Phabricator projects should not have their visibility policy altered. I when I have time I will look into how difficult it would be to simply hide the policy controls for projects, forcing them to always be set to 'public'
|Resolved||mmodell||T120903 investigate hiding the policy controls for phabricator projects.|
|Resolved||mmodell||T120013 Next Phabricator Upgrade - 2016-02-18|
|Resolved||mmodell||T122556 Figure out what upstream "Can Edit Task Policies" policy deprecation means for our Spaces/ACL setup|
|Resolved||DStrine||T123317 Report to TPG on new Phabricator Functionality|
|Resolved||csteipp||T125104 Evaluate the feasibility of phasing out the Phabricator Security extension|
|Resolved||• ksmith||T127019 Plan announcement of new major phabricator upgrade|
We should definitely be hiding the visibility policy field from everybody. I'd like to have a Maniphest-like 'Can Edit <x> Policies' application policy for Projects, and then restrict this to prevent most people from editing edit/join policies.
I do support this for the "Visible To" project policy.
When it comes to "Editable By" project policies, it's more complicated: It is used for acl* projects that Spaces rely on. Spaces are set up by administrators. Administrators set the "Editable By" policy to "admins and lead of that team" (so team leads can edit the list of project members and do not rely on admins. For example, for #acl*communityliaison_policy_admins it is set to "admins + Rach", or for #acl*fundraising_research_policy_admins it is set to "admins + atgo".