Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Anonymous User can always edit / create

Hi @ all,

i have a huge problem with permissions on anonymous users. We want to allow the read only options. It worked well, until now.

I really don't know why. We didn't changed anything. Curiously know every anonymous can create new pages and edit the old ones.

In my research i found something like:

Prevent anonymous Users from create 

First:

I can't find the demo space. I think its already deleted. :( Is there a way to find that out?

Second:

Anonymous permission problem 

If I found the default space or the first one with already be named to xxx. Is there a chance to move the whole blog from one space to another?

Thanks !!

our settings:

space:

space perm.jpg

global:

global perm.jpg

xo

Philipp
 

1 answer

0 votes

Hi @Philipp 

this is really strange - space settings are looking good. 

Maybe you wanna check out in admin space all space restrictions:

https://yourinstance/admin/permissions/viewdefaultspacepermissions.action

There you find the standard setting restrictions for all user groups and an overview of all spaces - hope this helps.

thx for your advice :) unfortunately there are only settings for confluence users.

users perm.jpg

I can't pick a group like "anonymous". I've checked again every space for "anonymous write" option: always deactivated.

Hmm, do you have the opportunity to get access as anonymous user? According to the other community entries the 'Create' Button should be there (which would be the only opportunity to create a page) 

Could you delete the 'xxx' space which is your default space?

yes, already testing as anonymous user on different browsers. All functions as anonmous user are as aspected except the option "write".

As anonymous user i was able to edit one space, too. So I was wondering why? I identified that there was a new space i didn't realized on the first check.

On this space the writing was enabled for anonymous users!

After deactivating the create button was hidden again for every space! So maybe its a bug that one space permission overwrite all other permissions from different spaces.

thats a little bit crazy but good to know.

Now the shortcut key "c" ist also without function. Great :)

Thanks for supporting, may this information help someone else, too.

Like Fabienne Gerhard likes this

This is absolutly crazy! (I mean this overwriting thing - not that you found a solution :) )

Which server version are you running? Would be great to add this too so that it might help others. Thanks for sharing 👍

of course, we are running confluence server 7.5.0 build 8501 :)

Like Fabienne Gerhard likes this
Matt Reiner _K15t_ Marketplace Partner Mar 04, 2021

Wow, this is really strange, because this is absolutely not the way Confluence should work. And no just because of the permissions violation issue, but also because Atlassian doesn't allow non-users to create content in Confluence. You need a user account, so there is record of who created the page.

When you create a page as an anonymous user, what's listed under "created by" on the page?

Hi Matt,

it was mind changing, cause its a high security risk "failure". We'll going to check this part as a standard routine from time to time.

We are using the german language package, so: "created by Anonym"

Hi @Matt Reiner _K15t_ 

that's not right what you're saying - looking at the space permission settings Confluence absolutly allows any kind of creating content by anonymous users (if this is useful and good is another thing and as mentioned there, Atlassian recommends to restrict this to view and comment)

But as @Philipp already showed there seems to be some kind of issue with default space and in his case a new space and the settings that were made there which seemed to overwrite the settings. 

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Confluence

Confluence Mythbusters: Does Atlassian even use Confluence?

Hi, Confluence collaborators! As part of #Confluence-Collaboratory month, we’ve created a very special Mythsbusters segment, where we're dive into an interesting myth and uncover the truth behind i...

1,362 views 7 28
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you