changes/219.canada.feature

-Original file line number
+Diff line change
@@ -0,0 +1,5 @@
+    Added a `ckan.site_read_only` config option which disables actions causing side effects,
+    such as `*_create`, `*_update`, and `*_delete`, for non-sysadmin users.
+    This setting does not prevent updates to the database from sysadmin users or updates
+    that skip the action API, such as collecting page view tracking data.

ckan/authz.py

-Original file line number
+Diff line change
@@ Expand Up / @@ -225,6 +225,13 @@ def is_authorized(action: str, context: Context, @@
                     if not getattr(auth_function, 'auth_sysadmins_check', False):
                         return {'success': True}
+            # (canada fork only): site read only mode
+            # TODO: upstream contrib!!!
+            if config.get('ckan.site_read_only', False):
+                if not getattr(p.toolkit.get_action(action), 'side_effect_free', False):
+                    return {'success': False,
+                            'msg': _('Site is in read only mode')}
             # If the auth function is flagged as not allowing anonymous access,
             # and an existing user object is not provided in the context, deny
             # access straight away
@@ Expand Down @@

Site Read Only Mode #219

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged

JVickery-TBS merged 4 commits into canada-v2.10 from feature/read-only-mode

Jan 26, 2026

-Original file line number
+Diff line change
@@ -0,0 +1,5 @@
+    Added a `ckan.site_read_only` config option which disables actions causing side effects,
+    such as `*_create`, `*_update`, and `*_delete`, for non-sysadmin users.
+    This setting does not prevent updates to the database from sysadmin users or updates
+    that skip the action API, such as collecting page view tracking data.

-Original file line number
+Diff line change
@@ Expand Up / @@ -225,6 +225,13 @@ def is_authorized(action: str, context: Context, @@
                     if not getattr(auth_function, 'auth_sysadmins_check', False):
                         return {'success': True}
+            # (canada fork only): site read only mode
+            # TODO: upstream contrib!!!
+            if config.get('ckan.site_read_only', False):
+                if not getattr(p.toolkit.get_action(action), 'side_effect_free', False):
+                    return {'success': False,
+                            'msg': _('Site is in read only mode')}
             # If the auth function is flagged as not allowing anonymous access,
             # and an existing user object is not provided in the context, deny
             # access straight away
@@ Expand Down @@

Provide feedback