Overview
The feature is called "Private Comments" even if it's not restricted to a private/public permission.
By default a comment is public, that means that as long as someone can view the artifact, they can view the comment.
When the feature is enabled, people can choose a group of people associated to a comment.
Only the member of this group, the tracker admins, the project admins and the site administrator will be able to read the content
Who can write private comments
At tracker level, the administrator can restrict this capability with a global switch "Activate private comments". It's active by default.
Write a private comment
The feature is accessible to all the users who can add a comment if the tracker enables this feature.
Artifact update
The user who write a comment can associate a group to this comment. The user can select one or more groups.
The comment is only visible to the members of the group, tracker admin, project admin and site admin.
If the user is not tracker admin, project admin or site admin, they can only select groups they belongs to (others are not displayed).
Technically speaking, this new permission should be stored outside of global permissions table.
Attachments
Attachments are regular fields update so if someone write a private comment and add an attachment, the attachment might be visible (according to the fields permissions) while the comment will not.
However there is transparent attachment addition when one copy/paste or drag'n drop images in a comment (HTML). In order to avoid leak of informations:
- When a comment is set to be private, the copy/paste & drag'n drop of images is disabled
- If the comment already includes copy/pasted or drag'n dropped images, it's not longer possible to set it private.
Email notification
⚠️ If the private comment is associated to changes and the user cannot see the comment, he might still be able to see the changes themselves (if they were done on fields they can see)
Reply by email
Reply by email are always public.
Comment update
When a user updates a comment, they can change the associated group.
If the user is not tracker admin, project admin or site admin, only the group they belongs to are displayed & kept at update (the membership might have changed in between).
Mass change
Tracker admin who do a mass change can associate a permission to the comment.
Artifact copy & move
Nothing to do
REST routes
The route /artifacts/:id/changesets is updated to add groups to last_comment key:
"last_comment": {
"body": "",
"post_processed_body": "",
"format": "text"
"groups": [
ugroup_representation
]
},
groups key is only added if the user who does the call has the right to see this information and only the groups they belongs to are added.
The actual permission
Modals
Modal v1
Nothing to do, there are no comments here.
Modal v2
The ability to comment should be removed from modal v2 (too much to maintain).
Modal v3
Same behaviour than "Artifact update"
Display of private comments
Comments with a group associated to them are visually distinguishable.
A regular user can see:
- All public comments (ie without any groups associated to them)
- All comments associated to at least one group they belongs to.
Tracker admin, project admin, site admin see all comments.
⚠️ If the private comment is associated to changes and the user cannot see the comment, he might still be able to see the changes themselves (if they were done on fields they can see)
Search
Permissions must be taken into account in the "comment search" box in tracker reports.