Hi Here's some current info about what we're currently doing or have done for the disclosure project. This info is mainly intended for the product folks / project stakeholders so they can provide any necessary feedback, but others may also be somewhat interested as well. Ina nutshell we are seeking clarification on stuff that has been done in the pre-implementation mockups and implemented so far.
1. Display of All vs Some sharing permissions The Sharing Information page shows, for each user, what level of sharing they have for each information type. Also for each user is a column called "Shared Items". This column either displays: 1. The text "No items shared through subscriptions." or 2. A "View shared items" link to the user's sharing details page. If a user has been granted only All access to any information types, then option #1 above is displayed. If a user has been given access to Some any information types, then option #2 is displayed. Examples: User Data: All -> option #1 Embargoed Security: All, User Data: All -> option #1 Embargoed Security: Some, User Data: All -> option #2 Embargoed Security: Some -> option #2 For times when the link to the details page is shown, the user is able to click though to see what specific bugs or branches have been explicitly shared. ie the user only has access to these specific artfacts (hence Some) but not All artifacts. It could be argued that this approach is misleading, since if for example Embargoed Security: All is shown, and the text says "No items shared through subscriptions.", it may not be obvious or clear that the user can actually see any Embargoed Security artifacts even if they are not explicitly subscribed to them. It's just that since the permission is All, we do not list them. Such a user may in fact be subscribed to some artifacts, but this is masked by the All permission and when the permission is changed to Some, the text is replaced by the link to the details page. Is this behaviour ok? Should we look at re-wording the text? 2. Revoking access When a user is to have their access to artifacts of a particular information type revoked, the popup is used to change the permission to Nothing. What happens server side is: - any access policy grants are removed (think All permissions) - any artifact grants are removed (think Some permissions) The above only removes the grants. Any actual subscriptions to the artifacts are retained. This allows a mistake to be corrected by setting the permission back to Some and the originally visible artifacts will still be there. Do we want or need to provide a revocation option "Share nothing and remove all subscriptions as well"? _______________________________________________ Mailing list: https://launchpad.net/~launchpad-dev Post to : launchpad-dev@lists.launchpad.net Unsubscribe : https://launchpad.net/~launchpad-dev More help : https://help.launchpad.net/ListHelp
