Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How do I use the Confluence Java API to modify permissions on a page?

Tom Hudgins
Tom Hudgins November 24, 2020

I'm trying to write a Scriptrunner for confluence script to modify the permissions of a page and I'm having trouble fully understanding the API.

I can get the permission set for a page/ceo but I'm not sure how to modify it and set the permissions back. I have this

def pageManager = ComponentLocator.getComponent(PageManager)

Page myPage = pageManager.getPage("SANDBOX","Perm Test")

ContentEntityObject ceo = myPage.getEntity()
ContentPermissionSet permSet = ceo.getContentPermissionSet(ContentPermission.EDIT_PERMISSION)

and I've tried various calls to 

ContentPermissionManager.removeContentPermission(aPerm)

or

ContentPermissionManager.setContentPermissions(perms, ceo, ContentPermission.EDIT_PERMISSION)

but they throw errors so I'm not getting something right. I think I don't fully understand the concept so I'm not sure what to try. 

Any help would be appreciated.

Answer
Watch
Like Be the first to like this
1554 views

2 answers

2 accepted

0 votes
Answer accepted
Dominic Lagger
Dominic Lagger
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
November 26, 2020

Hi @Tom Hudgins 

Do you mean restrictions on a page?

I wrote a Script for this a while ago:

import com.atlassian.sal.api.component.ComponentLocator;
import com.atlassian.confluence.pages.PageManager;
import org.apache.log4j.Level
import org.apache.log4j.Logger
import com.atlassian.confluence.pages.Page
import com.atlassian.confluence.core.ContentPermissionManager
import com.atlassian.confluence.security.ContentPermission

import static com.atlassian.confluence.security.ContentPermission.EDIT_PERMISSION
import static com.atlassian.confluence.security.ContentPermission.VIEW_PERMISSION

class RestrictionHandler {
def addPermission(Long pageId, String... groups){
def log = Logger.getLogger("com.onresolve.scriptrunner.runner.ScriptRunnerImpl")
log.setLevel(Level.INFO)

def contentPermissionManager = ComponentLocator.getComponent(ContentPermissionManager)
PageManager pageManager = ComponentLocator.getComponent(PageManager)
Page page = pageManager.getPage(pageId)
log.info(page)

def permissions = []
groups.each{ group -> 
permissions.add(ContentPermission.createGroupPermission(VIEW_PERMISSION, group as String))
}

log.info(permissions)
def map = [(VIEW_PERMISSION): permissions] as Map
contentPermissionManager.setContentPermissions(map, page) 
}
}

And you can call it with this

RestrictionHandler handler = new RestrictionHandler()
String[] groups = ["GROUP_NAME1", "GROUP_NAME2"]
handler.addPermission(pageId, groups) 

I think you should be able to change this to user as well.

Hope this helps. Let me know if you need further assistance.

Regards, Dominic

Reply
0 votes
Answer accepted
Dominic Lagger
Dominic Lagger November 26, 2020

Hi @Tom Hudgins 

Do you mean restrictions on a page?

I wrote a Script for this a while ago:

import com.atlassian.sal.api.component.ComponentLocator;
import com.atlassian.confluence.pages.PageManager;
import org.apache.log4j.Level
import org.apache.log4j.Logger
import com.atlassian.confluence.pages.Page
import com.atlassian.confluence.core.ContentPermissionManager
import com.atlassian.confluence.security.ContentPermission

import static com.atlassian.confluence.security.ContentPermission.EDIT_PERMISSION
import static com.atlassian.confluence.security.ContentPermission.VIEW_PERMISSION

class RestrictionHandler {
def addPermission(Long pageId, String... groups){
def log = Logger.getLogger("com.onresolve.scriptrunner.runner.ScriptRunnerImpl")
log.setLevel(Level.INFO)

def contentPermissionManager = ComponentLocator.getComponent(ContentPermissionManager)
PageManager pageManager = ComponentLocator.getComponent(PageManager)
Page page = pageManager.getPage(pageId)
log.info(page)

def permissions = []
groups.each{ group -> 
permissions.add(ContentPermission.createGroupPermission(VIEW_PERMISSION, group as String))
}

log.info(permissions)
def map = [(VIEW_PERMISSION): permissions] as Map
contentPermissionManager.setContentPermissions(map, page) 
}
}

And you can call it with this

RestrictionHandler handler = new RestrictionHandler()
String[] groups = ["GROUP_NAME1", "GROUP_NAME2"]
handler.addPermission(pageId, groups) 

I think you should be able to change this to user as well.

Hope this helps. Let me know if you need further assistance.

Regards, Dominic

View More Comments
Tom Hudgins
Tom Hudgins November 30, 2020

Hi Dominic,

Many thanks for the help! I was able to put this together:

import com.atlassian.confluence.pages.Page
import com.atlassian.confluence.pages.PageManager
import com.atlassian.sal.api.component.ComponentLocator
import com.atlassian.confluence.core.ContentPermissionManager
import com.atlassian.confluence.security.ContentPermission
import com.atlassian.confluence.user.ConfluenceUser
import com.atlassian.user.UserManager

class UserRestrictions {

static addEditPerimission(List<Page> pages, ConfluenceUser user ) {
addPermission(pages, user, ContentPermission.EDIT_PERMISSION)
}

static addViewPerimission(List<Page> pages, ConfluenceUser user ) {
addPermission(pages, user, ContentPermission.VIEW_PERMISSION)
}

private static addPermission(List<Page> pages, ConfluenceUser user, String permissionType ) {
def permissions = []
permissions.add(ContentPermission.createUserPermission(permissionType, user))
def cpManager = ComponentLocator.getComponent(ContentPermissionManager)
pages.each {
cpManager.setContentPermissions(permissions, it, permissionType)
}
}
}

def userManager = ComponentLocator.getComponent(UserManager)

def myUser = (ConfluenceUser) userManager.getUser('dsta')

def pageManager = ComponentLocator.getComponent(PageManager)
Page myPage = pageManager.getPage("SANDBOX","Perm Test")

UserRestrictions.addEditPerimission([myPage], myUser)


One thing I can't seem to do is *remove* a permission/restriction for a user. Any ideas on that one?

Thanks,

Tom

Like
Dominic Lagger
Dominic Lagger
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
November 30, 2020

Hi @Tom Hudgins 

Sorry for the confusion for my two identical answers. One is my leader account and one is an old one :) 

About the remove: 

If I can remember correctly, the addPermission removes every permission and set the new ones.

Can you deny or verify that?

Regards, Dominic

Like
Tom Hudgins
Tom Hudgins December 1, 2020

I don't think that's the case. As far as I can see it only adds the given permission. Everything else that is there stays there. 

Tom

Like
Dominic Lagger
Dominic Lagger
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
December 1, 2020

Have a look here: 

removeContentPermission(ContentPermission permission)

I didn't used this, but this seems to be the solution for you :) 

Let me know if this worked.

Regards, Dominic

Like
Tom Hudgins
Tom Hudgins December 1, 2020

I saw that method but I don't understand what the permission param is. If I just create a user permission like I do for the add methods, how it is associated with the page that I want to affect? 

It would seem that I need to read the permissions from the page, find the one for the user that I want to remove and then sent *that* permission to this method? Is a permission inherently connected to a page? 

I'm reluctant to call removeContentPermission() with no apparent restriction to a particular page since I don't want to remove the permissions for the user across *all* of confluence.

Like
Dominic Lagger
Dominic Lagger
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
December 1, 2020

You are right.

I tested this and yes, you have to get all permission and remove the permissions.

//get all permissions (This is a List of PermissionSet)
def permissions = contentPermissionManager.getContentPermissionSets(page, ContentPermission.VIEW_PERMISSION)

//permission is a PermissionSet
permissions.each{ permission ->
//per is a Permission 
permission.each{ per -> 
contentPermissionManager.removeContentPermission(per) 
}
}

Hope this helps

Regards, Dominic

Like
Tom Hudgins
Tom Hudgins December 1, 2020

Thanks, that (roughly) is working for me now. I had to move the call to removeContentPermission() to outside the .each loop because I was getting a concurrent execution exception - presumably because I'm modifying the permission(s) I'm looping on. So I just save the found permission (that matches my user) to an outside variable and pass that to the remove method. 

Thanks very much for your help on this. I really appreciate it!

Tom

Like Dominic Lagger likes this
Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events