Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-40823

Members of confluence-administrators group can immediately see spaces that they are excluded from the in space restrictions

XMLWordPrintable

      NOTE: This bug report is for Confluence Server. Using Confluence Cloud? See the corresponding bug report.

      From the documentation:

      The statement:

      The 'confluence-administrators' group defines a set of 'super-users' who can access the Confluence administration console and perform site-wide administration. Members of this group can also see the content of all pages and spaces in the Confluence instance, regardless of space permissions. They cannot immediately see the pages that exclude them via page restrictions without knowing the direct URL to the page.

      Is not true:

      Steps to replicate:
      1. Login to Confluence as a normal user
      2. Create a new space, set the space as "Visible only to me".
      3. Create
      4. Log out, and log in as a user that belongs to the Confluence-administrator group
      5. The newly created private space will be listed
        • in the Dashboard (Spaces List plugin) (confluence 5.8.x & Confluence 5.9.x)
        • in the Space Directory list (Confluence 5.9.x)

              rrobins Rachel Robins
              mkhairuliana Monique Khairuliana (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: