Content
View differences
Updated by Parimal Satyal about 1 year ago
* Administration: there are new role permissions:
* View comments with restricted visibility
* Write comments with restricted visibility
* Edit own comments with restricted visibility
* Edit others' comments with restricted visibility (for moderation)
* When I write a comment, I can choose to restrict its visibility
* There is a checkbox to enable this
* When checked, it shows a caption that explains the limited scope of visibility.
* There is a "More info" button "Who?" link that takes the user to the documentation of the feature.
* The background colour of the comment box will change the to same colour as the restricted-visibility comments in the Activity stream to reassure the user that this mode is indeed active, with a clear visual signal.
* [Primer colours](https://primer.style/foundations/color/base-scales) to use:
* ~~**Background **Background info line:** base-color-orange-1~~ base-color-orange-1
* ~~**Background **Background body**: base-color-orange-0~~ base-color-orange-0
* ~~**Stroke **Stroke info line**: base-color-orange-1~~ base-color-orange-1
* ~~**Stroke **Stroke body**: base-color-orange-1~~ base-color-orange-1
* These colours will automatically adjust to dark mode (Primer feature)
* If a comment is restricted-visibility, it is easily distinguishable from other comments (that are public) so I can be reassured that they can't be publicly visible.
* Restricted-visibility comments appear in a different background colour (defined above)
* There is a lock icon on the top right corner to the left of the More icon.
* There is an alt text: "Only visible to a limited group of members."
* _This will eventually show a Primer tooltip and lead to the Members page on click. See out of scope._
* If there is also an unread badge, this will appear to the _left_ of the lock icon
* Normal (public) comments with _not_ have an unlocked icon
* Quoting is possible. However, when quoting a comment with restricted visibility, that comment must also be confidential by default
* The 'Restrict visibility' checkbox is checked
* _Risk: the user inadvertently some how unchecks this but leaks the comment. But they could just also well copy/paste a restricted comment._
* This is to limit the risk of accidental/inadvertent leaking of the comment.
* Notifications: restricted visibility comments will also appear in the notification center just like comments if I have access to them
* Same with email notifications
* It should not be possible to _@mention_ users who will not be able to view the comment with restricted visibilty (i.e, the drop-down needs to exclude users without the requisite permissions)
* If were part of a role that afforded you the ability to view restricted visibility comments and you are subsequently removed from this role such that you no longer have this permission:
* You can no longer view or post such comments in the Activity tab
* The Notification centre should not break (because it can no longer find the missing notification)
* The notifications will stop, but for unread and past notifications:
* Restricted visibilty comments are now hidden
* No other changes (to # of notifications, badges...)
* _Risk: Any email notification sent cannot obviously be retracted.r_
* There is no visible numbering of activity comments anymore for all comments (restricted visibilty or otherwise),
* Ideally, old links with `#activity-<comment-number>` still work.
* Copying the URL of a comment will have a new URL scheme including a real, persistent ID and not a generated number anymore so that it stays the same even when other comments are added or removed from the activity, e.g. #comment-<journal-id>
* When that URL is opened the browser will auto-scroll to have the comment in the visible viewport.
* When there is not Enterprise token, or the token does not allow this feature:
* We still show the permissions in the role administration and leave them editable.
* We don't show the toggle/checkbox to make a new comment a restricted comment.
* We show a banner at the project setting for enabling the feature.
* Restricted visibility comments can be enabed/disabled at a project level
* There will be in a new tab called 'Activity' in the new consolidated 'Work packages' page in Project settings.
* In this tab, there is a single checkbox with:
* Label: "Enable restricted visibility comments"
* Caption: "Restricted comments allow an internal team \[Project settings to communicate amongst themselves privately. These are only visible to select roles that have the necessary permissions and will not be visible publicly. Read more."
* The "Read more" is a link that links to the documentation for this feature.
determined\]
**Mobile specificities**
* On narrow screens, sreens, comments with restricted on the timeline are displayed the same way as the mobile rendering of normal comments, but with the additional elements:
* Different background colours
* The lock icon
* When writing a comment, the "Restricted visibility" checkbox label is shorted to just "Restricted" rendered above the comment input (editor) as in larger screens, but the caption text is only a simple link with text: "Who can see this"?
* The "More info" button is not visible This link, in the first iteration, points to to the documentation page, just as the "Who?" link on mobile larger screens
* View comments with restricted visibility
* Write comments with restricted visibility
* Edit own comments with restricted visibility
* Edit others' comments with restricted visibility (for moderation)
* When I write a comment, I can choose to restrict its visibility
* There is a checkbox to enable this
*
*
* The background colour of the comment box will change the to same colour as the restricted-visibility comments in the Activity stream to reassure the user that this mode is indeed active, with a clear visual signal.
* [Primer colours](https://primer.style/foundations/color/base-scales) to use:
* ~~**Background
* ~~**Background
* ~~**Stroke
* ~~**Stroke
* These colours will automatically adjust to dark mode (Primer feature)
* If a comment is restricted-visibility, it is easily distinguishable from other comments (that are public) so I can be reassured that they can't be publicly visible.
* Restricted-visibility comments appear in a different background colour (defined above)
* There is a lock icon on the top right corner to the left of the More icon.
* There is an alt text: "Only visible to a limited group of members."
* _This will eventually show a Primer tooltip and lead to the Members page on click. See out of scope._
* If there is also an unread badge, this will appear to the _left_ of the lock icon
* Normal (public) comments with _not_ have an unlocked icon
* Quoting is possible. However, when quoting a comment with restricted visibility, that comment must also be confidential by default
* The 'Restrict visibility' checkbox is checked
* _Risk: the user inadvertently some how unchecks this but leaks the comment. But they could just also well copy/paste a restricted comment._
* This is to limit the risk of accidental/inadvertent leaking of the comment.
* Notifications: restricted visibility comments will also appear in the notification center just like comments if I have access to them
* Same with email notifications
* It should not be possible to _@mention_ users who will not be able to view the comment with restricted visibilty (i.e, the drop-down needs to exclude users without the requisite permissions)
* If were part of a role that afforded you the ability to view restricted visibility comments and you are subsequently removed from this role such that you no longer have this permission:
* You can no longer view or post such comments in the Activity tab
* The Notification centre should not break (because it can no longer find the missing notification)
* The notifications will stop, but for unread and past notifications:
* Restricted visibilty comments are now hidden
* No other changes (to # of notifications, badges...)
* _Risk: Any email notification sent cannot obviously be retracted.r_
* There is no visible numbering of activity comments anymore for all comments (restricted visibilty or otherwise),
* Ideally, old links with `#activity-<comment-number>` still work.
* Copying the URL of a comment will have a new URL scheme including a real, persistent ID and not a generated number anymore so that it stays the same even when other comments are added or removed from the activity, e.g. #comment-<journal-id>
* When that URL is opened the browser will auto-scroll to have the comment in the visible viewport.
* When there is not Enterprise token, or the token does not allow this feature:
* We still show the permissions in the role administration and leave them editable.
* We don't show the toggle/checkbox to make a new comment a restricted comment.
* We show a banner at the project setting for enabling the feature.
* Restricted visibility comments can be enabed/disabled at a project level
* There will be in a new tab called 'Activity' in the new consolidated 'Work packages' page in Project settings.
* In this tab, there is a single checkbox with:
* Label: "Enable restricted visibility comments"
* Caption: "Restricted comments allow an internal team
* The "Read more" is a link that links to the documentation for this feature.
* On narrow screens,
* Different background colours
* The lock icon
* When writing a comment, the "Restricted visibility" checkbox label is shorted to just "Restricted"
* The "More info" button is not visible