Charts and Security

[David Miller]

Gervase Markham wrote:

> There are currently two proposed solutions:

Actually 3, I proposed the third one on one of the other two bugs, I 
forget which...

> 1) Add group controls to the charts
> 2) Use a single "magic name" group (like timetracking) to control access 
> to the lot

3) Don't do any migration of old data from the old chart system, and 
leave it all in the old chart system for now.  Remove the code which 
adds a new series when creating a new product.  Perhaps only migrate the 
"-All-" data to use as a sample series.  Then we leave the old chart 
system in place for now instead of getting rid of it.

This leaves the existing security from the old chart system still 
protecting that data, and allows new charts to be public, and lets the 
admin create what they want.  Just need to make sure that the "make this 
available to others" box that the admin sees explains that it's *really* 
public.  At that point, the admin can probably choose what they think is 
safe to make public, or name things in such a way that it doesn't expose 
anything other than statistics.

At a later date, when we're preparing to remove the old chart system, we 
can offer a standalone migration script for people to use to pull the 
data from the old chart system, and/or offer to invoke it (but not force 
them to) from checksetup.pl at that time.

-- 
Dave Miller      Project Leader, Bugzilla Bug Tracking System
http://www.justdave.net/             http://www.bugzilla.org/