Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Next challenges

Recent achievements

  • Global
  • Personal

Recognition

  • Give kudos
  • Received
  • Given

Leaderboard

  • Global

Trophy case

Kudos (beta program)

Kudos logo

You've been invited into the Kudos (beta program) private group. Chat with others in the program, or give feedback to Atlassian.

View group

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

How can i set page restrictions (read, update) with Confluence Server REST API v6.3+ ?

Hi.

I previously use the deprecated method with a SOAP client to get, or add, or remove page restrictions for given groups or users. Everything seems normal until i get a risky behaviour when i add a page restrictions with a more complex vector permission, that combines both groups and users. Like this :

var vectorPermission = {
"permission_1": {
"type": "View",
"groupName": "group1",
"userName": null
},
"permission_2": {
"type": "View",
"groupName": "group2",
"userName": null
},
"permission_3": {
"type": "View",
"groupName": null,
"userName": "user1"
}
};

So i choose to give up this method and use REST API approach, but i can't find a method to add, update or remove page restrictions with Confluence Server REST API. The method seems to be only exists with Confluence Cloud REST API (https://developer.atlassian.com/cloud/confluence/rest/#api-content-id-restriction-post)

And the "experimental API" approach doesn't work in Confluence 6.3+

PUT https://confluence/rest/experimental/content/<id>/restriction/byOperation/read/user?userName=billgates

 If you have an idea, tank you in advance,

3 answers

From what I see, this feature is unfortunately not supported yet on Confluence Server.

We only support GET and PUT for /content/<id>/restriction/byOperation/<operationKey>/user

In this case PUT will update (and replace the restrictions, which is not your use case)

The experimental api does have a POST method applied to the following resource

/content/<id>/restriction and the payload is similar to what the GET method would return

* Accepts same input format as the response of GET to the same resource would return.
* <p>
* E.g.
* <div class="exampleRequests">
* <p>Example request (simplified)</p>
* <pre>{@code
* [
* {
* "operation": "update",
* "restrictions":
* {
* "user": [
* {
* "type": "known",
* "username": "admin"
* }
* ]
* }
* }
* ]
* }</pre>

To use with care, as it may change once it is promoted out of experimental.

Hope this helps 

Hi

 

is there a way now  ? I need this , please help me ? 

I need to remove all user permissions per page and only add permissions for specific users ? how to do that using REST API  ?

+1 for this question

 

The endpoint mentioned in the comment from @viqueen doesn't even exist in the API.

(/content/<id>/restriction/byOperation/<operationKey>/user)

 

/rest/api/content/123456789/restriction/byOperation/read/user

With a PUT, I get a 404 on this endpoint.

{
'read' :{
'operation': 'read',
'restrictions': {
'user': [
{
'type': 'known',
'username': 'johndoe'
}
]
}
}
}

How are we supposed to restrict page read access to a specific user in an automated way?

Since atlassian team cant be bothered to reply....let me do their job for them

url = 'https://your-confluence.com/rest/experimental/content/{id}/restriction'
headers = { "Accept": "application/json", "Content-Type": "application/json" }
payload = json.dumps( [
{
"operation": "update",
"restrictions": {
"user": [
{ "type": "known",
"username": "<string>",
"userKey": "<string>",
"accountId": "<string>"
}],
"group": [
{
"type": "<string>",
"name": "<string>",
}]
}
}
] )

r = requests.put( url, verify=False, data=payload, headers=headers, auth=(username, passwd) )

 Take a look at https://developer.atlassian.com/cloud/confluence/rest/#api-content-id-restriction-put for reference...try to do a get permission on the page first to understand what kinda operation there is...do not use administer as the operation...that's for cloud

Like Stan Ry likes this

This is for confluence cloud yes? I think the og answer asked for a server solution, by any means does this work for server as well as cloud?

 

EDIT: just tested it with "experimental" , works like a charm.

@fwoon Thanks a ton for this sample! Could you please elaborate on how did you manage to get a clue on what should be the proper format of payload?

Why does the JSON look like:

[
{
"operation": "update",
"restrictions": {
"user": [
{ "type": "known",
"username": "<string>",
"userKey": "<string>",
"accountId": "<string>"
}],
"group": [
{
"type": "<string>",
"name": "<string>",
}]
}
}
]

How'd you managed to figure out the proper format?

Edit: Figured. You've got the valid format from the output of /rest/experimental/content/{id}/restriction

Thank you.

Does anyone have a clue on using /rest/access/1/page/restriction/{pageId}/grant/{type:view|edit} API? This API also requires payload, but I can't figure out what should be put in payload...

Holla

We launched a new app that allows you to create pages from templates and store the page under a location based on project or customfield value through Jira Workflow post-function and store the Confluence page in a Jira customfield to apply more actions like:

Workflow postfuntions

  • Update page permissions
  • Update page content
  • Update page title

Workflow conditions

  • Check if page was modified after a certain status transition
  • Check if page still has a placeholder

And so much more.

Please give it a try, I believe it would streamline alot of repeated effort on your team

Jira Confluence Workflow Extensions (JCWE) 

Give it a try I am confident you'll love it.

I recommend to use Power Scripts for Confluence  , it allows you to create and configure webhooks which you can use to extend the confluence api functionality , 

 

I created a new webhook which which utilize there built-in function : 

removeUserFromContentPermission 

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Posted in Confluence Cloud

Please tell us how you use Confluence space settings

Hi there, a few of us at Atlassian would love to learn about how you use "space settings" functionality in Confluence. A facelift to the space settings is long overdue and we want to start with impro...

309 views 11 8
Join discussion

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you