Anonymous space permission allows non-permissioned groups to access space, when global permissions are set to prevent anonymous access

The Space Admin functionality allows a space to have 'Anonymous Access' allowed and displays the following warning:

WARNING
Anonymous users will not be able to view this space, because they have not been granted the global ‘Use Confluence’ permission. You can grant anonymous access to Confluence from global permissions.

The global permissions of the Confluence environment prevent anonymous users from accessing Confluence.

However, a user that is permissioned to Confluence but does not belong to a group that is currently permissioned to the space is now able to access the space, including unlicensed users and guest accounts.

Removing the anonymous flag from the space will then prevent this user from being able to access the space.

Suggestion

Although it could be expected to have everyone viewing it since this permission indicates that the space would be open for everyone, there is no warning or message while configuring it as a space admin.

This is a suggestion for some options like the following:

• Have a clear message that although the global permissions are not set to public access, this would allow anyone to view this space, including unlicensed users and guests.
• Do not allow this permission to bypass any other configured permissions if there are no global permissions configured for public access.