BUG: Project visbility for managers

Question

BUG: Project visbility for managers

Opened this issue 8 years ago · 2 comments

I think I made some mistakes when I declared ALL managers should see all projects. I'm afraid this was nonsense. Sorry for that. This is now how it really should make sense:

a manager should be able to create projects - in doing so he is automatically added to the project users.
A manager should always VIEW and EDIT ALL issues for the projects he has access to.
A manager can assign other managers to project he has access to.
The creator of a project has to be stored as owner inside the project data.
This assures that no manager can revoke ownership of a project from the actual creator.
However an admin MUST be able to change this project ownership any time.
So ALL admins should be able to VIEW/EDIT ALL PROJECTS with implicit control over everything

Answer 1 · 2016-08-16T20:35:29.000Z

This is completely different than the original roles of the project. :)

The manager have permission to view all projects.
The other requirements does not exists currently.

This needs to be discussed more as there are more than one change and it modifies a lot of the underline structure around the roles.

Answer 2 · 2016-08-16T22:29:12.000Z

Oops. I thought this might even be quite simple to change.

a manager should be able to create projects - in doing so he is automatically added to the project users. Actually you don't need to do this - you could just show the projects he is assigned to AND the ones he've created

You would have to change the project create dialog here and add a new field "creator" and then save the user together with the project.

A manager should always VIEW and EDIT ALL issues for the projects he has access to.

Here you would need to restrict the access to all projects he's not assigned. I guess this is also a matter of changing the database query (at least I hope so)

A manager can assign other managers to project he has access to.

New database field creator and several query changes I guess :) AND a new rule that prevents managers from revoking access from a projects creator.

However an admin MUST be able to change this project ownership any time. So ALL admins should be able to VIEW/EDIT ALL PROJECTS with implicit control over everything

These are the same rules as for the managers now I guess...

I thought all this through over and over again now. I think this would be a good way. The admin grants you manager access. Now you can create and manage your own projects without someone kicking you out of some project you yourself have created. Still you only see and manage projects that you are assigned to. I think this is also essential. I noticed this problem here now. 2 managers, but each with his own set of projects, some overlapping but some not.

This way you can really decide who fiddles with your project.