I follow the Phabricator task T228574. That task was rather promptly declined and closed since it in part involves the ongoing task T227416 which is already being dealt with. The latter is related to a security issue and therefore restricted, and I currently haven't got the necessary user permissions needed to view it. Question: even though I can't view the task itself or the data it involves, I wonder if there's any possibility for me to get an automatic notification when the task is resolved (at which point the first, non-security- but otherwise related task T228574 would also be resolved)?
Topic on Talk:Phabricator/Help
The intention of a non-public task is that it's non-public, so leaking status information of a non-public task would defeat the purpose.
I'm fairly big on security myself (VPN, 2FA, PGP etc.) so I can appreciate that. However in this (and I guess all similar) cases the only information I can see about the task is the task ID and that it's restricted, and a text string saying that the task owner can view and edit the data. That's it. A search for the task ID won't reveal anything more either (and of course it shouldn't).
As far as I can tell leaking status information in these particular cases wouldn't pose a problem, since regardless of status I can't see any information regarding when the task was first issued, nor any data about what problem the task is supposed to deal with, or the task owner's user ID. As you said that information is supposed to be non-public so that's of course fine.
However, as a bureaucrat on Wikispecies I would like to be able to tell our users in the autoconfirmed user group when they no longer need to (temporarily..?) use CAPTCHA in order to add external links to reference templates and citations, per the public but closed T228574 task mentioned above. (Odd as it may seem, apparently the bug doesn't pertain to any other user group, including confirmed users.)
See https://phabricator.wikimedia.org/T187051 for more discussion on this topic, and https://phabricator.wikimedia.org/T187051#5191464 for an explanation of the current behavior. I don't see good reasons to change the current general behavior.
However, regarding your situation I see a problem that there is no good way to "apply" for access to a specific non-public task... Maybe you should just get subscribed to the non-public task? I've asked on that task.
Hello @Tommy Kronkvist, https://phabricator.wikimedia.org/T228574 is technically resolved right now, because as you can see on https://species.wikimedia.org/wiki/Special:ListGroupRights, autoconfirmed users now again has skipcaptcha permission, and as such, the problem the task describes no longer exists.
This comment should not be deemed to be a decision if you should have access to the task, Ï just wanted to comment on the specific issue you mentioned as a reason for getting access.
@AKlapper (WMF), Martin Urbanec: Hello again and thank you both for the updates! Andre: I haven't poked around in all the pages about this, but from a quick glance I can't see how I would be able to subscribe to the non-public task. The information I get is really limited – please see the included screenshot. Is there any other way/page from where I would be able to subscribe to non-public tasks while still keeping the non-public restrictions intact?
As written, there is no good way to "apply" for access to a specific non-public task. It is intentional that you cannot subscribe to a non-public task because the task is non-public. :)
The access policy most of restricted tasks have is "members of (some acl project, such as Security) and subscribed accounts". Since you can't subscribe to a non-public task, list of subscribers is used as an ACL to let in people who should have access to this (and only this) restricted task. The sentence "Maybe you should just get subscribed to the non-public task?" just meant "Maybe we should just let you in [by subscribing you to the task]".
Thanks for explaining. The "Maybe you should just get subscribed..." sentence from AKlapper (WMF) is a bit ambiguous, suggesting that I could perhaps subscribe in some odd way, after all.
Anyway, I consider this matter resolved (-ish... :) and will settle with that. I'm one of the Wikimania 2019 volunteers so right now there's definitely more urgent tasks to handle than trying to resolve already resolved issues... :)
Nice! Please do let me know if you have any other questions in this matter. See you during Wikimania!
> AKlapper (WMF) wrote:
> As written, there is no good way to "apply" for access to a specific non-public task. It is intentional that you cannot subscribe to a non-public task because the task is non-public. :)
It might not be clear for most people that being subscribed actually allows you to access the task. Tried to clarify in my above comment.