1 ===================
2 Customising Roundup
3 ===================
5 :Version: $Revision: 1.56 $
7 .. This document borrows from the ZopeBook section on ZPT. The original is at:
8 http://www.zope.org/Documentation/Books/ZopeBook/current/ZPT.stx
10 .. contents::
11 :depth: 1
13 What You Can Do
14 ===============
16 Before you get too far, it's probably worth having a quick read of the Roundup
17 `design documentation`_.
19 Customisation of Roundup can take one of five forms:
21 1. `tracker configuration`_ file changes
22 2. database, or `tracker schema`_ changes
23 3. "definition" class `database content`_ changes
24 4. behavioural changes, through detectors_
25 5. `access controls`_
26 6. change the `web interface`_
28 The third case is special because it takes two distinctly different forms
29 depending upon whether the tracker has been initialised or not. The other two
30 may be done at any time, before or after tracker initialisation. Yes, this
31 includes adding or removing properties from classes.
34 Trackers in a Nutshell
35 ======================
37 Trackers have the following structure:
39 =================== ========================================================
40 Tracker File Description
41 =================== ========================================================
42 config.py Holds the basic `tracker configuration`_
43 dbinit.py Holds the `tracker schema`_
44 interfaces.py Defines the Web and E-Mail interfaces for the tracker
45 select_db.py Selects the database back-end for the tracker
46 db/ Holds the tracker's database
47 db/files/ Holds the tracker's upload files and messages
48 detectors/ Auditors and reactors for this tracker
49 html/ Web interface templates, images and style sheets
50 =================== ========================================================
52 Tracker Configuration
53 =====================
55 The config.py located in your tracker home contains the basic configuration
56 for the web and e-mail components of roundup's interfaces. As the name
57 suggests, this file is a Python module. This means that any valid python
58 expression may be used in the file. Mostly though, you'll be setting the
59 configuration variables to string values. Python string values must be quoted
60 with either single or double quotes::
62 'this is a string'
63 "this is also a string - use it when you have a 'single quote' in the value"
64 this is not a string - it's not quoted
66 Python strings may use formatting that's almost identical to C string
67 formatting. The ``%`` operator is used to perform the formatting, like so::
69 'roundup-admin@%s'%MAIL_DOMAIN
71 this will create a string ``'roundup-admin@tracker.domain.example'`` if
72 MAIL_DOMAIN is set to ``'tracker.domain.example'``.
74 You'll also note some values are set to::
76 os.path.join(TRACKER_HOME, 'db')
78 or similar. This creates a new string which holds the path to the "db"
79 directory in the TRACKER_HOME directory. This is just a convenience so if the
80 TRACKER_HOME changes you don't have to edit multiple valoues.
82 The configuration variables available are:
84 **TRACKER_HOME** - ``os.path.split(__file__)[0]``
85 The tracker home directory. The above default code will automatically
86 determine the tracker home for you, so you can just leave it alone.
88 **MAILHOST** - ``'localhost'``
89 The SMTP mail host that roundup will use to send e-mail.
91 **MAIL_DOMAIN** - ``'tracker.domain.example'``
92 The domain name used for email addresses.
94 **DATABASE** - ``os.path.join(TRACKER_HOME, 'db')``
95 This is the directory that the database is going to be stored in. By default
96 it is in the tracker home.
98 **TEMPLATES** - ``os.path.join(TRACKER_HOME, 'html')``
99 This is the directory that the HTML templates reside in. By default they are
100 in the tracker home.
102 **TRACKER_NAME** - ``'Roundup issue tracker'``
103 A descriptive name for your roundup tracker. This is sent out in e-mails and
104 appears in the heading of CGI pages.
106 **TRACKER_EMAIL** - ``'issue_tracker@%s'%MAIL_DOMAIN``
107 The email address that e-mail sent to roundup should go to. Think of it as the
108 tracker's personal e-mail address.
110 **TRACKER_WEB** - ``'http://your.tracker.url.example/'``
111 The web address that the tracker is viewable at. This will be included in
112 information sent to users of the tracker.
114 **ADMIN_EMAIL** - ``'roundup-admin@%s'%MAIL_DOMAIN``
115 The email address that roundup will complain to if it runs into trouble.
117 **MESSAGES_TO_AUTHOR** - ``'yes'`` or``'no'``
118 Send nosy messages to the author of the message.
120 **ADD_AUTHOR_TO_NOSY** - ``'new'``, ``'yes'`` or ``'no'``
121 Does the author of a message get placed on the nosy list automatically?
122 If ``'new'`` is used, then the author will only be added when a message
123 creates a new issue. If ``'yes'``, then the author will be added on followups
124 too. If ``'no'``, they're never added to the nosy.
126 **ADD_RECIPIENTS_TO_NOSY** - ``'new'``, ``'yes'`` or ``'no'``
127 Do the recipients (To:, Cc:) of a message get placed on the nosy list?
128 If ``'new'`` is used, then the recipients will only be added when a message
129 creates a new issue. If ``'yes'``, then the recipients will be added on
130 followups too. If ``'no'``, they're never added to the nosy.
132 **EMAIL_SIGNATURE_POSITION** - ``'top'``, ``'bottom'`` or ``'none'``
133 Where to place the email signature in messages that Roundup generates.
135 **EMAIL_KEEP_QUOTED_TEXT** - ``'yes'`` or ``'no'``
136 Keep email citations. Citations are the part of e-mail which the sender has
137 quoted in their reply to previous e-mail.
139 **EMAIL_LEAVE_BODY_UNCHANGED** - ``'no'``
140 Preserve the email body as is. Enabiling this will cause the entire message
141 body to be stored, including all citations and signatures. It should be
142 either ``'yes'`` or ``'no'``.
144 **MAIL_DEFAULT_CLASS** - ``'issue'`` or ``''``
145 Default class to use in the mailgw if one isn't supplied in email
146 subjects. To disable, comment out the variable below or leave it blank.
148 The default config.py is given below - as you
149 can see, the MAIL_DOMAIN must be edited before any interaction with the
150 tracker is attempted.::
152 # roundup home is this package's directory
153 TRACKER_HOME=os.path.split(__file__)[0]
155 # The SMTP mail host that roundup will use to send mail
156 MAILHOST = 'localhost'
158 # The domain name used for email addresses.
159 MAIL_DOMAIN = 'your.tracker.email.domain.example'
161 # This is the directory that the database is going to be stored in
162 DATABASE = os.path.join(TRACKER_HOME, 'db')
164 # This is the directory that the HTML templates reside in
165 TEMPLATES = os.path.join(TRACKER_HOME, 'html')
167 # A descriptive name for your roundup tracker
168 TRACKER_NAME = 'Roundup issue tracker'
170 # The email address that mail to roundup should go to
171 TRACKER_EMAIL = 'issue_tracker@%s'%MAIL_DOMAIN
173 # The web address that the tracker is viewable at
174 TRACKER_WEB = 'http://your.tracker.url.example/'
176 # The email address that roundup will complain to if it runs into trouble
177 ADMIN_EMAIL = 'roundup-admin@%s'%MAIL_DOMAIN
179 # Send nosy messages to the author of the message
180 MESSAGES_TO_AUTHOR = 'no' # either 'yes' or 'no'
182 # Does the author of a message get placed on the nosy list automatically?
183 # If 'new' is used, then the author will only be added when a message
184 # creates a new issue. If 'yes', then the author will be added on followups
185 # too. If 'no', they're never added to the nosy.
186 ADD_AUTHOR_TO_NOSY = 'new' # one of 'yes', 'no', 'new'
188 # Do the recipients (To:, Cc:) of a message get placed on the nosy list?
189 # If 'new' is used, then the recipients will only be added when a message
190 # creates a new issue. If 'yes', then the recipients will be added on followups
191 # too. If 'no', they're never added to the nosy.
192 ADD_RECIPIENTS_TO_NOSY = 'new' # either 'yes', 'no', 'new'
194 # Where to place the email signature
195 EMAIL_SIGNATURE_POSITION = 'bottom' # one of 'top', 'bottom', 'none'
197 # Keep email citations
198 EMAIL_KEEP_QUOTED_TEXT = 'no' # either 'yes' or 'no'
200 # Preserve the email body as is
201 EMAIL_LEAVE_BODY_UNCHANGED = 'no' # either 'yes' or 'no'
203 # Default class to use in the mailgw if one isn't supplied in email
204 # subjects. To disable, comment out the variable below or leave it blank.
205 # Examples:
206 MAIL_DEFAULT_CLASS = 'issue' # use "issue" class by default
207 #MAIL_DEFAULT_CLASS = '' # disable (or just comment the var out)
209 Tracker Schema
210 ==============
212 Note: if you modify the schema, you'll most likely need to edit the
213 `web interface`_ HTML template files and `detectors`_ to reflect
214 your changes.
216 A tracker schema defines what data is stored in the tracker's database.
217 Schemas are defined using Python code in the ``dbinit.py`` module of your
218 tracker. The "classic" schema looks like this::
220 pri = Class(db, "priority", name=String(), order=String())
221 pri.setkey("name")
223 stat = Class(db, "status", name=String(), order=String())
224 stat.setkey("name")
226 keyword = Class(db, "keyword", name=String())
227 keyword.setkey("name")
229 user = Class(db, "user", username=String(), organisation=String(),
230 password=String(), address=String(), realname=String(), phone=String())
231 user.setkey("username")
233 msg = FileClass(db, "msg", author=Link("user"), summary=String(),
234 date=Date(), recipients=Multilink("user"), files=Multilink("file"))
236 file = FileClass(db, "file", name=String(), type=String())
238 issue = IssueClass(db, "issue", topic=Multilink("keyword"),
239 status=Link("status"), assignedto=Link("user"),
240 priority=Link("priority"))
241 issue.setkey('title')
243 Classes and Properties - creating a new information store
244 ---------------------------------------------------------
246 In the tracker above, we've defined 7 classes of information:
248 priority
249 Defines the possible levels of urgency for issues.
251 status
252 Defines the possible states of processing the issue may be in.
254 keyword
255 Initially empty, will hold keywords useful for searching issues.
257 user
258 Initially holding the "admin" user, will eventually have an entry for all
259 users using roundup.
261 msg
262 Initially empty, will all e-mail messages sent to or generated by
263 roundup.
265 file
266 Initially empty, will all files attached to issues.
268 issue
269 Initially empty, this is where the issue information is stored.
271 We define the "priority" and "status" classes to allow two things: reduction in
272 the amount of information stored on the issue and more powerful, accurate
273 searching of issues by priority and status. By only requiring a link on the
274 issue (which is stored as a single number) we reduce the chance that someone
275 mis-types a priority or status - or simply makes a new one up.
277 Class and Items
278 ~~~~~~~~~~~~~~~
280 A Class defines a particular class (or type) of data that will be stored in the
281 database. A class comprises one or more properties, which given the information
282 about the class items.
283 The actual data entered into the database, using class.create() are called
284 items. They have a special immutable property called id. We sometimes refer to
285 this as the itemid.
287 Properties
288 ~~~~~~~~~~
290 A Class is comprised of one or more properties of the following types:
292 * String properties are for storing arbitrary-length strings.
293 * Password properties are for storing encoded arbitrary-length strings. The
294 default encoding is defined on the roundup.password.Password class.
295 * Date properties store date-and-time stamps. Their values are Timestamp
296 objects.
297 * Number properties store numeric values.
298 * Boolean properties store on/off, yes/no, true/false values.
299 * A Link property refers to a single other item selected from a specified
300 class. The class is part of the property; the value is an integer, the id
301 of the chosen item.
302 * A Multilink property refers to possibly many items in a specified class.
303 The value is a list of integers.
305 FileClass
306 ~~~~~~~~~
308 FileClasses save their "content" attribute off in a separate file from the rest
309 of the database. This reduces the number of large entries in the database,
310 which generally makes databases more efficient, and also allows us to use
311 command-line tools to operate on the files. They are stored in the files sub-
312 directory of the db directory in your tracker.
314 IssueClass
315 ~~~~~~~~~~
317 IssueClasses automatically include the "messages", "files", "nosy", and
318 "superseder" properties.
319 The messages and files properties list the links to the messages and files
320 related to the issue. The nosy property is a list of links to users who wish to
321 be informed of changes to the issue - they get "CC'ed" e-mails when messages
322 are sent to or generated by the issue. The nosy reactor (in the detectors
323 directory) handles this action. The superceder link indicates an issue which
324 has superceded this one.
325 They also have the dynamically generated "creation", "activity" and "creator"
326 properties.
327 The value of the "creation" property is the date when an item was created, and
328 the value of the "activity" property is the date when any property on the item
329 was last edited (equivalently, these are the dates on the first and last
330 records in the item's journal). The "creator" property holds a link to the user
331 that created the issue.
333 setkey(property)
334 ~~~~~~~~~~~~~~~~
336 Select a String property of the class to be the key property. The key property
337 muse be unique, and allows references to the items in the class by the content
338 of the key property. That is, we can refer to users by their username, e.g.
339 let's say that there's an issue in roundup, issue 23. There's also a user,
340 richard who happens to be user 2. To assign an issue to him, we could do either
341 of::
343 roundup-admin set issue assignedto=2
345 or::
347 roundup-admin set issue assignedto=richard
349 Note, the same thing can be done in the web and e-mail interfaces.
351 create(information)
352 ~~~~~~~~~~~~~~~~~~~
354 Create an item in the database. This is generally used to create items in the
355 "definitional" classes like "priority" and "status".
358 Examples of adding to your schema
359 ---------------------------------
361 TODO
364 Detectors - adding behaviour to your tracker
365 ============================================
366 .. _detectors:
368 Detectors are initialised every time you open your tracker database, so you're
369 free to add and remove them any time, even after the database is initliased
370 via the "roundup-admin initalise" command.
372 The detectors in your tracker fire before (*auditors*) and after (*reactors*)
373 changes to the contents of your database. They are Python modules that sit in
374 your tracker's ``detectors`` directory. You will have some installed by
375 default - have a look. You can write new detectors or modify the existing
376 ones. The existing detectors installed for you are:
378 **nosyreaction.py**
379 This provides the automatic nosy list maintenance and email sending. The nosy
380 reactor (``nosyreaction``) fires when new messages are added to issues.
381 The nosy auditor (``updatenosy``) fires when issues are changed and figures
382 what changes need to be made to the nosy list (like adding new authors etc)
383 **statusauditor.py**
384 This provides the ``chatty`` auditor which changes the issue status from
385 ``unread`` or ``closed`` to ``chatting`` if new messages appear. It also
386 provides the ``presetunread`` auditor which pre-sets the status to
387 ``unread`` on new items if the status isn't explicitly defined.
389 See the detectors section in the `design document`__ for details of the
390 interface for detectors.
392 __ design.html
394 Sample additional detectors that have been found useful will appear in the
395 ``detectors`` directory of the Roundup distribution:
397 **newissuecopy.py**
398 This detector sends an email to a team address whenever a new issue is
399 created. The address is hard-coded into the detector, so edit it before you
400 use it (look for the text 'team@team.host') or you'll get email errors!
402 The detector code::
404 from roundup import roundupdb
406 def newissuecopy(db, cl, nodeid, oldvalues):
407 ''' Copy a message about new issues to a team address.
408 '''
409 # so use all the messages in the create
410 change_note = cl.generateCreateNote(nodeid)
412 # send a copy to the nosy list
413 for msgid in cl.get(nodeid, 'messages'):
414 try:
415 # note: last arg must be a list
416 cl.send_message(nodeid, msgid, change_note, ['team@team.host'])
417 except roundupdb.MessageSendError, message:
418 raise roundupdb.DetectorError, message
420 def init(db):
421 db.issue.react('create', newissuecopy)
424 Database Content
425 ================
427 Note: if you modify the content of definitional classes, you'll most likely
428 need to edit the tracker `detectors`_ to reflect your changes.
430 Customisation of the special "definitional" classes (eg. status, priority,
431 resolution, ...) may be done either before or after the tracker is
432 initialised. The actual method of doing so is completely different in each
433 case though, so be careful to use the right one.
435 **Changing content before tracker initialisation**
436 Edit the dbinit module in your tracker to alter the items created in using
437 the create() methods.
439 **Changing content after tracker initialisation**
440 Use the roundup-admin interface's create, set and retire methods to add,
441 alter or remove items from the classes in question.
444 See "`adding a new field to the classic schema`_" for an example that requires
445 database content changes.
448 Access Controls
449 ===============
451 A set of Permissions are built in to the security module by default:
453 - Edit (everything)
454 - View (everything)
456 The default interfaces define:
458 - Web Registration
459 - Web Access
460 - Web Roles
461 - Email Registration
462 - Email Access
464 These are hooked into the default Roles:
466 - Admin (Edit everything, View everything, Web Roles)
467 - User (Web Access, Email Access)
468 - Anonymous (Web Registration, Email Registration)
470 And finally, the "admin" user gets the "Admin" Role, and the "anonymous" user
471 gets the "Anonymous" assigned when the database is initialised on installation.
472 The two default schemas then define:
474 - Edit issue, View issue (both)
475 - Edit file, View file (both)
476 - Edit msg, View msg (both)
477 - Edit support, View support (extended only)
479 and assign those Permissions to the "User" Role. Put together, these settings
480 appear in the ``open()`` function of the tracker ``dbinit.py`` (the following
481 is taken from the "minimal" template ``dbinit.py``)::
483 #
484 # SECURITY SETTINGS
485 #
486 # new permissions for this schema
487 for cl in ('user', ):
488 db.security.addPermission(name="Edit", klass=cl,
489 description="User is allowed to edit "+cl)
490 db.security.addPermission(name="View", klass=cl,
491 description="User is allowed to access "+cl)
493 # and give the regular users access to the web and email interface
494 p = db.security.getPermission('Web Access')
495 db.security.addPermissionToRole('User', p)
496 p = db.security.getPermission('Email Access')
497 db.security.addPermissionToRole('User', p)
499 # May users view other user information? Comment these lines out
500 # if you don't want them to
501 p = db.security.getPermission('View', 'user')
502 db.security.addPermissionToRole('User', p)
504 # Assign the appropriate permissions to the anonymous user's Anonymous
505 # Role. Choices here are:
506 # - Allow anonymous users to register through the web
507 p = db.security.getPermission('Web Registration')
508 db.security.addPermissionToRole('Anonymous', p)
509 # - Allow anonymous (new) users to register through the email gateway
510 p = db.security.getPermission('Email Registration')
511 db.security.addPermissionToRole('Anonymous', p)
514 New User Roles
515 --------------
517 New users are assigned the Roles defined in the config file as:
519 - NEW_WEB_USER_ROLES
520 - NEW_EMAIL_USER_ROLES
523 Changing Access Controls
524 ------------------------
526 You may alter the configuration variables to change the Role that new web or
527 email users get, for example to not give them access to the web interface if
528 they register through email.
530 You may use the ``roundup-admin`` "``security``" command to display the
531 current Role and Permission configuration in your tracker.
533 Adding a new Permission
534 ~~~~~~~~~~~~~~~~~~~~~~~
536 When adding a new Permission, you will need to:
538 1. add it to your tracker's dbinit so it is created
539 2. enable it for the Roles that should have it (verify with
540 "``roundup-admin security``")
541 3. add it to the relevant HTML interface templates
542 4. add it to the appropriate xxxPermission methods on in your tracker
543 interfaces module
545 Example Scenarios
546 ~~~~~~~~~~~~~~~~~
548 **automatic registration of users in the e-mail gateway**
549 By giving the "anonymous" user the "Email Registration" Role, any
550 unidentified user will automatically be registered with the tracker (with
551 no password, so they won't be able to log in through the web until an admin
552 sets them a password). Note: this is the default behaviour in the tracker
553 templates that ship with Roundup.
555 **anonymous access through the e-mail gateway**
556 Give the "anonymous" user the "Email Access" and ("Edit", "issue") Roles
557 but not giving them the "Email Registration" Role. This means that when an
558 unknown user sends email into the tracker, they're automatically logged in
559 as "anonymous". Since they don't have the "Email Registration" Role, they
560 won't be automatically registered, but since "anonymous" has permission
561 to use the gateway, they'll still be able to submit issues. Note that the
562 Sender information - their email address - will not be available - they're
563 *anonymous*.
565 **only developers may be assigned issues**
566 Create a new Permission called "Fixer" for the "issue" class. Create a new
567 Role "Developer" which has that Permission, and assign that to the
568 appropriate users. Filter the list of users available in the assignedto
569 list to include only those users. Enforce the Permission with an auditor. See
570 the example `restricting the list of users that are assignable to a task`_.
572 **only managers may sign off issues as complete**
573 Create a new Permission called "Closer" for the "issue" class. Create a new
574 Role "Manager" which has that Permission, and assign that to the appropriate
575 users. In your web interface, only display the "resolved" issue state option
576 when the user has the "Closer" Permissions. Enforce the Permission with
577 an auditor. This is very similar to the previous example, except that the
578 web interface check would look like::
580 <option tal:condition="python:request.user.hasPermission('Closer')"
581 value="resolved">Resolved</option>
583 **don't give users who register through email web access**
584 Create a new Role called "Email User" which has all the Permissions of the
585 normal "User" Role minus the "Web Access" Permission. This will allow users
586 to send in emails to the tracker, but not access the web interface.
589 Web Interface
590 =============
592 .. contents::
593 :local:
594 :depth: 1
596 The web is provided by the roundup.cgi.client module and is used by
597 roundup.cgi, roundup-server and ZRoundup.
598 In all cases, we determine which tracker is being accessed
599 (the first part of the URL path inside the scope of the CGI handler) and pass
600 control on to the tracker interfaces.Client class - which uses the Client class
601 from roundup.cgi.client - which handles the rest of
602 the access through its main() method. This means that you can do pretty much
603 anything you want as a web interface to your tracker.
605 Repurcussions of changing the tracker schema
606 ---------------------------------------------
608 If you choose to change the `tracker schema`_ you will need to ensure the web
609 interface knows about it:
611 1. Index, item and search pages for the relevant classes may need to have
612 properties added or removed,
613 2. The "page" template may require links to be changed, as might the "home"
614 page's content arguments.
616 How requests are processed
617 --------------------------
619 The basic processing of a web request proceeds as follows:
621 1. figure out who we are, defaulting to the "anonymous" user
622 2. figure out what the request is for - we call this the "context"
623 3. handle any requested action (item edit, search, ...)
624 4. render the template requested by the context, resulting in HTML output
626 In some situations, exceptions occur:
628 - HTTP Redirect (generally raised by an action)
629 - SendFile (generally raised by determine_context)
630 here we serve up a FileClass "content" property
631 - SendStaticFile (generally raised by determine_context)
632 here we serve up a file from the tracker "html" directory
633 - Unauthorised (generally raised by an action)
634 here the action is cancelled, the request is rendered and an error
635 message is displayed indicating that permission was not
636 granted for the action to take place
637 - NotFound (raised wherever it needs to be)
638 this exception percolates up to the CGI interface that called the client
640 Determining web context
641 -----------------------
643 To determine the "context" of a request, we look at the URL and the special
644 request variable ``:template``. The URL path after the tracker identifier
645 is examined. Typical URL paths look like:
647 1. ``/tracker/issue``
648 2. ``/tracker/issue1``
649 3. ``/tracker/_file/style.css``
650 4. ``/cgi-bin/roundup.cgi/tracker/file1``
651 5. ``/cgi-bin/roundup.cgi/tracker/file1/kitten.png``
653 where the "tracker identifier" is "tracker" in the above cases. That means
654 we're looking at "issue", "issue1", "_file/style.css", "file1" and
655 "file1/kitten.png" in the cases above. The path is generally only one
656 entry long - longer paths are handled differently.
658 a. if there is no path, then we are in the "home" context.
659 b. if the path starts with "_file" (as in example 3,
660 "/tracker/_file/style.css"), then the additional path entry,
661 "style.css" specifies the filename of a static file we're to serve up
662 from the tracker "html" directory. Raises a SendStaticFile
663 exception.
664 c. if there is something in the path (as in example 1, "issue"), it identifies
665 the tracker class we're to display.
666 d. if the path is an item designator (as in examples 2 and 4, "issue1" and
667 "file1"), then we're to display a specific item.
668 e. if the path starts with an item designator and is longer than
669 one entry (as in example 5, "file1/kitten.png"), then we're assumed
670 to be handling an item of a
671 FileClass, and the extra path information gives the filename
672 that the client is going to label the download with (ie
673 "file1/kitten.png" is nicer to download than "file1"). This
674 raises a SendFile exception.
676 Both b. and e. stop before we bother to
677 determine the template we're going to use. That's because they
678 don't actually use templates.
680 The template used is specified by the ``:template`` CGI variable,
681 which defaults to:
683 - only classname suplied: "index"
684 - full item designator supplied: "item"
687 Performing actions in web requests
688 ----------------------------------
690 When a user requests a web page, they may optionally also request for an
691 action to take place. As described in `how requests are processed`_, the
692 action is performed before the requested page is generated. Actions are
693 triggered by using a ``:action`` CGI variable, where the value is one of:
695 **login**
696 Attempt to log a user in.
697 **logout**
698 Log the user out - make them "anonymous".
699 **register**
700 Attempt to create a new user based on the contents of the form and then log
701 them in.
702 **edit**
703 Perform an edit of an item in the database. There are some special form
704 elements you may use:
706 :link=designator:property and :multilink=designator:property
707 The value specifies an item designator and the property on that
708 item to add *this* item to as a link or multilink.
709 :note
710 Create a message and attach it to the current item's
711 "messages" property.
712 :file
713 Create a file and attach it to the current item's
714 "files" property. Attach the file to the message created from
715 the :note if it's supplied.
716 :required=property,property,...
717 The named properties are required to be filled in the form.
719 **new**
720 Add a new item to the database. You may use the same special form elements
721 as in the "edit" action.
723 **editCSV**
724 Performs an edit of all of a class' items in one go. See also the
725 *class*.csv templating method which generates the CSV data to be edited, and
726 the "_generic.index" template which uses both of these features.
728 **search**
729 Mangle some of the form variables.
731 Set the form ":filter" variable based on the values of the
732 filter variables - if they're set to anything other than
733 "dontcare" then add them to :filter.
735 Also handle the ":queryname" variable and save off the query to
736 the user's query list.
738 Each of the actions is implemented by a corresponding *actionAction* (where
739 "action" is the name of the action) method on
740 the roundup.cgi.Client class, which also happens to be in your tracker as
741 interfaces.Client. So if you need to define new actions, you may add them
742 there (see `defining new web actions`_).
744 Each action also has a corresponding *actionPermission* (where
745 "action" is the name of the action) method which determines
746 whether the action is permissible given the current user. The base permission
747 checks are:
749 **login**
750 Determine whether the user has permission to log in.
751 Base behaviour is to check the user has "Web Access".
752 **logout**
753 No permission checks are made.
754 **register**
755 Determine whether the user has permission to register
756 Base behaviour is to check the user has "Web Registration".
757 **edit**
758 Determine whether the user has permission to edit this item.
759 Base behaviour is to check the user can edit this class. If we're
760 editing the "user" class, users are allowed to edit their own
761 details. Unless it's the "roles" property, which requires the
762 special Permission "Web Roles".
763 **new**
764 Determine whether the user has permission to create (edit) this item.
765 Base behaviour is to check the user can edit this class. No
766 additional property checks are made. Additionally, new user items
767 may be created if the user has the "Web Registration" Permission.
768 **editCSV**
769 Determine whether the user has permission to edit this class.
770 Base behaviour is to check the user can edit this class.
771 **search**
772 Determine whether the user has permission to search this class.
773 Base behaviour is to check the user can view this class.
776 Default templates
777 -----------------
779 Most customisation of the web view can be done by modifying the templates in
780 the tracker **html** directory. There are several types of files in there:
782 **page**
783 This template usually defines the overall look of your tracker. When you
784 view an issue, it appears inside this template. When you view an index, it
785 also appears inside this template. This template defines a macro called
786 "icing" which is used by almost all other templates as a coating for their
787 content, using its "content" slot. It will also define the "head_title"
788 and "body_title" slots to allow setting of the page title.
789 **home**
790 the default page displayed when no other page is indicated by the user
791 **home.classlist**
792 a special version of the default page that lists the classes in the tracker
793 **classname.item**
794 displays an item of the *classname* class
795 **classname.index**
796 displays a list of *classname* items
797 **classname.search**
798 displays a search page for *classname* items
799 **_generic.index**
800 used to display a list of items where there is no *classname*.index available
801 **_generic.help**
802 used to display a "class help" page where there is no *classname*.help
803 **user.register**
804 a special page just for the user class that renders the registration page
805 **style.css**
806 a static file that is served up as-is
808 Note: Remember that you can create any template extension you want to, so
809 if you just want to play around with the templating for new issues, you can
810 copy the current "issue.item" template to "issue.test", and then access the
811 test template using the ":template" URL argument::
813 http://your.tracker.example/tracker/issue?:template=test
815 and it won't affect your users using the "issue.item" template.
818 How the templates work
819 ----------------------
821 Basic Templating Actions
822 ~~~~~~~~~~~~~~~~~~~~~~~~
824 Roundup's templates consist of special attributes on your template tags.
825 These attributes form the Template Attribute Language, or TAL. The basic tag
826 commands are:
828 **tal:define="variable expression; variable expression; ..."**
829 Define a new variable that is local to this tag and its contents. For
830 example::
832 <html tal:define="title request/description">
833 <head><title tal:content="title"></title></head>
834 </html>
836 In the example, the variable "title" is defined as being the result of the
837 expression "request/description". The tal:content command inside the <html>
838 tag may then use the "title" variable.
840 **tal:condition="expression"**
841 Only keep this tag and its contents if the expression is true. For example::
843 <p tal:condition="python:request.user.hasPermission('View', 'issue')">
844 Display some issue information.
845 </p>
847 In the example, the <p> tag and its contents are only displayed if the
848 user has the View permission for issues. We consider the number zero, a
849 blank string, an empty list, and the built-in variable nothing to be false
850 values. Nearly every other value is true, including non-zero numbers, and
851 strings with anything in them (even spaces!).
853 **tal:repeat="variable expression"**
854 Repeat this tag and its contents for each element of the sequence that the
855 expression returns, defining a new local variable and a special "repeat"
856 variable for each element. For example::
858 <tr tal:repeat="u user/list">
859 <td tal:content="u/id"></td>
860 <td tal:content="u/username"></td>
861 <td tal:content="u/realname"></td>
862 </tr>
864 The example would iterate over the sequence of users returned by
865 "user/list" and define the local variable "u" for each entry.
867 **tal:replace="expression"**
868 Replace this tag with the result of the expression. For example::
870 <span tal:replace="request/user/realname"></span>
872 The example would replace the <span> tag and its contents with the user's
873 realname. If the user's realname was "Bruce" then the resultant output
874 would be "Bruce".
876 **tal:content="expression"**
877 Replace the contents of this tag with the result of the expression. For
878 example::
880 <span tal:content="request/user/realname">user's name appears here</span>
882 The example would replace the contents of the <span> tag with the user's
883 realname. If the user's realname was "Bruce" then the resultant output
884 would be "<span>Bruce</span>".
886 **tal:attributes="attribute expression; attribute expression; ..."**
887 Set attributes on this tag to the results of expressions. For example::
889 <a tal:attributes="href string:user${request/user/id}">My Details</a>
891 In the example, the "href" attribute of the <a> tag is set to the value of
892 the "string:user${request/user/id}" expression, which will be something
893 like "user123".
895 **tal:omit-tag="expression"**
896 Remove this tag (but not its contents) if the expression is true. For
897 example::
899 <span tal:omit-tag="python:1">Hello, world!</span>
901 would result in output of::
903 Hello, world!
905 Note that the commands on a given tag are evaulated in the order above, so
906 *define* comes before *condition*, and so on.
908 Additionally, a tag is defined, tal:block, which is removed from output. Its
909 content is not, but the tag itself is (so don't go using any tal:attributes
910 commands on it). This is useful for making arbitrary blocks of HTML
911 conditional or repeatable (very handy for repeating multiple table rows,
912 which would othewise require an illegal tag placement to effect the repeat).
915 Templating Expressions
916 ~~~~~~~~~~~~~~~~~~~~~~
918 The expressions you may use in the attibute values may be one of the following
919 forms:
921 **Path Expressions** - eg. ``item/status/checklist``
922 These are object attribute / item accesses. Roughly speaking, the path
923 ``item/status/checklist`` is broken into parts ``item``, ``status``
924 and ``checklist``. The ``item`` part is the root of the expression.
925 We then look for a ``status`` attribute on ``item``, or failing that, a
926 ``status`` item (as in ``item['status']``). If that
927 fails, the path expression fails. When we get to the end, the object we're
928 left with is evaluated to get a string - methods are called, objects are
929 stringified. Path expressions may have an optional ``path:`` prefix, though
930 they are the default expression type, so it's not necessary.
932 If an expression evaluates to ``default`` then the expression is
933 "cancelled" - whatever HTML already exists in the template will remain
934 (tag content in the case of tal:content, attributes in the case of
935 tal:attributes).
937 If an expression evaluates to ``nothing`` then the target of the expression
938 is removed (tag content in the case of tal:content, attributes in the case
939 of tal:attributes and the tag itself in the case of tal:replace).
941 If an element in the path may not exist, then you can use the ``|``
942 operator in the expression to provide an alternative. So, the expression
943 ``request/form/foo/value | default`` would simply leave the current HTML
944 in place if the "foo" form variable doesn't exist.
946 **String Expressions** - eg. ``string:hello ${user/name}``
947 These expressions are simple string interpolations (though they can be just
948 plain strings with no interpolation if you want. The expression in the
949 ``${ ... }`` is just a path expression as above.
951 **Python Expressions** - eg. ``python: 1+1``
952 These expressions give the full power of Python. All the "root level"
953 variables are available, so ``python:item.status.checklist()`` would be
954 equivalent to ``item/status/checklist``, assuming that ``checklist`` is
955 a method.
957 Template Macros
958 ~~~~~~~~~~~~~~~
960 Macros are used in Roundup to save us from repeating the same common page
961 stuctures over and over. The most common (and probably only) macro you'll use
962 is the "icing" macro defined in the "page" template.
964 Macros are generated and used inside your templates using special attributes
965 similar to the `basic templating actions`_. In this case though, the
966 attributes belong to the Macro Expansion Template Attribute Language, or
967 METAL. The macro commands are:
969 **metal:define-macro="macro name"**
970 Define that the tag and its contents are now a macro that may be inserted
971 into other templates using the *use-macro* command. For example::
973 <html metal:define-macro="page">
974 ...
975 </html>
977 defines a macro called "page" using the ``<html>`` tag and its contents.
978 Once defined, macros are stored on the template they're defined on in the
979 ``macros`` attribute. You can access them later on through the ``templates``
980 variable, eg. the most common ``templates/page/macros/icing`` to access the
981 "page" macro of the "page" template.
983 **metal:use-macro="path expression"**
984 Use a macro, which is identified by the path expression (see above). This
985 will replace the current tag with the identified macro contents. For
986 example::
988 <tal:block metal:use-macro="templates/page/macros/icing">
989 ...
990 </tal:block>
992 will replace the tag and its contents with the "page" macro of the "page"
993 template.
995 **metal:define-slot="slot name"** and **metal:fill-slot="slot name"**
996 To define *dynamic* parts of the macro, you define "slots" which may be
997 filled when the macro is used with a *use-macro* command. For example, the
998 ``templates/page/macros/icing`` macro defines a slot like so::
1000 <title metal:define-slot="head_title">title goes here</title>
1002 In your *use-macro* command, you may now use a *fill-slot* command like
1003 this::
1005 <title metal:fill-slot="head_title">My Title</title>
1007 where the tag that fills the slot completely replaces the one defined as
1008 the slot in the macro.
1010 Note that you may not mix METAL and TAL commands on the same tag, but TAL
1011 commands may be used freely inside METAL-using tags (so your *fill-slots*
1012 tags may have all manner of TAL inside them).
1015 Information available to templates
1016 ----------------------------------
1018 Note: this is implemented by roundup.cgi.templating.RoundupPageTemplate
1020 The following variables are available to templates.
1022 **context**
1023 The current context. This is either None, a
1024 `hyperdb class wrapper`_ or a `hyperdb item wrapper`_
1025 **request**
1026 Includes information about the current request, including:
1027 - the url
1028 - the current index information (``filterspec``, ``filter`` args,
1029 ``properties``, etc) parsed out of the form.
1030 - methods for easy filterspec link generation
1031 - *user*, the current user item as an HTMLItem instance
1032 - *form*
1033 The current CGI form information as a mapping of form argument
1034 name to value
1035 **config**
1036 This variable holds all the values defined in the tracker config.py file
1037 (eg. TRACKER_NAME, etc.)
1038 **db**
1039 The current database, used to access arbitrary database items.
1040 **templates**
1041 Access to all the tracker templates by name. Used mainly in *use-macro*
1042 commands.
1043 **utils**
1044 This variable makes available some utility functions like batching.
1045 **nothing**
1046 This is a special variable - if an expression evaluates to this, then the
1047 tag (in the case of a tal:replace), its contents (in the case of
1048 tal:content) or some attributes (in the case of tal:attributes) will not
1049 appear in the the output. So for example::
1051 <span tal:attributes="class nothing">Hello, World!</span>
1053 would result in::
1055 <span>Hello, World!</span>
1057 **default**
1058 Also a special variable - if an expression evaluates to this, then the
1059 existing HTML in the template will not be replaced or removed, it will
1060 remain. So::
1062 <span tal:replace="default">Hello, World!</span>
1064 would result in::
1066 <span>Hello, World!</span>
1068 The context variable
1069 ~~~~~~~~~~~~~~~~~~~~
1071 The *context* variable is one of three things based on the current context
1072 (see `determining web context`_ for how we figure this out):
1074 1. if we're looking at a "home" page, then it's None
1075 2. if we're looking at a specific hyperdb class, it's a
1076 `hyperdb class wrapper`_.
1077 3. if we're looking at a specific hyperdb item, it's a
1078 `hyperdb item wrapper`_.
1080 If the context is not None, we can access the properties of the class or item.
1081 The only real difference between cases 2 and 3 above are:
1083 1. the properties may have a real value behind them, and this will appear if
1084 the property is displayed through ``context/property`` or
1085 ``context/property/field``.
1086 2. the context's "id" property will be a false value in the second case, but
1087 a real, or true value in the third. Thus we can determine whether we're
1088 looking at a real item from the hyperdb by testing "context/id".
1090 Hyperdb class wrapper
1091 :::::::::::::::::::::
1093 Note: this is implemented by the roundup.cgi.templating.HTMLClass class.
1095 This wrapper object provides access to a hyperb class. It is used primarily
1096 in both index view and new item views, but it's also usable anywhere else that
1097 you wish to access information about a class, or the items of a class, when
1098 you don't have a specific item of that class in mind.
1100 We allow access to properties. There will be no "id" property. The value
1101 accessed through the property will be the current value of the same name from
1102 the CGI form.
1104 There are several methods available on these wrapper objects:
1106 =========== =============================================================
1107 Method Description
1108 =========== =============================================================
1109 properties return a `hyperdb property wrapper`_ for all of this class'
1110 properties.
1111 list lists all of the active (not retired) items in the class.
1112 csv return the items of this class as a chunk of CSV text.
1113 propnames lists the names of the properties of this class.
1114 filter lists of items from this class, filtered and sorted
1115 by the current *request* filterspec/filter/sort/group args
1116 classhelp display a link to a javascript popup containing this class'
1117 "help" template.
1118 submit generate a submit button (and action hidden element)
1119 renderWith render this class with the given template.
1120 history returns 'New node - no history' :)
1121 is_edit_ok is the user allowed to Edit the current class?
1122 is_view_ok is the user allowed to View the current class?
1123 =========== =============================================================
1125 Note that if you have a property of the same name as one of the above methods,
1126 you'll need to access it using a python "item access" expression. For example::
1128 python:context['list']
1130 will access the "list" property, rather than the list method.
1133 Hyperdb item wrapper
1134 ::::::::::::::::::::
1136 Note: this is implemented by the roundup.cgi.templating.HTMLItem class.
1138 This wrapper object provides access to a hyperb item.
1140 We allow access to properties. There will be no "id" property. The value
1141 accessed through the property will be the current value of the same name from
1142 the CGI form.
1144 There are several methods available on these wrapper objects:
1146 =============== =============================================================
1147 Method Description
1148 =============== =============================================================
1149 submit generate a submit button (and action hidden element)
1150 journal return the journal of the current item (**not implemented**)
1151 history render the journal of the current item as HTML
1152 renderQueryForm specific to the "query" class - render the search form for
1153 the query
1154 hasPermission specific to the "user" class - determine whether the user
1155 has a Permission
1156 is_edit_ok is the user allowed to Edit the current item?
1157 is_view_ok is the user allowed to View the current item?
1158 =============== =============================================================
1161 Note that if you have a property of the same name as one of the above methods,
1162 you'll need to access it using a python "item access" expression. For example::
1164 python:context['journal']
1166 will access the "journal" property, rather than the journal method.
1169 Hyperdb property wrapper
1170 ::::::::::::::::::::::::
1172 Note: this is implemented by subclasses roundup.cgi.templating.HTMLProperty
1173 class (HTMLStringProperty, HTMLNumberProperty, and so on).
1175 This wrapper object provides access to a single property of a class. Its
1176 value may be either:
1178 1. if accessed through a `hyperdb item wrapper`_, then it's a value from the
1179 hyperdb
1180 2. if access through a `hyperdb class wrapper`_, then it's a value from the
1181 CGI form
1184 The property wrapper has some useful attributes:
1186 =============== =============================================================
1187 Attribute Description
1188 =============== =============================================================
1189 _name the name of the property
1190 _value the value of the property if any
1191 =============== =============================================================
1193 There are several methods available on these wrapper objects:
1195 =========== =================================================================
1196 Method Description
1197 =========== =================================================================
1198 plain render a "plain" representation of the property
1199 field render a form edit field for the property
1200 stext only on String properties - render the value of the
1201 property as StructuredText (requires the StructureText module
1202 to be installed separately)
1203 multiline only on String properties - render a multiline form edit
1204 field for the property
1205 email only on String properties - render the value of the
1206 property as an obscured email address
1207 confirm only on Password properties - render a second form edit field for
1208 the property, used for confirmation that the user typed the
1209 password correctly. Generates a field with name "name:confirm".
1210 reldate only on Date properties - render the interval between the
1211 date and now
1212 pretty only on Interval properties - render the interval in a
1213 pretty format (eg. "yesterday")
1214 menu only on Link and Multilink properties - render a form select
1215 list for this property
1216 reverse only on Multilink properties - produce a list of the linked
1217 items in reverse order
1218 =========== =================================================================
1220 The request variable
1221 ~~~~~~~~~~~~~~~~~~~~
1223 Note: this is implemented by the roundup.cgi.templating.HTMLRequest class.
1225 The request variable is packed with information about the current request.
1227 .. taken from roundup.cgi.templating.HTMLRequest docstring
1229 =========== =================================================================
1230 Variable Holds
1231 =========== =================================================================
1232 form the CGI form as a cgi.FieldStorage
1233 env the CGI environment variables
1234 url the current URL path for this request
1235 base the base URL for this tracker
1236 user a HTMLUser instance for this user
1237 classname the current classname (possibly None)
1238 template the current template (suffix, also possibly None)
1239 form the current CGI form variables in a FieldStorage
1240 =========== =================================================================
1242 **Index page specific variables (indexing arguments)**
1244 =========== =================================================================
1245 Variable Holds
1246 =========== =================================================================
1247 columns dictionary of the columns to display in an index page
1248 show a convenience access to columns - request/show/colname will
1249 be true if the columns should be displayed, false otherwise
1250 sort index sort column (direction, column name)
1251 group index grouping property (direction, column name)
1252 filter properties to filter the index on
1253 filterspec values to filter the index on
1254 search_text text to perform a full-text search on for an index
1255 =========== =================================================================
1257 There are several methods available on the request variable:
1259 =============== =============================================================
1260 Method Description
1261 =============== =============================================================
1262 description render a description of the request - handle for the page
1263 title
1264 indexargs_form render the current index args as form elements
1265 indexargs_url render the current index args as a URL
1266 base_javascript render some javascript that is used by other components of
1267 the templating
1268 batch run the current index args through a filter and return a
1269 list of items (see `hyperdb item wrapper`_, and
1270 `batching`_)
1271 =============== =============================================================
1273 The form variable
1274 :::::::::::::::::
1276 The form variable is a little special because it's actually a python
1277 FieldStorage object. That means that you have two ways to access its
1278 contents. For example, to look up the CGI form value for the variable
1279 "name", use the path expression::
1281 request/form/name/value
1283 or the python expression::
1285 python:request.form['name'].value
1287 Note the "item" access used in the python case, and also note the explicit
1288 "value" attribute we have to access. That's because the form variables are
1289 stored as MiniFieldStorages. If there's more than one "name" value in
1290 the form, then the above will break since ``request/form/name`` is actually a
1291 *list* of MiniFieldStorages. So it's best to know beforehand what you're
1292 dealing with.
1295 The db variable
1296 ~~~~~~~~~~~~~~~
1298 Note: this is implemented by the roundup.cgi.templating.HTMLDatabase class.
1300 Allows access to all hyperdb classes as attributes of this variable. If you
1301 want access to the "user" class, for example, you would use::
1303 db/user
1304 python:db.user
1306 The access results in a `hyperdb class wrapper`_.
1308 The templates variable
1309 ~~~~~~~~~~~~~~~~~~~~~~
1311 Note: this is implemented by the roundup.cgi.templating.Templates class.
1313 This variable doesn't have any useful methods defined. It supports being
1314 used in expressions to access the templates, and subsequently the template
1315 macros. You may access the templates using the following path expression::
1317 templates/name
1319 or the python expression::
1321 templates[name]
1323 where "name" is the name of the template you wish to access. The template you
1324 get access to has one useful attribute, "macros". To access a specific macro
1325 (called "macro_name"), use the path expression::
1327 templates/name/macros/macro_name
1329 or the python expression::
1331 templates[name].macros[macro_name]
1334 The utils variable
1335 ~~~~~~~~~~~~~~~~~~
1337 Note: this is implemented by the roundup.cgi.templating.TemplatingUtils class.
1339 =============== =============================================================
1340 Method Description
1341 =============== =============================================================
1342 Batch return a batch object using the supplied list
1343 =============== =============================================================
1345 Batching
1346 ::::::::
1348 Use Batch to turn a list of items, or item ids of a given class, into a series
1349 of batches. Its usage is::
1351 python:util.Batch(sequence, size, start, end=0, orphan=0, overlap=0)
1353 or, to get the current index batch::
1355 request/batch
1357 The parameters are:
1359 ========= ==================================================================
1360 Parameter Usage
1361 ========= ==================================================================
1362 sequence a list of HTMLItems
1363 size how big to make the sequence.
1364 start where to start (0-indexed) in the sequence.
1365 end where to end (0-indexed) in the sequence.
1366 orphan if the next batch would contain less items than this
1367 value, then it is combined with this batch
1368 overlap the number of items shared between adjacent batches
1369 ========= ==================================================================
1371 All of the parameters are assigned as attributes on the batch object. In
1372 addition, it has several more attributes:
1374 =============== ============================================================
1375 Attribute Description
1376 =============== ============================================================
1377 start indicates the start index of the batch. *Note: unlike the
1378 argument, is a 1-based index (I know, lame)*
1379 first indicates the start index of the batch *as a 0-based
1380 index*
1381 length the actual number of elements in the batch
1382 sequence_length the length of the original, unbatched, sequence.
1383 =============== ============================================================
1385 And several methods:
1387 =============== ============================================================
1388 Method Description
1389 =============== ============================================================
1390 previous returns a new Batch with the previous batch settings
1391 next returns a new Batch with the next batch settings
1392 propchanged detect if the named property changed on the current item
1393 when compared to the last item
1394 =============== ============================================================
1396 An example of batching::
1398 <table class="otherinfo">
1399 <tr><th colspan="4" class="header">Existing Keywords</th></tr>
1400 <tr tal:define="keywords db/keyword/list"
1401 tal:repeat="start python:range(0, len(keywords), 4)">
1402 <td tal:define="batch python:utils.Batch(keywords, 4, start)"
1403 tal:repeat="keyword batch" tal:content="keyword/name">keyword here</td>
1404 </tr>
1405 </table>
1407 ... which will produce a table with four columns containing the items of the
1408 "keyword" class (well, their "name" anyway).
1410 Displaying Properties
1411 ---------------------
1413 Properties appear in the user interface in three contexts: in indices, in
1414 editors, and as search arguments.
1415 For each type of property, there are several display possibilities.
1416 For example, in an index view, a string property may just be
1417 printed as a plain string, but in an editor view, that property may be
1418 displayed in an editable field.
1421 Index Views
1422 -----------
1424 This is one of the class context views. It is also the default view for
1425 classes. The template used is "*classname*.index".
1427 Index View Specifiers
1428 ~~~~~~~~~~~~~~~~~~~~~
1430 An index view specifier (URL fragment) looks like this (whitespace has been
1431 added for clarity)::
1433 /issue?status=unread,in-progress,resolved&
1434 topic=security,ui&
1435 :group=+priority&
1436 :sort==activity&
1437 :filters=status,topic&
1438 :columns=title,status,fixer
1440 The index view is determined by two parts of the specifier: the layout part and
1441 the filter part. The layout part consists of the query parameters that begin
1442 with colons, and it determines the way that the properties of selected items
1443 are displayed. The filter part consists of all the other query parameters, and
1444 it determines the criteria by which items are selected for display.
1445 The filter part is interactively manipulated with the form widgets displayed in
1446 the filter section. The layout part is interactively manipulated by clicking on
1447 the column headings in the table.
1449 The filter part selects the union of the sets of items with values matching any
1450 specified Link properties and the intersection of the sets of items with values
1451 matching any specified Multilink properties.
1453 The example specifies an index of "issue" items. Only items with a "status" of
1454 either "unread" or "in-progres" or "resolved" are displayed, and only items
1455 with "topic" values including both "security" and "ui" are displayed. The items
1456 are grouped by priority, arranged in ascending order; and within groups, sorted
1457 by activity, arranged in descending order. The filter section shows filters for
1458 the "status" and "topic" properties, and the table includes columns for the
1459 "title", "status", and "fixer" properties.
1461 Searching Views
1462 ---------------
1464 This is one of the class context views. The template used is typically
1465 "*classname*.search". The form on this page should have "search" as its
1466 ``:action`` variable. The "search" action:
1468 - sets up additional filtering, as well as performing indexed text searching
1469 - sets the ``:filter`` variable correctly
1470 - saves the query off if ``:query_name`` is set.
1472 The searching page should lay out any fields that you wish to allow the user
1473 to search one. If your schema contains a large number of properties, you
1474 should be wary of making all of those properties available for searching, as
1475 this can cause confusion. If the additional properties are Strings, consider
1476 having their value indexed, and then they will be searchable using the full
1477 text indexed search. This is both faster, and more useful for the end user.
1479 The two special form values on search pages which are handled by the "search"
1480 action are:
1482 :search_text
1483 Text to perform a search of the text index with. Results from that search
1484 will be used to limit the results of other filters (using an intersection
1485 operation)
1486 :query_name
1487 If supplied, the search parameters (including :search_text) will be saved
1488 off as a the query item and registered against the user's queries property.
1489 Note that the *classic* template schema has this ability, but the *minimal*
1490 template schema does not.
1494 Item Views
1495 ----------
1497 The basic view of a hyperdb item is provided by the "*classname*.item"
1498 template. It generally has three sections; an "editor", a "spool" and a
1499 "history" section.
1503 Editor Section
1504 ~~~~~~~~~~~~~~
1506 The editor section is used to manipulate the item - it may be a
1507 static display if the user doesn't have permission to edit the item.
1509 Here's an example of a basic editor template (this is the default "classic"
1510 template issue item edit form - from the "issue.item" template)::
1512 <table class="form">
1513 <tr>
1514 <th nowrap>Title</th>
1515 <td colspan=3 tal:content="structure python:context.title.field(size=60)">title</td>
1516 </tr>
1518 <tr>
1519 <th nowrap>Priority</th>
1520 <td tal:content="structure context/priority/menu">priority</td>
1521 <th nowrap>Status</th>
1522 <td tal:content="structure context/status/menu">status</td>
1523 </tr>
1525 <tr>
1526 <th nowrap>Superseder</th>
1527 <td>
1528 <span tal:replace="structure python:context.superseder.field(showid=1, size=20)" />
1529 <span tal:replace="structure python:db.issue.classhelp('id,title')" />
1530 <span tal:condition="context/superseder">
1531 <br>View: <span tal:replace="structure python:context.superseder.link(showid=1)" />
1532 </span>
1533 </td>
1534 <th nowrap>Nosy List</th>
1535 <td>
1536 <span tal:replace="structure context/nosy/field" />
1537 <span tal:replace="structure python:db.user.classhelp('username,realname,address,phone')" />
1538 </td>
1539 </tr>
1541 <tr>
1542 <th nowrap>Assigned To</th>
1543 <td tal:content="structure context/assignedto/menu">
1544 assignedto menu
1545 </td>
1546 <td> </td>
1547 <td> </td>
1548 </tr>
1550 <tr>
1551 <th nowrap>Change Note</th>
1552 <td colspan=3>
1553 <textarea name=":note" wrap="hard" rows="5" cols="60"></textarea>
1554 </td>
1555 </tr>
1557 <tr>
1558 <th nowrap>File</th>
1559 <td colspan=3><input type="file" name=":file" size="40"></td>
1560 </tr>
1562 <tr>
1563 <td> </td>
1564 <td colspan=3 tal:content="structure context/submit">
1565 submit button will go here
1566 </td>
1567 </tr>
1568 </table>
1571 When a change is submitted, the system automatically generates a message
1572 describing the changed properties. As shown in the example, the editor
1573 template can use the ":note" and ":file" fields, which are added to the
1574 standard change note message generated by Roundup.
1576 Spool Section
1577 ~~~~~~~~~~~~~
1579 The spool section lists related information like the messages and files of
1580 an issue.
1582 TODO
1585 History Section
1586 ~~~~~~~~~~~~~~~
1588 The final section displayed is the history of the item - its database journal.
1589 This is generally generated with the template::
1591 <tal:block tal:replace="structure context/history" />
1593 *To be done:*
1595 *The actual history entries of the item may be accessed for manual templating
1596 through the "journal" method of the item*::
1598 <tal:block tal:repeat="entry context/journal">
1599 a journal entry
1600 </tal:block>
1602 *where each journal entry is an HTMLJournalEntry.*
1604 Defining new web actions
1605 ------------------------
1607 You may define new actions to be triggered by the ``:action`` form variable.
1608 These are added to the tracker ``interfaces.py`` as methods on the ``Client``
1609 class.
1611 Adding action methods takes three steps; first you `define the new action
1612 method`_, then you `register the action method`_ with the cgi interface so
1613 it may be triggered by the ``:action`` form variable. Finally you actually
1614 `use the new action`_ in your HTML form.
1616 See "`setting up a "wizard" (or "druid") for controlled adding of issues`_"
1617 for an example.
1619 Define the new action method
1620 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1622 The action methods have the following interface::
1624 def myActionMethod(self):
1625 ''' Perform some action. No return value is required.
1626 '''
1628 The *self* argument is an instance of your tracker ``instance.Client`` class -
1629 thus it's mostly implemented by ``roundup.cgi.Client``. See the docstring of
1630 that class for details of what it can do.
1632 The method will typically check the ``self.form`` variable's contents. It
1633 may then:
1635 - add information to ``self.ok_message`` or ``self.error_message``
1636 - change the ``self.template`` variable to alter what the user will see next
1637 - raise Unauthorised, SendStaticFile, SendFile, NotFound or Redirect
1638 exceptions
1641 Register the action method
1642 ~~~~~~~~~~~~~~~~~~~~~~~~~~
1644 The method is now written, but isn't available to the user until you add it to
1645 the `instance.Client`` class ``actions`` variable, like so::
1647 actions = client.Class.actions + (
1648 ('myaction', 'myActionMethod'),
1649 )
1651 This maps the action name "myaction" to the action method we defined.
1654 Use the new action
1655 ~~~~~~~~~~~~~~~~~~
1657 In your HTML form, add a hidden form element like so::
1659 <input type="hidden" name=":action" value="myaction">
1661 where "myaction" is the name you registered in the previous step.
1664 Examples
1665 ========
1667 .. contents::
1668 :local:
1669 :depth: 1
1671 Adding a new field to the classic schema
1672 ----------------------------------------
1674 This example shows how to add a new constrained property (ie. a selection of
1675 distinct values) to your tracker.
1677 Introduction
1678 ~~~~~~~~~~~~
1680 To make the classic schema of roundup useful as a todo tracking system
1681 for a group of systems administrators, it needed an extra data field
1682 per issue: a category.
1684 This would let sysads quickly list all todos in their particular
1685 area of interest without having to do complex queries, and without
1686 relying on the spelling capabilities of other sysads (a losing
1687 proposition at best).
1689 Adding a field to the database
1690 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1692 This is the easiest part of the change. The category would just be a plain
1693 string, nothing fancy. To change what is in the database you need to add
1694 some lines to the ``open()`` function in ``dbinit.py`` under the comment::
1696 # add any additional database schema configuration here
1698 add::
1700 category = Class(db, "category", name=String())
1701 category.setkey("name")
1703 Here we are setting up a chunk of the database which we are calling
1704 "category". It contains a string, which we are refering to as "name" for
1705 lack of a more imaginative title. Then we are setting the key of this chunk
1706 of the database to be that "name". This is equivalent to an index for
1707 database types. This also means that there can only be one category with a
1708 given name.
1710 Adding the above lines allows us to create categories, but they're not tied
1711 to the issues that we are going to be creating. It's just a list of categories
1712 off on its own, which isn't much use. We need to link it in with the issues.
1713 To do that, find the lines in the ``open()`` function in ``dbinit.py`` which
1714 set up the "issue" class, and then add a link to the category::
1716 issue = IssueClass(db, "issue", ... , category=Multilink("category"), ... )
1718 The Multilink() means that each issue can have many categories. If you were
1719 adding something with a more one to one relationship use Link() instead.
1721 That is all you need to do to change the schema. The rest of the effort is
1722 fiddling around so you can actually use the new category.
1724 Populating the new category class
1725 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1727 If you haven't initialised the database with the roundup-admin "initialise"
1728 command, then you can add the following to the tracker ``dbinit.py`` in the
1729 ``init()`` function under the comment::
1731 # add any additional database create steps here - but only if you
1732 # haven't initialised the database with the admin "initialise" command
1734 add::
1736 category = db.getclass('category')
1737 category.create(name="scipy", order="1")
1738 category.create(name="chaco", order="2")
1739 category.create(name="weave", order="3")
1741 If the database is initalised, the you need to use the roundup-admin tool::
1743 % roundup-admin -i <tracker home>
1744 Roundup <version> ready for input.
1745 Type "help" for help.
1746 roundup> create category name=scipy order=1
1747 1
1748 roundup> create category name=chaco order=1
1749 2
1750 roundup> create category name=weave order=1
1751 3
1752 roundup> exit...
1753 There are unsaved changes. Commit them (y/N)? y
1756 Setting up security on the new objects
1757 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1759 By default only the admin user can look at and change objects. This doesn't
1760 suit us, as we want any user to be able to create new categories as
1761 required, and obviously everyone needs to be able to view the categories of
1762 issues for it to be useful.
1764 We therefore need to change the security of the category objects. This is
1765 also done in the ``open()`` function of ``dbinit.py``.
1767 There are currently two loops which set up permissions and then assign them
1768 to various roles. Simply add the new "category" to both lists::
1770 # new permissions for this schema
1771 for cl in 'issue', 'file', 'msg', 'user', 'category':
1772 db.security.addPermission(name="Edit", klass=cl,
1773 description="User is allowed to edit "+cl)
1774 db.security.addPermission(name="View", klass=cl,
1775 description="User is allowed to access "+cl)
1777 # Assign the access and edit permissions for issue, file and message
1778 # to regular users now
1779 for cl in 'issue', 'file', 'msg', 'category':
1780 p = db.security.getPermission('View', cl)
1781 db.security.addPermissionToRole('User', p)
1782 p = db.security.getPermission('Edit', cl)
1783 db.security.addPermissionToRole('User', p)
1785 So you are in effect doing the following::
1787 db.security.addPermission(name="Edit", klass='category',
1788 description="User is allowed to edit "+'category')
1789 db.security.addPermission(name="View", klass='category',
1790 description="User is allowed to access "+'category')
1792 which is creating two permission types; that of editing and viewing
1793 "category" objects respectively. Then the following lines assign those new
1794 permissions to the "User" role, so that normal users can view and edit
1795 "category" objects::
1797 p = db.security.getPermission('View', 'category')
1798 db.security.addPermissionToRole('User', p)
1800 p = db.security.getPermission('Edit', 'category')
1801 db.security.addPermissionToRole('User', p)
1803 This is all the work that needs to be done for the database. It will store
1804 categories, and let users view and edit them. Now on to the interface
1805 stuff.
1807 Changing the web left hand frame
1808 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1810 We need to give the users the ability to create new categories, and the
1811 place to put the link to this functionality is in the left hand function
1812 bar, under the "Issues" area. The file that defines how this area looks is
1813 ``html/page``, which is what we are going to be editing next.
1815 If you look at this file you can see that it contains a lot of "classblock"
1816 sections which are chunks of HTML that will be included or excluded in the
1817 output depending on whether the condition in the classblock is met. Under
1818 the end of the classblock for issue is where we are going to add the
1819 category code::
1821 <p class="classblock"
1822 tal:condition="python:request.user.hasPermission('View', 'category')">
1823 <b>Categories</b><br>
1824 <a tal:condition="python:request.user.hasPermission('Edit', 'category')"
1825 href="category?:template=item">New Category<br></a>
1826 </p>
1828 The first two lines is the classblock definition, which sets up a condition
1829 that only users who have "View" permission to the "category" object will
1830 have this section included in their output. Next comes a plain "Categories"
1831 header in bold. Everyone who can view categories will get that.
1833 Next comes the link to the editing area of categories. This link will only
1834 appear if the condition is matched: that condition being that the user has
1835 "Edit" permissions for the "category" objects. If they do have permission
1836 then they will get a link to another page which will let the user add new
1837 categories.
1839 Note that if you have permission to view but not edit categories then all
1840 you will see is a "Categories" header with nothing underneath it. This is
1841 obviously not very good interface design, but will do for now. I just claim
1842 that it is so I can add more links in this section later on. However to fix
1843 the problem you could change the condition in the classblock statement, so
1844 that only users with "Edit" permission would see the "Categories" stuff.
1846 Setting up a page to edit categories
1847 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1849 We defined code in the previous section which let users with the
1850 appropriate permissions see a link to a page which would let them edit
1851 conditions. Now we have to write that page.
1853 The link was for the item template for the category object. This translates
1854 into the system looking for a file called ``category.item`` in the ``html``
1855 tracker directory. This is the file that we are going to write now.
1857 First we add an info tag in a comment which doesn't affect the outcome
1858 of the code at all but is useful for debugging. If you load a page in a
1859 browser and look at the page source, you can see which sections come
1860 from which files by looking for these comments::
1862 <!-- category.item -->
1864 Next we need to add in the METAL macro stuff so we get the normal page
1865 trappings::
1867 <tal:block metal:use-macro="templates/page/macros/icing">
1868 <title metal:fill-slot="head_title">Category editing</title>
1869 <td class="page-header-top" metal:fill-slot="body_title">
1870 <h2>Category editing</h2>
1871 </td>
1872 <td class="content" metal:fill-slot="content">
1874 Next we need to setup up a standard HTML form, which is the whole
1875 purpose of this file. We link to some handy javascript which sends the form
1876 through only once. This is to stop users hitting the send button
1877 multiple times when they are impatient and thus having the form sent
1878 multiple times::
1880 <form method="POST" onSubmit="return submit_once()"
1881 enctype="multipart/form-data">
1883 Next we define some code which sets up the minimum list of fields that we
1884 require the user to enter. There will be only one field, that of "name", so
1885 they user better put something in it otherwise the whole form is pointless::
1887 <input type="hidden" name=":required" value="name">
1889 To get everything to line up properly we will put everything in a table,
1890 and put a nice big header on it so the user has an idea what is happening::
1892 <table class="form">
1893 <tr><th class="header" colspan=2>Category</th></tr>
1895 Next we need the actual field that the user is going to enter the new
1896 category. The "context.name.field(size=60)" bit tells roundup to generate a
1897 normal HTML field of size 60, and the contents of that field will be the
1898 "name" variable of the current context (which is "category"). The upshot of
1899 this is that when the user types something in to the form, a new category
1900 will be created with that name::
1902 <tr>
1903 <th nowrap>Name</th>
1904 <td tal:content="structure python:context.name.field(size=60)">name</td>
1905 </tr>
1907 Then a submit button so that the user can submit the new category::
1909 <tr>
1910 <td> </td>
1911 <td colspan=3 tal:content="structure context/submit">
1912 submit button will go here
1913 </td>
1914 </tr>
1916 Finally we finish off the tags we used at the start to do the METAL stuff::
1918 </td>
1919 </tal:block>
1921 So putting it all together, and closing the table and form we get::
1923 <!-- category.item -->
1924 <tal:block metal:use-macro="templates/page/macros/icing">
1925 <title metal:fill-slot="head_title">Category editing</title>
1926 <td class="page-header-top" metal:fill-slot="body_title">
1927 <h2>Category editing</h2>
1928 </td>
1929 <td class="content" metal:fill-slot="content">
1930 <form method="POST" onSubmit="return submit_once()"
1931 enctype="multipart/form-data">
1933 <input type="hidden" name=":required" value="name">
1935 <table class="form">
1936 <tr><th class="header" colspan=2>Category</th></tr>
1938 <tr>
1939 <th nowrap>Name</th>
1940 <td tal:content="structure python:context.name.field(size=60)">name</td>
1941 </tr>
1943 <tr>
1944 <td> </td>
1945 <td colspan=3 tal:content="structure context/submit">
1946 submit button will go here
1947 </td>
1948 </tr>
1949 </table>
1950 </form>
1951 </td>
1952 </tal:block>
1954 This is quite a lot to just ask the user one simple question, but
1955 there is a lot of setup for basically one line (the form line) to do
1956 its work. To add another field to "category" would involve one more line
1957 (well maybe a few extra to get the formatting correct).
1959 Adding the category to the issue
1960 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1962 We now have the ability to create issues to our hearts content, but
1963 that is pointless unless we can assign categories to issues. Just like
1964 the ``html/category.item`` file was used to define how to add a new
1965 category, the ``html/issue.item`` is used to define how a new issue is
1966 created.
1968 Just like ``category.issue`` this file defines a form which has a table to lay
1969 things out. It doesn't matter where in the table we add new stuff,
1970 it is entirely up to your sense of aesthetics::
1972 <th nowrap>Category</th>
1973 <td><span tal:replace="structure context/category/field" />
1974 <span tal:replace="structure db/category/classhelp" />
1975 </td>
1977 First we define a nice header so that the user knows what the next section
1978 is, then the middle line does what we are most interested in. This
1979 ``context/category/field`` gets replaced with a field which contains the
1980 category in the current context (the current context being the new issue).
1982 The classhelp lines generate a link (labelled "list") to a popup window
1983 which contains the list of currently known categories.
1985 Searching on categories
1986 ~~~~~~~~~~~~~~~~~~~~~~~
1988 We can add categories, and create issues with categories. The next obvious
1989 thing that we would like to be would be to search issues based on their
1990 category, so that any one working on the web server could look at all
1991 issues in the category "Web" for example.
1993 If you look in the html/page file and look for the "Search Issues" you will
1994 see that it looks something like ``<a href="issue?:template=search">Search
1995 Issues</a>`` which shows us that when you click on "Search Issues" it will
1996 be looking for a ``issue.search`` file to display. So that is indeed the file
1997 that we are going to change.
1999 If you look at this file it should be starting to seem familiar. It is a
2000 simple HTML form using a table to define structure. You can add the new
2001 category search code anywhere you like within that form::
2003 <tr>
2004 <th>Category:</th>
2005 <td>
2006 <select name="category">
2007 <option value="">don't care</option>
2008 <option value="">------------</option>
2009 <option tal:repeat="s db/category/list" tal:attributes="value s/name"
2010 tal:content="s/name">category to filter on</option>
2011 </select>
2012 </td>
2013 <td><input type="checkbox" name=":columns" value="category" checked></td>
2014 <td><input type="radio" name=":sort" value="category"></td>
2015 <td><input type="radio" name=":group" value="category"></td>
2016 </tr>
2018 Most of this is straightforward to anyone who knows HTML. It is just
2019 setting up a select list followed by a checkbox and a couple of radio
2020 buttons.
2022 The ``tal:repeat`` part repeats the tag for every item in the "category"
2023 table and setting "s" to be each category in turn.
2025 The ``tal:attributes`` part is setting up the ``value=`` part of the option tag
2026 to be the name part of "s" which is the current category in the loop.
2028 The ``tal:content`` part is setting the contents of the option tag to be the
2029 name part of "s" again. For objects more complex than category, obviously
2030 you would put an id in the value, and the descriptive part in the content;
2031 but for category they are the same.
2033 Adding category to the default view
2034 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2036 We can now add categories, add issues with categories, and search issues
2037 based on categories. This is everything that we need to do, however there
2038 is some more icing that we would like. I think the category of an issue is
2039 important enough that it should be displayed by default when listing all
2040 the issues.
2042 Unfortunately, this is a bit less obvious than the previous steps. The code
2043 defining how the issues look is in ``html/issue.index``. This is a large table
2044 with a form down the bottom for redisplaying and so forth.
2046 Firstly we need to add an appropriate header to the start of the table::
2048 <th tal:condition="request/show/category">Category</th>
2050 The condition part of this statement is so that if the user has selected
2051 not to see the Category column then they won't.
2053 The rest of the table is a loop which will go through every issue that
2054 matches the display criteria. The loop variable is "i" - which means that
2055 every issue gets assigned to "i" in turn.
2057 The new part of code to display the category will look like this::
2059 <td tal:condition="request/show/category" tal:content="i/category"></td>
2061 The condition is the same as above: only display the condition when the
2062 user hasn't asked for it to be hidden. The next part is to set the content
2063 of the cell to be the category part of "i" - the current issue.
2065 Finally we have to edit ``html/page`` again. This time to tell it that when the
2066 user clicks on "Unnasigned Issues" or "All Issues" that the category should
2067 be displayed. If you scroll down the page file, you can see the links with
2068 lots of options. The option that we are interested in is the ``:columns=`` one
2069 which tells roundup which fields of the issue to display. Simply add
2070 "category" to that list and it all should work.
2073 Adding in state transition control
2074 ----------------------------------
2076 Sometimes tracker admins want to control the states that users may move issues
2077 to.
2079 1. add a Multilink property to the status class::
2081 stat = Class(db, "status", ... , transitions=Multilink('status'), ...)
2083 and then edit the statuses already created either:
2085 a. through the web using the class list -> status class editor, or
2086 b. using the roundup-admin "set" command.
2088 2. add an auditor module ``checktransition.py`` in your tracker's
2089 ``detectors`` directory::
2091 def checktransition(db, cl, nodeid, newvalues):
2092 ''' Check that the desired transition is valid for the "status"
2093 property.
2094 '''
2095 if not newvalues.has_key('status'):
2096 return
2097 current = cl.get(nodeid, 'status')
2098 new = newvalues['status']
2099 if new == current:
2100 return
2101 ok = db.status.get(current, 'transitions')
2102 if new not in ok:
2103 raise ValueError, 'Status not allowed to move from "%s" to "%s"'%(
2104 db.status.get(current, 'name'), db.status.get(new, 'name'))
2106 def init(db):
2107 db.issue.audit('set', checktransition)
2109 3. in the ``issue.item`` template, change the status editing bit from::
2111 <th nowrap>Status</th>
2112 <td tal:content="structure context/status/menu">status</td>
2114 to::
2116 <th nowrap>Status</th>
2117 <td>
2118 <select tal:condition="context/id" name="status">
2119 <tal:block tal:define="ok context/status/transitions"
2120 tal:repeat="state db/status/list">
2121 <option tal:condition="python:state.id in ok"
2122 tal:attributes="value state/id;
2123 selected python:state.id == context.status.id"
2124 tal:content="state/name"></option>
2125 </tal:block>
2126 </select>
2127 <tal:block tal:condition="not:context/id"
2128 tal:replace="structure context/status/menu" />
2129 </td>
2131 which displays only the allowed status to transition to.
2134 Displaying entire message contents in the issue display
2135 -------------------------------------------------------
2137 Alter the issue.item template section for messages to::
2139 <table class="messages" tal:condition="context/messages">
2140 <tr><th colspan=3 class="header">Messages</th></tr>
2141 <tal:block tal:repeat="msg context/messages/reverse">
2142 <tr>
2143 <th><a tal:attributes="href string:msg${msg/id}"
2144 tal:content="string:msg${msg/id}"></a></th>
2145 <th tal:content="string:Author: ${msg/author}">author</th>
2146 <th tal:content="string:Date: ${msg/date}">date</th>
2147 </tr>
2148 <tr>
2149 <td colspan="3" class="content">
2150 <pre tal:content="msg/content">content</pre>
2151 </td>
2152 </tr>
2153 </tal:block>
2154 </table>
2156 Restricting the list of users that are assignable to a task
2157 -----------------------------------------------------------
2159 1. In your tracker's "dbinit.py", create a new Role, say "Developer"::
2161 db.security.addRole(name='Developer', description='A developer')
2163 2. Just after that, create a new Permission, say "Fixer", specific to "issue"::
2165 p = db.security.addPermission(name='Fixer', klass='issue',
2166 description='User is allowed to be assigned to fix issues')
2168 3. Then assign the new Permission to your "Developer" Role::
2170 db.security.addPermissionToRole('Developer', p)
2172 4. In the issue item edit page ("html/issue.item" in your tracker dir), use
2173 the new Permission in restricting the "assignedto" list::
2175 <select name="assignedto">
2176 <option value="-1">- no selection -</option>
2177 <tal:block tal:repeat="user db/user/list">
2178 <option tal:condition="python:user.hasPermission('Fixer', context.classname)"
2179 tal:attributes="value user/id;
2180 selected python:user.id == context.assignedto"
2181 tal:content="user/realname"></option>
2182 </tal:block>
2183 </select>
2185 For extra security, you may wish to set up an auditor to enforce the
2186 Permission requirement (install this as "assignedtoFixer.py" in your tracker
2187 "detectors" directory)::
2189 def assignedtoMustBeFixer(db, cl, nodeid, newvalues):
2190 ''' Ensure the assignedto value in newvalues is a used with the Fixer
2191 Permission
2192 '''
2193 if not newvalues.has_key('assignedto'):
2194 # don't care
2195 return
2197 # get the userid
2198 userid = newvalues['assignedto']
2199 if not db.security.hasPermission('Fixer', userid, cl.classname):
2200 raise ValueError, 'You do not have permission to edit %s'%cl.classname
2202 def init(db):
2203 db.issue.audit('set', assignedtoMustBeFixer)
2204 db.issue.audit('create', assignedtoMustBeFixer)
2206 So now, if the edit attempts to set the assignedto to a user that doesn't have
2207 the "Fixer" Permission, the error will be raised.
2210 Setting up a "wizard" (or "druid") for controlled adding of issues
2211 ------------------------------------------------------------------
2213 1. Set up the page templates you wish to use for data input. My wizard
2214 is going to be a two-step process, first figuring out what category of
2215 issue the user is submitting, and then getting details specific to that
2216 category. The first page includes a table of help, explaining what the
2217 category names mean, and then the core of the form::
2219 <form method="POST" onSubmit="return submit_once()"
2220 enctype="multipart/form-data">
2221 <input type="hidden" name=":template" value="add_page1">
2222 <input type="hidden" name=":action" value="page1submit">
2224 <strong>Category:</strong>
2225 <tal:block tal:replace="structure context/category/menu" />
2226 <input type="submit" value="Continue">
2227 </form>
2229 The next page has the usual issue entry information, with the addition of
2230 the following form fragments::
2232 <form method="POST" onSubmit="return submit_once()"
2233 enctype="multipart/form-data" tal:condition="context/is_edit_ok"
2234 tal:define="cat request/form/category/value">
2236 <input type="hidden" name=":template" value="add_page2">
2237 <input type="hidden" name=":required" value="title">
2238 <input type="hidden" name="category" tal:attributes="value cat">
2240 .
2241 .
2242 .
2243 </form>
2245 Note that later in the form, I test the value of "cat" include form
2246 elements that are appropriate. For example::
2248 <tal:block tal:condition="python:cat in '6 10 13 14 15 16 17'.split()">
2249 <tr>
2250 <th nowrap>Operating System</th>
2251 <td tal:content="structure context/os/field"></td>
2252 </tr>
2253 <tr>
2254 <th nowrap>Web Browser</th>
2255 <td tal:content="structure context/browser/field"></td>
2256 </tr>
2257 </tal:block>
2259 ... the above section will only be displayed if the category is one of 6,
2260 10, 13, 14, 15, 16 or 17.
2262 3. Determine what actions need to be taken between the pages - these are
2263 usually to validate user choices and determine what page is next. Now
2264 encode those actions in methods on the interfaces Client class and insert
2265 hooks to those actions in the "actions" attribute on that class, like so::
2267 actions = client.Client.actions + (
2268 ('page1_submit', 'page1SubmitAction'),
2269 )
2271 def page1SubmitAction(self):
2272 ''' Verify that the user has selected a category, and then move on
2273 to page 2.
2274 '''
2275 category = self.form['category'].value
2276 if category == '-1':
2277 self.error_message.append('You must select a category of report')
2278 return
2279 # everything's ok, move on to the next page
2280 self.template = 'add_page2'
2282 4. Use the usual "new" action as the :action on the final page, and you're
2283 done (the standard context/submit method can do this for you).
2286 Using an external password validation source
2287 --------------------------------------------
2289 We have a centrally-managed password changing system for our users. This
2290 results in a UN*X passwd-style file that we use for verification of users.
2291 Entries in the file consist of ``name:password`` where the password is
2292 encrypted using the standard UN*X ``crypt()`` function (see the ``crypt``
2293 module in your Python distribution). An example entry would be::
2295 admin:aamrgyQfDFSHw
2297 Each user of Roundup must still have their information stored in the Roundup
2298 database - we just use the passwd file to check their password. To do this, we
2299 add the following code to our ``Client`` class in the tracker home
2300 ``interfaces.py`` module::
2302 def verifyPassword(self, userid, password):
2303 # get the user's username
2304 username = self.db.user.get(userid, 'username')
2306 # the passwords are stored in the "passwd.txt" file in the tracker
2307 # home
2308 file = os.path.join(self.db.config.TRACKER_HOME, 'passwd.txt')
2310 # see if we can find a match
2311 for ent in [line.strip().split(':') for line in open(file).readlines()]:
2312 if ent[0] == username:
2313 return crypt.crypt(password, ent[1][:2]) == ent[1]
2315 # user doesn't exist in the file
2316 return 0
2318 What this does is look through the file, line by line, looking for a name that
2319 matches.
2321 We also remove the redundant password fields from the ``user.item`` template.
2324 Adding a "vacation" flag to users for stopping nosy messages
2325 ------------------------------------------------------------
2327 When users go on vacation and set up vacation email bouncing, you'll start to
2328 see a lot of messages come back through Roundup "Fred is on vacation". Not
2329 very useful, and relatively easy to stop.
2331 1. add a "vacation" flag to your users::
2333 user = Class(db, "user",
2334 username=String(), password=Password(),
2335 address=String(), realname=String(),
2336 phone=String(), organisation=String(),
2337 alternate_addresses=String(),
2338 roles=String(), queries=Multilink("query"),
2339 vacation=Boolean())
2341 2. edit your detector ``nosyreactor.py`` so that the ``nosyreaction()``
2342 consists of::
2344 def nosyreaction(db, cl, nodeid, oldvalues):
2345 # send a copy of all new messages to the nosy list
2346 for msgid in determineNewMessages(cl, nodeid, oldvalues):
2347 try:
2348 users = db.user
2349 messages = db.msg
2351 # figure the recipient ids
2352 sendto = []
2353 r = {}
2354 recipients = messages.get(msgid, 'recipients')
2355 for recipid in messages.get(msgid, 'recipients'):
2356 r[recipid] = 1
2358 # figure the author's id, and indicate they've received the
2359 # message
2360 authid = messages.get(msgid, 'author')
2362 # possibly send the message to the author, as long as they aren't
2363 # anonymous
2364 if (db.config.MESSAGES_TO_AUTHOR == 'yes' and
2365 users.get(authid, 'username') != 'anonymous'):
2366 sendto.append(authid)
2367 r[authid] = 1
2369 # now figure the nosy people who weren't recipients
2370 nosy = cl.get(nodeid, 'nosy')
2371 for nosyid in nosy:
2372 # Don't send nosy mail to the anonymous user (that user
2373 # shouldn't appear in the nosy list, but just in case they
2374 # do...)
2375 if users.get(nosyid, 'username') == 'anonymous':
2376 continue
2377 # make sure they haven't seen the message already
2378 if not r.has_key(nosyid):
2379 # send it to them
2380 sendto.append(nosyid)
2381 recipients.append(nosyid)
2383 # generate a change note
2384 if oldvalues:
2385 note = cl.generateChangeNote(nodeid, oldvalues)
2386 else:
2387 note = cl.generateCreateNote(nodeid)
2389 # we have new recipients
2390 if sendto:
2391 # filter out the people on vacation
2392 sendto = [i for i in sendto if not users.get(i, 'vacation', 0)]
2394 # map userids to addresses
2395 sendto = [users.get(i, 'address') for i in sendto]
2397 # update the message's recipients list
2398 messages.set(msgid, recipients=recipients)
2400 # send the message
2401 cl.send_message(nodeid, msgid, note, sendto)
2402 except roundupdb.MessageSendError, message:
2403 raise roundupdb.DetectorError, message
2405 Note that this is the standard nosy reaction code, with the small addition
2406 of::
2408 # filter out the people on vacation
2409 sendto = [i for i in sendto if not users.get(i, 'vacation', 0)]
2411 which filters out the users that have the vacation flag set to true.
2414 Adding a time log to your issues
2415 --------------------------------
2417 We want to log the dates and amount of time spent working on issues, and be
2418 able to give a summary of the total time spent on a particular issue.
2420 1. Add a new class to your tracker ``dbinit.py``::
2422 # storage for time logging
2423 timelog = Class(db, "timelog", period=Interval())
2425 Note that we automatically get the date of the time log entry creation
2426 through the standard property "creation".
2428 2. Link to the new class from your issue class (again, in ``dbinit.py``)::
2430 issue = IssueClass(db, "issue",
2431 assignedto=Link("user"), topic=Multilink("keyword"),
2432 priority=Link("priority"), status=Link("status"),
2433 times=Multilink("timelog"))
2435 the "times" property is the new link to the "timelog" class.
2437 3. We'll need to let people add in times to the issue, so in the web interface
2438 we'll have a new entry field, just below the change note box::
2440 <tr>
2441 <th nowrap>Time Log</th>
2442 <td colspan=3><input name=":timelog">
2443 (enter as "3y 1m 4d 2:40:02" or parts thereof)
2444 </td>
2445 </tr>
2447 Note that we've made up a new form variable, but since we place a colon ":"
2448 in front of it, it won't clash with any existing property variables. The
2449 names you *can't* use are ``:note``, ``:file``, ``:action``, ``:required``
2450 and ``:template``. These variables are described in the section
2451 `performing actions in web requests`_.
2453 4. We also need to handle this new field in the CGI interface - the way to
2454 do this is through implementing a new form action (see `Setting up a
2455 "wizard" (or "druid") for controlled adding of issues`_ for another example
2456 where we implemented a new CGI form action).
2458 In this case, we'll want our action to:
2460 1. create a new "timelog" entry,
2461 2. fake that the issue's "times" property has been edited, and then
2462 3. call the normal CGI edit action handler.
2464 The code to do this is::
2466 actions = client.Client.actions + (
2467 ('edit_with_timelog', 'timelogEditAction'),
2468 )
2470 def timelogEditAction(self):
2471 ''' Handle the creation of a new time log entry if necessary.
2473 If we create a new entry, fake up a CGI form value for the altered
2474 "times" property of the issue being edited.
2476 Punt to the regular edit action when we're done.
2477 '''
2478 # if there's a timelog value specified, create an entry
2479 if self.form.has_key(':timelog') and \
2480 self.form[':timelog'].value.strip():
2481 period = Interval(self.form[':timelog'].value)
2482 # create it
2483 newid = self.db.timelog.create(period=period)
2485 # if we're editing an existing item, get the old timelog value
2486 if self.nodeid:
2487 l = self.db.issue.get(self.nodeid, 'times')
2488 l.append(newid)
2489 else:
2490 l = [newid]
2492 # now make the fake CGI form values
2493 for entry in l:
2494 self.form.list.append(MiniFieldStorage('times', entry))
2496 # punt to the normal edit action
2497 return self.editItemAction()
2499 you add this code to your Client class in your tracker's ``interfaces.py``
2500 file.
2502 5. You'll also need to modify your ``issue.item`` form submit action so it
2503 calls the time logging action we just created::
2505 <tr>
2506 <td> </td>
2507 <td colspan=3>
2508 <tal:block tal:condition="context/id">
2509 <input type="hidden" name=":action" value="edit_with_timelog">
2510 <input type="submit" name="submit" value="Submit Changes">
2511 </tal:block>
2512 <tal:block tal:condition="not:context/id">
2513 <input type="hidden" name=":action" value="new">
2514 <input type="submit" name="submit" value="Submit New Issue">
2515 </tal:block>
2516 </td>
2517 </tr>
2519 Note that the "context/submit" command usually handles all that for you -
2520 isn't it handy? The important change is setting the action to
2521 "edit_with_timelog" for edit operations (where the item exists)
2523 6. Display the time log for an issue::
2525 <table class="otherinfo" tal:condition="context/times">
2526 <tr><th colspan="3" class="header">Time Log</th></tr>
2527 <tr><th>Date</th><th>Period</th><th>Logged By</th></tr>
2528 <tr tal:repeat="time context/times">
2529 <td tal:content="time/creation"></td>
2530 <td tal:content="time/period"></td>
2531 <td tal:content="time/creator"></td>
2532 </tr>
2533 </table>
2535 I put this just above the Messages log in my issue display.
2537 6. If you're using a persistent web server - roundup-server or mod_python for
2538 example - then you'll need to restart that to pick up the code changes.
2539 When that's done, you'll be able to use the new time logging interface.
2542 -------------------
2544 Back to `Table of Contents`_
2546 .. _`Table of Contents`: index.html
2547 .. _`design documentation`: design.html