Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-9742

Create a permission system to restrict add or remove label actions for individual labels

XMLWordPrintable

    • 2
    • 8
    • We collect Confluence feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

      NOTE: This suggestion is for Confluence Server. Using Confluence Cloud? See the corresponding suggestion.

      In very large organization, some labels are used for special meanings. For example:
      'article-for-review'
      'delete-me'
      'featured-article'
      'specification-document'
      'approved'
      'obsolete'

      While every effort is made to make things wide open, and deal with 'mistakes' through 'education' rather than control, in many cases the COST in time and resources to educate people on the proper use of high-impact labels outweighs the benefit. While most labels can and should remain open, significant efficiencies and time savings can be achieved by limiting the use of certain labels to certain groups. For example:

      If the 'delete-me' label above was linked to an automated review and deletion process, it could be limited to only be used by people in the 'moderators' group. Anyone could use a 'review-for-deletion' label, but not the specific 'delete-me' label.

      Likewise, if the 'approved' label was restricted to the people that have the approval authority for a given process or expenditure, then a separate approval process would not be needed outside of confluence: the approved label could be used with certainty.

      Further, if labels like 'featured-article' was linked to articles that were shown on the top-level page of a large organization, and 'specification-document' label was used as a 'document class' with a special meaning that only a fraction of the organization really understood, and the use of these were limited to a group called "Users-that-have-completed-confluence-training" or "users-in-the-specification-group", then education on certain high-impact topics could be achieved proactively rather than retroactively.

            [CONFSERVER-9742] Create a permission system to restrict add or remove label actions for individual labels

            Atlassian Administrator added a comment -

            We need to be able to restrict the use of particular labels across our entire instance to particular power users (or a user group). Are there any plans to make this happen? Thank you.

            Atlassian Administrator added a comment - We need to be able to restrict the use of particular labels across our entire instance to particular power users (or a user group). Are there any plans to make this happen? Thank you.

            Thierry added a comment -

            In our company (1800users), we also use labels to construct high value pages with the contentbylabel macro.
            We definitely need to retrict all or some labels within this space.

            Thierry added a comment - In our company (1800users), we also use labels to construct high value pages with the contentbylabel macro. We definitely need to retrict all or some labels within this space.

            Deleted Account (Inactive) added a comment -

            See my comment on CONF-3767 - I believe this issue (CONF-9742) is more appropriate for our requirements. I am voting for CONF-9742 to be fixed, please.

            Deleted Account (Inactive) added a comment - See my comment on CONF-3767 - I believe this issue ( CONF-9742 ) is more appropriate for our requirements. I am voting for CONF-9742 to be fixed, please.

            Don Willis added a comment -

            Hi James,

            Some clarification on the other Label Permission feature requests.

            • CONF-3767 is to add a specific space-level permission to allow (or prevent) adding/removing labels. Currently only users with edit page permission at the space level can add a label, other than a personal label (eg my:somelabel), to a page. This does not require an overhaul of all macros that deal with labels. You allude to an "interesting proposal" about ownership in a comment on that issue. That proposal is not equivalent to CONF-3767.
            • CONF-3936 is not about limiting "who can use labels AT ALL". It is about who can add new labels. That is, assume that the only labels used anywhere in Confluence are "foo" and "bar", there you would need a specific permission to add a new label "cat" to a page. You would not need that permission to add the label "foo" to a page that didn't already have that label.

            Cheers,
            Don

            Don Willis added a comment - Hi James, Some clarification on the other Label Permission feature requests. CONF-3767 is to add a specific space-level permission to allow (or prevent) adding/removing labels. Currently only users with edit page permission at the space level can add a label, other than a personal label (eg my:somelabel), to a page. This does not require an overhaul of all macros that deal with labels. You allude to an "interesting proposal" about ownership in a comment on that issue. That proposal is not equivalent to CONF-3767 . CONF-3936 is not about limiting "who can use labels AT ALL". It is about who can add new labels. That is, assume that the only labels used anywhere in Confluence are "foo" and "bar", there you would need a specific permission to add a new label "cat" to a page. You would not need that permission to add the label "foo" to a page that didn't already have that label. Cheers, Don

            JamesM added a comment - - edited

            A comment on CONF-3767 by Brian Thomas discusses an interesting proposal which suggests each label have a 'by whom' field. This change would also help support the use cases above without having to restrict label use. However, if that suggestion is too complex or required an overhaul of the label system and many macros that deal with labels, then simply restricting the add/remove action on a label by label basis to certain groups might be an good incremental change.

            JamesM added a comment - - edited A comment on CONF-3767 by Brian Thomas discusses an interesting proposal which suggests each label have a 'by whom' field. This change would also help support the use cases above without having to restrict label use. However, if that suggestion is too complex or required an overhaul of the label system and many macros that deal with labels, then simply restricting the add/remove action on a label by label basis to certain groups might be an good incremental change.

            JamesM added a comment - - edited

            Not quite the same as CONF-3936, which asks to limit who can create ANY new labels. The above proposal lets anyone add any existing or new labels, but reserves the addition/removal of certain labels to certain individuals or groups.

            • Reservation of a 'label' could be at a site and/or at a space level.

            JamesM added a comment - - edited Not quite the same as CONF-3936 , which asks to limit who can create ANY new labels. The above proposal lets anyone add any existing or new labels, but reserves the addition/removal of certain labels to certain individuals or groups. Reservation of a 'label' could be at a site and/or at a space level.

              Unassigned Unassigned
              f1dc925b931b JamesM
              Votes:
              76 Vote for this issue
              Watchers:
              41 Start watching this issue

                Created:
                Updated: