Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Urgent Request for Improved Space Permissions

Rodolfo Möller
Rodolfo Möller November 13, 2020

Some days ago, one of our users unintentionally deleted a Confluence Space.

The ability to delete spaces is included in the "Admin" Space permission and this is an extremely dangerous feature, as Confluence doesn't have a "trash bin" and the only way to recover the Space is by using a backup.

I am convinced Atlassian should improve the permission concept, as it is unacceptable to mix the ability to change the "look and feel" of a Space (quite harmless) with the ability do delete a Space forever (quite harmful).

I ask myself if this is also the case for Jira users with "Project Admin" rights? I mean, are they also able to delete the complete project where they are Project Admins?

Anyone agrees? How can we request such a change?

Answer
Watch
Like # people like this
633 views

5 answers

0 votes
PARMJIT KANTH
PARM January 28, 2022

I am trying to delete a space, and get these messages:

"Page Not Found
We can't find that page. This could be because:
The page doesn't exist.
The page exists, but you don't have view permission for that space."

Assuming the space has been deleted by an admin in my environment, is there some type of audit log that could shed some light as to which user may have done that action?

 

Thank you. Please re-direct if this question should be in an alternate topic stream.

Reply
0 votes
Rodolfo Möller
Rodolfo Möller June 30, 2021

Hi @JiraJared

When the issue happened in our system, the user went unintentionally to the "delete space" area and didn't do it. But this was the last thing he did in the evening before going home. Next day he came back to work and the "delete space" URL was the first entry in his browser history, so used the URL suggested by the browser. When he was asked to confirm with name/password, he thought Confluence forgot him over night and this would be the regular login procedure (instead of the confirmation to delete). And BOOM, the space was gone forever.

The point I am trying to make is that you should not put the ability to delete a space together with the ability to create page templates or change the space's color scheme. I think, "delete space" and "manage users/permissions" deserve a separate permission in Confluence.

So the best idea would be to split the current "Admin" permission into a minimum of two (better 3): a "Design" permission (for templates, colors, etc.) and one (or two) "Admin" permission(s), one for managing users, groups and their space permissions and another for having the ability to delete spaces.

Reply
0 votes
JiraJared
JiraJared
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
June 30, 2021

Hi @Rodolfo Möller ,

This is true.

The delete space button is also nested under the admin section of the space. So if a user specifically navigates to the admin section, clicks the delete button, sees the warning message and presses confirm delete, it would be safe to assume they really want to delete the space. It’s not like there’s a checkbox when deleting a page asking “delete space too?”

If you were designing Confluence, where would you put the delete space button?

Reply
0 votes
Rodolfo Möller
Rodolfo Möller June 30, 2021

Hey @JiraJared,

In my opinion your proposal can be seen as a possible workaround. But I ask myself if people really need to pay extra money for an app just because Confluence permissions are not well designed. To be honest, I would never ever allow non-admins to delete spaces.

As far as I can tell, Jira also doesn't allow a project admin to delete her/his own project (only server admins can do that). Why didn't Atlassian just follow the same principles with Confluence?

Reply
0 votes
JiraJared
JiraJared
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
November 13, 2020

Hey Rodolfo,

I’ve encountered the same before - it’s not pleasant by any means.

If you’re using on-premise version + scriptrunner, you can use fragments to restrict certain capability, such as delete space, to those with a certain group.

Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events