Even though this could be condensed by combining the 'None' case and the unset case, I left them separate so that we can replace true in the ternary with the ownership removal later. Otherwise we could simplify it to just

new_group = attributes.fetch(:group_owner, 'None')
(new_group == 'None') ? true : set_group_owner(new_group)

I don't see where this is being called from. Also - None value is likely dangerous if it's ever used. It should default to the users Primary group as that will always be a valid fallback.

I already removed the 'None' option from the select, as that was only necessary when we were detecting the 'possible groups', which could have been an empty set. Now that we are detecting the user's groups directly, there is no way to submit 'None'. However I see how this could create issues, maybe just sticking with nil as the default is a better idea. It should still cause set_group_owner to rescue, but ideally without any unintended effects

Although this instance variable is not explicitly used, it is responsible for setting the initial value in the form

Can we actually move this to update_permissons - I feel like it fits better there.

Errr.... actually it is fine here. We should maybe just pass 750 to mkpath here.

I say that it's fine here, because we'll also need to setgid bit for shared projects and we should do that before we make the other directories so that they're initialized under the correct group.

It certainly would logically, but as soon as project_dataroot has files, we end up in the chmod -r scenario that could present a lot of complex cases. By intercepting it as soon as the project directory is created (before it has any contents) we make sure that the group ownership (and eventually setbit) setting can inform the creation of those project files

We should maybe just pass 750 to mkpath here

I wonder if this prompts a reorganization to the setup steps here. Maybe we have a method make_root that just creates the root directory, and then fire them in the following order: make_root && update_permissions && make_dir.... That way all the permissions changes have the chance to apply before metadata files are created

I decided to go ahead and make these changes. So the root directory creation has it's own method make_root, chgrp_directory is included in update_permissions, and the flow in save is as I described above. Since we are going to have the setbit stuff coming this sets us up ahead of time.

Since it's an att_reader we should prefer to use it instead of referencing the instance variable directly. I.e., group_owner instead of @group_owner.

Also the name of this method implies it's a setter method, which it doesn't actually set the instance variable. Infact it's chowns the directory, not just retrieve an instance variable.

Can we fix these get_ and set_ signatures? Maybe it's more like default_group_owner and chown_directory respectively.

Yeah I definitely see how set is a problem with that. For get_group_owner I am less sure, seeing as this is the source of truth that we use to report it later (indeed it returns nil if run on an uninitialized project). 'Default' could also get confused with setgid bit (or other 'default' facl rules) so I would want a different term than that.

For set_group_owner, maybe we want to borrow some other naming patterns from this file and call it update_group_owner (in the pattern of update_permissions)? It cannot set the group to anything other than the group_owner attribute, and I feel like chown_directory may be missing that aspect.

I suppose in both cases there is an issue of ambiguity between the 'actual' group on the project root, and the @group_owner instance variable, and both methods are used to help get these in sync with one another.

OK, there's also chgrp_directory too.

As to get_group_owner maybe it's just directory_group_owner?

It's just get & set - on the surface - tend to reference getting and setting instance variables so I'd like to avoid them.

Ok yeah I am happy with those

I have taken care of renaming the two methods and using the attr_reader instead of getting the variable directly

I have added the help button to the label by passing html as a HEREDOC string to the bootstrap-form helper. This html includes the question-circle bootstrap icon as an svg. If we do not like the idea of including the svg directly, there are other ways (like adding bootstrap-icons as a dependency), but this seems the most straightforward and stable.

Yea why not icon in an i tag like this one:

Yeah that seems good. I figured there was an existing pattern somewhere, but hadn't been able to find it

This has been done, so should be ready for re-review

End users should not be allowed to chgrp on a directory in their HOME, that will just lead to confusion and errors.

I already thought of this and covered that case here. While some client-side js might make this more clear to the end user, we at least keep them safe from actually doing it.

Yea I think we should just reinforce it for the end user - or we'll get questions about why the value they supply does nothing.