Roundup Tracker - Issues

Message7764

Author rouilj
Recipients rouilj, wking
Date 2023-05-20.17:39:25
Message-id <1684604365.43.0.807535297015.issue2550758@roundup.psfhosted.org>
In-reply-to
This handles one of three cases I can see here:

  1) web interface is available for everybody
  2) web interface is restricted to specific users
  3) web interface is disabled

This handles case 3 nicely, but allowing a value of NODEFAULT means that an admin
doesn't have to take any action to disable the web interface. Also the config.ini's
front matter states that this setting must be provided. This also seems a niche
case since, as noted by wking this makes interaction awkward.

Handling case 1, requires no changes. Handling case 2 is trickier. It requires sending
a different email to each user (so [nosy] email_sending = multiple must be set).
For each target user, look up the username and verify that the "Web Access" permission
is provided. Only if it is present add the web URL. I will send an email to the users-lis to 
see if this is a more realistic use case. If so open another ticket.

Regarding implementing this, I think setting:

  web = disabled

(i.e. the literal string 'disabled') as the only way to disable the web setting
is a better choice. It requires affirmative action on the part of the admin and
documents that the web is disabled.

I also considered using a pseudo URL ('http://disabled/') so the the class defined
to validate the web setting won't have to be modified. But that class is used only for
the web url and is not used in other URL config definitions, so changing it makes sense.

This also should allow the changes in email_signature to be simplified from:

          if (not isinstance(base, type('')) or
                not (base.startswith('http://') or
                     base.startswith('https://'))):
            web = "Configuration Error: TRACKER_WEB isn't a " \
                "fully-qualified URL"
        else:
            if not base.endswith('/'):
                base = base + '/'
            web = base + self.classname + issueid

to

            if (base == 'disable'):
                web = None

with most of the rest of the original patch.

I think changes to configuration.py require base to match:

  https?://.*/

or the tracker will error when the config is read. Hence, the prefix/suffix match will
always fail to match. Also I don't think self.db.config.TRACKER_WEB can return
anything except a string anymore. If the TRACKER_WEB is the NODEFAULT object, get raises
an exception.

Note: I am not sure when the config gets read if we are running multiple trackers
via roundup-server or wsgi mode. It's possible these errors trigger only after
a matching URL request comes in but...
History
Date User Action Args
2023-05-20 17:39:25rouiljsetmessageid: <1684604365.43.0.807535297015.issue2550758@roundup.psfhosted.org>
2023-05-20 17:39:25rouiljsetrecipients: + rouilj, wking
2023-05-20 17:39:25rouiljlinkissue2550758 messages
2023-05-20 17:39:25rouiljcreate