Page MenuHomePhabricator
Create Task
Maniphest T7605

How to make projects secure?
Closed, DuplicatePublic
Actions

Description

I want to customize the default "visible to" and "editable by" fields for every project. The idea is different business functions should not be able to see tasks and bugs of each other.

The only way I have seen so far is (and I may be wrong) to edit the "visible to" and "editable by" fields during creating a bug. Can I change this behaviour somehow?

Also, I need a default CC list for every project. How do I get this done?

Thanks in advance.

Related Objects

Event Timeline

AdityaGoel created this task.Mar 17 2015, 1:57 PM
AdityaGoel raised the priority of this task from to Normal.
AdityaGoel updated the task description. (Show Details)
AdityaGoel added projects: Maniphest, Projects.
AdityaGoel added a subscriber: AdityaGoel.
sshannin added a subscriber: sshannin.Mar 17 2015, 2:06 PM

The way my install handles this is by composing task creation URL's which set a lot of the fields. Then we throw this onto a panel in the default dashboard.

So we have a link like "File Product Bug" which opens up a ticket template, prepopulates CC's, projects, and even a message template. We don't do any visibility settings, so I'm not sure if those can be set via get params, but if they are this might be an easy way for you to go.

AdityaGoel added a comment.Mar 17 2015, 2:19 PM

sshannin, thanks for your reply. I guess that can work. But is there a more scalable way to do this?

Since there are no sub-projects, I have to create a project for every business function times the running projects and to set up a home screen in such a way might take me a long long time.

epriestley added a subscriber: epriestley.Mar 17 2015, 3:29 PM

Phabricator does not do a very good job of this right now, and all approaches involve a lot of manual work.

We plan to build a feature (called "Spaces", described in T3820) which will let you create silos that can separate clients from staff or enemy teams within a company. Until we build that feature, there isn't a good approach available.

epriestley closed this task as a duplicate of T3820: Implement top-level "Spaces" that provide policy isolation to groups of objects.Mar 17 2015, 3:29 PM
AdityaGoel added a comment.Mar 23 2015, 6:54 AM
In T7605#102403, @sshannin wrote:

The way my install handles this is by composing task creation URL's which set a lot of the fields. Then we throw this onto a panel in the default dashboard.

So we have a link like "File Product Bug" which opens up a ticket template, prepopulates CC's, projects, and even a message template. We don't do any visibility settings, so I'm not sure if those can be set via get params, but if they are this might be an easy way for you to go.

Thanks @sshannin I now understand your comment. One question though where do I find the get parameters and how do I provide value for them?

sshannin added a comment.Mar 24 2015, 1:03 PM

You can just put the names in the URL, just field_name=value pairs. For example, here's a simplified template we use for tasks to apply changes to the production DB:

/maniphest/task/create/?title=run sql - XXXXXX&priority=50&assign=seth&projects=ops_tasks&description={rSQL%23%23%23%23}%0A%0A%0AStatus%3A%0A[] applied to live%0A[] applied to backup%0A%0A----%0ATables%2Fschemas to backup before applying%3A%0A- table1%0A- table2%0A%0AServices to bounce%3A%0A- app1%0A- app2
AdityaGoel added a comment.Mar 24 2015, 1:06 PM

Got it, thanks a lot.

sshannin mentioned this in T9056: Project templates.Aug 4 2015, 3:31 PM
Phabricator · Built by Phacility