-
Suggestion
-
Resolution: Resolved Locally
-
None
-
None
The new 'allow anonymous review browsing' option is great, but it should be extended to have permissions per repository. Somehow the uploading of diff files would have to be placed into the correct repository too to get the right permissions.
[CRUC-92] Allow Anonymous Access Per Repository
Sam Berlin
added a comment - (If you want to close this issue, go ahead... I don't seem to have the option to close it)
Sam Berlin
added a comment - (If you want to close this issue, go ahead... I don't seem to have the option to close it) Sam Berlin
added a comment - Nevermind... I took a second swing at it and noticed I had to change the separate administration Global Settings -> Security -> Crucible -> Allow Anon Access option to YES. There's still some bugs with the anon view in that the numbers in the dashboard on the right widget Everyone's Review, Open (##), Closed (##), All (##) seem to be wrong. (Maybe including reviews that aren't visible to anon?)
Sam Berlin
added a comment - Nevermind... I took a second swing at it and noticed I had to change the separate administration Global Settings -> Security -> Crucible -> Allow Anon Access option to YES. There's still some bugs with the anon view in that the numbers in the dashboard on the right widget Everyone's Review, Open (##), Closed (##), All (##) seem to be wrong. (Maybe including reviews that aren't visible to anon?)
Sam Berlin
added a comment - I haven't yet been able to figure out how to allow anonymous people to view a Crucible review. I have a project "LWCR" whose permission scheme is set to "Client Scheme", and Client Scheme as listed below. But going to the Crucible dashboard always asks a username/password, and so does going directly to an existing LWCR review. So in theory 1.3.x should give what's needed, but in practice it doesn't seem to.
'Client Scheme' permissions:
Summarize
Ability to summarize a review.
Anonymous users: false
All logged in users: false
Individual users:
Groups: admins
Review Roles: Moderator
Abandon
Ability to abandon (i.e. cancel) a review.
Anonymous users: false
All logged in users: false
Individual users:
Groups: admins
Review Roles: Creator Moderator
Uncomplete
Ability to indicate they have not completed a review, after indicating they have completed a review.
Anonymous users: false
All logged in users: false
Individual users:
Groups:
Review Roles: Reviewer
View
Ability to view a review.
Anonymous users: true
All logged in users: true
Individual users:
Groups:
Review Roles: Reviewer Creator Author Moderator
Complete
Ability to indicate they have completed a review.
Anonymous users: false
All logged in users: false
Individual users:
Groups:
Review Roles: Reviewer
Close
Ability to close a review once it has been summarized.
Anonymous users: false
All logged in users: false
Individual users:
Groups: admins
Review Roles: Moderator
Submit
Ability to submit a review to the moderator for approval.
Anonymous users: false
All logged in users: false
Individual users:
Groups:
Review Roles: Creator Author
Create
Ability to create a review.
Anonymous users: false
All logged in users: false
Individual users:
Groups: client
Review Roles:
Approve
Ability to approve a review (i.e. issue it to the reviewers).
Anonymous users: false
All logged in users: false
Individual users:
Groups:
Review Roles: Moderator
Re-Open
Ability to re-open a closed review.
Anonymous users: false
All logged in users: false
Individual users:
Groups: admins
Review Roles: Creator Moderator
Recover
Ability to recover an abandoned review.
Anonymous users: false
All logged in users: false
Individual users:
Groups: admins
Review Roles: Creator Moderator
Edit Review Details
Ability to change review details including the set of revisions being reviewed.
Anonymous users: false
All logged in users: false
Individual users:
Groups:
Review Roles: Creator Moderator
Ability to reject a review submitted for approval.
Anonymous users: false
All logged in users: false
Individual users:
Groups:
Review Roles: Moderator
Comment
Ability to add or remove a comment on a review.
Anonymous users: false
All logged in users: false
Individual users:
Groups:
Review Roles: Reviewer Creator Author Moderator
Sam Berlin
added a comment - I haven't yet been able to figure out how to allow anonymous people to view a Crucible review. I have a project "LWCR" whose permission scheme is set to "Client Scheme", and Client Scheme as listed below. But going to the Crucible dashboard always asks a username/password, and so does going directly to an existing LWCR review. So in theory 1.3.x should give what's needed, but in practice it doesn't seem to.
'Client Scheme' permissions:
Summarize
Ability to summarize a review.
Anonymous users: false
All logged in users: false
Individual users:
Groups: admins
Review Roles: Moderator
Abandon
Ability to abandon (i.e. cancel) a review.
Anonymous users: false
All logged in users: false
Individual users:
Groups: admins
Review Roles: Creator Moderator
Uncomplete
Ability to indicate they have not completed a review, after indicating they have completed a review.
Anonymous users: false
All logged in users: false
Individual users:
Groups:
Review Roles: Reviewer
View
Ability to view a review.
Anonymous users: true
All logged in users: true
Individual users:
Groups:
Review Roles: Reviewer Creator Author Moderator
Complete
Ability to indicate they have completed a review.
Anonymous users: false
All logged in users: false
Individual users:
Groups:
Review Roles: Reviewer
Close
Ability to close a review once it has been summarized.
Anonymous users: false
All logged in users: false
Individual users:
Groups: admins
Review Roles: Moderator
Submit
Ability to submit a review to the moderator for approval.
Anonymous users: false
All logged in users: false
Individual users:
Groups:
Review Roles: Creator Author
Create
Ability to create a review.
Anonymous users: false
All logged in users: false
Individual users:
Groups: client
Review Roles:
Approve
Ability to approve a review (i.e. issue it to the reviewers).
Anonymous users: false
All logged in users: false
Individual users:
Groups:
Review Roles: Moderator
Re-Open
Ability to re-open a closed review.
Anonymous users: false
All logged in users: false
Individual users:
Groups: admins
Review Roles: Creator Moderator
Recover
Ability to recover an abandoned review.
Anonymous users: false
All logged in users: false
Individual users:
Groups: admins
Review Roles: Creator Moderator
Edit Review Details
Ability to change review details including the set of revisions being reviewed.
Anonymous users: false
All logged in users: false
Individual users:
Groups:
Review Roles: Creator Moderator
Ability to reject a review submitted for approval.
Anonymous users: false
All logged in users: false
Individual users:
Groups:
Review Roles: Moderator
Comment
Ability to add or remove a comment on a review.
Anonymous users: false
All logged in users: false
Individual users:
Groups:
Review Roles: Reviewer Creator Author Moderator
Peter Moore [Atlassian]
added a comment - Just stumbled across this unfiled issue, do the permission schemes in 1.3.x give you everything you need? If so, feel free to close.
Peter Moore [Atlassian]
added a comment - Just stumbled across this unfiled issue, do the permission schemes in 1.3.x give you everything you need? If so, feel free to close. Sam Berlin
added a comment - There's one concern expressed in two different ways. 
The goal would be to allow reviews within certain Projects to allow anonymous reviews, whereas other Projects would forbid it. If certain FishEye repositories were assigned to certain Projects, then the Project as a whole could define the permissions, and whether the review was created from a FishEye'd commit or an uploaded patch, it would use the right permissions.
Crucible 1.2 sounds like a great new upgrade!
Sam Berlin
added a comment - There's one concern expressed in two different ways.
The goal would be to allow reviews within certain Projects to allow anonymous reviews, whereas other Projects would forbid it. If certain FishEye repositories were assigned to certain Projects, then the Project as a whole could define the permissions, and whether the review was created from a FishEye'd commit or an uploaded patch, it would use the right permissions.
Crucible 1.2 sounds like a great new upgrade! Are there two separate concerns here?
1) Slightly less than full anonymous browsing: you may want some reviews to be private. With Project support in 1.2, you could have "private" projects that don't allow anonymous viewing.
2) Security attached to patches: Crucible does apply FishEye's per-repository access control to files that are committed (ie, come from FishEye), but at the moment Crucible makes no attempt to associate a patch to a repository and apply access-control that way. This is certainly a deficiency, but perhaps Project and Permission-Scheme support is an acceptable way to achieve the same thing?
Thanks Sam, yes we're aware of the total counts being "out" for restricted viewers. They can only actually see appropriate reviews. We are working on fixing this problem.
Cheers,
Peter.