recaptime.dev
@recaptime-dev's working patches + fork for Phorge, a community fork of Phabricator. (Upstream dev and stable branches are at upstream/main and upstream/stable respectively.)
hq.recaptime.dev/wiki/Phorge
phorge
phabricator
1@title Projects User Guide
2@group userguide
3
4Organize users and objects with projects.
5
6Overview
7========
8
9NOTE: This document is only partially complete.
10
11Phorge projects are flexible, general-purpose groups of objects that you
12can use to organize information. Projects have some basic information like
13a name and an icon, and may optionally have members.
14
15For example, you can create projects to provide:
16
17 - **Organization**: Create a project to represent a product or initiative,
18 then use it to organize related work.
19 - **Groups**: Create a project to represent a group of people (like a team),
20 then add members of the group as project members.
21 - **Tags**: To create a tag, just create a project without any members. Then
22 tag anything you want.
23 - **Access Control Lists**: Add members to a project, then restrict the
24 visibility of objects to members of that project. See "Understanding
25 Policies" below to understand how policies and projects interact in
26 more detail.
27
28Understanding Policies
29======================
30
31An important rule to understand about projects is that **adding or removing
32projects to an object never affects who can see the object**.
33
34For example, if you tag a task with a project like {nav Backend}, that does not
35change who can see the task. In particular, it does not limit visibility to
36only members of the "Backend" project, nor does it allow them to see it if they
37otherwise could not. Likewise, removing projects does not affect visibility.
38
39If you're familiar with other software that works differently, this may be
40unexpected, but the rule in Phorge is simple: **adding and removing
41projects never affects policies.**
42
43Note that you //can// write policy rules which restrict capabilities to members
44of a specific project or set of projects, but you do this by editing an
45object's policies and adding rules based on project membership, not by tagging
46or untagging the object with projects.
47
48To manage who can seen an object, use the object's policy controls,
49Spaces (see @{article:Spaces User Guide}) and Custom Forms
50(see @{article:User Guide: Customizing Forms}).
51
52For more details about rationale, see "Policies In Depth", below.
53
54For more details about policies in general, see @{article:Policies User Guide}.
55
56Joining Projects
57================
58
59Once you join a project, you become a member and will receive mail sent to the
60project, like a mailing list. For example, if a project is added as a
61subscriber on a task or a reviewer on a revision, you will receive mail about
62that task or revision.
63
64If you'd prefer not to receive mail sent to a project, you can go to
65{nav Members} and select {nav Disable Mail}. If you disable mail for a project,
66you will no longer receive mail sent to the project.
67
68If you can edit a project, you can also always join or add members to the
69project.
70
71
72Watching Projects
73=================
74
75Watching a project allows you to closely follow all activity related to a
76project.
77
78You can **watch** a project by clicking {nav Watch Project} on the project
79page. To stop watching a project, click {nav Unwatch Project}.
80
81When you watch a project, you will receive a copy of mail about any objects
82(like tasks or revisions) that are tagged with the project, or that the project
83is a subscriber, reviewer, or auditor for. For moderately active projects, this
84may be a large volume of mail.
85
86
87Edit Notifications
88==================
89
90Edit notifications are generated when project details (like the project
91description, name, or icon) are updated, or when users join or leave projects.
92
93By default, these notifications are are only sent to the acting user. These
94notifications are usually not very interesting, and project mail is already
95complicated by members and watchers.
96
97If you'd like to receive edit notifications for a project, you can write a
98Herald rule to keep you in the loop (see @{article:Herald User Guide}).
99
100
101Customizing Menus
102=================
103
104Projects support profile menus, which are customizable. For full details on
105managing and customizing profile menus, see @{article:Profile Menu User Guide}.
106
107Here are some examples of common ways to customize project profile menus that
108may be useful:
109
110**Link to Tasks or Repositories**: You can add a menu item for "Open Tasks" or
111"Active Repositories" for a project by running the search in the appropriate
112application, then adding a link to the search results to the menu.
113
114This can let you quickly jump from a project screen to related tasks,
115revisions, repositories, or other objects.
116
117For more details on how to use search and manage queries, see
118@{article:Search User Guide}.
119
120**New Task Button**: To let users easily make a new task that is tagged with
121the current project, add a link to the "New Task" form with the project
122prefilled, or to a custom form with appropriate defaults.
123
124For information on customizing and prefilling forms, see
125@{article:User Guide: Customizing Forms}.
126
127**Link to Wiki Pages**: You can add links to relevant wiki pages or other
128documentation to the menu to make it easy to find and access. You could also
129link to a Conpherence if you have a chatroom for a project.
130
131**Link to External Resources**: You can link to external resources outside
132of Phorge if you have other pages which are relevant to a project.
133
134**Set Workboard as Default**: For projects that are mostly used to organize
135tasks, change the default item to the workboard instead of the profile to get
136to the workboard view more easily.
137
138**Hide Unused Items**: If you have a project which you don't expect to have
139members or won't have a workboard, you can hide these items to streamline the
140menu.
141
142
143Subprojects and Milestones
144==========================
145
146IMPORTANT: This feature is only partially implemented.
147
148After creating a project, you can use the
149{nav icon="sitemap", name="Subprojects"} menu item to add subprojects or
150milestones.
151
152**Subprojects** are projects that are contained inside the main project. You
153can use them to break large or complex groups, tags, lists, or undertakings
154apart into smaller pieces.
155
156**Milestones** are a special kind of subproject for organizing tasks into
157blocks of work. You can use them to implement sprints, iterations, milestones,
158versions, etc.
159
160Subprojects and milestones have some additional special behaviors and rules,
161particularly around policies and membership. See below for details.
162
163This is a brief summary of the major differences between normal projects,
164subprojects, parent projects, and milestones.
165
166| | Normal | Parent | Subproject | Milestone |
167|---|---|---|---|---|
168| //Members// | Yes | Union of Subprojects | Yes | Same as Parent |
169| //Policies// | Yes | Yes | Affected by Parent | Same as Parent |
170| //Hashtags// | Yes | Yes | Yes | Special |
171
172
173Subprojects
174===========
175
176Subprojects are full-power projects that are contained inside some parent
177project. You can use them to divide a large or complex project into smaller
178parts.
179
180Subprojects have normal members and normal policies, but note that the policies
181of the parent project affect the policies of the subproject (see "Parent
182Projects", below).
183
184Subprojects can have their own subprojects, milestones, or both. If a
185subproject has its own subprojects, it is both a subproject and a parent
186project. Thus, the parent project rules apply to it, and are stronger than the
187subproject rules.
188
189Subprojects can have normal workboards.
190
191The maximum subproject depth is 16. This limit is intended to grossly exceed
192the depth necessary in normal usage.
193
194Objects may not be tagged with multiple projects that are ancestors or
195descendants of one another. For example, a task may not be tagged with both
196{nav Stonework} and {nav Stonework > Masonry}.
197
198When a project tag is added that is the ancestor or descendant of one or more
199existing tags, the old tags are replaced. For example, adding
200{nav Stonework > Masonry} to a task tagged with {nav Stonework} will replace
201{nav Stonework} with the newer, more specific tag.
202
203This restriction does not apply to projects which share some common ancestor
204but are not themselves mutual ancestors. For example, a task may be tagged
205with both {nav Stonework > Masonry} and {nav Stonework > Sculpting}.
206
207This restriction //does// apply when the descendant is a milestone. For
208example, a task may not be tagged with both {nav Stonework} and
209{nav Stonework > Iteration II}.
210
211
212Milestones
213==========
214
215Milestones are simple subprojects for tracking sprints, iterations, versions,
216or other similar blocks of work. Milestones make it easier to create and manage
217a large number of similar subprojects (for example: {nav Sprint 1},
218{nav Sprint 2}, {nav Sprint 3}, etc).
219
220Milestones can not have direct members or policies. Instead, the membership
221and policies of a milestones are always the same as the milestone's parent
222project. This makes large numbers of milestones more manageable when changes
223occur.
224
225Milestones can not have subprojects, and can not have their own milestones.
226
227By default, Milestones do not have their own hashtags.
228
229Milestones can have normal workboards.
230
231Objects may not be tagged with two different milestones of the same parent
232project. For example, a task may not be tagged with both {nav Stonework >
233Iteration III} and {nav Stonework > Iteration V}.
234
235When a milestone tag is added to an object which already has a tag from the
236same series of milestones, the old tag is removed. For example, adding the
237{nav Stonework > Iteration V} tag to a task which already has the
238{nav Stonework > Iteration III} tag will remove the {nav Iteration III} tag.
239
240This restriction does not apply to milestones which are not part of the same
241series. For example, a task may be tagged with both
242{nav Stonework > Iteration V} and {nav Heraldry > Iteration IX}.
243
244
245Parent Projects
246===============
247
248When you add the first subproject to an existing project, it is converted into
249a **parent project**. Parent projects have some special rules.
250
251**No Direct Members**: Parent projects can not have members of their own.
252Instead, all of the users who are members of any subproject count as members
253of the parent project. By joining (or leaving) a subproject, a user is
254implicitly added to (or removed from) all ancestors of that project.
255
256Consequently, when you add the first subproject to an existing project, all of
257the project's current members are moved to become members of the subproject
258instead. Implicitly, they will remain members of the parent project because the
259parent project is an ancestor of the new subproject.
260
261You can edit the project afterward to change or remove members if you want to
262split membership apart in a more granular way across multiple new subprojects.
263
264**Searching**: When you search for a parent project, results for any subproject
265are returned. For example, if you search for {nav Engineering}, your query will
266match results in {nav Engineering} itself, but also subprojects like
267{nav Engineering > Warp Drive} and {nav Engineering > Shield Batteries}.
268
269**Policy Effects**: To view a subproject or milestone, you must be able to
270view the parent project. As a result, the parent project's view policy now
271affects child projects. If you restrict the visibility of the parent, you also
272restrict the visibility of the children.
273
274In contrast, permission to edit a parent project grants permission to edit
275any subproject. If a user can edit {nav Root Project}, they can also edit
276{nav Root Project > Child} and {nav Root Project > Child > Sprint 3}.
277
278
279Policies In Depth
280=================
281
282As discussed above, adding and removing projects never affects who can see an
283object. This is an explicit product design choice aimed at reducing the
284complexity of policy management.
285
286Phorge projects are a flexible, general-purpose, freeform tool. This is a
287good match for many organizational use cases, but a very poor match for
288policies. It is important that policies be predictable and rigid, because the
289cost of making a mistake with policies is high (inadvertent disclosure of
290private information).
291
292In Phorge, each object (like a task) can be tagged with multiple projects.
293This is important in a flexible organizational tool, but is a liability in a
294policy tool.
295
296If each project potentially affected visibility, it would become more difficult
297to predict the visibility of objects and easier to make mistakes with policies.
298There are different, reasonable expectations about how policies might be
299affected when tagging objects with projects, but these expectations are in
300conflict, and different users have different expectations. For example:
301
302 - if a user adds a project like {nav Backend} to a task, their intent
303 might be to //open// the task up and share it with the "Backend" team;
304 - if a user adds a project like {nav Security Vulnerability} to a task,
305 their intent might be to //close// the task down and restrict it to just
306 the security team;
307 - if a user adds a project like {nav Easy Starter Task} to a task, their
308 intent might be to not affect policies at all;
309 - if a user adds {nav Secret Inner Council} to a task already tagged with
310 {nav Security Vulnerability}, their intent might be to //open// the task
311 to members of //either// project, or //close// the task to just members of
312 //both// projects;
313 - if a user adds {nav Backend} to a task already tagged with
314 {nav Security Vulnerability}, their intent is totally unclear;
315 - in all cases, users may be adding projects purely to organize objects
316 without intending to affect policies.
317
318We can't distinguish between these cases without adding substantial complexity,
319and even if we made an attempt to navigate this it would still be very
320difficult to predict the effect of tagging an object with multiple
321policy-affecting projects. Users would need to learn many rules about how these
322policy types interacted to predict the policy effects of adding or removing a
323project.
324
325Because of the implied complexity, we almost certainly could not prevent some
326cases where a user intends to take a purely organizational action (like adding
327a {nav Needs Documentation} tag) and accidentally opens a private object to a
328wide audience. The policy system is intended to make these catastrophically bad
329cases very difficult, and allowing projects to affect policies would make these
330mistakes much easier to make.
331
332We believe the only reasonable way we could reduce ambiguity and complexity is
333by making project policy actions explicit and rule-based. But we already have a
334system for explicit, rule-based management of policies: the policy system. The
335policy tools are designed for policy management and aimed at making actions
336explicit and mistakes very difficult.
337
338Many of the use cases where project-based access control seems like it might be
339a good fit can be satisfied with Spaces instead (see @{article:Spaces User
340Guide}). Spaces are explicit, unambiguous containers for groups of objects with
341similar policies.
342
343Form customization also provides a powerful tool for making many policy
344management tasks easier (see @{article:User Guide: Customizing Forms}).
345
346Archiving
347=========
348
349In Phorge, you can both destroy a project (dangerous) or archive it (very safe).
350
351Archiving a project (or a milestone, which is a kind of project)
352is very much recommended, for example, to archive a project when it stops
353being useful, when the project reaches its deadline, or when its investor turns
354out to be a scam. You might be surprised how useful it is to know which
355colleagues have worked on a certain very old archived project, which fortunately
356somebody decided to archive rather than fully destroy.
357
358The {nav icon=ban,name=Archive} action is visible to all people who
359can {nav icon=pencil,name=Edit} a project. As usual in Phorge,
360there is a confirmation dialog.
361
362After you confirm the archival, these things will happen:
363
364- wherever the tag or its hashtag are mentioned, the corresponding badge is
365 appropriately de-colorized or struck-through.
366- the archived project stops appearing in the active projects list at
367 [ /project/query/active/ ]( /project/query/active/ )
368- the archived project is de-prioritized from most search results and selectors,
369 including the top search bar, the tag pickers, etc.
370- the archived project is muted, and does not cause "watch" notifications.
371- the performer of this action is logged in the recent actions.
372
373All these consequences are reversible. You can bring a project back
374to life anytime using the {nav icon=check,name=Activate project} action.
375
376After archiving a project, all tagged objects, tagged tasks, etc. will be
377intentionally kept as-is. In particular, no special read-only policy is
378enforced on these tagged objects. This is in line with the above section
379about "Policies In Depth". In fact, an object can have many tags, and
380if a specific team group ceases its operations, that does not mean that
381others should stop working on the same tasks, etc.
382
383In case additional hiding of information is needed, you can reduce the
384visibility policy of that project. For example, the visibility policy
385"No One" makes the project effectively invisible to others.
386Mastering the visibility policies helps a lot in making sure your cleanup
387requests are managed professionally and in a secure way, while still allowing
388future auditing, when needed.
389
390If you still decide against archiving a project in a recoverable way,
391continue to the following scary and dangerous section about
392permanent destruction.
393
394Permanently Destroying
395======================
396
397Phorge is designed as a safe collaborative platform that rarely
398requires @{article:Permanently Destroying Data}.
399
400If you have read that article, and if you have done a backup, and if
401you have access to the command line, and if you still want to permanently
402destroy a project (or a milestone), these will be the consequences:
403
404- The project is destroyed permanently from the database, forever
405 (unless you have a good backup and sufficient recovery skills).
406- All objects, including tasks, repositories, wiki documents, calendars,
407 secrets, other projects, etc. to which you have set visibility restrictions
408 involving that project (example: "visible to project members")
409 will be broken, and everyone will be locked out of them.
410 That means these objects will become completely invisible from the web
411 interface and API results.
412 You can still recover from these particular policy problems,
413 by reading the @{article:User Guide: Unlocking Objects}.
414- Users that were members or watchers will lose that relationship.
415- Tagged items will lose that relationship, including tasks, commits,
416 wiki documents, calendar events, repositories, etc.; these objects
417 will simply not be associated anymore with that project tag
418 (but will remain associated with other tags, of course).
419- Comments and texts mentioning the hashtag of that `#project` will no longer
420 render that project link.
421 You will still be able to add that hashtag to another project,
422 to revive these links.
423- If the project has a workboard, that workboard will be destroyed as well
424 (tasks in that workboard will always be kept and will remain associated
425 with other workboards).
426- If the project has direct milestones, these milestones will be destroyed
427 as well. This has sense because milestones are numbered in a linear
428 chronological sequence, and this sequence cannot "just" be moved elsewhere.
429 For example if we have projects {nav A > B > Milestones} and if you destroy
430 the project "B", we cannot just move these milestones up to "A", since
431 the parent project "A" may already have its own milestones,
432 and we would lead to sequence conflicts.
433 (Recall that milestones are technically projects, so consider reading this
434 list again to understand what will happen while destroying each milestone.)
435- If the project has a parent project, and if that parent will end up with
436 no other child projects, that parent can be promoted to root-project again.
437 This means membership of the parent project will be editable again.
438- If the project has subprojects, all subprojects and all their descendant
439 subprojects will climb the tree depth by one level, to fill the gap
440 you caused. Grandchildren become children, children become parents,
441 etc. - a real mess for family photos.
442- You increase the risk of something completely unexpected happening,
443 such as the destruction of your entire datacenter by Psyduck Pokemons
444 out of recursion control.
445
446To permanently destroy a project, you will need to execute a command like this,
447from the root directory of the Phorge repository on your server:
448
449```
450./bin/remove destroy PHID-PROJ-abcdef123456
451```
452
453The command needs the "PHID" code of the project.
454Every project has a PHID which can be retrieved in multiple ways,
455including the {nav icon=cog,name=Manage} menu of that project, or hovering
456the cursor on the {nav icon=flag,name=Flag For Later} feature.
457
458This command requires manual confirmation. Before proceeding,
459take the disclaimer seriously and read the previous section again about
460archiving projects (safe), instead of permanently destroying them (unsafe),
461to hopefully change your mind.