For those of you using the SQL plugin, I have a question.
I know that I can use the Macro Security plugin to restrict who can use a plugin (and that is good). But, aside from that.
Lets say that I have a user who is allowed to use the SQL plugin, and that I have two spaces. One space called "Open" and one space called "Super secret". The user who has permission to use the plugin, and access to the "Open" space, but not to the "Super secret" space, will he be able to do a sql query from his "Open" space, to gain access to the "Super secret" space and display the information on his "Open" space?
Yes, once you provide the user access to a datasource representing the Confluence database, then you are providing access to all the data - Confluence security is not involved. This is strictly a database access thing just like given the user an external query tool to look at the database.
In this situation, you want to restrict direct access to the SQL macro by the user and instead provide query capabilities using techniques like Live-template support or administrator provided pages that can be included in the user's pages. These techniques mean that the administrator or trusted user controls the query.
Hi Community! I’m Elaine, Confluence Product Manager. You may have read my earlier post about page tree in space navigation sidebar. I'm excited to share another improvement that helps you organize ...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs