This will include creating groups for RT permissions groupings, etc.
Description
Related Objects
Event Timeline
i think we need these groups:
general public
vendor contact
engineering member (includes OIT)
ops member
legal
also see here for existing groups:
https://wikitech.wikimedia.org/wiki/RT#Which_groups_do_we_have.3F
we may have to add one for the dc-tech but i don't think we need to separate per dc
maybe one for managers (this was used to override permissions on access requests to be able to ACK things)
i think "purchasing" can be merged into ops, but if in doubt check with robh
account - i don't think it's used anymore
volunteers - yea, well, this could also be merged into engineering, or we can call it "NDA" like the LDAP group, given that we give NDAed volunteers the same we give to any paid engineer
all queues are listed here:
https://wikitech.wikimedia.org/wiki/RT#Which_queues_do_we_have_and_what_are_they_used_for.3F
i'll go through them and add who i think should have access to them:
access-requests - ops, manager of the person requesting access (needs to be possible to add custom people as cc)
core ops - ops, engineering, nda-volunteers
domains - ops, legal, nda-volunteers
eqiad - ops, dc-tech
esams - ops, dc-tech
hw-decommission - ops, dc-tech
legal - ops, legal
maint-announce - ops, dc-tech, nda-volunteers
network - ops
office - ops, oit, nda-volunteers
ops-requests - all
pmtpa - ops, dc-tech
procurement - ops, finance
security-announce - ops, security (queue looks deleted/closed)
todo - this has been deleted, can be ignored
ulsfo - ops, dc-tech
codfw - ops, dc-tech
If I understood correctly, at the end all permissions were put at the same level under WMF-NDA, right?
Yes we decided that since procurement etc were excluded folding it all into one WMF-NDA group was the most sane.