Comment 3 for bug 605130

P3A access is granted by ViewPublicOrPrivateTeamMembers in the archive subscriber block. This method could be extended to check if the user is subscribed to any branch or merge proposal. I do not certain this kind of extension scales. The implementation would grant the user access to all of the private-teams pages by virtue of a single subscription. This is what happens with P3A and it is not ideal--having access to an archive should not convey access to anything outside of the traversal path.

When we talk about restricted observers in the context of a project (a user with a subscription to an artefact owned by a hypothetical private project) We believe a subscriber may know the names of the objects in the path of traversal, but nothing more. The user may see all the detail of the subscribed artefact and all the details of its subordinate artefacts. Thus subscribing a user to a branch owned by a private team should reveal the team name and displayname, give full access to the branch, and full access to the branches' MP's

I'd like to know William's opinion on this since he has been thinking about the restricted observer implementation.