Page MenuHomePhabricator
Create Task
Maniphest T676

need to figure out how to match up existing rt perms for queues w/ a custom policy for projects in phab
Closed, ResolvedPublic
Actions

Description

This will include creating groups for RT permissions groupings, etc.

Related Objects

Event Timeline

chasemp created this task.Oct 16 2014, 8:24 PM
chasemp assigned this task to Dzahn.
chasemp raised the priority of this task from to Needs Triage.
chasemp updated the task description. (Show Details)
chasemp added projects: acl*sre-team, RT-Migration.
chasemp changed Security from none to None.
chasemp updated the task description. (Show Details)
chasemp subscribed.
Qgil subscribed.Oct 17 2014, 5:24 AM
Byfserag triaged this task as Low priority.Oct 17 2014, 11:17 AM
Byfserag subscribed.
Dzahn added a comment.Oct 25 2014, 12:29 AM

i think we need these groups:

general public
vendor contact
engineering member (includes OIT)
ops member
legal

Dzahn added a comment.Oct 25 2014, 12:33 AM

also see here for existing groups:

https://wikitech.wikimedia.org/wiki/RT#Which_groups_do_we_have.3F

we may have to add one for the dc-tech but i don't think we need to separate per dc

maybe one for managers (this was used to override permissions on access requests to be able to ACK things)

i think "purchasing" can be merged into ops, but if in doubt check with robh

account - i don't think it's used anymore

volunteers - yea, well, this could also be merged into engineering, or we can call it "NDA" like the LDAP group, given that we give NDAed volunteers the same we give to any paid engineer

Dzahn added a comment.Oct 25 2014, 12:40 AM

all queues are listed here:

https://wikitech.wikimedia.org/wiki/RT#Which_queues_do_we_have_and_what_are_they_used_for.3F

i'll go through them and add who i think should have access to them:

access-requests - ops, manager of the person requesting access (needs to be possible to add custom people as cc)
core ops - ops, engineering, nda-volunteers
domains - ops, legal, nda-volunteers
eqiad - ops, dc-tech
esams - ops, dc-tech
hw-decommission - ops, dc-tech
legal - ops, legal
maint-announce - ops, dc-tech, nda-volunteers
network - ops
office - ops, oit, nda-volunteers
ops-requests - all
pmtpa - ops, dc-tech
procurement - ops, finance
security-announce - ops, security (queue looks deleted/closed)
todo - this has been deleted, can be ignored
ulsfo - ops, dc-tech
codfw - ops, dc-tech

mark subscribed.Oct 27 2014, 6:23 PM
Dzahn removed Dzahn as the assignee of this task.Oct 29 2014, 10:30 PM
Dzahn subscribed.
Qgil added a project: WMF-NDA.Dec 18 2014, 9:39 AM

If I understood correctly, at the end all permissions were put at the same level under WMF-NDA, right?

chasemp closed this task as Resolved.Dec 18 2014, 7:36 PM
chasemp claimed this task.

Yes we decided that since procurement etc were excluded folding it all into one WMF-NDA group was the most sane.

Aklapper mentioned this in T272476: "New WMF-NDA Task" form does not allow subscribers to access the task.Jan 21 2021, 9:34 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL