Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

This is a pain point for me because HipChat's permissions granularity is really bad: my organization gives everybody admin access so we can configure API tokens, emoticons, etc. Things we want to do pretty often. Now, we'll have to restrict everybody to a normal user and have a single administrator do these very normal operations.


Yep, we have exactly the same issue. This feature decision is a trust-deterrent. Nothing worse when it comes to team communication.

To me this is the final straw. By contrast Slack's privacy policy mentions they "plan to allow team owners or administrators to enable an optional feature which would allow them to view anything inside their teams".

They add: "When this feature is added, notices will be visible to all members on teams where it is enabled."

Keywords: optional & visible.

That's exactly the kind of thoughtful consideration made obvious when you first use Slack. The product direction on HipChat during the 6/8 months we've been paying customers has been disappointing. Instead of working on in-app history search or the other dozen of clamored for features (http://help.hipchat.com/forums/138883-suggestions-issues/fil...), they pilled on a not really necessary audio/video call feature.

I can only hope the HipChat/Atlassian team considers making admin access to private conversations optional and visible as well.


Talk to HipChat, that sounds like something they might be able to change in their service. Perhaps have a super-admin or user groups or something that give intermediate permissions.

Your circumstances don't sound like they would be rare.


They definitely aren't rare. We have the same pain where I work. We just end up having a limited number of HC admins and make them do all our API requests.

It'd be nice if you could take a conversation off the record. Is it inconceivable that HipChat may be used for human resource like discussions? I see some risks with this, and not sure I agree.

However, I do understand why they would do this. Bummer.


HR-level discussions should be documented at all times, so that seems like a poor example to use here.

I truly feel that if the chat platform is being provided by the employer, then they have every right to disallow you from taking conversations offline.

The problem really lies with Atlassian for not offering better permissions.


You don't need to be an admin to get an API token... https://www.hipchat.com/account/api

The new API allows you to request personal tokens or room tokens (you'll need to be a room admin for that).


There can only be one room admin per room. Doesn't really fix it.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: