[whups] Project developement, features, etc

[Chuck Hagenbuch]

Quoting Alex L <admin@networkessence.net>:

> I believe there are a few developement questions that should be answered as to
> how WHUPS will work in order for coding to continue. These questions may 
> already be answered somewhere, but I have no idea where and haven't found a 
> GOALS file anywhere. If everything in this email can be answered/resolved, I 
> will start coding for the WHUPS project and posting diffs. The only thing 
> holding me back is that I did not want to make proprietary modifications that 
> don't comply with what the other developers want too.

Great! This list is the right place for this; there isn't anything else right
now. Feel freel to submit a GOALS file. =)

>  I see User Auth and Permissions as two different backends, but because the
> permissions will/can depend on User Authentication, I think their details need
> to be established so that they complement each other.

There is already a Horde Perms:: framework; it admittedly needs more work, but
it's what we should use, IMO.

> IMO, User authentication should be done through horde - with one addition. I
> believe there should also be a WHUPS internal user backend with a seperate 
> layer of authentication, similiar to IMP. This could be based off of things 
> such as CVS or a seperate SQL table, and would also include manageable user
> permissions. This would need to have at least 2 different user types defined. 
> These would be public users and internal users. Each would have respective 
> permissions. The internal users could have read or read/write access or could 
> even be treated as public users. There would be two different public users: a 
> regular public user that can only browse tickets, and a public user that 
> creates a ticket. The public user that creates the ticket would have the right 
> to close the ticket he/she created or add comments, but could not close a
> ticket he/she didn't open. Internal users could have read/write based off of
> several things such as CVS, ticket owner, priority, ticket state, assignment,
> etc. There permissions could allow moderation abilities of the comments, or
> allow/disallow changing certain details of ticket such as assignment and
> status. Agree? Questions, comments?

This sounds pretty good to me. I think it would be ideal if the second (public)
auth source wasn't specific to Whups, but was just a second configured Horde
auth source with the added requirement of having to be able to add users to it
(sql, local file, etc). The rest sounds good; I think permissions on a
per-module basis are reasonable and inside of that might be overkill, but we can
make the perms system that fine grained easily.

I think that moderation of comments in a bug tracker is overkill. Having admins
able to edit them is enough, I think.

Other than that, sounds good.

> Currently, WHUPS only has one frontend. This is an internal frontend. Any WHUPS
> user can currently create, close, change, or assign tickets. I believe there
> should also be a public frontend that is purely for viewing ticket details and
> creating new tickets based on a project and should look similar to bugzilla.
> Agree? Disagree? Questions, comments?

I think bugzilla has a crowded, not necessarily so good interface. Turning
pieces of the UI on and off based on permission/type of user sounds fine... did
you really have more than that in mind?

> This subject hasn't been approached yet, but needs to be for a few reasons.
> WHUPS will integrate with CVS, it will be able to cover multiple projects and
> it will need to utilize user permissions because of this. Permissions on who
> can modify what projects or even modify tickets for certain projects. The
> permissions and project administration will need some type of interface.
> This could all be done by populating SQL tables, but I think the data in those
> tables should be able to be populated. Agree? Disagree? Questions, comments?

Yes, we need a general perms administration UI in horde/admin/, along with
appropriate perm setting stuff inside the actual applications.

> As soon as these questions are answered, I think WHUPS can continue to be
> developed, and I'd personally be glad to do it, but I just want it to be
> something everyone wants, not just what I want.

Thanks!

-chuck

--
Charles Hagenbuch, <chuck@horde.org>
"What was and what may be lie, like children whose faces we cannot see, in 
the arms of silence. All we ever have is here, now." - Ursula K. Le Guin