|
I just tried again and found that it is probably not a bug, but a "feature" that lacks documentation. Anyway, the way I found the bug was that I restricted the page, and a colleague of mine was still able to edit; but just now I found that another user with "view" permission only, would not see the edit tab, and on the "info" page, would see a note that I restricted edit access to the current page.
After tinkering around with the permissions, I found that this "bug" appeared because I gave my colleague "space admin" permission. This makes sense, since once they have "space admin" authority, they could change me to "no restrict" permission so that my restrict fails. Thus "space admin" is of higher precedence to "restrict edit". But it is not documented and this "restrict to myself" is quite misleading therefore, since it's really "restrict to myself and all the space admins and global admins". So maybe some docs need to be added to manage user expectations about the page restrictions (or change this "myself" name). Please also note that it's somewhat disconcerting that restrict "view" works DESPITE the space admin permissions of others, making these two page restriction implementations essentially contradictory. Maybe something still needs to be done here. Thanks. Mingyi,
The two permissions are actually quite different, even though they are kind of related. I see where you are coming from when you say that the space admin should not have edit permission either. However, the admin can always remove the permission from within Restricted Pages screen in the space admin area, and then go end edit the page. We didn't make the page visible to administrators as a feature for users who wanted nobody to be able to see the content of their page. Therefore this was added for the view permission. I agree that for consistency we should add it also to the edit permission. Cheers, Same problem here! The documentation should really make this explicit. I am going to create a 'xyz-space-admin' group so that people other that the Confluence admin can administer the space. Thank you Mingyi for figuring this out.
We will address this issue in an updated version of our documentation. Sorry about the inconvenience caused by this.
Cheers, Hi. We encountered this issue when trying to use "Restrict edit to: myself" as a means to address the lack of concurrent edit warnings (see CONF-1193
 ).
Confluence does not honor the "Restrict edit to: <some user|group>" setting and this seems to be a defect. Confluence should indicate to the administrator: "This page is currently restricted to edits by <user or group>. Do you want to use your space administration permissions to remove this restriction (y|n)?" Steve In the short term, we will be updating the documentation to reflect the systems behaviour correctly.
We're experiencing the same problem. We'd like to be able to have a local-admin-group that can admin a space, but we'd like the content owners to be able to restrict the viewing and editing of pages to a highly select subgroup (e.g. group XYZ). When restricting the VIEW and EDIT of a page to only group XYZ, the local-admin-group, can't view the page and thus can't edit it either. However, if the page is only restricted to EDIT only group XYZ, the local-admin-group can still view the page and edit it.
I understand that as a space admin, they could go behind the scenes to remove this restriction, but at least it would remove the page contents from their immediate line of sight and they'd have to take deliberate steps to see the restricted content. This was fixed along with
Page restrictions are now enforced for Space or Global Administrators. However those administrators can view the complete list of restricted pages and unrestrict them. |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 |
|
Bug
Resolved
Major
Page restrictions do not restrict Space Administrators
I was not able to reproduce this bug.
Could you please confirm that the user who edits the page is neither a global nor a space administrator. Please also list the permissions the user has (screenshot) and attach them to this issue.
Cheers,
Jens