Missed Team ’24? Catch up on announcements here.

×
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

I would like to remove anonymous access as a choice for Space admins

Ankur Mehrotra
Ankur Mehrotra June 1, 2015

I would like to remove anonymous access as a choice for Space admins.Since if a client space admin accidentally selects anonymous user permission, the space is visible to all users who are logged in which is a security breach in our company.

In the global permissions section for anonymous user we have selected as anonymous users can't use confluence, because of which if a page is set as anonymous a non-logged in user is not able to view that page , but a logged in user can access that page

since we have set in the global permissions that an anonymous user can't view confluence then if a space is set as anonymous (non-login user) then that is working fine for anonymous user i.e. an anonymous user is unable to view that page because of global settings.
But the problem is that if a space is set as anonymous accidentally by a client then that space is visible to all other clients(logged in user) which is a security breach for clients.So if this can be prevented then please let us know or if the anonymous option can be removed from the space permissions then please let us know.

If any body can let us know the UI component in which the space permissions section is visible so that from there we can remove the anonymous section     

Answer
Watch
Like # people like this
1246 views

6 answers

0 votes
Deleted user June 27, 2018

Hi Ankur, 

Is there an update on this request? Can you point me to feature request (if there is one yet) for global admins to be able to remove the anonymous permission option in spaces from the Atlassian as a built in solution and not as a "hack"?  We need to be able to remove several permission options from the space permission scheme so that our space admins don't accidentally grant other permissions such as making permission changes they don't understand or accidentally granting anonymous access.  It would be nice if global admins had more control over which permissions they want spaces and space admins to be able to control.  The check mark options just aren't enough.  We need to be able to disable, lock or completely remove from the space permission options. Thanks.

Also with the hard code solution you propose above, would we have to repeat this hack every time we upgraded on server instance? We host on prem. That option would be resource intensive.

Reply
0 votes
DerivcoITServer
DerivcoITServer October 8, 2017

I would like a better more native solution from Atlassian as well, possibly an additional option in their global permissions. 

Reply
0 votes
Ankur Mehrotra
Ankur Mehrotra June 25, 2015

This is a solution provided by atlassian , no other way we have currently

Reply
0 votes
Stefan Derungs
Stefan Derungs June 25, 2015

Thanks Ankur for the reply.

But this is more a hack than a solution... Do some "magic" in the DB and do some "hacks" on some templates that are overwritten again on an update isn't the way I want to go on our production environment...

A built-in solution from Atlassian would be much appreciated... I mean, shouldn't be too difficult to implement...

Reply
0 votes
Ankur Mehrotra
Ankur Mehrotra June 25, 2015

You can use the query - DELETE FROM SPACEPERMISSIONS WHERE PERMGROUPNAME IS NULL AND PERMUSERNAME IS NULL AND SPACEID IS NOT NULL; to clear out any space-level anonymous permissions

In order to prevent space admins to grant this again, you can modify the page templates in the Confluence installation directory and remove the option from the space permissions page altogether.
For this, you will need to modify the following two files, please see the output of the diff commands respectively to see which lines to remove from each file:
<CONFLUENCE-INSTALL>/confluence/spaces/permissions/viewspaceperms.vm
diff viewspaceperms.vm viewspaceperms.vm.save
50a51,54
> <h2 class="steptitle">$action.getText('perms.anonymous')</h2>
> #if ($action.anonymousSpacePermissionWithoutGlobalPermission)
> #parse ("/spaces/includes/anonymous_access_warning.vm")
> #end
51a56,60
> <div class="stepdesc">
> $action.getText("space.anonymous.perms")
> </div>
>
> #showPermissions( ["a"] $action "false")
<CONFLUENCE-INSTALL>/confluence/spaces/permissions/editspaceperms.vm
diff editspaceperms.vm editspaceperms.vm.save
114a115,117
> <h2 class="steptitle">$action.getText('perms.anonymous')</h2>
> <div class="stepdesc">$action.getText('perms.anonymous.desc')</div>
> #showPermissions( ["a"] $action "true")

Please note that:

  • You will need to restart the instance so that the changes are picked up.
  • The modification will not survive an upgrade of the instance, so you will need to port these changes.
Reply
0 votes
Stefan Derungs
Stefan Derungs June 25, 2015

I would like to remove anonymous access as a choice for space admins as well...

Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events