Page MenuHomePhabricator
Create Task
Maniphest T517

Still, restricting access to tasks based on project membership
Closed, DeclinedPublic
Actions

Description

T50 provides the basic security features, perhaps at a level which is good enough for the RT and Bugzilla migration. Still, let's go back to the original requirement:

It should be possible to define the default access level of all tasks within a project, and user should not be able to override them.

For instance, given a "Security" project, all tasks assigned to that project would automatically be private. Nobody should be able to create a ticket for this project publicly visible. Nobody should be able to make an existing task public, not even by mistake.

Currently you can assign a task to the Security project and it will still be public until the "Security" field is set to something different than "none".

(We could discuss whether removing the Security project should make a task public as well, but in my opinion this is just a little convenience for the Security team members, a minor feature that we can live without for now.)

For what is wort, upstream is planning to work on a definitive implementation of "Spaces", although there are no dates confirmed, or even suggested.

Related Objects
Search...

View Standalone Graph
This task is connected to more than 200 other tasks. Only direct parents and subtasks are shown here. Use View Standalone Graph to show more of the graph.
StatusSubtypeAssignedTask
· · ·
Resolved mmodellT50 Restricting access to tasks based on project membership
ResolvedQgilT823 Implement Phabricator Spaces
Declined mmodellT517 Still, restricting access to tasks based on project membership
ResolvedQgilT76401 Short term plan for security and private tasks
· · ·

Event Timeline

Qgil created this task.Sep 30 2014, 9:27 PM
Qgil assigned this task to mmodell.
Qgil raised the priority of this task from to Medium.
Qgil updated the task description. (Show Details)
Qgil added projects: Phabricator, acl*security.
Qgil changed Security from none to None.
Qgil added subscribers: Qgil, mmodell.
mmodell added a comment.Oct 2 2014, 4:46 AM

qgil: we changed to using the security field because projects are less discoverable and possibly violate https://en.wikipedia.org/wiki/Principle_of_least_astonishment

Qgil added a comment.Oct 2 2014, 5:19 AM

Yes, I'm not against the Security field. I'm just proposing that Security field status and project membership must be always aligned:

  • if the Security field is "none", then the Project field cannot include any private project
  • if the Security field is not "none", then the Project field must include the corresponding private project(s)

This is how Bugzilla and RT operate today, right? This is also consistent and safer from a project point of view, i.e. all the tasks listed under Security will always be private.

Qgil moved this task from To Triage to Need discussion on the Phabricator board.Oct 2 2014, 1:50 PM
mmodell raised the priority of this task from Medium to High.Oct 14 2014, 12:01 AM
Qgil edited projects, added Project-Management; removed Phabricator.Oct 22 2014, 10:29 PM
Qgil mentioned this in T823: Implement Phabricator Spaces.Oct 23 2014, 5:40 AM
Qgil lowered the priority of this task from High to Medium.Nov 1 2014, 3:56 PM
Qgil updated the task description. (Show Details)Nov 13 2014, 10:28 PM
Jdforrester-WMF subscribed.Nov 20 2014, 1:27 AM
mmodell closed this task as Declined.Nov 24 2014, 3:06 AM

As discussed in IRC, we agreed that at least for now the security field controls access and the projects are to be seen as tags for organization purposes. If you add something to the security project it won't automatically add the policy. That's what the security dropdown field is for.

Qgil added a comment.Nov 24 2014, 8:22 AM

Mmmok, but I bet we will need to revisit this if we ever want to offer "private projects". In the meantime, T823: Implement Phabricator Spaces is now resolved as Stalled.

Qgil added a subtask: T76401: Short term plan for security and private tasks .Dec 1 2014, 11:26 PM
Qgil mentioned this in T76401: Short term plan for security and private tasks .Dec 2 2014, 2:17 PM
Qgil added a comment.Dec 4 2014, 12:05 PM

fyi, after further discussion I have completely abandoned the idea of this task. In the short term, must be defined by their Security setting (the dropdown). There is hope that in the mid term upstream will implement namespaces that will allow their own policies. Users with permissions to access those namespaces will not have to bother about the policies of tasks one by one, because the default policies will be defined at a namespace level.

Qgil closed subtask T76401: Short term plan for security and private tasks as Resolved.Dec 31 2014, 9:38 AM
chasemp added a project: Security.Feb 10 2020, 10:59 PM
chasemp removed a project: acl*security.Feb 20 2020, 8:18 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits