Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

BUG: Project visbility for managers #132

Open
nickbe opened this issue Aug 16, 2016 · 2 comments
Open

BUG: Project visbility for managers #132

nickbe opened this issue Aug 16, 2016 · 2 comments
Milestone

Comments

@nickbe
Copy link

nickbe commented Aug 16, 2016

I think I made some mistakes when I declared ALL managers should see all projects. I'm afraid this was nonsense. Sorry for that. This is now how it really should make sense:

  • a manager should be able to create projects - in doing so he is automatically added to the project users.
  • A manager should always VIEW and EDIT ALL issues for the projects he has access to.
  • A manager can assign other managers to project he has access to.
  • The creator of a project has to be stored as owner inside the project data.
    This assures that no manager can revoke ownership of a project from the actual creator.
  • However an admin MUST be able to change this project ownership any time.
  • So ALL admins should be able to VIEW/EDIT ALL PROJECTS with implicit control over everything
@satrun77
Copy link
Owner

This is completely different than the original roles of the project. :)

  • The manager have permission to view all projects.
  • The other requirements does not exists currently.

This needs to be discussed more as there are more than one change and it modifies a lot of the underline structure around the roles.

@nickbe
Copy link
Author

nickbe commented Aug 16, 2016

Oops. I thought this might even be quite simple to change.

  • a manager should be able to create projects - in doing so he is automatically added to the project users. Actually you don't need to do this - you could just show the projects he is assigned to AND the ones he've created

You would have to change the project create dialog here and add a new field "creator" and then save the user together with the project.

  • A manager should always VIEW and EDIT ALL issues for the projects he has access to.

Here you would need to restrict the access to all projects he's not assigned. I guess this is also a matter of changing the database query (at least I hope so)

  • A manager can assign other managers to project he has access to.

New database field creator and several query changes I guess :) AND a new rule that prevents managers from revoking access from a projects creator.

  • However an admin MUST be able to change this project ownership any time. So ALL admins should be able to VIEW/EDIT ALL PROJECTS with implicit control over everything

These are the same rules as for the managers now I guess...

I thought all this through over and over again now. I think this would be a good way. The admin grants you manager access. Now you can create and manage your own projects without someone kicking you out of some project you yourself have created. Still you only see and manage projects that you are assigned to. I think this is also essential. I noticed this problem here now. 2 managers, but each with his own set of projects, some overlapping but some not.

This way you can really decide who fiddles with your project.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants