This is a request for a principal policy decision although I raise it based on a specific case.
I just submitted a fix for bug 638920[1] which deals with the situation where a public project has its code in a private branch. Trying to display a link to that private branch will cause an "Unauthorized" exception. When deciding how to deal with this on the translations page for a project series I realized that the overview page was already dealing with it by pretending that no code branch has been set at all. "No revision control details recorded for ... series." So I felt I had to do the same on the translations page in order not to give away more information than was intended. Is it a conscious policy decision to treat private data like non-existent data? If not, what should the policy be? What do we gain by hiding the fact that private data exists? What risks are we taking with a statement like "The code for this series is held in a private branch." or "You have no access to the code for this series." ? Same goes for private bugs and private ... What else do we have that may be private? Henning [1] https://launchpad.net/bugs/638920 _______________________________________________ Mailing list: https://launchpad.net/~launchpad-dev Post to : [email protected] Unsubscribe : https://launchpad.net/~launchpad-dev More help : https://help.launchpad.net/ListHelp
