Uploaded image for project: 'Confluence Cloud'
  1. Confluence Cloud
  2. CONFCLOUD-57636

Page with a parent page with restrictions is blocked from access when granting access to it via email link

XMLWordPrintable

      Summary

      Currently, if page access is granted via email link and the page restriction was due to parents, then the page will be blocked from access.

      Customer Story

      A user receives a link to a page and when trying to view it receives a message stating that the page is restricted and he can "Request access".
      <<image>>

      That button triggers an email to the creator of the page with a button to "Grant Access" to the page. The email says:
      <<image>>

      When the creator clicks the button a page restriction is added to the page to grant access but because there were not previous restrictions on that specific page (the restriction was on the parent) the page is restricted to all users. User is still blocked by parent restrictions and creator is also now blocked due to individual page restrictions.

      Example

      A page "Child" has two level parent pages "Parent-1" & "Parent-2" then setting page restrictions on "Child" via email link wont' work as "Child" is really unable to be accessed due to inherited restrictions from "Parent-1" & "Parent-2".

      Cause

      The "Request Access" email feature is not checking for parent restrictions.
      More information at Permissions and Restrictions - Atlassian Documentation
        

      Customer Impact

      Customer loses access to the page although to their understanding they have only granted access to another user and they are the creator of the page. Not even admins will have access.

      Steps to Reproduce

      1. Create a Parent Page and a nested Child Page.
      2. Restrict Parent Page to your user.
      3. Ask any user (other than the one who has access to parent page) to access the Child Page via link.
      4. User is denied access and given the option to request access to the Child Page. Hit Request Access button.
      5. An email is triggered and sent to the page owner(s) with a link to grant access to the Child Page.
      6. Clicking on the "Grant Access" button
      7. Both the owner and requester check to see if they can access the Child Page.

      Expected Results

      Requester should be given access to the Child Page and everyone who previously had access still has access to it.

      Actual Results

      Child Page is completely blocked. Everyone who had access to the page including creator, is blocked from accessing it.

      Suggestion:

      The wording of the email could be:
      "User X requested access to page Y but access to this page is restricted by the parent page Z. In order to grant the user access to the page, please modify the parent page restrictions."
      and not show a "Grant Access" button.

      Workaround

      To recover access to the page: as a space admin navigate to "Space Tools" -> "Permissions" -> "Page Restrictions" and remove the page restrictions.
      To prevent this from happening: manually ensure that the page does not have any inherited access restrictions from parent page(s). If page inherits restrictions, grant access on the parent page.

       

              1401a4fa4c06 Nidhi Raj
              akhan@atlassian.com Asim K (Inactive)
              Votes:
              1 Vote for this issue
              Watchers:
              12 Start watching this issue

                Created:
                Updated:
                Resolved: