Create phabricator space for tickets with legal restrictions
Open, Needs TriagePublic


It is not infrequent that we have to hold on to some data due to legal purposes (a legal hold), there are tasks (and in some cases coding) that is associated with this type of work.

Normally the purpose of the hold is confidential and in order to be able to manage such a tasks we will benefit from a "space" in phabricator similar to the one we use for hardware requests restricted just to ops/analytics and legal.

Could one of the admins create such a space for us?


Nuria created this task.Thu, Aug 31, 1:58 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptThu, Aug 31, 1:58 PM
Nuria assigned this task to Aklapper.Thu, Aug 31, 1:59 PM
Nuria removed a project: Analytics-Kanban.
Nuria moved this task from Incoming to Radar on the Analytics board.Thu, Aug 31, 3:59 PM
Aklapper removed Aklapper as the assignee of this task.Mon, Sep 4, 12:08 PM
Aklapper added a project: Phabricator.

See for required information, e.g. who exactly to be able to access such tickets. Putting such tickets under WMF-NDA is not already sufficient?

Nuria added a comment.Wed, Sep 6, 6:20 PM

NDA holders is quite a different set of permits. It is mostly geared towards research collaborators access to data so actually, there are quite a bit of external parties that have access to data that should not have access to issues of legal nature (like data retained due to a lawsuit). Makes sense?

The argumentation makes sense I guess, I'm just not sure if it's technically possible what you have in mind. :)

similar to the one we use for hardware requests restricted just to ops/analytics and legal.

Do you refer to S4 or S6 here? We have #acl*operations-team and #acl*procurement-review projects for access control in place, but I'm not aware of ACL projects for Legal or Analytics. Yet. And who should be members of these projects and "decide" on and maintain membership in them.

Also, please see the link in T174675#3577182 for required information (name of the Spaces, who can access the Space, etc.)

Nuria added a comment.Wed, Sep 6, 7:20 PM

I guess I was thinking of s4 as it is the only other space i see when I go to:, I am not sure what ACL here refers to, I imagine is this:, thus the new space should include ops engineers and analytics engineers. Seems like we would need to create a new "acl-analytics group for that" also some members of legal team like @ZhouZ

mmodell added a subscriber: mmodell.Wed, Sep 6, 7:50 PM

Ideally we'd designate one or two people who will decide on the membership of the acl group. Then we delegate control to them so that phabricator admins don't have to intervene every time there is a change to the list of people who can access the space.

So if I get it right:

  • Create some #acl* project for Analytics folks (only used for access control and not for any tasks)
  • Add one or two Analytics folks (who?) to that #acl* project and let them add more people if needed
  • Set up a Space (TODO: please provide a name and description) that can accessed by members of both #acl*operations-team and that #acl* analytics project only
ZhouZ added a subscriber: LMixter.Thu, Sep 14, 9:56 PM

Thanks also Legal might also want to create a separate Legal space in addition to the one with Analytics folks