Hi.
I previously use the deprecated method with a SOAP client to get, or add, or remove page restrictions for given groups or users. Everything seems normal until i get a risky behaviour when i add a page restrictions with a more complex vector permission, that combines both groups and users. Like this :
var vectorPermission = {
"permission_1": {
"type": "View",
"groupName": "group1",
"userName": null
},
"permission_2": {
"type": "View",
"groupName": "group2",
"userName": null
},
"permission_3": {
"type": "View",
"groupName": null,
"userName": "user1"
}
};
So i choose to give up this method and use REST API approach, but i can't find a method to add, update or remove page restrictions with Confluence Server REST API. The method seems to be only exists with Confluence Cloud REST API (https://developer.atlassian.com/cloud/confluence/rest/#api-content-id-restriction-post)
And the "experimental API" approach doesn't work in Confluence 6.3+
PUT https://confluence/rest/experimental/content/<id>/restriction/byOperation/read/user?userName=billgates
If you have an idea, tank you in advance,
From what I see, this feature is unfortunately not supported yet on Confluence Server.
We only support GET and PUT for /content/<id>/restriction/byOperation/<operationKey>/user
In this case PUT will update (and replace the restrictions, which is not your use case)
The experimental api does have a POST method applied to the following resource
/content/<id>/restriction and the payload is similar to what the GET method would return
* Accepts same input format as the response of GET to the same resource would return.
* <p>
* E.g.
* <div class="exampleRequests">
* <p>Example request (simplified)</p>
* <pre>{@code
* [
* {
* "operation": "update",
* "restrictions":
* {
* "user": [
* {
* "type": "known",
* "username": "admin"
* }
* ]
* }
* }
* ]
* }</pre>
To use with care, as it may change once it is promoted out of experimental.
Hope this helps
Hi
is there a way now ? I need this , please help me ?
I need to remove all user permissions per page and only add permissions for specific users ? how to do that using REST API ?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
+1 for this question
The endpoint mentioned in the comment from @viqueen doesn't even exist in the API.
(/content/<id>/restriction/byOperation/<operationKey>/user)
/rest/api/content/123456789/restriction/byOperation/read/user
With a PUT, I get a 404 on this endpoint.
{
'read' :{
'operation': 'read',
'restrictions': {
'user': [
{
'type': 'known',
'username': 'johndoe'
}
]
}
}
}
How are we supposed to restrict page read access to a specific user in an automated way?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Since atlassian team cant be bothered to reply....let me do their job for them
url = 'https://your-confluence.com/rest/experimental/content/{id}/restriction'
headers = { "Accept": "application/json", "Content-Type": "application/json" }
payload = json.dumps( [
{
"operation": "update",
"restrictions": {
"user": [
{ "type": "known",
"username": "<string>",
"userKey": "<string>",
"accountId": "<string>"
}],
"group": [
{
"type": "<string>",
"name": "<string>",
}]
}
}
] )
r = requests.put( url, verify=False, data=payload, headers=headers, auth=(username, passwd) )
Take a look at https://developer.atlassian.com/cloud/confluence/rest/#api-content-id-restriction-put for reference...try to do a get permission on the page first to understand what kinda operation there is...do not use administer as the operation...that's for cloud
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
This is for confluence cloud yes? I think the og answer asked for a server solution, by any means does this work for server as well as cloud?
EDIT: just tested it with "experimental" , works like a charm.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
@fwoon Thanks a ton for this sample! Could you please elaborate on how did you manage to get a clue on what should be the proper format of payload?
Why does the JSON look like:
[
{
"operation": "update",
"restrictions": {
"user": [
{ "type": "known",
"username": "<string>",
"userKey": "<string>",
"accountId": "<string>"
}],
"group": [
{
"type": "<string>",
"name": "<string>",
}]
}
}
]
How'd you managed to figure out the proper format?
Edit: Figured. You've got the valid format from the output of /rest/experimental/content/{id}/restriction
Thank you.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Does anyone have a clue on using /rest/access/1/page/restriction/{pageId}/grant/{type:view|edit} API? This API also requires payload, but I can't figure out what should be put in payload...
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Where did you find out about this entry point ? Is it on Cloud or Server ?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
example of using the experimental method:
$ cat test23_2.json | jq .
[
{
"operation": "read",
"restrictions": {
"group": [
{
"type": "group",
"name": "{group_name}"
}
],
"user": [
{
"type": "known",
"username": "{user}"
}
]
}
}
]
bash:
cat test23_2.json | curl -u {user}:{password} -H "Content-Type: application/json" --data-binary @- -XPOST http://localhost/rest/experimental/content/{id}/restriction
tested on 8.5.6 (datacenter) version
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I recommend to use Power Scripts for Confluence , it allows you to create and configure webhooks which you can use to extend the confluence api functionality ,
I created a new webhook which which utilize there built-in function :
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Holla
We launched a new app that allows you to create pages from templates and store the page under a location based on project or customfield value through Jira Workflow post-function and store the Confluence page in a Jira customfield to apply more actions like:
Workflow postfuntions
Workflow conditions
And so much more.
Please give it a try, I believe it would streamline alot of repeated effort on your team
Jira Confluence Workflow Extensions (JCWE)
Give it a try I am confident you'll love it.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.