Make bpo read-only

[ezio-melotti]

The first step of the migration is making BPO read-only. The Roundup wiki has a page about making a tracker read-only, however this requires both code changes and fiddling with the roundup-admin.

A better approach would be:

• Add the detector from the wiki to prevent changes (apparently not needed)
• Remove edit permissions from Users and Developers) in schema.py
• Update the HTML templates (note that if users don't have edit permissions, the forms shouldn't be visible already):
  • The register form for creating new users should be removed (already gone if users don't have permissions)
  • The login form could be removed/hidden (unless needed by coordinators) if we decide users shouldn't log in anymore
  • The "Create new" link should be removed (might not be necessary if users can't login) (already gone)
  • A banner pointing to GitHub should be visible on most/all pages (Add a banner after the migration. bpo-tracker-cpython#12)
  • Each individual issue should have a link to the corresponding GH issue (Add links from bpo to GitHub bpo-tracker-cpython#17)
  • In the issue list, there should be a link to each corresponding GH issue (Add links from bpo to GitHub bpo-tracker-cpython#17)

The banner pointing to GitHub will initially be more prominent and mention that the migration is in progress, informing users that it won't be possible to report and edit issues during the migration. After the migration is complete it will be updated to be less prominent.

This should be tested locally first, and the test should include:

• Check that none of the roles can create/edit issues (unless explicitly allowed, e.g. for Admin/Coordinator)
• Check that creation/edit is prevented through all different interfaces:
  • Web
  • Mail
  • XMLRPC

These changes should be made available with a single PR, that can be merged (and if needed, rolled back) easily.

We should also determine what access level we should leave to users, since they might be able to access/remove their bpo accounts, updating/removing their email address, names, GH username, timezone, etc, and possibly even messages. Logged users also have access to summaries about the issues they created and that they are following, so they should also be able to review those summaries.

[auvipy]

when we are goin to make bpo read only?

[ezio-melotti]

We are planning to make it read-only this Friday.

[auvipy]

oh yeah, at last can start using github issues for cpython!