Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-57448

Allow restriction of user results from showing up in quick search and rest API searches for certain users or groups

    XMLWordPrintable

Details

    • Suggestion
    • Resolution: Unresolved
    • None
    • None
    • None
    • 0
    • We collect Confluence feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

    Description

      Problem Definition

      Even after restricting a user's ability to use the people directory or perform a quick search, a user can still use the REST API to locate another user's information:

      rest/api/search?cql=text~"a name

      Suggested Solution

      We cannot restrict the API entirely as Confluence uses the same REST API for it's processes as noted in CONFSERVER-7913: Need ability to limit use of remote API to certain users, or a certain group. However, it would be useful to be able to restrict certain users or groups from receiving user results.

      We have the CONFSERVER-7837: People Directory and "controlled" privacy / configure access to People Directory depending on Group membership feature request, however, this feature doesn't include results that can be pulled from the REST API.

      Attachments

        Activity

          People

            Unassigned Unassigned
            rlouie Robert Louie
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated: