Pages not visible to groups in PageTree when permission is set via ContentPermissionManager class after an update

Issue Summary

After upgrading our instance to version 6.15.1 (from 6.8.1) some of our users reported missing page hierarchies in the tree of a single space. All restrictions are looking fine, and the affected users can access the missing pages using direct links. However, they cannot see them on the tree on the navigation panel even when opening the page from a direct link.

Scope: we've set up a page tree and need to set the restrictions on page level individually. Because there's a lot of pages and branches the restriction handling must be achieved by API calls. Performance is an issue, so processing these restrictions needs to be fast.

Approach: We are using the following method: https://docs.atlassian.com/ConfluenceServer/javadoc/6.15.6/com/atlassian/confluence/core/ContentPermissionManager.html#setContentPermissions-java.util.Map-com.atlassian.confluence.core.ContentEntityObject-

Consider the following snippet:

Page page = pageManager.getPage("SPACE", "Some Page Title");

Set<ContentPermission> viewPermissions = new HashSet<ContentPermission>();
Set<ContentPermission> editPermissions = new HashSet<ContentPermission>();

editPermissions.add(ContentPermission.createGroupPermission(ContentPermission.EDIT_PERMISSION, "Group A"));
viewPermissions.add(ContentPermission.createGroupPermission(ContentPermission.VIEW_PERMISSION, "Group C"));

Map<String, Collection<ContentPermission>> permissionMap = new HashMap<String, Collection<ContentPermission>>();
permissionMap.put(ContentPermission.EDIT_PERMISSION, editPermissions);
permissionMap.put(ContentPermission.VIEW_PERMISSION, viewPermissions);

contentPermissionManager.setContentPermissions(permissionMap, page);

The pages show all restrictions in place as provided by the map, however, some users within some groups have issues seeing the pages on the Page Tree.
As far as we can tell the issue is not related to a single space.

Steps to Reproduce

1. Install addon that handles the space structure and restrictions in v6.8.1
2. Update Confluence to v6.15.1

Expected Results

The pages should be both visible to people in groups within the map provided to the method, as well as viewable and/or editable.

Actual Results

In some circumstances, users cannot see pages on the Page Tree. They are able to access the pages missing in the Page Tree by using a direct link, however.

Notes

• This is a follow up on a service desk issue with key CSP-248197. See information there for a more wide view on the issue and what has been tried to resolve the issue already.
• In order to isolate the issue, the following were done
  • We installed Confluence Server 6.8.1 and installed our addon that handles the space structure and restrictions. The space was set up, restrictions put in place as described below, and users within the groups affected could see everything on their Page Tree.
  • Now I proceeded to uninstall the addon to remove any customization, so the testing environment turned back to a standard installation. Users could still see everything in the Page Tree.
  • Then I proceeded to upgrade the Confluence instance from 6.8.1 to
    6.15.1, and when the users checked in on the Page Tree, they found the pages missing. This leads to the conclusion that somewhere along the line of the upgrade process the permissions got messed up. And it looks like they can't be brought back to work by using the same API calls.

Workaround

Currently, there is no known workaround for this behavior. A workaround will be added here when available