wiki:TracForgePlugin

Trac multi-project support

Description

This plugin currently has the following functionality:

  • lets you create new projects from a web GUI
  • handles serving them, similar to how TRAC_ENV_PARENT_DIR works, except that it looks nicer and has permission controls

Note: What is in Subversion is currently usable, but there isn't (yet) much documentation.

Note: Not compatible with Trac 0.11. The warning in setup.py mentions this.

Bugs/Feature Requests

Existing bugs and feature requests for TracForgePlugin are here.

If you have any issues, create a new ticket.

defect

16 / 35

enhancement

2 / 6

task

2 / 2

Download

Download the zipped source from here.

Source

You can check out TracForgePlugin from here using Subversion, or browse the source with Trac.

There is also an unofficial darcs repository containing some additional bugfixes which aren't in trunk yet. This branch will always follow the trunk, but with added bugfixes that are in use on at least one production TracForge instance. You can also see all the patches currently in this branch.

Installation

Multi-project Support

First designate one environment to be the master environment. This will manage single sign on, and hold the central roles and permissions. This is also commonly the aggregate Trac if you are using the data subscription system, but it doesn't need to be.

On the master environment configuration file TracIni, activate these components in the section named [components]:

[components]
tracforge.* = enabled
tracforge.linker.* = disabled
tracforge.linker.auth.tracforgecookiemunger = enabled
tracforge.subscriptions.* = disabled

On each client environment activate these:

trac.web.auth.loginmodule = disabled
tracforge.admin.perm.* = enabled
tracforge.linker.* = enabled
tracforge.perms.* = enabled

Note: The last module was not previously listed for clients, please make sure to add it when upgrading to a newer version of TracForge.

Note: If you are using AccountManager, make sure it is disabled in all clients.

In the master be sure you set base_url. You will also need some kind of authentication setup on the master, either the default HTTP auth system or the AccountManagerPlugin are popular choices (I recommend the latter).

For all environments set this in [trac]:

[trac]
permission_store = TracForgePermissionModule

and add this in [tracforge]:

[tracforge]
master_path = /path/to/master/env

That should be all the configuration changes you need. If you want to use the data subscription system, just enable tracforge.subscriptions.* on all environments.

To setup the TracForge system, go into WebAdmin on the master, and there should be a TracForge Project Admin screen. In there add each of your projects. For now TracForge cannot actually create the projects, so make them the normal way and then just enter them into TracForge (see above about prototypes). Once that is done, you should be able to add central roles and permissions. Permissions work exactly the same way as normal, with the central ones combined with the per-project permissions. Roles show up as groups, so you can do something, like give the group "member" the permission WIKI_MODIFY, and then add some users as members to a project. The "*" project on the roles screen means that the user will have the given role on all projects, which is very handy for configuring global admin accounts.

Project Index

TracForge now can handle displaying the project index, and dispatching to subordinate environments, in a similar fashion to a TRAC_ENV_PARENT_DIR setup. To use this you just need to setup the master environment normally, but do not setup anything in the webserver for the TRAC_ENV_PARENT_DIR. One advantage this has over the built-in system is that it can control access using Trac permissions, specifically PROJECT_VIEW. This check is done against the project they are trying to access, not the master. The project index will also be filtered so they can only see projects they can access.

Data Subscription

There isn't much configuration to the subscription system. It should autodetect all sibling environments, ie environments sharing the same enclosing folder, and let you add subscriptions from one environment to another. Changesets work very well, and tickets are mostly working, though there is no support for attachments yet.

Permissions Management

The TracForgePlugin adds a "global" permissions system on top of per-project permissions, and also provides some extra permission flags.

The global permissions system works in exactly the same way as the per-project permissions system: you can create groups and map groups and users to any of the usual Trac permissions. Any permissions you set at this level will be available to all projects as though you set that permission in every single project.

You need to be careful with the global permissions though, because you can't "negate" a permission. If you grant, say, WIKI_VIEW to anonymous in the Tracforge permissions, then everyone will be able to view all your wikis, and there's nothing you can do in each client project to stop that. It's probably best to stick to granting permissions to certain really-global groups.

Tracforge provides 3 new permission flags:

TRACFORGE_ADMIN (Master only) Access the Tracforge !admin pages, to set global permissions and create new projects.
TRACFORGE_CREATE (Master only) Create new Trac projects; it's not actually used anywhere though, but since project creation is broken anyway, it is unlikely to cause harm either.
PROJECT_VIEW (All projects) The project is visible in the "Project Index" list available from the 'Projects' link in the title bar.

Example

To add projects, create a prototype containing only DoNothing. You still need to make the Trac environment and other things using trac-admin for now.

To create your prototype, once you've installed TracForge, do the following:

  1. Go to the "Project Prototypes" panel of your master project's TracForge admin panels.
  2. Click "New Prototype".
  3. Click the X button on the resulting MakeTracEnvironment box.
  4. Select DoNothing from the popup menu.
  5. Click the "+" button in the resulting "DoNothing box".
  6. Fill in the name of your prototype (e.g "add existing project") in the "Name" field.
  7. Click "Save".

Note: The "Project Prototypes" admin panel requires JavaScript

MySQL support is not planned yet.

Recent Changes

15303 by rjollos on 2016-02-15 01:07:25
Encode path_info as utf-8

Patch by jun66j5. Fixes #11388.

3650 by coderanger on 2008-05-10 11:21:50
Minor addition to reduce admin confusion.
3649 by coderanger on 2008-05-10 10:56:36
Much upgraded dispatch system.
(more)

Author/Contributors

Author: coderanger
Maintainer: none (needsadoption)
Contributors:

Last modified 8 months ago Last modified on Nov 18, 2015, 12:41:56 PM