Uploaded image for project: 'Confluence Cloud'
  1. Confluence Cloud
  2. CONFCLOUD-74115

No permissions are set to a space created via REST API as a non admin user

    XMLWordPrintable

Details

    Description

      Issue Summary

      When creating a space using the Create space (POST /wiki/rest/api/space) REST API endpoint as a non admin user:

      • Setting no permissions in the request payload works fine since the default permissions are added. 
      • If you try to set some custom space permissions in the request payload, those are not taken into account and therefore the created space has no permissions set at all (due to the behavior documented in: CONFCLOUD-60439)

       

      Everything works fine when doing the same as a site-admin/org-admin user.

      Steps to Reproduce

      1. As a site admin create a group, for example test-confluence-group
      2. Add the site admin and another non admin user to the group
      3. Send a POST request to the Create space (POST /wiki/rest/api/space) endpoint, having below payload and see (in the response payload) that the space is created with those permissions only (as per CONFCLOUD-60439):  
        {
    "key": "SP1",
    "name": "Space1",
    "permissions":
    [
        {
            "operation":
            {
                "operation": "create",
                "targetType": "page"
            },
            "subjects":
            {
                "group":
                {
                    "results":
                    [
                        {
                            "type": "group",
                            "name": "group1"
                        }
                    ],
                    "size": 1
                }
            },
            "annonymousAccess": false,
            "unlicensedAccess": false
        }
    ]
}
      1. Now repeat the same test (changing the space name and key) but this time authenticate the REST API call as the non admin user

      Expected Results

      The space is created with the same permissions as step #3

      Actual Results

      The space is created with no permissions at all. Indeed, in the response payload you can see that the permission array is empty:

      {
    "id": 2039119874,
    "key": "SP2",
    "name": "Space2",
    "description":
    {
 [..removed..]
    "type": "global",
    "permissions":
    [],
    "status": "current",
  [...removed...]
}

      Workaround

      Create a space with an empty permissions parameter, which will create a space with the default permissions. Next, the user can add and remove permissions to the newly created space using the below REST API endpoints: 

      Attachments

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. CONFCLOUD-60439 Creating Space with Permissions Not Working (REST API)

          • Low - Low priority issues
          • Closed
          mentioned in

          Page Loading...

          Activity

            People

              e58dcb77b818 Spurthi Kulkarni
              dbonotto Dario B
              Votes:
              7 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated: