Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Is there a way to limit macro access/visibility in macro list to specific users with scriptrunner?

Stefan Salzl
Stefan Salzl
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
August 14, 2023

Hi community,

We are testing a new add-on that provides macros in confluence. Unfortunately it cannot be limited to either users or spaces. So all user could use this macro. As this macro provides data from a 3rd party it should be possible to limit who could create those macros in pages/choose the macro in the macro chooser.

Is there any possibility to hide the macro buttons in the macros dialog (when I click "add macro" and show the full list) ?

thanks in advance.

Best
Stefan

 

Answer
Watch
Like Be the first to like this
1176 views

2 answers

2 accepted

Suggest an answer

Log in or Sign up to answer
0 votes
Answer accepted
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
August 14, 2023

Scriptrunner can't do this because there's no function in Confluence that does this.  Unless a macro app codes for "only allow in certain spaces", there's no way to do it.

View More Comments
Reply
Stefan Salzl
Stefan Salzl
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
August 14, 2023

Thanks for your time and answer @Nic Brough -Adaptavist- 

highly appreciated. I was afraid this would not be possible but I thought: "well let´s give it a shot"

Best
Stefan

Like Nic Brough -Adaptavist- likes this
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
August 14, 2023

Always worth asking!

Like Stefan Salzl likes this
0 votes
Answer accepted
Radek Dostál
Radek Dostál
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
August 14, 2023

Not as far as I know. Why does the macro show any 3rd party data though? That sounds rather weird to me.

View More Comments
Reply
Stefan Salzl
Stefan Salzl
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
August 14, 2023

Any (kinda) connector makro shows data from another system even if it´s only the jira-macro in confluence (which shows eg. issue data from jira).

In this case it´s really another software where the macro communicates via API. 

IMHO permisssion or at least read/edit config should be possible within the addon-config and there should not be a need for this question here =S

Thanks for your time and question anyways.

Best
Stefan

Like
Radek Dostál
Radek Dostál
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
August 14, 2023

Well, jira issue macro (provided that it's the native one based off Application Links) will respect the user's permissions. If they can see any issues, then that means they can log in to jira and browse them. So, not really a leak.

Unauthorized user which doesn't have access to those issues won't see them.

 

You still haven't told us what macros / 3rd party app it is, so hard to tell.

Either way, if a macro contains hardcoded credentials in the background to authenticate to some remote app, then it's a bad macro and you should tell the vendor your use case so they can implement either restrictions, or support per-user data.

Macros are supposed to be generic, ask for parameters. No macro should just show some magical content from somewhere without respecting the user's permissions, and this is respected both within Confluence content as well as Application Links. This really sounds more like a vendor's oversight, not a Confluence one.

Like Stefan Salzl likes this
Stefan Salzl
Stefan Salzl
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
August 14, 2023

Maybe jira was not the best example as other apps/connectors from outside of the atlassian universe use technical application users. never mind. 

Thanks for your time.

Like
Stefan Salzl
Stefan Salzl
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
August 14, 2023

Hi @Radek Dostál 

sorry, forgot to mention the addon as it is a vendor/company mainly action regional in German speaking area:
https://marketplace.atlassian.com/apps/1224860/adoit-enterprise-architect-for-confluence?hosting=cloud&tab=overview

 

AND: YES, I fully agree. As mentioned before an addon should absolutly respect/enable user´s permission.

Best
Stefan

Like
groups-icon
App Central
TAGS
AUG Leaders

Atlassian Community Events

    See all events