File: customizing.html

package info (click to toggle)
roundup 1.2.1-10%2Betch1
links: PTS
area: main
in suites: etch
size: 4,764 kB
ctags: 3,756
sloc: python: 30,296; sh: 1,497; perl: 23; makefile: 22
file content (5096 lines) | stat: -rw-r--r-- 260,190 bytes
parent folder | download | duplicates (2)
<?xml version="1.0" encoding="utf-8" ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="generator" content="Docutils 0.4: http://docutils.sourceforge.net/" />
<title>Customising Roundup</title>
<style type="text/css">

/*
:Author: David Goodger
:Contact: goodger@users.sourceforge.net
:Date: $Date$
:Revision: $Revision$
:Copyright: This stylesheet has been placed in the public domain.

Default cascading style sheet for the HTML output of Docutils.

See http://docutils.sf.net/docs/howto/html-stylesheets.html for how to
customize this style sheet.
*/

/* used to remove borders from tables and images */
.borderless, table.borderless td, table.borderless th {
  border: 0 }

table.borderless td, table.borderless th {
  /* Override padding for "table.docutils td" with "! important".
     The right padding separates the table cells. */
  padding: 0 0.5em 0 0 ! important }

.first {
  /* Override more specific margin styles with "! important". */
  margin-top: 0 ! important }

.last, .with-subtitle {
  margin-bottom: 0 ! important }

.hidden {
  display: none }

a.toc-backref {
  text-decoration: none ;
  color: black }

blockquote.epigraph {
  margin: 2em 5em ; }

dl.docutils dd {
  margin-bottom: 0.5em }

/* Uncomment (and remove this text!) to get bold-faced definition list terms
dl.docutils dt {
  font-weight: bold }
*/

div.abstract {
  margin: 2em 5em }

div.abstract p.topic-title {
  font-weight: bold ;
  text-align: center }

div.admonition, div.attention, div.caution, div.danger, div.error,
div.hint, div.important, div.note, div.tip, div.warning {
  margin: 2em ;
  border: medium outset ;
  padding: 1em }

div.admonition p.admonition-title, div.hint p.admonition-title,
div.important p.admonition-title, div.note p.admonition-title,
div.tip p.admonition-title {
  font-weight: bold ;
  font-family: sans-serif }

div.attention p.admonition-title, div.caution p.admonition-title,
div.danger p.admonition-title, div.error p.admonition-title,
div.warning p.admonition-title {
  color: red ;
  font-weight: bold ;
  font-family: sans-serif }

/* Uncomment (and remove this text!) to get reduced vertical space in
   compound paragraphs.
div.compound .compound-first, div.compound .compound-middle {
  margin-bottom: 0.5em }

div.compound .compound-last, div.compound .compound-middle {
  margin-top: 0.5em }
*/

div.dedication {
  margin: 2em 5em ;
  text-align: center ;
  font-style: italic }

div.dedication p.topic-title {
  font-weight: bold ;
  font-style: normal }

div.figure {
  margin-left: 2em ;
  margin-right: 2em }

div.footer, div.header {
  clear: both;
  font-size: smaller }

div.line-block {
  display: block ;
  margin-top: 1em ;
  margin-bottom: 1em }

div.line-block div.line-block {
  margin-top: 0 ;
  margin-bottom: 0 ;
  margin-left: 1.5em }

div.sidebar {
  margin-left: 1em ;
  border: medium outset ;
  padding: 1em ;
  background-color: #ffffee ;
  width: 40% ;
  float: right ;
  clear: right }

div.sidebar p.rubric {
  font-family: sans-serif ;
  font-size: medium }

div.system-messages {
  margin: 5em }

div.system-messages h1 {
  color: red }

div.system-message {
  border: medium outset ;
  padding: 1em }

div.system-message p.system-message-title {
  color: red ;
  font-weight: bold }

div.topic {
  margin: 2em }

h1.section-subtitle, h2.section-subtitle, h3.section-subtitle,
h4.section-subtitle, h5.section-subtitle, h6.section-subtitle {
  margin-top: 0.4em }

h1.title {
  text-align: center }

h2.subtitle {
  text-align: center }

hr.docutils {
  width: 75% }

img.align-left {
  clear: left }

img.align-right {
  clear: right }

ol.simple, ul.simple {
  margin-bottom: 1em }

ol.arabic {
  list-style: decimal }

ol.loweralpha {
  list-style: lower-alpha }

ol.upperalpha {
  list-style: upper-alpha }

ol.lowerroman {
  list-style: lower-roman }

ol.upperroman {
  list-style: upper-roman }

p.attribution {
  text-align: right ;
  margin-left: 50% }

p.caption {
  font-style: italic }

p.credits {
  font-style: italic ;
  font-size: smaller }

p.label {
  white-space: nowrap }

p.rubric {
  font-weight: bold ;
  font-size: larger ;
  color: maroon ;
  text-align: center }

p.sidebar-title {
  font-family: sans-serif ;
  font-weight: bold ;
  font-size: larger }

p.sidebar-subtitle {
  font-family: sans-serif ;
  font-weight: bold }

p.topic-title {
  font-weight: bold }

pre.address {
  margin-bottom: 0 ;
  margin-top: 0 ;
  font-family: serif ;
  font-size: 100% }

pre.literal-block, pre.doctest-block {
  margin-left: 2em ;
  margin-right: 2em ;
  background-color: #eeeeee }

span.classifier {
  font-family: sans-serif ;
  font-style: oblique }

span.classifier-delimiter {
  font-family: sans-serif ;
  font-weight: bold }

span.interpreted {
  font-family: sans-serif }

span.option {
  white-space: nowrap }

span.pre {
  white-space: pre }

span.problematic {
  color: red }

span.section-subtitle {
  /* font-size relative to parent (h1..h6 element) */
  font-size: 80% }

table.citation {
  border-left: solid 1px gray;
  margin-left: 1px }

table.docinfo {
  margin: 2em 4em }

table.docutils {
  margin-top: 0.5em ;
  margin-bottom: 0.5em }

table.footnote {
  border-left: solid 1px black;
  margin-left: 1px }

table.docutils td, table.docutils th,
table.docinfo td, table.docinfo th {
  padding-left: 0.5em ;
  padding-right: 0.5em ;
  vertical-align: top }

table.docutils th.field-name, table.docinfo th.docinfo-name {
  font-weight: bold ;
  text-align: left ;
  white-space: nowrap ;
  padding-left: 0 }

h1 tt.docutils, h2 tt.docutils, h3 tt.docutils,
h4 tt.docutils, h5 tt.docutils, h6 tt.docutils {
  font-size: 100% }

tt.docutils {
  background-color: #eeeeee }

ul.auto-toc {
  list-style-type: none }

</style>
</head>
<body>
<div class="document" id="customising-roundup">
<h1 class="title">Customising Roundup</h1>
<table class="docinfo" frame="void" rules="none">
<col class="docinfo-name" />
<col class="docinfo-content" />
<tbody valign="top">
<tr><th class="docinfo-name">Version:</th>
<td>$Revision$</td></tr>
</tbody>
</table>
<!-- This document borrows from the ZopeBook section on ZPT. The original is at:
http://www.zope.org/Documentation/Books/ZopeBook/current/ZPT.stx -->
<div class="contents topic">
<p class="topic-title first"><a id="contents" name="contents">Contents</a></p>
<ul class="simple">
<li><a class="reference" href="#what-you-can-do" id="id6" name="id6">What You Can Do</a></li>
<li><a class="reference" href="#trackers-in-a-nutshell" id="id7" name="id7">Trackers in a Nutshell</a></li>
<li><a class="reference" href="#tracker-configuration" id="id8" name="id8">Tracker Configuration</a></li>
<li><a class="reference" href="#tracker-schema" id="id9" name="id9">Tracker Schema</a></li>
<li><a class="reference" href="#detectors-adding-behaviour-to-your-tracker" id="id10" name="id10">Detectors - adding behaviour to your tracker</a></li>
<li><a class="reference" href="#database-content" id="id11" name="id11">Database Content</a></li>
<li><a class="reference" href="#security-access-controls" id="id12" name="id12">Security / Access Controls</a></li>
<li><a class="reference" href="#web-interface" id="id13" name="id13">Web Interface</a></li>
<li><a class="reference" href="#examples" id="id14" name="id14">Examples</a></li>
<li><a class="reference" href="#debugging-trackers" id="id15" name="id15">Debugging Trackers</a></li>
</ul>
</div>
<div class="section">
<h1><a class="toc-backref" href="#id6" id="what-you-can-do" name="what-you-can-do">What You Can Do</a></h1>
<p>Before you get too far, it's probably worth having a quick read of the Roundup
<a class="reference" href="design.html">design documentation</a>.</p>
<p>Customisation of Roundup can take one of six forms:</p>
<ol class="arabic simple">
<li><a class="reference" href="#tracker-configuration">tracker configuration</a> changes</li>
<li>database, or <a class="reference" href="#tracker-schema">tracker schema</a> changes</li>
<li>&quot;definition&quot; class <a class="reference" href="#database-content">database content</a> changes</li>
<li>behavioural changes, through <a class="reference" href="#detectors">detectors</a></li>
<li><a class="reference" href="#security-access-controls">security / access controls</a></li>
<li>change the <a class="reference" href="#web-interface">web interface</a></li>
</ol>
<p>The third case is special because it takes two distinctly different forms
depending upon whether the tracker has been initialised or not. The other two
may be done at any time, before or after tracker initialisation. Yes, this
includes adding or removing properties from classes.</p>
</div>
<div class="section">
<h1><a class="toc-backref" href="#id7" id="trackers-in-a-nutshell" name="trackers-in-a-nutshell">Trackers in a Nutshell</a></h1>
<p>Trackers have the following structure:</p>
<table border="1" class="docutils">
<colgroup>
<col width="25%" />
<col width="75%" />
</colgroup>
<thead valign="bottom">
<tr><th class="head">Tracker File</th>
<th class="head">Description</th>
</tr>
</thead>
<tbody valign="top">
<tr><td>config.ini</td>
<td>Holds the basic <a class="reference" href="#tracker-configuration">tracker configuration</a></td>
</tr>
<tr><td>schema.py</td>
<td>Holds the <a class="reference" href="#tracker-schema">tracker schema</a></td>
</tr>
<tr><td>initial_data.py</td>
<td>Holds any data to be entered into the database when the
tracker is initialised.</td>
</tr>
<tr><td>db/</td>
<td>Holds the tracker's database</td>
</tr>
<tr><td>db/files/</td>
<td>Holds the tracker's upload files and messages</td>
</tr>
<tr><td>db/backend_name</td>
<td>Names the database back-end for the tracker</td>
</tr>
<tr><td>detectors/</td>
<td>Auditors and reactors for this tracker</td>
</tr>
<tr><td>extensions/</td>
<td>Additional web actions and templating utilities.</td>
</tr>
<tr><td>html/</td>
<td>Web interface templates, images and style sheets</td>
</tr>
</tbody>
</table>
</div>
<div class="section">
<h1><a class="toc-backref" href="#id8" id="tracker-configuration" name="tracker-configuration">Tracker Configuration</a></h1>
<p>The <tt class="docutils literal"><span class="pre">config.ini</span></tt> located in your tracker home contains the basic
configuration for the web and e-mail components of roundup's interfaces.</p>
<p>Changes to the data captured by your tracker is controlled by the <a class="reference" href="#tracker-schema">tracker
schema</a>.  Some configuration is also performed using permissions - see the
<a class="reference" href="#security-access-controls">security / access controls</a> section. For example, to allow users to
automatically register through the email interface, you must grant the
&quot;Anonymous&quot; Role the &quot;Email Access&quot; Permission.</p>
<p>The following is taken from the <a class="reference" href="http://docs.python.org/lib/module-ConfigParser.html">Python Library Reference</a> (May 20, 2004)
section &quot;ConfigParser -- Configuration file parser&quot;:</p>
<blockquote>
<p>The configuration file consists of sections, led by a &quot;[section]&quot; header
and followed by &quot;name = value&quot; entries, with line continuations on a
newline with leading whitespace. Note that leading whitespace is removed
from values. The optional values can contain format strings which
refer to other values in the same section. Lines beginning with &quot;#&quot; or &quot;;&quot;
are ignored and may be used to provide comments.</p>
<p>For example:</p>
<pre class="literal-block">
[My Section]
foodir = %(dir)s/whatever
dir = frob
</pre>
<p>would resolve the &quot;%(dir)s&quot; to the value of &quot;dir&quot; (&quot;frob&quot; in this case)
resulting in &quot;foodir&quot; being &quot;frob/whatever&quot;.</p>
</blockquote>
<dl class="docutils">
<dt>Section <strong>main</strong></dt>
<dd><dl class="first last docutils">
<dt>database -- <tt class="docutils literal"><span class="pre">db</span></tt></dt>
<dd>Database directory path. The path may be either absolute or relative
to the directory containig this config file.</dd>
<dt>templates -- <tt class="docutils literal"><span class="pre">html</span></tt></dt>
<dd>Path to the HTML templates directory. The path may be either absolute
or relative to the directory containig this config file.</dd>
<dt>admin_email -- <tt class="docutils literal"><span class="pre">roundup-admin</span></tt></dt>
<dd>Email address that roundup will complain to if it runs into trouble. If
the email address doesn't contain an <tt class="docutils literal"><span class="pre">&#64;</span></tt> part, the MAIL_DOMAIN defined
below is used.</dd>
<dt>dispatcher_email -- <tt class="docutils literal"><span class="pre">roundup-admin</span></tt></dt>
<dd>The 'dispatcher' is a role that can get notified of new items to the
database. It is used by the ERROR_MESSAGES_TO config setting. If the
email address doesn't contain an <tt class="docutils literal"><span class="pre">&#64;</span></tt> part, the MAIL_DOMAIN defined
below is used.</dd>
<dt>email_from_tag -- default <em>blank</em></dt>
<dd>Additional text to include in the &quot;name&quot; part of the From: address used
in nosy messages. If the sending user is &quot;Foo Bar&quot;, the From: line
is usually: <tt class="docutils literal"><span class="pre">&quot;Foo</span> <span class="pre">Bar&quot;</span> <span class="pre">&lt;issue_tracker&#64;tracker.example&gt;</span></tt>
the EMAIL_FROM_TAG goes inside the &quot;Foo Bar&quot; quotes like so:
<tt class="docutils literal"><span class="pre">&quot;Foo</span> <span class="pre">Bar</span> <span class="pre">EMAIL_FROM_TAG&quot;</span> <span class="pre">&lt;issue_tracker&#64;tracker.example&gt;</span></tt></dd>
<dt>new_web_user_roles -- <tt class="docutils literal"><span class="pre">User</span></tt></dt>
<dd>Roles that a user gets when they register with Web User Interface.
This is a comma-separated list of role names (e.g. <tt class="docutils literal"><span class="pre">Admin,User</span></tt>).</dd>
<dt>new_email_user_roles -- <tt class="docutils literal"><span class="pre">User</span></tt></dt>
<dd>Roles that a user gets when they register with Email Gateway.
This is a comma-separated string of role names (e.g. <tt class="docutils literal"><span class="pre">Admin,User</span></tt>).</dd>
<dt>error_messages_to -- <tt class="docutils literal"><span class="pre">user</span></tt></dt>
<dd>Send error message emails to the <tt class="docutils literal"><span class="pre">dispatcher</span></tt>, <tt class="docutils literal"><span class="pre">user</span></tt>, or <tt class="docutils literal"><span class="pre">both</span></tt>?
The dispatcher is configured using the DISPATCHER_EMAIL setting.
Allowed values: <tt class="docutils literal"><span class="pre">dispatcher</span></tt>, <tt class="docutils literal"><span class="pre">user</span></tt>, or <tt class="docutils literal"><span class="pre">both</span></tt></dd>
<dt>html_version -- <tt class="docutils literal"><span class="pre">html4</span></tt></dt>
<dd>HTML version to generate. The templates are <tt class="docutils literal"><span class="pre">html4</span></tt> by default.
If you wish to make them xhtml, then you'll need to change this
var to <tt class="docutils literal"><span class="pre">xhtml</span></tt> too so all auto-generated HTML is compliant.
Allowed values: <tt class="docutils literal"><span class="pre">html4</span></tt>, <tt class="docutils literal"><span class="pre">xhtml</span></tt></dd>
<dt>timezone -- <tt class="docutils literal"><span class="pre">0</span></tt></dt>
<dd>Numeric timezone offset used when users do not choose their own
in their settings.</dd>
<dt>instant_registration -- <tt class="docutils literal"><span class="pre">yes</span></tt></dt>
<dd>Register new users instantly, or require confirmation via
email?
Allowed values: <tt class="docutils literal"><span class="pre">yes</span></tt>, <tt class="docutils literal"><span class="pre">no</span></tt></dd>
<dt>email_registration_confirmation -- <tt class="docutils literal"><span class="pre">yes</span></tt></dt>
<dd>Offer registration confirmation by email or only through the web?
Allowed values: <tt class="docutils literal"><span class="pre">yes</span></tt>, <tt class="docutils literal"><span class="pre">no</span></tt></dd>
<dt>indexer_stopwords -- default <em>blank</em></dt>
<dd>Additional stop-words for the full-text indexer specific to
your tracker. See the indexer source for the default list of
stop-words (e.g. <tt class="docutils literal"><span class="pre">A,AND,ARE,AS,AT,BE,BUT,BY,</span> <span class="pre">...</span></tt>).</dd>
</dl>
</dd>
<dt>Section <strong>tracker</strong></dt>
<dd><dl class="first last docutils">
<dt>name -- <tt class="docutils literal"><span class="pre">Roundup</span> <span class="pre">issue</span> <span class="pre">tracker</span></tt></dt>
<dd>A descriptive name for your roundup instance.</dd>
<dt>web -- <tt class="docutils literal"><span class="pre">http://host.example/demo/</span></tt></dt>
<dd>The web address that the tracker is viewable at.
This will be included in information sent to users of the tracker.
The URL MUST include the cgi-bin part or anything else
that is required to get to the home page of the tracker.
You MUST include a trailing '/' in the URL.</dd>
<dt>email -- <tt class="docutils literal"><span class="pre">issue_tracker</span></tt></dt>
<dd>Email address that mail to roundup should go to.</dd>
</dl>
</dd>
<dt>Section <strong>web</strong></dt>
<dd><dl class="first last docutils">
<dt>http_auth -- <tt class="docutils literal"><span class="pre">yes</span></tt></dt>
<dd>Whether to use HTTP Basic Authentication, if present.
Roundup will use either the REMOTE_USER or HTTP_AUTHORIZATION
variables supplied by your web server (in that order).
Set this option to 'no' if you do not wish to use HTTP Basic
Authentication in your web interface.</dd>
<dt>use_browser_language -- <tt class="docutils literal"><span class="pre">yes</span></tt></dt>
<dd>Whether to use HTTP Accept-Language, if present.
Browsers send a language-region preference list.
It's usually set in the client's browser or in their
Operating System.
Set this option to 'no' if you want to ignore it.</dd>
<dt>debug -- <tt class="docutils literal"><span class="pre">no</span></tt></dt>
<dd>Setting this option makes Roundup display error tracebacks
in the user's browser rather than emailing them to the
tracker admin.&quot;),</dd>
</dl>
</dd>
<dt>Section <strong>rdbms</strong></dt>
<dd><p class="first">Settings in this section are used by Postgresql and MySQL backends only</p>
<dl class="last docutils">
<dt>name -- <tt class="docutils literal"><span class="pre">roundup</span></tt></dt>
<dd>Name of the database to use.</dd>
<dt>host -- <tt class="docutils literal"><span class="pre">localhost</span></tt></dt>
<dd>Database server host.</dd>
<dt>port -- default <em>blank</em></dt>
<dd>TCP port number of the database server. Postgresql usually resides on
port 5432 (if any), for MySQL default port number is 3306. Leave this
option empty to use backend default.</dd>
<dt>user -- <tt class="docutils literal"><span class="pre">roundup</span></tt></dt>
<dd>Database user name that Roundup should use.</dd>
<dt>password -- <tt class="docutils literal"><span class="pre">roundup</span></tt></dt>
<dd>Database user password.</dd>
</dl>
</dd>
<dt>Section <strong>logging</strong></dt>
<dd><dl class="first last docutils">
<dt>config -- default <em>blank</em></dt>
<dd>Path to configuration file for standard Python logging module. If this
option is set, logging configuration is loaded from specified file;
options 'filename' and 'level' in this section are ignored. The path may
be either absolute or relative to the directory containig this config file.</dd>
<dt>filename -- default <em>blank</em></dt>
<dd>Log file name for minimal logging facility built into Roundup.  If no file
name specified, log messages are written on stderr. If above 'config'
option is set, this option has no effect. The path may be either absolute
or relative to the directory containig this config file.</dd>
<dt>level -- <tt class="docutils literal"><span class="pre">ERROR</span></tt></dt>
<dd>Minimal severity level of messages written to log file. If above 'config'
option is set, this option has no effect.
Allowed values: <tt class="docutils literal"><span class="pre">DEBUG</span></tt>, <tt class="docutils literal"><span class="pre">INFO</span></tt>, <tt class="docutils literal"><span class="pre">WARNING</span></tt>, <tt class="docutils literal"><span class="pre">ERROR</span></tt></dd>
</dl>
</dd>
<dt>Section <strong>mail</strong></dt>
<dd><p class="first">Outgoing email options. Used for nosy messages, password reset and
registration approval requests.</p>
<dl class="last docutils">
<dt>domain -- <tt class="docutils literal"><span class="pre">localhost</span></tt></dt>
<dd>Domain name used for email addresses.</dd>
<dt>host -- default <em>blank</em></dt>
<dd>SMTP mail host that roundup will use to send mail</dd>
<dt>username -- default <em>blank</em></dt>
<dd>SMTP login name. Set this if your mail host requires authenticated access.
If username is not empty, password (below) MUST be set!</dd>
<dt>password -- default <em>blank</em></dt>
<dd>SMTP login password.
Set this if your mail host requires authenticated access.</dd>
<dt>tls -- <tt class="docutils literal"><span class="pre">no</span></tt></dt>
<dd>If your SMTP mail host provides or requires TLS (Transport Layer Security)
then you may set this option to 'yes'.
Allowed values: <tt class="docutils literal"><span class="pre">yes</span></tt>, <tt class="docutils literal"><span class="pre">no</span></tt></dd>
<dt>tls_keyfile -- default <em>blank</em></dt>
<dd>If TLS is used, you may set this option to the name of a PEM formatted
file that contains your private key. The path may be either absolute or
relative to the directory containig this config file.</dd>
<dt>tls_certfile -- default <em>blank</em></dt>
<dd>If TLS is used, you may set this option to the name of a PEM formatted
certificate chain file. The path may be either absolute or relative
to the directory containig this config file.</dd>
<dt>charset -- utf-8</dt>
<dd>Character set to encode email headers with. We use utf-8 by default, as
it's the most flexible. Some mail readers (eg. Eudora) can't cope with
that, so you might need to specify a more limited character set
(eg. iso-8859-1).</dd>
<dt>debug -- default <em>blank</em></dt>
<dd>Setting this option makes Roundup to write all outgoing email messages
to this file <em>instead</em> of sending them. This option has the same effect
as environment variable SENDMAILDEBUG. Environment variable takes
precedence. The path may be either absolute or relative to the directory
containig this config file.</dd>
</dl>
</dd>
<dt>Section <strong>mailgw</strong></dt>
<dd><p class="first">Roundup Mail Gateway options</p>
<dl class="last docutils">
<dt>keep_quoted_text -- <tt class="docutils literal"><span class="pre">yes</span></tt></dt>
<dd>Keep email citations when accepting messages. Setting this to <tt class="docutils literal"><span class="pre">no</span></tt> strips
out &quot;quoted&quot; text from the message. Signatures are also stripped.
Allowed values: <tt class="docutils literal"><span class="pre">yes</span></tt>, <tt class="docutils literal"><span class="pre">no</span></tt></dd>
<dt>leave_body_unchanged -- <tt class="docutils literal"><span class="pre">no</span></tt></dt>
<dd>Preserve the email body as is - that is, keep the citations <em>and</em>
signatures.
Allowed values: <tt class="docutils literal"><span class="pre">yes</span></tt>, <tt class="docutils literal"><span class="pre">no</span></tt></dd>
<dt>default_class -- <tt class="docutils literal"><span class="pre">issue</span></tt></dt>
<dd>Default class to use in the mailgw if one isn't supplied in email subjects.
To disable, leave the value blank.</dd>
<dt>subject_prefix_parsing -- <tt class="docutils literal"><span class="pre">strict</span></tt></dt>
<dd>Controls the parsing of the [prefix] on subject lines in incoming emails.
<tt class="docutils literal"><span class="pre">strict</span></tt> will return an error to the sender if the [prefix] is not
recognised. <tt class="docutils literal"><span class="pre">loose</span></tt> will attempt to parse the [prefix] but just
pass it through as part of the issue title if not recognised. <tt class="docutils literal"><span class="pre">none</span></tt>
will always pass any [prefix] through as part of the issue title.</dd>
<dt>subject_suffix_parsing -- <tt class="docutils literal"><span class="pre">strict</span></tt></dt>
<dd>Controls the parsing of the [suffix] on subject lines in incoming emails.
<tt class="docutils literal"><span class="pre">strict</span></tt> will return an error to the sender if the [suffix] is not
recognised. <tt class="docutils literal"><span class="pre">loose</span></tt> will attempt to parse the [suffix] but just
pass it through as part of the issue title if not recognised. <tt class="docutils literal"><span class="pre">none</span></tt>
will always pass any [suffix] through as part of the issue title.</dd>
<dt>subject_suffix_delimiters -- <tt class="docutils literal"><span class="pre">[]</span></tt></dt>
<dd>Defines the brackets used for delimiting the commands suffix in a subject
line.</dd>
<dt>subject_content_match -- <tt class="docutils literal"><span class="pre">always</span></tt></dt>
<dd>Controls matching of the incoming email subject line against issue titles
in the case where there is no designator [prefix]. <tt class="docutils literal"><span class="pre">never</span></tt> turns off
matching. <tt class="docutils literal"><span class="pre">creation</span> <span class="pre">+</span> <span class="pre">interval</span></tt> or <tt class="docutils literal"><span class="pre">activity</span> <span class="pre">+</span> <span class="pre">interval</span></tt> will match
an issue for the interval after the issue's creation or last activity.
The interval is a standard Roundup interval.</dd>
</dl>
</dd>
<dt>Section <strong>nosy</strong></dt>
<dd><p class="first">Nosy messages sending</p>
<dl class="last docutils">
<dt>messages_to_author -- <tt class="docutils literal"><span class="pre">no</span></tt></dt>
<dd>Send nosy messages to the author of the message.
Allowed values: <tt class="docutils literal"><span class="pre">yes</span></tt>, <tt class="docutils literal"><span class="pre">no</span></tt>, <tt class="docutils literal"><span class="pre">new</span></tt></dd>
<dt>signature_position -- <tt class="docutils literal"><span class="pre">bottom</span></tt></dt>
<dd>Where to place the email signature.
Allowed values: <tt class="docutils literal"><span class="pre">top</span></tt>, <tt class="docutils literal"><span class="pre">bottom</span></tt>, <tt class="docutils literal"><span class="pre">none</span></tt></dd>
<dt>add_author -- <tt class="docutils literal"><span class="pre">new</span></tt></dt>
<dd>Does the author of a message get placed on the nosy list automatically?
If <tt class="docutils literal"><span class="pre">new</span></tt> is used, then the author will only be added when a message
creates a new issue. If <tt class="docutils literal"><span class="pre">yes</span></tt>, then the author will be added on
followups too. If <tt class="docutils literal"><span class="pre">no</span></tt>, they're never added to the nosy.
Allowed values: <tt class="docutils literal"><span class="pre">yes</span></tt>, <tt class="docutils literal"><span class="pre">no</span></tt>, <tt class="docutils literal"><span class="pre">new</span></tt></dd>
<dt>add_recipients -- <tt class="docutils literal"><span class="pre">new</span></tt></dt>
<dd>Do the recipients (<tt class="docutils literal"><span class="pre">To:</span></tt>, <tt class="docutils literal"><span class="pre">Cc:</span></tt>) of a message get placed on the nosy
list?  If <tt class="docutils literal"><span class="pre">new</span></tt> is used, then the recipients will only be added when a
message creates a new issue. If <tt class="docutils literal"><span class="pre">yes</span></tt>, then the recipients will be added
on followups too. If <tt class="docutils literal"><span class="pre">no</span></tt>, they're never added to the nosy.
Allowed values: <tt class="docutils literal"><span class="pre">yes</span></tt>, <tt class="docutils literal"><span class="pre">no</span></tt>, <tt class="docutils literal"><span class="pre">new</span></tt></dd>
<dt>email_sending -- <tt class="docutils literal"><span class="pre">single</span></tt></dt>
<dd>Controls the email sending from the nosy reactor. If <tt class="docutils literal"><span class="pre">multiple</span></tt> then
a separate email is sent to each recipient. If <tt class="docutils literal"><span class="pre">single</span></tt> then a single
email is sent with each recipient as a CC address.</dd>
</dl>
</dd>
</dl>
<p>You may generate a new default config file using the <tt class="docutils literal"><span class="pre">roundup-admin</span>
<span class="pre">genconfig</span></tt> command.</p>
<p>Configuration variables may be referred to in lower or upper case. In code,
variables not in the &quot;main&quot; section are referred to using their section and
name, so &quot;domain&quot; in the section &quot;mail&quot; becomes MAIL_DOMAIN. The
configuration variables available are:</p>
</div>
<div class="section">
<h1><a class="toc-backref" href="#id9" id="tracker-schema" name="tracker-schema">Tracker Schema</a></h1>
<div class="note">
<p class="first admonition-title">Note</p>
<p class="last">if you modify the schema, you'll most likely need to edit the
<a class="reference" href="#web-interface">web interface</a> HTML template files and <a class="reference" href="#detectors">detectors</a> to reflect
your changes.</p>
</div>
<p>A tracker schema defines what data is stored in the tracker's database.
Schemas are defined using Python code in the <tt class="docutils literal"><span class="pre">schema.py</span></tt> module of your
tracker.</p>
<div class="section">
<h2><a id="the-schema-py-module" name="the-schema-py-module">The <tt class="docutils literal"><span class="pre">schema.py</span></tt> module</a></h2>
<p>The <tt class="docutils literal"><span class="pre">schema.py</span></tt> module contains two functions:</p>
<dl class="docutils">
<dt><strong>open</strong></dt>
<dd>This function defines what your tracker looks like on the inside, the
<strong>schema</strong> of the tracker. It defines the <strong>Classes</strong> and <strong>properties</strong>
on each class. It also defines the <strong>security</strong> for those Classes. The
next few sections describe how schemas work and what you can do with
them.</dd>
<dt><strong>init</strong></dt>
<dd>This function is responsible for setting up the initial state of your
tracker. It's called exactly once - but the <tt class="docutils literal"><span class="pre">roundup-admin</span> <span class="pre">initialise</span></tt>
command.  See the start of the section on <a class="reference" href="#database-content">database content</a> for more
info about how this works.</dd>
</dl>
</div>
<div class="section">
<h2><a id="the-classic-schema" name="the-classic-schema">The &quot;classic&quot; schema</a></h2>
<p>The &quot;classic&quot; schema looks like this (see section <a class="reference" href="#setkey-property">setkey(property)</a>
below for the meaning of <tt class="docutils literal"><span class="pre">'setkey'</span></tt> -- you may also want to look into
the sections <a class="reference" href="#setlabelprop-property">setlabelprop(property)</a> and <a class="reference" href="#setorderprop-property">setorderprop(property)</a> for
specifying (default) labelling and ordering of classes.):</p>
<pre class="literal-block">
pri = Class(db, &quot;priority&quot;, name=String(), order=String())
pri.setkey(&quot;name&quot;)

stat = Class(db, &quot;status&quot;, name=String(), order=String())
stat.setkey(&quot;name&quot;)

keyword = Class(db, &quot;keyword&quot;, name=String())
keyword.setkey(&quot;name&quot;)

user = Class(db, &quot;user&quot;, username=String(), organisation=String(),
    password=String(), address=String(), realname=String(),
    phone=String())
user.setkey(&quot;username&quot;)

msg = FileClass(db, &quot;msg&quot;, author=Link(&quot;user&quot;), summary=String(),
    date=Date(), recipients=Multilink(&quot;user&quot;),
    files=Multilink(&quot;file&quot;))

file = FileClass(db, &quot;file&quot;, name=String(), type=String())

issue = IssueClass(db, &quot;issue&quot;, topic=Multilink(&quot;keyword&quot;),
    status=Link(&quot;status&quot;), assignedto=Link(&quot;user&quot;),
    priority=Link(&quot;priority&quot;))
issue.setkey('title')
</pre>
</div>
<div class="section">
<h2><a id="what-you-can-t-do-to-the-schema" name="what-you-can-t-do-to-the-schema">What you can't do to the schema</a></h2>
<p>You must never:</p>
<dl class="docutils">
<dt><strong>Remove the users class</strong></dt>
<dd>This class is the only <em>required</em> class in Roundup.</dd>
<dt><strong>Remove the &quot;username&quot;, &quot;address&quot;, &quot;password&quot; or &quot;realname&quot; user properties</strong></dt>
<dd>Various parts of Roundup require these properties. Don't remove them.</dd>
<dt><strong>Change the type of a property</strong></dt>
<dd>Property types must <em>never</em> be changed - the database simply doesn't take
this kind of action into account. Note that you can't just remove a
property and re-add it as a new type either. If you wanted to make the
assignedto property a Multilink, you'd need to create a new property
assignedto_list and remove the old assignedto property.</dd>
</dl>
</div>
<div class="section">
<h2><a id="what-you-can-do-to-the-schema" name="what-you-can-do-to-the-schema">What you can do to the schema</a></h2>
<p>Your schema may be changed at any time before or after the tracker has been
initialised (or used). You may:</p>
<dl class="docutils">
<dt><strong>Add new properties to classes, or add whole new classes</strong></dt>
<dd>This is painless and easy to do - there are generally no repurcussions
from adding new information to a tracker's schema.</dd>
<dt><strong>Remove properties</strong></dt>
<dd>Removing properties is a little more tricky - you need to make sure that
the property is no longer used in the <a class="reference" href="#web-interface">web interface</a> <em>or</em> by the
<a class="reference" href="#detectors">detectors</a>.</dd>
</dl>
</div>
<div class="section">
<h2><a id="classes-and-properties-creating-a-new-information-store" name="classes-and-properties-creating-a-new-information-store">Classes and Properties - creating a new information store</a></h2>
<p>In the tracker above, we've defined 7 classes of information:</p>
<blockquote>
<dl class="docutils">
<dt>priority</dt>
<dd>Defines the possible levels of urgency for issues.</dd>
<dt>status</dt>
<dd>Defines the possible states of processing the issue may be in.</dd>
<dt>keyword</dt>
<dd>Initially empty, will hold keywords useful for searching issues.</dd>
<dt>user</dt>
<dd>Initially holding the &quot;admin&quot; user, will eventually have an entry
for all users using roundup.</dd>
<dt>msg</dt>
<dd>Initially empty, will hold all e-mail messages sent to or
generated by roundup.</dd>
<dt>file</dt>
<dd>Initially empty, will hold all files attached to issues.</dd>
<dt>issue</dt>
<dd>Initially empty, this is where the issue information is stored.</dd>
</dl>
</blockquote>
<p>We define the &quot;priority&quot; and &quot;status&quot; classes to allow two things:
reduction in the amount of information stored on the issue and more
powerful, accurate searching of issues by priority and status. By only
requiring a link on the issue (which is stored as a single number) we
reduce the chance that someone mis-types a priority or status - or
simply makes a new one up.</p>
<div class="section">
<h3><a id="class-and-items" name="class-and-items">Class and Items</a></h3>
<p>A Class defines a particular class (or type) of data that will be stored
in the database. A class comprises one or more properties, which gives
the information about the class items.</p>
<p>The actual data entered into the database, using <tt class="docutils literal"><span class="pre">class.create()</span></tt>, are
called items. They have a special immutable property called <tt class="docutils literal"><span class="pre">'id'</span></tt>. We
sometimes refer to this as the <em>itemid</em>.</p>
</div>
<div class="section">
<h3><a id="properties" name="properties">Properties</a></h3>
<p>A Class is comprised of one or more properties of the following types:</p>
<ul class="simple">
<li>String properties are for storing arbitrary-length strings.</li>
<li>Password properties are for storing encoded arbitrary-length strings.
The default encoding is defined on the <tt class="docutils literal"><span class="pre">roundup.password.Password</span></tt>
class.</li>
<li>Date properties store date-and-time stamps. Their values are Timestamp
objects.</li>
<li>Number properties store numeric values.</li>
<li>Boolean properties store on/off, yes/no, true/false values.</li>
<li>A Link property refers to a single other item selected from a
specified class. The class is part of the property; the value is an
integer, the id of the chosen item.</li>
<li>A Multilink property refers to possibly many items in a specified
class. The value is a list of integers.</li>
</ul>
<p>All Classes automatically have a number of properties by default:</p>
<dl class="docutils">
<dt><em>creator</em></dt>
<dd>Link to the user that created the item.</dd>
<dt><em>creation</em></dt>
<dd>Date the item was created.</dd>
<dt><em>actor</em></dt>
<dd>Link to the user that last modified the item.</dd>
<dt><em>activity</em></dt>
<dd>Date the item was last modified.</dd>
</dl>
</div>
<div class="section">
<h3><a id="fileclass" name="fileclass">FileClass</a></h3>
<p>FileClasses save their &quot;content&quot; attribute off in a separate file from
the rest of the database. This reduces the number of large entries in
the database, which generally makes databases more efficient, and also
allows us to use command-line tools to operate on the files. They are
stored in the files sub-directory of the <tt class="docutils literal"><span class="pre">'db'</span></tt> directory in your
tracker.</p>
</div>
<div class="section">
<h3><a id="issueclass" name="issueclass">IssueClass</a></h3>
<p>IssueClasses automatically include the &quot;messages&quot;, &quot;files&quot;, &quot;nosy&quot;, and
&quot;superseder&quot; properties.</p>
<p>The messages and files properties list the links to the messages and
files related to the issue. The nosy property is a list of links to
users who wish to be informed of changes to the issue - they get &quot;CC'ed&quot;
e-mails when messages are sent to or generated by the issue. The nosy
reactor (in the <tt class="docutils literal"><span class="pre">'detectors'</span></tt> directory) handles this action. The
superseder link indicates an issue which has superseded this one.</p>
<p>They also have the dynamically generated &quot;creation&quot;, &quot;activity&quot; and
&quot;creator&quot; properties.</p>
<p>The value of the &quot;creation&quot; property is the date when an item was
created, and the value of the &quot;activity&quot; property is the date when any
property on the item was last edited (equivalently, these are the dates
on the first and last records in the item's journal). The &quot;creator&quot;
property holds a link to the user that created the issue.</p>
</div>
<div class="section">
<h3><a id="setkey-property" name="setkey-property">setkey(property)</a></h3>
<p>Select a String property of the class to be the key property. The key
property must be unique, and allows references to the items in the class
by the content of the key property. That is, we can refer to users by
their username: for example, let's say that there's an issue in roundup,
issue 23. There's also a user, richard, who happens to be user 2. To
assign an issue to him, we could do either of:</p>
<pre class="literal-block">
roundup-admin set issue23 assignedto=2
</pre>
<p>or:</p>
<pre class="literal-block">
roundup-admin set issue23 assignedto=richard
</pre>
<p>Note, the same thing can be done in the web and e-mail interfaces.</p>
</div>
<div class="section">
<h3><a id="setlabelprop-property" name="setlabelprop-property">setlabelprop(property)</a></h3>
<p>Select a property of the class to be the label property. The label
property is used whereever an item should be uniquely identified, e.g.,
when displaying a link to an item. If setlabelprop is not specified for
a class, the following values are tried for the label:</p>
<blockquote>
<ul class="simple">
<li>the key of the class (see the <a class="reference" href="#setkey-property">setkey(property)</a> section above)</li>
<li>the &quot;name&quot; property</li>
<li>the &quot;title&quot; property</li>
<li>the first property from the sorted property name list</li>
</ul>
</blockquote>
<p>So in most cases you can get away without specifying setlabelprop
explicitly.</p>
</div>
<div class="section">
<h3><a id="setorderprop-property" name="setorderprop-property">setorderprop(property)</a></h3>
<p>Select a property of the class to be the order property. The order
property is used whenever using a default sort order for the class,
e.g., when grouping or sorting class A by a link to class B in the user
interface, the order property of class B is used for sorting.  If
setorderprop is not specified for a class, the following values are tried
for the order property:</p>
<blockquote>
<ul class="simple">
<li>the property named &quot;order&quot;</li>
<li>the label property (see <a class="reference" href="#setlabelprop-property">setlabelprop(property)</a> above)</li>
</ul>
</blockquote>
<p>So in most cases you can get away without specifying setorderprop
explicitly.</p>
</div>
<div class="section">
<h3><a id="create-information" name="create-information">create(information)</a></h3>
<p>Create an item in the database. This is generally used to create items
in the &quot;definitional&quot; classes like &quot;priority&quot; and &quot;status&quot;.</p>
</div>
<div class="section">
<h3><a id="a-note-about-ordering" name="a-note-about-ordering">A note about ordering</a></h3>
<p>When we sort items in the hyperdb, we use one of a number of methods,
depending on the properties being sorted on:</p>
<ol class="arabic simple">
<li>If it's a String, Number, Date or Interval property, we just sort the
scalar value of the property. Strings are sorted case-sensitively.</li>
<li>If it's a Link property, we sort by either the linked item's &quot;order&quot;
property (if it has one) or the linked item's &quot;id&quot;.</li>
<li>Mulitlinks sort similar to #2, but we start with the first Multilink
list item, and if they're the same, we sort by the second item, and
so on.</li>
</ol>
<p>Note that if an &quot;order&quot; property is defined on a Class that is used for
sorting, all items of that Class <em>must</em> have a value against the &quot;order&quot;
property, or sorting will result in random ordering.</p>
</div>
</div>
<div class="section">
<h2><a id="examples-of-adding-to-your-schema" name="examples-of-adding-to-your-schema">Examples of adding to your schema</a></h2>
<p>TODO</p>
</div>
</div>
<div class="section">
<h1><a class="toc-backref" href="#id10" id="detectors-adding-behaviour-to-your-tracker" name="detectors-adding-behaviour-to-your-tracker">Detectors - adding behaviour to your tracker</a></h1>
<p id="detectors">Detectors are initialised every time you open your tracker database, so
you're free to add and remove them any time, even after the database is
initialised via the <tt class="docutils literal"><span class="pre">roundup-admin</span> <span class="pre">initialise</span></tt> command.</p>
<p>The detectors in your tracker fire <em>before</em> (<strong>auditors</strong>) and <em>after</em>
(<strong>reactors</strong>) changes to the contents of your database. They are Python
modules that sit in your tracker's <tt class="docutils literal"><span class="pre">detectors</span></tt> directory. You will
have some installed by default - have a look. You can write new
detectors or modify the existing ones. The existing detectors installed
for you are:</p>
<dl class="docutils">
<dt><strong>nosyreaction.py</strong></dt>
<dd>This provides the automatic nosy list maintenance and email sending.
The nosy reactor (<tt class="docutils literal"><span class="pre">nosyreaction</span></tt>) fires when new messages are added
to issues. The nosy auditor (<tt class="docutils literal"><span class="pre">updatenosy</span></tt>) fires when issues are
changed, and figures out what changes need to be made to the nosy list
(such as adding new authors, etc.)</dd>
<dt><strong>statusauditor.py</strong></dt>
<dd>This provides the <tt class="docutils literal"><span class="pre">chatty</span></tt> auditor which changes the issue status
from <tt class="docutils literal"><span class="pre">unread</span></tt> or <tt class="docutils literal"><span class="pre">closed</span></tt> to <tt class="docutils literal"><span class="pre">chatting</span></tt> if new messages appear.
It also provides the <tt class="docutils literal"><span class="pre">presetunread</span></tt> auditor which pre-sets the
status to <tt class="docutils literal"><span class="pre">unread</span></tt> on new items if the status isn't explicitly
defined.</dd>
<dt><strong>messagesummary.py</strong></dt>
<dd>Generates the <tt class="docutils literal"><span class="pre">summary</span></tt> property for new messages based on the message
content.</dd>
<dt><strong>userauditor.py</strong></dt>
<dd>Verifies the content of some of the user fields (email addresses and
roles lists).</dd>
</dl>
<p>If you don't want this default behaviour, you're completely free to change
or remove these detectors.</p>
<p>See the detectors section in the <a class="reference" href="design.html">design document</a> for details of the
interface for detectors.</p>
<div class="section">
<h2><a id="detector-api" name="detector-api">Detector API</a></h2>
<p>Auditors are called with the arguments:</p>
<pre class="literal-block">
audit(db, cl, itemid, newdata)
</pre>
<p>where <tt class="docutils literal"><span class="pre">db</span></tt> is the database, <tt class="docutils literal"><span class="pre">cl</span></tt> is an instance of Class or
IssueClass within the database, and <tt class="docutils literal"><span class="pre">newdata</span></tt> is a dictionary mapping
property names to values.</p>
<p>For a <tt class="docutils literal"><span class="pre">create()</span></tt> operation, the <tt class="docutils literal"><span class="pre">itemid</span></tt> argument is None and
newdata contains all of the initial property values with which the item
is about to be created.</p>
<p>For a <tt class="docutils literal"><span class="pre">set()</span></tt> operation, newdata contains only the names and values of
properties that are about to be changed.</p>
<p>For a <tt class="docutils literal"><span class="pre">retire()</span></tt> or <tt class="docutils literal"><span class="pre">restore()</span></tt> operation, newdata is None.</p>
<p>Reactors are called with the arguments:</p>
<pre class="literal-block">
react(db, cl, itemid, olddata)
</pre>
<p>where <tt class="docutils literal"><span class="pre">db</span></tt> is the database, <tt class="docutils literal"><span class="pre">cl</span></tt> is an instance of Class or
IssueClass within the database, and <tt class="docutils literal"><span class="pre">olddata</span></tt> is a dictionary mapping
property names to values.</p>
<p>For a <tt class="docutils literal"><span class="pre">create()</span></tt> operation, the <tt class="docutils literal"><span class="pre">itemid</span></tt> argument is the id of the
newly-created item and <tt class="docutils literal"><span class="pre">olddata</span></tt> is None.</p>
<p>For a <tt class="docutils literal"><span class="pre">set()</span></tt> operation, <tt class="docutils literal"><span class="pre">olddata</span></tt> contains the names and previous
values of properties that were changed.</p>
<p>For a <tt class="docutils literal"><span class="pre">retire()</span></tt> or <tt class="docutils literal"><span class="pre">restore()</span></tt> operation, <tt class="docutils literal"><span class="pre">itemid</span></tt> is the id of
the retired or restored item and <tt class="docutils literal"><span class="pre">olddata</span></tt> is None.</p>
</div>
<div class="section">
<h2><a id="additional-detectors-ready-for-use" name="additional-detectors-ready-for-use">Additional Detectors Ready For Use</a></h2>
<p>Sample additional detectors that have been found useful will appear in
the <tt class="docutils literal"><span class="pre">'detectors'</span></tt> directory of the Roundup distribution. If you want
to use one, copy it to the <tt class="docutils literal"><span class="pre">'detectors'</span></tt> of your tracker instance:</p>
<dl class="docutils">
<dt><strong>newissuecopy.py</strong></dt>
<dd>This detector sends an email to a team address whenever a new issue is
created. The address is hard-coded into the detector, so edit it
before you use it (look for the text <a class="reference" href="mailto:'team&#64;team.host">'team&#64;team.host</a>') or you'll get
email errors!</dd>
<dt><strong>creator_resolution.py</strong></dt>
<dd>Catch attempts to set the status to &quot;resolved&quot; - if the assignedto
user isn't the creator, then set the status to &quot;confirm-done&quot;. Note that
&quot;classic&quot; Roundup doesn't have that status, so you'll have to add it. If
you don't want to though, it'll just use &quot;in-progress&quot; instead.</dd>
<dt><strong>email_auditor.py</strong></dt>
<dd>If a file added to an issue is of type message/rfc822, we tack on the
extension .eml.
The reason for this is that Microsoft Internet Explorer will not open
things with a .eml attachment, as they deem it 'unsafe'. Worse yet,
they'll just give you an incomprehensible error message. For more
information, see the detector code - it has a length explanation.</dd>
</dl>
</div>
<div class="section">
<h2><a id="auditor-or-reactor" name="auditor-or-reactor">Auditor or Reactor?</a></h2>
<p>Generally speaking, the following rules should be observed:</p>
<dl class="docutils">
<dt><strong>Auditors</strong></dt>
<dd>Are used for <a class="reference" href="#vetoing-creation-of-or-changes-to-items">vetoing creation of or changes to items</a>. They might
also make automatic changes to item properties.</dd>
<dt><strong>Reactors</strong></dt>
<dd>Detect changes in the database and react accordingly. They should avoid
making changes to the database where possible, as this could create
detector loops.</dd>
</dl>
</div>
<div class="section">
<h2><a id="vetoing-creation-of-or-changes-to-items" name="vetoing-creation-of-or-changes-to-items">Vetoing creation of or changes to items</a></h2>
<p>Auditors may raise the <tt class="docutils literal"><span class="pre">Reject</span></tt> exception to prevent the creation of
or changes to items in the database.  The mail gateway, for example, will
not attach files or messages to issues when the creation of those files or
messages are prevented through the <tt class="docutils literal"><span class="pre">Reject</span></tt> exception. It'll also not create
users if that creation is <tt class="docutils literal"><span class="pre">Reject</span></tt>'ed too.</p>
<p>To use, simply add at the top of your auditor:</p>
<pre class="literal-block">
from roundup.exceptions import Reject
</pre>
<p>And then when your rejection criteria have been detected, simply:</p>
<pre class="literal-block">
raise Reject
</pre>
</div>
<div class="section">
<h2><a id="generating-email-from-roundup" name="generating-email-from-roundup">Generating email from Roundup</a></h2>
<p>The module <tt class="docutils literal"><span class="pre">roundup.mailer</span></tt> contains most of the nuts-n-bolts required
to generate email messages from Roundup.</p>
<p>In addition, the <tt class="docutils literal"><span class="pre">IssueClass</span></tt> methods <tt class="docutils literal"><span class="pre">nosymessage()</span></tt> and
<tt class="docutils literal"><span class="pre">send_message()</span></tt> are used to generate nosy messages, and may generate
messages which only consist of a change note (ie. the message id parameter
is not required - this is referred to as a &quot;System Message&quot; because it
comes from &quot;the system&quot; and not a user).</p>
</div>
</div>
<div class="section">
<h1><a class="toc-backref" href="#id11" id="database-content" name="database-content">Database Content</a></h1>
<div class="note">
<p class="first admonition-title">Note</p>
<p class="last">if you modify the content of definitional classes, you'll most
likely need to edit the tracker <a class="reference" href="#detectors">detectors</a> to reflect your changes.</p>
</div>
<p>Customisation of the special &quot;definitional&quot; classes (eg. status,
priority, resolution, ...) may be done either before or after the
tracker is initialised. The actual method of doing so is completely
different in each case though, so be careful to use the right one.</p>
<dl class="docutils">
<dt><strong>Changing content before tracker initialisation</strong></dt>
<dd>Edit the initial_data.py module in your tracker to alter the items
created using the <tt class="docutils literal"><span class="pre">create(</span> <span class="pre">...</span> <span class="pre">)</span></tt> methods.</dd>
<dt><strong>Changing content after tracker initialisation</strong></dt>
<dd><p class="first">As the &quot;admin&quot; user, click on the &quot;class list&quot; link in the web
interface to bring up a list of all database classes. Click on the
name of the class you wish to change the content of.</p>
<p class="last">You may also use the <tt class="docutils literal"><span class="pre">roundup-admin</span></tt> interface's create, set and
retire methods to add, alter or remove items from the classes in
question.</p>
</dd>
</dl>
<p>See &quot;<a class="reference" href="#adding-a-new-field-to-the-classic-schema">adding a new field to the classic schema</a>&quot; for an example that
requires database content changes.</p>
</div>
<div class="section">
<h1><a class="toc-backref" href="#id12" id="security-access-controls" name="security-access-controls">Security / Access Controls</a></h1>
<p>A set of Permissions is built into the security module by default:</p>
<ul class="simple">
<li>Create (everything)</li>
<li>Edit (everything)</li>
<li>View (everything)</li>
</ul>
<p>These are assigned to the &quot;Admin&quot; Role by default, and allow a user to do
anything. Every Class you define in your <a class="reference" href="#tracker-schema">tracker schema</a> also gets an
Create, Edit and View Permission of its own. The web and email interfaces
also define:</p>
<dl class="docutils">
<dt><em>Email Access</em></dt>
<dd>If defined, the user may use the email interface. Used by default to deny
Anonymous users access to the email interface. When granted to the
Anonymous user, they will be automatically registered by the email
interface (see also the <tt class="docutils literal"><span class="pre">new_email_user_roles</span></tt> configuration option).</dd>
<dt><em>Web Access</em></dt>
<dd>If defined, the user may use the web interface. All users are able to see
the login form, regardless of this setting (thus enabling logging in).</dd>
<dt><em>Web Roles</em></dt>
<dd>Controls user access to editing the &quot;roles&quot; property of the &quot;user&quot; class.
TODO: deprecate in favour of a property-based control.</dd>
</dl>
<p>These are hooked into the default Roles:</p>
<ul class="simple">
<li>Admin (Create, Edit, View and everything; Web Roles)</li>
<li>User (Web Access; Email Access)</li>
<li>Anonymous (Web Access)</li>
</ul>
<p>And finally, the &quot;admin&quot; user gets the &quot;Admin&quot; Role, and the &quot;anonymous&quot;
user gets &quot;Anonymous&quot; assigned when the tracker is installed.</p>
<p>For the &quot;User&quot; Role, the &quot;classic&quot; tracker defines:</p>
<ul class="simple">
<li>Create, Edit and View issue, file, msg, query, keyword</li>
<li>View priority, status</li>
<li>View user</li>
<li>Edit their own user record</li>
</ul>
<p>And the &quot;Anonymous&quot; Role is defined as:</p>
<ul class="simple">
<li>Web interface access</li>
<li>Create user (for registration)</li>
<li>View issue, file, msg, query, keyword, priority, status</li>
</ul>
<p>Put together, these settings appear in the tracker's <tt class="docutils literal"><span class="pre">schema.py</span></tt> file:</p>
<pre class="literal-block">
#
# TRACKER SECURITY SETTINGS
#
# See the configuration and customisation document for information
# about security setup.

#
# REGULAR USERS
#
# Give the regular users access to the web and email interface
db.security.addPermissionToRole('User', 'Web Access')
db.security.addPermissionToRole('User', 'Email Access')

# Assign the access and edit Permissions for issue, file and message
# to regular users now
for cl in 'issue', 'file', 'msg', 'query', 'keyword':
    db.security.addPermissionToRole('User', 'View', cl)
    db.security.addPermissionToRole('User', 'Edit', cl)
    db.security.addPermissionToRole('User', 'Create', cl)
for cl in 'priority', 'status':
    db.security.addPermissionToRole('User', 'View', cl)

# May users view other user information? Comment these lines out
# if you don't want them to
db.security.addPermissionToRole('User', 'View', 'user')

# Users should be able to edit their own details -- this permission
# is limited to only the situation where the Viewed or Edited item
# is their own.
def own_record(db, userid, itemid):
    '''Determine whether the userid matches the item being accessed.'''
    return userid == itemid
p = db.security.addPermission(name='View', klass='user', check=own_record,
    description=&quot;User is allowed to view their own user details&quot;)
db.security.addPermissionToRole('User', p)
p = db.security.addPermission(name='Edit', klass='user', check=own_record,
    description=&quot;User is allowed to edit their own user details&quot;)
db.security.addPermissionToRole('User', p)

#
# ANONYMOUS USER PERMISSIONS
#
# Let anonymous users access the web interface. Note that almost all
# trackers will need this Permission. The only situation where it's not
# required is in a tracker that uses an HTTP Basic Authenticated front-end.
db.security.addPermissionToRole('Anonymous', 'Web Access')

# Let anonymous users access the email interface (note that this implies
# that they will be registered automatically, hence they will need the
# &quot;Create&quot; user Permission below)
# This is disabled by default to stop spam from auto-registering users on
# public trackers.
#db.security.addPermissionToRole('Anonymous', 'Email Access')

# Assign the appropriate permissions to the anonymous user's Anonymous
# Role. Choices here are:
# - Allow anonymous users to register
db.security.addPermissionToRole('Anonymous', 'Create', 'user')

# Allow anonymous users access to view issues (and the related, linked
# information)
for cl in 'issue', 'file', 'msg', 'keyword', 'priority', 'status':
    db.security.addPermissionToRole('Anonymous', 'View', cl)

# [OPTIONAL]
# Allow anonymous users access to create or edit &quot;issue&quot; items (and the
# related file and message items)
#for cl in 'issue', 'file', 'msg':
#   db.security.addPermissionToRole('Anonymous', 'Create', cl)
#   db.security.addPermissionToRole('Anonymous', 'Edit', cl)
</pre>
<div class="section">
<h2><a id="automatic-permission-checks" name="automatic-permission-checks">Automatic Permission Checks</a></h2>
<p>Permissions are automatically checked when information is rendered
through the web. This includes:</p>
<ol class="arabic simple">
<li>View checks for properties when being rendered via the <tt class="docutils literal"><span class="pre">plain()</span></tt> or
similar methods. If the check fails, the text &quot;[hidden]&quot; will be
displayed.</li>
<li>Edit checks for properties when the edit field is being rendered via
the <tt class="docutils literal"><span class="pre">field()</span></tt> or similar methods. If the check fails, the property
will be rendered via the <tt class="docutils literal"><span class="pre">plain()</span></tt> method (see point 1. for subsequent
checking performed)</li>
<li>View checks are performed in index pages for each item being displayed
such that if the user does not have permission, the row is not rendered.</li>
<li>View checks are performed at the top of item pages for the Item being
displayed. If the user does not have permission, the text &quot;You are not
allowed to view this page.&quot; will be displayed.</li>
<li>View checks are performed at the top of index pages for the Class being
displayed. If the user does not have permission, the text &quot;You are not
allowed to view this page.&quot; will be displayed.</li>
</ol>
</div>
<div class="section">
<h2><a id="new-user-roles" name="new-user-roles">New User Roles</a></h2>
<p>New users are assigned the Roles defined in the config file as:</p>
<ul class="simple">
<li>NEW_WEB_USER_ROLES</li>
<li>NEW_EMAIL_USER_ROLES</li>
</ul>
<p>The <a class="reference" href="#users-may-only-edit-their-issues">users may only edit their issues</a> example shows customisation of
these parameters.</p>
</div>
<div class="section">
<h2><a id="changing-access-controls" name="changing-access-controls">Changing Access Controls</a></h2>
<p>You may alter the configuration variables to change the Role that new
web or email users get, for example to not give them access to the web
interface if they register through email.</p>
<p>You may use the <tt class="docutils literal"><span class="pre">roundup-admin</span></tt> &quot;<tt class="docutils literal"><span class="pre">security</span></tt>&quot; command to display the
current Role and Permission configuration in your tracker.</p>
<div class="section">
<h3><a id="adding-a-new-permission" name="adding-a-new-permission">Adding a new Permission</a></h3>
<p>When adding a new Permission, you will need to:</p>
<ol class="arabic">
<li><p class="first">add it to your tracker's <tt class="docutils literal"><span class="pre">schema.py</span></tt> so it is created, using
<tt class="docutils literal"><span class="pre">security.addPermission</span></tt>, for example:</p>
<pre class="literal-block">
self.security.addPermission(name=&quot;View&quot;, klass='frozzle',
    description=&quot;User is allowed to access frozzles&quot;)
</pre>
<p>will set up a new &quot;View&quot; permission on the Class &quot;frozzle&quot;.</p>
</li>
<li><p class="first">enable it for the Roles that should have it (verify with
&quot;<tt class="docutils literal"><span class="pre">roundup-admin</span> <span class="pre">security</span></tt>&quot;)</p>
</li>
<li><p class="first">add it to the relevant HTML interface templates</p>
</li>
<li><p class="first">add it to the appropriate xxxPermission methods on in your tracker
interfaces module</p>
</li>
</ol>
<p>The <tt class="docutils literal"><span class="pre">addPermission</span></tt> method takes a couple of optional parameters:</p>
<dl class="docutils">
<dt><strong>properties</strong></dt>
<dd>A sequence of property names that are the only properties to apply the
new Permission to (eg. <tt class="docutils literal"><span class="pre">...</span> <span class="pre">klass='user',</span> <span class="pre">properties=('name',</span>
<span class="pre">'email')</span> <span class="pre">...</span></tt>)</dd>
<dt><strong>check</strong></dt>
<dd>A function to be execute which returns boolean determining whether the
Permission is allowed. The function has the signature <tt class="docutils literal"><span class="pre">check(db,</span> <span class="pre">userid,</span>
<span class="pre">itemid)</span></tt> where <tt class="docutils literal"><span class="pre">db</span></tt> is a handle on the open database, <tt class="docutils literal"><span class="pre">userid</span></tt> is
the user attempting access and <tt class="docutils literal"><span class="pre">itemid</span></tt> is the specific item being
accessed.</dd>
</dl>
</div>
<div class="section">
<h3><a id="example-scenarios" name="example-scenarios">Example Scenarios</a></h3>
<p>See the <a class="reference" href="#examples">examples</a> section for longer examples of customisation.</p>
<dl class="docutils">
<dt><strong>anonymous access through the e-mail gateway</strong></dt>
<dd>Give the &quot;anonymous&quot; user the &quot;Email Access&quot;, (&quot;Edit&quot;, &quot;issue&quot;) and
(&quot;Create&quot;, &quot;msg&quot;) Permissions but do not not give them the (&quot;Create&quot;,
&quot;user&quot;) Permission. This means that when an unknown user sends email
into the tracker, they're automatically logged in as &quot;anonymous&quot;.
Since they don't have the (&quot;Create&quot;, &quot;user&quot;) Permission, they won't
be automatically registered, but since &quot;anonymous&quot; has permission to
use the gateway, they'll still be able to submit issues. Note that
the Sender information - their email address - will not be available
- they're <em>anonymous</em>.</dd>
<dt><strong>automatic registration of users in the e-mail gateway</strong></dt>
<dd>By giving the &quot;anonymous&quot; user the (&quot;Create&quot;, &quot;user&quot; Permission, any
unidentified user will automatically be registered with the tracker
(with no password, so they won't be able to log in through
the web until an admin sets their password). This is the default
behaviour in the tracker templates that ship with Roundup. The new user
is given the Roles list defined in the &quot;new_email_user_roles&quot; config
variable.</dd>
<dt><strong>only developers may be assigned issues</strong></dt>
<dd>Create a new Permission called &quot;Fixer&quot; for the &quot;issue&quot; class. Create a
new Role &quot;Developer&quot; which has that Permission, and assign that to the
appropriate users. Filter the list of users available in the assignedto
list to include only those users. Enforce the Permission with an
auditor. See the example
<a class="reference" href="#restricting-the-list-of-users-that-are-assignable-to-a-task">restricting the list of users that are assignable to a task</a>.</dd>
<dt><strong>only managers may sign off issues as complete</strong></dt>
<dd><p class="first">Create a new Permission called &quot;Closer&quot; for the &quot;issue&quot; class. Create a
new Role &quot;Manager&quot; which has that Permission, and assign that to the
appropriate users. In your web interface, only display the &quot;resolved&quot;
issue state option when the user has the &quot;Closer&quot; Permissions. Enforce
the Permission with an auditor. This is very similar to the previous
example, except that the web interface check would look like:</p>
<pre class="last literal-block">
&lt;option tal:condition=&quot;python:request.user.hasPermission('Closer')&quot;
        value=&quot;resolved&quot;&gt;Resolved&lt;/option&gt;
</pre>
</dd>
<dt><strong>don't give web access to users who register through email</strong></dt>
<dd>Create a new Role called &quot;Email User&quot; which has all the Permissions of
the normal &quot;User&quot; Role minus the &quot;Web Access&quot; Permission. This will
allow users to send in emails to the tracker, but not access the web
interface.</dd>
<dt><strong>let some users edit the details of all users</strong></dt>
<dd><p class="first">Create a new Role called &quot;User Admin&quot; which has the Permission for
editing users:</p>
<pre class="literal-block">
db.security.addRole(name='User Admin', description='Managing users')
p = db.security.getPermission('Edit', 'user')
db.security.addPermissionToRole('User Admin', p)
</pre>
<p class="last">and assign the Role to the users who need the permission.</p>
</dd>
</dl>
</div>
</div>
</div>
<div class="section">
<h1><a class="toc-backref" href="#id13" id="web-interface" name="web-interface">Web Interface</a></h1>
<div class="contents local topic">
<ul class="simple">
<li><a class="reference" href="#repercussions-of-changing-the-tracker-schema" id="id16" name="id16">Repercussions of changing the tracker schema</a></li>
<li><a class="reference" href="#how-requests-are-processed" id="id17" name="id17">How requests are processed</a></li>
<li><a class="reference" href="#determining-web-context" id="id18" name="id18">Determining web context</a></li>
<li><a class="reference" href="#the-home-context" id="id19" name="id19">The &quot;home&quot; Context</a></li>
<li><a class="reference" href="#serving-static-content" id="id20" name="id20">Serving static content</a></li>
<li><a class="reference" href="#performing-actions-in-web-requests" id="id21" name="id21">Performing actions in web requests</a></li>
<li><a class="reference" href="#special-form-variables" id="id22" name="id22">Special form variables</a></li>
<li><a class="reference" href="#default-templates" id="id23" name="id23">Default templates</a></li>
<li><a class="reference" href="#how-the-templates-work" id="id24" name="id24">How the templates work</a><ul>
<li><a class="reference" href="#basic-templating-actions" id="id25" name="id25">Basic Templating Actions</a></li>
<li><a class="reference" href="#templating-expressions" id="id26" name="id26">Templating Expressions</a></li>
<li><a class="reference" href="#template-macros" id="id27" name="id27">Template Macros</a></li>
</ul>
</li>
<li><a class="reference" href="#information-available-to-templates" id="id28" name="id28">Information available to templates</a><ul>
<li><a class="reference" href="#the-context-variable" id="id29" name="id29">The context variable</a><ul>
<li><a class="reference" href="#hyperdb-class-wrapper" id="id30" name="id30">Hyperdb class wrapper</a></li>
<li><a class="reference" href="#hyperdb-item-wrapper" id="id31" name="id31">Hyperdb item wrapper</a></li>
<li><a class="reference" href="#hyperdb-property-wrapper" id="id32" name="id32">Hyperdb property wrapper</a></li>
</ul>
</li>
<li><a class="reference" href="#the-request-variable" id="id33" name="id33">The request variable</a><ul>
<li><a class="reference" href="#the-form-variable" id="id34" name="id34">The form variable</a></li>
</ul>
</li>
<li><a class="reference" href="#the-db-variable" id="id35" name="id35">The db variable</a></li>
<li><a class="reference" href="#the-templates-variable" id="id36" name="id36">The templates variable</a></li>
<li><a class="reference" href="#the-repeat-variable" id="id37" name="id37">The repeat variable</a></li>
<li><a class="reference" href="#the-utils-variable" id="id38" name="id38">The utils variable</a><ul>
<li><a class="reference" href="#batching" id="id39" name="id39">Batching</a></li>
</ul>
</li>
</ul>
</li>
<li><a class="reference" href="#displaying-properties" id="id40" name="id40">Displaying Properties</a></li>
<li><a class="reference" href="#index-views" id="id41" name="id41">Index Views</a><ul>
<li><a class="reference" href="#index-view-specifiers" id="id42" name="id42">Index View Specifiers</a></li>
</ul>
</li>
<li><a class="reference" href="#searching-views" id="id43" name="id43">Searching Views</a></li>
<li><a class="reference" href="#item-views" id="id44" name="id44">Item Views</a><ul>
<li><a class="reference" href="#editor-section" id="id45" name="id45">Editor Section</a><ul>
<li><a class="reference" href="#form-values" id="id46" name="id46">Form values</a></li>
</ul>
</li>
<li><a class="reference" href="#spool-section" id="id47" name="id47">Spool Section</a></li>
<li><a class="reference" href="#history-section" id="id48" name="id48">History Section</a></li>
</ul>
</li>
<li><a class="reference" href="#defining-new-web-actions" id="id49" name="id49">Defining new web actions</a><ul>
<li><a class="reference" href="#define-the-new-action-class" id="id50" name="id50">Define the new action class</a></li>
<li><a class="reference" href="#register-the-action-class" id="id51" name="id51">Register the action class</a></li>
<li><a class="reference" href="#use-the-new-action" id="id52" name="id52">Use the new action</a></li>
<li><a class="reference" href="#actions-may-return-content-to-the-user" id="id53" name="id53">Actions may return content to the user</a></li>
</ul>
</li>
<li><a class="reference" href="#bit-character-set-support-in-web-interface" id="id54" name="id54">8-bit character set support in Web interface</a></li>
</ul>
</div>
<p>The web interface is provided by the <tt class="docutils literal"><span class="pre">roundup.cgi.client</span></tt> module and
is used by <tt class="docutils literal"><span class="pre">roundup.cgi</span></tt>, <tt class="docutils literal"><span class="pre">roundup-server</span></tt> and <tt class="docutils literal"><span class="pre">ZRoundup</span></tt>
(<tt class="docutils literal"><span class="pre">ZRoundup</span></tt>  is broken, until further notice). In all cases, we
determine which tracker is being accessed (the first part of the URL
path inside the scope of the CGI handler) and pass control on to the
<tt class="docutils literal"><span class="pre">roundup.cgi.client.Client</span></tt> class - which handles the rest of the
access through its <tt class="docutils literal"><span class="pre">main()</span></tt> method. This means that you can do pretty
much anything you want as a web interface to your tracker.</p>
<div class="section">
<h2><a class="toc-backref" href="#id16" id="repercussions-of-changing-the-tracker-schema" name="repercussions-of-changing-the-tracker-schema">Repercussions of changing the tracker schema</a></h2>
<p>If you choose to change the <a class="reference" href="#tracker-schema">tracker schema</a> you will need to ensure
the web interface knows about it:</p>
<ol class="arabic simple">
<li>Index, item and search pages for the relevant classes may need to
have properties added or removed,</li>
<li>The &quot;page&quot; template may require links to be changed, as might the
&quot;home&quot; page's content arguments.</li>
</ol>
</div>
<div class="section">
<h2><a class="toc-backref" href="#id17" id="how-requests-are-processed" name="how-requests-are-processed">How requests are processed</a></h2>
<p>The basic processing of a web request proceeds as follows:</p>
<ol class="arabic simple">
<li>figure out who we are, defaulting to the &quot;anonymous&quot; user</li>
<li>figure out what the request is for - we call this the &quot;context&quot;</li>
<li>handle any requested action (item edit, search, ...)</li>
<li>render the template requested by the context, resulting in HTML
output</li>
</ol>
<p>In some situations, exceptions occur:</p>
<ul>
<li><p class="first">HTTP Redirect  (generally raised by an action)</p>
</li>
<li><dl class="first docutils">
<dt>SendFile       (generally raised by <tt class="docutils literal"><span class="pre">determine_context</span></tt>)</dt>
<dd><p class="first last">here we serve up a FileClass &quot;content&quot; property</p>
</dd>
</dl>
</li>
<li><dl class="first docutils">
<dt>SendStaticFile (generally raised by <tt class="docutils literal"><span class="pre">determine_context</span></tt>)</dt>
<dd><p class="first last">here we serve up a file from the tracker &quot;html&quot; directory</p>
</dd>
</dl>
</li>
<li><dl class="first docutils">
<dt>Unauthorised   (generally raised by an action)</dt>
<dd><p class="first last">here the action is cancelled, the request is rendered and an error
message is displayed indicating that permission was not granted for
the action to take place</p>
</dd>
</dl>
</li>
<li><dl class="first docutils">
<dt>NotFound       (raised wherever it needs to be)</dt>
<dd><p class="first last">this exception percolates up to the CGI interface that called the
client</p>
</dd>
</dl>
</li>
</ul>
</div>
<div class="section">
<h2><a class="toc-backref" href="#id18" id="determining-web-context" name="determining-web-context">Determining web context</a></h2>
<p>To determine the &quot;context&quot; of a request, we look at the URL and the
special request variable <tt class="docutils literal"><span class="pre">&#64;template</span></tt>. The URL path after the tracker
identifier is examined. Typical URL paths look like:</p>
<ol class="arabic simple">
<li><tt class="docutils literal"><span class="pre">/tracker/issue</span></tt></li>
<li><tt class="docutils literal"><span class="pre">/tracker/issue1</span></tt></li>
<li><tt class="docutils literal"><span class="pre">/tracker/&#64;&#64;file/style.css</span></tt></li>
<li><tt class="docutils literal"><span class="pre">/cgi-bin/roundup.cgi/tracker/file1</span></tt></li>
<li><tt class="docutils literal"><span class="pre">/cgi-bin/roundup.cgi/tracker/file1/kitten.png</span></tt></li>
</ol>
<p>where the &quot;tracker identifier&quot; is &quot;tracker&quot; in the above cases. That means
we're looking at &quot;issue&quot;, &quot;issue1&quot;, &quot;&#64;&#64;file/style.css&quot;, &quot;file1&quot; and
&quot;file1/kitten.png&quot; in the cases above. The path is generally only one
entry long - longer paths are handled differently.</p>
<ol class="loweralpha simple">
<li>if there is no path, then we are in the &quot;home&quot; context. See <a class="reference" href="#the-home-context">the &quot;home&quot;
context</a> below for more information about how it may be used.</li>
<li>if the path starts with &quot;&#64;&#64;file&quot; (as in example 3,
&quot;/tracker/&#64;&#64;file/style.css&quot;), then the additional path entry,
&quot;style.css&quot; specifies the filename of a static file we're to serve up
from the tracker TEMPLATES (or STATIC_FILES, if configured) directory.
This is usually the tracker's &quot;html&quot; directory. Raises a SendStaticFile
exception.</li>
<li>if there is something in the path (as in example 1, &quot;issue&quot;), it
identifies the tracker class we're to display.</li>
<li>if the path is an item designator (as in examples 2 and 4, &quot;issue1&quot;
and &quot;file1&quot;), then we're to display a specific item.</li>
<li>if the path starts with an item designator and is longer than one
entry (as in example 5, &quot;file1/kitten.png&quot;), then we're assumed to be
handling an item of a <tt class="docutils literal"><span class="pre">FileClass</span></tt>, and the extra path information
gives the filename that the client is going to label the download
with (i.e. &quot;file1/kitten.png&quot; is nicer to download than &quot;file1&quot;).
This raises a <tt class="docutils literal"><span class="pre">SendFile</span></tt> exception.</li>
</ol>
<p>Both b. and e. stop before we bother to determine the template we're
going to use. That's because they don't actually use templates.</p>
<p>The template used is specified by the <tt class="docutils literal"><span class="pre">&#64;template</span></tt> CGI variable, which
defaults to:</p>
<ul class="simple">
<li>only classname suplied:        &quot;index&quot;</li>
<li>full item designator supplied: &quot;item&quot;</li>
</ul>
</div>
<div class="section">
<h2><a class="toc-backref" href="#id19" id="the-home-context" name="the-home-context">The &quot;home&quot; Context</a></h2>
<p>The &quot;home&quot; context is special because it allows you to add templated
pages to your tracker that don't rely on a class or item (ie. an issues
list or specific issue).</p>
<p>Let's say you wish to add frames to control the layout of your tracker's
interface. You'd probably have:</p>
<ul>
<li><p class="first">A top-level frameset page. This page probably wouldn't be templated, so
it could be served as a static file (see <a class="reference" href="#serving-static-content">serving static content</a>)</p>
</li>
<li><p class="first">A sidebar frame that is templated. Let's call this page
&quot;home.navigation.html&quot; in your tracker's &quot;html&quot; directory. To load that
page up, you use the URL:</p>
<blockquote>
<p>&lt;tracker url&gt;/<a class="reference" href="mailto:home?&#64;template=navigation">home?&#64;template=navigation</a></p>
</blockquote>
</li>
</ul>
</div>
<div class="section">
<h2><a class="toc-backref" href="#id20" id="serving-static-content" name="serving-static-content">Serving static content</a></h2>
<p>See the previous section <a class="reference" href="#determining-web-context">determining web context</a> where it describes
<tt class="docutils literal"><span class="pre">&#64;&#64;file</span></tt> paths.</p>
</div>
<div class="section">
<h2><a class="toc-backref" href="#id21" id="performing-actions-in-web-requests" name="performing-actions-in-web-requests">Performing actions in web requests</a></h2>
<p>When a user requests a web page, they may optionally also request for an
action to take place. As described in <a class="reference" href="#how-requests-are-processed">how requests are processed</a>, the
action is performed before the requested page is generated. Actions are
triggered by using a <tt class="docutils literal"><span class="pre">&#64;action</span></tt> CGI variable, where the value is one
of:</p>
<dl class="docutils">
<dt><strong>login</strong></dt>
<dd>Attempt to log a user in.</dd>
<dt><strong>logout</strong></dt>
<dd>Log the user out - make them &quot;anonymous&quot;.</dd>
<dt><strong>register</strong></dt>
<dd>Attempt to create a new user based on the contents of the form and then
log them in.</dd>
<dt><strong>edit</strong></dt>
<dd>Perform an edit of an item in the database. There are some <a class="reference" href="#special-form-variables">special form
variables</a> you may use.</dd>
<dt><strong>new</strong></dt>
<dd>Add a new item to the database. You may use the same <a class="reference" href="#special-form-variables">special form
variables</a> as in the &quot;edit&quot; action.</dd>
<dt><strong>retire</strong></dt>
<dd>Retire the item in the database.</dd>
<dt><strong>editCSV</strong></dt>
<dd>Performs an edit of all of a class' items in one go. See also the
<em>class</em>.csv templating method which generates the CSV data to be
edited, and the <tt class="docutils literal"><span class="pre">'_generic.index'</span></tt> template which uses both of these
features.</dd>
<dt><strong>search</strong></dt>
<dd><p class="first">Mangle some of the form variables:</p>
<ul class="last simple">
<li>Set the form &quot;:filter&quot; variable based on the values of the filter
variables - if they're set to anything other than &quot;dontcare&quot; then add
them to :filter.</li>
<li>Also handle the &quot;:queryname&quot; variable and save off the query to the
user's query list.</li>
</ul>
</dd>
</dl>
<p>Each of the actions is implemented by a corresponding <tt class="docutils literal"><span class="pre">*XxxAction*</span></tt> (where
&quot;Xxx&quot; is the name of the action) class in the <tt class="docutils literal"><span class="pre">roundup.cgi.actions</span></tt> module.
These classes are registered with <tt class="docutils literal"><span class="pre">roundup.cgi.client.Client</span></tt>. If you need
to define new actions, you may add them there (see <a class="reference" href="#defining-new-web-actions">defining new
web actions</a>).</p>
<p>Each action class also has a <tt class="docutils literal"><span class="pre">*permission*</span></tt> method which determines whether
the action is permissible given the current user. The base permission checks
for each action are:</p>
<dl class="docutils">
<dt><strong>login</strong></dt>
<dd>Determine whether the user has the &quot;Web Access&quot; Permission.</dd>
<dt><strong>logout</strong></dt>
<dd>No permission checks are made.</dd>
<dt><strong>register</strong></dt>
<dd>Determine whether the user has the (&quot;Create&quot;, &quot;user&quot;) Permission.</dd>
<dt><strong>edit</strong></dt>
<dd>Determine whether the user has permission to edit this item. If we're
editing the &quot;user&quot; class, users are allowed to edit their own details -
unless they try to edit the &quot;roles&quot; property, which requires the
special Permission &quot;Web Roles&quot;.</dd>
<dt><strong>new</strong></dt>
<dd>Determine whether the user has permission to create this item. No
additional property checks are made. Additionally, new user items may
be created if the user has the (&quot;Create&quot;, &quot;user&quot;) Permission.</dd>
<dt><strong>editCSV</strong></dt>
<dd>Determine whether the user has permission to edit this class.</dd>
<dt><strong>search</strong></dt>
<dd>Determine whether the user has permission to view this class.</dd>
</dl>
</div>
<div class="section">
<h2><a class="toc-backref" href="#id22" id="special-form-variables" name="special-form-variables">Special form variables</a></h2>
<p>Item properties and their values are edited with html FORM
variables and their values. You can:</p>
<ul class="simple">
<li>Change the value of some property of the current item.</li>
<li>Create a new item of any class, and edit the new item's
properties,</li>
<li>Attach newly created items to a multilink property of the
current item.</li>
<li>Remove items from a multilink property of the current item.</li>
<li>Specify that some properties are required for the edit
operation to be successful.</li>
<li>Set up user interface locale.</li>
</ul>
<p>These operations will only take place if the form action (the
<tt class="docutils literal"><span class="pre">&#64;action</span></tt> variable) is &quot;edit&quot; or &quot;new&quot;.</p>
<p>In the following, &lt;bracketed&gt; values are variable, &quot;&#64;&quot; may be
either &quot;:&quot; or &quot;&#64;&quot;, and other text &quot;required&quot; is fixed.</p>
<p>Two special form variables are used to specify user language preferences:</p>
<dl class="docutils">
<dt><tt class="docutils literal"><span class="pre">&#64;language</span></tt></dt>
<dd>value may be locale name or <tt class="docutils literal"><span class="pre">none</span></tt>. If this variable is set to
locale name, web interface language is changed to given value
(provided that appropriate translation is available), the value
is stored in the browser cookie and will be used for all following
requests.  If value is <tt class="docutils literal"><span class="pre">none</span></tt> the cookie is removed and the
language is changed to the tracker default, set up in the tracker
configuration or OS environment.</dd>
<dt><tt class="docutils literal"><span class="pre">&#64;charset</span></tt></dt>
<dd>value may be character set name or <tt class="docutils literal"><span class="pre">none</span></tt>.  Character set name
is stored in the browser cookie and sets output encoding for all
HTML pages generated by Roundup.  If value is <tt class="docutils literal"><span class="pre">none</span></tt> the cookie
is removed and HTML output is reset to Roundup internal encoding
(UTF-8).</dd>
</dl>
<p>Most properties are specified as form variables:</p>
<dl class="docutils">
<dt><tt class="docutils literal"><span class="pre">&lt;propname&gt;</span></tt></dt>
<dd>property on the current context item</dd>
<dt><tt class="docutils literal"><span class="pre">&lt;designator&gt;&quot;&#64;&quot;&lt;propname&gt;</span></tt></dt>
<dd>property on the indicated item (for editing related information)</dd>
</dl>
<p>Designators name a specific item of a class.</p>
<dl class="docutils">
<dt><tt class="docutils literal"><span class="pre">&lt;classname&gt;&lt;N&gt;</span></tt></dt>
<dd>Name an existing item of class &lt;classname&gt;.</dd>
<dt><tt class="docutils literal"><span class="pre">&lt;classname&gt;&quot;-&quot;&lt;N&gt;</span></tt></dt>
<dd>Name the &lt;N&gt;th new item of class &lt;classname&gt;. If the form
submission is successful, a new item of &lt;classname&gt; is
created. Within the submitted form, a particular
designator of this form always refers to the same new
item.</dd>
</dl>
<p>Once we have determined the &quot;propname&quot;, we look at it to see
if it's special:</p>
<dl class="docutils">
<dt><tt class="docutils literal"><span class="pre">&#64;required</span></tt></dt>
<dd><p class="first">The associated form value is a comma-separated list of
property names that must be specified when the form is
submitted for the edit operation to succeed.</p>
<p>When the &lt;designator&gt; is missing, the properties are
for the current context item.  When &lt;designator&gt; is
present, they are for the item specified by
&lt;designator&gt;.</p>
<p class="last">The &quot;&#64;required&quot; specifier must come before any of the
properties it refers to are assigned in the form.</p>
</dd>
<dt><tt class="docutils literal"><span class="pre">&#64;remove&#64;&lt;propname&gt;=id(s)</span></tt> or <tt class="docutils literal"><span class="pre">&#64;add&#64;&lt;propname&gt;=id(s)</span></tt></dt>
<dd>The &quot;&#64;add&#64;&quot; and &quot;&#64;remove&#64;&quot; edit actions apply only to
Multilink properties.  The form value must be a
comma-separate list of keys for the class specified by
the simple form variable.  The listed items are added
to (respectively, removed from) the specified
property.</dd>
<dt><tt class="docutils literal"><span class="pre">&#64;link&#64;&lt;propname&gt;=&lt;designator&gt;</span></tt></dt>
<dd>If the edit action is &quot;&#64;link&#64;&quot;, the simple form
variable must specify a Link or Multilink property.
The form value is a comma-separated list of
designators.  The item corresponding to each
designator is linked to the property given by simple
form variable.</dd>
<dt>None of the above (ie. just a simple form value)</dt>
<dd><p class="first">The value of the form variable is converted
appropriately, depending on the type of the property.</p>
<p>For a Link('klass') property, the form value is a
single key for 'klass', where the key field is
specified in schema.py.</p>
<p>For a Multilink('klass') property, the form value is a
comma-separated list of keys for 'klass', where the
key field is specified in schema.py.</p>
<p>Note that for simple-form-variables specifiying Link
and Multilink properties, the linked-to class must
have a key field.</p>
<p>For a String() property specifying a filename, the
file named by the form value is uploaded. This means we
try to set additional properties &quot;filename&quot; and &quot;type&quot; (if
they are valid for the class).  Otherwise, the property
is set to the form value.</p>
<p class="last">For Date(), Interval(), Boolean(), and Number()
properties, the form value is converted to the
appropriate</p>
</dd>
</dl>
<p>Any of the form variables may be prefixed with a classname or
designator.</p>
<p>Two special form values are supported for backwards compatibility:</p>
<dl class="docutils">
<dt>&#64;note</dt>
<dd><p class="first">This is equivalent to:</p>
<pre class="literal-block">
&#64;link&#64;messages=msg-1
msg-1&#64;content=value
</pre>
<p class="last">except that in addition, the &quot;author&quot; and &quot;date&quot; properties of
&quot;msg-1&quot; are set to the userid of the submitter, and the current
time, respectively.</p>
</dd>
<dt>&#64;file</dt>
<dd><p class="first">This is equivalent to:</p>
<pre class="literal-block">
&#64;link&#64;files=file-1
file-1&#64;content=value
</pre>
<p class="last">The String content value is handled as described above for file
uploads.</p>
</dd>
</dl>
<p>If both the &quot;&#64;note&quot; and &quot;&#64;file&quot; form variables are
specified, the action:</p>
<pre class="literal-block">
&#64;link&#64;msg-1&#64;files=file-1
</pre>
<p>is also performed.</p>
<p>We also check that FileClass items have a &quot;content&quot; property with
actual content, otherwise we remove them from all_props before
returning.</p>
</div>
<div class="section">
<h2><a class="toc-backref" href="#id23" id="default-templates" name="default-templates">Default templates</a></h2>
<p>The default templates are html4 compliant. If you wish to change them to be
xhtml compliant, you'll need to change the <tt class="docutils literal"><span class="pre">html_version</span></tt> configuration
variable in <tt class="docutils literal"><span class="pre">config.ini</span></tt> to <tt class="docutils literal"><span class="pre">'xhtml'</span></tt> instead of <tt class="docutils literal"><span class="pre">'html4'</span></tt>.</p>
<p>Most customisation of the web view can be done by modifying the
templates in the tracker <tt class="docutils literal"><span class="pre">'html'</span></tt> directory. There are several types
of files in there. The <em>minimal</em> template includes:</p>
<dl class="docutils">
<dt><strong>page.html</strong></dt>
<dd>This template usually defines the overall look of your tracker. When
you view an issue, it appears inside this template. When you view an
index, it also appears inside this template. This template defines a
macro called &quot;icing&quot; which is used by almost all other templates as a
coating for their content, using its &quot;content&quot; slot. It also defines
the &quot;head_title&quot; and &quot;body_title&quot; slots to allow setting of the page
title.</dd>
<dt><strong>home.html</strong></dt>
<dd>the default page displayed when no other page is indicated by the user</dd>
<dt><strong>home.classlist.html</strong></dt>
<dd>a special version of the default page that lists the classes in the
tracker</dd>
<dt><strong>classname.item.html</strong></dt>
<dd>displays an item of the <em>classname</em> class</dd>
<dt><strong>classname.index.html</strong></dt>
<dd>displays a list of <em>classname</em> items</dd>
<dt><strong>classname.search.html</strong></dt>
<dd>displays a search page for <em>classname</em> items</dd>
<dt><strong>_generic.index.html</strong></dt>
<dd>used to display a list of items where there is no
<tt class="docutils literal"><span class="pre">*classname*.index</span></tt> available</dd>
<dt><strong>_generic.help.html</strong></dt>
<dd>used to display a &quot;class help&quot; page where there is no
<tt class="docutils literal"><span class="pre">*classname*.help</span></tt></dd>
<dt><strong>user.register.html</strong></dt>
<dd>a special page just for the user class, that renders the registration
page</dd>
<dt><strong>style.css.html</strong></dt>
<dd>a static file that is served up as-is</dd>
</dl>
<p>The <em>classic</em> template has a number of additional templates.</p>
<p>Remember that you can create any template extension you want to,
so if you just want to play around with the templating for new issues,
you can copy the current &quot;issue.item&quot; template to &quot;issue.test&quot;, and then
access the test template using the &quot;&#64;template&quot; URL argument:</p>
<pre class="literal-block">
http://your.tracker.example/tracker/issue?&#64;template=test
</pre>
<p>and it won't affect your users using the &quot;issue.item&quot; template.</p>
</div>
<div class="section">
<h2><a class="toc-backref" href="#id24" id="how-the-templates-work" name="how-the-templates-work">How the templates work</a></h2>
<div class="section">
<h3><a class="toc-backref" href="#id25" id="basic-templating-actions" name="basic-templating-actions">Basic Templating Actions</a></h3>
<p>Roundup's templates consist of special attributes on the HTML tags.
These attributes form the <a class="reference" href="http://dev.zope.org/Wikis/DevSite/Projects/ZPT/TAL%20Specification%201.4">Template Attribute Language</a>, or TAL.
The basic TAL commands are:</p>
<dl class="docutils">
<dt><strong>tal:define=&quot;variable expression; variable expression; ...&quot;</strong></dt>
<dd><p class="first">Define a new variable that is local to this tag and its contents. For
example:</p>
<pre class="literal-block">
&lt;html tal:define=&quot;title request/description&quot;&gt;
 &lt;head&gt;&lt;title tal:content=&quot;title&quot;&gt;&lt;/title&gt;&lt;/head&gt;
&lt;/html&gt;
</pre>
<p class="last">In this example, the variable &quot;title&quot; is defined as the result of the
expression &quot;request/description&quot;. The &quot;tal:content&quot; command inside the
&lt;html&gt; tag may then use the &quot;title&quot; variable.</p>
</dd>
<dt><strong>tal:condition=&quot;expression&quot;</strong></dt>
<dd><p class="first">Only keep this tag and its contents if the expression is true. For
example:</p>
<pre class="literal-block">
&lt;p tal:condition=&quot;python:request.user.hasPermission('View', 'issue')&quot;&gt;
 Display some issue information.
&lt;/p&gt;
</pre>
<p class="last">In the example, the &lt;p&gt; tag and its contents are only displayed if
the user has the &quot;View&quot; permission for issues. We consider the number
zero, a blank string, an empty list, and the built-in variable
nothing to be false values. Nearly every other value is true,
including non-zero numbers, and strings with anything in them (even
spaces!).</p>
</dd>
<dt><strong>tal:repeat=&quot;variable expression&quot;</strong></dt>
<dd><p class="first">Repeat this tag and its contents for each element of the sequence
that the expression returns, defining a new local variable and a
special &quot;repeat&quot; variable for each element. For example:</p>
<pre class="literal-block">
&lt;tr tal:repeat=&quot;u user/list&quot;&gt;
 &lt;td tal:content=&quot;u/id&quot;&gt;&lt;/td&gt;
 &lt;td tal:content=&quot;u/username&quot;&gt;&lt;/td&gt;
 &lt;td tal:content=&quot;u/realname&quot;&gt;&lt;/td&gt;
&lt;/tr&gt;
</pre>
<p class="last">The example would iterate over the sequence of users returned by
&quot;user/list&quot; and define the local variable &quot;u&quot; for each entry. Using
the repeat command creates a new variable called &quot;repeat&quot; which you
may access to gather information about the iteration. See the section
below on <a class="reference" href="#the-repeat-variable">the repeat variable</a>.</p>
</dd>
<dt><strong>tal:replace=&quot;expression&quot;</strong></dt>
<dd><p class="first">Replace this tag with the result of the expression. For example:</p>
<pre class="literal-block">
&lt;span tal:replace=&quot;request/user/realname&quot; /&gt;
</pre>
<p class="last">The example would replace the &lt;span&gt; tag and its contents with the
user's realname. If the user's realname was &quot;Bruce&quot;, then the
resultant output would be &quot;Bruce&quot;.</p>
</dd>
<dt><strong>tal:content=&quot;expression&quot;</strong></dt>
<dd><p class="first">Replace the contents of this tag with the result of the expression.
For example:</p>
<pre class="literal-block">
&lt;span tal:content=&quot;request/user/realname&quot;&gt;user's name appears here
&lt;/span&gt;
</pre>
<p class="last">The example would replace the contents of the &lt;span&gt; tag with the
user's realname. If the user's realname was &quot;Bruce&quot; then the
resultant output would be &quot;&lt;span&gt;Bruce&lt;/span&gt;&quot;.</p>
</dd>
<dt><strong>tal:attributes=&quot;attribute expression; attribute expression; ...&quot;</strong></dt>
<dd><p class="first">Set attributes on this tag to the results of expressions. For
example:</p>
<pre class="literal-block">
&lt;a tal:attributes=&quot;href string:user${request/user/id}&quot;&gt;My Details&lt;/a&gt;
</pre>
<p class="last">In the example, the &quot;href&quot; attribute of the &lt;a&gt; tag is set to the
value of the &quot;string:user${request/user/id}&quot; expression, which will
be something like &quot;user123&quot;.</p>
</dd>
<dt><strong>tal:omit-tag=&quot;expression&quot;</strong></dt>
<dd><p class="first">Remove this tag (but not its contents) if the expression is true. For
example:</p>
<pre class="literal-block">
&lt;span tal:omit-tag=&quot;python:1&quot;&gt;Hello, world!&lt;/span&gt;
</pre>
<p>would result in output of:</p>
<pre class="last literal-block">
Hello, world!
</pre>
</dd>
</dl>
<p>Note that the commands on a given tag are evaulated in the order above,
so <em>define</em> comes before <em>condition</em>, and so on.</p>
<p>Additionally, you may include tags such as &lt;tal:block&gt;, which are
removed from output. Its content is kept, but the tag itself is not (so
don't go using any &quot;tal:attributes&quot; commands on it). This is useful for
making arbitrary blocks of HTML conditional or repeatable (very handy
for repeating multiple table rows, which would othewise require an
illegal tag placement to effect the repeat).</p>
</div>
<div class="section">
<h3><a class="toc-backref" href="#id26" id="templating-expressions" name="templating-expressions">Templating Expressions</a></h3>
<p>Templating Expressions are covered by <a class="reference" href="http://dev.zope.org/Wikis/DevSite/Projects/ZPT/TALES%20Specification%201.3">Template Attribute Language
Expression Syntax</a>, or TALES. The expressions you may use in the
attribute values may be one of the following forms:</p>
<dl class="docutils">
<dt><strong>Path Expressions</strong> - eg. <tt class="docutils literal"><span class="pre">item/status/checklist</span></tt></dt>
<dd><p class="first">These are object attribute / item accesses. Roughly speaking, the
path <tt class="docutils literal"><span class="pre">item/status/checklist</span></tt> is broken into parts <tt class="docutils literal"><span class="pre">item</span></tt>,
<tt class="docutils literal"><span class="pre">status</span></tt> and <tt class="docutils literal"><span class="pre">checklist</span></tt>. The <tt class="docutils literal"><span class="pre">item</span></tt> part is the root of the
expression. We then look for a <tt class="docutils literal"><span class="pre">status</span></tt> attribute on <tt class="docutils literal"><span class="pre">item</span></tt>, or
failing that, a <tt class="docutils literal"><span class="pre">status</span></tt> item (as in <tt class="docutils literal"><span class="pre">item['status']</span></tt>). If that
fails, the path expression fails. When we get to the end, the object
we're left with is evaluated to get a string - if it is a method, it
is called; if it is an object, it is stringified. Path expressions
may have an optional <tt class="docutils literal"><span class="pre">path:</span></tt> prefix, but they are the default
expression type, so it's not necessary.</p>
<p>If an expression evaluates to <tt class="docutils literal"><span class="pre">default</span></tt>, then the expression is
&quot;cancelled&quot; - whatever HTML already exists in the template will
remain (tag content in the case of <tt class="docutils literal"><span class="pre">tal:content</span></tt>, attributes in the
case of <tt class="docutils literal"><span class="pre">tal:attributes</span></tt>).</p>
<p>If an expression evaluates to <tt class="docutils literal"><span class="pre">nothing</span></tt> then the target of the
expression is removed (tag content in the case of <tt class="docutils literal"><span class="pre">tal:content</span></tt>,
attributes in the case of <tt class="docutils literal"><span class="pre">tal:attributes</span></tt> and the tag itself in
the case of <tt class="docutils literal"><span class="pre">tal:replace</span></tt>).</p>
<p>If an element in the path may not exist, then you can use the <tt class="docutils literal"><span class="pre">|</span></tt>
operator in the expression to provide an alternative. So, the
expression <tt class="docutils literal"><span class="pre">request/form/foo/value</span> <span class="pre">|</span> <span class="pre">default</span></tt> would simply leave
the current HTML in place if the &quot;foo&quot; form variable doesn't exist.</p>
<p class="last">You may use the python function <tt class="docutils literal"><span class="pre">path</span></tt>, as in
<tt class="docutils literal"><span class="pre">path(&quot;item/status&quot;)</span></tt>, to embed path expressions in Python
expressions.</p>
</dd>
<dt><strong>String Expressions</strong> - eg. <tt class="docutils literal"><span class="pre">string:hello</span> <span class="pre">${user/name}</span></tt></dt>
<dd>These expressions are simple string interpolations - though they can
be just plain strings with no interpolation if you want. The
expression in the <tt class="docutils literal"><span class="pre">${</span> <span class="pre">...</span> <span class="pre">}</span></tt> is just a path expression as above.</dd>
<dt><strong>Python Expressions</strong> - eg. <tt class="docutils literal"><span class="pre">python:</span> <span class="pre">1+1</span></tt></dt>
<dd>These expressions give the full power of Python. All the &quot;root level&quot;
variables are available, so <tt class="docutils literal"><span class="pre">python:item.status.checklist()</span></tt> would
be equivalent to <tt class="docutils literal"><span class="pre">item/status/checklist</span></tt>, assuming that
<tt class="docutils literal"><span class="pre">checklist</span></tt> is a method.</dd>
</dl>
<p>Modifiers:</p>
<dl class="docutils">
<dt><strong>structure</strong> - eg. <tt class="docutils literal"><span class="pre">structure</span> <span class="pre">python:msg.content.plain(hyperlink=1)</span></tt></dt>
<dd>The result of expressions are normally <em>escaped</em> to be safe for HTML
display (all &quot;&lt;&quot;, &quot;&gt;&quot; and &quot;&amp;&quot; are turned into special entities). The
<tt class="docutils literal"><span class="pre">structure</span></tt> expression modifier turns off this escaping - the
result of the expression is now assumed to be HTML, which is passed
to the web browser for rendering.</dd>
<dt><strong>not:</strong> - eg. <tt class="docutils literal"><span class="pre">not:python:1=1</span></tt></dt>
<dd>This simply inverts the logical true/false value of another
expression.</dd>
</dl>
</div>
<div class="section">
<h3><a class="toc-backref" href="#id27" id="template-macros" name="template-macros">Template Macros</a></h3>
<p>Macros are used in Roundup to save us from repeating the same common
page stuctures over and over. The most common (and probably only) macro
you'll use is the &quot;icing&quot; macro defined in the &quot;page&quot; template.</p>
<p>Macros are generated and used inside your templates using special
attributes similar to the <a class="reference" href="#basic-templating-actions">basic templating actions</a>. In this case,
though, the attributes belong to the <a class="reference" href="http://dev.zope.org/Wikis/DevSite/Projects/ZPT/METAL%20Specification%201.0">Macro Expansion Template
Attribute Language</a>, or METAL. The macro commands are:</p>
<dl class="docutils">
<dt><strong>metal:define-macro=&quot;macro name&quot;</strong></dt>
<dd><p class="first">Define that the tag and its contents are now a macro that may be
inserted into other templates using the <em>use-macro</em> command. For
example:</p>
<pre class="literal-block">
&lt;html metal:define-macro=&quot;page&quot;&gt;
 ...
&lt;/html&gt;
</pre>
<p class="last">defines a macro called &quot;page&quot; using the <tt class="docutils literal"><span class="pre">&lt;html&gt;</span></tt> tag and its
contents. Once defined, macros are stored on the template they're
defined on in the <tt class="docutils literal"><span class="pre">macros</span></tt> attribute. You can access them later on
through the <tt class="docutils literal"><span class="pre">templates</span></tt> variable, eg. the most common
<tt class="docutils literal"><span class="pre">templates/page/macros/icing</span></tt> to access the &quot;page&quot; macro of the
&quot;page&quot; template.</p>
</dd>
<dt><strong>metal:use-macro=&quot;path expression&quot;</strong></dt>
<dd><p class="first">Use a macro, which is identified by the path expression (see above).
This will replace the current tag with the identified macro contents.
For example:</p>
<pre class="last literal-block">
&lt;tal:block metal:use-macro=&quot;templates/page/macros/icing&quot;&gt;
 ...
&lt;/tal:block&gt;

will replace the tag and its contents with the &quot;page&quot; macro of the
&quot;page&quot; template.
</pre>
</dd>
<dt><strong>metal:define-slot=&quot;slot name&quot;</strong> and <strong>metal:fill-slot=&quot;slot name&quot;</strong></dt>
<dd><p class="first">To define <em>dynamic</em> parts of the macro, you define &quot;slots&quot; which may
be filled when the macro is used with a <em>use-macro</em> command. For
example, the <tt class="docutils literal"><span class="pre">templates/page/macros/icing</span></tt> macro defines a slot like
so:</p>
<pre class="literal-block">
&lt;title metal:define-slot=&quot;head_title&quot;&gt;title goes here&lt;/title&gt;
</pre>
<p>In your <em>use-macro</em> command, you may now use a <em>fill-slot</em> command
like this:</p>
<pre class="literal-block">
&lt;title metal:fill-slot=&quot;head_title&quot;&gt;My Title&lt;/title&gt;
</pre>
<p class="last">where the tag that fills the slot completely replaces the one defined
as the slot in the macro.</p>
</dd>
</dl>
<p>Note that you may not mix <a class="reference" href="http://dev.zope.org/Wikis/DevSite/Projects/ZPT/METAL%20Specification%201.0">METAL</a> and <a class="reference" href="http://dev.zope.org/Wikis/DevSite/Projects/ZPT/TAL%20Specification%201.4">TAL</a> commands on the same tag, but
TAL commands may be used freely inside METAL-using tags (so your
<em>fill-slots</em> tags may have all manner of TAL inside them).</p>
</div>
</div>
<div class="section">
<h2><a class="toc-backref" href="#id28" id="information-available-to-templates" name="information-available-to-templates">Information available to templates</a></h2>
<p>This is implemented by <tt class="docutils literal"><span class="pre">roundup.cgi.templating.RoundupPageTemplate</span></tt></p>
<p>The following variables are available to templates.</p>
<dl class="docutils">
<dt><strong>context</strong></dt>
<dd>The current context. This is either None, a <a class="reference" href="#hyperdb-class-wrapper">hyperdb class wrapper</a>
or a <a class="reference" href="#hyperdb-item-wrapper">hyperdb item wrapper</a></dd>
<dt><strong>request</strong></dt>
<dd><dl class="first last docutils">
<dt>Includes information about the current request, including:</dt>
<dd><ul class="first last simple">
<li>the current index information (<tt class="docutils literal"><span class="pre">filterspec</span></tt>, <tt class="docutils literal"><span class="pre">filter</span></tt> args,
<tt class="docutils literal"><span class="pre">properties</span></tt>, etc) parsed out of the form.</li>
<li>methods for easy filterspec link generation</li>
<li><em>user</em>, the current user item as an HTMLItem instance</li>
<li><em>form</em>
The current CGI form information as a mapping of form argument name
to value</li>
</ul>
</dd>
</dl>
</dd>
<dt><strong>config</strong></dt>
<dd>This variable holds all the values defined in the tracker config.ini
file (eg. TRACKER_NAME, etc.)</dd>
<dt><strong>db</strong></dt>
<dd>The current database, used to access arbitrary database items.</dd>
<dt><strong>templates</strong></dt>
<dd>Access to all the tracker templates by name. Used mainly in
<em>use-macro</em> commands.</dd>
<dt><strong>utils</strong></dt>
<dd>This variable makes available some utility functions like batching.</dd>
<dt><strong>nothing</strong></dt>
<dd><p class="first">This is a special variable - if an expression evaluates to this, then
the tag (in the case of a <tt class="docutils literal"><span class="pre">tal:replace</span></tt>), its contents (in the case
of <tt class="docutils literal"><span class="pre">tal:content</span></tt>) or some attributes (in the case of
<tt class="docutils literal"><span class="pre">tal:attributes</span></tt>) will not appear in the the output. So, for
example:</p>
<pre class="literal-block">
&lt;span tal:attributes=&quot;class nothing&quot;&gt;Hello, World!&lt;/span&gt;
</pre>
<p>would result in:</p>
<pre class="last literal-block">
&lt;span&gt;Hello, World!&lt;/span&gt;
</pre>
</dd>
<dt><strong>default</strong></dt>
<dd><p class="first">Also a special variable - if an expression evaluates to this, then the
existing HTML in the template will not be replaced or removed, it will
remain. So:</p>
<pre class="literal-block">
&lt;span tal:replace=&quot;default&quot;&gt;Hello, World!&lt;/span&gt;
</pre>
<p>would result in:</p>
<pre class="last literal-block">
&lt;span&gt;Hello, World!&lt;/span&gt;
</pre>
</dd>
<dt><strong>true</strong>, <strong>false</strong></dt>
<dd>Boolean constants that may be used in <a class="reference" href="#templating-expressions">templating expressions</a>
instead of <tt class="docutils literal"><span class="pre">python:1</span></tt> and <tt class="docutils literal"><span class="pre">python:0</span></tt>.</dd>
<dt><strong>i18n</strong></dt>
<dd><p class="first">Internationalization service, providing two string translation methods:</p>
<dl class="last docutils">
<dt><strong>gettext</strong> (<em>message</em>)</dt>
<dd>Return the localized translation of message</dd>
<dt><strong>ngettext</strong> (<em>singular</em>, <em>plural</em>, <em>number</em>)</dt>
<dd><p class="first">Like <tt class="docutils literal"><span class="pre">gettext()</span></tt>, but consider plural forms. If a translation
is found, apply the plural formula to <em>number</em>, and return the
resulting message (some languages have more than two plural forms).
If no translation is found, return singular if <em>number</em> is 1;
return plural otherwise.</p>
<p class="last">This function requires python2.3; in earlier python versions
may not work as expected.</p>
</dd>
</dl>
</dd>
</dl>
<div class="section">
<h3><a class="toc-backref" href="#id29" id="the-context-variable" name="the-context-variable">The context variable</a></h3>
<p>The <em>context</em> variable is one of three things based on the current
context (see <a class="reference" href="#determining-web-context">determining web context</a> for how we figure this out):</p>
<ol class="arabic simple">
<li>if we're looking at a &quot;home&quot; page, then it's None</li>
<li>if we're looking at a specific hyperdb class, it's a
<a class="reference" href="#hyperdb-class-wrapper">hyperdb class wrapper</a>.</li>
<li>if we're looking at a specific hyperdb item, it's a
<a class="reference" href="#hyperdb-item-wrapper">hyperdb item wrapper</a>.</li>
</ol>
<p>If the context is not None, we can access the properties of the class or
item. The only real difference between cases 2 and 3 above are:</p>
<ol class="arabic simple">
<li>the properties may have a real value behind them, and this will
appear if the property is displayed through <tt class="docutils literal"><span class="pre">context/property</span></tt> or
<tt class="docutils literal"><span class="pre">context/property/field</span></tt>.</li>
<li>the context's &quot;id&quot; property will be a false value in the second case,
but a real, or true value in the third. Thus we can determine whether
we're looking at a real item from the hyperdb by testing
&quot;context/id&quot;.</li>
</ol>
<div class="section">
<h4><a class="toc-backref" href="#id30" id="hyperdb-class-wrapper" name="hyperdb-class-wrapper">Hyperdb class wrapper</a></h4>
<p>This is implemented by the <tt class="docutils literal"><span class="pre">roundup.cgi.templating.HTMLClass</span></tt>
class.</p>
<p>This wrapper object provides access to a hyperb class. It is used
primarily in both index view and new item views, but it's also usable
anywhere else that you wish to access information about a class, or the
items of a class, when you don't have a specific item of that class in
mind.</p>
<p>We allow access to properties. There will be no &quot;id&quot; property. The value
accessed through the property will be the current value of the same name
from the CGI form.</p>
<p>There are several methods available on these wrapper objects:</p>
<table border="1" class="docutils">
<colgroup>
<col width="15%" />
<col width="85%" />
</colgroup>
<thead valign="bottom">
<tr><th class="head">Method</th>
<th class="head">Description</th>
</tr>
</thead>
<tbody valign="top">
<tr><td>properties</td>
<td>return a <a class="reference" href="#hyperdb-property-wrapper">hyperdb property wrapper</a> for all of this class's
properties.</td>
</tr>
<tr><td>list</td>
<td>lists all of the active (not retired) items in the class.</td>
</tr>
<tr><td>csv</td>
<td>return the items of this class as a chunk of CSV text.</td>
</tr>
<tr><td>propnames</td>
<td>lists the names of the properties of this class.</td>
</tr>
<tr><td>filter</td>
<td><p class="first">lists of items from this class, filtered and sorted. Two
options are avaible for sorting:</p>
<ol class="arabic">
<li><p class="first">by the current <em>request</em> filterspec/filter/sort/group args</p>
</li>
<li><p class="first">by the &quot;filterspec&quot;, &quot;sort&quot; and &quot;group&quot; keyword args.
&quot;filterspec&quot; is <tt class="docutils literal"><span class="pre">{propname:</span> <span class="pre">value(s)}</span></tt>. &quot;sort&quot; and
&quot;group&quot; are an optionally empty list <tt class="docutils literal"><span class="pre">[(dir,</span> <span class="pre">prop)]</span></tt>
where dir is '+', '-' or None
and prop is a prop name or None.</p>
<p>The propname in filterspec and prop in a sort/group spec
may be transitive, i.e., it may contain properties of
the form link.link.link.name.</p>
</li>
</ol>
<p class="last">eg. All issues with a priority of &quot;1&quot; with messages added in
the last week, sorted by activity date:
<tt class="docutils literal"><span class="pre">issue.filter(filterspec={&quot;priority&quot;:</span> <span class="pre">&quot;1&quot;,</span>
<span class="pre">'messages.creation'</span> <span class="pre">:</span> <span class="pre">'.-1w;'},</span> <span class="pre">sort=[('activity',</span> <span class="pre">'+')])</span></tt></p>
</td>
</tr>
<tr><td>filter_sql</td>
<td><p class="first"><strong>Only in SQL backends</strong></p>
<p>Lists the items that match the SQL provided. The SQL is a
complete &quot;select&quot; statement.</p>
<p>The SQL select must include the item id as the first column.</p>
<p class="last">This function <strong>does not</strong> filter out retired items, add
on a where clause &quot;__retired__ &lt;&gt; 1&quot; if you don't want
retired nodes.</p>
</td>
</tr>
<tr><td>classhelp</td>
<td><p class="first">display a link to a javascript popup containing this class'
&quot;help&quot; template.</p>
<p>This generates a link to a popup window which displays the
properties indicated by &quot;properties&quot; of the class named by
&quot;classname&quot;. The &quot;properties&quot; should be a comma-separated list
(eg. 'id,name,description'). Properties defaults to all the
properties of a class (excluding id, creator, created and
activity).</p>
<p>You may optionally override the &quot;label&quot; displayed, the &quot;width&quot;,
the &quot;height&quot;, the number of items per page (&quot;pagesize&quot;) and
the field on which the list is sorted (&quot;sort&quot;).</p>
<p>With the &quot;filter&quot; arg it is possible to specify a filter for
which items are supposed to be displayed. It has to be of
the format &quot;&lt;field&gt;=&lt;values&gt;;&lt;field&gt;=&lt;values&gt;;...&quot;.</p>
<p>The popup window will be resizable and scrollable.</p>
<p>If the &quot;property&quot; arg is given, it's passed through to the
javascript help_window function. This allows updating of a
property in the calling HTML page.</p>
<p class="last">If the &quot;form&quot; arg is given, it's passed through to the
javascript help_window function - it's the name of the form
the &quot;property&quot; belongs to.</p>
</td>
</tr>
<tr><td>submit</td>
<td>generate a submit button (and action hidden element)</td>
</tr>
<tr><td>renderWith</td>
<td>render this class with the given template.</td>
</tr>
<tr><td>history</td>
<td>returns 'New node - no history' :)</td>
</tr>
<tr><td>is_edit_ok</td>
<td>is the user allowed to Edit the current class?</td>
</tr>
<tr><td>is_view_ok</td>
<td>is the user allowed to View the current class?</td>
</tr>
</tbody>
</table>
<p>Note that if you have a property of the same name as one of the above
methods, you'll need to access it using a python &quot;item access&quot;
expression. For example:</p>
<pre class="literal-block">
python:context['list']
</pre>
<p>will access the &quot;list&quot; property, rather than the list method.</p>
</div>
<div class="section">
<h4><a class="toc-backref" href="#id31" id="hyperdb-item-wrapper" name="hyperdb-item-wrapper">Hyperdb item wrapper</a></h4>
<p>This is implemented by the <tt class="docutils literal"><span class="pre">roundup.cgi.templating.HTMLItem</span></tt>
class.</p>
<p>This wrapper object provides access to a hyperb item.</p>
<p>We allow access to properties. There will be no &quot;id&quot; property. The value
accessed through the property will be the current value of the same name
from the CGI form.</p>
<p>There are several methods available on these wrapper objects:</p>
<table border="1" class="docutils">
<colgroup>
<col width="21%" />
<col width="79%" />
</colgroup>
<thead valign="bottom">
<tr><th class="head">Method</th>
<th class="head">Description</th>
</tr>
</thead>
<tbody valign="top">
<tr><td>submit</td>
<td>generate a submit button (and action hidden element)</td>
</tr>
<tr><td>journal</td>
<td>return the journal of the current item (<strong>not
implemented</strong>)</td>
</tr>
<tr><td>history</td>
<td>render the journal of the current item as HTML</td>
</tr>
<tr><td>renderQueryForm</td>
<td>specific to the &quot;query&quot; class - render the search form
for the query</td>
</tr>
<tr><td>hasPermission</td>
<td><p class="first">specific to the &quot;user&quot; class - determine whether the
user has a Permission. The signature is:</p>
<pre class="literal-block">
hasPermission(self, permission, [classname=],
    [property=], [itemid=])
</pre>
<p class="last">where the classname defaults to the current context.</p>
</td>
</tr>
<tr><td>hasRole</td>
<td><p class="first">specific to the &quot;user&quot; class - determine whether the
user has a Role. The signature is:</p>
<pre class="last literal-block">
hasRole(self, rolename)
</pre>
</td>
</tr>
<tr><td>is_edit_ok</td>
<td>is the user allowed to Edit the current item?</td>
</tr>
<tr><td>is_view_ok</td>
<td>is the user allowed to View the current item?</td>
</tr>
<tr><td>is_retired</td>
<td>is the item retired?</td>
</tr>
<tr><td>download_url</td>
<td>generate a url-quoted link for download of FileClass
item contents (ie. file&lt;id&gt;/&lt;name&gt;)</td>
</tr>
<tr><td>copy_url</td>
<td>generate a url-quoted link for creating a copy
of this item.  By default, the copy will acquire
all properties of the current item except for
<tt class="docutils literal"><span class="pre">messages</span></tt> and <tt class="docutils literal"><span class="pre">files</span></tt>.  This can be overridden
by passing <tt class="docutils literal"><span class="pre">exclude</span></tt> argument which contains a list
(or any iterable) of property names that shall not be
copied.  Database-driven properties like <tt class="docutils literal"><span class="pre">id</span></tt> or
<tt class="docutils literal"><span class="pre">activity</span></tt> cannot be copied.</td>
</tr>
</tbody>
</table>
<p>Note that if you have a property of the same name as one of the above
methods, you'll need to access it using a python &quot;item access&quot;
expression. For example:</p>
<pre class="literal-block">
python:context['journal']
</pre>
<p>will access the &quot;journal&quot; property, rather than the journal method.</p>
</div>
<div class="section">
<h4><a class="toc-backref" href="#id32" id="hyperdb-property-wrapper" name="hyperdb-property-wrapper">Hyperdb property wrapper</a></h4>
<p>This is implemented by subclasses of the
<tt class="docutils literal"><span class="pre">roundup.cgi.templating.HTMLProperty</span></tt> class (<tt class="docutils literal"><span class="pre">HTMLStringProperty</span></tt>,
<tt class="docutils literal"><span class="pre">HTMLNumberProperty</span></tt>, and so on).</p>
<p>This wrapper object provides access to a single property of a class. Its
value may be either:</p>
<ol class="arabic simple">
<li>if accessed through a <a class="reference" href="#hyperdb-item-wrapper">hyperdb item wrapper</a>, then it's a value from
the hyperdb</li>
<li>if access through a <a class="reference" href="#hyperdb-class-wrapper">hyperdb class wrapper</a>, then it's a value from
the CGI form</li>
</ol>
<p>The property wrapper has some useful attributes:</p>
<table border="1" class="docutils">
<colgroup>
<col width="21%" />
<col width="79%" />
</colgroup>
<thead valign="bottom">
<tr><th class="head">Attribute</th>
<th class="head">Description</th>
</tr>
</thead>
<tbody valign="top">
<tr><td>_name</td>
<td>the name of the property</td>
</tr>
<tr><td>_value</td>
<td>the value of the property if any - this is the actual
value retrieved from the hyperdb for this property</td>
</tr>
</tbody>
</table>
<p>There are several methods available on these wrapper objects:</p>
<table border="1" class="docutils">
<colgroup>
<col width="15%" />
<col width="85%" />
</colgroup>
<thead valign="bottom">
<tr><th class="head">Method</th>
<th class="head">Description</th>
</tr>
</thead>
<tbody valign="top">
<tr><td>plain</td>
<td><p class="first">render a &quot;plain&quot; representation of the property. This method
may take two arguments:</p>
<dl class="last docutils">
<dt>escape</dt>
<dd><p class="first">If true, escape the text so it is HTML safe (default: no). The
reason this defaults to off is that text is usually escaped
at a later stage by the TAL commands, unless the &quot;structure&quot;
option is used in the template. The following <tt class="docutils literal"><span class="pre">tal:content</span></tt>
expressions are all equivalent:</p>
<pre class="literal-block">
&quot;structure python:msg.content.plain(escape=1)&quot;
&quot;python:msg.content.plain()&quot;
&quot;msg/content/plain&quot;
&quot;msg/content&quot;
</pre>
<p class="last">Usually you'll only want to use the escape option in a
complex expression.</p>
</dd>
<dt>hyperlink</dt>
<dd><p class="first">If true, turn URLs, email addresses and hyperdb item
designators in the text into hyperlinks (default: no). Note
that you'll need to use the &quot;structure&quot; TAL option if you
want to use this <tt class="docutils literal"><span class="pre">tal:content</span></tt> expression:</p>
<pre class="literal-block">
&quot;structure python:msg.content.plain(hyperlink=1)&quot;
</pre>
<p class="last">The text is automatically HTML-escaped before the hyperlinking
transformation done in the plain() method.</p>
</dd>
</dl>
</td>
</tr>
<tr><td>hyperlinked</td>
<td><p class="first">The same as msg.content.plain(hyperlink=1), but nicer:</p>
<pre class="last literal-block">
&quot;structure msg/content/hyperlinked&quot;
</pre>
</td>
</tr>
<tr><td>field</td>
<td><p class="first">render an appropriate form edit field for the property - for
most types this is a text entry box, but for Booleans it's a
tri-state yes/no/neither selection. This method may take some
arguments:</p>
<dl class="last docutils">
<dt>size</dt>
<dd>Sets the width in characters of the edit field</dd>
<dt>format (Date properties only)</dt>
<dd>Sets the format of the date in the field - uses the same
format string argument as supplied to the <tt class="docutils literal"><span class="pre">pretty</span></tt> method
below.</dd>
<dt>popcal (Date properties only)</dt>
<dd>Include the Javascript-based popup calendar for date
selection. Defaults to on.</dd>
</dl>
</td>
</tr>
<tr><td>stext</td>
<td>only on String properties - render the value of the property
as StructuredText (requires the StructureText module to be
installed separately)</td>
</tr>
<tr><td>multiline</td>
<td>only on String properties - render a multiline form edit
field for the property</td>
</tr>
<tr><td>email</td>
<td>only on String properties - render the value of the property
as an obscured email address</td>
</tr>
<tr><td>confirm</td>
<td>only on Password properties - render a second form edit field
for the property, used for confirmation that the user typed
the password correctly. Generates a field with name
&quot;name:confirm&quot;.</td>
</tr>
<tr><td>now</td>
<td>only on Date properties - return the current date as a new
property</td>
</tr>
<tr><td>reldate</td>
<td>only on Date properties - render the interval between the date
and now</td>
</tr>
<tr><td>local</td>
<td><p class="first">only on Date properties - return this date as a new property
with some timezone offset, for example:</p>
<pre class="literal-block">
python:context.creation.local(10)
</pre>
<p class="last">will render the date with a +10 hour offset.</p>
</td>
</tr>
<tr><td>pretty</td>
<td><p class="first">Date properties - render the date as &quot;dd Mon YYYY&quot; (eg. &quot;19
Mar 2004&quot;). Takes an optional format argument, for example:</p>
<pre class="literal-block">
python:context.activity.pretty('%Y-%m-%d')
</pre>
<p>Will format as &quot;2004-03-19&quot; instead.</p>
<p class="last">Interval properties - render the interval in a pretty
format (eg. &quot;yesterday&quot;). The format arguments are those used
in the standard <tt class="docutils literal"><span class="pre">strftime</span></tt> call (see the <a class="reference" href="http://docs.python.org/lib/module-time.html">Python Library
Reference: time module</a>)</p>
</td>
</tr>
<tr><td>popcal</td>
<td><p class="first">Generate a link to a popup calendar which may be used to
edit the date field, for example:</p>
<pre class="literal-block">
&lt;span tal:replace=&quot;structure context/due/popcal&quot; /&gt;
</pre>
<p>you still need to include the <tt class="docutils literal"><span class="pre">field</span></tt> for the property, so
typically you'd have:</p>
<pre class="last literal-block">
&lt;span tal:replace=&quot;structure context/due/field&quot; /&gt;
&lt;span tal:replace=&quot;structure context/due/popcal&quot; /&gt;
</pre>
</td>
</tr>
<tr><td>menu</td>
<td><p class="first">only on Link and Multilink properties - render a form select
list for this property. Takes a number of optional arguments</p>
<dl class="docutils">
<dt>size</dt>
<dd>is used to limit the length of the list labels</dd>
<dt>height</dt>
<dd>is used to set the &lt;select&gt; tag's &quot;size&quot; attribute</dd>
<dt>showid</dt>
<dd>includes the item ids in the list labels</dd>
<dt>additional</dt>
<dd>lists properties which should be included in the label</dd>
<dt>sort_on</dt>
<dd>indicates the property to sort the list on as (direction,
(direction, property) where direction is '+' or '-'. A
single string with the direction prepended may be used.
For example: ('-', 'order'), '+name'.</dd>
<dt>value</dt>
<dd>gives a default value to preselect in the menu</dd>
</dl>
<p>The remaining keyword arguments are used as conditions for
filtering the items in the list - they're passed as the
&quot;filterspec&quot; argument to a Class.filter() call. For example:</p>
<pre class="last literal-block">
&lt;span tal:replace=&quot;structure context/status/menu&quot; /&gt;

&lt;span tal:replace=&quot;python:context.status.menu(order='+name&quot;,
                      value='chatting',
                      filterspec={'status': '1,2,3,4'}&quot; /&gt;
</pre>
</td>
</tr>
<tr><td>sorted</td>
<td><p class="first">only on Multilink properties - produce a list of the linked
items sorted by some property, for example:</p>
<pre class="literal-block">
python:context.files.sorted('creation')
</pre>
<p class="last">Will list the files by upload date.</p>
</td>
</tr>
<tr><td>reverse</td>
<td>only on Multilink properties - produce a list of the linked
items in reverse order</td>
</tr>
<tr><td>isset</td>
<td>returns True if the property has been set to a value</td>
</tr>
</tbody>
</table>
<p>All of the above functions perform checks for permissions required to
display or edit the data they are manipulating. The simplest case is
editing an issue title. Including the expression:</p>
<pre class="literal-block">
context/title/field
</pre>
<p>Will present the user with an edit field, if they have edit permission. If
not, then they will be presented with a static display if they have view
permission. If they don't even have view permission, then an error message
is raised, preventing the display of the page, indicating that they don't
have permission to view the information.</p>
</div>
</div>
<div class="section">
<h3><a class="toc-backref" href="#id33" id="the-request-variable" name="the-request-variable">The request variable</a></h3>
<p>This is implemented by the <tt class="docutils literal"><span class="pre">roundup.cgi.templating.HTMLRequest</span></tt>
class.</p>
<p>The request variable is packed with information about the current
request.</p>
<!-- taken from ``roundup.cgi.templating.HTMLRequest`` docstring -->
<table border="1" class="docutils">
<colgroup>
<col width="15%" />
<col width="85%" />
</colgroup>
<thead valign="bottom">
<tr><th class="head">Variable</th>
<th class="head">Holds</th>
</tr>
</thead>
<tbody valign="top">
<tr><td>form</td>
<td>the CGI form as a cgi.FieldStorage</td>
</tr>
<tr><td>env</td>
<td>the CGI environment variables</td>
</tr>
<tr><td>base</td>
<td>the base URL for this tracker</td>
</tr>
<tr><td>user</td>
<td>a HTMLUser instance for this user</td>
</tr>
<tr><td>classname</td>
<td>the current classname (possibly None)</td>
</tr>
<tr><td>template</td>
<td>the current template (suffix, also possibly None)</td>
</tr>
<tr><td>form</td>
<td>the current CGI form variables in a FieldStorage</td>
</tr>
</tbody>
</table>
<p><strong>Index page specific variables (indexing arguments)</strong></p>
<table border="1" class="docutils">
<colgroup>
<col width="15%" />
<col width="85%" />
</colgroup>
<thead valign="bottom">
<tr><th class="head">Variable</th>
<th class="head">Holds</th>
</tr>
</thead>
<tbody valign="top">
<tr><td>columns</td>
<td>dictionary of the columns to display in an index page</td>
</tr>
<tr><td>show</td>
<td>a convenience access to columns - request/show/colname will
be true if the columns should be displayed, false otherwise</td>
</tr>
<tr><td>sort</td>
<td>index sort columns [(direction, column name)]</td>
</tr>
<tr><td>group</td>
<td>index grouping properties [(direction, column name)]</td>
</tr>
<tr><td>filter</td>
<td>properties to filter the index on</td>
</tr>
<tr><td>filterspec</td>
<td>values to filter the index on (property=value, eg
<tt class="docutils literal"><span class="pre">priority=1</span></tt> or <tt class="docutils literal"><span class="pre">messages.author=42</span></tt></td>
</tr>
<tr><td>search_text</td>
<td>text to perform a full-text search on for an index</td>
</tr>
</tbody>
</table>
<p>There are several methods available on the request variable:</p>
<table border="1" class="docutils">
<colgroup>
<col width="21%" />
<col width="79%" />
</colgroup>
<thead valign="bottom">
<tr><th class="head">Method</th>
<th class="head">Description</th>
</tr>
</thead>
<tbody valign="top">
<tr><td>description</td>
<td>render a description of the request - handle for the
page title</td>
</tr>
<tr><td>indexargs_form</td>
<td>render the current index args as form elements</td>
</tr>
<tr><td>indexargs_url</td>
<td>render the current index args as a URL</td>
</tr>
<tr><td>base_javascript</td>
<td>render some javascript that is used by other components
of the templating</td>
</tr>
<tr><td>batch</td>
<td>run the current index args through a filter and return a
list of items (see <a class="reference" href="#hyperdb-item-wrapper">hyperdb item wrapper</a>, and
<a class="reference" href="#batching">batching</a>)</td>
</tr>
</tbody>
</table>
<div class="section">
<h4><a class="toc-backref" href="#id34" id="the-form-variable" name="the-form-variable">The form variable</a></h4>
<p>The form variable is a bit special because it's actually a python
FieldStorage object. That means that you have two ways to access its
contents. For example, to look up the CGI form value for the variable
&quot;name&quot;, use the path expression:</p>
<pre class="literal-block">
request/form/name/value
</pre>
<p>or the python expression:</p>
<pre class="literal-block">
python:request.form['name'].value
</pre>
<p>Note the &quot;item&quot; access used in the python case, and also note the
explicit &quot;value&quot; attribute we have to access. That's because the form
variables are stored as MiniFieldStorages. If there's more than one
&quot;name&quot; value in the form, then the above will break since
<tt class="docutils literal"><span class="pre">request/form/name</span></tt> is actually a <em>list</em> of MiniFieldStorages. So it's
best to know beforehand what you're dealing with.</p>
</div>
</div>
<div class="section">
<h3><a class="toc-backref" href="#id35" id="the-db-variable" name="the-db-variable">The db variable</a></h3>
<p>This is implemented by the <tt class="docutils literal"><span class="pre">roundup.cgi.templating.HTMLDatabase</span></tt>
class.</p>
<p>Allows access to all hyperdb classes as attributes of this variable. If
you want access to the &quot;user&quot; class, for example, you would use:</p>
<pre class="literal-block">
db/user
python:db.user
</pre>
<p>Also, the current id of the current user is available as
<tt class="docutils literal"><span class="pre">db.getuid()</span></tt>. This isn't so useful in templates (where you have
<tt class="docutils literal"><span class="pre">request/user</span></tt>), but it can be useful in detectors or interfaces.</p>
<p>The access results in a <a class="reference" href="#hyperdb-class-wrapper">hyperdb class wrapper</a>.</p>
</div>
<div class="section">
<h3><a class="toc-backref" href="#id36" id="the-templates-variable" name="the-templates-variable">The templates variable</a></h3>
<p>This is implemented by the <tt class="docutils literal"><span class="pre">roundup.cgi.templating.Templates</span></tt>
class.</p>
<p>This variable doesn't have any useful methods defined. It supports being
used in expressions to access the templates, and consequently the
template macros. You may access the templates using the following path
expression:</p>
<pre class="literal-block">
templates/name
</pre>
<p>or the python expression:</p>
<pre class="literal-block">
templates[name]
</pre>
<p>where &quot;name&quot; is the name of the template you wish to access. The
template has one useful attribute, namely &quot;macros&quot;. To access a specific
macro (called &quot;macro_name&quot;), use the path expression:</p>
<pre class="literal-block">
templates/name/macros/macro_name
</pre>
<p>or the python expression:</p>
<pre class="literal-block">
templates[name].macros[macro_name]
</pre>
</div>
<div class="section">
<h3><a class="toc-backref" href="#id37" id="the-repeat-variable" name="the-repeat-variable">The repeat variable</a></h3>
<p>The repeat variable holds an entry for each active iteration. That is, if
you have a <tt class="docutils literal"><span class="pre">tal:repeat=&quot;user</span> <span class="pre">db/users&quot;</span></tt> command, then there will be a
repeat variable entry called &quot;user&quot;. This may be accessed as either:</p>
<pre class="literal-block">
repeat/user
python:repeat['user']
</pre>
<p>The &quot;user&quot; entry has a number of methods available for information:</p>
<table border="1" class="docutils">
<colgroup>
<col width="21%" />
<col width="79%" />
</colgroup>
<thead valign="bottom">
<tr><th class="head">Method</th>
<th class="head">Description</th>
</tr>
</thead>
<tbody valign="top">
<tr><td>first</td>
<td>True if the current item is the first in the sequence.</td>
</tr>
<tr><td>last</td>
<td>True if the current item is the last in the sequence.</td>
</tr>
<tr><td>even</td>
<td>True if the current item is an even item in the sequence.</td>
</tr>
<tr><td>odd</td>
<td>True if the current item is an odd item in the sequence.</td>
</tr>
<tr><td>number</td>
<td>Current position in the sequence, starting from 1.</td>
</tr>
<tr><td>letter</td>
<td>Current position in the sequence as a letter, a through
z, then aa through zz, and so on.</td>
</tr>
<tr><td>Letter</td>
<td>Same as letter(), except uppercase.</td>
</tr>
<tr><td>roman</td>
<td>Current position in the sequence as lowercase roman
numerals.</td>
</tr>
<tr><td>Roman</td>
<td>Same as roman(), except uppercase.</td>
</tr>
</tbody>
</table>
</div>
<div class="section">
<h3><a class="toc-backref" href="#id38" id="the-utils-variable" name="the-utils-variable">The utils variable</a></h3>
<p>This is implemented by the
<tt class="docutils literal"><span class="pre">roundup.cgi.templating.TemplatingUtils</span></tt> class, but it may be extended
as described below.</p>
<table border="1" class="docutils">
<colgroup>
<col width="21%" />
<col width="79%" />
</colgroup>
<thead valign="bottom">
<tr><th class="head">Method</th>
<th class="head">Description</th>
</tr>
</thead>
<tbody valign="top">
<tr><td>Batch</td>
<td>return a batch object using the supplied list</td>
</tr>
<tr><td>url_quote</td>
<td>quote some text as safe for a URL (ie. space, %, ...)</td>
</tr>
<tr><td>html_quote</td>
<td>quote some text as safe in HTML (ie. &lt;, &gt;, ...)</td>
</tr>
<tr><td>html_calendar</td>
<td>renders an HTML calendar used by the
<tt class="docutils literal"><span class="pre">_generic.calendar.html</span></tt> template (itself invoked by
the popupCalendar DateHTMLProperty method</td>
</tr>
</tbody>
</table>
<p>You may add additional utility methods by writing them in your tracker
<tt class="docutils literal"><span class="pre">extensions</span></tt> directory and registering them with the templating system
using <tt class="docutils literal"><span class="pre">instance.registerUtil</span></tt> (see <a class="reference" href="#adding-a-time-log-to-your-issues">adding a time log to your issues</a> for
an example of this).</p>
<div class="section">
<h4><a class="toc-backref" href="#id39" id="batching" name="batching">Batching</a></h4>
<p>Use Batch to turn a list of items, or item ids of a given class, into a
series of batches. Its usage is:</p>
<pre class="literal-block">
python:utils.Batch(sequence, size, start, end=0, orphan=0,
overlap=0)
</pre>
<p>or, to get the current index batch:</p>
<pre class="literal-block">
request/batch
</pre>
<p>The parameters are:</p>
<table border="1" class="docutils">
<colgroup>
<col width="13%" />
<col width="87%" />
</colgroup>
<thead valign="bottom">
<tr><th class="head">Parameter</th>
<th class="head">Usage</th>
</tr>
</thead>
<tbody valign="top">
<tr><td>sequence</td>
<td>a list of HTMLItems</td>
</tr>
<tr><td>size</td>
<td>how big to make the sequence.</td>
</tr>
<tr><td>start</td>
<td>where to start (0-indexed) in the sequence.</td>
</tr>
<tr><td>end</td>
<td>where to end (0-indexed) in the sequence.</td>
</tr>
<tr><td>orphan</td>
<td>if the next batch would contain less items than this value,
then it is combined with this batch</td>
</tr>
<tr><td>overlap</td>
<td>the number of items shared between adjacent batches</td>
</tr>
</tbody>
</table>
<p>All of the parameters are assigned as attributes on the batch object. In
addition, it has several more attributes:</p>
<table border="1" class="docutils">
<colgroup>
<col width="21%" />
<col width="79%" />
</colgroup>
<thead valign="bottom">
<tr><th class="head">Attribute</th>
<th class="head">Description</th>
</tr>
</thead>
<tbody valign="top">
<tr><td>start</td>
<td>indicates the start index of the batch. <em>Unlike
the argument, is a 1-based index (I know, lame)</em></td>
</tr>
<tr><td>first</td>
<td>indicates the start index of the batch <em>as a 0-based
index</em></td>
</tr>
<tr><td>length</td>
<td>the actual number of elements in the batch</td>
</tr>
<tr><td>sequence_length</td>
<td>the length of the original, unbatched, sequence.</td>
</tr>
</tbody>
</table>
<p>And several methods:</p>
<table border="1" class="docutils">
<colgroup>
<col width="21%" />
<col width="79%" />
</colgroup>
<thead valign="bottom">
<tr><th class="head">Method</th>
<th class="head">Description</th>
</tr>
</thead>
<tbody valign="top">
<tr><td>previous</td>
<td>returns a new Batch with the previous batch settings</td>
</tr>
<tr><td>next</td>
<td>returns a new Batch with the next batch settings</td>
</tr>
<tr><td>propchanged</td>
<td>detect if the named property changed on the current item
when compared to the last item</td>
</tr>
</tbody>
</table>
<p>An example of batching:</p>
<pre class="literal-block">
&lt;table class=&quot;otherinfo&quot;&gt;
 &lt;tr&gt;&lt;th colspan=&quot;4&quot; class=&quot;header&quot;&gt;Existing Keywords&lt;/th&gt;&lt;/tr&gt;
 &lt;tr tal:define=&quot;keywords db/keyword/list&quot;
     tal:repeat=&quot;start python:range(0, len(keywords), 4)&quot;&gt;
  &lt;td tal:define=&quot;batch python:utils.Batch(keywords, 4, start)&quot;
      tal:repeat=&quot;keyword batch&quot; tal:content=&quot;keyword/name&quot;&gt;
      keyword here&lt;/td&gt;
 &lt;/tr&gt;
&lt;/table&gt;
</pre>
<p>... which will produce a table with four columns containing the items of
the &quot;keyword&quot; class (well, their &quot;name&quot; anyway).</p>
</div>
</div>
</div>
<div class="section">
<h2><a class="toc-backref" href="#id40" id="displaying-properties" name="displaying-properties">Displaying Properties</a></h2>
<p>Properties appear in the user interface in three contexts: in indices,
in editors, and as search arguments. For each type of property, there
are several display possibilities. For example, in an index view, a
string property may just be printed as a plain string, but in an editor
view, that property may be displayed in an editable field.</p>
</div>
<div class="section">
<h2><a class="toc-backref" href="#id41" id="index-views" name="index-views">Index Views</a></h2>
<p>This is one of the class context views. It is also the default view for
classes. The template used is &quot;<em>classname</em>.index&quot;.</p>
<div class="section">
<h3><a class="toc-backref" href="#id42" id="index-view-specifiers" name="index-view-specifiers">Index View Specifiers</a></h3>
<p>An index view specifier (URL fragment) looks like this (whitespace has
been added for clarity):</p>
<pre class="literal-block">
/issue?status=unread,in-progress,resolved&amp;
    topic=security,ui&amp;
    &#64;group=priority,-status&amp;
    &#64;sort=-activity&amp;
    &#64;filters=status,topic&amp;
    &#64;columns=title,status,fixer
</pre>
<p>The index view is determined by two parts of the specifier: the layout
part and the filter part. The layout part consists of the query
parameters that begin with colons, and it determines the way that the
properties of selected items are displayed. The filter part consists of
all the other query parameters, and it determines the criteria by which
items are selected for display. The filter part is interactively
manipulated with the form widgets displayed in the filter section. The
layout part is interactively manipulated by clicking on the column
headings in the table.</p>
<p>The filter part selects the union of the sets of items with values
matching any specified Link properties and the intersection of the sets
of items with values matching any specified Multilink properties.</p>
<p>The example specifies an index of &quot;issue&quot; items. Only items with a
&quot;status&quot; of either &quot;unread&quot; or &quot;in-progress&quot; or &quot;resolved&quot; are
displayed, and only items with &quot;topic&quot; values including both &quot;security&quot;
and &quot;ui&quot; are displayed. The items are grouped by priority arranged in
ascending order and in descending order by status; and within
groups, sorted by activity, arranged in descending order. The filter
section shows filters for the &quot;status&quot; and &quot;topic&quot; properties, and the
table includes columns for the &quot;title&quot;, &quot;status&quot;, and &quot;fixer&quot;
properties.</p>
<table border="1" class="docutils">
<colgroup>
<col width="16%" />
<col width="84%" />
</colgroup>
<thead valign="bottom">
<tr><th class="head">Argument</th>
<th class="head">Description</th>
</tr>
</thead>
<tbody valign="top">
<tr><td>&#64;sort</td>
<td>sort by prop name, optionally preceeded with '-' to give
descending or nothing for ascending sorting. Several
properties can be specified delimited with comma.
Internally a search-page using several sort properties may
use &#64;sort0, &#64;sort1 etc. with option &#64;sortdir0, &#64;sortdir1
etc. for the direction of sorting (a non-empty value of
sortdir0 specifies reverse order).</td>
</tr>
<tr><td>&#64;group</td>
<td>group by prop name, optionally preceeded with '-' or to sort
in descending or nothing for ascending order. Several
properties can be specified delimited with comma.
Internally a search-page using several grouping properties may
use &#64;group0, &#64;group1 etc. with option &#64;groupdir0, &#64;groupdir1
etc. for the direction of grouping (a non-empty value of
groupdir0 specifies reverse order).</td>
</tr>
<tr><td>&#64;columns</td>
<td>selects the columns that should be displayed. Default is
all.</td>
</tr>
<tr><td>&#64;filter</td>
<td>indicates which properties are being used in filtering.
Default is none.</td>
</tr>
<tr><td>propname</td>
<td>selects the values the item properties given by propname must
have (very basic search/filter).</td>
</tr>
<tr><td>&#64;search_text</td>
<td>if supplied, performs a full-text search (message bodies,
issue titles, etc)</td>
</tr>
</tbody>
</table>
</div>
</div>
<div class="section">
<h2><a class="toc-backref" href="#id43" id="searching-views" name="searching-views">Searching Views</a></h2>
<div class="note">
<p class="first admonition-title">Note</p>
<p class="last">if you add a new column to the <tt class="docutils literal"><span class="pre">&#64;columns</span></tt> form variable potentials
then you will need to add the column to the appropriate <a class="reference" href="#index-views">index views</a>
template so that it is actually displayed.</p>
</div>
<p>This is one of the class context views. The template used is typically
&quot;<em>classname</em>.search&quot;. The form on this page should have &quot;search&quot; as its
<tt class="docutils literal"><span class="pre">&#64;action</span></tt> variable. The &quot;search&quot; action:</p>
<ul class="simple">
<li>sets up additional filtering, as well as performing indexed text
searching</li>
<li>sets the <tt class="docutils literal"><span class="pre">&#64;filter</span></tt> variable correctly</li>
<li>saves the query off if <tt class="docutils literal"><span class="pre">&#64;query_name</span></tt> is set.</li>
</ul>
<p>The search page should lay out any fields that you wish to allow the
user to search on. If your schema contains a large number of properties,
you should be wary of making all of those properties available for
searching, as this can cause confusion. If the additional properties are
Strings, consider having their value indexed, and then they will be
searchable using the full text indexed search. This is both faster, and
more useful for the end user.</p>
<p>If the search view does specify the &quot;search&quot; <tt class="docutils literal"><span class="pre">&#64;action</span></tt>, then it may also
provide an additional argument:</p>
<table border="1" class="docutils">
<colgroup>
<col width="16%" />
<col width="84%" />
</colgroup>
<thead valign="bottom">
<tr><th class="head">Argument</th>
<th class="head">Description</th>
</tr>
</thead>
<tbody valign="top">
<tr><td>&#64;query_name</td>
<td>if supplied, the index parameters (including &#64;search_text)
will be saved off as a the query item and registered against
the user's queries property. Note that the <em>classic</em> template
schema has this ability, but the <em>minimal</em> template schema
does not.</td>
</tr>
</tbody>
</table>
</div>
<div class="section">
<h2><a class="toc-backref" href="#id44" id="item-views" name="item-views">Item Views</a></h2>
<p>The basic view of a hyperdb item is provided by the &quot;<em>classname</em>.item&quot;
template. It generally has three sections; an &quot;editor&quot;, a &quot;spool&quot; and a
&quot;history&quot; section.</p>
<div class="section">
<h3><a class="toc-backref" href="#id45" id="editor-section" name="editor-section">Editor Section</a></h3>
<p>The editor section is used to manipulate the item - it may be a static
display if the user doesn't have permission to edit the item.</p>
<p>Here's an example of a basic editor template (this is the default
&quot;classic&quot; template issue item edit form - from the &quot;issue.item.html&quot;
template):</p>
<pre class="literal-block">
&lt;table class=&quot;form&quot;&gt;
&lt;tr&gt;
 &lt;th&gt;Title&lt;/th&gt;
 &lt;td colspan=&quot;3&quot; tal:content=&quot;structure python:context.title.field(size=60)&quot;&gt;title&lt;/td&gt;
&lt;/tr&gt;

&lt;tr&gt;
 &lt;th&gt;Priority&lt;/th&gt;
 &lt;td tal:content=&quot;structure context/priority/menu&quot;&gt;priority&lt;/td&gt;
 &lt;th&gt;Status&lt;/th&gt;
 &lt;td tal:content=&quot;structure context/status/menu&quot;&gt;status&lt;/td&gt;
&lt;/tr&gt;

&lt;tr&gt;
 &lt;th&gt;Superseder&lt;/th&gt;
 &lt;td&gt;
  &lt;span tal:replace=&quot;structure python:context.superseder.field(showid=1, size=20)&quot; /&gt;
  &lt;span tal:replace=&quot;structure python:db.issue.classhelp('id,title')&quot; /&gt;
  &lt;span tal:condition=&quot;context/superseder&quot;&gt;
   &lt;br&gt;View: &lt;span tal:replace=&quot;structure python:context.superseder.link(showid=1)&quot; /&gt;
  &lt;/span&gt;
 &lt;/td&gt;
 &lt;th&gt;Nosy List&lt;/th&gt;
 &lt;td&gt;
  &lt;span tal:replace=&quot;structure context/nosy/field&quot; /&gt;
  &lt;span tal:replace=&quot;structure python:db.user.classhelp('username,realname,address,phone')&quot; /&gt;
 &lt;/td&gt;
&lt;/tr&gt;

&lt;tr&gt;
 &lt;th&gt;Assigned To&lt;/th&gt;
 &lt;td tal:content=&quot;structure context/assignedto/menu&quot;&gt;
  assignedto menu
 &lt;/td&gt;
 &lt;td&gt;&amp;nbsp;&lt;/td&gt;
 &lt;td&gt;&amp;nbsp;&lt;/td&gt;
&lt;/tr&gt;

&lt;tr&gt;
 &lt;th&gt;Change Note&lt;/th&gt;
 &lt;td colspan=&quot;3&quot;&gt;
  &lt;textarea name=&quot;:note&quot; wrap=&quot;hard&quot; rows=&quot;5&quot; cols=&quot;60&quot;&gt;&lt;/textarea&gt;
 &lt;/td&gt;
&lt;/tr&gt;

&lt;tr&gt;
 &lt;th&gt;File&lt;/th&gt;
 &lt;td colspan=&quot;3&quot;&gt;&lt;input type=&quot;file&quot; name=&quot;:file&quot; size=&quot;40&quot;&gt;&lt;/td&gt;
&lt;/tr&gt;

&lt;tr&gt;
 &lt;td&gt;&amp;nbsp;&lt;/td&gt;
 &lt;td colspan=&quot;3&quot; tal:content=&quot;structure context/submit&quot;&gt;
  submit button will go here
 &lt;/td&gt;
&lt;/tr&gt;
&lt;/table&gt;
</pre>
<p>When a change is submitted, the system automatically generates a message
describing the changed properties. As shown in the example, the editor
template can use the &quot;:note&quot; and &quot;:file&quot; fields, which are added to the
standard changenote message generated by Roundup.</p>
<div class="section">
<h4><a class="toc-backref" href="#id46" id="form-values" name="form-values">Form values</a></h4>
<p>We have a number of ways to pull properties out of the form in order to
meet the various needs of:</p>
<ol class="arabic simple">
<li>editing the current item (perhaps an issue item)</li>
<li>editing information related to the current item (eg. messages or
attached files)</li>
<li>creating new information to be linked to the current item (eg. time
spent on an issue)</li>
</ol>
<p>In the following, <tt class="docutils literal"><span class="pre">&lt;bracketed&gt;</span></tt> values are variable, &quot;:&quot; may be one of
&quot;:&quot; or &quot;&#64;&quot;, and other text (&quot;required&quot;) is fixed.</p>
<p>Properties are specified as form variables:</p>
<dl class="docutils">
<dt><tt class="docutils literal"><span class="pre">&lt;propname&gt;</span></tt></dt>
<dd>property on the current context item</dd>
<dt><tt class="docutils literal"><span class="pre">&lt;designator&gt;:&lt;propname&gt;</span></tt></dt>
<dd>property on the indicated item (for editing related information)</dd>
<dt><tt class="docutils literal"><span class="pre">&lt;classname&gt;-&lt;N&gt;:&lt;propname&gt;</span></tt></dt>
<dd>property on the Nth new item of classname (generally for creating new
items to attach to the current item)</dd>
</dl>
<p>Once we have determined the &quot;propname&quot;, we check to see if it is one of
the special form values:</p>
<dl class="docutils">
<dt><tt class="docutils literal"><span class="pre">&#64;required</span></tt></dt>
<dd>The named property values must be supplied or a ValueError will be
raised.</dd>
<dt><tt class="docutils literal"><span class="pre">&#64;remove&#64;&lt;propname&gt;=id(s)</span></tt></dt>
<dd>The ids will be removed from the multilink property.</dd>
<dt><tt class="docutils literal"><span class="pre">:add:&lt;propname&gt;=id(s)</span></tt></dt>
<dd>The ids will be added to the multilink property.</dd>
<dt><tt class="docutils literal"><span class="pre">:link:&lt;propname&gt;=&lt;designator&gt;</span></tt></dt>
<dd>Used to add a link to new items created during edit. These are
collected and returned in <tt class="docutils literal"><span class="pre">all_links</span></tt>. This will result in an
additional linking operation (either Link set or Multilink append)
after the edit/create is done using <tt class="docutils literal"><span class="pre">all_props</span></tt> in <tt class="docutils literal"><span class="pre">_editnodes</span></tt>.
The &lt;propname&gt; on the current item will be set/appended the id of the
newly created item of class &lt;designator&gt; (where &lt;designator&gt; must be
&lt;classname&gt;-&lt;N&gt;).</dd>
</dl>
<p>Any of the form variables may be prefixed with a classname or
designator.</p>
<p>Two special form values are supported for backwards compatibility:</p>
<dl class="docutils">
<dt><tt class="docutils literal"><span class="pre">:note</span></tt></dt>
<dd>create a message (with content, author and date), linked to the
context item. This is ALWAYS designated &quot;msg-1&quot;.</dd>
<dt><tt class="docutils literal"><span class="pre">:file</span></tt></dt>
<dd>create a file, attached to the current item and any message created by
:note. This is ALWAYS designated &quot;file-1&quot;.</dd>
</dl>
</div>
</div>
<div class="section">
<h3><a class="toc-backref" href="#id47" id="spool-section" name="spool-section">Spool Section</a></h3>
<p>The spool section lists related information like the messages and files
of an issue.</p>
<p>TODO</p>
</div>
<div class="section">
<h3><a class="toc-backref" href="#id48" id="history-section" name="history-section">History Section</a></h3>
<p>The final section displayed is the history of the item - its database
journal. This is generally generated with the template:</p>
<pre class="literal-block">
&lt;tal:block tal:replace=&quot;structure context/history&quot; /&gt;
</pre>
<p><em>To be done:</em></p>
<p><em>The actual history entries of the item may be accessed for manual
templating through the &quot;journal&quot; method of the item</em>:</p>
<pre class="literal-block">
&lt;tal:block tal:repeat=&quot;entry context/journal&quot;&gt;
 a journal entry
&lt;/tal:block&gt;
</pre>
<p><em>where each journal entry is an HTMLJournalEntry.</em></p>
</div>
</div>
<div class="section">
<h2><a class="toc-backref" href="#id49" id="defining-new-web-actions" name="defining-new-web-actions">Defining new web actions</a></h2>
<p>You may define new actions to be triggered by the <tt class="docutils literal"><span class="pre">&#64;action</span></tt> form variable.
These are added to the tracker <tt class="docutils literal"><span class="pre">extensions</span></tt> directory and registered
using <tt class="docutils literal"><span class="pre">instance.registerAction</span></tt>.</p>
<p>All the existing Actions are defined in <tt class="docutils literal"><span class="pre">roundup.cgi.actions</span></tt>.</p>
<p>Adding action classes takes three steps; first you <a class="reference" href="#define-the-new-action-class">define the new
action class</a>, then you <a class="reference" href="#register-the-action-class">register the action class</a> with the cgi
interface so it may be triggered by the <tt class="docutils literal"><span class="pre">&#64;action</span></tt> form variable.
Finally you <a class="reference" href="#use-the-new-action">use the new action</a> in your HTML form.</p>
<p>See &quot;<a class="reference" href="#setting-up-a-wizard-or-druid-for-controlled-adding-of-issues">setting up a &quot;wizard&quot; (or &quot;druid&quot;) for controlled adding of
issues</a>&quot; for an example.</p>
<div class="section">
<h3><a class="toc-backref" href="#id50" id="define-the-new-action-class" name="define-the-new-action-class">Define the new action class</a></h3>
<p>Create a new action class in your tracker's <tt class="docutils literal"><span class="pre">extensions</span></tt> directory, for
example <tt class="docutils literal"><span class="pre">myaction.py</span></tt>:</p>
<pre class="literal-block">
from roundup.cgi.actions import Action

class MyAction(Action):
    def handle(self):
        ''' Perform some action. No return value is required.
        '''
</pre>
<p>The <em>self.client</em> attribute is an instance of <tt class="docutils literal"><span class="pre">roundup.cgi.client.Client</span></tt>.
See the docstring of that class for details of what it can do.</p>
<p>The method will typically check the <tt class="docutils literal"><span class="pre">self.form</span></tt> variable's contents.
It may then:</p>
<ul class="simple">
<li>add information to <tt class="docutils literal"><span class="pre">self.client.ok_message</span></tt> or <tt class="docutils literal"><span class="pre">self.client.error_message</span></tt></li>
<li>change the <tt class="docutils literal"><span class="pre">self.client.template</span></tt> variable to alter what the user will see
next</li>
<li>raise Unauthorised, SendStaticFile, SendFile, NotFound or Redirect
exceptions (import them from roundup.cgi.exceptions)</li>
</ul>
</div>
<div class="section">
<h3><a class="toc-backref" href="#id51" id="register-the-action-class" name="register-the-action-class">Register the action class</a></h3>
<p>The class is now written, but isn't available to the user until you register
it with the following code appended to your <tt class="docutils literal"><span class="pre">myaction.py</span></tt> file:</p>
<pre class="literal-block">
def init(instance):
    instance.registerAction('myaction', myActionClass)
</pre>
<p>This maps the action name &quot;myaction&quot; to the action class we defined.</p>
</div>
<div class="section">
<h3><a class="toc-backref" href="#id52" id="use-the-new-action" name="use-the-new-action">Use the new action</a></h3>
<p>In your HTML form, add a hidden form element like so:</p>
<pre class="literal-block">
&lt;input type=&quot;hidden&quot; name=&quot;&#64;action&quot; value=&quot;myaction&quot;&gt;
</pre>
<p>where &quot;myaction&quot; is the name you registered in the previous step.</p>
</div>
<div class="section">
<h3><a class="toc-backref" href="#id53" id="actions-may-return-content-to-the-user" name="actions-may-return-content-to-the-user">Actions may return content to the user</a></h3>
<p>Actions generally perform some database manipulation and then pass control
on to the rendering of a template in the current context (see <a class="reference" href="#determining-web-context">Determining
web context</a> for how that works.) Some actions will want to generate the
actual content returned to the user. Action methods may return their own
content string to be displayed to the user, overriding the templating step.
In this situation, we assume that the content is HTML by default. You may
override the content type indicated to the user by calling <tt class="docutils literal"><span class="pre">setHeader</span></tt>:</p>
<pre class="literal-block">
self.client.setHeader('Content-Type', 'text/csv')
</pre>
<p>This example indicates that the value sent back to the user is actually
comma-separated value content (eg. something to be loaded into a
spreadsheet or database).</p>
</div>
</div>
<div class="section">
<h2><a class="toc-backref" href="#id54" id="bit-character-set-support-in-web-interface" name="bit-character-set-support-in-web-interface">8-bit character set support in Web interface</a></h2>
<p>The web interface uses UTF-8 default. It may be overridden in both forms
and a browser cookie.</p>
<ul class="simple">
<li>In forms, use the <tt class="docutils literal"><span class="pre">&#64;charset</span></tt> variable.</li>
<li>To use the cookie override, have the <tt class="docutils literal"><span class="pre">roundup_charset</span></tt> cookie set.</li>
</ul>
<p>In both cases, the value is a valid charset name (eg. <tt class="docutils literal"><span class="pre">utf-8</span></tt> or
<tt class="docutils literal"><span class="pre">kio8-r</span></tt>).</p>
<p>Inside Roundup, all strings are stored and processed in utf-8.
Unfortunately, some older browsers do not work properly with
utf-8-encoded pages (e.g. Netscape Navigator 4 displays wrong
characters in form fields).  This version allows one to change
the character set for http transfers.  To do so, you may add
the following code to your <tt class="docutils literal"><span class="pre">page.html</span></tt> template:</p>
<pre class="literal-block">
&lt;tal:block define=&quot;uri string:${request/base}${request/env/PATH_INFO}&quot;&gt;
 &lt;a tal:attributes=&quot;href python:request.indexargs_url(uri,
  {'&#64;charset':'utf-8'})&quot;&gt;utf-8&lt;/a&gt;
 &lt;a tal:attributes=&quot;href python:request.indexargs_url(uri,
  {'&#64;charset':'koi8-r'})&quot;&gt;koi8-r&lt;/a&gt;
&lt;/tal:block&gt;
</pre>
<p>(substitute <tt class="docutils literal"><span class="pre">koi8-r</span></tt> with appropriate charset for your language).
Charset preference is kept in the browser cookie <tt class="docutils literal"><span class="pre">roundup_charset</span></tt>.</p>
<p><tt class="docutils literal"><span class="pre">meta</span> <span class="pre">http-equiv</span></tt> lines added to the tracker templates in version 0.6.0
should be changed to include actual character set name:</p>
<pre class="literal-block">
&lt;meta http-equiv=&quot;Content-Type&quot;
 tal:attributes=&quot;content string:text/html;; charset=${request/client/charset}&quot;
/&gt;
</pre>
<p>The charset is also sent in the http header.</p>
</div>
</div>
<div class="section">
<h1><a class="toc-backref" href="#id14" id="examples" name="examples">Examples</a></h1>
<div class="contents local topic">
<ul class="simple">
<li><a class="reference" href="#changing-what-s-stored-in-the-database" id="id55" name="id55">Changing what's stored in the database</a><ul>
<li><a class="reference" href="#adding-a-new-field-to-the-classic-schema" id="id56" name="id56">Adding a new field to the classic schema</a></li>
<li><a class="reference" href="#adding-a-new-constrained-field-to-the-classic-schema" id="id57" name="id57">Adding a new constrained field to the classic schema</a></li>
<li><a class="reference" href="#adding-a-time-log-to-your-issues" id="id58" name="id58">Adding a time log to your issues</a></li>
<li><a class="reference" href="#tracking-different-types-of-issues" id="id59" name="id59">Tracking different types of issues</a></li>
</ul>
</li>
<li><a class="reference" href="#using-external-user-databases" id="id60" name="id60">Using External User Databases</a><ul>
<li><a class="reference" href="#using-an-external-password-validation-source" id="id61" name="id61">Using an external password validation source</a></li>
<li><a class="reference" href="#using-a-un-x-passwd-file-as-the-user-database" id="id62" name="id62">Using a UN*X passwd file as the user database</a></li>
<li><a class="reference" href="#using-an-ldap-database-for-user-information" id="id63" name="id63">Using an LDAP database for user information</a></li>
</ul>
</li>
<li><a class="reference" href="#changes-to-tracker-behaviour" id="id64" name="id64">Changes to Tracker Behaviour</a><ul>
<li><a class="reference" href="#stop-nosy-messages-going-to-people-on-vacation" id="id65" name="id65">Stop &quot;nosy&quot; messages going to people on vacation</a></li>
<li><a class="reference" href="#adding-in-state-transition-control" id="id66" name="id66">Adding in state transition control</a></li>
<li><a class="reference" href="#blocking-issues-that-depend-on-other-issues" id="id67" name="id67">Blocking issues that depend on other issues</a></li>
<li><a class="reference" href="#add-users-to-the-nosy-list-based-on-the-topic" id="id68" name="id68">Add users to the nosy list based on the topic</a></li>
</ul>
</li>
<li><a class="reference" href="#changes-to-security-and-permissions" id="id69" name="id69">Changes to Security and Permissions</a><ul>
<li><a class="reference" href="#restricting-the-list-of-users-that-are-assignable-to-a-task" id="id70" name="id70">Restricting the list of users that are assignable to a task</a></li>
<li><a class="reference" href="#users-may-only-edit-their-issues" id="id71" name="id71">Users may only edit their issues</a></li>
<li><a class="reference" href="#all-users-may-only-view-and-edit-issues-files-and-messages-they-create" id="id72" name="id72">All users may only view and edit issues, files and messages they create</a></li>
</ul>
</li>
<li><a class="reference" href="#changes-to-the-web-user-interface" id="id73" name="id73">Changes to the Web User Interface</a><ul>
<li><a class="reference" href="#adding-action-links-to-the-index-page" id="id74" name="id74">Adding action links to the index page</a></li>
<li><a class="reference" href="#colouring-the-rows-in-the-issue-index-according-to-priority" id="id75" name="id75">Colouring the rows in the issue index according to priority</a></li>
<li><a class="reference" href="#editing-multiple-items-in-an-index-view" id="id76" name="id76">Editing multiple items in an index view</a></li>
<li><a class="reference" href="#displaying-only-message-summaries-in-the-issue-display" id="id77" name="id77">Displaying only message summaries in the issue display</a></li>
<li><a class="reference" href="#enabling-display-of-either-message-summaries-or-the-entire-messages" id="id78" name="id78">Enabling display of either message summaries or the entire messages</a></li>
<li><a class="reference" href="#setting-up-a-wizard-or-druid-for-controlled-adding-of-issues" id="id79" name="id79">Setting up a &quot;wizard&quot; (or &quot;druid&quot;) for controlled adding of issues</a></li>
</ul>
</li>
</ul>
</div>
<div class="section">
<h2><a class="toc-backref" href="#id55" id="changing-what-s-stored-in-the-database" name="changing-what-s-stored-in-the-database">Changing what's stored in the database</a></h2>
<p>The following examples illustrate ways to change the information stored in
the database.</p>
<div class="section">
<h3><a class="toc-backref" href="#id56" id="adding-a-new-field-to-the-classic-schema" name="adding-a-new-field-to-the-classic-schema">Adding a new field to the classic schema</a></h3>
<p>This example shows how to add a simple field (a due date) to the default
classic schema. It does not add any additional behaviour, such as enforcing
the due date, or causing automatic actions to fire if the due date passes.</p>
<p>You add new fields by editing the <tt class="docutils literal"><span class="pre">schema.py</span></tt> file in you tracker's home.
Schema changes are automatically applied to the database on the next
tracker access (note that roundup-server would need to be restarted as it
caches the schema).</p>
<ol class="arabic">
<li><p class="first">modify the <tt class="docutils literal"><span class="pre">schema.py</span></tt>:</p>
<pre class="literal-block">
issue = IssueClass(db, &quot;issue&quot;,
                assignedto=Link(&quot;user&quot;), topic=Multilink(&quot;keyword&quot;),
                priority=Link(&quot;priority&quot;), status=Link(&quot;status&quot;),
                due_date=Date())
</pre>
</li>
<li><p class="first">add an edit field to the <tt class="docutils literal"><span class="pre">issue.item.html</span></tt> template:</p>
<pre class="literal-block">
&lt;tr&gt;
 &lt;th&gt;Due Date&lt;/th&gt;
 &lt;td tal:content=&quot;structure context/due_date/field&quot; /&gt;
&lt;/tr&gt;
</pre>
</li>
<li><p class="first">add the property to the <tt class="docutils literal"><span class="pre">issue.index.html</span></tt> page:</p>
<pre class="literal-block">
(in the heading row)
  &lt;th tal:condition=&quot;request/show/due_date&quot;&gt;Due Date&lt;/th&gt;
(in the data row)
  &lt;td tal:condition=&quot;request/show/due_date&quot; tal:content=&quot;i/due_date&quot; /&gt;
</pre>
</li>
<li><p class="first">add the property to the <tt class="docutils literal"><span class="pre">issue.search.html</span></tt> page:</p>
<pre class="literal-block">
&lt;tr tal:define=&quot;name string:due_date&quot;&gt;
  &lt;th i18n:translate=&quot;&quot;&gt;Due Date:&lt;/th&gt;
  &lt;td metal:use-macro=&quot;search_input&quot;&gt;&lt;/td&gt;
  &lt;td metal:use-macro=&quot;column_input&quot;&gt;&lt;/td&gt;
  &lt;td metal:use-macro=&quot;sort_input&quot;&gt;&lt;/td&gt;
  &lt;td metal:use-macro=&quot;group_input&quot;&gt;&lt;/td&gt;
&lt;/tr&gt;
</pre>
</li>
<li><dl class="first docutils">
<dt>if you wish for the due date to appear in the standard views listed</dt>
<dd><p class="first last">in the sidebar of the web interface then you'll need to add &quot;due_date&quot;
to the list of &#64;columns in the links in the sidebar section of
<tt class="docutils literal"><span class="pre">page.html</span></tt>.</p>
</dd>
</dl>
</li>
</ol>
</div>
<div class="section">
<h3><a class="toc-backref" href="#id57" id="adding-a-new-constrained-field-to-the-classic-schema" name="adding-a-new-constrained-field-to-the-classic-schema">Adding a new constrained field to the classic schema</a></h3>
<p>This example shows how to add a new constrained property (i.e. a
selection of distinct values) to your tracker.</p>
<div class="section">
<h4><a id="introduction" name="introduction">Introduction</a></h4>
<p>To make the classic schema of Roundup useful as a TODO tracking system
for a group of systems administrators, it needs an extra data field per
issue: a category.</p>
<p>This would let sysadmins quickly list all TODOs in their particular area
of interest without having to do complex queries, and without relying on
the spelling capabilities of other sysadmins (a losing proposition at
best).</p>
</div>
<div class="section">
<h4><a id="adding-a-field-to-the-database" name="adding-a-field-to-the-database">Adding a field to the database</a></h4>
<p>This is the easiest part of the change. The category would just be a
plain string, nothing fancy. To change what is in the database you need
to add some lines to the <tt class="docutils literal"><span class="pre">schema.py</span></tt> file of your tracker instance.
Under the comment:</p>
<pre class="literal-block">
# add any additional database schema configuration here
</pre>
<p>add:</p>
<pre class="literal-block">
category = Class(db, &quot;category&quot;, name=String())
category.setkey(&quot;name&quot;)
</pre>
<p>Here we are setting up a chunk of the database which we are calling
&quot;category&quot;. It contains a string, which we are refering to as &quot;name&quot; for
lack of a more imaginative title. (Since &quot;name&quot; is one of the properties
that Roundup looks for on items if you do not set a key for them, it's
probably a good idea to stick with it for new classes if at all
appropriate.) Then we are setting the key of this chunk of the database
to be that &quot;name&quot;. This is equivalent to an index for database types.
This also means that there can only be one category with a given name.</p>
<p>Adding the above lines allows us to create categories, but they're not
tied to the issues that we are going to be creating. It's just a list of
categories off on its own, which isn't much use. We need to link it in
with the issues. To do that, find the lines
in <tt class="docutils literal"><span class="pre">schema.py</span></tt> which set up the &quot;issue&quot; class, and then add a link to
the category:</p>
<pre class="literal-block">
issue = IssueClass(db, &quot;issue&quot;, ... ,
    category=Multilink(&quot;category&quot;), ... )
</pre>
<p>The <tt class="docutils literal"><span class="pre">Multilink()</span></tt> means that each issue can have many categories. If
you were adding something with a one-to-one relationship to issues (such
as the &quot;assignedto&quot; property), use <tt class="docutils literal"><span class="pre">Link()</span></tt> instead.</p>
<p>That is all you need to do to change the schema. The rest of the effort
is fiddling around so you can actually use the new category.</p>
</div>
<div class="section">
<h4><a id="populating-the-new-category-class" name="populating-the-new-category-class">Populating the new category class</a></h4>
<p>If you haven't initialised the database with the <tt class="docutils literal"><span class="pre">roundup-admin</span></tt>
&quot;initialise&quot; command, then you can add the following to the tracker
<tt class="docutils literal"><span class="pre">initial_data.py</span></tt> under the comment:</p>
<pre class="literal-block">
# add any additional database creation steps here - but only if you
# haven't initialised the database with the admin &quot;initialise&quot; command
</pre>
<p>Add:</p>
<pre class="literal-block">
category = db.getclass('category')
category.create(name=&quot;scipy&quot;)
category.create(name=&quot;chaco&quot;)
category.create(name=&quot;weave&quot;)
</pre>
<p>If the database has already been initalised, then you need to use the
<tt class="docutils literal"><span class="pre">roundup-admin</span></tt> tool:</p>
<pre class="literal-block">
% roundup-admin -i &lt;tracker home&gt;
Roundup &lt;version&gt; ready for input.
Type &quot;help&quot; for help.
roundup&gt; create category name=scipy
1
roundup&gt; create category name=chaco
2
roundup&gt; create category name=weave
3
roundup&gt; exit...
There are unsaved changes. Commit them (y/N)? y
</pre>
</div>
<div class="section">
<h4><a id="setting-up-security-on-the-new-objects" name="setting-up-security-on-the-new-objects">Setting up security on the new objects</a></h4>
<p>By default only the admin user can look at and change objects. This
doesn't suit us, as we want any user to be able to create new categories
as required, and obviously everyone needs to be able to view the
categories of issues for it to be useful.</p>
<p>We therefore need to change the security of the category objects. This
is also done in <tt class="docutils literal"><span class="pre">schema.py</span></tt>.</p>
<p>There are currently two loops which set up permissions and then assign
them to various roles. Simply add the new &quot;category&quot; to both lists:</p>
<pre class="literal-block">
# Assign the access and edit permissions for issue, file and message
# to regular users now
for cl in 'issue', 'file', 'msg', 'category':
    p = db.security.getPermission('View', cl)
    db.security.addPermissionToRole('User', 'View', cl)
    db.security.addPermissionToRole('User', 'Edit', cl)
    db.security.addPermissionToRole('User', 'Create', cl)
</pre>
<p>These lines assign the &quot;View&quot; and &quot;Edit&quot; Permissions to the &quot;User&quot; role,
so that normal users can view and edit &quot;category&quot; objects.</p>
<p>This is all the work that needs to be done for the database. It will
store categories, and let users view and edit them. Now on to the
interface stuff.</p>
</div>
<div class="section">
<h4><a id="changing-the-web-left-hand-frame" name="changing-the-web-left-hand-frame">Changing the web left hand frame</a></h4>
<p>We need to give the users the ability to create new categories, and the
place to put the link to this functionality is in the left hand function
bar, under the &quot;Issues&quot; area. The file that defines how this area looks
is <tt class="docutils literal"><span class="pre">html/page.html</span></tt>, which is what we are going to be editing next.</p>
<p>If you look at this file you can see that it contains a lot of
&quot;classblock&quot; sections which are chunks of HTML that will be included or
excluded in the output depending on whether the condition in the
classblock is met. We are going to add the category code at the end of
the classblock for the <em>issue</em> class:</p>
<pre class="literal-block">
&lt;p class=&quot;classblock&quot;
   tal:condition=&quot;python:request.user.hasPermission('View', 'category')&quot;&gt;
 &lt;b&gt;Categories&lt;/b&gt;&lt;br&gt;
 &lt;a tal:condition=&quot;python:request.user.hasPermission('Edit', 'category')&quot;
    href=&quot;category?&#64;template=item&quot;&gt;New Category&lt;br&gt;&lt;/a&gt;
&lt;/p&gt;
</pre>
<p>The first two lines is the classblock definition, which sets up a
condition that only users who have &quot;View&quot; permission for the &quot;category&quot;
object will have this section included in their output. Next comes a
plain &quot;Categories&quot; header in bold. Everyone who can view categories will
get that.</p>
<p>Next comes the link to the editing area of categories. This link will
only appear if the condition - that the user has &quot;Edit&quot; permissions for
the &quot;category&quot; objects - is matched. If they do have permission then
they will get a link to another page which will let the user add new
categories.</p>
<p>Note that if you have permission to <em>view</em> but not to <em>edit</em> categories,
then all you will see is a &quot;Categories&quot; header with nothing underneath
it. This is obviously not very good interface design, but will do for
now. I just claim that it is so I can add more links in this section
later on. However, to fix the problem you could change the condition in
the classblock statement, so that only users with &quot;Edit&quot; permission
would see the &quot;Categories&quot; stuff.</p>
</div>
<div class="section">
<h4><a id="setting-up-a-page-to-edit-categories" name="setting-up-a-page-to-edit-categories">Setting up a page to edit categories</a></h4>
<p>We defined code in the previous section which let users with the
appropriate permissions see a link to a page which would let them edit
conditions. Now we have to write that page.</p>
<p>The link was for the <em>item</em> template of the <em>category</em> object. This
translates into Roundup looking for a file called <tt class="docutils literal"><span class="pre">category.item.html</span></tt>
in the <tt class="docutils literal"><span class="pre">html</span></tt> tracker directory. This is the file that we are going to
write now.</p>
<p>First, we add an info tag in a comment which doesn't affect the outcome
of the code at all, but is useful for debugging. If you load a page in a
browser and look at the page source, you can see which sections come
from which files by looking for these comments:</p>
<pre class="literal-block">
&lt;!-- category.item --&gt;
</pre>
<p>Next we need to add in the METAL macro stuff so we get the normal page
trappings:</p>
<pre class="literal-block">
&lt;tal:block metal:use-macro=&quot;templates/page/macros/icing&quot;&gt;
 &lt;title metal:fill-slot=&quot;head_title&quot;&gt;Category editing&lt;/title&gt;
 &lt;td class=&quot;page-header-top&quot; metal:fill-slot=&quot;body_title&quot;&gt;
  &lt;h2&gt;Category editing&lt;/h2&gt;
 &lt;/td&gt;
 &lt;td class=&quot;content&quot; metal:fill-slot=&quot;content&quot;&gt;
</pre>
<p>Next we need to setup up a standard HTML form, which is the whole
purpose of this file. We link to some handy javascript which sends the
form through only once. This is to stop users hitting the send button
multiple times when they are impatient and thus having the form sent
multiple times:</p>
<pre class="literal-block">
&lt;form method=&quot;POST&quot; onSubmit=&quot;return submit_once()&quot;
      enctype=&quot;multipart/form-data&quot;&gt;
</pre>
<p>Next we define some code which sets up the minimum list of fields that
we require the user to enter. There will be only one field - &quot;name&quot; - so
they better put something in it, otherwise the whole form is pointless:</p>
<pre class="literal-block">
&lt;input type=&quot;hidden&quot; name=&quot;&#64;required&quot; value=&quot;name&quot;&gt;
</pre>
<p>To get everything to line up properly we will put everything in a table,
and put a nice big header on it so the user has an idea what is
happening:</p>
<pre class="literal-block">
&lt;table class=&quot;form&quot;&gt;
 &lt;tr&gt;&lt;th class=&quot;header&quot; colspan=&quot;2&quot;&gt;Category&lt;/th&gt;&lt;/tr&gt;
</pre>
<p>Next, we need the field into which the user is going to enter the new
category. The <tt class="docutils literal"><span class="pre">context.name.field(size=60)</span></tt> bit tells Roundup to
generate a normal HTML field of size 60, and the contents of that field
will be the &quot;name&quot; variable of the current context (namely &quot;category&quot;).
The upshot of this is that when the user types something in
to the form, a new category will be created with that name:</p>
<pre class="literal-block">
&lt;tr&gt;
 &lt;th&gt;Name&lt;/th&gt;
 &lt;td tal:content=&quot;structure python:context.name.field(size=60)&quot;&gt;
 name&lt;/td&gt;
&lt;/tr&gt;
</pre>
<p>Then a submit button so that the user can submit the new category:</p>
<pre class="literal-block">
&lt;tr&gt;
 &lt;td&gt;&amp;nbsp;&lt;/td&gt;
 &lt;td colspan=&quot;3&quot; tal:content=&quot;structure context/submit&quot;&gt;
  submit button will go here
 &lt;/td&gt;
&lt;/tr&gt;
</pre>
<p>Finally we finish off the tags we used at the start to do the METAL
stuff:</p>
<pre class="literal-block">
 &lt;/td&gt;
&lt;/tal:block&gt;
</pre>
<p>So putting it all together, and closing the table and form we get:</p>
<pre class="literal-block">
&lt;!-- category.item --&gt;
&lt;tal:block metal:use-macro=&quot;templates/page/macros/icing&quot;&gt;
 &lt;title metal:fill-slot=&quot;head_title&quot;&gt;Category editing&lt;/title&gt;
 &lt;td class=&quot;page-header-top&quot; metal:fill-slot=&quot;body_title&quot;&gt;
  &lt;h2&gt;Category editing&lt;/h2&gt;
 &lt;/td&gt;
 &lt;td class=&quot;content&quot; metal:fill-slot=&quot;content&quot;&gt;
  &lt;form method=&quot;POST&quot; onSubmit=&quot;return submit_once()&quot;
        enctype=&quot;multipart/form-data&quot;&gt;

   &lt;table class=&quot;form&quot;&gt;
    &lt;tr&gt;&lt;th class=&quot;header&quot; colspan=&quot;2&quot;&gt;Category&lt;/th&gt;&lt;/tr&gt;

    &lt;tr&gt;
     &lt;th&gt;Name&lt;/th&gt;
     &lt;td tal:content=&quot;structure python:context.name.field(size=60)&quot;&gt;
     name&lt;/td&gt;
    &lt;/tr&gt;

    &lt;tr&gt;
     &lt;td&gt;
       &amp;nbsp;
       &lt;input type=&quot;hidden&quot; name=&quot;&#64;required&quot; value=&quot;name&quot;&gt;
     &lt;/td&gt;
     &lt;td colspan=&quot;3&quot; tal:content=&quot;structure context/submit&quot;&gt;
      submit button will go here
     &lt;/td&gt;
    &lt;/tr&gt;
   &lt;/table&gt;
  &lt;/form&gt;
 &lt;/td&gt;
&lt;/tal:block&gt;
</pre>
<p>This is quite a lot to just ask the user one simple question, but there
is a lot of setup for basically one line (the form line) to do its work.
To add another field to &quot;category&quot; would involve one more line (well,
maybe a few extra to get the formatting correct).</p>
</div>
<div class="section">
<h4><a id="adding-the-category-to-the-issue" name="adding-the-category-to-the-issue">Adding the category to the issue</a></h4>
<p>We now have the ability to create issues to our heart's content, but
that is pointless unless we can assign categories to issues.  Just like
the <tt class="docutils literal"><span class="pre">html/category.item.html</span></tt> file was used to define how to add a new
category, the <tt class="docutils literal"><span class="pre">html/issue.item.html</span></tt> is used to define how a new issue
is created.</p>
<p>Just like <tt class="docutils literal"><span class="pre">category.issue.html</span></tt>, this file defines a form which has a
table to lay things out. It doesn't matter where in the table we add new
stuff, it is entirely up to your sense of aesthetics:</p>
<pre class="literal-block">
&lt;th&gt;Category&lt;/th&gt;
&lt;td&gt;
 &lt;span tal:replace=&quot;structure context/category/field&quot; /&gt;
 &lt;span tal:replace=&quot;structure python:db.category.classhelp('name',
             property='category', width='200')&quot; /&gt;
&lt;/td&gt;
</pre>
<p>First, we define a nice header so that the user knows what the next
section is, then the middle line does what we are most interested in.
This <tt class="docutils literal"><span class="pre">context/category/field</span></tt> gets replaced by a field which contains
the category in the current context (the current context being the new
issue).</p>
<p>The classhelp lines generate a link (labelled &quot;list&quot;) to a popup window
which contains the list of currently known categories.</p>
</div>
<div class="section">
<h4><a id="searching-on-categories" name="searching-on-categories">Searching on categories</a></h4>
<p>Now we can add categories, and create issues with categories. The next
obvious thing that we would like to be able to do, would be to search
for issues based on their category, so that, for example, anyone working
on the web server could look at all issues in the category &quot;Web&quot;.</p>
<p>If you look for &quot;Search Issues&quot; in the <tt class="docutils literal"><span class="pre">html/page.html</span></tt> file, you will
find that it looks something like
<tt class="docutils literal"><span class="pre">&lt;a</span> <span class="pre">href=&quot;issue?&#64;template=search&quot;&gt;Search</span> <span class="pre">Issues&lt;/a&gt;</span></tt>. This shows us
that when you click on &quot;Search Issues&quot; it will be looking for a
<tt class="docutils literal"><span class="pre">issue.search.html</span></tt> file to display. So that is the file that we will
change.</p>
<p>If you look at this file it should begin to seem familiar, although it
does use some new macros. You can add the new category search code anywhere you
like within that form:</p>
<pre class="literal-block">
&lt;tr tal:define=&quot;name string:category;
                db_klass string:category;
                db_content string:name;&quot;&gt;
  &lt;th&gt;Priority:&lt;/th&gt;
  &lt;td metal:use-macro=&quot;search_select&quot;&gt;&lt;/td&gt;
  &lt;td metal:use-macro=&quot;column_input&quot;&gt;&lt;/td&gt;
  &lt;td metal:use-macro=&quot;sort_input&quot;&gt;&lt;/td&gt;
  &lt;td metal:use-macro=&quot;group_input&quot;&gt;&lt;/td&gt;
&lt;/tr&gt;
</pre>
<p>The definitions in the <tt class="docutils literal"><span class="pre">&lt;tr&gt;</span></tt> opening tag are used by the macros:</p>
<ul class="simple">
<li><tt class="docutils literal"><span class="pre">search_select</span></tt> expands to a drop-down box with all categories using
<tt class="docutils literal"><span class="pre">db_klass</span></tt> and <tt class="docutils literal"><span class="pre">db_content</span></tt>.</li>
<li><tt class="docutils literal"><span class="pre">column_input</span></tt> expands to a checkbox for selecting what columns
should be displayed.</li>
<li><tt class="docutils literal"><span class="pre">sort_input</span></tt> expands to a radio button for selecting what property
should be sorted on.</li>
<li><tt class="docutils literal"><span class="pre">group_input</span></tt> expands to a radio button for selecting what property
should be grouped on.</li>
</ul>
<p>The category search code above would expand to the following:</p>
<pre class="literal-block">
&lt;tr&gt;
  &lt;th&gt;Category:&lt;/th&gt;
  &lt;td&gt;
    &lt;select name=&quot;category&quot;&gt;
      &lt;option value=&quot;&quot;&gt;don't care&lt;/option&gt;
      &lt;option value=&quot;&quot;&gt;------------&lt;/option&gt;
      &lt;option value=&quot;1&quot;&gt;scipy&lt;/option&gt;
      &lt;option value=&quot;2&quot;&gt;chaco&lt;/option&gt;
      &lt;option value=&quot;3&quot;&gt;weave&lt;/option&gt;
    &lt;/select&gt;
  &lt;/td&gt;
  &lt;td&gt;&lt;input type=&quot;checkbox&quot; name=&quot;:columns&quot; value=&quot;category&quot;&gt;&lt;/td&gt;
  &lt;td&gt;&lt;input type=&quot;radio&quot; name=&quot;:sort0&quot; value=&quot;category&quot;&gt;&lt;/td&gt;
  &lt;td&gt;&lt;input type=&quot;radio&quot; name=&quot;:group0&quot; value=&quot;category&quot;&gt;&lt;/td&gt;
&lt;/tr&gt;
</pre>
</div>
<div class="section">
<h4><a id="adding-category-to-the-default-view" name="adding-category-to-the-default-view">Adding category to the default view</a></h4>
<p>We can now add categories, add issues with categories, and search for
issues based on categories. This is everything that we need to do;
however, there is some more icing that we would like. I think the
category of an issue is important enough that it should be displayed by
default when listing all the issues.</p>
<p>Unfortunately, this is a bit less obvious than the previous steps. The
code defining how the issues look is in <tt class="docutils literal"><span class="pre">html/issue.index.html</span></tt>. This
is a large table with a form down at the bottom for redisplaying and so
forth.</p>
<p>Firstly we need to add an appropriate header to the start of the table:</p>
<pre class="literal-block">
&lt;th tal:condition=&quot;request/show/category&quot;&gt;Category&lt;/th&gt;
</pre>
<p>The <em>condition</em> part of this statement is to avoid displaying the
Category column if the user has selected not to see it.</p>
<p>The rest of the table is a loop which will go through every issue that
matches the display criteria. The loop variable is &quot;i&quot; - which means
that every issue gets assigned to &quot;i&quot; in turn.</p>
<p>The new part of code to display the category will look like this:</p>
<pre class="literal-block">
&lt;td tal:condition=&quot;request/show/category&quot;
    tal:content=&quot;i/category&quot;&gt;&lt;/td&gt;
</pre>
<p>The condition is the same as above: only display the condition when the
user hasn't asked for it to be hidden. The next part is to set the
content of the cell to be the category part of &quot;i&quot; - the current issue.</p>
<p>Finally we have to edit <tt class="docutils literal"><span class="pre">html/page.html</span></tt> again. This time, we need to
tell it that when the user clicks on &quot;Unassigned Issues&quot; or &quot;All Issues&quot;,
the category column should be included in the resulting list. If you
scroll down the page file, you can see the links with lots of options.
The option that we are interested in is the <tt class="docutils literal"><span class="pre">:columns=</span></tt> one which
tells roundup which fields of the issue to display. Simply add
&quot;category&quot; to that list and it all should work.</p>
</div>
</div>
<div class="section">
<h3><a class="toc-backref" href="#id58" id="adding-a-time-log-to-your-issues" name="adding-a-time-log-to-your-issues">Adding a time log to your issues</a></h3>
<p>We want to log the dates and amount of time spent working on issues, and
be able to give a summary of the total time spent on a particular issue.</p>
<ol class="arabic">
<li><p class="first">Add a new class to your tracker <tt class="docutils literal"><span class="pre">schema.py</span></tt>:</p>
<pre class="literal-block">
# storage for time logging
timelog = Class(db, &quot;timelog&quot;, period=Interval())
</pre>
<p>Note that we automatically get the date of the time log entry
creation through the standard property &quot;creation&quot;.</p>
<p>You will need to grant &quot;Creation&quot; permission to the users who are
allowed to add timelog entries. You may do this with:</p>
<pre class="literal-block">
db.security.addPermissionToRole('User', 'Create', 'timelog')
db.security.addPermissionToRole('User', 'View', 'timelog')
</pre>
<p>If users are also able to <em>edit</em> timelog entries, then also include:</p>
<pre class="literal-block">
db.security.addPermissionToRole('User', 'Edit', 'timelog')
</pre>
</li>
<li><p class="first">Link to the new class from your issue class (again, in
<tt class="docutils literal"><span class="pre">schema.py</span></tt>):</p>
<pre class="literal-block">
issue = IssueClass(db, &quot;issue&quot;,
                assignedto=Link(&quot;user&quot;), topic=Multilink(&quot;keyword&quot;),
                priority=Link(&quot;priority&quot;), status=Link(&quot;status&quot;),
                times=Multilink(&quot;timelog&quot;))
</pre>
<p>the &quot;times&quot; property is the new link to the &quot;timelog&quot; class.</p>
</li>
<li><p class="first">We'll need to let people add in times to the issue, so in the web
interface we'll have a new entry field. This is a special field
because unlike the other fields in the <tt class="docutils literal"><span class="pre">issue.item</span></tt> template, it
affects a different item (a timelog item) and not the template's
item (an issue). We have a special syntax for form fields that affect
items other than the template default item (see the cgi
documentation on <a class="reference" href="#special-form-variables">special form variables</a>). In particular, we add a
field to capture a new timelog item's period:</p>
<pre class="literal-block">
&lt;tr&gt;
 &lt;th&gt;Time Log&lt;/th&gt;
 &lt;td colspan=3&gt;&lt;input type=&quot;text&quot; name=&quot;timelog-1&#64;period&quot; /&gt;
  &lt;br /&gt;(enter as '3y 1m 4d 2:40:02' or parts thereof)
 &lt;/td&gt;
&lt;/tr&gt;
</pre>
<p>and another hidden field that links that new timelog item (new
because it's marked as having id &quot;-1&quot;) to the issue item. It looks
like this:</p>
<pre class="literal-block">
&lt;input type=&quot;hidden&quot; name=&quot;&#64;link&#64;times&quot; value=&quot;timelog-1&quot; /&gt;
</pre>
<p>On submission, the &quot;-1&quot; timelog item will be created and assigned a
real item id. The &quot;times&quot; property of the issue will have the new id
added to it.</p>
</li>
<li><p class="first">We want to display a total of the timelog times that have been
accumulated for an issue. To do this, we'll need to actually write
some Python code, since it's beyond the scope of PageTemplates to
perform such calculations. We do this by adding a module <tt class="docutils literal"><span class="pre">timespent.py</span></tt>
to the <tt class="docutils literal"><span class="pre">extensions</span></tt> directory in our tracker. The contents of this
file is as follows:</p>
<pre class="literal-block">
from roundup import date

def totalTimeSpent(times):
    ''' Call me with a list of timelog items (which have an
        Interval &quot;period&quot; property)
    '''
    total = date.Interval('0d')
    for time in times:
        total += time.period._value
    return total

def init(instance):
    instance.registerUtil('totalTimeSpent', totalTimeSpent)
</pre>
<p>We will now be able to access the <tt class="docutils literal"><span class="pre">totalTimeSpent</span></tt> function via the
<tt class="docutils literal"><span class="pre">utils</span></tt> variable in our templates, as shown in the next step.</p>
</li>
<li><p class="first">Display the timelog for an issue:</p>
<pre class="literal-block">
&lt;table class=&quot;otherinfo&quot; tal:condition=&quot;context/times&quot;&gt;
 &lt;tr&gt;&lt;th colspan=&quot;3&quot; class=&quot;header&quot;&gt;Time Log
  &lt;tal:block
       tal:replace=&quot;python:utils.totalTimeSpent(context.times)&quot; /&gt;
 &lt;/th&gt;&lt;/tr&gt;
 &lt;tr&gt;&lt;th&gt;Date&lt;/th&gt;&lt;th&gt;Period&lt;/th&gt;&lt;th&gt;Logged By&lt;/th&gt;&lt;/tr&gt;
 &lt;tr tal:repeat=&quot;time context/times&quot;&gt;
  &lt;td tal:content=&quot;time/creation&quot;&gt;&lt;/td&gt;
  &lt;td tal:content=&quot;time/period&quot;&gt;&lt;/td&gt;
  &lt;td tal:content=&quot;time/creator&quot;&gt;&lt;/td&gt;
 &lt;/tr&gt;
&lt;/table&gt;
</pre>
<p>I put this just above the Messages log in my issue display. Note our
use of the <tt class="docutils literal"><span class="pre">totalTimeSpent</span></tt> method which will total up the times
for the issue and return a new Interval. That will be automatically
displayed in the template as text like &quot;+ 1y 2:40&quot; (1 year, 2 hours
and 40 minutes).</p>
</li>
</ol>
<ol class="arabic simple" start="8">
<li>If you're using a persistent web server - <tt class="docutils literal"><span class="pre">roundup-server</span></tt> or
<tt class="docutils literal"><span class="pre">mod_python</span></tt> for example - then you'll need to restart that to pick up
the code changes. When that's done, you'll be able to use the new
time logging interface.</li>
</ol>
<p>An extension of this modification attaches the timelog entries to any
change message entered at the time of the timelog entry:</p>
<ol class="arabic">
<li><p class="first">Add a link to the timelog to the msg class:</p>
<blockquote>
<dl class="docutils">
<dt>msg = FileClass(db, &quot;msg&quot;,</dt>
<dd><p class="first last">author=Link(&quot;user&quot;, do_journal='no'),
recipients=Multilink(&quot;user&quot;, do_journal='no'),
date=Date(),
summary=String(),
files=Multilink(&quot;file&quot;),
messageid=String(),
inreplyto=String()
times=Multilink(&quot;timelog&quot;))</p>
</dd>
</dl>
</blockquote>
</li>
<li><p class="first">Add a new hidden field that links that new timelog item (new
because it's marked as having id &quot;-1&quot;) to the new message.
It looks like this:</p>
<pre class="literal-block">
&lt;input type=&quot;hidden&quot; name=&quot;msg-1&#64;link&#64;times&quot; value=&quot;timelog-1&quot; /&gt;
</pre>
<p>The &quot;times&quot; property of the message will have the new id added to it.</p>
</li>
<li><p class="first">Add the timelog listing from step 5. to the <tt class="docutils literal"><span class="pre">msg.item.html</span></tt> template
so that the timelog entry appears on the message view page.</p>
</li>
</ol>
</div>
<div class="section">
<h3><a class="toc-backref" href="#id59" id="tracking-different-types-of-issues" name="tracking-different-types-of-issues">Tracking different types of issues</a></h3>
<p>Sometimes you will want to track different types of issues - developer,
customer support, systems, sales leads, etc. A single Roundup tracker is
able to support multiple types of issues. This example demonstrates adding
a system support issue class to a tracker.</p>
<ol class="arabic">
<li><p class="first">Figure out what information you're going to want to capture. OK, so
this is obvious, but sometimes it's better to actually sit down for a
while and think about the schema you're going to implement.</p>
</li>
<li><p class="first">Add the new issue class to your tracker's <tt class="docutils literal"><span class="pre">schema.py</span></tt>. Just after the
&quot;issue&quot; class definition, add:</p>
<pre class="literal-block">
# list our systems
system = Class(db, &quot;system&quot;, name=String(), order=Number())
system.setkey(&quot;name&quot;)

# store issues related to those systems
support = IssueClass(db, &quot;support&quot;,
                assignedto=Link(&quot;user&quot;), topic=Multilink(&quot;keyword&quot;),
                status=Link(&quot;status&quot;), deadline=Date(),
                affects=Multilink(&quot;system&quot;))
</pre>
</li>
<li><p class="first">Copy the existing <tt class="docutils literal"><span class="pre">issue.*</span></tt> (item, search and index) templates in the
tracker's <tt class="docutils literal"><span class="pre">html</span></tt> to <tt class="docutils literal"><span class="pre">support.*</span></tt>. Edit them so they use the properties
defined in the <tt class="docutils literal"><span class="pre">support</span></tt> class. Be sure to check for hidden form
variables like &quot;required&quot; to make sure they have the correct set of
required properties.</p>
</li>
<li><p class="first">Edit the modules in the <tt class="docutils literal"><span class="pre">detectors</span></tt>, adding lines to their <tt class="docutils literal"><span class="pre">init</span></tt>
functions where appropriate. Look for <tt class="docutils literal"><span class="pre">audit</span></tt> and <tt class="docutils literal"><span class="pre">react</span></tt> registrations
on the <tt class="docutils literal"><span class="pre">issue</span></tt> class, and duplicate them for <tt class="docutils literal"><span class="pre">support</span></tt>.</p>
</li>
<li><p class="first">Create a new sidebar box for the new support class. Duplicate the
existing issues one, changing the <tt class="docutils literal"><span class="pre">issue</span></tt> class name to <tt class="docutils literal"><span class="pre">support</span></tt>.</p>
</li>
<li><p class="first">Re-start your tracker and start using the new <tt class="docutils literal"><span class="pre">support</span></tt> class.</p>
</li>
</ol>
<p>Optionally, you might want to restrict the users able to access this new
class to just the users with a new &quot;SysAdmin&quot; Role. To do this, we add
some security declarations:</p>
<pre class="literal-block">
db.security.addPermissionToRole('SysAdmin', 'View', 'support')
db.security.addPermissionToRole('SysAdmin', 'Create', 'support')
db.security.addPermissionToRole('SysAdmin', 'Edit', 'support')
</pre>
<p>You would then (as an &quot;admin&quot; user) edit the details of the appropriate
users, and add &quot;SysAdmin&quot; to their Roles list.</p>
<p>Alternatively, you might want to change the Edit/View permissions granted
for the <tt class="docutils literal"><span class="pre">issue</span></tt> class so that it's only available to users with the &quot;System&quot;
or &quot;Developer&quot; Role, and then the new class you're adding is available to
all with the &quot;User&quot; Role.</p>
</div>
</div>
<div class="section">
<h2><a class="toc-backref" href="#id60" id="using-external-user-databases" name="using-external-user-databases">Using External User Databases</a></h2>
<div class="section">
<h3><a class="toc-backref" href="#id61" id="using-an-external-password-validation-source" name="using-an-external-password-validation-source">Using an external password validation source</a></h3>
<div class="note">
<p class="first admonition-title">Note</p>
<p class="last">You will need to either have an &quot;admin&quot; user in your external
password source <em>or</em> have one of your regular users have
the Admin Role assigned. If you need to assign the Role <em>after</em>
making the changes below, you may use the <tt class="docutils literal"><span class="pre">roundup-admin</span></tt>
program to edit a user's details.</p>
</div>
<p>We have a centrally-managed password changing system for our users. This
results in a UN*X passwd-style file that we use for verification of
users. Entries in the file consist of <tt class="docutils literal"><span class="pre">name:password</span></tt> where the
password is encrypted using the standard UN*X <tt class="docutils literal"><span class="pre">crypt()</span></tt> function (see
the <tt class="docutils literal"><span class="pre">crypt</span></tt> module in your Python distribution). An example entry
would be:</p>
<pre class="literal-block">
admin:aamrgyQfDFSHw
</pre>
<p>Each user of Roundup must still have their information stored in the Roundup
database - we just use the passwd file to check their password. To do this, we
need to override the standard <tt class="docutils literal"><span class="pre">verifyPassword</span></tt> method defined in
<tt class="docutils literal"><span class="pre">roundup.cgi.actions.LoginAction</span></tt> and register the new class. The
following is added as <tt class="docutils literal"><span class="pre">externalpassword.py</span></tt> in the tracker <tt class="docutils literal"><span class="pre">extensions</span></tt>
directory:</p>
<pre class="literal-block">
import os, crypt
from roundup.cgi.actions import LoginAction

class ExternalPasswordLoginAction(LoginAction):
    def verifyPassword(self, userid, password):
        '''Look through the file, line by line, looking for a
        name that matches.
        '''
        # get the user's username
        username = self.db.user.get(userid, 'username')

        # the passwords are stored in the &quot;passwd.txt&quot; file in the
        # tracker home
        file = os.path.join(self.db.config.TRACKER_HOME, 'passwd.txt')

        # see if we can find a match
        for ent in [line.strip().split(':') for line in
                                            open(file).readlines()]:
            if ent[0] == username:
                return crypt.crypt(password, ent[1][:2]) == ent[1]

        # user doesn't exist in the file
        return 0

def init(instance):
    instance.registerAction('login', ExternalPasswordLoginAction)
</pre>
<p>You should also remove the redundant password fields from the <tt class="docutils literal"><span class="pre">user.item</span></tt>
template.</p>
</div>
<div class="section">
<h3><a class="toc-backref" href="#id62" id="using-a-un-x-passwd-file-as-the-user-database" name="using-a-un-x-passwd-file-as-the-user-database">Using a UN*X passwd file as the user database</a></h3>
<p>On some systems the primary store of users is the UN*X passwd file. It
holds information on users such as their username, real name, password
and primary user group.</p>
<p>Roundup can use this store as its primary source of user information,
but it needs additional information too - email address(es), roundup
Roles, vacation flags, roundup hyperdb item ids, etc. Also, &quot;retired&quot;
users must still exist in the user database, unlike some passwd files in
which the users are removed when they no longer have access to a system.</p>
<p>To make use of the passwd file, we therefore synchronise between the two
user stores. We also use the passwd file to validate the user logins, as
described in the previous example, <a class="reference" href="#using-an-external-password-validation-source">using an external password
validation source</a>. We keep the user lists in sync using a fairly
simple script that runs once a day, or several times an hour if more
immediate access is needed. In short, it:</p>
<ol class="arabic simple">
<li>parses the passwd file, finding usernames, passwords and real names,</li>
<li>compares that list to the current roundup user list:<ol class="loweralpha">
<li>entries no longer in the passwd file are <em>retired</em></li>
<li>entries with mismatching real names are <em>updated</em></li>
<li>entries only exist in the passwd file are <em>created</em></li>
</ol>
</li>
<li>send an email to administrators to let them know what's been done.</li>
</ol>
<p>The retiring and updating are simple operations, requiring only a call
to <tt class="docutils literal"><span class="pre">retire()</span></tt> or <tt class="docutils literal"><span class="pre">set()</span></tt>. The creation operation requires more
information though - the user's email address and their Roundup Roles.
We're going to assume that the user's email address is the same as their
login name, so we just append the domain name to that. The Roles are
determined using the passwd group identifier - mapping their UN*X group
to an appropriate set of Roles.</p>
<p>The script to perform all this, broken up into its main components, is
as follows. Firstly, we import the necessary modules and open the
tracker we're to work on:</p>
<pre class="literal-block">
import sys, os, smtplib
from roundup import instance, date

# open the tracker
tracker_home = sys.argv[1]
tracker = instance.open(tracker_home)
</pre>
<p>Next we read in the <em>passwd</em> file from the tracker home:</p>
<pre class="literal-block">
# read in the users from the &quot;passwd.txt&quot; file
file = os.path.join(tracker_home, 'passwd.txt')
users = [x.strip().split(':') for x in open(file).readlines()]
</pre>
<p>Handle special users (those to ignore in the file, and those who don't
appear in the file):</p>
<pre class="literal-block">
# users to not keep ever, pre-load with the users I know aren't
# &quot;real&quot; users
ignore = ['ekmmon', 'bfast', 'csrmail']

# users to keep - pre-load with the roundup-specific users
keep = ['comment_pool', 'network_pool', 'admin', 'dev-team',
        'cs_pool', 'anonymous', 'system_pool', 'automated']
</pre>
<p>Now we map the UN*X group numbers to the Roles that users should have:</p>
<pre class="literal-block">
roles = {
 '501': 'User,Tech',  # tech
 '502': 'User',       # finance
 '503': 'User,CSR',   # customer service reps
 '504': 'User',       # sales
 '505': 'User',       # marketing
}
</pre>
<p>Now we do all the work. Note that the body of the script (where we have
the tracker database open) is wrapped in a <tt class="docutils literal"><span class="pre">try</span></tt> / <tt class="docutils literal"><span class="pre">finally</span></tt> clause,
so that we always close the database cleanly when we're finished. So, we
now do all the work:</p>
<pre class="literal-block">
# open the database
db = tracker.open('admin')
try:
    # store away messages to send to the tracker admins
    msg = []

    # loop over the users list read in from the passwd file
    for user,passw,uid,gid,real,home,shell in users:
        if user in ignore:
            # this user shouldn't appear in our tracker
            continue
        keep.append(user)
        try:
            # see if the user exists in the tracker
            uid = db.user.lookup(user)

            # yes, they do - now check the real name for correctness
            if real != db.user.get(uid, 'realname'):
                db.user.set(uid, realname=real)
                msg.append('FIX %s - %s'%(user, real))
        except KeyError:
            # nope, the user doesn't exist
            db.user.create(username=user, realname=real,
                address='%s&#64;ekit-inc.com'%user, roles=roles[gid])
            msg.append('ADD %s - %s (%s)'%(user, real, roles[gid]))

    # now check that all the users in the tracker are also in our
    # &quot;keep&quot; list - retire those who aren't
    for uid in db.user.list():
        user = db.user.get(uid, 'username')
        if user not in keep:
            db.user.retire(uid)
            msg.append('RET %s'%user)

    # if we did work, then send email to the tracker admins
    if msg:
        # create the email
        msg = '''Subject: %s user database maintenance

        %s
        '''%(db.config.TRACKER_NAME, '\n'.join(msg))

        # send the email
        smtp = smtplib.SMTP(db.config.MAILHOST)
        addr = db.config.ADMIN_EMAIL
        smtp.sendmail(addr, addr, msg)

    # now we're done - commit the changes
    db.commit()
finally:
    # always close the database cleanly
    db.close()
</pre>
<p>And that's it!</p>
</div>
<div class="section">
<h3><a class="toc-backref" href="#id63" id="using-an-ldap-database-for-user-information" name="using-an-ldap-database-for-user-information">Using an LDAP database for user information</a></h3>
<p>A script that reads users from an LDAP store using
<a class="reference" href="http://python-ldap.sf.net/">http://python-ldap.sf.net/</a> and then compares the list to the users in the
roundup user database would be pretty easy to write. You'd then have it run
once an hour / day (or on demand if you can work that into your LDAP store
workflow). See the example <a class="reference" href="#using-a-un-x-passwd-file-as-the-user-database">Using a UN*X passwd file as the user database</a>
for more information about doing this.</p>
<p>To authenticate off the LDAP store (rather than using the passwords in the
Roundup user database) you'd use the same python-ldap module inside an
extension to the cgi interface. You'd do this by overriding the method called
<tt class="docutils literal"><span class="pre">verifyPassword</span></tt> on the <tt class="docutils literal"><span class="pre">LoginAction</span></tt> class in your tracker's
<tt class="docutils literal"><span class="pre">extensions</span></tt> directory (see <a class="reference" href="#using-an-external-password-validation-source">using an external password validation
source</a>). The method is implemented by default as:</p>
<pre class="literal-block">
def verifyPassword(self, userid, password):
    ''' Verify the password that the user has supplied
    '''
    stored = self.db.user.get(self.userid, 'password')
    if password == stored:
        return 1
    if not password and not stored:
        return 1
    return 0
</pre>
<p>So you could reimplement this as something like:</p>
<pre class="literal-block">
def verifyPassword(self, userid, password):
    ''' Verify the password that the user has supplied
    '''
    # look up some unique LDAP information about the user
    username = self.db.user.get(self.userid, 'username')
    # now verify the password supplied against the LDAP store
</pre>
</div>
</div>
<div class="section">
<h2><a class="toc-backref" href="#id64" id="changes-to-tracker-behaviour" name="changes-to-tracker-behaviour">Changes to Tracker Behaviour</a></h2>
<div class="section">
<h3><a class="toc-backref" href="#id65" id="stop-nosy-messages-going-to-people-on-vacation" name="stop-nosy-messages-going-to-people-on-vacation">Stop &quot;nosy&quot; messages going to people on vacation</a></h3>
<p>When users go on vacation and set up vacation email bouncing, you'll
start to see a lot of messages come back through Roundup &quot;Fred is on
vacation&quot;. Not very useful, and relatively easy to stop.</p>
<ol class="arabic">
<li><p class="first">add a &quot;vacation&quot; flag to your users:</p>
<pre class="literal-block">
user = Class(db, &quot;user&quot;,
           username=String(),   password=Password(),
           address=String(),    realname=String(),
           phone=String(),      organisation=String(),
           alternate_addresses=String(),
           roles=String(), queries=Multilink(&quot;query&quot;),
           vacation=Boolean())
</pre>
</li>
<li><p class="first">So that users may edit the vacation flags, add something like the
following to your <tt class="docutils literal"><span class="pre">user.item</span></tt> template:</p>
<pre class="literal-block">
&lt;tr&gt;
 &lt;th&gt;On Vacation&lt;/th&gt;
 &lt;td tal:content=&quot;structure context/vacation/field&quot;&gt;vacation&lt;/td&gt;
&lt;/tr&gt;
</pre>
</li>
<li><p class="first">edit your detector <tt class="docutils literal"><span class="pre">nosyreactor.py</span></tt> so that the <tt class="docutils literal"><span class="pre">nosyreaction()</span></tt>
consists of:</p>
<pre class="literal-block">
def nosyreaction(db, cl, nodeid, oldvalues):
    users = db.user
    messages = db.msg
    # send a copy of all new messages to the nosy list
    for msgid in determineNewMessages(cl, nodeid, oldvalues):
        try:
            # figure the recipient ids
            sendto = []
            seen_message = {}
            recipients = messages.get(msgid, 'recipients')
            for recipid in messages.get(msgid, 'recipients'):
                seen_message[recipid] = 1

            # figure the author's id, and indicate they've received
            # the message
            authid = messages.get(msgid, 'author')

            # possibly send the message to the author, as long as
            # they aren't anonymous
            if (db.config.MESSAGES_TO_AUTHOR == 'yes' and
                    users.get(authid, 'username') != 'anonymous'):
                sendto.append(authid)
            seen_message[authid] = 1

            # now figure the nosy people who weren't recipients
            nosy = cl.get(nodeid, 'nosy')
            for nosyid in nosy:
                # Don't send nosy mail to the anonymous user (that
                # user shouldn't appear in the nosy list, but just
                # in case they do...)
                if users.get(nosyid, 'username') == 'anonymous':
                    continue
                # make sure they haven't seen the message already
                if not seen_message.has_key(nosyid):
                    # send it to them
                    sendto.append(nosyid)
                    recipients.append(nosyid)

            # generate a change note
            if oldvalues:
                note = cl.generateChangeNote(nodeid, oldvalues)
            else:
                note = cl.generateCreateNote(nodeid)

            # we have new recipients
            if sendto:
                # filter out the people on vacation
                sendto = [i for i in sendto
                          if not users.get(i, 'vacation', 0)]

                # map userids to addresses
                sendto = [users.get(i, 'address') for i in sendto]

                # update the message's recipients list
                messages.set(msgid, recipients=recipients)

                # send the message
                cl.send_message(nodeid, msgid, note, sendto)
        except roundupdb.MessageSendError, message:
            raise roundupdb.DetectorError, message
</pre>
<p>Note that this is the standard nosy reaction code, with the small
addition of:</p>
<pre class="literal-block">
# filter out the people on vacation
sendto = [i for i in sendto if not users.get(i, 'vacation', 0)]
</pre>
<p>which filters out the users that have the vacation flag set to true.</p>
</li>
</ol>
</div>
<div class="section">
<h3><a class="toc-backref" href="#id66" id="adding-in-state-transition-control" name="adding-in-state-transition-control">Adding in state transition control</a></h3>
<p>Sometimes tracker admins want to control the states to which users may
move issues. You can do this by following these steps:</p>
<ol class="arabic">
<li><p class="first">make &quot;status&quot; a required variable. This is achieved by adding the
following to the top of the form in the <tt class="docutils literal"><span class="pre">issue.item.html</span></tt>
template:</p>
<pre class="literal-block">
&lt;input type=&quot;hidden&quot; name=&quot;&#64;required&quot; value=&quot;status&quot;&gt;
</pre>
<p>This will force users to select a status.</p>
</li>
<li><p class="first">add a Multilink property to the status class:</p>
<pre class="literal-block">
stat = Class(db, &quot;status&quot;, ... , transitions=Multilink('status'),
             ...)
</pre>
<p>and then edit the statuses already created, either:</p>
<ol class="loweralpha simple">
<li>through the web using the class list -&gt; status class editor, or</li>
<li>using the <tt class="docutils literal"><span class="pre">roundup-admin</span></tt> &quot;set&quot; command.</li>
</ol>
</li>
<li><p class="first">add an auditor module <tt class="docutils literal"><span class="pre">checktransition.py</span></tt> in your tracker's
<tt class="docutils literal"><span class="pre">detectors</span></tt> directory, for example:</p>
<pre class="literal-block">
def checktransition(db, cl, nodeid, newvalues):
    ''' Check that the desired transition is valid for the &quot;status&quot;
        property.
    '''
    if not newvalues.has_key('status'):
        return
    current = cl.get(nodeid, 'status')
    new = newvalues['status']
    if new == current:
        return
    ok = db.status.get(current, 'transitions')
    if new not in ok:
        raise ValueError, 'Status not allowed to move from &quot;%s&quot; to &quot;%s&quot;'%(
            db.status.get(current, 'name'), db.status.get(new, 'name'))

def init(db):
    db.issue.audit('set', checktransition)
</pre>
</li>
<li><p class="first">in the <tt class="docutils literal"><span class="pre">issue.item.html</span></tt> template, change the status editing bit
from:</p>
<pre class="literal-block">
&lt;th&gt;Status&lt;/th&gt;
&lt;td tal:content=&quot;structure context/status/menu&quot;&gt;status&lt;/td&gt;
</pre>
<p>to:</p>
<pre class="literal-block">
&lt;th&gt;Status&lt;/th&gt;
&lt;td&gt;
 &lt;select tal:condition=&quot;context/id&quot; name=&quot;status&quot;&gt;
  &lt;tal:block tal:define=&quot;ok context/status/transitions&quot;
             tal:repeat=&quot;state db/status/list&quot;&gt;
   &lt;option tal:condition=&quot;python:state.id in ok&quot;
           tal:attributes=&quot;
                value state/id;
                selected python:state.id == context.status.id&quot;
           tal:content=&quot;state/name&quot;&gt;&lt;/option&gt;
  &lt;/tal:block&gt;
 &lt;/select&gt;
 &lt;tal:block tal:condition=&quot;not:context/id&quot;
            tal:replace=&quot;structure context/status/menu&quot; /&gt;
&lt;/td&gt;
</pre>
<p>which displays only the allowed status to transition to.</p>
</li>
</ol>
</div>
<div class="section">
<h3><a class="toc-backref" href="#id67" id="blocking-issues-that-depend-on-other-issues" name="blocking-issues-that-depend-on-other-issues">Blocking issues that depend on other issues</a></h3>
<p>We needed the ability to mark certain issues as &quot;blockers&quot; - that is,
they can't be resolved until another issue (the blocker) they rely on is
resolved. To achieve this:</p>
<ol class="arabic">
<li><p class="first">Create a new property on the <tt class="docutils literal"><span class="pre">issue</span></tt> class:
<tt class="docutils literal"><span class="pre">blockers=Multilink(&quot;issue&quot;)</span></tt>. To do this, edit the definition of
this class in your tracker's <tt class="docutils literal"><span class="pre">schema.py</span></tt> file. Change this:</p>
<pre class="literal-block">
issue = IssueClass(db, &quot;issue&quot;,
                assignedto=Link(&quot;user&quot;), topic=Multilink(&quot;keyword&quot;),
                priority=Link(&quot;priority&quot;), status=Link(&quot;status&quot;))
</pre>
<p>to this, adding the blockers entry:</p>
<pre class="literal-block">
issue = IssueClass(db, &quot;issue&quot;,
                blockers=Multilink(&quot;issue&quot;),
                assignedto=Link(&quot;user&quot;), topic=Multilink(&quot;keyword&quot;),
                priority=Link(&quot;priority&quot;), status=Link(&quot;status&quot;))
</pre>
</li>
<li><p class="first">Add the new <tt class="docutils literal"><span class="pre">blockers</span></tt> property to the <tt class="docutils literal"><span class="pre">issue.item.html</span></tt> edit
page, using something like:</p>
<pre class="literal-block">
&lt;th&gt;Waiting On&lt;/th&gt;
&lt;td&gt;
 &lt;span tal:replace=&quot;structure python:context.blockers.field(showid=1,
                              size=20)&quot; /&gt;
 &lt;span tal:replace=&quot;structure python:db.issue.classhelp('id,title')&quot; /&gt;
 &lt;span tal:condition=&quot;context/blockers&quot;
       tal:repeat=&quot;blk context/blockers&quot;&gt;
  &lt;br&gt;View: &lt;a tal:attributes=&quot;href string:issue${blk/id}&quot;
               tal:content=&quot;blk/id&quot;&gt;&lt;/a&gt;
 &lt;/span&gt;
</pre>
<p>You'll need to fiddle with your item page layout to find an
appropriate place to put it - I'll leave that fun part up to you.
Just make sure it appears in the first table, possibly somewhere near
the &quot;superseders&quot; field.</p>
</li>
<li><p class="first">Create a new detector module (see below) which enforces the rules:</p>
<ul class="simple">
<li>issues may not be resolved if they have blockers</li>
<li>when a blocker is resolved, it's removed from issues it blocks</li>
</ul>
<p>The contents of the detector should be something like this:</p>
<pre class="literal-block">
def blockresolution(db, cl, nodeid, newvalues):
    ''' If the issue has blockers, don't allow it to be resolved.
    '''
    if nodeid is None:
        blockers = []
    else:
        blockers = cl.get(nodeid, 'blockers')
    blockers = newvalues.get('blockers', blockers)

    # don't do anything if there's no blockers or the status hasn't
    # changed
    if not blockers or not newvalues.has_key('status'):
        return

    # get the resolved state ID
    resolved_id = db.status.lookup('resolved')

    # format the info
    u = db.config.TRACKER_WEB
    s = ', '.join(['&lt;a href=&quot;%sissue%s&quot;&gt;%s&lt;/a&gt;'%(
                    u,id,id) for id in blockers])
    if len(blockers) == 1:
        s = 'issue %s is'%s
    else:
        s = 'issues %s are'%s

    # ok, see if we're trying to resolve
    if newvalues['status'] == resolved_id:
        raise ValueError, &quot;This issue can't be resolved until %s resolved.&quot;%s


def resolveblockers(db, cl, nodeid, oldvalues):
    ''' When we resolve an issue that's a blocker, remove it from the
        blockers list of the issue(s) it blocks.
    '''
    newstatus = cl.get(nodeid,'status')

    # no change?
    if oldvalues.get('status', None) == newstatus:
        return

    resolved_id = db.status.lookup('resolved')

    # interesting?
    if newstatus != resolved_id:
        return

    # yes - find all the blocked issues, if any, and remove me from
    # their blockers list
    issues = cl.find(blockers=nodeid)
    for issueid in issues:
        blockers = cl.get(issueid, 'blockers')
        if nodeid in blockers:
            blockers.remove(nodeid)
            cl.set(issueid, blockers=blockers)

def init(db):
    # might, in an obscure situation, happen in a create
    db.issue.audit('create', blockresolution)
    db.issue.audit('set', blockresolution)

    # can only happen on a set
    db.issue.react('set', resolveblockers)
</pre>
<p>Put the above code in a file called &quot;blockers.py&quot; in your tracker's
&quot;detectors&quot; directory.</p>
</li>
<li><p class="first">Finally, and this is an optional step, modify the tracker web page
URLs so they filter out issues with any blockers. You do this by
adding an additional filter on &quot;blockers&quot; for the value &quot;-1&quot;. For
example, the existing &quot;Show All&quot; link in the &quot;page&quot; template (in the
tracker's &quot;html&quot; directory) looks like this:</p>
<pre class="literal-block">
&lt;a href=&quot;issue?&#64;sort=-activity&amp;&#64;group=priority&amp;&#64;filter=status&amp;
   &#64;columns=id,activity,title,creator,assignedto,status&amp;
   status=-1,1,2,3,4,5,6,7&quot;&gt;Show All&lt;/a&gt;&lt;br&gt;
</pre>
<p>modify it to add the &quot;blockers&quot; info to the URL (note, both the
&quot;&#64;filter&quot; <em>and</em> &quot;blockers&quot; values must be specified):</p>
<pre class="literal-block">
&lt;a href=&quot;issue?&#64;sort=-activity&amp;&#64;group=priority&amp;&#64;filter=status,blockers&amp;
   blockers=-1&amp;&#64;columns=id,activity,title,creator,assignedto,status&amp;
   status=-1,1,2,3,4,5,6,7&quot;&gt;Show All&lt;/a&gt;&lt;br&gt;
</pre>
<p>The above examples are line-wrapped on the trailing &amp; and should
be unwrapped.</p>
</li>
</ol>
<p>That's it. You should now be able to set blockers on your issues. Note
that if you want to know whether an issue has any other issues dependent
on it (i.e. it's in their blockers list) you can look at the journal
history at the bottom of the issue page - look for a &quot;link&quot; event to
another issue's &quot;blockers&quot; property.</p>
</div>
<div class="section">
<h3><a class="toc-backref" href="#id68" id="add-users-to-the-nosy-list-based-on-the-topic" name="add-users-to-the-nosy-list-based-on-the-topic">Add users to the nosy list based on the topic</a></h3>
<p>Let's say we need the ability to automatically add users to the nosy
list based
on the occurance of a topic. Every user should be allowed to edit their
own list of topics for which they want to be added to the nosy list.</p>
<p>Below, we'll show that this change can be done with minimal
understanding of the Roundup system, using only copy and paste.</p>
<p>This requires three changes to the tracker: a change in the database to
allow per-user recording of the lists of topics for which he wants to
be put on the nosy list, a change in the user view allowing them to edit
this list of topics, and addition of an auditor which updates the nosy
list when a topic is set.</p>
<div class="section">
<h4><a id="adding-the-nosy-topic-list" name="adding-the-nosy-topic-list">Adding the nosy topic list</a></h4>
<p>The change to make in the database, is that for any user there should be
a list of topics for which he wants to be put on the nosy list. Adding
a <tt class="docutils literal"><span class="pre">Multilink</span></tt> of <tt class="docutils literal"><span class="pre">keyword</span></tt> seems to fullfill this (note that within
the code, topics are called <tt class="docutils literal"><span class="pre">keywords</span></tt>.) As such, all that has to be
done is to add a new field to the definition of <tt class="docutils literal"><span class="pre">user</span></tt> within the
file <tt class="docutils literal"><span class="pre">schema.py</span></tt>.  We will call this new field <tt class="docutils literal"><span class="pre">nosy_keywords</span></tt>, and
the updated definition of user will be:</p>
<pre class="literal-block">
user = Class(db, &quot;user&quot;,
                username=String(),   password=Password(),
                address=String(),    realname=String(),
                phone=String(),      organisation=String(),
                alternate_addresses=String(),
                queries=Multilink('query'), roles=String(),
                timezone=String(),
                nosy_keywords=Multilink('keyword'))
</pre>
</div>
<div class="section">
<h4><a id="changing-the-user-view-to-allow-changing-the-nosy-topic-list" name="changing-the-user-view-to-allow-changing-the-nosy-topic-list">Changing the user view to allow changing the nosy topic list</a></h4>
<p>We want any user to be able to change the list of topics for which
he will by default be added to the nosy list. We choose to add this
to the user view, as is generated by the file <tt class="docutils literal"><span class="pre">html/user.item.html</span></tt>.
We can easily
see that the topic field in the issue view has very similar editing
requirements as our nosy topics, both being lists of topics. As
such, we look for Topics in <tt class="docutils literal"><span class="pre">issue.item.html</span></tt>, and extract the
associated parts from there. We add this to <tt class="docutils literal"><span class="pre">user.item.html</span></tt> at the
bottom of the list of viewed items (i.e. just below the 'Alternate
E-mail addresses' in the classic template):</p>
<pre class="literal-block">
&lt;tr&gt;
 &lt;th&gt;Nosy Topics&lt;/th&gt;
 &lt;td&gt;
 &lt;span tal:replace=&quot;structure context/nosy_keywords/field&quot; /&gt;
 &lt;span tal:replace=&quot;structure python:db.keyword.classhelp(property='nosy_keywords')&quot; /&gt;
 &lt;/td&gt;
&lt;/tr&gt;
</pre>
</div>
<div class="section">
<h4><a id="addition-of-an-auditor-to-update-the-nosy-list" name="addition-of-an-auditor-to-update-the-nosy-list">Addition of an auditor to update the nosy list</a></h4>
<p>The more difficult part is the logic to add
the users to the nosy list when required.
We choose to perform this action whenever the topics on an
item are set (this includes the creation of items).
Here we choose to start out with a copy of the
<tt class="docutils literal"><span class="pre">detectors/nosyreaction.py</span></tt> detector, which we copy to the file
<tt class="docutils literal"><span class="pre">detectors/nosy_keyword_reaction.py</span></tt>.
This looks like a good start as it also adds users
to the nosy list. A look through the code reveals that the
<tt class="docutils literal"><span class="pre">nosyreaction</span></tt> function actually sends the e-mail.
We don't need this. Therefore, we can change the <tt class="docutils literal"><span class="pre">init</span></tt> function to:</p>
<pre class="literal-block">
def init(db):
    db.issue.audit('create', update_kw_nosy)
    db.issue.audit('set', update_kw_nosy)
</pre>
<p>After that, we rename the <tt class="docutils literal"><span class="pre">updatenosy</span></tt> function to <tt class="docutils literal"><span class="pre">update_kw_nosy</span></tt>.
The first two blocks of code in that function relate to setting
<tt class="docutils literal"><span class="pre">current</span></tt> to a combination of the old and new nosy lists. This
functionality is left in the new auditor. The following block of
code, which handled adding the assignedto user(s) to the nosy list in
<tt class="docutils literal"><span class="pre">updatenosy</span></tt>, should be replaced by a block of code to add the
interested users to the nosy list. We choose here to loop over all
new topics, than looping over all users,
and assign the user to the nosy list when the topic occurs in the user's
<tt class="docutils literal"><span class="pre">nosy_keywords</span></tt>. The next part in <tt class="docutils literal"><span class="pre">updatenosy</span></tt> -- adding the author
and/or recipients of a message to the nosy list -- is obviously not
relevant here and is thus deleted from the new auditor. The last
part, copying the new nosy list to <tt class="docutils literal"><span class="pre">newvalues</span></tt>, can stay as is.
This results in the following function:</p>
<pre class="literal-block">
def update_kw_nosy(db, cl, nodeid, newvalues):
    '''Update the nosy list for changes to the topics
    '''
    # nodeid will be None if this is a new node
    current = {}
    if nodeid is None:
        ok = ('new', 'yes')
    else:
        ok = ('yes',)
        # old node, get the current values from the node if they haven't
        # changed
        if not newvalues.has_key('nosy'):
            nosy = cl.get(nodeid, 'nosy')
            for value in nosy:
                if not current.has_key(value):
                    current[value] = 1

    # if the nosy list changed in this transaction, init from the new value
    if newvalues.has_key('nosy'):
        nosy = newvalues.get('nosy', [])
        for value in nosy:
            if not db.hasnode('user', value):
                continue
            if not current.has_key(value):
                current[value] = 1

    # add users with topic in nosy_keywords to the nosy list
    if newvalues.has_key('topic') and newvalues['topic'] is not None:
        topic_ids = newvalues['topic']
        for topic in topic_ids:
            # loop over all users,
            # and assign user to nosy when topic in nosy_keywords
            for user_id in db.user.list():
                nosy_kw = db.user.get(user_id, &quot;nosy_keywords&quot;)
                found = 0
                for kw in nosy_kw:
                    if kw == topic:
                        found = 1
                if found:
                    current[user_id] = 1

    # that's it, save off the new nosy list
    newvalues['nosy'] = current.keys()
</pre>
<p>These two function are the only ones needed in the file.</p>
<p>TODO: update this example to use the <tt class="docutils literal"><span class="pre">find()</span></tt> Class method.</p>
</div>
<div class="section">
<h4><a id="caveats" name="caveats">Caveats</a></h4>
<p>A few problems with the design here can be noted:</p>
<dl class="docutils">
<dt>Multiple additions</dt>
<dd><p class="first">When a user, after automatic selection, is manually removed
from the nosy list, he is added to the nosy list again when the
topic list of the issue is updated. A better design might be
to only check which topics are new compared to the old list
of topics, and only add users when they have indicated
interest on a new topic.</p>
<p class="last">The code could also be changed to only trigger on the <tt class="docutils literal"><span class="pre">create()</span></tt>
event, rather than also on the <tt class="docutils literal"><span class="pre">set()</span></tt> event, thus only setting
the nosy list when the issue is created.</p>
</dd>
<dt>Scalability</dt>
<dd>In the auditor, there is a loop over all users. For a site with
only few users this will pose no serious problem; however, with
many users this will be a serious performance bottleneck.
A way out would be to link from the topics to the users who
selected these topics as nosy topics. This will eliminate the
loop over all users.</dd>
</dl>
</div>
</div>
</div>
<div class="section">
<h2><a class="toc-backref" href="#id69" id="changes-to-security-and-permissions" name="changes-to-security-and-permissions">Changes to Security and Permissions</a></h2>
<div class="section">
<h3><a class="toc-backref" href="#id70" id="restricting-the-list-of-users-that-are-assignable-to-a-task" name="restricting-the-list-of-users-that-are-assignable-to-a-task">Restricting the list of users that are assignable to a task</a></h3>
<ol class="arabic">
<li><p class="first">In your tracker's <tt class="docutils literal"><span class="pre">schema.py</span></tt>, create a new Role, say &quot;Developer&quot;:</p>
<pre class="literal-block">
db.security.addRole(name='Developer', description='A developer')
</pre>
</li>
<li><p class="first">Just after that, create a new Permission, say &quot;Fixer&quot;, specific to
&quot;issue&quot;:</p>
<pre class="literal-block">
p = db.security.addPermission(name='Fixer', klass='issue',
    description='User is allowed to be assigned to fix issues')
</pre>
</li>
<li><p class="first">Then assign the new Permission to your &quot;Developer&quot; Role:</p>
<pre class="literal-block">
db.security.addPermissionToRole('Developer', p)
</pre>
</li>
<li><p class="first">In the issue item edit page (<tt class="docutils literal"><span class="pre">html/issue.item.html</span></tt> in your tracker
directory), use the new Permission in restricting the &quot;assignedto&quot;
list:</p>
<pre class="literal-block">
&lt;select name=&quot;assignedto&quot;&gt;
 &lt;option value=&quot;-1&quot;&gt;- no selection -&lt;/option&gt;
 &lt;tal:block tal:repeat=&quot;user db/user/list&quot;&gt;
 &lt;option tal:condition=&quot;python:user.hasPermission(
                            'Fixer', context._classname)&quot;
         tal:attributes=&quot;
            value user/id;
            selected python:user.id == context.assignedto&quot;
         tal:content=&quot;user/realname&quot;&gt;&lt;/option&gt;
 &lt;/tal:block&gt;
&lt;/select&gt;
</pre>
</li>
</ol>
<p>For extra security, you may wish to setup an auditor to enforce the
Permission requirement (install this as <tt class="docutils literal"><span class="pre">assignedtoFixer.py</span></tt> in your
tracker <tt class="docutils literal"><span class="pre">detectors</span></tt> directory):</p>
<pre class="literal-block">
def assignedtoMustBeFixer(db, cl, nodeid, newvalues):
    ''' Ensure the assignedto value in newvalues is used with the
        Fixer Permission
    '''
    if not newvalues.has_key('assignedto'):
        # don't care
        return

    # get the userid
    userid = newvalues['assignedto']
    if not db.security.hasPermission('Fixer', userid, cl.classname):
        raise ValueError, 'You do not have permission to edit %s'%cl.classname

def init(db):
    db.issue.audit('set', assignedtoMustBeFixer)
    db.issue.audit('create', assignedtoMustBeFixer)
</pre>
<p>So now, if an edit action attempts to set &quot;assignedto&quot; to a user that
doesn't have the &quot;Fixer&quot; Permission, the error will be raised.</p>
</div>
<div class="section">
<h3><a class="toc-backref" href="#id71" id="users-may-only-edit-their-issues" name="users-may-only-edit-their-issues">Users may only edit their issues</a></h3>
<p>In this case, users registering themselves are granted Provisional
access, meaning they
have access to edit the issues they submit, but not others. We create a new
Role called &quot;Provisional User&quot; which is granted to newly-registered users,
and has limited access. One of the Permissions they have is the new &quot;Edit
Own&quot; on issues (regular users have &quot;Edit&quot;.)</p>
<p>First up, we create the new Role and Permission structure in
<tt class="docutils literal"><span class="pre">schema.py</span></tt>:</p>
<pre class="literal-block">
#
# New users not approved by the admin
#
db.security.addRole(name='Provisional User',
    description='New user registered via web or email')

# These users need to be able to view and create issues but only edit
# and view their own
db.security.addPermissionToRole('Provisional User', 'Create', 'issue')
def own_issue(db, userid, itemid):
    '''Determine whether the userid matches the creator of the issue.'''
    return userid == db.issue.get(itemid, 'creator')
p = db.security.addPermission(name='Edit', klass='issue',
    check=own_issue, description='Can only edit own issues')
db.security.addPermissionToRole('Provisional User', p)
p = db.security.addPermission(name='View', klass='issue',
    check=own_issue, description='Can only view own issues')
db.security.addPermissionToRole('Provisional User', p)

# Assign the Permissions for issue-related classes
for cl in 'file', 'msg', 'query', 'keyword':
    db.security.addPermissionToRole('Provisional User', 'View', cl)
    db.security.addPermissionToRole('Provisional User', 'Edit', cl)
    db.security.addPermissionToRole('Provisional User', 'Create', cl)
for cl in 'priority', 'status':
    db.security.addPermissionToRole('Provisional User', 'View', cl)

# and give the new users access to the web and email interface
db.security.addPermissionToRole('Provisional User', 'Web Access')
db.security.addPermissionToRole('Provisional User', 'Email Access')

# make sure they can view &amp; edit their own user record
def own_record(db, userid, itemid):
    '''Determine whether the userid matches the item being accessed.'''
    return userid == itemid
p = db.security.addPermission(name='View', klass='user', check=own_record,
    description=&quot;User is allowed to view their own user details&quot;)
db.security.addPermissionToRole('Provisional User', p)
p = db.security.addPermission(name='Edit', klass='user', check=own_record,
    description=&quot;User is allowed to edit their own user details&quot;)
db.security.addPermissionToRole('Provisional User', p)
</pre>
<p>Then, in <tt class="docutils literal"><span class="pre">config.ini</span></tt>, we change the Role assigned to newly-registered
users, replacing the existing <tt class="docutils literal"><span class="pre">'User'</span></tt> values:</p>
<pre class="literal-block">
[main]
...
new_web_user_roles = 'Provisional User'
new_email_user_roles = 'Provisional User'
</pre>
</div>
<div class="section">
<h3><a class="toc-backref" href="#id72" id="all-users-may-only-view-and-edit-issues-files-and-messages-they-create" name="all-users-may-only-view-and-edit-issues-files-and-messages-they-create">All users may only view and edit issues, files and messages they create</a></h3>
<p>Replace the standard &quot;classic&quot; tracker View and Edit Permission assignments
for the &quot;issue&quot;, &quot;file&quot; and &quot;msg&quot; classes with the following:</p>
<pre class="literal-block">
def checker(klass):
    def check(db, userid, itemid, klass=klass):
        return db.getclass(klass).get(itemid, 'creator') == userid
    return check
for cl in 'issue', 'file', 'msg':
    p = db.security.addPermission(name='View', klass=cl,
        check=checker(cl))
    db.security.addPermissionToRole('User', p)
    p = db.security.addPermission(name='Edit', klass=cl,
        check=checker(cl))
    db.security.addPermissionToRole('User', p)
    db.security.addPermissionToRole('User', 'Create', cl)
</pre>
</div>
</div>
<div class="section">
<h2><a class="toc-backref" href="#id73" id="changes-to-the-web-user-interface" name="changes-to-the-web-user-interface">Changes to the Web User Interface</a></h2>
<div class="section">
<h3><a class="toc-backref" href="#id74" id="adding-action-links-to-the-index-page" name="adding-action-links-to-the-index-page">Adding action links to the index page</a></h3>
<p>Add a column to the <tt class="docutils literal"><span class="pre">item.index.html</span></tt> template.</p>
<p>Resolving the issue:</p>
<pre class="literal-block">
&lt;a tal:attributes=&quot;href
   string:issue${i/id}?:status=resolved&amp;:action=edit&quot;&gt;resolve&lt;/a&gt;
</pre>
<p>&quot;Take&quot; the issue:</p>
<pre class="literal-block">
&lt;a tal:attributes=&quot;href
   string:issue${i/id}?:assignedto=${request/user/id}&amp;:action=edit&quot;&gt;take&lt;/a&gt;
</pre>
<p>... and so on.</p>
</div>
<div class="section">
<h3><a class="toc-backref" href="#id75" id="colouring-the-rows-in-the-issue-index-according-to-priority" name="colouring-the-rows-in-the-issue-index-according-to-priority">Colouring the rows in the issue index according to priority</a></h3>
<p>A simple <tt class="docutils literal"><span class="pre">tal:attributes</span></tt> statement will do the bulk of the work here. In
the <tt class="docutils literal"><span class="pre">issue.index.html</span></tt> template, add this to the <tt class="docutils literal"><span class="pre">&lt;tr&gt;</span></tt> that
displays the rows of data:</p>
<pre class="literal-block">
&lt;tr tal:attributes=&quot;class string:priority-${i/priority/plain}&quot;&gt;
</pre>
<p>and then in your stylesheet (<tt class="docutils literal"><span class="pre">style.css</span></tt>) specify the colouring for the
different priorities, as follows:</p>
<pre class="literal-block">
tr.priority-critical td {
    background-color: red;
}

tr.priority-urgent td {
    background-color: orange;
}
</pre>
<p>and so on, with far less offensive colours :)</p>
</div>
<div class="section">
<h3><a class="toc-backref" href="#id76" id="editing-multiple-items-in-an-index-view" name="editing-multiple-items-in-an-index-view">Editing multiple items in an index view</a></h3>
<p>To edit the status of all items in the item index view, edit the
<tt class="docutils literal"><span class="pre">issue.item.html</span></tt>:</p>
<ol class="arabic">
<li><p class="first">add a form around the listing table (separate from the existing
index-page form), so at the top it reads:</p>
<pre class="literal-block">
&lt;form method=&quot;POST&quot; tal:attributes=&quot;action request/classname&quot;&gt;
 &lt;table class=&quot;list&quot;&gt;
</pre>
<p>and at the bottom of that table:</p>
<pre class="literal-block">
 &lt;/table&gt;
&lt;/form
</pre>
<p>making sure you match the <tt class="docutils literal"><span class="pre">&lt;/table&gt;</span></tt> from the list table, not the
navigation table or the subsequent form table.</p>
</li>
<li><p class="first">in the display for the issue property, change:</p>
<pre class="literal-block">
&lt;td tal:condition=&quot;request/show/status&quot;
    tal:content=&quot;python:i.status.plain() or default&quot;&gt;&amp;nbsp;&lt;/td&gt;
</pre>
<p>to:</p>
<pre class="literal-block">
&lt;td tal:condition=&quot;request/show/status&quot;
    tal:content=&quot;structure i/status/field&quot;&gt;&amp;nbsp;&lt;/td&gt;
</pre>
<p>this will result in an edit field for the status property.</p>
</li>
<li><p class="first">after the <tt class="docutils literal"><span class="pre">tal:block</span></tt> which lists the index items (marked by
<tt class="docutils literal"><span class="pre">tal:repeat=&quot;i</span> <span class="pre">batch&quot;</span></tt>) add a new table row:</p>
<pre class="literal-block">
&lt;tr&gt;
 &lt;td tal:attributes=&quot;colspan python:len(request.columns)&quot;&gt;
  &lt;input type=&quot;submit&quot; value=&quot; Save Changes &quot;&gt;
  &lt;input type=&quot;hidden&quot; name=&quot;&#64;action&quot; value=&quot;edit&quot;&gt;
  &lt;tal:block replace=&quot;structure request/indexargs_form&quot; /&gt;
 &lt;/td&gt;
&lt;/tr&gt;
</pre>
<p>which gives us a submit button, indicates that we are performing an edit
on any changed statuses. The final <tt class="docutils literal"><span class="pre">tal:block</span></tt> will make sure that the
current index view parameters (filtering, columns, etc) will be used in
rendering the next page (the results of the editing).</p>
</li>
</ol>
</div>
<div class="section">
<h3><a class="toc-backref" href="#id77" id="displaying-only-message-summaries-in-the-issue-display" name="displaying-only-message-summaries-in-the-issue-display">Displaying only message summaries in the issue display</a></h3>
<p>Alter the <tt class="docutils literal"><span class="pre">issue.item</span></tt> template section for messages to:</p>
<pre class="literal-block">
&lt;table class=&quot;messages&quot; tal:condition=&quot;context/messages&quot;&gt;
 &lt;tr&gt;&lt;th colspan=&quot;5&quot; class=&quot;header&quot;&gt;Messages&lt;/th&gt;&lt;/tr&gt;
 &lt;tr tal:repeat=&quot;msg context/messages&quot;&gt;
  &lt;td&gt;&lt;a tal:attributes=&quot;href string:msg${msg/id}&quot;
         tal:content=&quot;string:msg${msg/id}&quot;&gt;&lt;/a&gt;&lt;/td&gt;
  &lt;td tal:content=&quot;msg/author&quot;&gt;author&lt;/td&gt;
  &lt;td class=&quot;date&quot; tal:content=&quot;msg/date/pretty&quot;&gt;date&lt;/td&gt;
  &lt;td tal:content=&quot;msg/summary&quot;&gt;summary&lt;/td&gt;
  &lt;td&gt;
   &lt;a tal:attributes=&quot;href string:?&#64;remove&#64;messages=${msg/id}&amp;&#64;action=edit&quot;&gt;
   remove&lt;/a&gt;
  &lt;/td&gt;
 &lt;/tr&gt;
&lt;/table&gt;
</pre>
</div>
<div class="section">
<h3><a class="toc-backref" href="#id78" id="enabling-display-of-either-message-summaries-or-the-entire-messages" name="enabling-display-of-either-message-summaries-or-the-entire-messages">Enabling display of either message summaries or the entire messages</a></h3>
<p>This is pretty simple - all we need to do is copy the code from the
example <a class="reference" href="#displaying-only-message-summaries-in-the-issue-display">displaying only message summaries in the issue display</a> into
our template alongside the summary display, and then introduce a switch
that shows either the one or the other. We'll use a new form variable,
<tt class="docutils literal"><span class="pre">&#64;whole_messages</span></tt> to achieve this:</p>
<pre class="literal-block">
&lt;table class=&quot;messages&quot; tal:condition=&quot;context/messages&quot;&gt;
 &lt;tal:block tal:condition=&quot;not:request/form/&#64;whole_messages/value | python:0&quot;&gt;
  &lt;tr&gt;&lt;th colspan=&quot;3&quot; class=&quot;header&quot;&gt;Messages&lt;/th&gt;
      &lt;th colspan=&quot;2&quot; class=&quot;header&quot;&gt;
        &lt;a href=&quot;?&#64;whole_messages=yes&quot;&gt;show entire messages&lt;/a&gt;
      &lt;/th&gt;
  &lt;/tr&gt;
  &lt;tr tal:repeat=&quot;msg context/messages&quot;&gt;
   &lt;td&gt;&lt;a tal:attributes=&quot;href string:msg${msg/id}&quot;
          tal:content=&quot;string:msg${msg/id}&quot;&gt;&lt;/a&gt;&lt;/td&gt;
   &lt;td tal:content=&quot;msg/author&quot;&gt;author&lt;/td&gt;
   &lt;td class=&quot;date&quot; tal:content=&quot;msg/date/pretty&quot;&gt;date&lt;/td&gt;
   &lt;td tal:content=&quot;msg/summary&quot;&gt;summary&lt;/td&gt;
   &lt;td&gt;
    &lt;a tal:attributes=&quot;href string:?&#64;remove&#64;messages=${msg/id}&amp;&#64;action=edit&quot;&gt;remove&lt;/a&gt;
   &lt;/td&gt;
  &lt;/tr&gt;
 &lt;/tal:block&gt;

 &lt;tal:block tal:condition=&quot;request/form/&#64;whole_messages/value | python:0&quot;&gt;
  &lt;tr&gt;&lt;th colspan=&quot;2&quot; class=&quot;header&quot;&gt;Messages&lt;/th&gt;
      &lt;th class=&quot;header&quot;&gt;
        &lt;a href=&quot;?&#64;whole_messages=&quot;&gt;show only summaries&lt;/a&gt;
      &lt;/th&gt;
  &lt;/tr&gt;
  &lt;tal:block tal:repeat=&quot;msg context/messages&quot;&gt;
   &lt;tr&gt;
    &lt;th tal:content=&quot;msg/author&quot;&gt;author&lt;/th&gt;
    &lt;th class=&quot;date&quot; tal:content=&quot;msg/date/pretty&quot;&gt;date&lt;/th&gt;
    &lt;th style=&quot;text-align: right&quot;&gt;
     (&lt;a tal:attributes=&quot;href string:?&#64;remove&#64;messages=${msg/id}&amp;&#64;action=edit&quot;&gt;remove&lt;/a&gt;)
    &lt;/th&gt;
   &lt;/tr&gt;
   &lt;tr&gt;&lt;td colspan=&quot;3&quot; tal:content=&quot;msg/content&quot;&gt;&lt;/td&gt;&lt;/tr&gt;
  &lt;/tal:block&gt;
 &lt;/tal:block&gt;
&lt;/table&gt;
</pre>
</div>
<div class="section">
<h3><a class="toc-backref" href="#id79" id="setting-up-a-wizard-or-druid-for-controlled-adding-of-issues" name="setting-up-a-wizard-or-druid-for-controlled-adding-of-issues">Setting up a &quot;wizard&quot; (or &quot;druid&quot;) for controlled adding of issues</a></h3>
<ol class="arabic">
<li><p class="first">Set up the page templates you wish to use for data input. My wizard
is going to be a two-step process: first figuring out what category
of issue the user is submitting, and then getting details specific to
that category. The first page includes a table of help, explaining
what the category names mean, and then the core of the form:</p>
<pre class="literal-block">
&lt;form method=&quot;POST&quot; onSubmit=&quot;return submit_once()&quot;
      enctype=&quot;multipart/form-data&quot;&gt;
  &lt;input type=&quot;hidden&quot; name=&quot;&#64;template&quot; value=&quot;add_page1&quot;&gt;
  &lt;input type=&quot;hidden&quot; name=&quot;&#64;action&quot; value=&quot;page1_submit&quot;&gt;

  &lt;strong&gt;Category:&lt;/strong&gt;
  &lt;tal:block tal:replace=&quot;structure context/category/menu&quot; /&gt;
  &lt;input type=&quot;submit&quot; value=&quot;Continue&quot;&gt;
&lt;/form&gt;
</pre>
<p>The next page has the usual issue entry information, with the
addition of the following form fragments:</p>
<pre class="literal-block">
&lt;form method=&quot;POST&quot; onSubmit=&quot;return submit_once()&quot;
      enctype=&quot;multipart/form-data&quot;
      tal:condition=&quot;context/is_edit_ok&quot;
      tal:define=&quot;cat request/form/category/value&quot;&gt;

  &lt;input type=&quot;hidden&quot; name=&quot;&#64;template&quot; value=&quot;add_page2&quot;&gt;
  &lt;input type=&quot;hidden&quot; name=&quot;&#64;required&quot; value=&quot;title&quot;&gt;
  &lt;input type=&quot;hidden&quot; name=&quot;category&quot; tal:attributes=&quot;value cat&quot;&gt;
   .
   .
   .
&lt;/form&gt;
</pre>
<p>Note that later in the form, I use the value of &quot;cat&quot; to decide which
form elements should be displayed. For example:</p>
<pre class="literal-block">
&lt;tal:block tal:condition=&quot;python:cat in '6 10 13 14 15 16 17'.split()&quot;&gt;
 &lt;tr&gt;
  &lt;th&gt;Operating System&lt;/th&gt;
  &lt;td tal:content=&quot;structure context/os/field&quot;&gt;&lt;/td&gt;
 &lt;/tr&gt;
 &lt;tr&gt;
  &lt;th&gt;Web Browser&lt;/th&gt;
  &lt;td tal:content=&quot;structure context/browser/field&quot;&gt;&lt;/td&gt;
 &lt;/tr&gt;
&lt;/tal:block&gt;
</pre>
<p>... the above section will only be displayed if the category is one
of 6, 10, 13, 14, 15, 16 or 17.</p>
</li>
</ol>
<ol class="arabic" start="3">
<li><p class="first">Determine what actions need to be taken between the pages - these are
usually to validate user choices and determine what page is next. Now encode
those actions in a new <tt class="docutils literal"><span class="pre">Action</span></tt> class (see <a class="reference" href="#defining-new-web-actions">defining new web actions</a>):</p>
<pre class="literal-block">
from roundup.cgi.actions import Action

class Page1SubmitAction(Action):
    def handle(self):
        ''' Verify that the user has selected a category, and then move
            on to page 2.
        '''
        category = self.form['category'].value
        if category == '-1':
            self.error_message.append('You must select a category of report')
            return
        # everything's ok, move on to the next page
        self.template = 'add_page2'

def init(instance):
    instance.registerAction('page1_submit', Page1SubmitAction)
</pre>
</li>
<li><p class="first">Use the usual &quot;new&quot; action as the <tt class="docutils literal"><span class="pre">&#64;action</span></tt> on the final page, and
you're done (the standard context/submit method can do this for you).</p>
</li>
</ol>
</div>
</div>
</div>
<div class="section">
<h1><a class="toc-backref" href="#id15" id="debugging-trackers" name="debugging-trackers">Debugging Trackers</a></h1>
<p>There are three switches in tracker configs that turn on debugging in
Roundup:</p>
<ol class="arabic simple">
<li>web :: debug</li>
<li>mail :: debug</li>
<li>logging :: level</li>
</ol>
<p>See the config.ini file or the <a class="reference" href="#tracker-configuration">tracker configuration</a> section above for
more information.</p>
<p>Additionally, the <tt class="docutils literal"><span class="pre">roundup-server.py</span></tt> script has its own debugging mode
in which it reloads edited templates immediately when they are changed,
rather than requiring a web server restart.</p>
<hr class="docutils" />
<p>Back to <a class="reference" href="index.html">Table of Contents</a></p>
</div>
</div>
<div class="footer">
<hr class="footer" />
Generated on: 2006-10-04.

</div>
</body>
</html>