Prevent forking outside a private group
Problem to solve
Customers with intellectual property want to prevent their data from leaking. We built a feature to prevent forking outside a group that can be used with GMA. Customers want to be able to take advantage of this functionality in any group.
User experience goal
Groups owners feel confident that their intellectual property is safe. Group members receive clear explanations about why they can't fork. There is a clear alternative path for them to follow to do their work.
For private groups, a group Owner should be able to toggle whether or not forks can be created outside of the group.
- When enabled, creating a fork should only be allowed if the fork is created inside the group.
- When disabled, group members should be able to fork anywhere.
- Option should be available for Silver level and above.
This option should be disabled by default (changing behavior of existing groups is not desired). Note that this restriction would only apply to attempts to create new forks and won't affect any existing forks that are already in personal namespaces, which we should make clear in the documentation. This setting should inherit down a group hierarchy just like the "Private" setting.
As part of this change, we should remove this option from the Managed Accounts section so there's not 2 places to do the same thing.
Permissions and Security
This will live within group settings so same permission rules apply as with other options there.
Availability & Testing
Links / references
- Product: issue description is accurate with an acceptable proposal for an MVC
- Engineering: issue is implementable with few remaining questions, is sufficiently broken down, and is able to be estimated