Summary

Members of the Confluence Administrators group are able to edit pages they don't have permission to. In addition, when attempting to edit a page without permissions, clicking Close results in a blank page.

Steps to Reproduce

1. Make User A as the member of confluence-administrators group
2. User A creates a space and makes User B the only Space Administrator
3. User A goes to the page and the edit function is enabled
4. User A Clicks Edit and starts to make changes
5. User A finishes making changes to the page and clicks Save (which is enabled)

Expected Results

User A should not be able to edit the page.

Actual Results

1. User A's changes are saved
2. User A gets blank page below main Confluence top navigation bar when clicking Close after entering editor

Workaround

There are a few workarounds to this:

1. Most importantly, Atlassian recommends not using your administration account for regular use of Confluence. Create separate admin and user accounts instead.
2. Until CONF-4616 is fixed, grant administrators "System Administration" permission but do not put them in the "confluence-administrators" group if you do not wish them to have access to all content in your system. (This is in relation to the original bug.)