Page MenuHomePhabricator
Create Task
Maniphest T6183

Allow any user to watch projects
Closed, ResolvedPublic
Actions

Description

Currently only members of a project can watch it. However, users not part of a team or a project may want to follow them closely. In fact, the lack o this feature for them causes them to join projects just for this reason, distorting the picture of who is actually an active member of these projects.

Revisions and Commits

rP Phabricator
D15063rP5c2e49a81223 Allow any user to watch any project they can see

Related Objects
Search...

Event Timeline

qgil created this task.Sep 25 2014, 11:19 AM
qgil raised the priority of this task from to Needs Triage.
qgil updated the task description. (Show Details)
qgil added a project: Projects.
qgil added a subscriber: qgil.
cburroughs added a subscriber: cburroughs.Sep 25 2014, 1:03 PM
epriestley added a subscriber: epriestley.Sep 25 2014, 1:16 PM

The concern here is users watching or subscribing to projects (like "Security") which they may have permission to see, but not to join. In particular, we are likely to allow subscribers to punch through policies in the future (T4411), which probably means project subscribers should get the same exception. It's very bad if anyone can subscribe to any project, and subscribing to a project means you can see anything the project is subscribed to.

A more correct way to implement the policy exception is to provide it only for project members, but that adds a level of complexity to the ruleset, where sometimes "being subscribed" matters and other times "being a member" matters.

A general future concern is that if you create, say, a Conpherence and invite some project (after T5364), we should only be inviting members, but then subscribe/watch sometimes work and sometimes don't.

I think there's no clear way forward here yet. The current ruleset give us the most flexibility going forward, and we could relax who is allowed to subscribe or watch later. It's harder to put the genie back in the bottle.

qgil added a comment.Sep 25 2014, 1:44 PM

Ok, technical problem understood.

/me goes to write basic Herald documentation for new Wikimedia Phabricator users. :)

chad triaged this task as Wishlist priority.Oct 7 2014, 10:41 PM
epriestley mentioned this in T6113: Unclear difference between "Watch Project" and "Subscribe".Nov 12 2014, 2:58 AM
qgil added a project: Wikimedia.Dec 18 2014, 2:47 PM

As anticipated, there is notable community demand for this feature in Wikimedia : https://phabricator.wikimedia.org/T77228

In fact, the strong community demand is to identify members of projects as "members", and sometimes assign policies to these members. In installations like this one there is less need for this, because there is only one team of maintainers, and whenever an object needs to be restricted, it is probably the same team who gets included in the policy. In our cases we have dozens of teams, each controlling different things. There is also a bigger need to know who is really member of a project, who should I CC when my task is languishing, or when we need an opinion from project X? Here in case of doubt you add three users and you are done.

But... of course, if the price of restricting Can Join to the actual members of the team implies losing watchers from other teams and the community at large... That is an expensive price to pay. You want eyes watching your open source project, as many as possible. Sure, they can create Herald rules, but it is clear that only a portion of users willing to click "Watch" will go down the route of knowing what is Herald and how to create a personal rule.

If the main problem of watchers is receiving notifications that you shouldn't receive, then how complex would it be to implement a policy check before sending the notification?

PS: in order to make the discussion a bit simpler, let's focus on watchers only.

qgil renamed this task from Allow any user to subscribe or watch projects to Allow any user to watch projects.Dec 18 2014, 2:47 PM
qgil updated the task description. (Show Details)
epriestley added a subtask: T4411: Adding a CC to a Maniphest Task should give View rights for that user.Dec 18 2014, 2:51 PM
Krenair added a subscriber: Krenair.Dec 25 2014, 10:47 PM
Krenair added a comment.EditedFeb 19 2015, 5:48 PM

Creating restricted-join projects (or perhaps duplicate projects so one can be used for ACL, and the other for grouping objects) on Wikimedia will have to get a lot harder unless this can be fixed.

jdloft added a subscriber: jdloft.Mar 11 2015, 2:17 AM
epriestley mentioned this in T7566: Implement "Rooms" in Conpherence.Mar 17 2015, 9:40 PM
qgil added a comment.Apr 11 2015, 7:21 PM

Would you be able to give a rough estimate for paid prioritization of this task?

AMonk moved this task from Backlog to Important on the Wikimedia board.Apr 11 2015, 7:43 PM
epriestley mentioned this in T7703: Policy checks may execute incompletely for non-viewers.Apr 11 2015, 8:19 PM

Looking at this again, it's actually less problematic to change than I originally believed.

It would mean that "watching" a project notifies you about only some objects (those objects you could otherwise already see). I think this is reasonable and will almost always align with user expectation, but it may occasionally cause some confusion.

We should possibly consider merging the concepts of "subscribing" (being notified of updates to the project itself) and "watching" (being notified of updates to things that are associated with the project) but these concepts still feel distinct-enough to keep separate, and there will probably be more reason to separate them in the future (i.e., projects are likely to acquire more types of updates in the future, not fewer).

It's possible that I'm missing something, but I think we have enough clarity around likely future policy changes in T4411 and T6367 to implement this safely without needing to backtrack later. Other product ideas (like how Conpherence rooms work) have also stabilized.

That said, we definitely should fix T7703 before this. This is 1-2 hours of work after T7703 is resolved.

epriestley edited subtasks, added: T7703: Policy checks may execute incompletely for non-viewers; removed: T4411: Adding a CC to a Maniphest Task should give View rights for that user.Apr 11 2015, 8:20 PM
devurandom added a subscriber: devurandom.Apr 13 2015, 7:49 PM
epriestley mentioned this in T6526: Implement "Badges" or "Medals", for annotating special users.Apr 14 2015, 7:21 PM
joshuaspence added a subscriber: joshuaspence.Apr 25 2015, 11:54 AM
eadler added a subscriber: eadler.May 2 2015, 5:21 PM
epriestley mentioned this in D13104: Add support for "Extended Policies".Jun 1 2015, 9:55 PM
epriestley added a parent task: T6113: Unclear difference between "Watch Project" and "Subscribe".Aug 11 2015, 3:34 PM
epriestley merged a task: T9447: Allow to watch projects without membership.Sep 19 2015, 3:59 PM
epriestley added a subscriber: Luke081515.2.
chad mentioned this in T10089: Unsubscribing from a Project seems to have no effect.Jan 6 2016, 1:27 AM
epriestley added a revision: D15063: Allow any user to watch any project they can see.Jan 20 2016, 1:55 AM
epriestley added a commit: rP5c2e49a81223: Allow any user to watch any project they can see.Jan 20 2016, 3:38 AM
Herald added a subscriber: revi. · View Herald TranscriptJan 20 2016, 3:38 AM
epriestley closed this task as Resolved.Jan 20 2016, 3:54 AM
epriestley claimed this task.

This is now resolved, and you no longer need to be a member of a project to watch it. T10180 has additional guidance about this and related changes.

urzds added a subscriber: urzds.Jul 12 2017, 11:15 AM
epriestley closed subtask T7703: Policy checks may execute incompletely for non-viewers as Resolved.May 3 2019, 4:53 AM
Herald added a subscriber: amckinley. · View Herald TranscriptMay 3 2019, 4:53 AM
Phabricator · Built by Phacility