Flyspray - The bug killer!

  • Status Unconfirmed
  • Percent Complete
    0%
  • Task Type Feature Request
  • Category Backend/Core
  • Assigned To No-one
  • Operating System All
  • Severity Low
  • Priority Very Low
  • Reported Version 1.0-rc
  • Due in Version Undecided
  • Due Date Undecided
  • Votes
  • Private
Attached to Project: Flyspray - The bug killer!
Opened by DMXControl - 15.01.2017

FS#2327 - visibility-option for private tasks

We have some private Tasks in our FS-bugtracker to hide them from normal reporters. But we also have some external beta-testers in a betatesters-group and they should be able to see (and check) the private tasks without giving them a project manager status. So it would be good, if there is a switch in the group option to give specific groups the right to see private tasks.

Project Manager
peterdd commented on 15.01.2017 19:38

Mmh, could be implemented with a new field 'view_private_tasks' in dbtable {groups}
for instance.

<field name="view_private_tasks" type="I" size="1">
      <NOTNULL/>
      <DEFAULT value="0"/>
</field>

What are the permissions of your betatesters for such private tasks? Only view that private task? Shall they be able to view all properties of such private task or only a subset compared to project manager/admin groups?

There are some related tasks yet: FS#1753, FS#2135

DMXControl commented on 16.01.2017 21:56

Yes, only view the private tasks without any posibility to edit them. We trust the testers, so for us there is no need to limit the private tasks to a subset of properties. But maybe some other users do need this restrictions. So a quick solution could be your suggestion and add some additional restriction possibilities later, when implementing FS#1753 and / or FS#2135

Project Manager
peterdd commented on 17.01.2017 01:22

Currently the 'tasks.mark_private' field =1 means, that only following users can view that hidden task:

  • the user who created the task (tasks.opened_by)
  • admin groups (groups.is_admin)
  • project manager groups within the project of the task (groups.manage_project)
  • assigned users to that task (assigned.user_id)

If we extent the audience of a hidden task to also groups.view_private_summary or groups.view_private_description , I feel we need at least one mark_private possible value:

mark_private=2

The field for mark_private is integer, so no problem and it is easy to adapt the SQL queries to the new feature.

For example

WHERE mark_private=1

could be changed to

WHERE mark_private >0

or

WHERE (mark_private=1 OR mark_private=2) 

And there should be no performance loss.

Having this 2 level of restricting on task level , existing private task do not get immediatly visible to users who had no right to view that existing task.

And you get a different level of decision.

For your example, there could be tasks that you want be visible for your Beta Testers (mark_private=2), but it is still possible to have hidden task that are only accessible for internal staff (mark_private=1).

All in the same project.

What is further needed to change in php sources and templates:

  • UI for choosing the level of 'hiding'. Currently just a 1/0 toogle (looks like a link.) This would change to a 3 html grouped radio buttons (0 default, 1 private, 2 semiprivate)
  • group permission setting pages (global and project level) must be modified for groups.view_private_summary, groups.view_private_description fields and some explanations (tooltips)
  • also add groups.view_summary and groups.view_description fields for related FS#1753
  • also add projects.others_view_summary and projects.others_view_description for related FS#1753
  • tasklist field 'private' currently shows YES/NO. This could change to 1= a fontawesome lock icon, 2= a fontawesome 'half lock' or a keyhole maybe??? ideas?
  • Filter for the advanced search (only admin and project manager groups): all(ignore), only restricted(1), only semirestricted(2), only unrestricted(2)
  • queries for project overview page
  • queries for roadmap page
  • queries for activity graphs?
  • enable mass change of mark_private values 1 to 2 for all hidden tasks (for your Beta Testers for example). (but could be done easily in SQL or phpmyadmin)
  • calculated permission update on myprofile page
  • .. to be continued...

Loading...

Available keyboard shortcuts

Tasklist

Task Details

Task Editing