How to compartmentalise an outward-facing Bugzilla?

Question

We're an ISV with ~65 customers. When they call with a support issue, we log it in our internal Bugzilla instance (there is a handful of specially trained super-users at each customer site from whom we allow calls).

We're considering making this Bugzilla instance available via the Internet so that customers can log their own issues and track their progress. However, we do not want any customer to see another customer's issues, not least because each issue can contain commercially sensitive information.

As far as I can tell, Bugzilla controls bug visibility using "Products" and "Groups". In our case, we'd have to set up over 60 of each, which would seriously complicate our usage and administration of Bugzilla (e.g. searching and reporting).

Is there another way to provide compartmentalised access to Bugzilla? Do any other issue-tracking systems have features that solve this problem?

Answer 1

Once a bug has been restricted to a group, where only certain people can see it, you have the option of making the bug visible to (a) the bug reporter and/or (b) anyone on the CC list, regardless of whether they are part of the group. In fact, I think that's the default.

You could create an Internal group, which all your staff are members of and all your customers are not. Only members of that group can access the bug. If you want to grant a customer access to that bug, add them to the CC list. If membership to the group is not required for bug entry, customers will be able to enter bugs and, since they are the reporters, will automatically have view access.

(I don't have a Bugzilla installation in front of me at the moment, so I'm just doing this off the top of my head.)