Allow restriction of user results from showing up in quick search and rest API searches for certain users or groups

XMLWordPrintable

    • Type: Suggestion
    • Resolution: Low Engagement
    • None
    • Component/s: None
    • 0

      Problem Definition

      Even after restricting a user's ability to use the people directory or perform a quick search, a user can still use the REST API to locate another user's information:

      rest/api/search?cql=text~"a name

      Suggested Solution

      We cannot restrict the API entirely as Confluence uses the same REST API for it's processes as noted in CONFSERVER-7913: Need ability to limit use of remote API to certain users, or a certain group. However, it would be useful to be able to restrict certain users or groups from receiving user results.

      We have the CONFSERVER-7837: People Directory and "controlled" privacy / configure access to People Directory depending on Group membership feature request, however, this feature doesn't include results that can be pulled from the REST API.

            Assignee:
            Unassigned
            Reporter:
            Robert Louie
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: