Closed Bug 1097352 Opened 10 years ago Closed 7 years ago

products need finer grained public/private flags

Categories

(Input Graveyard :: Backend, defect)

Product:
Input Graveyard
Component:
Backend
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED WONTFIX

People

(Reporter: willkg, Unassigned)

Details

Products listed as "not public" are still visible via the API.

There are two problems with this:

1. "not public" should literally mean "not public" and thus the feedback shouldn't be available without authorization/authentication

2. however, that screws up dashboards the UA folks are doing

So, we need to figure out some solution that satisfies both requirements.
I think we need two levels of "not public". 

One major use for "not public" is actually to just not put stuff on the main input front page. I don't actually think we need high security for most of our data and it would be nice if the front page was just focused on the big products (especially since Loop/Heartbeat will slowly take over all of feedback otherwise).  API should still work and direct links to feedback should still work.

The other level is "fully private" which means no API, no front page and no direct links. This means that unauthenticated users don't know it exists. For building dashboards with this data, we assume that some part of it is sensitive so UA should use the DB access that we have and extract out the data that we want to display in a safe way.
If we don't end up implementing cww's idea, I'd appreciate a few weeks buffer for us to emulate some of Input API's functionality before leaving. (We have other high priorities at the moment otherwise we could do this quickly).
I'm game for Cww's idea.

Seems like we need to do two changes:

1. fix the response view (i.e. permalinks) so that they work regardless of whether the product is visible on the dashboard

2. add a new flag on products for public/private which if set to "private" causes the feedback to not show up anywhere without authentication/authorization: front page dashboard, response view, API, etc


Seems like the first one we need to fix pronto (it's an easy fix) and the second one we can push off until we need it since I think Cww is right in that none of the products we're collecting feedback for are super double-secret.

Does that sound right?
Perfect.
Grabbing this to fix the response view to not kick up a 404 when Product.on_dashboard is False.

Changing the scope of this bug. I'm going to kick the can on the rest of this bug until later.
Assignee: nobody → willkg
Status: NEW → ASSIGNED
Summary: products listed as "not public" are still visible via the api → products need finer grained public/private flags
Fixing the response view in a PR: https://github.com/mozilla/fjord/pull/380
PR 380 landed in https://github.com/mozilla/fjord/commit/5480c420c9e2db3d0b2071266b6113701fc7387e

I'll push it on Monday or possibly earlier if someone tells me to push it ASAP.
Unassigning for now. I'm not working on it.
Assignee: willkg → nobody
Status: ASSIGNED → NEW
The Input service has been decommissioned (see bug 1315316) and has been replaced by a redirect to an external vendor (SurveyGizmo). I'm bulk WONTFIXing Input bugs that do not appear to be relevant anymore.
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → WONTFIX
Product: Input → Input Graveyard
You need to log in before you can comment on or make changes to this bug.