Could you please tell me can I (and how) set restriction on my diagrams so not everyone could see them (even if they use Search for diagram option)?
Thank you in advance.
draw.io diagrams are page attachments, so the permissions are those of ability of that user to view those attachments only, unfortunately.
We are aware of this requirement, though, it is something we indeed to investigate.
Thank you for your answer Mr Benson. Just one remark - I can see recent diagrams from other users although we are not using the same page, not even the same space. I assume that option recent diagrams cannot be disabled somehow?
Actually, I do not wish other users to see my diagrams and vice versa. I just wanted to double-check that this option is really not possible for the moment. Thank you. You were very helpful Mr Benson. Regards, Tamara
Hi @David Benson [draw.io] - I realise this conversation is not yet a year old, so don't take this as a "hurry up"...but my organisation has recently purchased and installed the draw.io plugin for Confluence, and today I discovered the same issue. When selecting "recent diagrams", I can see lots of other people's diagrams. I understand that this can be controlled by page security itself, and I'll certainly let our users know that, but I think the problem is that I would imagine most users would assume a "default deny" approach to the security of their own diagrams, and indeed it's most likely that this wrong assumption is not discovered by the original diagram-makers themselves, but by others who are surprised at the list contents when initiating their own diagram. Are you able to give a status update as to a fix? Is there a plan to fix this in terms of providing individual security for diagrams? I'd suggest that possibly the easiest fix would be to prompt the user at both diagram-creation and diagram-insertion time with a reminder about the coupling between diagram security and page security.
There's a few issues in here. There's the scope of searches, the scope of recent diagrams and permissions on diagrams. I would agree with recent diagrams, thinking more, that's a usability issue with larger instances.
In terms of searches, yes, we could probably restrict the search. But then, you could go to the Confluence search, specify draw.io diagrams and you'd get the original result.
In terms of a "default deny" on diagrams, that would cause problems in the context of Confluence. If the diagram didn't inherit the permissions of the holding page by default, you're looking at separate permissions system for draw.io outside of that of pages. That is not something I'd want to see.
Yep, I agree with the difficulties, and I think the best compromise would be to have an alert saying something like "this diagram will inherit visibility and editability permissions of the parent page", either upon creation of a new draw.io diagram within a Confluence page, or upon first save. That way nobody has to change actual security functionality, but for users who might make diagrams but never have cause to consider implications surrounding who can see/edit them, I can foresee an occasional moment of "phew - that's good to know....I'll just move the diagram or page into this other area, or change its permissions".
I attended Atlassian Summit 2019 and learned a lot from the presenters, attendees and knowledgeable Atlassian product managers. The presentations I attended focused on applying Agile, pla...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events