Content
View differences
Updated by Marc Alcobé over 2 years ago
# User problem
### User
* Project manager
* Team lead
* Project member
* Customer
* Supplier
### User problem and their pain
<figure class="table op-uc-figure_align-center op-uc-figure"><table class="op-uc-table"><thead class="op-uc-table--head"><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">Problem: What problem or job does the user have?</p></th><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">Pain: What is the primary workaround that users perform that we could remove or replace? Why is it painful?</p></th></tr></thead><tbody><tr class="op-uc-table--row"><td class="op-uc-table--cell"><p class="op-uc-p">Users don't have access to the work packages that they need for the project team to work efficiently.</p></td><td class="op-uc-table--cell"><p class="op-uc-p">The communication is done by email or chat. There is no single source of truth anymore.</p></td></tr><tr class="op-uc-table--row"><td class="op-uc-table--cell"><p class="op-uc-p">Users have access to confidential data that they should not know. </p></td><td class="op-uc-table--cell"><p class="op-uc-p">Adding too many users to a project violates the need-to-know-principle. People then don't put relevant information into the work packages because they are afraid this might leak to the wrong users. </p></td></tr></tbody></table></figure>
### Impact
* It removes the need to duplicate information. It increases transparency and avoids extra effort and chaos.
# User flow
This user flow is available in the [Figma file](https://www.figma.com/file/PlN4AmkwHNabNiT1Z7nZAA/Share-Work-Packages?node-id=53%3A7841) where the linked mockups are also clickable.
<img class="op-uc-image op-uc-image_inline" src="/api/v3/attachments/51966/content">
# Solution and acceptance criteria
### Entry points
* In the toolbar of a work package full screen there is button that open a share modal.
* This can also be triggered using the share button in the action bar of the work package split screen view.
### Share modal
* The action opens a modal in the centre of the screen with the following information:
* **Modal title:** _"Share work packages"_.
* **User search area:** _**Search field**_ for users, groups and emails with the placeholder text text _"Search by user, group or email address"_ + _**Permissions dropdown**_ button with _"View"_ by default _**\+ Invite**_ button (this button performs the call to the backend therefore there is no confirmation action on the modal action bar).
* Possible user and permissions cases listed bellow.
* **Users list:** list of users that the work package is shared with in the format "\[Avatar\] + Name or email" and extra information about the project role and invitation bellow. There is multiple possibilities of user types:
* **Not project member:** with two possible cases
* **Existing instance user:** User known by the instance with an avatar associated but not inside the project and therefore doesn't have a project role associated.
* **New user (email address):** user not known by the instance and shared via the email address that displayed in the list. While the user hasn't accepted the invitation email there is a "Resend invitation" link next to the email address. A default GitHub avatar is used for this cases.
* **Project member:** user known in the instance with an avatar associated that is already member of the project where this work package resides.
* Not all project members are listed, only the users which the work package has proactively been shared with.
* The permissions system for this users is not an EXCLUDE system but rather an ADD system. For example:
1. The work package is shared to a user with project "reader" role with permissions "comment". This user will now have all the permissions for "reader" and for this work package "comment" permissions.
2. The work package is shared to a user with project "admin" role with permissions "view". This user will still have all the permissions on this work package because the "view" are adding permissions that the user already have due to being "admin".
* **Group:** group of users known in the instance with an avatar associated. The users of this group are not individually added or displayed in the list. You can share with groups part of this project and external groups.
* If a user is both in a shared group and individual shared, both the group and the user will be listed.
* **Locked user:** the user will be displayed with a lock icon in front of their name.
* In the share modal the user with manage permissions is able to:
1. Add an existing user
2. Add an existing group
3. Invite a new user via email address
4. Filter users by type and role
5. Understand the invitation status
6. Modify the permissions related to already invited users
7. Revoke invitations and remove access to the work package
8. Resend email invitations for users who hasn't accepted yet the invitation
9. Bulk edit users roles
* In the share modal the user with view permissions is able to:
1. Search for existing shared users
2. Filter users by role.
3. See shared users and their role
* If the user tries to share the work package with a user that has been already shared with, this will appear in the list (autocompleter) and the new role will update the previous one. This will also bring this user to the top of the table.
* If a **New user** or a **Existing user (not in the project)** is added afterwards to the project as member their status in all the shared work packages will be updated with their role in the project.
* If the work package is shared with an **Existing user** who is inside of a **Group** already in the list of shared users, both permissions will be additive and counted for what the user can do (the highest permission will rule). In the row of the existing user a text below the name will be added specifying the group permissions that this user has.
* Placeholder users are not selectable for sharing work packages.
* Users can not search for their own user to share in the modal.
* If the current user is already shared with when they open the modal, that line will l[ook the same as when a user not having share permission opens the modal](https://www.figma.com/file/PlN4AmkwHNabNiT1Z7nZAA/Share-Work-Packages?type=design&node-id=1436-76750&mode=design&t=8No6ExUBI2Y7hiHA-4) so it cannot be edited or removed.
* The list will be sorted by default alphabetically. With the exception of the users added in the list while the modal is open that will be displayed on the top of the table (eg. I've added two new users to the list and they are displayed on the top, once I close the modal this get sorted alphabetically).
### Invite Email Email/Notification
* **For existing users:**
* An email is sent to the user (using their email address) that has been invited to the work package with the information of who has shared the work package with him/her/they, which is the role and permissions that they have and the basic information of the work package.
* In case the invitation is to a group, all group members will receive an email with the information saying that that they have been invited as part of a group.
* **For new users:**
* Newly invited users receive an email with the link to the work package. When clicking on it the user will be redirected to the create account flow.
* The invited user creates a user account with a password, name and surname. This allows the user to access all work packages that are shared with this user. It also allows the user to change its notification settings.
* An extra text specifying that the user will need to create an account inside of the instance with the the name of the instance specified (eg. OpenProject Community, cProject...)
* Following the watchers approach, this emails are only triggered the first time the user is added, not when their role is changed or they have been removed from the share.
### Permissions
* There is an additional setting that activates the sharing with external guest users. So organisations can ensure that only users that are authenticated against the connected identity provider have access to OpenProject.
* At an administration level their will be two new permissions for roles:
* **Manage share work packages:** users with this permission will see entry points (buttons) and be able to edit, invite and remove users.
* **View share work packages:** users with this permission will see the entry points (buttons) and the list of users but not edit it.
* Manage permission forces the view ones. If the role doesn't have any of this two permissions the entry points (buttons) are hidden.
* At the share work package level there are three permission levels to share work packages with **New user, Groups** or **Existing users (not in the project)**
* Edit
* Comment
* View
<figure class="table op-uc-figure_align-center op-uc-figure"><table class="op-uc-table"><thead class="op-uc-table--head"><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p"><br data-cke-filler="true"></p></th><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">Edit</p></th><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">Comment</p></th><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">View</p></th></tr></thead><tbody><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">Become assignee</p></th><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"></span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"></span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"></span></label></li></ul></td></tr><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">Log time</p></th><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"> </span></label></li></ul></td></tr><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">View logged time</p></th><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"> </span></label></li></ul></td></tr><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">View own logged time</p></th><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"> </span></label></li></ul></td></tr><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">See version</p></th><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td></tr><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">Assign versions</p></th><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"> </span></label></li></ul></td></tr><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">Edit work package attributes</p></th><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"> </span></label></li></ul></td></tr><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">Add comment</p></th><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"> </span></label></li></ul></td></tr><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">Edit relations</p></th><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"> </span></label></li></ul></td></tr><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">View attachments</p></th><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td></tr><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">Upload attachments</p></th><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"> </span></label></li></ul></td></tr><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">Nextcloud links (if the user has NC account)</p></th><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"></span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"></span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"></span></label></li></ul></td></tr><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">Manage watchers (add and delete)</p></th><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"> </span></label></li></ul></td></tr><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">Watch work package</p></th><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td></tr><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">View watchers list</p></th><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"> </span></label></li></ul></td></tr><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">Show GitHub content</p></th><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td></tr><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">Export</p></th><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td></tr><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">Change project</p></th><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"> </span></label></li></ul></td></tr><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">See costs and budgets</p></th><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"></span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"></span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"></span></label></li></ul></td></tr><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">Copy work package</p></th><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"></span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"></span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"></span></label></li></ul></td></tr></tbody></table></figure>
* The users with **Edit** permissions will be able to change and create relations (including parent work packages) but they will only see displayed the work packages where they have access or edit rights.
* Copying a shared with work package, will only be possible with **Edit** permissions. To avoid duplicates of work packages, only copy to other projects will be available.
### Revoke and delete users
* Removing users (whose invitation is revoked) from work packages share will not restrict their access to the instance, they will still be able to log into the application as they have an account. To fully remove a user the administrator needs to remove it from the users list in the admin settings.
* When a user is fully removed from an instance (admin user level) all its shared WP should be also revoked as they can no longer log in in the application.
* When a user is only removed from a project (member level) the administrator will be asked if they also want to remove the user from the work packages they have shared in that project.
### Filter "Share with user"
* In order to filter the work packages inside and outside of a specific project depending on their share status a new filter type should be created.
* This filter is part of the common filters and has the name "Share with user". This will contain four different options:
* Is
* Is not
* Any
* None
* The users will only be able to see users from the projects they are members. If a user has no permissions to manage or view share work packages this filter will not be displayed.
### Trigger notifications
* Shared users as they have a linked account can be mentioned and added as watchers.
* Shared users should be able to receive relevant notifications in their notification centre when mentioned or there is changes in work packages they are watching.
* A rework on the notification settings will be needed due to this. There will be a new "Participating" notification role with "Shared with". _(to be designed)_
### Global access to shared work packages
* The global index pages for work packages will look the same as the current implementation.
* The shared users will be able to see the name of the project of the work packages shared in the project drop downs and selections. In case this are inside of a sub-project, they will only see the sub-project (current implementation if a user is full member in a sub-project).
* The user can then access the project but within it would only find the work package module enabled with the work packages shared listed.
### Copying a project
* Copying a project will copy the shares of its work packages.
* This will trigger notifications for the shares that are copied if the user copying has the notification setting activated.
# Visuals available in Figma
* **Desktop:** [https://www.figma.com/file/PlN4AmkwHNabNiT1Z7nZAA/Share-Work-Packages?type=design&node-id=53-7841&mode=design](https://www.figma.com/file/PlN4AmkwHNabNiT1Z7nZAA/Share-Work-Packages?type=design&node-id=53-7841&mode=design)
* **Mobile:** [https://www.figma.com/file/PlN4AmkwHNabNiT1Z7nZAA/Share-Work-Packages?type=design&node-id=1873-10273&mode=design](https://www.figma.com/file/PlN4AmkwHNabNiT1Z7nZAA/Share-Work-Packages?type=design&node-id=1873-10273&mode=design)
# Out of scope
* Share work packages with other projects
* Private comments
* Additional permissions for work package attributes and custom fields
* Sharing work packages with the project hierarchy (e.g. milestones that are shared with sub-projects)
* Change of the auto completer for users
* Change of the behaviour of filter option and values. Currently the available filters and their values are determined by the project filtered in. This is an limitation that already exists for sub-projects or included projects.
* Access tokens for individual work packages so users don't need to create a user account.
* Boards: Not possible to have a column for shared with user on assignee board
* Team planner: Not possible to have a row for shared with user on team planner
* Inside of the global work packages module (outside of any project) there is two new menu entries:
* **Shared with me:** A default view with the filter "Shared with" with a value of "is" and the user added as the unique filter value.
* **Shared with users:** A default view with the filter "Shared with" in the value "any".
# Open topics
### Permissions
* There is the risk of privilege escalation here. A user with only the permission to view work packages and share them should not have the permission to grant sharing on an edit level. So the permissions the user administrating the sharing should limit the sharing levels: Only a user having the `edit_work_packages` permission should be able to add edit-level sharing.
* For sharing with new users, the user would also need the `create_user` permission, correct?
* For the edit permissions, additional resources in the project need to become visible:
* all member users
* all member groups
* all categories
* all versions in case there is a version custom field the user should be allowed to edit
### User
* Project manager
* Team lead
* Project member
* Customer
* Supplier
### User problem and their pain
<figure class="table op-uc-figure_align-center op-uc-figure"><table class="op-uc-table"><thead class="op-uc-table--head"><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">Problem: What problem or job does the user have?</p></th><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">Pain: What is the primary workaround that users perform that we could remove or replace? Why is it painful?</p></th></tr></thead><tbody><tr class="op-uc-table--row"><td class="op-uc-table--cell"><p class="op-uc-p">Users don't have access to the work packages that they need for the project team to work efficiently.</p></td><td class="op-uc-table--cell"><p class="op-uc-p">The communication is done by email or chat. There is no single source of truth anymore.</p></td></tr><tr class="op-uc-table--row"><td class="op-uc-table--cell"><p class="op-uc-p">Users have access to confidential data that they should not know. </p></td><td class="op-uc-table--cell"><p class="op-uc-p">Adding too many users to a project violates the need-to-know-principle. People then don't put relevant information into the work packages because they are afraid this might leak to the wrong users. </p></td></tr></tbody></table></figure>
### Impact
* It removes the need to duplicate information. It increases transparency and avoids extra effort and chaos.
# User flow
This user flow is available in the [Figma file](https://www.figma.com/file/PlN4AmkwHNabNiT1Z7nZAA/Share-Work-Packages?node-id=53%3A7841) where the linked mockups are also clickable.
<img class="op-uc-image op-uc-image_inline" src="/api/v3/attachments/51966/content">
# Solution and acceptance criteria
### Entry points
* In the toolbar of a work package full screen there is button that open a share modal.
* This can also be triggered using the share button in the action bar of the work package split screen view.
### Share modal
* The action opens a modal in the centre of the screen with the following information:
* **Modal title:** _"Share work packages"_.
* **User search area:** _**Search field**_ for users, groups and emails with the placeholder text text _"Search by user, group or email address"_ + _**Permissions dropdown**_ button with _"View"_ by default _**\+ Invite**_ button (this button performs the call to the backend therefore there is no confirmation action on the modal action bar).
* Possible user and permissions cases listed bellow.
* **Users list:** list of users that the work package is shared with in the format "\[Avatar\] + Name or email" and extra information about the project role and invitation bellow. There is multiple possibilities of user types:
* **Not project member:** with two possible cases
* **Existing instance user:** User known by the instance with an avatar associated but not inside the project and therefore doesn't have a project role associated.
* **New user (email address):** user not known by the instance and shared via the email address that displayed in the list. While the user hasn't accepted the invitation email there is a "Resend invitation" link next to the email address. A default GitHub avatar is used for this cases.
* **Project member:** user known in the instance with an avatar associated that is already member of the project where this work package resides.
* Not all project members are listed, only the users which the work package has proactively been shared with.
* The permissions system for this users is not an EXCLUDE system but rather an ADD system. For example:
1. The work package is shared to a user with project "reader" role with permissions "comment". This user will now have all the permissions for "reader" and for this work package "comment" permissions.
2. The work package is shared to a user with project "admin" role with permissions "view". This user will still have all the permissions on this work package because the "view" are adding permissions that the user already have due to being "admin".
* **Group:** group of users known in the instance with an avatar associated. The users of this group are not individually added or displayed in the list. You can share with groups part of this project and external groups.
* If a user is both in a shared group and individual shared, both the group and the user will be listed.
* **Locked user:** the user will be displayed with a lock icon in front of their name.
* In the share modal the user with manage permissions is able to:
1. Add an existing user
2. Add an existing group
3. Invite a new user via email address
4. Filter users by type and role
5. Understand the invitation status
6. Modify the permissions related to already invited users
7. Revoke invitations and remove access to the work package
8. Resend email invitations for users who hasn't accepted yet the invitation
9. Bulk edit users roles
* In the share modal the user with view permissions is able to:
1. Search for existing shared users
2. Filter users by role.
3. See shared users and their role
* If the user tries to share the work package with a user that has been already shared with, this will appear in the list (autocompleter) and the new role will update the previous one. This will also bring this user to the top of the table.
* If a **New user** or a **Existing user (not in the project)** is added afterwards to the project as member their status in all the shared work packages will be updated with their role in the project.
* If the work package is shared with an **Existing user** who is inside of a **Group** already in the list of shared users, both permissions will be additive and counted for what the user can do (the highest permission will rule). In the row of the existing user a text below the name will be added specifying the group permissions that this user has.
* Placeholder users are not selectable for sharing work packages.
* Users can not search for their own user to share in the modal.
* If the current user is already shared with when they open the modal, that line will l[ook the same as when a user not having share permission opens the modal](https://www.figma.com/file/PlN4AmkwHNabNiT1Z7nZAA/Share-Work-Packages?type=design&node-id=1436-76750&mode=design&t=8No6ExUBI2Y7hiHA-4) so it cannot be edited or removed.
* The list will be sorted by default alphabetically. With the exception of the users added in the list while the modal is open that will be displayed on the top of the table (eg. I've added two new users to the list and they are displayed on the top, once I close the modal this get sorted alphabetically).
### Invite Email
* **For existing users:**
* An email is sent to the user (using their email address) that has been invited to the work package with the information of who has shared the work package with him/her/they, which is the role and permissions that they have and the basic information of the work package.
* In case the invitation is to a group, all group members will receive an email with the information saying that that they have been invited as part of a group.
* **For new users:**
* Newly invited users receive an email with the link to the work package. When clicking on it the user will be redirected to the create account flow.
* The invited user creates a user account with a password, name and surname. This allows the user to access all work packages that are shared with this user. It also allows the user to change its notification settings.
* An extra text specifying that the user will need to create an account inside of the instance with the the name of the instance specified (eg. OpenProject Community, cProject...)
* Following the watchers approach, this emails are only triggered the first time the user is added, not when their role is changed or they have been removed from the share.
### Permissions
* There is an additional setting that activates the sharing with external guest users. So organisations can ensure that only users that are authenticated against the connected identity provider have access to OpenProject.
* At an administration level their will be two new permissions for roles:
* **Manage share work packages:** users with this permission will see entry points (buttons) and be able to edit, invite and remove users.
* **View share work packages:** users with this permission will see the entry points (buttons) and the list of users but not edit it.
* Manage permission forces the view ones. If the role doesn't have any of this two permissions the entry points (buttons) are hidden.
* At the share work package level there are three permission levels to share work packages with **New user, Groups** or **Existing users (not in the project)**
* Edit
* Comment
* View
<figure class="table op-uc-figure_align-center op-uc-figure"><table class="op-uc-table"><thead class="op-uc-table--head"><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p"><br data-cke-filler="true"></p></th><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">Edit</p></th><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">Comment</p></th><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">View</p></th></tr></thead><tbody><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">Become assignee</p></th><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"></span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"></span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"></span></label></li></ul></td></tr><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">Log time</p></th><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"> </span></label></li></ul></td></tr><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">View logged time</p></th><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"> </span></label></li></ul></td></tr><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">View own logged time</p></th><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"> </span></label></li></ul></td></tr><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">See version</p></th><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td></tr><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">Assign versions</p></th><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"> </span></label></li></ul></td></tr><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">Edit work package attributes</p></th><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"> </span></label></li></ul></td></tr><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">Add comment</p></th><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"> </span></label></li></ul></td></tr><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">Edit relations</p></th><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"> </span></label></li></ul></td></tr><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">View attachments</p></th><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td></tr><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">Upload attachments</p></th><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"> </span></label></li></ul></td></tr><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">Nextcloud links (if the user has NC account)</p></th><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"></span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"></span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"></span></label></li></ul></td></tr><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">Manage watchers (add and delete)</p></th><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"> </span></label></li></ul></td></tr><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">Watch work package</p></th><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td></tr><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">View watchers list</p></th><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"> </span></label></li></ul></td></tr><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">Show GitHub content</p></th><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td></tr><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">Export</p></th><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"> </span></label></li></ul></td></tr><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">Change project</p></th><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"> </span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"> </span></label></li></ul></td></tr><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">See costs and budgets</p></th><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"></span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"></span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"></span></label></li></ul></td></tr><tr class="op-uc-table--row"><th class="op-uc-table--cell op-uc-table--cell_head"><p class="op-uc-p">Copy work package</p></th><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled" checked="checked"><span class="todo-list__label__description"></span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"></span></label></li></ul></td><td class="op-uc-table--cell"><ul class="todo-list op-uc-list_task-list op-uc-list"><li class="op-uc-list--item"><label class="todo-list__label"><input type="checkbox" disabled="disabled"><span class="todo-list__label__description"></span></label></li></ul></td></tr></tbody></table></figure>
* The users with **Edit** permissions will be able to change and create relations (including parent work packages) but they will only see displayed the work packages where they have access or edit rights.
* Copying a shared with work package, will only be possible with **Edit** permissions. To avoid duplicates of work packages, only copy to other projects will be available.
### Revoke and delete users
* Removing users (whose invitation is revoked) from work packages share will not restrict their access to the instance, they will still be able to log into the application as they have an account. To fully remove a user the administrator needs to remove it from the users list in the admin settings.
* When a user is fully removed from an instance (admin user level) all its shared WP should be also revoked as they can no longer log in in the application.
* When a user is only removed from a project (member level) the administrator will be asked if they also want to remove the user from the work packages they have shared in that project.
### Filter "Share with user"
* In order to filter the work packages inside and outside of a specific project depending on their share status a new filter type should be created.
* This filter is part of the common filters and has the name "Share with user". This will contain four different options:
* Is
* Is not
* Any
* None
* The users will only be able to see users from the projects they are members. If a user has no permissions to manage or view share work packages this filter will not be displayed.
### Trigger notifications
* Shared users as they have a linked account can be mentioned and added as watchers.
* Shared users should be able to receive relevant notifications in their notification centre when mentioned or there is changes in work packages they are watching.
* A rework on the notification settings will be needed due to this. There will be a new "Participating" notification role with "Shared with". _(to be designed)_
### Global access to shared work packages
* The global index pages for work packages will look the same as the current implementation.
* The shared users will be able to see the name of the project of the work packages shared in the project drop downs and selections. In case this are inside of a sub-project, they will only see the sub-project (current implementation if a user is full member in a sub-project).
* The user can then access the project but within it would only find the work package module enabled with the work packages shared listed.
### Copying a project
* Copying a project will copy the shares of its work packages.
* This will trigger notifications for the shares that are copied if the user copying has the notification setting activated.
# Visuals available in Figma
* **Desktop:** [https://www.figma.com/file/PlN4AmkwHNabNiT1Z7nZAA/Share-Work-Packages?type=design&node-id=53-7841&mode=design](https://www.figma.com/file/PlN4AmkwHNabNiT1Z7nZAA/Share-Work-Packages?type=design&node-id=53-7841&mode=design)
* **Mobile:** [https://www.figma.com/file/PlN4AmkwHNabNiT1Z7nZAA/Share-Work-Packages?type=design&node-id=1873-10273&mode=design](https://www.figma.com/file/PlN4AmkwHNabNiT1Z7nZAA/Share-Work-Packages?type=design&node-id=1873-10273&mode=design)
# Out of scope
* Share work packages with other projects
* Private comments
* Additional permissions for work package attributes and custom fields
* Sharing work packages with the project hierarchy (e.g. milestones that are shared with sub-projects)
* Change of the auto completer for users
* Change of the behaviour of filter option and values. Currently the available filters and their values are determined by the project filtered in. This is an limitation that already exists for sub-projects or included projects.
* Access tokens for individual work packages so users don't need to create a user account.
* Boards: Not possible to have a column for shared with user on assignee board
* Team planner: Not possible to have a row for shared with user on team planner
* Inside of the global work packages module (outside of any project) there is two new menu entries:
* **Shared with me:** A default view with the filter "Shared with" with a value of "is" and the user added as the unique filter value.
* **Shared with users:** A default view with the filter "Shared with" in the value "any".
# Open topics
### Permissions
* There is the risk of privilege escalation here. A user with only the permission to view work packages and share them should not have the permission to grant sharing on an edit level. So the permissions the user administrating the sharing should limit the sharing levels: Only a user having the `edit_work_packages` permission should be able to add edit-level sharing.
* For sharing with new users, the user would also need the `create_user` permission, correct?
* For the edit permissions, additional resources in the project need to become visible:
* all member users
* all member groups
* all categories
* all versions in case there is a version custom field the user should be allowed to edit