Open rkg-mm opened 2 years ago
+1
This feature would be highly appreciated. The portfolio access management as it is right now is not that useful.
E.g. you model your projects in a hierarchical manner, where different teams have access to differnt top-level projects. Now you need to grant each team access to all child-projects of a tlp for them in order to access them. If a new version of a child project is being created, this new project needs to be explicitly added to the list of projects the team can access.
Also not sure how it would work to autocreate new versions of a project with this feature enabled, need to test that.
Current Behavior:
With implementation of #84 project hierarchies get actually relevant. For notifications we introduce respecting the hierarchy by including children in a notification rule with https://github.com/DependencyTrack/dependency-track/pull/2013. But for ACLs this is not yet possible and each version needs to be defined separately.
Proposed Behavior:
If a team is given access to a project via ACL, any children of this project should be covered automatically, too.
To be considered:
This needs to be performant and able to handle big hierarchies without slowing down e.g. portfolio overview