You're on your way to the next level! Join the Kudos program to earn points and save your progress.
Level 1: Seed
25 / 150 points
1 badge earned
Challenges come and go, but your rewards stay with you. Do more to earn more!
What goes around comes around! Share the love by gifting kudos to your peers.
Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!
Join now to unlock these features and more
The Atlassian Community can help you and your team get more value out of Atlassian products and practices.
Is there a way to restrict certain groups from being added to a space in Confluence? If not, is there a way to allow only users belonging to the confluence-administrator (confluence admin) group to search for a specific group when searching for a group when giving permission to a group in space?
From what I remember it's a plain text form POST, you don't need the UI to "search", it's just there to suggest plain text values but you don't need it to add any data/objects to the POST itself so long as you enter the username/groupname.
To make it fireproof, you'd need to tinker with it from the server, reverse proxy may be one place where to filter out the requests and stop them (but that is really questionable and I doubt it would work any good, I can think of a few technical limitations).
Better would be to write a very small plugin which would implement a servlet filter, to stand in front of the POST endpoint - thus it can reliably stop the request IF the form content is forbidden, since you can actually read the data, determine if it contains any forbidden groups, and you can also do server-side permission validations whether the current user is a global administrator or not.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.