Summary

Set issues as private for either those with ACLs or require login to view

Background

Currently, tickets set to private are only viewable by those with the correct ACLs. You must be a member of the repo with privileges to view private issues.

One gain from this is with search engine indexing. Sometimes a ticket's discussion or comments may be sensitive in nature or contain content that could be damaging for an individual. In those tickets, making them private might be preferred but it locks anyone without the ACLs out from the conversation. This feature would be a hybrid approach, to allow participation from the wider community without search engines or a casual visitor from seeing these tickets.

Details

One way to implement this is as a project setting, where an admin can allow for issues to be filed as private or require login.

Default behavior

If this feature is added, I envision this default behavior:

• Option for any user to file a ticket to require login as disabled (keeps things simple for the average project admin)
• User with ticket ACLs always has ability to change a ticket to private or require authentication (even if setting is disabled)

When enabled

If the option is enabled in repo settings, it would change the following:

• User filing a ticket has two optional, mutually exclusive options to choose on creating issue: Private to admins (already implemented) and Private to logged-in users.

Or something to this effect.

Outcome

• More flexibility for private tickets with different levels of privacy
• Avoids search engines indexing certain content that is not valuable to the public, but might be valuable to community members using a Pagure instance

cc: @mattdm @bex @bowlofeggs @kevin, in case you have implementation feedback based on recent experience