Only allow users access to cards they are assigned on

[plyaskin]

The rules of permission (show or hide) to cards for assigned users

[juliushaertl]

Comments for cards

Will be there in the next release: #10

The rules of permission (show or hide) to cards for assigned users

This is a very specific use case which will could lead to a lot of confusion when users can only see specific cards, so I don't think it is worth adding.

Assignment alert to email via Activity

Will also be there in the next release: #211

[plyaskin]

This is a very specific use case which will could lead to a lot of confusion when users can only see specific cards, so I don't think it is worth adding.

Maybe will you add the specific board for this case? Or the track below on a board with permission for a user some like this?
https://en.kaiten.io/kanban

[juliushaertl]

Maybe will you add the specific board for this case? Or the track below on a board with permission for a user some like this?

Can you try to describe what you would like to achieve with this feature? As I understand it you just want cards to be visible to specific users only.

[plyaskin]

Can you try to describe what you would like to achieve with this feature? As I understand it you just want cards to be visible to specific users only.

Yes, I want to have the general board with all cards and to show the card (task) for a user who was assigned, but other cards shouldn't show because this is tasks for other users and contains confidential information. In this way I can to sort my cards between different specialists on one board and not to be confused. Now I need to duplicate the cards between the boards.

[juliushaertl]

OK, so it would be a permission on a per board level. I think we could integrate that nicely into the board permission management by adding another checkbox like "Only allow users access to cards they are assigned on". What do you think @nextcloud/deck ?

[pixelipo]

Please see my reply in #662

Permissions system is one of the must-have "pro" features, but it's not really necessary for private ones. In order to build it, we need to sit down and work out a really good concept for it - then a UI - then implement it :)

[plyaskin]

Hi @pixelipo,
I think you can to do this for pro version, but for private will enough just this checkbox with a functionality of permission If I right understand you :)

[pixelipo]

@plyaskin it's not "just a checkbox" - you need to set up a whole interface. Your requirement is just one very particular usecase in the wider range of "permissions" feature. Why would it make sense to implement this single usecase now? Why is that one more important than any other permissions feature, such as "Give "write" access to a card only for admin and assignee"?

Implementing a single usecase without preparing for a wider set of planned related usecases is not a good way to do app development.

[brianbgness]

For most users, I think a simple toggle (like compact mode in v2.5) would work nicely switching between all cards and only those cards assigned to you. Also perhaps it would be easy to implement changing the 'Edit' permission into 'Edit Own' and 'Edit Others'. Both permissions together would be equivalent to today's 'Edit'. That way users could be restricted to editing only the cards they are assigned.

[brianbgness]

No, after thinking further about it, I am wrong. That will not work. Considering it is optional to assign cards, users would lock themselves out if they did not assign themselves. The only practical way to implement would be to prevent the 'Edit Own' permission from adding new cards. And then only allow admins to add and assign cards.

The downside of this would be increased complexity. What I like most about Deck is the simplicity. Large organizations might need the control, but I am OK with trusting my users to be careful. If I did not trust a user I would not give that person edit permission.

[plyaskin]

@brianbgness, I told about all the information on one board. Do you ready to share financial information of the company for all users even if you to trust all of them? Agree not everyone should know this information as some other.

[brianbgness]

Good point. Some information within organizations should be kept confidential. Human Resources (aka HR) is one example. Suppose the HR department wanted to use Deck to track employee annual reviews where employees are given raises and bonuses. In this use case, the whole board cannot be public due to the salary information. HR would own the board and see it all. But for everyone else, cards and the timeline would have to be filtered by assignment. A card titled 'Decide 2018 raise for Tom' would be assigned to a group of managers and executives. Another card 'Meet with Tom for 2018 review' would be assigned only to Tom and his manager.

Is this what you mean?

[mkrecek234]

I would opt for implementation for this feature. To manage a team where not everyone is allowed to view all cards is very helpful. Also this would trickle down to if you eventually assign a folder to a card, then only users assigned to that card are allowed to see that folder.

Would be a GREAT addition and very helpful. However this would also mean you have to implement access right structure for boards:
Users:
Admin = can do anything
User = can view/edit anything
Only own = can only view/edit own.

[mkrecek234]

@juliushaertl Do you consider this meaningful? I could think about contributing, as it is "just" another option for configuring a board user's access level.