{22} Trac tickets (2647 matches)

Results (1301 - 1400 of 2647)

Id Type Owner Reporter Milestone Status Resolution Summary Description Posixtime Modifiedtime
#937 enhancement sebbacon rgrp ckan-v1.4-sprint-5 closed fixed Record download stats for resources (extension)

As a User (especially as a Package Owner/Maintainer?) I want to know how many times a resource has been downloaded (and when).

So let's record download stats (as in clicks on the link for a resource).

Implementation

Old Spec (do it in CKAN)

  • Record info of form: resource id (or url?), timestamp
  • Do this via javascript capturing of onclick event talking to an api
  • API: /api/resource/{id}/download
    • POST to increment (how do we stop spamming -- could use a nonce setup with a random string set on each page load for the js)
    • GET to get data back { total: X, day_count: [ [yyyy-mm-dd, count], ... ] }

Questions

  • Do we record ip addresses (to handle de-botting etc)?
  • Do we count preview clicks as well?
1296340273000000 1302513831000000
#938 enhancement pudo rgrp ckan-v1.4-sprint-1 closed fixed Message flashing / notification in WUI

Good user interfaces provide feedback to users. We should provide more feedback about the success / failure of actions using message flashing (see http://flask.pocoo.org/docs/patterns/flashing/).

We already do some of this (slightly poorly), e.g. on adding an authorization the app says: "X authorization added".

Implementation

  • Standardize this process and add section to html for this purpose.
  • Already done in other OKFN apps e.g. yourtopia.net, wheredoesmymoneygo and commentonit
  • Testing: suggest keeping this very simple

Estimate

  • Cost: 0.5h (html etc) + 1h to do some integration
1296398920000000 1297077023000000
#939 enhancement rgrp closed fixed Notification bar at top of site shown to new users pointing them to simple instructions

On http://getthedata.org/ or stackoverflow there is a pop-up bar for new users that give them some simple instructions.

Talking with users it is clear that some people are not clear how ckan.net (or other sites) work and what they are and are not 'allowed to do. This could help make this better.

Implementation

  • Pop-up bar (based on a cookie or just being not logged in?) - uses ticket:938 (message flashing)
  • FAQ/instructions page (use the new wiki?)

Depends

Estimate

  • Cost: 1h
1296399008000000 1323171158000000
#942 defect pudo pudo ckan-v1.4-sprint-1 closed fixed Fix SERP pager argument passing

It only passes "q", but the whole query must be serialized.

1296469490000000 1297074807000000
#943 enhancement pudo pudo ckan-v1.4-sprint-1 closed fixed Create CKAN Wiki

Set up a Mediawiki to contain info on CKAN.net (community) conventions etc.

1296469547000000 1297076498000000
#944 defect pudo pudo iati-4 closed fixed Upgrade IATI to CKAN 'default'
  • Move code base, fix any breakage.
  • Deploy to eu8
  • Test
  • Deploy to eu14

Why

Later CKAN codebase has a bunch of improvements / fixes that it would be good to have.

Estimate

  • 8h
1296469688000000 1306774766000000
#945 enhancement kindly kindly ckan-v1.6 closed fixed [super] Richer resources - Resource Groups, new fields, improved UI

Super ticket: #1032

This is a meta ticket for changes that are going to happen in resources.

  • New resource group table. #956
  • New kind field in resource. #957
  • UI for new kind field. #958
  • Resources in REST API ticket:358
  • Resources in WUI #1445
  • Make Resources first class entity. #922 (duplicate?)

Background on this change can be found at:

1296475283000000 1325259350000000
#946 defect pudo dread ckan-v1.3 closed fixed No default system rights

CKAN currently comes out of the box being uneditable. We'd like to encourage people to have open CKANs and therefore by default init the db with this right:

visitor -> is editor on -> System system
1296499922000000 1296833383000000
#949 enhancement pudo pudo ckan-v1.4-sprint-1 closed fixed Generic username/password login

based on repoze.who-friendlyForms

1296658126000000 1297074827000000
#950 enhancement dread dread ckan-v1.3 closed fixed Move importer controller to ckanext-importer

ckan/controllers/importer.py provides a Pylons UI for importing spreadsheet data into CKAN. This would better live in an extension than core CKAN.

In the same move, ckan/tests/misc/test_spreadsheet_importer.py, which is used by importer.py as well as various dgu data importers, should move into ckanext.

1296666038000000 1297079743000000
#953 enhancement rgrp rgrp ckan-v1.4-sprint-1 closed fixed Add tagline/description to template and set in configuration

Have a tagline / description are under main title and set if from ckan.site_description config variable.

1296809808000000 1296809834000000
#954 enhancement kindly rgrp ckan-v1.5 closed fixed [super] API version 3

Child tickets:

  • #1107 Move package autocomplete from package controller and move to API
  • #1087 version and contact info api call

Move to a format that has a separate responseHeader and response.

A standard package response

{
  responseHeader: {
    status: 0,
  }    
  response: {package-dict}
}

On error:

{
  responseHeader: {
    status: {err-code},
    error: 'message'
  }    
  response: none
}

A search query

Based directly on solr.

{
  responseHeader: {
    status: 0,
  }    
  response: {
    numFound: 5,
    start: 0
    docs: [
    ]
  }
}

Issues

This is a breaking change for clients

References

1296811899000000 1320142744000000
#955 defect dread dread ckan-v1.3 closed fixed Tidy up tests
  • Removal of init_db from every setup etc.
  • Get them working
1296819300000000 1297342534000000
#956 enhancement kindly kindly ckan-v1.4-sprint-2 closed fixed Add a resource group table.

We need a way to group resources by various different factors. The most important of which is timeseries.

The model will look like

Package <o2m> resource_group <o2m> resource

The use cases to this are outlined in this email. http://lists.okfn.org/pipermail/ckan-discuss/2011-February/000887.html

1296821112000000 1299489084000000
#960 defect pudo rgrp ckan-v1.4-sprint-1 closed fixed Support non-ascii character in internal error messages

Just saw an error like the following which looks like it is to do with having a user object with non-ascii characters in it. Either get rid of 'cast' to str type here or do it in a unicode aware way.

Should do this not just here but everywhere we can find in the code base.

Module ckan.controllers.package:302 in edit
<<          am_authz = self.authorizer.am_authorized(c, model.Action.EDIT, pkg)
               if not am_authz:
                   abort(401, str(gettext('User %r not authorized to edit %s') % (c.user, id)))
       
               auth_for_change_state = self.authorizer.am_authorized(c, model.Action.CHANGE_STATE, pkg)
>>  abort(401, str(gettext('User %r not authorized to edit %s') % (c.user, id)))
UnicodeDecodeError: 'ascii' codec can't decode byte 0xc3 in position 1: ordinal not in range(128)

Estimate

Cost: 1h

1297069721000000 1297169056000000
#961 enhancement kindly rgrp ckan-v1.5 closed fixed [super] Refactoring of forms, validation and model synchronization

This is a meta-ticket to hold all of the work on refactoring forms, validation and model-synchronization in CKAN.

ckan-dev thread: http://lists.okfn.org/pipermail/ckan-dev/2011-January/000180.html

The Issue

From #926:

The current formalchemy setup conflates view, controller and model code in a way that makes it hard to debug and customise.

From http://lists.okfn.org/pipermail/ckan-dev/2011-January/000181.html:

... FormAlchemy, in retrospect, was probably a mistake as it merges too much model/validation/form generation into one thing.

At least 3 functions involved [in this area]:

  1. Generating (or just filling) a form template with 'form data' (and errors)
  2. Converting model data to form data (also happens for APIs in fact) -- let's call this 'dict-ization'
  3. Converting form data to model data (and validating) (inverse of previous step)

Related Tickets

  • #926 - Pick a simpler form framework
  • #1046 'dictization' and the logic layer - serialization / deserialization of package (and other domain objects) to standard intermediate format such as json-convertable python dict
    • #1079 Refactor API to use new logic layer and dictization
    • #1078 Refactor WUI controllers and forms to use logic layer
    • cf existing dumper and importer code
    • This will fix #662
  • [not ticketed yet] - validation layer (should work on serialized objects?)
  • #662 - Can't put entity that is returned by posting to package register (Defect)
  • #972 - Merge 'extras' into main package dict rather than having separate key
  • #1035 - Form impressions are given IDs
  • #810 - Move "add packages" field up in group form (easier to do this once forms are done)
1297069849000000 1310126100000000
#962 enhancement rgrp rgrp ckan-v1.4-sprint-5 closed fixed Improvements to data preview extension

Basic implementation done (and deployed):

https://bitbucket.org/okfn/ckanext-datapreview

However plenty to improve, e.g.

  • Support more formats (use external systems for preview?)
    • json (!)
    • html (trivial!)
    • sparql
    • ...
  • Do not display preview if no preview

Also suggest reworking to use external services rather than doing preview 'in house' (doing in house places heavy reliance on data proxy service and on converting data to a standard format).

1297072524000000 1301364987000000
#963 enhancement thejimmyg rgrp ckan-v1.4-sprint-1 closed fixed Package CKAN as a debian package

Package CKAN as a debian package so it is easier to install.

1297076364000000 1298284252000000
#964 enhancement rgrp rgrp datapkg-0.8 closed fixed Create Resource Downloader and make it pluggable

In downloading packages we need to download resources and we need a ResourceDownloader? object for this. these should be pluggable so that we can add support for different types of resources.

1297211004000000 1297211237000000
#965 enhancement kindly kindly ckan-v1.4 closed fixed make migration testing plugin to nose

In order to test migrations properly, we need to test the upgraded database against *all* the tests.

To do this a special flag to nosetests should be added. nosetests --migrations

This flag will make sure that the database is recreated from scratch each time using the migrate repository, bypassing init_db.

1297213492000000 1298280637000000
#973 enhancement rgrp rgrp ckan-v1.4-sprint-1 closed fixed Document license configuration and license system.

Document how license system works and specifically how licenses can be configured.

Cost: 2h

1297332948000000 1297678851000000
#974 defect dread ckan-v1.3 closed fixed Document site_description

Configuration option 'ckan.site_description' isn't documented

1297342254000000 1297342599000000
#975 defect rgrp rgrp ckan-v1.4-sprint-1 closed fixed Placeholder attribute not displayed in some browsers leading to poor UX

Currently placeholder text like 'Search ...' is not shown in some browsers (e.g. FF and IE).

This leads to poor UX, for example in top bar search where it unclear whether that box is for login or search.

We should fix this by finding a way to display placeholder attribute in all browsers.

1297343755000000 1297344448000000
#976 defect dread ckan-v1.3 closed fixed Documentation references knowledgeforge.net 1297346649000000 1297346954000000
#977 defect dread ckan-v1.3 closed fixed db_upgrade errors
  • db_upgrade (in ckan/model/init) makes call to validate_authorization_setup but forgets about rest of initialisation.
  • it uses self.metadata.bind.url when it should be self.metadata.bind it seems (confused by sqlmigrate update?)
1297420558000000 1297420742000000
#978 enhancement zephod dread ckan-sprint-2012-03-05 closed fixed Edit Resource including Extras in Web UI

Part of super-ticket #1506.

Follows on from #826.

We can configure some extra fields in resources and can edit them in the Web UI, but we can't create new columns in the Web UI. Update the WUI to handle tis.

1297429619000000 1330547181000000
#980 defect pudo pudo ckan-v1.4-sprint-1 closed fixed Fixes to HR Infoshare

We've fixed a few things in CKAN that were discovered and tracked by HRI in their own issue tacker. This includes:

  • add authz checks to package edit links (cset:0752316cd2fe)
  • replace gettext with _ in controllers, to support unicode error msgs (cset:822340e6077e)
  • handle broken html in notes field without crashing on package read (cset:4b6be037dda0)
  • update i18n (cset:37d57dc3c492, cset:ea03173f5e77, cset:f16f4ee40fe7)
1297430918000000 1297503177000000
#981 defect kindly kindly ckan-v1.4-sprint-2 closed fixed fix authorization_group_user.id so it's added in migrate

This was missed out the migrate script. It should be to be added as a conditional script at the end of the repository so that databases can catch up.

1297434480000000 1298278654000000
#982 enhancement dread rgrp ckan-v1.4-sprint-2 closed fixed Remove various pip-requirements versions

We can just use the branch name to pull down specific versions of pip requirements so we don't need all the different versions in head.

Remove them and update any client systems.

Cost: 20m

1297516060000000 1298887980000000
#983 defect dread dread ckan-v1.3 closed fixed 'db upgrade' creates system priviledges

(should leave priviledges alone)

1297518265000000 1297773407000000
#984 defect kindly kindly ckan-v1.4-sprint-2 closed fixed Fix migration, where upgrade diverges from actual model.

The migration scripts have not been inline with the upgrade scripts. There are lots of discrepancies.

1297627447000000 1298280689000000
#986 defect wwitzel3 thejimmyg ckan-v1.4-sprint-2 closed fixed Broken link report from the ckanext-qa code

Should have the following features:

  • A list of all packages with broken links on the resource
  • Under each packages a description of any resources with broken links to include:
    • Link
    • Description
    • Format
    • First found to be broken date

[If you can't do the last one yet, don't worry]

1297683994000000 1297812401000000
#988 task wwaites thejimmyg ckan-v1.4-sprint-2 closed fixed Get a better HTML view of a GEMINI document using XSL 1297685975000000 1299493598000000
#990 defect rene.kapusta closed fixed umlauts in title / text

It's not possible to use umlauts (like "CKAN Österreich") in the title / text.

1297801036000000 1311180850000000
#991 defect dread ckan-v1.3 closed fixed Checkbox defaults to True

Form for new package has CheckboxExtraField? checked, when the value is False. (as used in ckanext-dgu package v3 form)

1298035175000000 1298037717000000
#992 defect rgrp rgrp ckan-v1.3 closed fixed Use X-forwarded-for whenever it is available to set remote IP address

At the moment we only use X-forwarded to determine remote user address when remote-addr header is 127.0.0.1. However if a site is behind a cache remote_addr will always be the IP of the cache.

We should fix this by using x-forwarded-for header whenever available and only use remote-addr when it is not available.

Cost: 10m

1298058532000000 1298060474000000
#993 defect thejimmyg jason.kitcat@… ckan-v1.4-sprint-2 closed fixed Link on ckan.net footer needs changing

The link for About > 'Project Home Page' on the CKAN.net footer should be changed to point to:

http://ckan.org/

The current link is broken.

Thanks, Jason

1298154006000000 1298373114000000
#994 defect kindly kindly ckan-v1.4-sprint-3 closed fixed document a new migration methodology

It is too easy to make a mistake with the migrations at the moment. A more systematic way of doing them is needed and this needs to be documented.

1298281192000000 1298912842000000
#996 task kindly kindly ckan-v1.4 closed fixed Run some basic load testing.

This will involve running a sample of real requests synchronously against real data.

1298283994000000 1300364398000000
#998 defect kindly kindly closed fixed change create on cli to upgrade

When doing create on the cli upgrade should be run instead of create to make sure that every database is initiated in the same way.

1298287981000000 1300364423000000
#999 enhancement rgrp dread ckan-v1.4-sprint-3 closed fixed Factor out ckan.net theme changes to a separate theme repo and apply

Rather than polluting the ckan core code base on ckan.net install with ckan.net specific changes these adaptations should be moved out into a dedicated ckan.net theme.

1298386729000000 1300707328000000
#1000 enhancement kindly rgrp ckan-v1.4-sprint-3 closed fixed Remove call timings code

Not used and extra overhead. Very useful to strip this out and low cost.

Places where it seems to be:

  • lib/base.py: c.time_call_started
  • ....
1298489643000000 1298912726000000
#1001 enhancement rgrp rgrp ckan-v1.4-sprint-4 closed fixed API should use normal user credentials if available

When using the API 'locally' i.e. from the CKAN instance (as would be the case with an ajax interface) the API, especially that allowing READ requests should use the normal user credentials if they are available prior to looking for an API key.

The key change appears to be to change _get_user_for_apikey method in lib/base.py BaseController? to check the c.user attribute (may wish to rename as the name may now be a bit misleading ...).

This is critical to incorporating any ajax editing into the frontend.

As part of this ticket we should do a general consolidation of the identification system in lib/base.py so that both api_key and normal user auth lead to the same set of auth-related objects being available (suggest c.user and c.userobj and c.author).

1298489705000000 1301310351000000
#1002 enhancement dread rgrp ckan-sprint-2011-12-05 closed fixed Remove changeset model code

This code is unused and tests are disabled i belive. I suggest stripping this out (can always be re-added in an extension later). If we remove we should probably delete the relevant tables (and so a migration is needed).

1298489773000000 1322515696000000
#1003 enhancement rgrp rgrp ckan-v1.4-sprint-3 closed fixed CKAN Javascript library and demonstration web interface

A plain javascript library for interfacing with CKAN would be very useful (why? see below!). It would also be nice to have a pure html + javascript web interface to CKAN both for its own sake and to act as a demonstrator for the library.

Why?

  • Development of bespoke interfaces -- much easier to edit html + javascript than to change ckan core
    • E.g. for specific communities e.g. geodata, science
    • Specialized tasks - multi-package editing
  • Very easy deployment and integration (e.g. can drop in to getthedata or other sites)
1298490086000000 1300100411000000
#1004 defect zephod dread ckan-backlog closed fixed Group creation instructions missing

Need instructions on the group page to tell people they need to login to create a group. Someone must have deleted this.

1298559144000000 1323195485000000
#1006 enhancement kindly rgrp ckan-v1.4-sprint-4 closed fixed Deprecate stable branch

Now that we have release branches we should deprecate the stable branch (ie. make sure it is no longer a head and then do --close-branch and merge into default one last time).

Cost: 10m (giving high priority because of low cost)

(Assigning to dread as he has been managing the stable branch).

1298624996000000 1300372286000000
#1008 defect rgrp pudo ckan-v1.4-sprint-2 closed fixed eval() of user display name in template head

We're currently setting the user preferences links via a javascript snippet that also evals the name. This should be removed as we're not displaying the user name any longer.

We should also have page fragment caching in Genshi, which is not currently implmented.

cf. http://api.rubyonrails.org/classes/ActionController/Caching/Fragments.html

1298632686000000 1298821826000000
#1010 enhancement rgrp rgrp ckan-v1.4-sprint-2 closed fixed List CKAN users in WUI

Should have user listing at /user/ rather than user account page.

  • list users, sorted by number of packages contributed/edited
  • Move user home page to /user/{user-id}
  • Paginated
1298649180000000 1298740889000000
#1011 enhancement sebbacon sebbacon ckan-v1.4-sprint-3 closed fixed Make pluggable AuthzGroups implementation

I have a requirement to allow an external source to define the groups of which a user is a member.

I propose to create an IAuthzUserGroups plugin interface that allows an extension to arbitrarily extend the list of AuthzGroups? that a user is in.

1298819657000000 1299245206000000
#1012 defect kindly kindly ckan-v1.4 closed fixed Add package revision history to api

Revision history information is not accessible, dgu want this.

1298887351000000 1301943113000000
#1013 defect sebbacon sebbacon ckan-v1.4-sprint-5 closed fixed Refactor & write tests for Wordpresser extension

The Wordpresser extension seems to be working well for DataGM, but needs caching and tests.

1298887392000000 1301909717000000
#1014 defect sebbacon sebbacon ckan-v1.4-sprint-3 closed fixed Decouple oAuth repoze extension from DataNO, write tests

The current oAuth extension tightly couples repoze.who, ckan, and data.no. These components should be decoupled; they also need more tests

1298887493000000 1299245293000000
#1015 defect kindly dread ckan-v1.4-sprint-3 closed fixed Editing group gives exception

Editing a group properties on ckan.net gives an exception when you submit the form. (Is this related to db migration issues?)

Example page: http://ckan.net/group/edit/civil-society

Exception:

WebApp Error: <class 'sqlalchemy.exc.IntegrityError'>: (IntegrityError) duplicate key value violates unique constraint "group_revision_pkey" 'INSERT INTO group_revision (id, name, title, description, created, state, revision_id, continuity_id) VALUES (%(id)s, %(name)s, %(title)s, %(description)s, %(created)s, %(state)s, %(revision_id)s, %(continuity_id)s)' {'description': u"A group for open data related to civil society supported by members of the interest group at: http://okfn.org/groups/civil-society\r\n\r\nCivil society is composed of the totality of voluntary civic and social organizations and institutions that form the basis of a functioning society, as distinct from the force-backed structures of a state (regardless of that state's political system) and commercial institutions of the market. \r\n\r\nhttp://en.wikipedia.org/wiki/Civil_society", 'created': datetime.datetime(2011, 2, 24, 14, 30, 53, 334842), 'title': u'Civil Society', 'state': u'active', 'continuity_id': u'f4f9f09
1298898588000000 1299788821000000
#1017 defect pudo sebbacon closed fixed Problem assigning users to authz groups through web interface

Against ckan-1.3.1, when I create an authz group called "administrators" and visit /authorizationgroup/edit/administrators, I am unable to add more than one user to it.

Each time I add additional users, the existing user on the list is replaced with the new one.

1299071127000000 1299668555000000
#1018 task dread dread ckan-v1.4-sprint-3 closed fixed Remove gov form

(It has been moved into ckanext-dgu)

1299072516000000 1299073340000000
#1019 enhancement pudo pudo ckan-v1.4-sprint-3 closed fixed Webhooks notification service

We propose the following push approach using individual packages:

  1. New, updated and deleted packages are pushed to a url endpoint on Wordpress (WPURL). This endpoint will be a configuration option on the CKAN side. A POST or PUT http method will get used. The payload will be a json document of the following form:

{

payload: The entity data as available from the REST API entity-type: 'Package', operation-type: 'create'|'update'|'delete' # one of these options

}

It will be sent as the body of the request with content-type set to application/json.

  1. The wordpress side will provide a 200 on success. Any other response will be taken as a failure. On failure, submission will be archived and failure logged and notified to system administrator. Submission can be resent later automatically by sysadmin after review.
  1. Pushes will happen continuously and approximately simultaneously with updates (a webhooks type model)
  1. [optional] CKAN side will support configuring authorization for basic authentication if applied on WP side.
  1. [optional] List queue status (including failures) on ckan adminstrative dashboard.
1299166784000000 1299166930000000
#1020 defect kindly closed fixed harvesting doc revision table

add revisioning to harvested document table

1299205012000000 1300196215000000
#1021 enhancement pudo pudo ckan-v1.4-sprint-3 closed fixed Config option to disable OpenID

HRI don't like federation, want to login normal way only. Make this a config option and perhaps even mess with runtime repoze config

1299492920000000 1299518828000000
#1022 enhancement pudo pudo ckan-v1.4-sprint-3 closed fixed Error reporting in CKAN worker API

Report on errors by any worker daemons, send them out via E-Mail

1299493047000000 1299512991000000
#1025 enhancement dread dread ckan-v1.4-sprint-3 closed fixed Default authz can be set in config

Currently the default authz for a package is hard-coded to:

 <PackageRole user="visitor" role="editor" context="Package">,
 <PackageRole user="logged_in" role="editor" context="Package">,

This should be configurable in the config, so that you can have a more locked down instance etc.

1299596110000000 1299751045000000
#1026 enhancement dread dread ckan-v1.4-sprint-3 closed fixed cli for creating users

It's handy to be able to create users using the cli (e.g. dgu migration)

1299604652000000 1299605128000000
#1027 enhancement pudo pudo ckan-v1.4-sprint-3 closed fixed Authorization checks on all controller actions

We want to have authz checks on all controller actions so that we can lock down CKAN to a login-only mode.

1299666256000000 1299682082000000
#1028 defect dread dread ckan-v1.4-sprint-3 closed fixed Open redirect in locale setting 1299759883000000 1299760360000000
#1029 defect kindly ckan-v1.4-sprint-3 closed fixed synchronous search erroring when harvesting is run.

Errors are caused when harvesting documents. This also makes the count not show up correctly on the ckan search page.

1299768337000000 1301311643000000
#1030 defect amercader thejimmyg closed fixed Move harvesting out of the rest API 1299776418000000 1303117978000000
#1031 enhancement johnlawrenceaspden rgrp ckan-v1.4-sprint-4 closed fixed User lookup API

Add an api for searching users. This is needed for any kind of ajax autocomplete (needed for anywhere we want to add users).

  • API location: /api/util/user/lookup?q=querystr&limit=10
  • Return json objects containing {id: ..., name: ..., fullname: ...}
  • Put in a module called controllers/apiv2/user.py
1299780419000000 1300101520000000
#1032 enhancement rgrp rgrp ckan-v1.6 closed fixed [super] Resources in WUI

Add resources into Web User Interface.

  • Locate at: /dataset/{dataset}/resource/{id}
  • CRUD
  • Authorization

Done:

  • #945 - Richer resources - Resource Groups, new fields, improved UI
  • #1445 - Resource View page in WUI
  • #1450 - Dataset view pages to match

Moved to superticket #1506:

  • #978 - Edit Resource Extras in Web UI
1299782021000000 1330348463000000
#1033 defect dread dread closed fixed Register user with blank password causes 500

Go to http://ckan.net/user/register and fill in all the fields apart from password. On submit you get 500 error.

1299796274000000 1308310446000000
#1036 defect johnlawrenceaspden johnlawrenceaspden ckan-v1.4-sprint-4 closed fixed Add tests for three functions in ckan/model/user.py

create a new test file ckan/model/test_user.py

add tests for the following three functions in ckan/model/user.py

number_of_edits, number_administered_packages, search

merged in in changeset 0046f83aedcf

1300127840000000 1301304575000000
#1037 defect amercader thejimmyg ckan-v1.4-sprint-6 closed fixed More Robust Harvesting for DGU

CKAN's harvesting facility is now live on DGU but there are some major improvements that could be made to make it more robust and better fit the generic CKAN harvesting framework proposed in #987.

Some of the key issues:

  • Error reports do not currently contain the ID or title of the document with the error.
  • We only have "added" and "error" logging on jobs when we really need a report of "added", "updated", "not changed" and "errors" with the items in each referencing a real metadata document for which harvesting was attempted
  • We need deletion and editing of sources, without deleting the harvested documents or packages
  • We need a more robust harvesting mechanism than a cron job or we need to deal with the case of multiple cron jobs running at once.
  • We need to know the last time a list of documents was scheduled for harvest and the last time each one was fetched.
1300197602000000 1304937601000000
#1038 enhancement dread dread ckan-v1.4 closed fixed Authz tool - operate on all packages at once

Add 'package:all' to authz tool to allow mass changes of authz.

1300212788000000 1300212841000000
#1039 enhancement dread dread ckan-v1.4 closed fixed Default user roles read from config

(instead of being hard coded)

1300212822000000 1300212856000000
#1040 defect thejimmyg dread ckan-v1.4 closed fixed File system mounted

Public file path code adds a trailing , and thus adds / as a static file app in the Pylons middleware cascade.

1300213855000000 1328806824000000
#1042 task dread dread closed fixed 'Ckanext' split-up

It's not good to have ckanext doing lots of different things with different dependencies. Split it off into:

  • ckanext-importlib

etc.

And then deprecate the ckanext repo itself.

1300293907000000 1300969865000000
#1043 defect kindly closed fixed stop sqlalchemy message saying at least one scoped seession already present

see summary.

1300310326000000 1300321033000000
#1044 defect pudo dread closed fixed Sysadmins locked-out of API without Right: (visitor, SITE_READ, System)

The problem is that in ckan/controllers/rest.py the BaseApiController? has this method:

    def __before__(self, action, **env):
        BaseController.__before__(self, action, **env)
        if not self.authorizer.am_authorized(c, model.Action.SITE_READ, model.System):
            abort(401, _('Not authorized to see this page'))

which works on the basis of your c.user, rather than your apikey. All API users are treated as visitors (since API users don't get a login cookie) and even a sysadmin's apikey is blocked unless there is a right for a Visitor to SITE_READ.

Also needs tests.

(Also, why is this restriction only on the API, package search, group index and tags and agroup index? I'm guessing SITE_READ is only for places where other authz don't apply, but maybe it should not be called 'SITE_READ' but 'OTHER_READ' or something?)

1300358919000000 1302096155000000
#1045 defect dread dread ckan-v1.4-sprint-4 closed fixed Group identified by ID in API
http://ckan.net/api/2/rest/group

returns group IDs but I can only reach a group by name:

http://ckan.net/api/2/rest/group/economics

when I also want to get a group by ID:

http://ckan.net/api/2/rest/group/04fb43d2-8ddf-4485-9bf5-66d47d3672f3
1300360642000000 1300793261000000
#1046 enhancement kindly thejimmyg ckan-v1.4-sprint-5 closed fixed Dictization and the new logic layer

The stages involved with doing this.

  • Convert model objects to standard dict format (DONE)
  • Convert standard dicts to current api formats (DONE)
  • Make standard dicts savable (DONE)
  • Validate standard dict format. (DONE)
  • Authorize actions
1300364694000000 1302777668000000
#1047 defect sebbacon sebbacon ckan-v1.4-sprint-4 closed fixed Package edit form claims you're not logged in at the end when you are

At the bottom, it says something like

Author: Bob Bumgardner Since you have not signed in this will just be your IP address. Click here to sign in before saving (opens in new window).

1300384556000000 1300387309000000
#1048 enhancement dread dread ckan-v1.4-sprint-4 closed fixed Complete making groups versioned
  • Deleting a group changes state to 'deleted' rather than purging it
  • Adding authz tests for deleted groups
1300387655000000 1300702752000000
#1051 defect sebbacon sebbacon ckan-v1.4-sprint-4 closed fixed Ability to set custom favicon

Allow deployers to set a URL pointing to their own favicon

1300703160000000 1301305079000000
#1052 defect dread dread ckan-v1.4-sprint-4 closed fixed Authz holes

No authz on:

  • Group creation/edit/listing
  • Package relationship create/edit/delete
1300709144000000 1300895410000000
#1053 defect dread dread ckan-v1.5 closed fixed Deletion in Model API

Currently in the API if you DELETE a package/group/user (and you have the required permissions) then it purges the object, when it should probably just set the state to deleted.

There is no way to delete objects at the moment - changes to 'state' are ignored in the API.

Do we need an alternative way to purge objects in the API?

1300790039000000 1310126546000000
#1054 defect kindly dread ckan-v1.4-sprint-4 closed fixed Ordering of resources

Changing an old resource and creating a new resource on the end results in the old resource moving to the end in the ordering.

This breaks tests:

  • (ckanext-dgu) ckanext/dgu/tests/ons/test_ons_loader.py:TestOnsLoadBasic.test_fields
  • (ckanext-importlib) ckanext/importlib/tests/test_loader.py:TestLoaderInsertingResources.test_0_reload

You can make a ckan test break with this patch:

diff -r e6643cf1324c ckan/tests/models/test_resource.py
--- a/ckan/tests/models/test_resource.py        Wed Mar 23 13:25:52 2011 +0000
+++ b/ckan/tests/models/test_resource.py        Wed Mar 23 19:22:35 2011 +0000
@@ -297,6 +297,8 @@
                'url':self.urls[1], 'format':u'OTHER FORMAT',
                'description':self.description, 'hash':self.hash,
                'id':original_res_ids[2]},
+            { #new
+                'url':'new'},
            ]
        pkg.update_resources(res_dicts)
        model.repo.commit_and_remove()

There seems to be a problem with vdm creating a replacement Resource for the old resource - because it has a duplicate position it is put to the end by the SQLAlchemy ordering_list function.

1300969236000000 1301305615000000
#1055 defect dread dread ckan-v1.4-sprint-4 closed fixed @search_related tests not running

Tests marked decorated "@search_related" should only be run against postgresql, but in fact they don't get run at all.

1300985228000000 1300992395000000
#1056 defect dread pudo ckan-v1.4-sprint-6 closed fixed User links for OpenID users are broken

Use case:

  • Login using OpenID
  • Click on 'My account' - results in 404

Solutions:

  • User user.id instead of their name
  • Escape the URL properly.
1301060249000000 1302882616000000
#1057 defect dread closed fixed JSONP parameter isn't escaped
$ curl "http://127.0.0.1:5000/api/rest/package/annakarenina?callback=<script>jsoncallback"

gives:

<script>jsoncallback({"id": "c10ebd31-5b45-4f6f-885d-dca9b18caec4", "name": "annakarenina", "title": "A Novel By Tolstoy",

which could run script code in the client who made the call.

One idea for filtering: http://tav.espians.com/sanitising-jsonp-callback-identifiers-for-security.html Maybe just better to have a restricted whitelist of characters to be even more sure.

Same as: https://trac.dataco.coi.gov.uk/projects/datagov/ticket/906

1301078389000000 1329150236000000
#1058 defect dread dread ckan-v1.4-sprint-4 closed fixed Give 400 error (not 500) for invalid locale or package_form

Examples which prompt annoying exception emails:

http://ckan.net/locale?locale=ja
Module ckan.i18n:21 in set_session_locale
           assert locale in _KNOWN_LOCALES

A bot has caused these:

http://ca.ckan.net/package/new?package_form=gov
Module ckan.forms.registry:32 in get_fieldset
               raise ValueError('Could not find package_form name %r in those found: \n%r' % (package_form, [en.name for en in entrypoints]))
ValueError: Could not find package_form name u'gov)' in those found: ['gov', 'standard', 'ca']
1301302303000000 1301303315000000
#1059 defect dread dread ckan-v1.4-sprint-5 closed fixed Loader coping better with poor search indexing

Loader currently checks for same name, but also should check for name_, name etc.

1301310596000000 1301312516000000
#1060 defect dread ckan-v1.4-sprint-5 closed fixed Spreadsheet importer tries to import readonly keys

e.g. we just added notes_rendered and that is read in as an extra field. Tests failing in ckanext-importlib

Also related: we are missing lost metadata_created and metadata_modified in the dumps.

1301312210000000 1301312487000000
#1063 defect sebbacon sebbacon closed fixed Groups listing widget on package screen shouldn't show group name by default

I've been asked if we can do something about the overflow of the Group name in the right hand column on this page:

http://register.data.overheid.nl/package/europese-aanbestedingen

The reason is that the list display for groups is in the form "group_tltie (group_name)", and of course group_name can't have spaces and so can't wrap nicely.

I was wondering if there's a good reason why we don't only display group_title (if it exists) and group_name only when there's not a title?

1301408459000000 1302514033000000
#1065 enhancement zephod johnlawrenceaspden ckan-v1.6 closed fixed [super] Change Authorization System

Child tickets

  • #1198 Publisher hierarchy
  • #1050 Authz lib improvement and refactor of ckan/lib/authztool.py
  • #1004 Group creation instructions missing
  • #1099 Strange interactions between two browsers while playing with authz groups
  • #1115 can have two authzgroups with the same name
  • #1133 command line rights manipulation doesn't work
  • #1138 minor navigations behave inconsistently

Old ticket description:

  1. Change name of AuthzGroup? to UserGroup? to reflect what it is for
  1. Get rid of Roles, and replace them with direct assignment of actions, even though there are many actions, and extensions can add arbitrary ones.
    • Debatable whether we should cut the number of actions to correspond to the three roles defined by the base system.
    • Have a method of finding roles (or, in future, actions) relevant to a given protection object (e.g. FILE-UPLOAD(ER) not relevant to Packages)
  1. Change UserGroups? so that they can have a hierarchical structure,

More info on Hierarchy change

e.g. UserGroup? NHS contains the User nhsysadmin, as well as the UserGroups? SURREY and BERKS, which themselves contain users.

One user in SURREY is Simon the Sysadmin, who has permissions on the whole system. His permissions should not leak out to other users or groups, and user permissions generally should not.

Each Group has permissions over various objects.

A user has permissions in his own right, and also has the permissions of his own group, and of all the groups contained in his group, and so on recursively.

Algorithm:

possible(user, action, package):

if user has permission for action on package

or any of have that permission

or any of his groups group-children (but not user-children), and so on recursively have the permission.

1301508331000000 1324550041000000
#1066 enhancement dread dread ckan-v1.4-sprint-5 closed fixed Default reader role too permissive

The definition of the 'reader' role includes creating packages, which is too permissive for some CKAN instances (e.g. DGU). 'Reader' suggests only reading, so I think this role should avoid creating and editing.

All projects so far want all roles to be able to create users, so this stays as a Reader action for now, as a convenience.

Implementation:

  • Action.PACKAGE_CREATE removed from reader's default_role_actions
  • Visitor has a new default role, called 'anon_editor' which can edit packages, but not groups / auth groups - you have to log in for that.
  • Migration script not needed?
  • Code comments written, to make clear the suggested policy
1301645250000000 1301932136000000
#1067 enhancement dread dread ckan-v1.4-sprint-5 closed fixed CLI for loading/dumping complete databases

Use 'db dump' and 'db load' for 'pg_dump' and 'psql -f' of a database. Use pylons config to find out database options.

1301645463000000 1302186503000000
#1068 defect dread dread ckan-v1.4-sprint-5 closed fixed metadata_modified problem

This test has been failing since the clocks changed:

======================================================================
FAIL: ckan.tests.models.test_package.TestPackageRevisions.test_02_metadata_created_and_modified
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/home/dread/hgroot/pyenv-ckan2/lib/python2.6/site-packages/nose-0.11.3-py2.6.egg/nose/case.py", line 186, in runTest
    self.test(*self.arg)
  File "/home/dread/hgroot/ckan2/ckan/tests/models/test_package.py", line 283, in test_02_metadata_created_and_modified
    assert out == exp, (out, exp)
AssertionError: (datetime.datetime(2011, 4, 1, 10, 45, 50, 875509), datetime.datetime(2011, 4, 1, 9, 45, 50, 875509))

----------------------------------------------------------------------
1301652085000000 1302109505000000
#1070 enhancement rgrp rgrp ckan-v1.5 closed fixed Plan a new domain model and layer architecture for CKAN

See http://wiki.ckan.net/Domain_Model especially section on v2.

  • New domain model is planned but not yet finally agreed.
  • Layer architecture is complete and implemented
1301910940000000 1310117129000000
#1071 defect dread dread ckan-v1.4-sprint-5 closed fixed Package history API moved to /api/rest/package/revisions

api/rest/package_history is not RESTful or follow API naming conventions. Therefore move it to /api/rest/package/revisions

Also, API docs incomplete.

1301937882000000 1301943180000000
#1072 enhancement dread dread ckan-v1.4-sprint-5 closed fixed Add filters to authztool

It takes several minutes to print the 'rights' on DGU, which is annoying when you only want to grep for a few lines. Much quicker than grepping is to filter in the query.

1302106311000000 1302106474000000
#1073 enhancement dread dread ckan-v1.4-sprint-5 closed fixed Search index checker

Tool that checks which packages have not been indexed.

Required for DGU: https://trac.dataco.coi.gov.uk/projects/datagov/ticket/940

1302185444000000 1302185825000000
Note: See TracReports for help on using and creating reports.