Read-only mode #57
Read-only mode #57
Conversation
max-moser
force-pushed
the
mm/read-only-mode
branch
from
6643c69 to
a9ff5e7
Compare
|
I haven't added any tests here because the write operations for users and groups per API aren't implemented yet. |
| """Permission policy for users and user groups.""" | ||
|
|
||
| can_create = [SystemProcess()] | ||
| can_create = [SystemProcess(), DisableIfReadOnly()] |
There was a problem hiding this comment.
could you describe what does it solve ? not sure I understand the use case.
There was a problem hiding this comment.
The primary use case for the read-only mode is to make it easier for migrating InvenioRDM instances to new VMs without losing write operations.
We already have a slightly simpler version of this hacked into our own TUW modules.
For example, for us it came in handy when we were migrating our instance from the test environment VM to the production VM:
We set the old instance in RO mode, cloned it to the new VM (DB & files), and started running the new instance (not in RO mode).
After that, we just needed to change the DNS entry to point to the new VM rather than the old one, and we were done.
Given that write operations were prohibited in RO mode, we are very certain that there were no lost writes during the migration.
Unfortunately, this is only true for write operations that go through a service layer with these PRs and doesn't cover e.g. user profile edits.
|
Coordination: Moving this to To Review and adding same people (@utnapischtim , @ppanero and @ntarocco . If someone else would be better suited to look at it, let us know!) as other related PR to help unblock things |
|
I guess you will require something similar also in communities, requests, rdm-records, draft-resources, etc.. :) |
|
closed, because of not more necessary |
6 participants
Requires inveniosoftware/invenio-records-permissions#86