RE: Using Bugzilla Groups to Limit User Group to Group Bugs

The fundamental logic is that Bugzilla groups behave like
Unix groups (except for the automatic assignment that you want).
Users can only access (read & write) bugs that belong also to
group(s) they belong to (as in Unix).

As the Bugzilla admin for my product, I get an e-mail whenever
a bug is generated (I'm QA Contact). If a user did not check the
appropriate box, I do. Not automatic, but I deal with it.
[color=blue]
>-----Original Message-----
>From: [email]support-bugzilla-bounces@lists.mozilla.org[/email]
>[mailto:support-bugzilla-bounces@lists.mozilla.org] On Behalf
>Of John Weathers
>Sent: Tuesday, January 10, 2006 12:52 PM
>To: [email]support-bugzilla@lists.mozilla.org[/email]
>Subject: Re: Using Bugzilla Groups to Limit User Group to Group Bugs
>
>[color=green][color=darkred]
>> >To clarify things the effects that we desire are:
>> >1) A staff member enters a bug for Product A or Product B -> Only
>> >staff members can access this bug.[/color]
>>
>> Staff checks the GropuA(GroupB) box only.[/color]
>
>Which means that only GroupA members can access this bug which
>is fine since all Staff members are members of GroupA, but no
>clients are members of GroupA.
>[color=green][color=darkred]
>> >2) A client 1 user enters a bug for Product A -> Only staff members
>> >and client 1 users can access this bug.[/color]
>>
>> client 1 checks the Client1 and GroupA boxes.[/color]
>Which means that only members of both Client1 and GroupA can
>access this bug which is not OK because that would mean that
>other Client1 users cannot access this bug because no client
>users are a part of GroupA because otherwise they could see
>bugs entered by the staff per the above comments.
>
>I suppose if I were OK with manually checking things, then I
>could get away with making three groups: Staff, Client1, and
>Client2 where Staff members must manually check the Staff box
>for bugs that they enter, Client 1 users must manually check
>the Check1 box for bugs that they enter and Client 2 users
>must manually check the Client2 box for bugs that they enter.
>Then, Staff members would belong to all three groups while
>clients would only belong to their corresponding groups. But
>the problem with this is that with manual checking things are
>not secure as the isolation of bugs from various parties can
>break through user error.
>
>-John
>_______________________________________________
>support-bugzilla mailing list [email]support-bugzilla@lists.mozilla.org[/email]
>[url]https://lists.mozilla.org/listinfo/support-bugzilla[/url]
>[/color]