopeBook section on ZPT. The original is at:
8 http://www.zope.org/Documentation/Books/ZopeBook/current/ZPT.stx
10 .. contents::
11 :depth: 1
13 What You Can Do
14 ===============
16 Before you get too far, it's probably worth having a quick read of the Roundup
17 `design documentation`_.
19 Customisation of Roundup can take one of five forms:
21 1. `tracker configuration`_ file changes
22 2. database, or `tracker schema`_ changes
23 3. "definition" class `database content`_ changes
24 4. behavioural changes, through detectors_
25 5. `access controls`_
26 6. change the `web interface`_
28 The third case is special because it takes two distinctly different forms
29 depending upon whether the tracker has been initialised or not. The other two
30 may be done at any time, before or after tracker initialisation. Yes, this
31 includes adding or removing properties from classes.
34 Trackers in a Nutshell
35 ======================
37 Trackers have the following structure:
39 =================== ========================================================
40 Tracker File Description
41 =================== ========================================================
42 config.py Holds the basic `tracker configuration`_
43 dbinit.py Holds the `tracker schema`_
44 interfaces.py Defines the Web and E-Mail interfaces for the tracker
45 select_db.py Selects the database back-end for the tracker
46 db/ Holds the tracker's database
47 db/files/ Holds the tracker's upload files and messages
48 detectors/ Auditors and reactors for this tracker
49 html/ Web interface templates, images and style sheets
50 =================== ========================================================
52 Tracker Configuration
53 =====================
55 The config.py located in your tracker home contains the basic configuration
56 for the web and e-mail components of roundup's interfaces. As the name
57 suggests, this file is a Python module. This means that any valid python
58 expression may be used in the file. Mostly though, you'll be setting the
59 configuration variables to string values. Python string values must be quoted
60 with either single or double quotes::
62 'this is a string'
63 "this is also a string - use it when you have a 'single quote' in the value"
64 this is not a string - it's not quoted
66 Python strings may use formatting that's almost identical to C string
67 formatting. The ``%`` operator is used to perform the formatting, like so::
69 'roundup-admin@%s'%MAIL_DOMAIN
71 this will create a string ``'roundup-admin@tracker.domain.example'`` if
72 MAIL_DOMAIN is set to ``'tracker.domain.example'``.
74 You'll also note some values are set to::
76 os.path.join(TRACKER_HOME, 'db')
78 or similar. This creates a new string which holds the path to the "db"
79 directory in the TRACKER_HOME directory. This is just a convenience so if the
80 TRACKER_HOME changes you don't have to edit multiple valoues.
82 The configuration variables available are:
84 **TRACKER_HOME** - ``os.path.split(__file__)[0]``
85 The tracker home directory. The above default code will automatically
86 determine the tracker home for you, so you can just leave it alone.
88 **MAILHOST** - ``'localhost'``
89 The SMTP mail host that roundup will use to send e-mail.
91 **MAIL_DOMAIN** - ``'tracker.domain.example'``
92 The domain name used for email addresses.
94 **DATABASE** - ``os.path.join(TRACKER_HOME, 'db')``
95 This is the directory that the database is going to be stored in. By default
96 it is in the tracker home.
98 **TEMPLATES** - ``os.path.join(TRACKER_HOME, 'html')``
99 This is the directory that the HTML templates reside in. By default they are
100 in the tracker home.
102 **TRACKER_NAME** - ``'Roundup issue tracker'``
103 A descriptive name for your roundup tracker. This is sent out in e-mails and
104 appears in the heading of CGI pages.
106 **TRACKER_EMAIL** - ``'issue_tracker@%s'%MAIL_DOMAIN``
107 The email address that e-mail sent to roundup should go to. Think of it as the
108 tracker's personal e-mail address.
110 **TRACKER_WEB** - ``'http://tracker.example/cgi-bin/roundup.cgi/bugs/'``
111 The web address that the tracker is viewable at. This will be included in
112 information sent to users of the tracker. The URL **must** include the
113 cgi-bin part or anything else that is required to get to the home page of
114 the tracker. You **must** include a trailing '/' in the URL.
116 **ADMIN_EMAIL** - ``'roundup-admin@%s'%MAIL_DOMAIN``
117 The email address that roundup will complain to if it runs into trouble.
119 **EMAIL_FROM_TAG** - ``''``
120 Additional text to include in the "name" part of the ``From:`` address used
121 in nosy messages. If the sending user is "Foo Bar", the ``From:`` line is
122 usually::
123 "Foo Bar" <issue_tracker@tracker.example>
125 the EMAIL_FROM_TAG goes inside the "Foo Bar" quotes like so::
127 "Foo Bar EMAIL_FROM_TAG" <issue_tracker@tracker.example>
129 **MESSAGES_TO_AUTHOR** - ``'yes'`` or``'no'``
130 Send nosy messages to the author of the message.
132 **ADD_AUTHOR_TO_NOSY** - ``'new'``, ``'yes'`` or ``'no'``
133 Does the author of a message get placed on the nosy list automatically?
134 If ``'new'`` is used, then the author will only be added when a message
135 creates a new issue. If ``'yes'``, then the author will be added on followups
136 too. If ``'no'``, they're never added to the nosy.
138 **ADD_RECIPIENTS_TO_NOSY** - ``'new'``, ``'yes'`` or ``'no'``
139 Do the recipients (To:, Cc:) of a message get placed on the nosy list?
140 If ``'new'`` is used, then the recipients will only be added when a message
141 creates a new issue. If ``'yes'``, then the recipients will be added on
142 followups too. If ``'no'``, they're never added to the nosy.
144 **EMAIL_SIGNATURE_POSITION** - ``'top'``, ``'bottom'`` or ``'none'``
145 Where to place the email signature in messages that Roundup generates.
147 **EMAIL_KEEP_QUOTED_TEXT** - ``'yes'`` or ``'no'``
148 Keep email citations. Citations are the part of e-mail which the sender has
149 quoted in their reply to previous e-mail.
151 **EMAIL_LEAVE_BODY_UNCHANGED** - ``'no'``
152 Preserve the email body as is. Enabiling this will cause the entire message
153 body to be stored, including all citations and signatures. It should be
154 either ``'yes'`` or ``'no'``.
156 **MAIL_DEFAULT_CLASS** - ``'issue'`` or ``''``
157 Default class to use in the mailgw if one isn't supplied in email
158 subjects. To disable, comment out the variable below or leave it blank.
160 The default config.py is given below - as you
161 can see, the MAIL_DOMAIN must be edited before any interaction with the
162 tracker is attempted.::
164 # roundup home is this package's directory
165 TRACKER_HOME=os.path.split(__file__)[0]
167 # The SMTP mail host that roundup will use to send mail
168 MAILHOST = 'localhost'
170 # The domain name used for email addresses.
171 MAIL_DOMAIN = 'your.tracker.email.domain.example'
173 # This is the directory that the database is going to be stored in
174 DATABASE = os.path.join(TRACKER_HOME, 'db')
176 # This is the directory that the HTML templates reside in
177 TEMPLATES = os.path.join(TRACKER_HOME, 'html')
179 # A descriptive name for your roundup tracker
180 TRACKER_NAME = 'Roundup issue tracker'
182 # The email address that mail to roundup should go to
183 TRACKER_EMAIL = 'issue_tracker@%s'%MAIL_DOMAIN
185 # The web address that the tracker is viewable at. This will be included in
186 # information sent to users of the tracker. The URL MUST include the cgi-bin
187 # part or anything else that is required to get to the home page of the
188 # tracker. You MUST include a trailing '/' in the URL.
189 TRACKER_WEB = 'http://tracker.example/cgi-bin/roundup.cgi/bugs/'
191 # The email address that roundup will complain to if it runs into trouble
192 ADMIN_EMAIL = 'roundup-admin@%s'%MAIL_DOMAIN
194 # Additional text to include in the "name" part of the From: address used
195 # in nosy messages. If the sending user is "Foo Bar", the From: line is
196 # usually: "Foo Bar" <issue_tracker@tracker.example>
197 # the EMAIL_FROM_TAG goes inside the "Foo Bar" quotes like so:
198 # "Foo Bar EMAIL_FROM_TAG" <issue_tracker@tracker.example>
199 EMAIL_FROM_TAG = ""
201 # Send nosy messages to the author of the message
202 MESSAGES_TO_AUTHOR = 'no' # either 'yes' or 'no'
204 # Does the author of a message get placed on the nosy list automatically?
205 # If 'new' is used, then the author will only be added when a message
206 # creates a new issue. If 'yes', then the author will be added on followups
207 # too. If 'no', they're never added to the nosy.
208 ADD_AUTHOR_TO_NOSY = 'new' # one of 'yes', 'no', 'new'
210 # Do the recipients (To:, Cc:) of a message get placed on the nosy list?
211 # If 'new' is used, then the recipients will only be added when a message
212 # creates a new issue. If 'yes', then the recipients will be added on followups
213 # too. If 'no', they're never added to the nosy.
214 ADD_RECIPIENTS_TO_NOSY = 'new' # either 'yes', 'no', 'new'
216 # Where to place the email signature
217 EMAIL_SIGNATURE_POSITION = 'bottom' # one of 'top', 'bottom', 'none'
219 # Keep email citations
220 EMAIL_KEEP_QUOTED_TEXT = 'no' # either 'yes' or 'no'
222 # Preserve the email body as is
223 EMAIL_LEAVE_BODY_UNCHANGED = 'no' # either 'yes' or 'no'
225 # Default class to use in the mailgw if one isn't supplied in email
226 # subjects. To disable, comment out the variable below or leave it blank.
227 # Examples:
228 MAIL_DEFAULT_CLASS = 'issue' # use "issue" class by default
229 #MAIL_DEFAULT_CLASS = '' # disable (or just comment the var out)
231 #
232 # SECURITY DEFINITIONS
233 #
234 # define the Roles that a user gets when they register with the tracker
235 # these are a comma-separated string of role names (e.g. 'Admin,User')
236 NEW_WEB_USER_ROLES = 'User'
237 NEW_EMAIL_USER_ROLES = 'User'
239 Tracker Schema
240 ==============
242 Note: if you modify the schema, you'll most likely need to edit the
243 `web interface`_ HTML template files and `detectors`_ to reflect
244 your changes.
246 A tracker schema defines what data is stored in the tracker's database.
247 Schemas are defined using Python code in the ``dbinit.py`` module of your
248 tracker. The "classic" schema looks like this::
250 pri = Class(db, "priority", name=String(), order=String())
251 pri.setkey("name")
253 stat = Class(db, "status", name=String(), order=String())
254 stat.setkey("name")
256 keyword = Class(db, "keyword", name=String())
257 keyword.setkey("name")
259 user = Class(db, "user", username=String(), organisation=String(),
260 password=String(), address=String(), realname=String(), phone=String())
261 user.setkey("username")
263 msg = FileClass(db, "msg", author=Link("user"), summary=String(),
264 date=Date(), recipients=Multilink("user"), files=Multilink("file"))
266 file = FileClass(db, "file", name=String(), type=String())
268 issue = IssueClass(db, "issue", topic=Multilink("keyword"),
269 status=Link("status"), assignedto=Link("user"),
270 priority=Link("priority"))
271 issue.setkey('title')
273 Classes and Properties - creating a new information store
274 ---------------------------------------------------------
276 In the tracker above, we've defined 7 classes of information:
278 priority
279 Defines the possible levels of urgency for issues.
281 status
282 Defines the possible states of processing the issue may be in.
284 keyword
285 Initially empty, will hold keywords useful for searching issues.
287 user
288 Initially holding the "admin" user, will eventually have an entry for all
289 users using roundup.
291 msg
292 Initially empty, will all e-mail messages sent to or generated by
293 roundup.
295 file
296 Initially empty, will all files attached to issues.
298 issue
299 Initially empty, this is where the issue information is stored.
301 We define the "priority" and "status" classes to allow two things: reduction in
302 the amount of information stored on the issue and more powerful, accurate
303 searching of issues by priority and status. By only requiring a link on the
304 issue (which is stored as a single number) we reduce the chance that someone
305 mis-types a priority or status - or simply makes a new one up.
307 Class and Items
308 ~~~~~~~~~~~~~~~
310 A Class defines a particular class (or type) of data that will be stored in the
311 database. A class comprises one or more properties, which given the information
312 about the class items.
313 The actual data entered into the database, using class.create() are called
314 items. They have a special immutable property called id. We sometimes refer to
315 this as the itemid.
317 Properties
318 ~~~~~~~~~~
320 A Class is comprised of one or more properties of the following types:
322 * String properties are for storing arbitrary-length strings.
323 * Password properties are for storing encoded arbitrary-length strings. The
324 default encoding is defined on the roundup.password.Password class.
325 * Date properties store date-and-time stamps. Their values are Timestamp
326 objects.
327 * Number properties store numeric values.
328 * Boolean properties store on/off, yes/no, true/false values.
329 * A Link property refers to a single other item selected from a specified
330 class. The class is part of the property; the value is an integer, the id
331 of the chosen item.
332 * A Multilink property refers to possibly many items in a specified class.
333 The value is a list of integers.
335 FileClass
336 ~~~~~~~~~
338 FileClasses save their "content" attribute off in a separate file from the rest
339 of the database. This reduces the number of large entries in the database,
340 which generally makes databases more efficient, and also allows us to use
341 command-line tools to operate on the files. They are stored in the files sub-
342 directory of the db directory in your tracker.
344 IssueClass
345 ~~~~~~~~~~
347 IssueClasses automatically include the "messages", "files", "nosy", and
348 "superseder" properties.
349 The messages and files properties list the links to the messages and files
350 related to the issue. The nosy property is a list of links to users who wish to
351 be informed of changes to the issue - they get "CC'ed" e-mails when messages
352 are sent to or generated by the issue. The nosy reactor (in the detectors
353 directory) handles this action. The superceder link indicates an issue which
354 has superceded this one.
355 They also have the dynamically generated "creation", "activity" and "creator"
356 properties.
357 The value of the "creation" property is the date when an item was created, and
358 the value of the "activity" property is the date when any property on the item
359 was last edited (equivalently, these are the dates on the first and last
360 records in the item's journal). The "creator" property holds a link to the user
361 that created the issue.
363 setkey(property)
364 ~~~~~~~~~~~~~~~~
366 Select a String property of the class to be the key property. The key property
367 muse be unique, and allows references to the items in the class by the content
368 of the key property. That is, we can refer to users by their username, e.g.
369 let's say that there's an issue in roundup, issue 23. There's also a user,
370 richard who happens to be user 2. To assign an issue to him, we could do either
371 of::
373 roundup-admin set issue assignedto=2
375 or::
377 roundup-admin set issue assignedto=richard
379 Note, the same thing can be done in the web and e-mail interfaces.
381 create(information)
382 ~~~~~~~~~~~~~~~~~~~
384 Create an item in the database. This is generally used to create items in the
385 "definitional" classes like "priority" and "status".
388 Examples of adding to your schema
389 ---------------------------------
391 TODO
394 Detectors - adding behaviour to your tracker
395 ============================================
396 .. _detectors:
398 Detectors are initialised every time you open your tracker database, so you're
399 free to add and remove them any time, even after the database is initliased
400 via the "roundup-admin initalise" command.
402 The detectors in your tracker fire before (*auditors*) and after (*reactors*)
403 changes to the contents of your database. They are Python modules that sit in
404 your tracker's ``detectors`` directory. You will have some installed by
405 default - have a look. You can write new detectors or modify the existing
406 ones. The existing detectors installed for you are:
408 **nosyreaction.py**
409 This provides the automatic nosy list maintenance and email sending. The nosy
410 reactor (``nosyreaction``) fires when new messages are added to issues.
411 The nosy auditor (``updatenosy``) fires when issues are changed and figures
412 what changes need to be made to the nosy list (like adding new authors etc)
413 **statusauditor.py**
414 This provides the ``chatty`` auditor which changes the issue status from
415 ``unread`` or ``closed`` to ``chatting`` if new messages appear. It also
416 provides the ``presetunread`` auditor which pre-sets the status to
417 ``unread`` on new items if the status isn't explicitly defined.
419 See the detectors section in the `design document`__ for details of the
420 interface for detectors.
422 __ design.html
424 Sample additional detectors that have been found useful will appear in the
425 ``detectors`` directory of the Roundup distribution:
427 **newissuecopy.py**
428 This detector sends an email to a team address whenever a new issue is
429 created. The address is hard-coded into the detector, so edit it before you
430 use it (look for the text 'team@team.host') or you'll get email errors!
432 The detector code::
434 from roundup import roundupdb
436 def newissuecopy(db, cl, nodeid, oldvalues):
437 ''' Copy a message about new issues to a team address.
438 '''
439 # so use all the messages in the create
440 change_note = cl.generateCreateNote(nodeid)
442 # send a copy to the nosy list
443 for msgid in cl.get(nodeid, 'messages'):
444 try:
445 # note: last arg must be a list
446 cl.send_message(nodeid, msgid, change_note, ['team@team.host'])
447 except roundupdb.MessageSendError, message:
448 raise roundupdb.DetectorError, message
450 def init(db):
451 db.issue.react('create', newissuecopy)
454 Database Content
455 ================
457 Note: if you modify the content of definitional classes, you'll most likely
458 need to edit the tracker `detectors`_ to reflect your changes.
460 Customisation of the special "definitional" classes (eg. status, priority,
461 resolution, ...) may be done either before or after the tracker is
462 initialised. The actual method of doing so is completely different in each
463 case though, so be careful to use the right one.
465 **Changing content before tracker initialisation**
466 Edit the dbinit module in your tracker to alter the items created in using
467 the create() methods.
469 **Changing content after tracker initialisation**
470 As the "admin" user, click on the "class list" link in the web interface
471 to bring up a list of all database classes. Click on the name of the class
472 you wish to change the content of.
474 You may also use the roundup-admin interface's create, set and retire
475 methods to add, alter or remove items from the classes in question.
477 See "`adding a new field to the classic schema`_" for an example that requires
478 database content changes.
481 Access Controls
482 ===============
484 A set of Permissions are built in to the security module by default:
486 - Edit (everything)
487 - View (everything)
489 The default interfaces define:
491 - Web Registration
492 - Web Access
493 - Web Roles
494 - Email Registration
495 - Email Access
497 These are hooked into the default Roles:
499 - Admin (Edit everything, View everything, Web Roles)
500 - User (Web Access, Email Access)
501 - Anonymous (Web Registration, Email Registration)
503 And finally, the "admin" user gets the "Admin" Role, and the "anonymous" user
504 gets the "Anonymous" assigned when the database is initialised on installation.
505 The two default schemas then define:
507 - Edit issue, View issue (both)
508 - Edit file, View file (both)
509 - Edit msg, View msg (both)
510 - Edit support, View support (extended only)
512 and assign those Permissions to the "User" Role. Put together, these settings
513 appear in the ``open()`` function of the tracker ``dbinit.py`` (the following
514 is taken from the "minimal" template ``dbinit.py``)::
516 #
517 # SECURITY SETTINGS
518 #
519 # new permissions for this schema
520 for cl in ('user', ):
521 db.security.addPermission(name="Edit", klass=cl,
522 description="User is allowed to edit "+cl)
523 db.security.addPermission(name="View", klass=cl,
524 description="User is allowed to access "+cl)
526 # and give the regular users access to the web and email interface
527 p = db.security.getPermission('Web Access')
528 db.security.addPermissionToRole('User', p)
529 p = db.security.getPermission('Email Access')
530 db.security.addPermissionToRole('User', p)
532 # May users view other user information? Comment these lines out
533 # if you don't want them to
534 p = db.security.getPermission('View', 'user')
535 db.security.addPermissionToRole('User', p)
537 # Assign the appropriate permissions to the anonymous user's Anonymous
538 # Role. Choices here are:
539 # - Allow anonymous users to register through the web
540 p = db.security.getPermission('Web Registration')
541 db.security.addPermissionToRole('Anonymous', p)
542 # - Allow anonymous (new) users to register through the email gateway
543 p = db.security.getPermission('Email Registration')
544 db.security.addPermissionToRole('Anonymous', p)
547 New User Roles
548 --------------
550 New users are assigned the Roles defined in the config file as:
552 - NEW_WEB_USER_ROLES
553 - NEW_EMAIL_USER_ROLES
556 Changing Access Controls
557 ------------------------
559 You may alter the configuration variables to change the Role that new web or
560 email users get, for example to not give them access to the web interface if
561 they register through email.
563 You may use the ``roundup-admin`` "``security``" command to display the
564 current Role and Permission configuration in your tracker.
566 Adding a new Permission
567 ~~~~~~~~~~~~~~~~~~~~~~~
569 When adding a new Permission, you will need to:
571 1. add it to your tracker's dbinit so it is created
572 2. enable it for the Roles that should have it (verify with
573 "``roundup-admin security``")
574 3. add it to the relevant HTML interface templates
575 4. add it to the appropriate xxxPermission methods on in your tracker
576 interfaces module
578 Example Scenarios
579 ~~~~~~~~~~~~~~~~~
581 **automatic registration of users in the e-mail gateway**
582 By giving the "anonymous" user the "Email Registration" Role, any
583 unidentified user will automatically be registered with the tracker (with
584 no password, so they won't be able to log in through the web until an admin
585 sets them a password). Note: this is the default behaviour in the tracker
586 templates that ship with Roundup.
588 **anonymous access through the e-mail gateway**
589 Give the "anonymous" user the "Email Access" and ("Edit", "issue") Roles
590 but not giving them the "Email Registration" Role. This means that when an
591 unknown user sends email into the tracker, they're automatically logged in
592 as "anonymous". Since they don't have the "Email Registration" Role, they
593 won't be automatically registered, but since "anonymous" has permission
594 to use the gateway, they'll still be able to submit issues. Note that the
595 Sender information - their email address - will not be available - they're
596 *anonymous*.
598 **only developers may be assigned issues**
599 Create a new Permission called "Fixer" for the "issue" class. Create a new
600 Role "Developer" which has that Permission, and assign that to the
601 appropriate users. Filter the list of users available in the assignedto
602 list to include only those users. Enforce the Permission with an auditor. See
603 the example `restricting the list of users that are assignable to a task`_.
605 **only managers may sign off issues as complete**
606 Create a new Permission called "Closer" for the "issue" class. Create a new
607 Role "Manager" which has that Permission, and assign that to the appropriate
608 users. In your web interface, only display the "resolved" issue state option
609 when the user has the "Closer" Permissions. Enforce the Permission with
610 an auditor. This is very similar to the previous example, except that the
611 web interface check would look like::
613 <option tal:condition="python:request.user.hasPermission('Closer')"
614 value="resolved">Resolved</option>
616 **don't give users who register through email web access**
617 Create a new Role called "Email User" which has all the Permissions of the
618 normal "User" Role minus the "Web Access" Permission. This will allow users
619 to send in emails to the tracker, but not access the web interface.
621 **let some users edit the details of all users**
622 Create a new Role called "User Admin" which has the Permission for editing
623 users::
625 db.security.addRole(name='User Admin', description='Managing users')
626 p = db.security.getPermission('Edit', 'user')
627 db.security.addPermissionToRole('User Admin', p)
629 and assign the Role to the users who need the permission.
632 Web Interface
633 =============
635 .. contents::
636 :local:
637 :depth: 1
639 The web is provided by the roundup.cgi.client module and is used by
640 roundup.cgi, roundup-server and ZRoundup.
641 In all cases, we determine which tracker is being accessed
642 (the first part of the URL path inside the scope of the CGI handler) and pass
643 control on to the tracker interfaces.Client class - which uses the Client class
644 from roundup.cgi.client - which handles the rest of
645 the access through its main() method. This means that you can do pretty much
646 anything you want as a web interface to your tracker.
648 Repurcussions of changing the tracker schema
649 ---------------------------------------------
651 If you choose to change the `tracker schema`_ you will need to ensure the web
652 interface knows about it:
654 1. Index, item and search pages for the relevant classes may need to have
655 properties added or removed,
656 2. The "page" template may require links to be changed, as might the "home"
657 page's content arguments.
659 How requests are processed
660 --------------------------
662 The basic processing of a web request proceeds as follows:
664 1. figure out who we are, defaulting to the "anonymous" user
665 2. figure out what the request is for - we call this the "context"
666 3. handle any requested action (item edit, search, ...)
667 4. render the template requested by the context, resulting in HTML output
669 In some situations, exceptions occur:
671 - HTTP Redirect (generally raised by an action)
672 - SendFile (generally raised by determine_context)
673 here we serve up a FileClass "content" property
674 - SendStaticFile (generally raised by determine_context)
675 here we serve up a file from the tracker "html" directory
676 - Unauthorised (generally raised by an action)
677 here the action is cancelled, the request is rendered and an error
678 message is displayed indicating that permission was not
679 granted for the action to take place
680 - NotFound (raised wherever it needs to be)
681 this exception percolates up to the CGI interface that called the client
683 Determining web context
684 -----------------------
686 To determine the "context" of a request, we look at the URL and the special
687 request variable ``:template``. The URL path after the tracker identifier
688 is examined. Typical URL paths look like:
690 1. ``/tracker/issue``
691 2. ``/tracker/issue1``
692 3. ``/tracker/_file/style.css``
693 4. ``/cgi-bin/roundup.cgi/tracker/file1``
694 5. ``/cgi-bin/roundup.cgi/tracker/file1/kitten.png``
696 where the "tracker identifier" is "tracker" in the above cases. That means
697 we're looking at "issue", "issue1", "_file/style.css", "file1" and
698 "file1/kitten.png" in the cases above. The path is generally only one
699 entry long - longer paths are handled differently.
701 a. if there is no path, then we are in the "home" context.
702 b. if the path starts with "_file" (as in example 3,
703 "/tracker/_file/style.css"), then the additional path entry,
704 "style.css" specifies the filename of a static file we're to serve up
705 from the tracker "html" directory. Raises a SendStaticFile
706 exception.
707 c. if there is something in the path (as in example 1, "issue"), it identifies
708 the tracker class we're to display.
709 d. if the path is an item designator (as in examples 2 and 4, "issue1" and
710 "file1"), then we're to display a specific item.
711 e. if the path starts with an item designator and is longer than
712 one entry (as in example 5, "file1/kitten.png"), then we're assumed
713 to be handling an item of a
714 FileClass, and the extra path information gives the filename
715 that the client is going to label the download with (ie
716 "file1/kitten.png" is nicer to download than "file1"). This
717 raises a SendFile exception.
719 Both b. and e. stop before we bother to
720 determine the template we're going to use. That's because they
721 don't actually use templates.
723 The template used is specified by the ``:template`` CGI variable,
724 which defaults to:
726 - only classname suplied: "index"
727 - full item designator supplied: "item"
730 Performing actions in web requests
731 ----------------------------------
733 When a user requests a web page, they may optionally also request for an
734 action to take place. As described in `how requests are processed`_, the
735 action is performed before the requested page is generated. Actions are
736 triggered by using a ``:action`` CGI variable, where the value is one of:
738 **login**
739 Attempt to log a user in.
741 **logout**
742 Log the user out - make them "anonymous".
744 **register**
745 Attempt to create a new user based on the contents of the form and then log
746 them in.
748 **edit**
749 Perform an edit of an item in the database. There are some special form
750 elements you may use:
752 :link=designator:property and :multilink=designator:property
753 The value specifies an item designator and the property on that
754 item to add *this* item to as a link or multilink.
755 :note
756 Create a message and attach it to the current item's
757 "messages" property.
758 :file
759 Create a file and attach it to the current item's
760 "files" property. Attach the file to the message created from
761 the :note if it's supplied.
762 :required=property,property,...
763 The named properties are required to be filled in the form.
764 :remove:<propname>=id(s)
765 The ids will be removed from the multilink property. You may have multiple
766 :remove:<propname> form elements for a single <propname>.
767 :add:<propname>=id(s)
768 The ids will be added to the multilink property. You may have multiple
769 :add:<propname> form elements for a single <propname>.
771 **new**
772 Add a new item to the database. You may use the same special form elements
773 as in the "edit" action.
775 **retire**
776 Retire the item in the database.
778 **editCSV**
779 Performs an edit of all of a class' items in one go. See also the
780 *class*.csv templating method which generates the CSV data to be edited, and
781 the "_generic.index" template which uses both of these features.
783 **search**
784 Mangle some of the form variables.
786 Set the form ":filter" variable based on the values of the
787 filter variables - if they're set to anything other than
788 "dontcare" then add them to :filter.
790 Also handle the ":queryname" variable and save off the query to
791 the user's query list.
793 Each of the actions is implemented by a corresponding *actionAction* (where
794 "action" is the name of the action) method on
795 the roundup.cgi.Client class, which also happens to be in your tracker as
796 interfaces.Client. So if you need to define new actions, you may add them
797 there (see `defining new web actions`_).
799 Each action also has a corresponding *actionPermission* (where
800 "action" is the name of the action) method which determines
801 whether the action is permissible given the current user. The base permission
802 checks are:
804 **login**
805 Determine whether the user has permission to log in.
806 Base behaviour is to check the user has "Web Access".
807 **logout**
808 No permission checks are made.
809 **register**
810 Determine whether the user has permission to register
811 Base behaviour is to check the user has "Web Registration".
812 **edit**
813 Determine whether the user has permission to edit this item.
814 Base behaviour is to check the user can edit this class. If we're
815 editing the "user" class, users are allowed to edit their own
816 details. Unless it's the "roles" property, which requires the
817 special Permission "Web Roles".
818 **new**
819 Determine whether the user has permission to create (edit) this item.
820 Base behaviour is to check the user can edit this class. No
821 additional property checks are made. Additionally, new user items
822 may be created if the user has the "Web Registration" Permission.
823 **editCSV**
824 Determine whether the user has permission to edit this class.
825 Base behaviour is to check the user can edit this class.
826 **search**
827 Determine whether the user has permission to search this class.
828 Base behaviour is to check the user can view this class.
831 Default templates
832 -----------------
834 Most customisation of the web view can be done by modifying the templates in
835 the tracker **html** directory. There are several types of files in there:
837 **page**
838 This template usually defines the overall look of your tracker. When you
839 view an issue, it appears inside this template. When you view an index, it
840 also appears inside this template. This template defines a macro called
841 "icing" which is used by almost all other templates as a coating for their
842 content, using its "content" slot. It will also define the "head_title"
843 and "body_title" slots to allow setting of the page title.
844 **home**
845 the default page displayed when no other page is indicated by the user
846 **home.classlist**
847 a special version of the default page that lists the classes in the tracker
848 **classname.item**
849 displays an item of the *classname* class
850 **classname.index**
851 displays a list of *classname* items
852 **classname.search**
853 displays a search page for *classname* items
854 **_generic.index**
855 used to display a list of items where there is no *classname*.index available
856 **_generic.help**
857 used to display a "class help" page where there is no *classname*.help
858 **user.register**
859 a special page just for the user class that renders the registration page
860 **style.css**
861 a static file that is served up as-is
863 Note: Remember that you can create any template extension you want to, so
864 if you just want to play around with the templating for new issues, you can
865 copy the current "issue.item" template to "issue.test", and then access the
866 test template using the ":template" URL argument::
868 http://your.tracker.example/tracker/issue?:template=test
870 and it won't affect your users using the "issue.item" template.
873 How the templates work
874 ----------------------
876 Basic Templating Actions
877 ~~~~~~~~~~~~~~~~~~~~~~~~
879 Roundup's templates consist of special attributes on your template tags.
880 These attributes form the Template Attribute Language, or TAL. The basic tag
881 commands are:
883 **tal:define="variable expression; variable expression; ..."**
884 Define a new variable that is local to this tag and its contents. For
885 example::
887 <html tal:define="title request/description">
888 <head><title tal:content="title"></title></head>
889 </html>
891 In the example, the variable "title" is defined as being the result of the
892 expression "request/description". The tal:content command inside the <html>
893 tag may then use the "title" variable.
895 **tal:condition="expression"**
896 Only keep this tag and its contents if the expression is true. For example::
898 <p tal:condition="python:request.user.hasPermission('View', 'issue')">
899 Display some issue information.
900 </p>
902 In the example, the <p> tag and its contents are only displayed if the
903 user has the View permission for issues. We consider the number zero, a
904 blank string, an empty list, and the built-in variable nothing to be false
905 values. Nearly every other value is true, including non-zero numbers, and
906 strings with anything in them (even spaces!).
908 **tal:repeat="variable expression"**
909 Repeat this tag and its contents for each element of the sequence that the
910 expression returns, defining a new local variable and a special "repeat"
911 variable for each element. For example::
913 <tr tal:repeat="u user/list">
914 <td tal:content="u/id"></td>
915 <td tal:content="u/username"></td>
916 <td tal:content="u/realname"></td>
917 </tr>
919 The example would iterate over the sequence of users returned by
920 "user/list" and define the local variable "u" for each entry.
922 **tal:replace="expression"**
923 Replace this tag with the result of the expression. For example::
925 <span tal:replace="request/user/realname"></span>
927 The example would replace the <span> tag and its contents with the user's
928 realname. If the user's realname was "Bruce" then the resultant output
929 would be "Bruce".
931 **tal:content="expression"**
932 Replace the contents of this tag with the result of the expression. For
933 example::
935 <span tal:content="request/user/realname">user's name appears here</span>
937 The example would replace the contents of the <span> tag with the user's
938 realname. If the user's realname was "Bruce" then the resultant output
939 would be "<span>Bruce</span>".
941 **tal:attributes="attribute expression; attribute expression; ..."**
942 Set attributes on this tag to the results of expressions. For example::
944 <a tal:attributes="href string:user${request/user/id}">My Details</a>
946 In the example, the "href" attribute of the <a> tag is set to the value of
947 the "string:user${request/user/id}" expression, which will be something
948 like "user123".
950 **tal:omit-tag="expression"**
951 Remove this tag (but not its contents) if the expression is true. For
952 example::
954 <span tal:omit-tag="python:1">Hello, world!</span>
956 would result in output of::
958 Hello, world!
960 Note that the commands on a given tag are evaulated in the order above, so
961 *define* comes before *condition*, and so on.
963 Additionally, a tag is defined, tal:block, which is removed from output. Its
964 content is not, but the tag itself is (so don't go using any tal:attributes
965 commands on it). This is useful for making arbitrary blocks of HTML
966 conditional or repeatable (very handy for repeating multiple table rows,
967 which would othewise require an illegal tag placement to effect the repeat).
970 Templating Expressions
971 ~~~~~~~~~~~~~~~~~~~~~~
973 The expressions you may use in the attibute values may be one of the following
974 forms:
976 **Path Expressions** - eg. ``item/status/checklist``
977 These are object attribute / item accesses. Roughly speaking, the path
978 ``item/status/checklist`` is broken into parts ``item``, ``status``
979 and ``checklist``. The ``item`` part is the root of the expression.
980 We then look for a ``status`` attribute on ``item``, or failing that, a
981 ``status`` item (as in ``item['status']``). If that
982 fails, the path expression fails. When we get to the end, the object we're
983 left with is evaluated to get a string - methods are called, objects are
984 stringified. Path expressions may have an optional ``path:`` prefix, though
985 they are the default expression type, so it's not necessary.
987 If an expression evaluates to ``default`` then the expression is
988 "cancelled" - whatever HTML already exists in the template will remain
989 (tag content in the case of tal:content, attributes in the case of
990 tal:attributes).
992 If an expression evaluates to ``nothing`` then the target of the expression
993 is removed (tag content in the case of tal:content, attributes in the case
994 of tal:attributes and the tag itself in the case of tal:replace).
996 If an element in the path may not exist, then you can use the ``|``
997 operator in the expression to provide an alternative. So, the expression
998 ``request/form/foo/value | default`` would simply leave the current HTML
999 in place if the "foo" form variable doesn't exist.
1001 **String Expressions** - eg. ``string:hello ${user/name}``
1002 These expressions are simple string interpolations - though they can be just
1003 plain strings with no interpolation if you want. The expression in the
1004 ``${ ... }`` is just a path expression as above.
1006 **Python Expressions** - eg. ``python: 1+1``
1007 These expressions give the full power of Python. All the "root level"
1008 variables are available, so ``python:item.status.checklist()`` would be
1009 equivalent to ``item/status/checklist``, assuming that ``checklist`` is
1010 a method.
1012 Template Macros
1013 ~~~~~~~~~~~~~~~
1015 Macros are used in Roundup to save us from repeating the same common page
1016 stuctures over and over. The most common (and probably only) macro you'll use
1017 is the "icing" macro defined in the "page" template.
1019 Macros are generated and used inside your templates using special attributes
1020 similar to the `basic templating actions`_. In this case though, the
1021 attributes belong to the Macro Expansion Template Attribute Language, or
1022 METAL. The macro commands are:
1024 **metal:define-macro="macro name"**
1025 Define that the tag and its contents are now a macro that may be inserted
1026 into other templates using the *use-macro* command. For example::
1028 <html metal:define-macro="page">
1029 ...
1030 </html>
1032 defines a macro called "page" using the ``<html>`` tag and its contents.
1033 Once defined, macros are stored on the template they're defined on in the
1034 ``macros`` attribute. You can access them later on through the ``templates``
1035 variable, eg. the most common ``templates/page/macros/icing`` to access the
1036 "page" macro of the "page" template.
1038 **metal:use-macro="path expression"**
1039 Use a macro, which is identified by the path expression (see above). This
1040 will replace the current tag with the identified macro contents. For
1041 example::
1043 <tal:block metal:use-macro="templates/page/macros/icing">
1044 ...
1045 </tal:block>
1047 will replace the tag and its contents with the "page" macro of the "page"
1048 template.
1050 **metal:define-slot="slot name"** and **metal:fill-slot="slot name"**
1051 To define *dynamic* parts of the macro, you define "slots" which may be
1052 filled when the macro is used with a *use-macro* command. For example, the
1053 ``templates/page/macros/icing`` macro defines a slot like so::
1055 <title metal:define-slot="head_title">title goes here</title>
1057 In your *use-macro* command, you may now use a *fill-slot* command like
1058 this::
1060 <title metal:fill-slot="head_title">My Title</title>
1062 where the tag that fills the slot completely replaces the one defined as
1063 the slot in the macro.
1065 Note that you may not mix METAL and TAL commands on the same tag, but TAL
1066 commands may be used freely inside METAL-using tags (so your *fill-slots*
1067 tags may have all manner of TAL inside them).
1070 Information available to templates
1071 ----------------------------------
1073 Note: this is implemented by roundup.cgi.templating.RoundupPageTemplate
1075 The following variables are available to templates.
1077 **context**
1078 The current context. This is either None, a
1079 `hyperdb class wrapper`_ or a `hyperdb item wrapper`_
1080 **request**
1081 Includes information about the current request, including:
1082 - the current index information (``filterspec``, ``filter`` args,
1083 ``properties``, etc) parsed out of the form.
1084 - methods for easy filterspec link generation
1085 - *user*, the current user item as an HTMLItem instance
1086 - *form*
1087 The current CGI form information as a mapping of form argument
1088 name to value
1089 **config**
1090 This variable holds all the values defined in the tracker config.py file
1091 (eg. TRACKER_NAME, etc.)
1092 **db**
1093 The current database, used to access arbitrary database items.
1094 **templates**
1095 Access to all the tracker templates by name. Used mainly in *use-macro*
1096 commands.
1097 **utils**
1098 This variable makes available some utility functions like batching.
1099 **nothing**
1100 This is a special variable - if an expression evaluates to this, then the
1101 tag (in the case of a tal:replace), its contents (in the case of
1102 tal:content) or some attributes (in the case of tal:attributes) will not
1103 appear in the the output. So for example::
1105 <span tal:attributes="class nothing">Hello, World!</span>
1107 would result in::
1109 <span>Hello, World!</span>
1111 **default**
1112 Also a special variable - if an expression evaluates to this, then the
1113 existing HTML in the template will not be replaced or removed, it will
1114 remain. So::
1116 <span tal:replace="default">Hello, World!</span>
1118 would result in::
1120 <span>Hello, World!</span>
1122 The context variable
1123 ~~~~~~~~~~~~~~~~~~~~
1125 The *context* variable is one of three things based on the current context
1126 (see `determining web context`_ for how we figure this out):
1128 1. if we're looking at a "home" page, then it's None
1129 2. if we're looking at a specific hyperdb class, it's a
1130 `hyperdb class wrapper`_.
1131 3. if we're looking at a specific hyperdb item, it's a
1132 `hyperdb item wrapper`_.
1134 If the context is not None, we can access the properties of the class or item.
1135 The only real difference between cases 2 and 3 above are:
1137 1. the properties may have a real value behind them, and this will appear if
1138 the property is displayed through ``context/property`` or
1139 ``context/property/field``.
1140 2. the context's "id" property will be a false value in the second case, but
1141 a real, or true value in the third. Thus we can determine whether we're
1142 looking at a real item from the hyperdb by testing "context/id".
1144 Hyperdb class wrapper
1145 :::::::::::::::::::::
1147 Note: this is implemented by the roundup.cgi.templating.HTMLClass class.
1149 This wrapper object provides access to a hyperb class. It is used primarily
1150 in both index view and new item views, but it's also usable anywhere else that
1151 you wish to access information about a class, or the items of a class, when
1152 you don't have a specific item of that class in mind.
1154 We allow access to properties. There will be no "id" property. The value
1155 accessed through the property will be the current value of the same name from
1156 the CGI form.
1158 There are several methods available on these wrapper objects:
1160 =========== =============================================================
1161 Method Description
1162 =========== =============================================================
1163 properties return a `hyperdb property wrapper`_ for all of this class'
1164 properties.
1165 list lists all of the active (not retired) items in the class.
1166 csv return the items of this class as a chunk of CSV text.
1167 propnames lists the names of the properties of this class.
1168 filter lists of items from this class, filtered and sorted
1169 by the current *request* filterspec/filter/sort/group args
1170 classhelp display a link to a javascript popup containing this class'
1171 "help" template.
1172 submit generate a submit button (and action hidden element)
1173 renderWith render this class with the given template.
1174 history returns 'New node - no history' :)
1175 is_edit_ok is the user allowed to Edit the current class?
1176 is_view_ok is the user allowed to View the current class?
1177 =========== =============================================================
1179 Note that if you have a property of the same name as one of the above methods,
1180 you'll need to access it using a python "item access" expression. For example::
1182 python:context['list']
1184 will access the "list" property, rather than the list method.
1187 Hyperdb item wrapper
1188 ::::::::::::::::::::
1190 Note: this is implemented by the roundup.cgi.templating.HTMLItem class.
1192 This wrapper object provides access to a hyperb item.
1194 We allow access to properties. There will be no "id" property. The value
1195 accessed through the property will be the current value of the same name from
1196 the CGI form.
1198 There are several methods available on these wrapper objects:
1200 =============== =============================================================
1201 Method Description
1202 =============== =============================================================
1203 submit generate a submit button (and action hidden element)
1204 journal return the journal of the current item (**not implemented**)
1205 history render the journal of the current item as HTML
1206 renderQueryForm specific to the "query" class - render the search form for
1207 the query
1208 hasPermission specific to the "user" class - determine whether the user
1209 has a Permission
1210 is_edit_ok is the user allowed to Edit the current item?
1211 is_view_ok is the user allowed to View the current item?
1212 =============== =============================================================
1215 Note that if you have a property of the same name as one of the above methods,
1216 you'll need to access it using a python "item access" expression. For example::
1218 python:context['journal']
1220 will access the "journal" property, rather than the journal method.
1223 Hyperdb property wrapper
1224 ::::::::::::::::::::::::
1226 Note: this is implemented by subclasses roundup.cgi.templating.HTMLProperty
1227 class (HTMLStringProperty, HTMLNumberProperty, and so on).
1229 This wrapper object provides access to a single property of a class. Its
1230 value may be either:
1232 1. if accessed through a `hyperdb item wrapper`_, then it's a value from the
1233 hyperdb
1234 2. if access through a `hyperdb class wrapper`_, then it's a value from the
1235 CGI form
1238 The property wrapper has some useful attributes:
1240 =============== =============================================================
1241 Attribute Description
1242 =============== =============================================================
1243 _name the name of the property
1244 _value the value of the property if any - this is the actual value
1245 retrieved from the hyperdb for this property
1246 =============== =============================================================
1248 There are several methods available on these wrapper objects:
1250 =========== =================================================================
1251 Method Description
1252 =========== =================================================================
1253 plain render a "plain" representation of the property
1254 field render an appropriate form edit field for the property - for most
1255 types this is a text entry box, but for Booleans it's a tri-state
1256 yes/no/neither selection.
1257 stext only on String properties - render the value of the
1258 property as StructuredText (requires the StructureText module
1259 to be installed separately)
1260 multiline only on String properties - render a multiline form edit
1261 field for the property
1262 email only on String properties - render the value of the
1263 property as an obscured email address
1264 confirm only on Password properties - render a second form edit field for
1265 the property, used for confirmation that the user typed the
1266 password correctly. Generates a field with name "name:confirm".
1267 reldate only on Date properties - render the interval between the
1268 date and now
1269 pretty only on Interval properties - render the interval in a
1270 pretty format (eg. "yesterday")
1271 menu only on Link and Multilink properties - render a form select
1272 list for this property
1273 reverse only on Multilink properties - produce a list of the linked
1274 items in reverse order
1275 =========== =================================================================
1277 The request variable
1278 ~~~~~~~~~~~~~~~~~~~~
1280 Note: this is implemented by the roundup.cgi.templating.HTMLRequest class.
1282 The request variable is packed with information about the current request.
1284 .. taken from roundup.cgi.templating.HTMLRequest docstring
1286 =========== =================================================================
1287 Variable Holds
1288 =========== =================================================================
1289 form the CGI form as a cgi.FieldStorage
1290 env the CGI environment variables
1291 base the base URL for this tracker
1292 user a HTMLUser instance for this user
1293 classname the current classname (possibly None)
1294 template the current template (suffix, also possibly None)
1295 form the current CGI form variables in a FieldStorage
1296 =========== =================================================================
1298 **Index page specific variables (indexing arguments)**
1300 =========== =================================================================
1301 Variable Holds
1302 =========== =================================================================
1303 columns dictionary of the columns to display in an index page
1304 show a convenience access to columns - request/show/colname will
1305 be true if the columns should be displayed, false otherwise
1306 sort index sort column (direction, column name)
1307 group index grouping property (direction, column name)
1308 filter properties to filter the index on
1309 filterspec values to filter the index on
1310 search_text text to perform a full-text search on for an index
1311 =========== =================================================================
1313 There are several methods available on the request variable:
1315 =============== =============================================================
1316 Method Description
1317 =============== =============================================================
1318 description render a description of the request - handle for the page
1319 title
1320 indexargs_form render the current index args as form elements
1321 indexargs_url render the current index args as a URL
1322 base_javascript render some javascript that is used by other components of
1323 the templating
1324 batch run the current index args through a filter and return a
1325 list of items (see `hyperdb item wrapper`_, and
1326 `batching`_)
1327 =============== =============================================================
1329 The form variable
1330 :::::::::::::::::
1332 The form variable is a little special because it's actually a python
1333 FieldStorage object. That means that you have two ways to access its
1334 contents. For example, to look up the CGI form value for the variable
1335 "name", use the path expression::
1337 request/form/name/value
1339 or the python expression::
1341 python:request.form['name'].value
1343 Note the "item" access used in the python case, and also note the explicit
1344 "value" attribute we have to access. That's because the form variables are
1345 stored as MiniFieldStorages. If there's more than one "name" value in
1346 the form, then the above will break since ``request/form/name`` is actually a
1347 *list* of MiniFieldStorages. So it's best to know beforehand what you're
1348 dealing with.
1351 The db variable
1352 ~~~~~~~~~~~~~~~
1354 Note: this is implemented by the roundup.cgi.templating.HTMLDatabase class.
1356 Allows access to all hyperdb classes as attributes of this variable. If you
1357 want access to the "user" class, for example, you would use::
1359 db/user
1360 python:db.user
1362 The access results in a `hyperdb class wrapper`_.
1364 The templates variable
1365 ~~~~~~~~~~~~~~~~~~~~~~
1367 Note: this is implemented by the roundup.cgi.templating.Templates class.
1369 This variable doesn't have any useful methods defined. It supports being
1370 used in expressions to access the templates, and subsequently the template
1371 macros. You may access the templates using the following path expression::
1373 templates/name
1375 or the python expression::
1377 templates[name]
1379 where "name" is the name of the template you wish to access. The template you
1380 get access to has one useful attribute, "macros". To access a specific macro
1381 (called "macro_name"), use the path expression::
1383 templates/name/macros/macro_name
1385 or the python expression::
1387 templates[name].macros[macro_name]
1390 The utils variable
1391 ~~~~~~~~~~~~~~~~~~
1393 Note: this is implemented by the roundup.cgi.templating.TemplatingUtils class,
1394 but it may be extended as described below.
1396 =============== =============================================================
1397 Method Description
1398 =============== =============================================================
1399 Batch return a batch object using the supplied list
1400 =============== =============================================================
1402 You may add additional utility methods by writing them in your tracker
1403 ``interfaces.py`` module's ``TemplatingUtils`` class. See `adding a time log
1404 to your issues`_ for an example. The TemplatingUtils class itself will have a
1405 single attribute, ``client``, which may be used to access the ``client.db``
1406 when you need to perform arbitrary database queries.
1408 Batching
1409 ::::::::
1411 Use Batch to turn a list of items, or item ids of a given class, into a series
1412 of batches. Its usage is::
1414 python:util.Batch(sequence, size, start, end=0, orphan=0, overlap=0)
1416 or, to get the current index batch::
1418 request/batch
1420 The parameters are:
1422 ========= ==================================================================
1423 Parameter Usage
1424 ========= ==================================================================
1425 sequence a list of HTMLItems
1426 size how big to make the sequence.
1427 start where to start (0-indexed) in the sequence.
1428 end where to end (0-indexed) in the sequence.
1429 orphan if the next batch would contain less items than this
1430 value, then it is combined with this batch
1431 overlap the number of items shared between adjacent batches
1432 ========= ==================================================================
1434 All of the parameters are assigned as attributes on the batch object. In
1435 addition, it has several more attributes:
1437 =============== ============================================================
1438 Attribute Description
1439 =============== ============================================================
1440 start indicates the start index of the batch. *Note: unlike the
1441 argument, is a 1-based index (I know, lame)*
1442 first indicates the start index of the batch *as a 0-based
1443 index*
1444 length the actual number of elements in the batch
1445 sequence_length the length of the original, unbatched, sequence.
1446 =============== ============================================================
1448 And several methods:
1450 =============== ============================================================
1451 Method Description
1452 =============== ============================================================
1453 previous returns a new Batch with the previous batch settings
1454 next returns a new Batch with the next batch settings
1455 propchanged detect if the named property changed on the current item
1456 when compared to the last item
1457 =============== ============================================================
1459 An example of batching::
1461 <table class="otherinfo">
1462 <tr><th colspan="4" class="header">Existing Keywords</th></tr>
1463 <tr tal:define="keywords db/keyword/list"
1464 tal:repeat="start python:range(0, len(keywords), 4)">
1465 <td tal:define="batch python:utils.Batch(keywords, 4, start)"
1466 tal:repeat="keyword batch" tal:content="keyword/name">keyword here</td>
1467 </tr>
1468 </table>
1470 ... which will produce a table with four columns containing the items of the
1471 "keyword" class (well, their "name" anyway).
1473 Displaying Properties
1474 ---------------------
1476 Properties appear in the user interface in three contexts: in indices, in
1477 editors, and as search arguments.
1478 For each type of property, there are several display possibilities.
1479 For example, in an index view, a string property may just be
1480 printed as a plain string, but in an editor view, that property may be
1481 displayed in an editable field.
1484 Index Views
1485 -----------
1487 This is one of the class context views. It is also the default view for
1488 classes. The template used is "*classname*.index".
1490 Index View Specifiers
1491 ~~~~~~~~~~~~~~~~~~~~~
1493 An index view specifier (URL fragment) looks like this (whitespace has been
1494 added for clarity)::
1496 /issue?status=unread,in-progress,resolved&
1497 topic=security,ui&
1498 :group=+priority&
1499 :sort==activity&
1500 :filters=status,topic&
1501 :columns=title,status,fixer
1503 The index view is determined by two parts of the specifier: the layout part and
1504 the filter part. The layout part consists of the query parameters that begin
1505 with colons, and it determines the way that the properties of selected items
1506 are displayed. The filter part consists of all the other query parameters, and
1507 it determines the criteria by which items are selected for display.
1508 The filter part is interactively manipulated with the form widgets displayed in
1509 the filter section. The layout part is interactively manipulated by clicking on
1510 the column headings in the table.
1512 The filter part selects the union of the sets of items with values matching any
1513 specified Link properties and the intersection of the sets of items with values
1514 matching any specified Multilink properties.
1516 The example specifies an index of "issue" items. Only items with a "status" of
1517 either "unread" or "in-progres" or "resolved" are displayed, and only items
1518 with "topic" values including both "security" and "ui" are displayed. The items
1519 are grouped by priority, arranged in ascending order; and within groups, sorted
1520 by activity, arranged in descending order. The filter section shows filters for
1521 the "status" and "topic" properties, and the table includes columns for the
1522 "title", "status", and "fixer" properties.
1524 Searching Views
1525 ---------------
1527 Note: if you add a new column to the ``:columns`` form variable potentials
1528 then you will need to add the column to the appropriate `index views`_
1529 template so it is actually displayed.
1531 This is one of the class context views. The template used is typically
1532 "*classname*.search". The form on this page should have "search" as its
1533 ``:action`` variable. The "search" action:
1535 - sets up additional filtering, as well as performing indexed text searching
1536 - sets the ``:filter`` variable correctly
1537 - saves the query off if ``:query_name`` is set.
1539 The searching page should lay out any fields that you wish to allow the user
1540 to search one. If your schema contains a large number of properties, you
1541 should be wary of making all of those properties available for searching, as
1542 this can cause confusion. If the additional properties are Strings, consider
1543 having their value indexed, and then they will be searchable using the full
1544 text indexed search. This is both faster, and more useful for the end user.
1546 The two special form values on search pages which are handled by the "search"
1547 action are:
1549 :search_text
1550 Text to perform a search of the text index with. Results from that search
1551 will be used to limit the results of other filters (using an intersection
1552 operation)
1553 :query_name
1554 If supplied, the search parameters (including :search_text) will be saved
1555 off as a the query item and registered against the user's queries property.
1556 Note that the *classic* template schema has this ability, but the *minimal*
1557 template schema does not.
1560 Item Views
1561 ----------
1563 The basic view of a hyperdb item is provided by the "*classname*.item"
1564 template. It generally has three sections; an "editor", a "spool" and a
1565 "history" section.
1569 Editor Section
1570 ~~~~~~~~~~~~~~
1572 The editor section is used to manipulate the item - it may be a
1573 static display if the user doesn't have permission to edit the item.
1575 Here's an example of a basic editor template (this is the default "classic"
1576 template issue item edit form - from the "issue.item" template)::
1578 <table class="form">
1579 <tr>
1580 <th nowrap>Title</th>
1581 <td colspan=3 tal:content="structure python:context.title.field(size=60)">title</td>
1582 </tr>
1584 <tr>
1585 <th nowrap>Priority</th>
1586 <td tal:content="structure context/priority/menu">priority</td>
1587 <th nowrap>Status</th>
1588 <td tal:content="structure context/status/menu">status</td>
1589 </tr>
1591 <tr>
1592 <th nowrap>Superseder</th>
1593 <td>
1594 <span tal:replace="structure python:context.superseder.field(showid=1, size=20)" />
1595 <span tal:replace="structure python:db.issue.classhelp('id,title')" />
1596 <span tal:condition="context/superseder">
1597 <br>View: <span tal:replace="structure python:context.superseder.link(showid=1)" />
1598 </span>
1599 </td>
1600 <th nowrap>Nosy List</th>
1601 <td>
1602 <span tal:replace="structure context/nosy/field" />
1603 <span tal:replace="structure python:db.user.classhelp('username,realname,address,phone')" />
1604 </td>
1605 </tr>
1607 <tr>
1608 <th nowrap>Assigned To</th>
1609 <td tal:content="structure context/assignedto/menu">
1610 assignedto menu
1611 </td>
1612 <td> </td>
1613 <td> </td>
1614 </tr>
1616 <tr>
1617 <th nowrap>Change Note</th>
1618 <td colspan=3>
1619 <textarea name=":note" wrap="hard" rows="5" cols="60"></textarea>
1620 </td>
1621 </tr>
1623 <tr>
1624 <th nowrap>File</th>
1625 <td colspan=3><input type="file" name=":file" size="40"></td>
1626 </tr>
1628 <tr>
1629 <td> </td>
1630 <td colspan=3 tal:content="structure context/submit">
1631 submit button will go here
1632 </td>
1633 </tr>
1634 </table>
1637 When a change is submitted, the system automatically generates a message
1638 describing the changed properties. As shown in the example, the editor
1639 template can use the ":note" and ":file" fields, which are added to the
1640 standard change note message generated by Roundup.
1642 Spool Section
1643 ~~~~~~~~~~~~~
1645 The spool section lists related information like the messages and files of
1646 an issue.
1648 TODO
1651 History Section
1652 ~~~~~~~~~~~~~~~
1654 The final section displayed is the history of the item - its database journal.
1655 This is generally generated with the template::
1657 <tal:block tal:replace="structure context/history" />
1659 *To be done:*
1661 *The actual history entries of the item may be accessed for manual templating
1662 through the "journal" method of the item*::
1664 <tal:block tal:repeat="entry context/journal">
1665 a journal entry
1666 </tal:block>
1668 *where each journal entry is an HTMLJournalEntry.*
1670 Defining new web actions
1671 ------------------------
1673 You may define new actions to be triggered by the ``:action`` form variable.
1674 These are added to the tracker ``interfaces.py`` as methods on the ``Client``
1675 class.
1677 Adding action methods takes three steps; first you `define the new action
1678 method`_, then you `register the action method`_ with the cgi interface so
1679 it may be triggered by the ``:action`` form variable. Finally you actually
1680 `use the new action`_ in your HTML form.
1682 See "`setting up a "wizard" (or "druid") for controlled adding of issues`_"
1683 for an example.
1685 Define the new action method
1686 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1688 The action methods have the following interface::
1690 def myActionMethod(self):
1691 ''' Perform some action. No return value is required.
1692 '''
1694 The *self* argument is an instance of your tracker ``instance.Client`` class -
1695 thus it's mostly implemented by ``roundup.cgi.Client``. See the docstring of
1696 that class for details of what it can do.
1698 The method will typically check the ``self.form`` variable's contents. It
1699 may then:
1701 - add information to ``self.ok_message`` or ``self.error_message``
1702 - change the ``self.template`` variable to alter what the user will see next
1703 - raise Unauthorised, SendStaticFile, SendFile, NotFound or Redirect
1704 exceptions
1707 Register the action method
1708 ~~~~~~~~~~~~~~~~~~~~~~~~~~
1710 The method is now written, but isn't available to the user until you add it to
1711 the `instance.Client`` class ``actions`` variable, like so::
1713 actions = client.Class.actions + (
1714 ('myaction', 'myActionMethod'),
1715 )
1717 This maps the action name "myaction" to the action method we defined.
1720 Use the new action
1721 ~~~~~~~~~~~~~~~~~~
1723 In your HTML form, add a hidden form element like so::
1725 <input type="hidden" name=":action" value="myaction">
1727 where "myaction" is the name you registered in the previous step.
1730 Examples
1731 ========
1733 .. contents::
1734 :local:
1735 :depth: 1
1737 Adding a new field to the classic schema
1738 ----------------------------------------
1740 This example shows how to add a new constrained property (ie. a selection of
1741 distinct values) to your tracker.
1743 Introduction
1744 ~~~~~~~~~~~~
1746 To make the classic schema of roundup useful as a todo tracking system
1747 for a group of systems administrators, it needed an extra data field
1748 per issue: a category.
1750 This would let sysads quickly list all todos in their particular
1751 area of interest without having to do complex queries, and without
1752 relying on the spelling capabilities of other sysads (a losing
1753 proposition at best).
1755 Adding a field to the database
1756 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1758 This is the easiest part of the change. The category would just be a plain
1759 string, nothing fancy. To change what is in the database you need to add
1760 some lines to the ``open()`` function in ``dbinit.py`` under the comment::
1762 # add any additional database schema configuration here
1764 add::
1766 category = Class(db, "category", name=String())
1767 category.setkey("name")
1769 Here we are setting up a chunk of the database which we are calling
1770 "category". It contains a string, which we are refering to as "name" for
1771 lack of a more imaginative title. Then we are setting the key of this chunk
1772 of the database to be that "name". This is equivalent to an index for
1773 database types. This also means that there can only be one category with a
1774 given name.
1776 Adding the above lines allows us to create categories, but they're not tied
1777 to the issues that we are going to be creating. It's just a list of categories
1778 off on its own, which isn't much use. We need to link it in with the issues.
1779 To do that, find the lines in the ``open()`` function in ``dbinit.py`` which
1780 set up the "issue" class, and then add a link to the category::
1782 issue = IssueClass(db, "issue", ... , category=Multilink("category"), ... )
1784 The Multilink() means that each issue can have many categories. If you were
1785 adding something with a more one to one relationship use Link() instead.
1787 That is all you need to do to change the schema. The rest of the effort is
1788 fiddling around so you can actually use the new category.
1790 Populating the new category class
1791 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1793 If you haven't initialised the database with the roundup-admin "initialise"
1794 command, then you can add the following to the tracker ``dbinit.py`` in the
1795 ``init()`` function under the comment::
1797 # add any additional database create steps here - but only if you
1798 # haven't initialised the database with the admin "initialise" command
1800 add::
1802 category = db.getclass('category')
1803 category.create(name="scipy", order="1")
1804 category.create(name="chaco", order="2")
1805 category.create(name="weave", order="3")
1807 If the database is initalised, the you need to use the roundup-admin tool::
1809 % roundup-admin -i <tracker home>
1810 Roundup <version> ready for input.
1811 Type "help" for help.
1812 roundup> create category name=scipy order=1
1813 1
1814 roundup> create category name=chaco order=1
1815 2
1816 roundup> create category name=weave order=1
1817 3
1818 roundup> exit...
1819 There are unsaved changes. Commit them (y/N)? y
1822 Setting up security on the new objects
1823 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1825 By default only the admin user can look at and change objects. This doesn't
1826 suit us, as we want any user to be able to create new categories as
1827 required, and obviously everyone needs to be able to view the categories of
1828 issues for it to be useful.
1830 We therefore need to change the security of the category objects. This is
1831 also done in the ``open()`` function of ``dbinit.py``.
1833 There are currently two loops which set up permissions and then assign them
1834 to various roles. Simply add the new "category" to both lists::
1836 # new permissions for this schema
1837 for cl in 'issue', 'file', 'msg', 'user', 'category':
1838 db.security.addPermission(name="Edit", klass=cl,
1839 description="User is allowed to edit "+cl)
1840 db.security.addPermission(name="View", klass=cl,
1841 description="User is allowed to access "+cl)
1843 # Assign the access and edit permissions for issue, file and message
1844 # to regular users now
1845 for cl in 'issue', 'file', 'msg', 'category':
1846 p = db.security.getPermission('View', cl)
1847 db.security.addPermissionToRole('User', p)
1848 p = db.security.getPermission('Edit', cl)
1849 db.security.addPermissionToRole('User', p)
1851 So you are in effect doing the following::
1853 db.security.addPermission(name="Edit", klass='category',
1854 description="User is allowed to edit "+'category')
1855 db.security.addPermission(name="View", klass='category',
1856 description="User is allowed to access "+'category')
1858 which is creating two permission types; that of editing and viewing
1859 "category" objects respectively. Then the following lines assign those new
1860 permissions to the "User" role, so that normal users can view and edit
1861 "category" objects::
1863 p = db.security.getPermission('View', 'category')
1864 db.security.addPermissionToRole('User', p)
1866 p = db.security.getPermission('Edit', 'category')
1867 db.security.addPermissionToRole('User', p)
1869 This is all the work that needs to be done for the database. It will store
1870 categories, and let users view and edit them. Now on to the interface
1871 stuff.
1873 Changing the web left hand frame
1874 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1876 We need to give the users the ability to create new categories, and the
1877 place to put the link to this functionality is in the left hand function
1878 bar, under the "Issues" area. The file that defines how this area looks is
1879 ``html/page``, which is what we are going to be editing next.
1881 If you look at this file you can see that it contains a lot of "classblock"
1882 sections which are chunks of HTML that will be included or excluded in the
1883 output depending on whether the condition in the classblock is met. Under
1884 the end of the classblock for issue is where we are going to add the
1885 category code::
1887 <p class="classblock"
1888 tal:condition="python:request.user.hasPermission('View', 'category')">
1889 <b>Categories</b><br>
1890 <a tal:condition="python:request.user.hasPermission('Edit', 'category')"
1891 href="category?:template=item">New Category<br></a>
1892 </p>
1894 The first two lines is the classblock definition, which sets up a condition
1895 that only users who have "View" permission to the "category" object will
1896 have this section included in their output. Next comes a plain "Categories"
1897 header in bold. Everyone who can view categories will get that.
1899 Next comes the link to the editing area of categories. This link will only
1900 appear if the condition is matched: that condition being that the user has
1901 "Edit" permissions for the "category" objects. If they do have permission
1902 then they will get a link to another page which will let the user add new
1903 categories.
1905 Note that if you have permission to view but not edit categories then all
1906 you will see is a "Categories" header with nothing underneath it. This is
1907 obviously not very good interface design, but will do for now. I just claim
1908 that it is so I can add more links in this section later on. However to fix
1909 the problem you could change the condition in the classblock statement, so
1910 that only users with "Edit" permission would see the "Categories" stuff.
1912 Setting up a page to edit categories
1913 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1915 We defined code in the previous section which let users with the
1916 appropriate permissions see a link to a page which would let them edit
1917 conditions. Now we have to write that page.
1919 The link was for the item template for the category object. This translates
1920 into the system looking for a file called ``category.item`` in the ``html``
1921 tracker directory. This is the file that we are going to write now.
1923 First we add an info tag in a comment which doesn't affect the outcome
1924 of the code at all but is useful for debugging. If you load a page in a
1925 browser and look at the page source, you can see which sections come
1926 from which files by looking for these comments::
1928 <!-- category.item -->
1930 Next we need to add in the METAL macro stuff so we get the normal page
1931 trappings::
1933 <tal:block metal:use-macro="templates/page/macros/icing">
1934 <title metal:fill-slot="head_title">Category editing</title>
1935 <td class="page-header-top" metal:fill-slot="body_title">
1936 <h2>Category editing</h2>
1937 </td>
1938 <td class="content" metal:fill-slot="content">
1940 Next we need to setup up a standard HTML form, which is the whole
1941 purpose of this file. We link to some handy javascript which sends the form
1942 through only once. This is to stop users hitting the send button
1943 multiple times when they are impatient and thus having the form sent
1944 multiple times::
1946 <form method="POST" onSubmit="return submit_once()"
1947 enctype="multipart/form-data">
1949 Next we define some code which sets up the minimum list of fields that we
1950 require the user to enter. There will be only one field, that of "name", so
1951 they user better put something in it otherwise the whole form is pointless::
1953 <input type="hidden" name=":required" value="name">
1955 To get everything to line up properly we will put everything in a table,
1956 and put a nice big header on it so the user has an idea what is happening::
1958 <table class="form">
1959 <tr><th class="header" colspan=2>Category</th></tr>
1961 Next we need the actual field that the user is going to enter the new
1962 category. The "context.name.field(size=60)" bit tells roundup to generate a
1963 normal HTML field of size 60, and the contents of that field will be the
1964 "name" variable of the current context (which is "category"). The upshot of
1965 this is that when the user types something in to the form, a new category
1966 will be created with that name::
1968 <tr>
1969 <th nowrap>Name</th>
1970 <td tal:content="structure python:context.name.field(size=60)">name</td>
1971 </tr>
1973 Then a submit button so that the user can submit the new category::
1975 <tr>
1976 <td> </td>
1977 <td colspan=3 tal:content="structure context/submit">
1978 submit button will go here
1979 </td>
1980 </tr>
1982 Finally we finish off the tags we used at the start to do the METAL stuff::
1984 </td>
1985 </tal:block>
1987 So putting it all together, and closing the table and form we get::
1989 <!-- category.item -->
1990 <tal:block metal:use-macro="templates/page/macros/icing">
1991 <title metal:fill-slot="head_title">Category editing</title>
1992 <td class="page-header-top" metal:fill-slot="body_title">
1993 <h2>Category editing</h2>
1994 </td>
1995 <td class="content" metal:fill-slot="content">
1996 <form method="POST" onSubmit="return submit_once()"
1997 enctype="multipart/form-data">
1999 <input type="hidden" name=":required" value="name">
2001 <table class="form">
2002 <tr><th class="header" colspan=2>Category</th></tr>
2004 <tr>
2005 <th nowrap>Name</th>
2006 <td tal:content="structure python:context.name.field(size=60)">name</td>
2007 </tr>
2009 <tr>
2010 <td> </td>
2011 <td colspan=3 tal:content="structure context/submit">
2012 submit button will go here
2013 </td>
2014 </tr>
2015 </table>
2016 </form>
2017 </td>
2018 </tal:block>
2020 This is quite a lot to just ask the user one simple question, but
2021 there is a lot of setup for basically one line (the form line) to do
2022 its work. To add another field to "category" would involve one more line
2023 (well maybe a few extra to get the formatting correct).
2025 Adding the category to the issue
2026 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2028 We now have the ability to create issues to our hearts content, but
2029 that is pointless unless we can assign categories to issues. Just like
2030 the ``html/category.item`` file was used to define how to add a new
2031 category, the ``html/issue.item`` is used to define how a new issue is
2032 created.
2034 Just like ``category.issue`` this file defines a form which has a table to lay
2035 things out. It doesn't matter where in the table we add new stuff,
2036 it is entirely up to your sense of aesthetics::
2038 <th nowrap>Category</th>
2039 <td><span tal:replace="structure context/category/field" />
2040 <span tal:replace="structure db/category/classhelp" />
2041 </td>
2043 First we define a nice header so that the user knows what the next section
2044 is, then the middle line does what we are most interested in. This
2045 ``context/category/field`` gets replaced with a field which contains the
2046 category in the current context (the current context being the new issue).
2048 The classhelp lines generate a link (labelled "list") to a popup window
2049 which contains the list of currently known categories.
2051 Searching on categories
2052 ~~~~~~~~~~~~~~~~~~~~~~~
2054 We can add categories, and create issues with categories. The next obvious
2055 thing that we would like to be would be to search issues based on their
2056 category, so that any one working on the web server could look at all
2057 issues in the category "Web" for example.
2059 If you look in the html/page file and look for the "Search Issues" you will
2060 see that it looks something like ``<a href="issue?:template=search">Search
2061 Issues</a>`` which shows us that when you click on "Search Issues" it will
2062 be looking for a ``issue.search`` file to display. So that is indeed the file
2063 that we are going to change.
2065 If you look at this file it should be starting to seem familiar. It is a
2066 simple HTML form using a table to define structure. You can add the new
2067 category search code anywhere you like within that form::
2069 <tr>
2070 <th>Category:</th>
2071 <td>
2072 <select name="category">
2073 <option value="">don't care</option>
2074 <option value="">------------</option>
2075 <option tal:repeat="s db/category/list" tal:attributes="value s/name"
2076 tal:content="s/name">category to filter on</option>
2077 </select>
2078 </td>
2079 <td><input type="checkbox" name=":columns" value="category" checked></td>
2080 <td><input type="radio" name=":sort" value="category"></td>
2081 <td><input type="radio" name=":group" value="category"></td>
2082 </tr>
2084 Most of this is straightforward to anyone who knows HTML. It is just
2085 setting up a select list followed by a checkbox and a couple of radio
2086 buttons.
2088 The ``tal:repeat`` part repeats the tag for every item in the "category"
2089 table and setting "s" to be each category in turn.
2091 The ``tal:attributes`` part is setting up the ``value=`` part of the option tag
2092 to be the name part of "s" which is the current category in the loop.
2094 The ``tal:content`` part is setting the contents of the option tag to be the
2095 name part of "s" again. For objects more complex than category, obviously
2096 you would put an id in the value, and the descriptive part in the content;
2097 but for category they are the same.
2099 Adding category to the default view
2100 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2102 We can now add categories, add issues with categories, and search issues
2103 based on categories. This is everything that we need to do, however there
2104 is some more icing that we would like. I think the category of an issue is
2105 important enough that it should be displayed by default when listing all
2106 the issues.
2108 Unfortunately, this is a bit less obvious than the previous steps. The code
2109 defining how the issues look is in ``html/issue.index``. This is a large table
2110 with a form down the bottom for redisplaying and so forth.
2112 Firstly we need to add an appropriate header to the start of the table::
2114 <th tal:condition="request/show/category">Category</th>
2116 The condition part of this statement is so that if the user has selected
2117 not to see the Category column then they won't.
2119 The rest of the table is a loop which will go through every issue that
2120 matches the display criteria. The loop variable is "i" - which means that
2121 every issue gets assigned to "i" in turn.
2123 The new part of code to display the category will look like this::
2125 <td tal:condition="request/show/category" tal:content="i/category"></td>
2127 The condition is the same as above: only display the condition when the
2128 user hasn't asked for it to be hidden. The next part is to set the content
2129 of the cell to be the category part of "i" - the current issue.
2131 Finally we have to edit ``html/page`` again. This time to tell it that when the
2132 user clicks on "Unnasigned Issues" or "All Issues" that the category should
2133 be displayed. If you scroll down the page file, you can see the links with
2134 lots of options. The option that we are interested in is the ``:columns=`` one
2135 which tells roundup which fields of the issue to display. Simply add
2136 "category" to that list and it all should work.
2139 Adding in state transition control
2140 ----------------------------------
2142 Sometimes tracker admins want to control the states that users may move issues
2143 to.
2145 1. add a Multilink property to the status class::
2147 stat = Class(db, "status", ... , transitions=Multilink('status'), ...)
2149 and then edit the statuses already created either:
2151 a. through the web using the class list -> status class editor, or
2152 b. using the roundup-admin "set" command.
2154 2. add an auditor module ``checktransition.py`` in your tracker's
2155 ``detectors`` directory::
2157 def checktransition(db, cl, nodeid, newvalues):
2158 ''' Check that the desired transition is valid for the "status"
2159 property.
2160 '''
2161 if not newvalues.has_key('status'):
2162 return
2163 current = cl.get(nodeid, 'status')
2164 new = newvalues['status']
2165 if new == current:
2166 return
2167 ok = db.status.get(current, 'transitions')
2168 if new not in ok:
2169 raise ValueError, 'Status not allowed to move from "%s" to "%s"'%(
2170 db.status.get(current, 'name'), db.status.get(new, 'name'))
2172 def init(db):
2173 db.issue.audit('set', checktransition)
2175 3. in the ``issue.item`` template, change the status editing bit from::
2177 <th nowrap>Status</th>
2178 <td tal:content="structure context/status/menu">status</td>
2180 to::
2182 <th nowrap>Status</th>
2183 <td>
2184 <select tal:condition="context/id" name="status">
2185 <tal:block tal:define="ok context/status/transitions"
2186 tal:repeat="state db/status/list">
2187 <option tal:condition="python:state.id in ok"
2188 tal:attributes="value state/id;
2189 selected python:state.id == context.status.id"
2190 tal:content="state/name"></option>
2191 </tal:block>
2192 </select>
2193 <tal:block tal:condition="not:context/id"
2194 tal:replace="structure context/status/menu" />
2195 </td>
2197 which displays only the allowed status to transition to.
2200 Displaying only message summaries in the issue display
2201 ------------------------------------------------------
2203 Alter the issue.item template section for messages to::
2205 <table class="messages" tal:condition="context/messages">
2206 <tr><th colspan=5 class="header">Messages</th></tr>
2207 <tr tal:repeat="msg context/messages">
2208 <td><a tal:attributes="href string:msg${msg/id}"
2209 tal:content="string:msg${msg/id}"></a></td>
2210 <td tal:content="msg/author">author</td>
2211 <td nowrap tal:content="msg/date/pretty">date</td>
2212 <td tal:content="msg/summary">summary</td>
2213 <td>
2214 <a tal:attributes="href string:?:remove:messages=${msg/id}&:action=edit">remove</a>
2215 </td>
2216 </tr>
2217 </table>
2219 Restricting the list of users that are assignable to a task
2220 -----------------------------------------------------------
2222 1. In your tracker's "dbinit.py", create a new Role, say "Developer"::
2224 db.security.addRole(name='Developer', description='A developer')
2226 2. Just after that, create a new Permission, say "Fixer", specific to "issue"::
2228 p = db.security.addPermission(name='Fixer', klass='issue',
2229 description='User is allowed to be assigned to fix issues')
2231 3. Then assign the new Permission to your "Developer" Role::
2233 db.security.addPermissionToRole('Developer', p)
2235 4. In the issue item edit page ("html/issue.item" in your tracker dir), use
2236 the new Permission in restricting the "assignedto" list::
2238 <select name="assignedto">
2239 <option value="-1">- no selection -</option>
2240 <tal:block tal:repeat="user db/user/list">
2241 <option tal:condition="python:user.hasPermission('Fixer', context.classname)"
2242 tal:attributes="value user/id;
2243 selected python:user.id == context.assignedto"
2244 tal:content="user/realname"></option>
2245 </tal:block>
2246 </select>
2248 For extra security, you may wish to set up an auditor to enforce the
2249 Permission requirement (install this as "assignedtoFixer.py" in your tracker
2250 "detectors" directory)::
2252 def assignedtoMustBeFixer(db, cl, nodeid, newvalues):
2253 ''' Ensure the assignedto value in newvalues is a used with the Fixer
2254 Permission
2255 '''
2256 if not newvalues.has_key('assignedto'):
2257 # don't care
2258 return
2260 # get the userid
2261 userid = newvalues['assignedto']
2262 if not db.security.hasPermission('Fixer', userid, cl.classname):
2263 raise ValueError, 'You do not have permission to edit %s'%cl.classname
2265 def init(db):
2266 db.issue.audit('set', assignedtoMustBeFixer)
2267 db.issue.audit('create', assignedtoMustBeFixer)
2269 So now, if the edit attempts to set the assignedto to a user that doesn't have
2270 the "Fixer" Permission, the error will be raised.
2273 Setting up a "wizard" (or "druid") for controlled adding of issues
2274 ------------------------------------------------------------------
2276 1. Set up the page templates you wish to use for data input. My wizard
2277 is going to be a two-step process, first figuring out what category of
2278 issue the user is submitting, and then getting details specific to that
2279 category. The first page includes a table of help, explaining what the
2280 category names mean, and then the core of the form::
2282 <form method="POST" onSubmit="return submit_once()"
2283 enctype="multipart/form-data">
2284 <input type="hidden" name=":template" value="add_page1">
2285 <input type="hidden" name=":action" value="page1submit">
2287 <strong>Category:</strong>
2288 <tal:block tal:replace="structure context/category/menu" />
2289 <input type="submit" value="Continue">
2290 </form>
2292 The next page has the usual issue entry information, with the addition of
2293 the following form fragments::
2295 <form method="POST" onSubmit="return submit_once()"
2296 enctype="multipart/form-data" tal:condition="context/is_edit_ok"
2297 tal:define="cat request/form/category/value">
2299 <input type="hidden" name=":template" value="add_page2">
2300 <input type="hidden" name=":required" value="title">
2301 <input type="hidden" name="category" tal:attributes="value cat">
2303 .
2304 .
2305 .
2306 </form>
2308 Note that later in the form, I test the value of "cat" include form
2309 elements that are appropriate. For example::
2311 <tal:block tal:condition="python:cat in '6 10 13 14 15 16 17'.split()">
2312 <tr>
2313 <th nowrap>Operating System</th>
2314 <td tal:content="structure context/os/field"></td>
2315 </tr>
2316 <tr>
2317 <th nowrap>Web Browser</th>
2318 <td tal:content="structure context/browser/field"></td>
2319 </tr>
2320 </tal:block>
2322 ... the above section will only be displayed if the category is one of 6,
2323 10, 13, 14, 15, 16 or 17.
2325 3. Determine what actions need to be taken between the pages - these are
2326 usually to validate user choices and determine what page is next. Now
2327 encode those actions in methods on the interfaces Client class and insert
2328 hooks to those actions in the "actions" attribute on that class, like so::
2330 actions = client.Client.actions + (
2331 ('page1_submit', 'page1SubmitAction'),
2332 )
2334 def page1SubmitAction(self):
2335 ''' Verify that the user has selected a category, and then move on
2336 to page 2.
2337 '''
2338 category = self.form['category'].value
2339 if category == '-1':
2340 self.error_message.append('You must select a category of report')
2341 return
2342 # everything's ok, move on to the next page
2343 self.template = 'add_page2'
2345 4. Use the usual "new" action as the :action on the final page, and you're
2346 done (the standard context/submit method can do this for you).
2349 Using an external password validation source
2350 --------------------------------------------
2352 We have a centrally-managed password changing system for our users. This
2353 results in a UN*X passwd-style file that we use for verification of users.
2354 Entries in the file consist of ``name:password`` where the password is
2355 encrypted using the standard UN*X ``crypt()`` function (see the ``crypt``
2356 module in your Python distribution). An example entry would be::
2358 admin:aamrgyQfDFSHw
2360 Each user of Roundup must still have their information stored in the Roundup
2361 database - we just use the passwd file to check their password. To do this, we
2362 add the following code to our ``Client`` class in the tracker home
2363 ``interfaces.py`` module::
2365 def verifyPassword(self, userid, password):
2366 # get the user's username
2367 username = self.db.user.get(userid, 'username')
2369 # the passwords are stored in the "passwd.txt" file in the tracker
2370 # home
2371 file = os.path.join(self.db.config.TRACKER_HOME, 'passwd.txt')
2373 # see if we can find a match
2374 for ent in [line.strip().split(':') for line in open(file).readlines()]:
2375 if ent[0] == username:
2376 return crypt.crypt(password, ent[1][:2]) == ent[1]
2378 # user doesn't exist in the file
2379 return 0
2381 What this does is look through the file, line by line, looking for a name that
2382 matches.
2384 We also remove the redundant password fields from the ``user.item`` template.
2387 Adding a "vacation" flag to users for stopping nosy messages
2388 ------------------------------------------------------------
2390 When users go on vacation and set up vacation email bouncing, you'll start to
2391 see a lot of messages come back through Roundup "Fred is on vacation". Not
2392 very useful, and relatively easy to stop.
2394 1. add a "vacation" flag to your users::
2396 user = Class(db, "user",
2397 username=String(), password=Password(),
2398 address=String(), realname=String(),
2399 phone=String(), organisation=String(),
2400 alternate_addresses=String(),
2401 roles=String(), queries=Multilink("query"),
2402 vacation=Boolean())
2404 2. edit your detector ``nosyreactor.py`` so that the ``nosyreaction()``
2405 consists of::
2407 def nosyreaction(db, cl, nodeid, oldvalues):
2408 # send a copy of all new messages to the nosy list
2409 for msgid in determineNewMessages(cl, nodeid, oldvalues):
2410 try:
2411 users = db.user
2412 messages = db.msg
2414 # figure the recipient ids
2415 sendto = []
2416 r = {}
2417 recipients = messages.get(msgid, 'recipients')
2418 for recipid in messages.get(msgid, 'recipients'):
2419 r[recipid] = 1
2421 # figure the author's id, and indicate they've received the
2422 # message
2423 authid = messages.get(msgid, 'author')
2425 # possibly send the message to the author, as long as they aren't
2426 # anonymous
2427 if (db.config.MESSAGES_TO_AUTHOR == 'yes' and
2428 users.get(authid, 'username') != 'anonymous'):
2429 sendto.append(authid)
2430 r[authid] = 1
2432 # now figure the nosy people who weren't recipients
2433 nosy = cl.get(nodeid, 'nosy')
2434 for nosyid in nosy:
2435 # Don't send nosy mail to the anonymous user (that user
2436 # shouldn't appear in the nosy list, but just in case they
2437 # do...)
2438 if users.get(nosyid, 'username') == 'anonymous':
2439 continue
2440 # make sure they haven't seen the message already
2441 if not r.has_key(nosyid):
2442 # send it to them
2443 sendto.append(nosyid)
2444 recipients.append(nosyid)
2446 # generate a change note
2447 if oldvalues:
2448 note = cl.generateChangeNote(nodeid, oldvalues)
2449 else:
2450 note = cl.generateCreateNote(nodeid)
2452 # we have new recipients
2453 if sendto:
2454 # filter out the people on vacation
2455 sendto = [i for i in sendto if not users.get(i, 'vacation', 0)]
2457 # map userids to addresses
2458 sendto = [users.get(i, 'address') for i in sendto]
2460 # update the message's recipients list
2461 messages.set(msgid, recipients=recipients)
2463 # send the message
2464 cl.send_message(nodeid, msgid, note, sendto)
2465 except roundupdb.MessageSendError, message:
2466 raise roundupdb.DetectorError, message
2468 Note that this is the standard nosy reaction code, with the small addition
2469 of::
2471 # filter out the people on vacation
2472 sendto = [i for i in sendto if not users.get(i, 'vacation', 0)]
2474 which filters out the users that have the vacation flag set to true.
2477 Adding a time log to your issues
2478 --------------------------------
2480 We want to log the dates and amount of time spent working on issues, and be
2481 able to give a summary of the total time spent on a particular issue.
2483 1. Add a new class to your tracker ``dbinit.py``::
2485 # storage for time logging
2486 timelog = Class(db, "timelog", period=Interval())
2488 Note that we automatically get the date of the time log entry creation
2489 through the standard property "creation".
2491 2. Link to the new class from your issue class (again, in ``dbinit.py``)::
2493 issue = IssueClass(db, "issue",
2494 assignedto=Link("user"), topic=Multilink("keyword"),
2495 priority=Link("priority"), status=Link("status"),
2496 times=Multilink("timelog"))
2498 the "times" property is the new link to the "timelog" class.
2500 3. We'll need to let people add in times to the issue, so in the web interface
2501 we'll have a new entry field, just below the change note box::
2503 <tr>
2504 <th nowrap>Time Log</th>
2505 <td colspan=3><input name=":timelog">
2506 (enter as "3y 1m 4d 2:40:02" or parts thereof)
2507 </td>
2508 </tr>
2510 Note that we've made up a new form variable, but since we place a colon ":"
2511 in front of it, it won't clash with any existing property variables. The
2512 names you *can't* use are ``:note``, ``:file``, ``:action``, ``:required``
2513 and ``:template``. These variables are described in the section
2514 `performing actions in web requests`_.
2516 4. We also need to handle this new field in the CGI interface - the way to
2517 do this is through implementing a new form action (see `Setting up a
2518 "wizard" (or "druid") for controlled adding of issues`_ for another example
2519 where we implemented a new CGI form action).
2521 In this case, we'll want our action to:
2523 1. create a new "timelog" entry,
2524 2. fake that the issue's "times" property has been edited, and then
2525 3. call the normal CGI edit action handler.
2527 The code to do this is::
2529 actions = client.Client.actions + (
2530 ('edit_with_timelog', 'timelogEditAction'),
2531 )
2533 def timelogEditAction(self):
2534 ''' Handle the creation of a new time log entry if necessary.
2536 If we create a new entry, fake up a CGI form value for the altered
2537 "times" property of the issue being edited.
2539 Punt to the regular edit action when we're done.
2540 '''
2541 # if there's a timelog value specified, create an entry
2542 if self.form.has_key(':timelog') and \
2543 self.form[':timelog'].value.strip():
2544 period = Interval(self.form[':timelog'].value)
2545 # create it
2546 newid = self.db.timelog.create(period=period)
2548 # if we're editing an existing item, get the old timelog value
2549 if self.nodeid:
2550 l = self.db.issue.get(self.nodeid, 'times')
2551 l.append(newid)
2552 else:
2553 l = [newid]
2555 # now make the fake CGI form values
2556 for entry in l:
2557 self.form.list.append(MiniFieldStorage('times', entry))
2559 # punt to the normal edit action
2560 return self.editItemAction()
2562 you add this code to your Client class in your tracker's ``interfaces.py``
2563 file.
2565 5. You'll also need to modify your ``issue.item`` form submit action so it
2566 calls the time logging action we just created::
2568 <tr>
2569 <td> </td>
2570 <td colspan=3>
2571 <tal:block tal:condition="context/id">
2572 <input type="hidden" name=":action" value="edit_with_timelog">
2573 <input type="submit" name="submit" value="Submit Changes">
2574 </tal:block>
2575 <tal:block tal:condition="not:context/id">
2576 <input type="hidden" name=":action" value="new">
2577 <input type="submit" name="submit" value="Submit New Issue">
2578 </tal:block>
2579 </td>
2580 </tr>
2582 Note that the "context/submit" command usually handles all that for you -
2583 isn't it handy? The important change is setting the action to
2584 "edit_with_timelog" for edit operations (where the item exists)
2586 6. We want to display a total of the time log times that have been accumulated
2587 for an issue. To do this, we'll need to actually write some Python code,
2588 since it's beyond the scope of PageTemplates to perform such calculations.
2589 We do this by adding a method to the TemplatingUtils class in our tracker
2590 ``interfaces.py`` module::
2593 class TemplatingUtils:
2594 ''' Methods implemented on this class will be available to HTML
2595 templates through the 'utils' variable.
2596 '''
2597 def totalTimeSpent(self, times):
2598 ''' Call me with a list of timelog items (which have an Interval
2599 "period" property)
2600 '''
2601 total = Interval('')
2602 for time in times:
2603 total += time.period._value
2604 return total
2606 As indicated in the docstrings, we will be able to access the
2607 ``totalTimeSpent`` method via the ``utils`` variable in our templates. See
2609 7. Display the time log for an issue::
2611 <table class="otherinfo" tal:condition="context/times">
2612 <tr><th colspan="3" class="header">Time Log
2613 <tal:block tal:replace="python:utils.totalTimeSpent(context.times)" />
2614 </th></tr>
2615 <tr><th>Date</th><th>Period</th><th>Logged By</th></tr>
2616 <tr tal:repeat="time context/times">
2617 <td tal:content="time/creation"></td>
2618 <td tal:content="time/period"></td>
2619 <td tal:content="time/creator"></td>
2620 </tr>
2621 </table>
2623 I put this just above the Messages log in my issue display. Note our use
2624 of the ``totalTimeSpent`` method which will total up the times for the
2625 issue and return a new Interval. That will be automatically displayed in
2626 the template as text like "+ 1y 2:40" (1 year, 2 hours and 40 minutes).
2628 8. If you're using a persistent web server - roundup-server or mod_python for
2629 example - then you'll need to restart that to pick up the code changes.
2630 When that's done, you'll be able to use the new time logging interface.
2632 Using a UN*X passwd file as the user database
2633 ---------------------------------------------
2635 On some systems the primary store of users is the UN*X passwd file. It holds
2636 information on users such as their username, real name, password and primary
2637 user group.
2639 Roundup can use this store as its primary source of user information, but it
2640 needs additional information too - email address(es), roundup Roles, vacation
2641 flags, roundup hyperdb item ids, etc. Also, "retired" users must still exist
2642 in the user database, unlike some passwd files in which the users are removed
2643 when they no longer have access to a system.
2645 To make use of the passwd file, we therefore synchronise between the two user
2646 stores. We also use the passwd file to validate the user logins, as described
2647 in the previous example, `using an external password validation source`_. We
2648 keep the users lists in sync using a fairly simple script that runs once a
2649 day, or several times an hour if more immediate access is needed. In short, it:
2651 1. parses the passwd file, finding usernames, passwords and real names,
2652 2. compares that list to the current roundup user list:
2654 a. entries no longer in the passwd file are *retired*
2655 b. entries with mismatching real names are *updated*
2656 c. entries only exist in the passwd file are *created*
2658 3. send an email to administrators to let them know what's been done.
2660 The retiring and updating are simple operations, requiring only a call to
2661 ``retire()`` or ``set()``. The creation operation requires more information
2662 though - the user's email address and their roundup Roles. We're going to
2663 assume that the user's email address is the same as their login name, so we
2664 just append the domain name to that. The Roles are determined using the
2665 passwd group identifier - mapping their UN*X group to an appropriate set of
2666 Roles.
2668 The script to perform all this, broken up into its main components, is as
2669 follows. Firstly, we import the necessary modules and open the tracker we're
2670 to work on::
2672 import sys, os, smtplib
2673 from roundup import instance, date
2675 # open the tracker
2676 tracker_home = sys.argv[1]
2677 tracker = instance.open(tracker_home)
2679 Next we read in the *passwd* file from the tracker home::
2681 # read in the users
2682 file = os.path.join(tracker_home, 'users.passwd')
2683 users = [x.strip().split(':') for x in open(file).readlines()]
2685 Handle special users (those to ignore in the file, and those who don't appear
2686 in the file)::
2688 # users to not keep ever, pre-load with the users I know aren't
2689 # "real" users
2690 ignore = ['ekmmon', 'bfast', 'csrmail']
2692 # users to keep - pre-load with the roundup-specific users
2693 keep = ['comment_pool', 'network_pool', 'admin', 'dev-team', 'cs_pool',
2694 'anonymous', 'system_pool', 'automated']
2696 Now we map the UN*X group numbers to the Roles that users should have::
2698 roles = {
2699 '501': 'User,Tech', # tech
2700 '502': 'User', # finance
2701 '503': 'User,CSR', # customer service reps
2702 '504': 'User', # sales
2703 '505': 'User', # marketing
2704 }
2706 Now we do all the work. Note that the body of the script (where we have the
2707 tracker database open) is wrapped in a ``try`` / ``finally`` clause, so that
2708 we always close the database cleanly when we're finished. So, we now do all
2709 the work::
2711 # open the database
2712 db = tracker.open('admin')
2713 try:
2714 # store away messages to send to the tracker admins
2715 msg = []
2717 # loop over the users list read in from the passwd file
2718 for user,passw,uid,gid,real,home,shell in users:
2719 if user in ignore:
2720 # this user shouldn't appear in our tracker
2721 continue
2722 keep.append(user)
2723 try:
2724 # see if the user exists in the tracker
2725 uid = db.user.lookup(user)
2727 # yes, they do - now check the real name for correctness
2728 if real != db.user.get(uid, 'realname'):
2729 db.user.set(uid, realname=real)
2730 msg.append('FIX %s - %s'%(user, real))
2731 except KeyError:
2732 # nope, the user doesn't exist
2733 db.user.create(username=user, realname=real,
2734 address='%s@ekit-inc.com'%user, roles=roles[gid])
2735 msg.append('ADD %s - %s (%s)'%(user, real, roles[gid]))
2737 # now check that all the users in the tracker are also in our "keep"
2738 # list - retire those who aren't
2739 for uid in db.user.list():
2740 user = db.user.get(uid, 'username')
2741 if user not in keep:
2742 db.user.retire(uid)
2743 msg.append('RET %s'%user)
2745 # if we did work, then send email to the tracker admins
2746 if msg:
2747 # create the email
2748 msg = '''Subject: %s user database maintenance
2750 %s
2751 '''%(db.config.TRACKER_NAME, '\n'.join(msg))
2753 # send the email
2754 smtp = smtplib.SMTP(db.config.MAILHOST)
2755 addr = db.config.ADMIN_EMAIL
2756 smtp.sendmail(addr, addr, msg)
2758 # now we're done - commit the changes
2759 db.commit()
2760 finally:
2761 # always close the database cleanly
2762 db.close()
2764 And that's it!
2767 Enabling display of either message summaries or the entire messages
2768 -------------------------------------------------------------------
2770 This is pretty simple - all we need to do is copy the code from the example
2771 `displaying only message summaries in the issue display`_ into our template
2772 alongside the summary display, and then introduce a switch that shows either
2773 one or the other. We'll use a new form variable, ``:whole_messages`` to
2774 achieve this::
2776 <table class="messages" tal:condition="context/messages">
2777 <tal:block tal:condition="not:request/form/:whole_messages/value | python:0">
2778 <tr><th colspan=3 class="header">Messages</th>
2779 <th colspan=2 class="header">
2780 <a href="?:whole_messages=yes">show entire messages</a>
2781 </th>
2782 </tr>
2783 <tr tal:repeat="msg context/messages">
2784 <td><a tal:attributes="href string:msg${msg/id}"
2785 tal:content="string:msg${msg/id}"></a></td>
2786 <td tal:content="msg/author">author</td>
2787 <td nowrap tal:content="msg/date/pretty">date</td>
2788 <td tal:content="msg/summary">summary</td>
2789 <td>
2790 <a tal:attributes="href string:?:remove:messages=${msg/id}&:action=edit">remove</a>
2791 </td>
2792 </tr>
2793 </tal:block>
2795 <tal:block tal:condition="request/form/:whole_messages/value | python:0">
2796 <tr><th colspan=2 class="header">Messages</th>
2797 <th class="header"><a href="?:whole_messages=">show only summaries</a></th>
2798 </tr>
2799 <tal:block tal:repeat="msg context/messages">
2800 <tr>
2801 <th tal:content="msg/author">author</th>
2802 <th nowrap tal:content="msg/date/pretty">date</th>
2803 <th style="text-align: right">
2804 (<a tal:attributes="href string:?:remove:messages=${msg/id}&:action=edit">remove</a>)
2805 </th>
2806 </tr>
2807 <tr><td colspan=3 tal:content="msg/content"></td></tr>
2808 </tal:block>
2809 </tal:block>
2810 </table>
2813 -------------------
2815 Back to `Table of Contents`_
2817 .. _`Table of Contents`: index.html
2818 .. _`design documentation`: design.html