Restrict viewing for Confluence Administrators?

Our Leadership Team would like to set up a private community within Confluence to discuss sensitive topics.

We are able to restrict the pages for regular staff, but not for people with Confluence Admin rights. These people can see all pages, even when they are not in the list to view the space or a specific page.

We also tried using a private community in the Community Bubbles plugin, but this is also visible to Confluence Admins.

Problem: Many people on the tech team have Confluence Administrator access but should not be able to see the information discussed by the Leadership Team.

Question: Is there a way to restrict Confluence Administrators from seeing specific pages?

5 answers

1 accepted

Accepted Answer
0 votes

Here is what we did for the restricted space:

· Created an “Oops. That page is restricted” page to redirect to an unrestricted page in another space on the wiki.

· Installed Visibility plugin for {show-to} macro

· Modified restricted space layout:

o Added the following to the Header: {show-to:groups=confluence-administrators}

{html}<script>location.replace('http://DOMAIN/SPACEKEY/Oops.+Restricted+page')</script>{html}

{show-to}

Any confluence admin who needed access to the restricted space was removed from the confluence-administrators group, but retained sys admin privileges.

Try setting the view restrictions specifically on a page and see if that works. If you find that it does work for you, any child of that page will inherit its restrictions. I use this to prevent Admins from editing certain pages, not sure I have ever tried to restrict viewing though....

http://confluence.atlassian.com/display/DOC/Page+Restrictions

Yeah, that doesn't work, unfortunately.

I am assuming that the answer to my question is, "you can't restrict viewing for confluence admins," but I wanted to ask here just in case.

We had the same issue. Our admin users now have two seperate accounts. One with regular user rights and one with administration rights. They are asked to only login as admin when required.

So they won't see hidden pages by simply using Confluence.

Considering how many ways there are for tech team to view page content (f.e. run some SQL code against backend database), consider using something like https://marketplace.atlassian.com/plugins/net.customware.confluence.plugin.vault

I figured it out. It's working now.

 

 Okay, I won't be that guy who says it's fixed and not tell you what he did to fix it.

Here's what I found, I can't explain why, but it works.

There is apparently a difference between the permissions of users in the local confluence-admins group vs an AD synced group with the same exact permissions.

For example, we have an admin group that i'm part of that has Personal Space, Create Space(s), Confluence Administrator, System Administrator permissions. 

The local confluence-admins group has the same permissions. 

If i'm logged in with my account, if I click on the padlock, I get taken to a page that says I must request permission to view this page. 

If i log in with the admin account we have in the local confluence-admins group and do the same thing, it take me to the page info and I can remove restrictions.

Another confluence admin and myself have been looking at it for the last 10 minutes speechless trying to figure out why in the world this works. 

 

Hope that helps some of you.

Suggest an answer

Log in or Sign up to answer
Community showcase
Published Oct 09, 2018 in Confluence

Introducing Praecipio Consulting, an Atlassian Solution Partner

Hey there Community!  My name is Vannya Vallejo, the Channel Communication Specialist at Atlassian and I want to help Atlassian users like you learn about our Solution Partners and how they c...

409 views 0 9
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you