One team want to make their confluence space private (accessible to team members only), with only a few pages open to anonymous users.
I searched community and found some workaround:
Question:
Thanks in advance for any feedback.
Any other suggestion on how to manage "restricted page" permissions - in a "anonymous access" enabled space (i.e. everyone can view) - to a group of member who are the space members and need to keep synced? Allowing viewing permission to list of individual users or creating a user group for this is not preferred. Thanks for helpful feedback.
If a confluence space can be set to be limited to team members only, but also allow some limited pages within to be "public", that will be easier.
Your point 2 is the best approach here, it's using the restrictions as designed and expected. So to your two questions:
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks for your feedback.
about 2), our space members are defined mostly by individual users. As most of the space pages need to be restricted to team members, and this space has about 30-50 users, adding individual users for those restricted page(s) are not a very sustainable for the space admin considering space users changes constantly. Is there a way to setup page restriction to allow any/all "space members" to view and edit a page? in that case, space users are managed at site level, and page restrictions can inherit this, allowing no need to update page restrictions when space users added or deleted.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Ok, I think we're missing something here.
You have said "space members" a couple of times. What do you think that means?
The reason I question it is that I would define "space member" as "someone who has access to see the space after they log in". That is controlled by being in a group, or being an individual names in the permissions.
So what you appear to be asking is for a third way to define a "space member", but I can't work out what you're trying to use to define it. Without knowing what your definition is, there's no way I can suggest anything to plumb into permissions and restrictions.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Yes, space members is either some group(s) or some individual names.
To control page access or restriction, I want to know if there is a way to allow "all current space members" can view or edit confluence page, just like in Jira, the board or filter can be shared with "project" team members or groups or users.
For this confluence space, user want to make only some pages accessible by anonymous users while most other pages only limit to "space members". using page restriction (#2), I know space admin can add all individual users from the space members to the page's allow list. The challenges are: this is a large team and team members constantly change. When that happen, the space admin will need to a) update the space permissions; and also b) update the allowed user list for all of the controlled pages; that's error-prone.
We have a group called "confluence-users", but that includes all users not only from that specific team. We tried not to create too many customized user group for different teams, as managing the users in those customized user groups is a challenge.
therefore I am asking if there is a way for space admin to configure pages access restricted to "all current team members" while their space has anonymous access enabled, in that case all "space members" will automatically be able to view or edit most of the pages in this space, and when users change, space admin only need to update the user's space permission - just like the Jira board or filter sharing setting
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Ok, that has helped me understand what you're thinking "space members" are - it is the list of people named in the group and individual sections of the space permissions for "can use this space". This is the defintion I'm using as well.
This however makes me stuck on the rest of the question. The way to allow a "space member" have access to the space is to give them access to the space in the permissions by making them a "space member".
I am now stuck on what you are actually asking for that isn't "if someone is a space member, they get to see the pages in the space"
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Sorry for the confusion. it's related to the title and the question details. the user has a space in which most pages he wants to be "restricted" to his team members, but some are public (accessible by anonymous user)".
as your comments to other related questions in this post Confluence Page Individual Restrictions, we can advise the user to have "two main "branches" in the space, say "public" and "private", then set the space permissions to allow anonymous access (everyone see it) and add restriction to the "private" parent page so "everyone except those listed" can view this branch. About the parent page restriction, I initially hope there is a way to allow "any named individuals (not those anonymous ones) currently as space members" to be excepted from the "everyone" restrictions, instead of having to add those 50 users individually and managing those 50 users in both of the 2 places: space permission and "private" parent page restrictions. "Group" will be an overkill for this purpose, hope confluence will add this parameter in the future as Jira to its shared filter/board. Does it start to make sense to you? Thanks for your replay and happy holiday!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
That function is already there. When you restrict a page, you name the individuals or groups who have access to it.
I think I do not understand what you mean by "any named individuals to be excepted from the everyone restrictions". That is already there - you name them in the restriction when you add or update it.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Yes, that's where you name the individuals you want to allow in.
What do you mean "not by adding individual users/groups"? What are you asking to do here?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Yes, that's exactly what the box does - you add space members in this box.
I am struggling to understand what you are asking for that is different to what this box already does.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
how to add the 50 named users currently permissioned for this "anonymous" access enabled space to the page restriction "allowed list" at once? not one by one, and not need to manually update when space members change.
sorry for the struggle putting you through, me too here that made both of us. haha. anyway, forget it, I will just ask the users to add those 50 named users as allowed in the restricted "private" parent page, and keep updating those users both in the space permission section as well as the page restriction section. maybe after a while, one of us may get out of the stuck and understand a better way to do things. thanks for your response and happy holiday!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
So you're asking to add a load of people that already have permission to use the page based on their space membership. That's actually very simple - remove the restriction, you don't need it.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
yes, to add a load of people to use the page based on their space membership.
The space has some public pages, so has the "anonymous access" enabled for the space. This page restriction is for the "private" branch or sections the user want to limit to their team members only.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
But that's what they already have. You're asking for something that is already there.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
when you enable "page restriction", everyone possibly except the enabler won't be able to view/edit. then the enabler need to add everyone else permissioned in the space members to the allowed list, right?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.