- Desired name- AHT-Private
- Description - Private Space for Security-restricted tasks for AHT team's upcoming projects (such as CheckUser)
- Explanation of why there are repeatedly tasks in your project which should only be accessible by a defined group of people - AHT team often delves in tasks that involve discussing security vulnerabilities and mitigations. In the case of CheckUser this will involve sharing screenshots of CU as we test and iterate on our work. In both of these examples, it is desirable that only team members are able to access these tickets so we don't risk exposing anything publicly that we shouldn't.
- The group lead (responsible for adding and removing people with access) - @Niharika
- A list of all Phabricator usernames should be able to access objects in that project:
- Regarding this Space (a Space is not a project and hence a Space itself does not have a workboard):
- For access control, created #acl*AHT-Private_policy_admins. This defines access to tasks in the Space.
- Created the private Space S18 ("AHT-Private"). Its View and Edit policy is intentionally set to #acl*AHT-Private_policy_admins and should not be changed.
- @Niharika can add/remove users (who can create and access tasks in S18) via editing the members of #acl*AHT-Private_policy_admins. I have added the names provided above. Also note that Phabricator admins could also add themselves (this is a fallback for when a team lead has left; we had that situation); if you watched the #acl*AHT-Private_policy_admins project you would get a notification about such an action.
- Please do see Displaying and using a Space for more information. To create private tasks, use this task creation form: You must set Visible To: Space S18: AHT-Private to create private tasks only accessible to members of S18 and nobody else, before pressing the Create New Task button.
- Documented the creation of S18 on https://www.mediawiki.org/wiki/Phabricator/Spaces
If wanted, I could create a Herald rule ("If Space is set to S18, then add project tag #XYZ"), so tasks would end up on the workboard of project #XYZ even if you forgot to add the project and only set the Space. Obviously that does not make sense if your team plans to deal with more than one project in that Space.
(Note to myself: As members of Policy-Admins are allowed to access https://phabricator.wikimedia.org/maniphest/task/edit/form/3/ and as #acl*AHT-Private_policy_admins is a subproject of Policy-Admins, everyone listed above should be able to access that form.)