From f22ffc681bdf8d6b7992fd4067f55125224f0f7a Mon Sep 17 00:00:00 2001 From: Jesse Vickery Date: Mon, 19 Jan 2026 12:27:36 +0000 Subject: [PATCH 1/4] feat(logic): read only mode; - Site read only mode. --- ckan/authz.py | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/ckan/authz.py b/ckan/authz.py index fdb18494e3f..6cc941635dc 100644 --- a/ckan/authz.py +++ b/ckan/authz.py @@ -225,6 +225,13 @@ def is_authorized(action: str, context: Context, if not getattr(auth_function, 'auth_sysadmins_check', False): return {'success': True} + # (canada fork only): site read only mode + # TODO: upstream contrib!!! + if config.get('ckan.site_read_only', False): + if getattr(p.toolkit.get_action(action), 'side_effect_free', False): + return {'success': False, + 'msg': _('Site is in read only mode')} + # If the auth function is flagged as not allowing anonymous access, # and an existing user object is not provided in the context, deny # access straight away From 5cd9a19838e7b4b859bf56778a94aeecfb016b4f Mon Sep 17 00:00:00 2001 From: Jesse Vickery Date: Mon, 19 Jan 2026 12:31:29 +0000 Subject: [PATCH 2/4] feat(misc): changelog; - Added change log file. --- changes/219.canada.feature | 1 + 1 file changed, 1 insertion(+) create mode 100644 changes/219.canada.feature diff --git a/changes/219.canada.feature b/changes/219.canada.feature new file mode 100644 index 00000000000..bb5379daedd --- /dev/null +++ b/changes/219.canada.feature @@ -0,0 +1 @@ +Added a `ckan.site_read_only` config option which disables `_create`, `_update`, `_patch`, and `_delete` actions for non-sysadmin users. \ No newline at end of file From 3bc9351fe57b67a11434be50d3dc092315e8a9c5 Mon Sep 17 00:00:00 2001 From: Jesse Vickery Date: Mon, 19 Jan 2026 20:09:59 +0000 Subject: [PATCH 3/4] feat(misc): changelog; - Added change log file. --- ckan/authz.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ckan/authz.py b/ckan/authz.py index 6cc941635dc..cea2c4b5575 100644 --- a/ckan/authz.py +++ b/ckan/authz.py @@ -228,7 +228,7 @@ def is_authorized(action: str, context: Context, # (canada fork only): site read only mode # TODO: upstream contrib!!! if config.get('ckan.site_read_only', False): - if getattr(p.toolkit.get_action(action), 'side_effect_free', False): + if not getattr(p.toolkit.get_action(action), 'side_effect_free', False): return {'success': False, 'msg': _('Site is in read only mode')} From b83f28a9eca9f608240706b9172aa2403a4be297 Mon Sep 17 00:00:00 2001 From: Jesse Vickery <97247789+JVickery-TBS@users.noreply.github.com> Date: Mon, 26 Jan 2026 09:46:58 -0500 Subject: [PATCH 4/4] Update changes/219.canada.feature Co-authored-by: Ian Ward --- changes/219.canada.feature | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/changes/219.canada.feature b/changes/219.canada.feature index bb5379daedd..1fad4a3b3a1 100644 --- a/changes/219.canada.feature +++ b/changes/219.canada.feature @@ -1 +1,5 @@ -Added a `ckan.site_read_only` config option which disables `_create`, `_update`, `_patch`, and `_delete` actions for non-sysadmin users. \ No newline at end of file +Added a `ckan.site_read_only` config option which disables actions causing side effects, +such as `*_create`, `*_update`, and `*_delete`, for non-sysadmin users. + +This setting does not prevent updates to the database from sysadmin users or updates +that skip the action API, such as collecting page view tracking data. \ No newline at end of file