Uploaded image for project: 'Confluence Cloud'
  1. Confluence Cloud
  2. CONFCLOUD-28946

Anonymous space permission allows non-permissioned groups to access space, when global permissions are set to prevent anonymous access

XMLWordPrintable

    • 20
    • 25
    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      NOTE: This bug report is for Confluence Cloud. Using Confluence Server? See the corresponding bug report.

      The Space Admin functionality allows a space to have 'Anonymous Access' allowed and displays the following warning:

      WARNING
      Anonymous users will not be able to view this space, because they have not been granted the global ‘Use Confluence’ permission. You can grant anonymous access to Confluence from global permissions.

      The global permissions of the Confluence environment prevent anonymous users from accessing Confluence.

      However, a user that is permissioned to Confluence but does not belong to a group that is currently permissioned to the space is now able to access the space, including unlicensed users and guest accounts.

      Removing the anonymous flag from the space will then prevent this user from being able to access the space.

      Suggestion

      Although it could be expected to have everyone viewing it since this permission indicates that the space would be open for everyone, there is no warning or message while configuring it as a space admin.

      This is a suggestion for some options like the following:

      • Have a clear message that although the global permissions are not set to public access, this would allow anyone to view this space, including unlicensed users and guests.
      • Do not allow this permission to bypass any other configured permissions if there are no global permissions configured for public access.

        1. adding_comment_on_space.jpeg
          adding_comment_on_space.jpeg
          365 kB
        2. global_permissions.jpeg
          global_permissions.jpeg
          326 kB
        3. image-2022-04-04-09-08-11-532.png
          image-2022-04-04-09-08-11-532.png
          46 kB
        4. profile_only_users_group.jpeg
          profile_only_users_group.jpeg
          45 kB
        5. space_permissions.jpeg
          space_permissions.jpeg
          481 kB

            66bfe2effd45 Kristen Waters
            pgreig Paul Greig
            Votes:
            42 Vote for this issue
            Watchers:
            72 Start watching this issue

              Created:
              Updated: