This question is in reference to Atlassian Documentation: Viewing an Issue's Change History
Sometimes our users post passwords or other restricted information by mistake. They (and the admins) can edit the fields and/or comments to remove these, but the previous revisions – with the information – stay in history. Can they be permanently removed – without going to the database?
We use Jira-7.1.1 here, if it matters. Thanks!
An issue tracker that allows for the easy deletion of what you're tracking? It's actually more likely to go the other way and make sure no information is lost - there's loads of people asking for "edits/deletes of comments need to be recorded".
An issue tracker that allows for the easy deletion of what you're tracking?
I think, I offered a perfectly legitimate use-case. The fact of deletion can be recorded for accountability, but it needs to be possible to make the old version lost for good. Confluence has this already, so should JIRA.
I think the systems are in use for very different things - there's quite a lot of places where we have to completely disable the ablility to delete or amend anything in JIRA, because it's for tracking (the worst case I've seen is someone arrested and cautioned for deleting tracking data). You do have a valid use case, but that's not to say it should be made easy. Quite the opposite for a tracking system.
someone arrested and cautioned for deleting tracking data
This can still be possible – the fact of deletion can remain recorded. But not the content... Such deletions may require additional privileges – a special role, perhaps – but they ought to be possible. And easy...
You do have a valid use case, but that's not to say it should be made easy.
That in itself is self-contradicting. Everything legitimately possible should be easy – the general rule of life, in which machines help humans.
No. Absolutely not. It should be very heavily protected. As I've already shown, in some cases it is downright illegal to destroy data, so you should always track it. As a general rule, it absolutely should be hard, to lower the chances of accidents.
I don't understand how "yes, you have a case, but that is not a reason to make it easy" is self-contradicting. The first clause is that "you do have a case where destruction is legitimate". How does the second clause of "make that hard" contradict it?
As for everything legitimately possible should be easy - that's just insane. Under that logic, you should place a shortcut on the Windows desktop for "destroy my computer". It's legitimate, but making it that easy is just stupid.
It should be very heavily protected.
It can be heavily protected, and still easy for people with appropriate permissions.
in some cases it is downright illegal to destroy data, so you should always track it
As I've already pointed out, you can still track the fact of deletion – without the content of deleted information available.
So long as deleting the entire issue is possible – and easy – doing that to bits and pieces of it should not trigger any additional legal, ethical, or philosophical concerns.
you should place a shortcut on the Windows desktop for "destroy my computer". It's legitimate
No, it is not "legitimate" – as in: there is no valid use-case for it.
Anyway, I think, we are done here. Thanks!
No, you've missed the point - sometimes it's illegal to destroy the data. The content. Recording the deletion is useful for the prosecution.
There very much are legitimate uses for "destroy my computer". In fact, exactly the same use case as you gave earlier. So coupled with your statement about the ease of doing it, you're saying every computer should have such a button. I'm saying you should deliberately make it hard, and protected.
To continue this thread, if the history isn't deleted, is there a way to mask or black out the exposed information? Let's say somebody puts in a person's private information in a comment or ticket. You delete that information but it still sits in history, viewable.
Can you somehow stop that private information from being viewable?
Hey admins! I’m Dave, Principal Product Manager here at Atlassian working on our cloud platform and security products. Cloud security is a moving target. As you adopt more products, employees consta...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs