How to setup a confluence space with only a few pages public (anonymous)

Lucy December 23, 2020

One team want to make their confluence space private (accessible to team members only), with only a few pages open to anonymous users. 

 

I searched community and found some workaround:

  1. create a new space with "anonymous access" and move any public page over;
  2. If only one space is preferred, categorize space pages under 2 different parent page under root: one is to inherit the anonymous access, the other is restricted to team members. This is better to restrict each of the private pages. 

Question:

  • for #2, in Confluence Data Center, is there a way to restrict page to be "view and edit" only by "space members"? I know we can restrict page by users or groups, but can we restrict page view/edit to assigned "space members" only.
  • Generally speaking, is there any other workaround? plug-in is not preferred unless you think it is the only long-term solution. 

Thanks in advance for any feedback. 

2 answers

0 votes
Lucy January 4, 2021

Any other suggestion on how to manage "restricted page" permissions - in a "anonymous access" enabled space (i.e. everyone can view) - to a group of member who are the space members and need to keep synced? Allowing viewing permission to list of individual users or creating a user group for this is not preferred. Thanks for helpful feedback. 

If a confluence space can be set to be limited to team members only, but also allow some limited pages within to be "public", that will be easier. 

0 votes
Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
December 23, 2020

 

Your point 2 is the best approach here, it's using the restrictions as designed and expected.  So to your two questions:

  • Yes, because your "space members" are defined by being in a group or a named individual
  • here's no "workaround" here, because there is no blocker to work around.  Some apps can give different views by user, but yes, you do need an app, and they need to restructure your pages to match what you do with either option 1 or 2 you describe above.
Lucy December 23, 2020

Thanks for your feedback. 

about 2), our space members are defined mostly by individual users. As most of the space pages need to be restricted to team members, and this space has about 30-50 users, adding individual users for those restricted page(s) are not a very sustainable for the space admin considering space users changes constantly. Is there a way to setup page restriction to allow any/all "space members" to view and edit a page? in that case, space users are managed at site level, and page restrictions can inherit this, allowing no need to update page restrictions when space users added or deleted.  

Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
December 23, 2020

Ok, I think we're missing something here.

You have said "space members" a couple of times.  What do you think that means?

The reason I question it is that I would define "space member" as "someone who has access to see the space after they log in".  That is controlled by being in a group, or being an individual names in the permissions. 

So what you appear to be asking is for a third way to define a "space member", but I can't work out what you're trying to use to define it.  Without knowing what your definition is, there's no way I can suggest anything to plumb into permissions and restrictions.

Lucy December 23, 2020

Yes, space members is either some group(s) or some individual names. 

To control page access or restriction, I want to know if there is a way to allow "all current space members" can view or edit confluence page, just like in Jira, the board or filter can be shared with "project" team members or groups or users. 

For this confluence space, user want to make only some pages accessible by anonymous users while most other pages only limit to "space members". using page restriction (#2), I know space admin can add all individual users from the space members to the page's allow list. The challenges are: this is a large team and team members constantly change. When that happen, the space admin will need to a) update the space permissions; and also b) update the allowed user list for all of the controlled pages; that's error-prone. 

We have a group called "confluence-users", but that includes all users not only from that specific team. We tried not to create too many customized user group for different teams, as managing the users in those customized user groups is a challenge. 

therefore I am asking if there is a way for space admin to configure pages access restricted to "all current team members" while their space has anonymous access enabled, in that case all "space members" will automatically be able to view or edit most of the pages in this space, and when users change, space admin only need to update the user's space permission - just like the Jira board or filter sharing setting

image.png

Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
December 23, 2020

Ok, that has helped me understand what you're thinking "space members" are - it is the list of people named in the group and individual sections of the space permissions for "can use this space".  This is the defintion I'm using as well.

This however makes me stuck on the rest of the question.  The way to allow a "space member" have access to the space is to give them access to the space in the permissions by making them a "space member". 

I am now stuck on what you are actually asking for that isn't "if someone is a space member, they get to see the pages in the space"

Lucy December 24, 2020

Sorry for the confusion. it's related to the title and the question details. the user has a space in which most pages he wants to be "restricted" to his team members, but some are public (accessible by anonymous user)". 

as your comments to other related questions in this post Confluence Page Individual Restrictions, we can advise the user to have "two main "branches" in the space, say "public" and "private", then set the space permissions to allow anonymous access (everyone see it) and add restriction to the "private" parent page so "everyone except those listed" can view this branch.  About the parent page restriction, I initially hope there is a way to allow "any named individuals (not those anonymous ones) currently as space members" to be excepted from the "everyone" restrictions, instead of having to add those 50 users individually and managing those 50 users in both of the 2 places: space permission and "private" parent page restrictions. "Group" will be an overkill for this purpose, hope confluence will add this parameter in the future as Jira to its shared filter/board. Does it start to make sense to you? Thanks for your replay and happy holiday! 

Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
December 24, 2020

That function is already there.  When you restrict a page, you name the individuals or groups who have access to it.

I think I do not understand what you mean by "any named individuals to be excepted from the everyone restrictions".  That is already there - you name them in the restriction when you add or update it.

Lucy December 24, 2020

when configuring the page restriction: image.png

Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
December 24, 2020

Yes, that's where you name the individuals you want to allow in.

What do you mean "not by adding individual users/groups"?  What are you asking to do here?

Lucy December 24, 2020

as Jira board/filter sharing, have the option to add "space" members as allowed users for the restricted page. 

Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
December 24, 2020

Yes, that's exactly what the box does - you add space members in this box.

I am struggling to understand what you are asking for that is different to what this box already does.

Lucy December 24, 2020

how to add the 50 named users currently permissioned for this "anonymous" access enabled space to the page restriction "allowed list" at once? not one by one, and not need to manually update when space members change.

sorry for the struggle putting you through, me too here that made both of us. haha. anyway, forget it, I will just ask the users to add those 50 named users as allowed in the restricted "private" parent page, and keep updating those users both in the space permission section as well as the page restriction section. maybe after a while, one of us may get out of the stuck and understand a better way to do things. thanks for your response and happy holiday!

Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
December 24, 2020

So you're asking to add a load of people that already have permission to use the page based on their space membership.  That's actually very simple - remove the restriction, you don't need it.

Lucy December 24, 2020

yes, to add a load of people to use the page based on their space membership. 

The space has some public pages, so has the "anonymous access" enabled for the space. This page restriction is for the "private" branch or sections the user want to limit to their team members only. 

Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
December 24, 2020

But that's what they already have.  You're asking for something that is already there.

Lucy December 24, 2020

when you enable "page restriction", everyone possibly except the enabler won't be able to view/edit. then the enabler need to add everyone else permissioned in the space members to the allowed list, right? 

Suggest an answer

Log in or Sign up to answer
TAGS
AUG Leaders

Atlassian Community Events