On 29 October 2010 12:10, Henning Eggers <[email protected]> wrote: > This is a request for a principal policy decision although I raise it based on > a specific case. > > I just submitted a fix for bug 638920[1] which deals with the situation where > a public project has its code in a private branch. Trying to display a link to > that private branch will cause an "Unauthorized" exception. When deciding how > to deal with this on the translations page for a project series I realized > that the overview page was already dealing with it by pretending that no code > branch has been set at all. "No revision control details recorded for ... > series." So I felt I had to do the same on the translations page in order not > to give away more information than was intended. > > Is it a conscious policy decision to treat private data like non-existent > data? If not, what should the policy be? What do we gain by hiding the fact > that private data exists? What risks are we taking with a statement like "The > code for this series is held in a private branch." or "You have no access to > the code for this series." ?
I think the general policy is indeed that if you can't see X, you can't even see X exists. However, there are exceptions, and perhaps this is one. It aligns a bit with the registry changes towards distinguishing "we don't know where the code is", "there is code but we don't have it", etc. istm this should go into some kind of developer guide document. -- Martin _______________________________________________ Mailing list: https://launchpad.net/~launchpad-dev Post to : [email protected] Unsubscribe : https://launchpad.net/~launchpad-dev More help : https://help.launchpad.net/ListHelp
