Update: Simple Access Control   by Ryan

When Bugrocket began it had a very specific user in mind. Notice, user and not even customer – Bugrocket was initially built for a pretty specific kind of small development team. You can read a lot more about our philosophy and how things got started by reading this blog and our manifesto.

We still feel strongly about this approach, but there is another type of team that is seriously underserved by current bug trackers.

Freelancers and Web Consultants

The problem with the self-contained small team focus we’ve had up to now comes up when you’re working with more than one team. You have people working in almost entirely separate teams, groups or on distinct projects, but they’re all under one conceptual roof. You might be working with a client’s developers or maybe you contract developers yourself to work on specific projects.

Before now, every project that needed a different set of users would need its own Bugrocket account! That is, at least superficially, good for us. But with 3, 5 or 10+ projects it’s going to get pretty expensive. Not to mention the annoyance of having to jump around between different accounts and maintain sessions and credentials for each one.

ACL

Some bug trackers solve this by forcing you to define companies and roles and teams and other stuff in order to get started. Upload the company logo! Configure what project managers can do and what QA people can do, etc.

Clearly we wanted a middle ground between this sort of pointless data-entry and just turning away all of the freelancers we had knocking on our door.

What we settled on has to be the smallest, simplest thing that could possibly work.

Here’s a fully detailed explanation of the feature:

  • Firstly, you can find the setting via the admin page by editing a project.

  • Access control is entirely optional. If you don’t enable it, everyone has access. This covers the 90% case where you’re a single team of developers. Just forget this feature exists if you don’t need it.

  • If you do turn on access control for a project, active users show up and can be given access individually. Admins always have access, of course, since they could just give themselves access anyway :)

  • Anyone without access simply won’t see the project or anthing related to it anywhere on Bugrocket.

  • Users who don’t have access to a given project won’t appear to users that do in assignee drop-downs or filtering UI, either.

  • New users don’t have access to anything that is access controlled until specifically given access.

We think this implementation covers two important bases: First, that we don’t impose extra UI noise into the app, and second: we don’t turn away people for whom Bugrocket would otherwise be a great fit.

This feature was released in secret a while ago so we could approach individual customers and gather feedback. Does it cover your use-case? Let us know by sending us an email or using the ‘feedback’ tab at the top of the application.