Select the types of activity you want to include in your feed.
@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.)
hq.recaptime.dev/wiki/Phorge
···8899NOTE: This document is only partially complete.
10101111-Phabricator projects are flexible groups of users and objects.
1111+Phabricator projects are flexible, general-purpose groups of objects that you
1212+can use to organize information. Projects have some basic information like
1313+a name and an icon, and may optionally have members.
1414+1515+For example, you can create projects to provide:
1616+1717+ - **Organization**: Create a project to represent a product or initative,
1818+ then use it to organize related work.
1919+ - **Groups**: Create a project to represent a group of people (like a team),
2020+ then add members of the group as project members.
2121+ - **Tags**: To create a tag, just create a project without any members. Then
2222+ tag anything you want.
2323+ - **Access Control Lists**: Add members to a project, then restrict the
2424+ visibility of objects to members of that project. See "Understanding
2525+ Policies" below to understand how policies and projects interact in
2626+ more detail.
12272828+Understanding Policies
2929+======================
3030+3131+An important rule to understand about projects is that **adding or removing
3232+projects to an object never affects who can see the object**.
3333+3434+For example, if you tag a task with a project like {nav Backend}, that does not
3535+change who can see the task. In particular, it does not limit visibility to
3636+only members of the "Backend" project, nor does it allow them to see it if they
3737+otherwise could not. Likewise, removing projects does not affect visibility.
3838+3939+If you're familiar with other software that works differently, this may be
4040+unexpected, but the rule in Phabrictor is simple: **adding and removing
4141+projects never affects policies.**
4242+4343+Note that you //can// write policy rules which restrict capabilities to members
4444+of a specific project or set of projects, but you do this by editing an
4545+object's policies and adding rules based on project membership, not by tagging
4646+or untagging the object with projects.
4747+4848+To manage who can seen an object, use the object's policy controls,
4949+Spaces (see @{article:Spaces User Guide}) and Custom Forms
5050+(see @{article:User Guide: Customizing Forms}).
5151+5252+For more details about rationale, see "Policies In Depth", below.
13531454Joining Projects
1555================
···93133**Hide Unused Items**: If you have a project which you don't expect to have
94134members or won't have a workboard, you can hide these items to streamline the
95135menu.
136136+137137+138138+Policies In Depth
139139+=================
140140+141141+As discussed above, adding and removing projects never affects who can see an
142142+object. This is an explicit product design choice aimed at reducing the
143143+complexity of policy management.
144144+145145+Phabricator projects are a flexible, general-purpose, freeform tool. This is a
146146+good match for many organizational use cases, but a very poor match for
147147+policies. It is important that policies be predictable and rigid, because the
148148+cost of making a mistake with policies is high (inadvertent disclosure of
149149+private information).
150150+151151+In Phabricator, each object (like a task) can be tagged with multiple projects.
152152+This is important in a flexible organizational tool, but is a liability in a
153153+policy tool.
154154+155155+If each project potentially affected visibility, it would become more difficult
156156+to predict the visibility of objects and easier to make mistakes with policies.
157157+There are different, reasonable expectations about how policies might be
158158+affected when tagging objects with projects, but these expectations are in
159159+conflict, and different users have different expectations. For example:
160160+161161+ - if a user adds a project like {nav Backend} to a task, their intent
162162+ might be to //open// the task up and share it with the "Backend" team;
163163+ - if a user adds a project like {nav Security Vulnerability} to a task,
164164+ their intent might be to //close// the task down and restrict it to just
165165+ the security team;
166166+ - if a user adds a project like {nav Easy Starter Task} to a task, their
167167+ intent might be to not affect policies at all;
168168+ - if a user adds {nav Secret Inner Council} to a task already tagged with
169169+ {nav Security Vulnerability}, their intent might be to //open// the task
170170+ to members of //either// project, or //close// the task to just members of
171171+ //both// projects;
172172+ - if a user adds {nav Backend} to a task already tagged with
173173+ {nav Security Vulnerability}, their intent is totally unclear;
174174+ - in all cases, users may be adding projects purely to organize objects
175175+ without intending to affect policies.
176176+177177+We can't distinguish between these cases without adding substantial complexity,
178178+and even if we made an attempt to navigate this it would still be very
179179+difficult to predict the effect of tagging an object with multiple
180180+policy-affecting projects. Users would need to learn many rules about how these
181181+policy types interacted to predict the policy effects of adding or removing a
182182+project.
183183+184184+Because of the implied complexity, we almost certainly could not prevent some
185185+cases where a user intends to take a purely organizational action (like adding
186186+a {nav Needs Documentation} tag) and accidentally opens a private object to a
187187+wide audience. The policy system is intended to make these catastrophically bad
188188+cases very difficult, and allowing projects to affect policies would make these
189189+mistakes much easier to make.
190190+191191+We believe the only reasonable way we could reduce ambiguity and complexity is
192192+by making project policy actions explicit and rule-based. But we already have a
193193+system for explicit, rule-based management of policies: the policy system. The
194194+policy tools are designed for policy management and aimed at making actions
195195+explicit and mistakes very difficult.
196196+197197+Many of the use cases where project-based access control seems like it might be
198198+a good fit can be satisfied with Spaces instead (see @{article:Spaces User
199199+Guide}). Spaces are explicit, unambiguous containers for groups of objects with
200200+similar policies.
201201+202202+Form customization also provides a powerful tool for making many policy
203203+management tasks easier (see @{article:User Guide: Customizing Forms}).