Moving our procurement process into phabricator requires a few things. This task will outline the proposed workflow for a procurement task, and the relevant security settings.
* User creates a #hardware-request task for the hardware.
* If hardware needs to be ordered, Rob creates a procurement request for each quote/vendor combination.
* Example: We need a new database system on task A (hardware-request). Then we create Task B in the procurement project for Dell quote, and Task C in the procurement project for HP quote.
* Rob deals with Dell on Task B, they email back with quotes and options.
* Rob deals with HP on Task C, they email back with quotes and options.
* Ops determines which specification/quote to go with, and escalation of the task begins for approvals.
* Task for approval has to be viewed by Mark, and possibly Damon or Lila for approvals. Mark tends to comment on task, where Damon and Lila will likely email their approval back into task.
* Once order is placed, the procurement task is assigned to the on-site tech to scan the packing slip.
* On-site receives in order, and resolves the task with relevant details and resolves. If there are issues, onsite notes issues and assigns back to Rob.
* Procurement project task has to be able to directly email to task Tfirstname.lastname@example.org
* Procurement project task has to be locked down by view/read/edit/everything to ONLY Wikimedia employees.
* Any email attachments into task should automatically have security settings applied to ONLY be viewable to WMF staff.
* Volunteers shouldn't interact with the tasks, so #wmf-nda is required to ensure only the ones who signed an NDA can view. Unfortunately we don't keep a staff list in phab, so NDA is the tightest we can lock it down without managing a new group.