I think that's good to get us going. Who would be able to manage membership of the blessed_commiters / security groups? Admins?

EDIT: Will you take care of hiding dangerous actions from non-trusted too?

In T15001#23, @taavi wrote:

I think that's good to get us going. Who would be able to manage membership of the blessed_commiters / security groups? Admins?

I think so, at least initially.

EDIT: Will you take care of hiding dangerous actions from non-trusted too?

Sure.

Okay, I have set up the projects, spaces, forms, and other policies with one exception: I can't remember how to restrict arc land, so I'm going to take care of that in a bit.

In T15001#26, @Matthew wrote:

Okay, I have set up the projects, spaces, forms, and other policies with one exception:

At least in Maniphest all users seem to still be able to mess with custom policies.

I can't remember how to restrict arc land, so I'm going to take care of that in a bit.

I think that is https://secure.phorge.it/diffusion/PHORGE/manage/policies/

In T15001#27, @taavi wrote:

In T15001#26, @Matthew wrote:

Okay, I have set up the projects, spaces, forms, and other policies with one exception:

At least in Maniphest all users seem to still be able to mess with custom policies.

I will made the adjustment to the forms, I'd think we want a simple create for anyone new anyway

I can't remember how to restrict arc land, so I'm going to take care of that in a bit.

I think that is https://secure.phorge.it/diffusion/PHORGE/manage/policies/

Done.

Okay, this is done. My solution is four Maniphest forms:

• Create Task - This is the simple create form for tasks. it defaults to "needs triage," doesn't provide a chance to assign the task to someone, and hides the policies of a task.
• Create Task (Advanced) - This is the full create task form. It is restricted to Trusted Contributors
• Create Security Task - This is a create form visible to everyone. It automatically puts the task in S2, assigns the Security project, and creates a custom policy on the task.
• Edit Task - This is the same form as Create Task (Advanced), but it is set as the edit form due to the permission restrictions on that form.

Thanks. We might want to add Trusted Contributors create/edit policies on projects too, but otherwise I think that should be everything to get us started.

I was initially planning to use Phorge for upstream maintenance and project governance and using individual projects for apps (Maniphest, for example). If Phorge is about the software, where are you planning to put project governance?

Could just do like Phorge Upstream → Governance, Phorge → Maniphest, etc. with subprojects to have a kind of clean-ish separation between "application" stuff and "administrative" stuff?

In T15001#38, @chris wrote:

Could just do like Phorge Upstream → Governance, Phorge → Maniphest, etc. with subprojects to have a kind of clean-ish separation between "application" stuff and "administrative" stuff?

I really like that use of sub projects. I’ll go ahead and create a task for discussion and implementation.

Just a note that Trusted Contributors can’t self grow beyond admins adding people currently as to add members you need to be able to edit the project. Currently only admins can edit the project.

In T15001#980, @MacFan4000 wrote:

Just a note that Trusted Contributors can’t self grow beyond admins adding people currently as to add members you need to be able to edit the project. Currently only admins can edit the project.

IMO the edit policy should be set to Project Members. This way it’ll be able to self grow. :)

In T15001#1011, @MacFan4000 wrote:

In T15001#980, @MacFan4000 wrote:

Just a note that Trusted Contributors can’t self grow beyond admins adding people currently as to add members you need to be able to edit the project. Currently only admins can edit the project.

IMO the edit policy should be set to Project Members. This way it’ll be able to self grow. :)

Done