Page MenuHomePhabricator

How to make projects secure?
Closed, DuplicatePublic

Description

I want to customize the default "visible to" and "editable by" fields for every project. The idea is different business functions should not be able to see tasks and bugs of each other.

The only way I have seen so far is (and I may be wrong) to edit the "visible to" and "editable by" fields during creating a bug. Can I change this behaviour somehow?

Also, I need a default CC list for every project. How do I get this done?

Thanks in advance.

Event Timeline

AdityaGoel raised the priority of this task from to Normal.
AdityaGoel updated the task description. (Show Details)
AdityaGoel added projects: Maniphest, Projects.
AdityaGoel added a subscriber: AdityaGoel.

The way my install handles this is by composing task creation URL's which set a lot of the fields. Then we throw this onto a panel in the default dashboard.

So we have a link like "File Product Bug" which opens up a ticket template, prepopulates CC's, projects, and even a message template. We don't do any visibility settings, so I'm not sure if those can be set via get params, but if they are this might be an easy way for you to go.

sshannin, thanks for your reply. I guess that can work. But is there a more scalable way to do this?

Since there are no sub-projects, I have to create a project for every business function times the running projects and to set up a home screen in such a way might take me a long long time.

Phabricator does not do a very good job of this right now, and all approaches involve a lot of manual work.

We plan to build a feature (called "Spaces", described in T3820) which will let you create silos that can separate clients from staff or enemy teams within a company. Until we build that feature, there isn't a good approach available.

The way my install handles this is by composing task creation URL's which set a lot of the fields. Then we throw this onto a panel in the default dashboard.

So we have a link like "File Product Bug" which opens up a ticket template, prepopulates CC's, projects, and even a message template. We don't do any visibility settings, so I'm not sure if those can be set via get params, but if they are this might be an easy way for you to go.

Thanks @sshannin I now understand your comment. One question though where do I find the get parameters and how do I provide value for them?

You can just put the names in the URL, just field_name=value pairs. For example, here's a simplified template we use for tasks to apply changes to the production DB:

/maniphest/task/create/?title=run sql - XXXXXX&priority=50&assign=seth&projects=ops_tasks&description={rSQL%23%23%23%23}%0A%0A%0AStatus%3A%0A[] applied to live%0A[] applied to backup%0A%0A----%0ATables%2Fschemas to backup before applying%3A%0A- table1%0A- table2%0A%0AServices to bounce%3A%0A- app1%0A- app2

Got it, thanks a lot.