no way to request membership in a private team - can only be added

I think this bug need rethinking. I would close this as it is described now because users should never be permitted to request to join a restricted team, which is the case of the private team.

I think the intent of this bug relates more to the defect, well the feature I hate, where a team can add any user without permission. I think this bug might really be a duplicate of bug 239909. As a team owner, I want to invite users and teams to join my team. This is not about privacy, nor is it just about restricted teams because I could have an open team that wants to collaborate with other teams and users.

> I would close this as it is described now because users should never be permitted to request to join a restricted team, which is the case of the private team.

But this is just restating the current behaviour, not an argument for keeping that behaviour.

I think there is a real problem here that has occurred several times. People get the link and then can't do anything useful with it.

There are various solutions, some of which overlap with other bugs:
 * show people "this object exists but you're not allowed to see it", if they guess the right url
 * have an organization model so people in ~canonical can see ~canonical-foo and freely choose to join it

Adding an 'invitation to team' feature wouldn't have specifically solved my case because I sent the invitation to a large team.

On Tue, Oct 25, 2011 at 10:08 PM, Martin Pool <email address hidden> wrote:
> I think there is a real problem here that has occurred several times.
> People get the link and then can't do anything useful with it.

I agree that that is a problem

> There are various solutions, some of which overlap with other bugs:
>  * show people "this object exists but you're not allowed to see it", if they guess the right url

We're not going to do that. Private objects should be private, and
disclosing existence can be harmful in and off itself. Knowing which
cases are safe and which aren't would be fragile, and until we're not
drowning in tech-debt, we should choose the route that is simplest to
be safe in.

>  * have an organization model so people in ~canonical can see ~canonical-foo and freely choose to join it

Thats a possible solution. Another is the disclosure style observer
model where you can explicitly allow broad read access to an object.
What way to go requires considerable analysis though.

> Adding an 'invitation to team' feature wouldn't have specifically solved
> my case because I sent the invitation to a large team.

And because the team members you want to be permitted to join mutates over time.

In fact, there are use cases for private-to-<rule>, open / moderated /
delegated and restricted teams. But the risks are pretty big that we'd
get it wrong unless we carefully cover the possible interactions.

Another option is to make a shareable invitation url, where the people
who apply still need to be approved before they finally join.

I don't want to design this now or to argue it's any more than Low,
but I do think it should stay open.

see also bug 405277

I think this bug still need definition.

No one can request to join a restricted team regardless of whether the team is public or private. I think this issue argues for a moderated private team, which would never work without...

Teams could have an observer feature like project where I could grant users permission to view my team without being members. With view permission, I could use other features like contact the team and request membership.

I think the problem statement is clear, isn't it? We're just not clear on how we would improve it. There are some options in comments 1-4. I'm happy to leave this Low and we can work it out if/when it gets to the top of the queue.