Diff for "LEP/Sharing"

Not logged in - Log In / Register
Differences between revisions 2 and 3
Revision 2 as of 2010-10-11 19:45:55
Size: 3990
Editor: sinzui
Comment:
Revision 3 as of 2010-11-22 10:34:49
Size: 4680
Editor: jml
Comment:
Deletions are marked like this. Additions are marked like this.
Line 11: Line 11:
Project and distributions owners need to see who can access all or some of Project and distribution owners need to see who can access all or some of
Line 22: Line 22:
This allows stakeholders to know who has access, and in a single action, Stakeholders need to know who has access, and in a single action,
Line 26: Line 26:

  ''Can you give an example?'' -- jml
Line 44: Line 46:
   * ''What does "contributor or user" mean here?'' -- jml
Line 57: Line 60:
   * ''Why not also remove the user from the team?'' -- jml
Line 63: Line 68:
   * ''Why do they care?'' -- jml
Line 68: Line 74:
   * ''Please unpack this for me'' -- jml
Line 75: Line 81:
   * ''Is this another way of saying "revoke" means "revoke"?'' -- jml
Line 89: Line 96:
 1. Viewing a list of users and a summary of an single user.  1. Viewing a list of users and a summary for a single user.
Line 95: Line 102:

   * ''Ditto for open teams, right?'' -- jml
Line 124: Line 133:
=== jml ===
Line 125: Line 136:
 1. We should geta team within Canonical to beta test


=== jml ===

 * What about an equivalent view for artefacts? i.e. who can see it, owners can revoke privs etc.
 * You distinguish between 'contributor' and 'user' a bit. I sense that you've loaded 'contributor' with special meaning. Would like to know more.

Managing Disclosure

Project and distribution owners can grant or revoke user and team permissions to access all private artefacts.

As a project owner
I want grant users and teams permission to see everything
so that they do not need many subscriptions to access parts of the project.

Project and distribution owners need to see who can access all or some of their project. Owners need to grant and revoke access.

PrivateProjectsAndDistributions

Rationale

With the introduction of private projects and distributions, owner need a way give access to hundreds of private project artefacts.

Stakeholders need to know who has access, and in a single action, grant or revoke it. This is valuable to public project with default private bug and branches--once a company team is granted access, all employees have access to company information.

  • Can you give an example? -- jml

Stakeholders

  • OEM (Joey Stanford, Steve Magoun, Cody A.W. Somerville)
  • Hardware enablement (Chris Van Hoof, Hugh Blemings)
  • ISD (Stuart Metcalfe)
  • Landscape (Jamu Kakar)

  • UbuntuOne (Matt Griffin)

Constraints and Requirements

Must

  1. A lists of all the users with full or partial access.
    The view must also show how the user has access: direct or via a team, contributor or user, subscription to artefacts or access to project.

    • What does "contributor or user" mean here? -- jml

  2. A summary everything an user may know about the project.
    The view must also show how the user has access: direct or via a team.

  3. A way to grant a user or team full access to a project.
    When a owner grants access to a team, the view should show who gains access.

  4. A way to revoke all access to a user or team.
    Revocation removed all subscriptions to individual artefacts be default. The owner many choose to keep some subscription so that partial access is allowed. If the user has access via a team, the view must explain how to remove either the user or the team to revoke permissions.

    • Why not also remove the user from the team? -- jml

Nice to have

  1. A way to see how the user knows about the project.
    Owners often want to know if the user has email subscriptions to understand if the user is getting information via email too.

    • Why do they care? -- jml

  2. List the users who have full access via the owner or driver team.
    The owner may need to know about contributors as well as users. If the owner can revoke access to an owner/driver, then the user must be removed from the team and assignments and subscriptions are removed too.

    • Please unpack this for me -- jml

Must not

  1. Revoking a user or team not allow the user to have partial access.
    Revoking access to a user must remove the individual subscriptions that provide partial access.

    • Is this another way of saying "revoke" means "revoke"? -- jml

  2. Granting access must not cede control of disclosure.
    Public teams may not be direct or indirect members of a private project. Open teams allow anyone to choose to become a member, which undermines the owner's power to manage disclosure.

Subfeatures

None

Workflows

  1. Viewing a list of users and a summary for a single user.
  2. Granting access to a user or team
  3. Failing to grant access to a team that is public or a member team is a public

    • Ditto for open teams, right? -- jml

  4. Revoking access to a user with full access.
  5. Revoking access to a user with partial access.
  6. Revoking access to a contributor?

Success

How will we know when we are done?

  1. An owner can see all users who have access to a private project.
  2. The owner can see how the use acquired access.
  3. The owner can see a summary of what the user knows.
  4. The owner can revoke a user and see what the user was unsubscribed from everything too.

How will we measure how well we have done?

  1. The canonical team is subscribed to all canonical projects.

Thoughts?

jml

  1. Owner, drivers, an bug supervisors are assumed to have full access.
  2. We should geta team within Canonical to beta test

jml

  • What about an equivalent view for artefacts? i.e. who can see it, owners can revoke privs etc.
  • You distinguish between 'contributor' and 'user' a bit. I sense that you've loaded 'contributor' with special meaning. Would like to know more.

LEP/Sharing (last edited 2012-06-26 17:17:25 by sinzui)