capabilities of forthcoming group changes

Rob Browning rlb at defaultvalue.org
Mon Jun 30 15:51:51 UTC 2003 

I've read that the development version is altering the way groups work
to be more flexible and to support larger numbers of groups, and so I
was wondering if the new arrangement might allow an arrangement that
would:

  - prevent the creation of public bug report for some (perhaps all)
    products by either all users (or perhaps just users in some
    groups).

  - prevent some users (or perhaps users in some groups) from being
    able to alter the group assignments of a bug report.

  - prevent some users from seeing the bugs filed by other users (this
    is already supported, but see the particular context below).

The overall purpose would be to accommodate a situation where there are
several organizations submitting bugs with respect to a given product.
These organizations should be allowed to create and manipulate their
own bugs, but they should not be allowed to see, or manipulate bugs
filed by other organizations.

Right now (in 2.16.3) you can get something like this by turning on
usebuggroups and usebuggroupsentry and then creating a generic group
for each organization.  Then each member of an organization can be
placed in their organization group, and in the product group for each
of the products for which they're allowed to submit bugs.

Ideally, when a member of an organization submits a bug, the
appropriate two product and organization groups should be checked.
However in 2.16.3, you can't enforce those group assignments at bug
creation time and even if you could, members of the organization can
always edit the group assignments later.

An alternate approach might be to just create a separate product for
each organization; so you'd have product1-org1, product1-org2, etc.,
and each member of a given organization would only be placed in "their
product group" for a given product.  Of course this still wouldn't
prevent them from unchecking that group and making the bug public, and
it would make it harder to search for all the bugs relating to a given
product (and run reports, etc.).

In any case, I just wanted to see how what's planned (or already
implemented) might or might not be able to accommodate the scenario
above.

Thanks

-- 
Rob Browning
rlb @defaultvalue.org and @debian.org; previously @cs.utexas.edu
GPG starting 2002-11-03 = 14DD 432F AE39 534D B592  F9A0 25C8 D377 8C7E 73A4

More information about the developers mailing list