Page Restrictions

Page restrictions allow you to control who can view and/or edit individual pages in a space. So, if you're working on a page that shouldn't be viewed by just anybody, it's easy to lock it down to the people who need to know. You can add restrictions for individuals or for Confluence groups

To add or remove page restrictions, you'll need to have permissions to edit the page and 'Restrict' or 'Admin' permission in the space.

Restrict a page

To restrict who can view or edit a page:

  1. Go to the page and choose  > Restrictions
  2. Choose Restrict viewing of this page or Restrict editing of this page
  3. Enter part of user or group name and choose the appropriate user or group from the autocomplete drop down

Add as many users and/or groups as you need to.

On this page:

To add restrictions when you're creating or editing a page, choose the restrictions icon at the top of the page.

Once you add restrictions, only those people and groups listed in the restrictions dialog will be allowed to view or edit the page.

You don't need to add someone as an editor and viewer in the restrictions dialog.  We'll check if the person is allowed to edit , and if they are, we'll let them see the page.

How restrictions are inherited

View restrictions are inherited, which means a restriction applied to one page will cascade down to any child pages.  Edit restrictions are not inherited, which means pages need to be restricted individually.

Here's the basics:

  • If you restrict viewing to a person or group, only they will be able to see that page and all its child pages (unless there are further restrictions on the child pages)
  • If you restrict editing to a person or group, they'll be able to see and edit that page, plus see its child pages.
  • Parent pages (higher up in the page hierarchy) can have their own view restrictions that may prevent people from viewing your page.

If the person you've listed as a viewer or editor can't see the page, check to make sure:

  • they have View space permission for that space, or
  • there's no view restriction on a page higher up the page hierarchy that prevents them seeing any children of that page.

View current page restrictions

Confluence displays a padlock icon in the byline when a page has view or edit restrictions.

To view the page's restrictions, go to the page and do any of the following:

    • choose  > Restrictions
    • choose the padlock icon in the byline
    • choose the Restricted icon  at the top of the page if you're in the editor

You'll see the page restrictions dialog listing the users and groups that have permission to view or edit the page.

Screenshot: Page Restrictions dialog showing viewing restricted to the 'developers' group and editing restricted to two users. 

Remove restrictions from a page

If you need to remove existing restrictions, choose Remove restriction next to the user or group.

Request and grant access to view a restricted page

If you navigate to a page that you're not able to view because it has page restrictions applied (for example from a link or page URL) you may be able to request access to the page. 

To request access to a restricted page:

  1. On the restricted page choose Request access
  2. Wait for an email confirming that access has been granted

If the request access message doesn't appear, you're not able to request access for that particular page. This usually is because the page has inherited view restrictions from a parent page, or you may not have adequate space permissions.

To grant access to a restricted page:

  1. In the request access email, choose Grant access
    You'll be taken to the restricted page, and a dialog will appear with the access request
  2. Choose Grant access

The user will receive an email confirming that access has been granted. 

This process is the same as navigating to  > Restrictions and adding a 'View' restriction for the user. 

Who can grant access?

To grant access to a restricted page you will need to have permission to edit that page, and have the 'Restrict' or 'Admin' permission for the space.

Confluence will send an email to a user who can grant permissions. The sequence that Confluence will use to search for the appropriate user is:

  1. The last person to edit the page
  2. All non-admin users that can set permissions on the page (given that an admin user can always set permissions)
  3. The page creator
  4. All the space administrators

Confluence will try each of these roles in turn, emailing the first user that has appropriate permissions.

View all restricted pages in a space

You need space admin permissions to view the list of restricted pages in a space.

To view restricted pages:

  1. Go to the space and choose Space tools > Permissions from the bottom of the sidebar

  2. Choose Restricted Pages

If your space uses the Documentation theme:

  1. Choose Browse > Space Admin from the header

    Note: The Space Admin option appears only if you have space admin permissions, or if you're part of the 'confluence-administrators' group.

  2. Choose Restricted Pages in the space administration options

Screenshot: Restricted pages in a space

 

Notes

  • You can't exclude yourself 
    As creator or editor of a page, you can't use page restrictions to deny yourself access to the page. Confluence will automatically add your username into the list of users/groups allowed to view/edit the page. If you remove your username, Confluence will put it back again. 
  • Space Admin and System Administrator access to restricted pages 
    Users with 'Admin' permissions in a space, or users with the System Administrator global permission can remove restrictions from pages, even if the page restriction prevents them from viewing the page. Go to  Space Administration  >  Restricted Pages.

Was this helpful?

Thanks for your feedback!

105 Archived comments

  1. User avatar

    James Mortimer

    • How do I modify the page restriction 'notification' page that is returned so that I can indicate who the user should contact when they come accross a restricted page?
    • How do I display the list of page restrictions inline on a given page, to make it clear to users to whom the page is restricted?
    10 Sep 2007
    1. User avatar

      Choy Li Tham

      Hi James,

      How do I modify the page restriction 'notification' page that is returned so that I can indicate who the user should contact when they come across a restricted page?

      If you would like to change the page that shows the "you cannot view this page" notification, then you may want to give a try to modify the pagenotpermitted.vm file which is located in the <confluence.home>/pages directory. Please ensure that you have made the appropriate backup of pagenotpermitted.vm file before proceeding with the modification.

      How do I display the list of page restrictions inline on a given page, to make it clear to users to whom the page is restricted?

      Unfortunately, I'm not aware of any plugin or macro that would meet your requirement. To my understanding, a lits of restricted pages can only be seen by the space administrator.Perhaps you may want to search through our confluence extension to see if there are any available plugins which might meet your requirements.

      Regards,
      Choy Li

      12 Sep 2007
      1. User avatar

        James Mortimer

        Thanks. Already did but couldn't find anything appropriate there. Will use the pagenotpermitted.vm mod. Thanks.

        12 Sep 2007
      1. User avatar

        Anonymous

        The use of the .vm file to modify the "you cannot view this page" notification is not flexible enough.  Our enterprise Wiki has different teams/groups that restrict viewing of portions of their sites.  If a parent page has been assigned viewing restriction, they should be able to provide a custom response for users who do not have viewing access to that page or any of its children.  That response will direct the user where to go to aquire access.  Their may be several different contacts/instructions within a space.

        01 Apr 2008
        1. User avatar

          Mei Yan Chan

          I would suggest you to raise a feature improvement detailing your requirement at:

          Regards,
          Mei

          02 Apr 2008
          1. User avatar

            Silver Salonen

            Has the feature request been raised for now?

            27 Feb 2014
  2. User avatar

    Paul Csapo

    Just a quick check... why are 'Edit' restrictions not inherited when creating a child page underneath an already restricted page? Is it because people can not edit a page that they can not view?

    I'm thinking that ALL restrictions should be inherited by default IF the parent page (or a previous parent page) contained restrictions, and then just before the page is saved, an alert informs the creator that the child page has inherited the same viewing/editing restrictions as a precaution, and displaying them if possible.

    Then, if the creator of that page needs to modify the restrictions, they can simply re-edit the page and modify the restrictions accordingly. This way, it should minimise the chance of anyone creating a child page in a protected area with more open permissions by mistake.

    What do you think?

    kind regards,
    Paul

    12 Oct 2007
    1. User avatar

      Anonymous

      Now I have the same problem. I want to restrict the editing of a page and also the children (nearly about 60) and the restrection is not inherit (sad).

      20 Nov 2007
      1. User avatar

        Choy Li Tham

        Hi,

        We are aware of such needs and there is an improvement request being tracked at the following:

        If you are keen on this improvement, please do cast your vote to increase its popularity and add yourself as a watcher to the issue for future updates. Also, feel free to add comments to the improvement to reflect the importance of this request.

        Regards,
        Choy Li

        21 Nov 2007
        1. User avatar

          Bruce harrell

          Agreed..... YES> If a page is retricted for editing, there should be an option to restrict all the children as well...

          Bruce

          29 Jan 2008
      1. User avatar

        Anonymous

        Same Problem here! Is there a solution already??

        07 Dec 2011
  3. User avatar

    Thoralf Will

    I have some trouble with the restrictions as well. Scenario:

    Now I want someone to be able to access Subpage2, Page4 and it's children only - but not Page1, Page2, Page3, Page5-99. How do I do that?
    From my understanding I have to set permissions for all pages manually to keep them from getting displayed, including every newly created page in both spaces.

    Is there a way to do this better?

    (I would like something like a "positive list", a way to add a user/group to a page so the person in question can access exactly this one page (and maybe its children))

    29 Nov 2007
    1. User avatar

      Tony Cheah Tong Nyee

      Hi Thoralf,

      I believe there is no easy way to achieve this. Indeed, the workaround that you have suggested is one of the possible way.

      Now I want someone to be able to access Subpage2, Page4 and it's children only

      Another tedious workaround that I can think of for this is to provide the following scenario:

      1. Having a space created
      2. The space should consist of two main parent pages
      3. The first parent page is restricted from the specific user/group to be viewed
      4. The second parent page does not restrict the user/group to view the content
      5. Summary:
        Space
        - Parent page 1 (With restriction)
           -- Subsequently, the children pages would also inherit the permissions automatically
        - Parent page 2 (Without restriction to the user/group)
           -- Hence, the children pages are also viewable by the the user/group
        

      Additionally, I have also found a feature request that might meet your requirement being tracked here:

      Feel free to cast your vote to increase its popularity and add yourself as a watcher so that you will be notified if there are any updates. Also, please add comments to the feature request to truly reflect the importance of the feature to you.

      Cheers,
      Tony

      04 Dec 2007
      1. User avatar

        Thoralf Will

        Voted.

        Another workaround that might help:
        Adding an additional "default group" that every regular member is part of and auto-adding this group to the acl of every newly created page.
        The question is: how to set acls for a page automatically when they are created? Is this even possible?

        11 Dec 2007
        1. User avatar

          Tony Cheah Tong Nyee

          Hi Thoralf,

          Unfortunately, I am not aware of the automation feature that you have suggested. However, if you are keen on this feature, you may want to raise a new feature request for this in our Issue Tracking system to share your idea and the importance of having this feature.

          Cheers,
          Tony

          12 Dec 2007
      1. User avatar

        Anonymous

        is the conf 7089 still going to happen?

        09 Oct 2013
  4. User avatar

    Jakob Voss

    Our own-hosted installation of Confluence is conneted to an LDAP server for management of users and groups. With confluence 2.7.1 I thought you can now give permissions to pages for single users. But in this scenario it does not seem to work:

    1. SPACE-X is restricted for viewing and editing to GROUP-Y
    2. PAGE-Z is in SPACE-X.
    3. PAGE-Z is edited and restricted for viewing and editing to GROUP-Y and another PERSON-A (who is not in GROUP-Y)

    But PERSON-A still cannot view or edit the page! Is it wrong configuration, a bug, or a feature? We would like to invite additional people to collaborate at pages that are restricted by default. How can we do this?

    24 Jan 2008
    1. User avatar

      Ming Giet Chong

      Hi Jakob,

      This is the expected behavior where users/groups which are granted with view/edit page restriction, they are the only users/groups which has the permission to view/edit the page.

      We would like to invite additional people to collaborate at pages that are restricted by default. How can we do this?

      I would suggest you to raise a feature request the our issue tracker https://jira.atlassian.com.

      Regards,
      MG

      29 Jan 2008
      1. User avatar

        Anonymous

        I don't believe that is what Jakob was saying -

        I have SPACE X that is open to all for viewing, but only GROUP-A can edit pages in the space.

        I want to be able to invite PERSON-B, who is not in GROUP-A, to edit a page in SPACE X.  So I got into the page, change the restrictions to GROUP-A AND PERSON-B, but PERSON-B still cannot edit the page.

        The only way we can get them to have permissions to edit the page is to grant PERSON-B edit permissions to all of SPACE-X.  Not exactly what we want to do.

        17 Jul 2008
        1. User avatar

          Ming Giet Chong

          Hi,

          This is indeed the behavior in Confluence. In order to grant/assign the Page restrictions in the page, the user must has the space permission. For example in your above scenario, the PERSON-B must has the "space permission to create and edit pages" in order to set the page restriction to the page.

          You can find more information from the detailed doc below:

          Regards,
          MG

          18 Jul 2008
  5. User avatar

    Peter Jaffe

    The "How to Open Part of a Space" scenario has the significant downside of not being able to restrict access to Mail, News, and other non-page related content. Maybe this is more of a comment on providing a space's general View permissions at a finer grain.

    19 Sep 2008
    1. User avatar

      Azwandi Aris [Atlassian]

      Hi Peter,

      Thanks for your opinion on this matter. You might want to vote or put your comments on the following feature requests:

      Hope that helps.

      Cheers,
      Azwandi

      22 Sep 2008
  6. User avatar

    Anonymous

    I have the problem, that i don't want that anybody can add pages

    Space1 - Page1 (here I want, that only group A can add pages)

    • Page2 (here I want, that only group B can add pages)

    there must be an other way as create diffrent spaces, or?

    03 Feb 2009
    1. User avatar

      Giles Gaskell

      Hello there,

      If I understand correctly, do you wish to confirm if Confluence can restrict the addition of pages 'within' an existing page, to specific users or groups?

      If so, then unfortunately this feature is currently not available. However, this has already been raised as a JIRA issue in CONF-9374 and you can vote on it to increase its chances of being fixed in a future version.

      Best regards,

      Giles Gaskell
      Technical Writer
      ggaskell@atlassian.com
      ATLASSIAN - http://www.atlassian.com

      04 Feb 2009
      1. User avatar

        Jason Kabel

        We also really need this feature, but I don't have access to the CONF-9374 ticket you mention. Is this supposed to be public?

        23 Jul 2009
        1. User avatar

          Azwandi Aris [Atlassian]

          Hi Jason,

          Indeed, CONF-9374 is restricted from public due to security reasons. However, I believe that Giles was trying to point to CONF-7089 instead, as it is more relevant to this requirement.

          Hope that helps.

          Cheers,
          Azwandi

          28 Jul 2009
  7. User avatar

    Anonymous

    I am having pretty good luck with restricting page viewing and editing in my space.  My question is how can I prevent comments on a particular page.  I know how to do this at the space-level, but not the page-level.  Furthermore, I'd like to restrict people from adding child pages at the page level.  Are these tasks possible or would I need to create a feature request?  Thanks!

    02 Mar 2009
    1. User avatar

      Azwandi Aris [Atlassian]

      Hi,

      There seems to be a good ongoing discussion on this matters at the following feature requests:

      Feel free to chip in, cast your vote and assign yourself as a watcher to be notified on future updates. Hope that helps!

      Cheers,
      Azwandi

      03 Mar 2009
      1. User avatar

        Anonymous

        Thanks very much!  I will vote on and track these requests.

        03 Mar 2009
  8. User avatar

    Pooja Gandhi

    Inherited restrictions do not work very effectively. I am able to find the pages when search and open too despite of the fact that the parent page has view restrictions for "Anonymous" Users.

    I used Confluence 2.10; is it a bug in it?

    30 Sep 2009
    1. User avatar

      Oeyvind Aamdal Eliassen

      Hi all,

      I am having the same problem.

      I have view restrictions on a page called Entity Pages for the group some-group. Only users in this group can view Entity Pages. But all users can view the children of Entity Pages.

      Is this a known bug in Confluence? I am using Confluence 3.2.1

      18 Oct 2010
  9. User avatar

    Davide De Benedictis

    Hi all,

    I see that meny people have sophisticate needs... but I should have a "simple" problem with restrictions (I have Confluence 3.0.1):

    I have a user with a default personal space. I mean "default" because we did not change the default page and personal space permissions: confluence-users can view the all the personal pages but only the author and space owner can edit the pages.

    Now this user creates a page inside his personal space and he wants that another user can edit only this new page.

    He followed all the instructions in the docs and now the page reports:

    Only Axxx can edit this page. (set by Axxx at 11 November, 2009 15:17)
    Only Bxxx can edit this page. (set by Axxx at 11 November, 2009 14:50)

    Obviously Axxx is the space owner.

    Unfortunately user Bxxx still is not able to edit the page but he can see its name as a user with edit permission on it.

    What is wrong?

    Thank you in advance

    11 Nov 2009
  10. User avatar

    Anonymous

    Why are the 'Edit' restrictions not inherited by children pages? This would it easier to have different topics from different departments in 1 wikispace.

    I know its possible on wikispace level, but i need to have different permissions for pages in one wikispace

    03 Feb 2010
    1. User avatar

      Zed Yap [Atlassian]

      Hi,

      I found a feature request in JIRA:

      Please add your comments to the discussion, vote on it and add yourself as a watcher for future updates. Also, please bear in mind the following document on how we schedule features for inclusion in our products: Implementation of New Features and Improvements.

      Hope that helps.
      Best rgds,
      Zed

      04 Feb 2010
  11. User avatar

    Anonymous

    I have a resctricted page with links to attachments. The link to the attachments are disabled to people that do not have viewing permissions but if they go to the "attachment" menu option of the page, they are able to see them and open them. 

    How can I protect attachments as well?

    10 Feb 2010
    1. User avatar

      Anonymous

      I also need the ability to restrict access to Attachments so that they are not viewable / accessible from anywhere.  This is an old question but I can't find an answer.  Is it possible now and if so, how?  Thanks - Ruth

       

       

      09 Oct 2012
  12. User avatar

    Anonymous

    is there an answer to this ?????

    25 Sep 2010
  13. User avatar

    Anonymous

    I have a similar problem with page ristrictions. I can access the function, when editing a page, but when i try to Restrict viewing of this pageor Restrict editing of this page nothing happens. I have added both me, groups and users but with no result. Any ideas 

    30 Sep 2010
  14. User avatar

    Jay Sellers

    Is there any way to apply security to portions of a page?  In the older versions we could restrict certain things in a page to certain people/groups.  I'm trying to do this with Confluence 3.3.1 and can't figure out how.

    Example:
    If I have a Business document and I want to have a section of the page that contains links to the technical specifications, I want that link only viewable by my developers, not SMEs or Sales.

    Thx,

    -Jay

    05 Oct 2010
  15. User avatar

    heather

    I like the non inheritance myself. I think this is important. My issue is that edit permissions are defaulting as restricted. I want it to default as editable by the groups with access to changing pages.  I just changed my space permissions so that no one can restrict pages (assume this means editing). Older pages did not inherit this change. I can get to the screen where I can change permissions, but I can only do it for my pages (I am a system and space admin). i want to change a BATCH of pages with restrictions. How can I make a batch change?

    13 Oct 2010
  16. User avatar

    Anonymous

    Since the upgrade to 3.3.x our Confluence instance does not allow to change page restrictions using the Security Lock symbol or by tools/restrictions. the dialog lightbox does not pop up. We can remove restrictions by going into page edit mode and select restrictions:edit - but here we can only remove restrictions alreday set but not add new restrictions. We traced the HTTP communication between Firefox and the server and we will get an 404 for the URL, like this

    GET    404    text/html    http://confluence/pages/getpagepermissions.action?pageId=1998953&parentPageId=&parentPageTitle=

    What's happen? We strongly need a solution.

    Thanx for any help and suggestions.

    Dennis

    20 Oct 2010
    1. User avatar

      heather

      I have the same issue. I am a system administrator and on some pages I can't remove restrictions at all unless I go at it through the admin panel. Firefox and Safari behave the same.

      I think that I have not had a problem with most pages going forward, but old pages are funny. Check to see if this is true for you. 

      20 Oct 2010
      1. User avatar

        Anonymous

        We cannot change page restrictions on any page using tools/restrictions. On old pages we can remove restrictions while going into edit mode and open the restriction dialog there. All kind of users have this problem. The problem occurs with Firefox and Internet Explorer.

        We strongly need a solution cause some of our managers do not like to add data without having access control to it.

        BTW Our Confluence requests server resources which also cannot be found, e. g. the picture /s/1925/200/8/_/images/icons/view_16.png :-( It should be the eye on the restrictions dialog pop up.

        21 Oct 2010
        1. User avatar

          Anonymous

          We solved the problem :)

          We have customized layouts in our Wiki. We resetted to the default layouts from 3.3.3 and our changes to the new layout definitions and the page restrictions worked fine.

          In future we will keep care of our layouts ;-)

          Dennis

          18 Nov 2010
          1. User avatar

            Anonymous

            More specifically, you just need to add the following line to your page layout.

            #parse("/decorators/includes/page-content-includes.vm")

            Then it would work fine =)

            07 Jan 2011
  17. User avatar

    Anonymous

    Note of caution - I've been able to set up two areas that provide public and private permissions and this works fine.  However if you use the include/import macro on the public page so that it include content from the private page so that content is available on both private and public pages for those with the correct permissions, if you then edit the public page, an email notification is sent to those watching the public page which includes both the public content and the imported / included content - regardless of permissions.

    21 Oct 2011
  18. User avatar

    Anonymous

    I want to restrict the error of 404 which is coming when users give somepagename.aspx in url after the main url of the project. Pls help me with the same. thanks in advance.

     

    13 Dec 2011
  19. User avatar

    Ted Huntington

    We have a lot of departments under one Confluence space- and it would be much better if edit permissions were, like view permissions, inherited- otherwise anybody can delete any page of the other departments. Is this something planned for the future?

    19 Apr 2012
  20. User avatar

    Anonymous

    Jay has already asked this question, but since he didn't get an answer I will ask again: is there any option to restrict just a part or a specific area of the page? I know there's a plugin to block such page portions, but it's just not visible and still not restricted (there could be some security issues).

    Also, if a page is restricted for a particular user, is it shown in the page hierarchy on the left sidebar? Has anyone any experience with restricted child pages that are structured as tabs on a parent page? In particular is there a tab shown for a restricted child page?

    06 Aug 2012
    1. User avatar

      Sarah Maddox [Atlassian]

      Hallo there

      There is no option in standard Confluence to restrict just part of a page. However, you could put the restricted content into a page, restrict that page and then use an Include Page macro to include it into another page. This is only a partial solution: People who don't have permission to see the included page will see an error message instead of the restricted content.

      Restricted pages will not appear in the page hierarchy on the left, when viewed by someone who does not have permission to see the page. If you specifically add a link to the restricted page on another page, that link will be visible, but not clickable, for people who don't have permission.

      I don't know about tabs – I'm guessing you're using a plugin to create the tabs, so it would depend on the plugin's behaviour.

      Cheers, Sarah

       

      07 Aug 2012
      1. User avatar

        Anonymous

        Thank you very much for your answer!

        Regards,

        Marta

         

        07 Aug 2012
  21. User avatar

    Dan Burzynski

    Is there an easy way to find out where a 'group' is being used to restrict on either a Space or Page? I have a few groups that were set up years ago and I need to know if it's safe to delete them. I need a way to be able to plug in a group name and see all spaces and pages that it's being used on. I'm happy to trawl through the database to do this, but I don't really know which tables I should be looking at to give me the answers.

    20 Aug 2012
  22. User avatar

    Anonymous

    Hello,

    Is there a way to view a "change log" or history of when the page has been locked or unlocked?

    Thank you!

    Laura Bantug

    23 Aug 2012
  23. User avatar

    Renee

    I don't believe I saw this question answered elsewhere, though I did try to carefully read the comments and search Confluence:

    I would like to be able to temporarily log in to Confluence as another template user to ensure permissions have been set correctly before sending information out more broadly.  To explain what I mean, I'll give a simple example of our set up and what I'd like to be able to do:

    • We have a workspace with 10 page  
      • Everyone can see the workspace, but pages are generally restricted by user/group
      • Everyone at the company can see at least the 3 pages that have been reviewed and OK'ed for public consumption
      • Group 1 are "contributors" and can see all 10 pages
      • Group 2 are "reviewers" and can see the 3 OK'ed + 5 more waiting to be reviewed (2 are hidden from them)
    • I'm a "contributor" from Group 1 and I'd like to be able to see Confluence from the perspective of EITHER a "Group 2 reviewer" or "someone at the company who isn't in either Group 1 or Group 2
      • My question:  Is there a better way to do that without setting up dummy users?
    16 Oct 2012
    1. User avatar

      Augustyn Wilk

      You could use confluence su to impersonificate to other user. Untill plugin v. 1.2.5 it is free. Such version does work on confluence up to 4.3.7 (tested)

      18 Jul 2013
  24. User avatar

    Ales Kecman

    Hi,

    I have the following page structure:

    • Page 1
      • Page 1.1
      • Page 1.2
        • Page 1.2.1
        • Page 1.2.2
      • Page 1.3
    • Page 2

    For page 1.2 and it's child pages (1.2.1, 1.2.2) I would like to restrict the viewing to everyone except few selected people. How do I do that. Our company employes 500+ people and we're using LDAP for people and groups directory.

     

    07 Jan 2013
  25. User avatar

    Jeremy Seely

    Restricting page access is super easy to do, but what is the preferred method for allowing page access to individual pages? I have a case where I need an individual to be able to view a single page inside a space he does not have access to.

    13 May 2013
    1. User avatar

      Logan Jaynes

      Has anyone figured this out? I don't want to allow a user access to a space and restrict viewing to all other pages except one for every other user. 

      10 Mar 2015
      1. User avatar

        Giles Brunning [Atlassian Technical Writer]

        Hi Logan,

        There's no easy way to do this at present, but there are a couple of workarounds you can use. Probably the easiest is to create a new space with your preferred permissions, then copy the page into that space.

        I know it's not a great solution, but we are working on a better solution for this scenario.

        10 Mar 2015
  26. User avatar

    Jay Miller

    I would very much like to hear a response from Atalassian on Jeremy Seely's question.  This is an issue that is currently making Confluence difficult for us.  A common scenario is that I have a space that has public view permissions but editing is restricted to a few users.  Sometimes users of this space want to collaborate with someone outside the team, so we want to grant a specific user or set of users access to edit a specific page.  It isn't always the same users so creating a new space each time would be hugely cumbersome.  Plus someone else altogether has space creation permissions.  How does Atalassian suggest handling this workflow? 

    23 Aug 2013
  27. User avatar

    Anonymous

    I have the same problem. I would like to allow access to a single group of pages within the wiki to an individual but would rather not give them access to the whole wiki space. Can you help? I do not want to add them and then have to restrict all the other pages that they don't need access to.

    Thanks,

    Jen

    04 Sep 2013
    1. User avatar

      Ross Bagwell

      Jen,

      That is pretty much the workaround that we are doing at my workplace. We add the user to the space as View (All) and Add (Pages), but then we lock the restrictions to the page(s) inside to groups, etc.

      Ross

      17 Sep 2013
  28. User avatar

    Bryanne Leeming

    I have the same issue. We would like to be able to add one or two users to be able to view a specific page within a restricted area. Will we need to pull the content into another space for them to see it? Or can we let them see a page in a space without adding them to the space group and restricting their access to the 100+ other pages in that space? 

    16 Sep 2013
  29. User avatar

    Anonymous

    Is it at all possible to prevent editing when some one else is to prevent edits from saving over each other, or can we see who is editing when another person edits

    22 Oct 2013
  30. User avatar

    Pete Chow

    Is there a way to control permissions on a 'Page' were i want to disable Comments or blogs?

    I still want to have users have the permissions to edit a page or add pages to some but not all pages

     

    thanks

    Pete

    31 Jan 2014
  31. User avatar

    Steve McMillen

    Is there any way to prevent a page from being searched but still allow it to be viewed by anyone?    Or a way to lower the relevance of a given page in search?

    We have some very large specs.  They are very old and date back before confluence 4.0.  Now seems that they take very long time to save in confluence 5.2  Not sure why but we've found if you just copy and paste to an ew doc, the performance issue with saving is gone. So I'm going to archive these to new names (I don't really want to delete since they have a lot of change history) but I don't want these convoluting search results.

    Another use case is that we have change specs in any one sprint.  Then we merge to main specs.  We may go 2-3 sprints before we get time to merge specs.  So folks need to search a lot for info.  So I'd like to lower the priority of the change specs once I have merged them.  Is this possible?

    28 Feb 2014
    1. User avatar

      Rachel Robins [Atlassian Tech Writer]

      Hi Steve,  it is not possible to restrict particular pages from the search, however archived spaces do not show up in the search however, so that might work for you.   If they are in a space that you do not want to archive, you could move the pages to a new space first, and then archive that space. 

      As for the slowness you are experiencing with your pages, it might be worth contact Support about this.  

      02 Mar 2014
    1. User avatar

      Rachel Robins [Atlassian Tech Writer]

      Hi Steve,  it is not possible to restrict particular pages from the search, however archived spaces do not show up in the search however, so that might work for you.   If they are in a space that you do not want to archive, you could move the pages to a new space first, and then archive that space. 

      As for the slowness you are experiencing with your pages, it might be worth contacting Support about this.  

      02 Mar 2014
  32. User avatar

    Christine Absil

    Hello

    Regarding

    "Space Admin and Confluence Administrator access to restricted pages

    Users with 'Admin' permissions in a space, or members of the 'confluence-administrators' group can remove restrictions from pages, even if the page restriction prevents them from viewing the page"With an 

    with an older version (3.2.1) I see that a confluence-administrator can see all pages, "even if the page restriction prevents him from viewing the page" ... without having to remove the restriction... It this normal? Is this still the case in most recent version?!

    Thanks.

    17 Apr 2014
    1. User avatar

      Rachel Robins [Atlassian Tech Writer]

      Hi Christine,  the names of permissions and groups can be confusing here. Users with the System Administrator global permission (which is granted to the confluence-administrators group by default) can see all pages, even if they have restrictions. 

      Users with the Confluence Administrator global permission cannot see restricted pages, but do have the rights to specifically remove permissions from a page, and then view it. 

      Sorry the group names and permissions being so similar makes it quite confusing. 

      22 Apr 2014
      1. User avatar

        Christine Absil

        hi Rachel

        Thanks for your detailled answer. Indeed, I was confused. Even in my old version, there are 2 distinct global permissions: confluence administrator and system administrator

        But I tested confluence administrator, said to be "Can administer the application but is disallowed from operations that may compromise system security." , in my version 3.2.1. Well, a user with such permission indeed does not see restrited pages, but ... he/she may ... edit the global permissions... It this normal? and still the case in most recent version?

        Thanks.

        22 Apr 2014
        1. User avatar

          Rachel Robins [Atlassian Tech Writer]

          Hi Christine, yes, the behaviour is the same in the latest version.  Users with the Confluence Administrator global permission cannot see restricted pages by navigating to them or search - but they can remove the restrictions, and edit global permissions. 

          22 Apr 2014
  33. User avatar

    Hans-Peter Geier

    The feature to request access to a restricted page (as introduced by Confluence 5.3) does provide the request button when the URL which the user entered is on that level where the view restriction has been set.

    In practice, it's very likely that the shared URL is a page on a deeper level. In this case, there is no such request button.

    It would be good to show this button in this case as well. (I understand that the administrator will have to invistigate at which place to remove the view restriction. It won't be a simple click in the received email.)

    Also, when the shared link goes into a space where the user does not have access on the sapce level, the result will be even different. (a search result list for all kind of other hits anywhere in the system. Not helpful)

     

    It would be also good to have a similiar solution when a page holds a link where the user has no view access.

    The current implementation is that there is no URL provided under the link, so again the user has no way to access request.

     

    Are there any existing enhancement requests on any of these topics already?

    30 Apr 2014
  34. User avatar

    Debbie Ryan

    Hi, I am using the documentation theme and have applied view and edit page restrictions here: http://skb.sterland.com/display/TEMP/Test+of+adding+a+draft+page but cannot see the padlock icon. Is there a bug or it something I have done incorrectly? Thanks Debbie

    06 May 2014
    1. User avatar

      Rachel Robins [Atlassian Tech Writer]

      Hi Debbie, sounds like there could be a bug.  In the documentation theme the padlock icon should appear to the left of the page byline (with the name of the page creator etc). One thing to check is if you site has any Custom CSS (either in the space or globally) as this can sometimes cause parts of the UI to not display correctly. If that doesn't help, contact Support who will help you troubleshoot the issue. 

      06 May 2014
      1. User avatar

        Debbie Ryan

        Hi Rachel,

        I'm new to Confluence and .css and .html so a complete novice, but I do recall I read somewhere how to edit the .css to remove the 'Last created by' which I wanted to remove. Now I can't find that info on the Confluence site.

        Is this the .html below that I should remove from the .css to reinstate the page creator etc? If not, can you send me the link to the info?

        .page-metadata UL LI {
        display: none;
        }

        Do I have to have the 'Last created by Last updated by' to be able to view the padlock in documentation theme? Is there no workaround?

         

        Thanks very much,

         

         

        07 May 2014
        1. User avatar

          Rachel Robins [Atlassian Tech Writer]

          Hi Debbie, you could try using this instead - which only hides the modification info, and should leave the attachment icon and restriction icons visible.  

          However, be aware that custom CSS like this is not supported and can break when you upgrade Confluence. 

          07 May 2014
          1. User avatar

            Debbie Ryan

            That worked a treat. Thanks so much Rachel :-)
            When we do upgrade Confluence, how can we prevent things like this from breaking?
            07 May 2014
            1. User avatar

              Debbie Ryan

              Sorry one other question. When you have anonymous users, how does the page restrictions work as they don't have a user id or belong to a group as such to restrict them, do they? I don't want any of our 'view only' anonymous users to see our restricted content. thanks

              07 May 2014
              1. User avatar

                Rachel Robins [Atlassian Tech Writer]

                Hi Debbie, 

                Pages that have a view restriction applied can only be seen by the people specified (individuals or members of a group). Anonymous users cannot see any pages that have a view page restriction as they are not a member of a Confluence group. 

                You can also use space permissions to prevent anonymous users from viewing entire spaces if that is useful. 

                Re upgrading - if a class name or UI element has changed in the new Confluence version your Custom CSS may no longer work - this generally does not prevent Confluence from running, it just may make your spaces look a little strange (depending on how much you have customised it). After upgrading, if you notice problems I recommend removing any custom CSS and then working from there. 

                07 May 2014
  35. User avatar

    archi tect

    Reading all those comments, my impression is: you only can narrow down permissions down the page hierarchy, but you can't widen permissions. And respecting that constraints, Implementation of CONF-5095 - Page edit permissions should be inherited by pages, like view permissions are Open would save the day for many situations, but with over 300 votes still does not make it to the board.

     

    So, taking a look at Confluence Permissions Architecture I wonder if there is any 3rd party implementations on the market that resolve the shortcomings?

     

    I think the recent implementation works fine for s.th. like project spaces, where you typically have public areas and some confidential sub areas.

    But thinking of s.th. like an Intranet, I would like to provide read access to root pages, and delegate write access to sub pages to delegate editorial responsibilites. I am quite puzzled how I could achieve that.

     

     

     

    07 May 2014
  36. User avatar

    LW

    Have a question about permission's. I have a space where there is a group that has access to publish content (view/add etc) across the space. I want to give view/add access to one user on a page/children of that page within the space, but not access to all pages across the space. Is this possible? I've tried giving the user edit access via page restrictions, but they can not edit? We are using Confluence 5.4.4 and Zen.

    24 Sep 2014
    1. User avatar

      Rachel Robins [Atlassian Tech Writer]

      Hi LW, this is very tricky.

      First, the user needs add permission in the space. Even if you use page restrictions to grant editing permissions, the user needs to have Add permission in the space first. 

      Then you would need to restrict viewing and / or editing to all the pages this user is not allowed to see / edit.  This is where the hierarchy becomes difficult, as view restrictions are inherited, so they would need to be able to see all parents of the page they want to edit. 

      One workaround would be to store these pages in another space, and made the content available in the space using an Include Page macro, not ideal, but would allow you to grant some users full edit permissions on only some pages, and restrict it in the final space. 

      29 Sep 2014
      1. User avatar

        LW

        Hi

        Thanks for the response, and sorry for the late repy. Looks like a bit of an admin nightmare to be honest.

        Cheers

        Leesa

        16 Oct 2014
  37. User avatar

    Don Reynolds

    Is there a method of restricting the creation of new child pages? I have a space home page that users will create child pages under, when they should not. These new pages should be children of the appropriate child page.

    24 Oct 2014
    1. User avatar

      Rachel Robins [Atlassian Tech Writer]

      Hi Don, sorry there isn't a way to restrict this.  You can prevent users from creating pages using space permissions, but not force them to create pages in a particular location. 

      One thing that some customers do is to use the Create from template macro (as seen on some of the blueprint index pages) as a way to encorage users to create pages under the correct parent. 

      27 Oct 2014
  38. User avatar

    Mike McGreevy

    Is there any way to make a bulk, page-level, edit restriction change to most but not all pages in a space?

    18 Nov 2014
    1. User avatar

      Giles Brunning [Atlassian Technical Writer]

      Hi Mike,

      Unfortunately, there's no way to do it in the UI, or through the REST API, that I'm aware of. Feel free to make a feature request though.

      26 Nov 2014
  39. User avatar

    Pete B

    Hi, is there a way to automatically set restrictions on new pages before they are created, so the new page would be viewable only to specific users/groups? I know you can do it manually when you create the page, but it'd be nice to set a default so contributors don't have to think about it. Thanks!

    11 Dec 2014
    1. User avatar

      Giles Brunning [Atlassian Technical Writer]

      Hi Pete,

      The way to do it would be to create a space (or more than one if you need to) and revoke the 'view' permission from the group or groups you don't want to see pages in that space. That way, any pages created in the space would only be viewable to users or groups you grant the view permission to.

      11 Dec 2014
      1. User avatar

        Pete B

        Whoa, thanks for the speedy reply, Giles Brunning!

        Hmm, so in essence, I should create a "draft documentation" space, then move the content to the production space(s) when done?

         Our layout is such that I've created a space for each product version. It'd be ideal to have a template or something where we create new docs, they are by default not visible (this is a request from my support team who want to help out with the docs – they'd prefer the writing/editing staff (AKA "me") to review content before it goes live. 

         It might just be easier to include a step in our writing process for authors to set restrictions when a new page is created. 

        Thanks!

        11 Dec 2014
        1. User avatar

          Giles Brunning [Atlassian Technical Writer]

          A draft documentation space would do the trick, but it might, as you say, be easier for them to just add the restrictions as part of their page-creation process.

          You can take a look on marketplace as well. There are a couple of plugins for drafting and publishing.

          11 Dec 2014
          1. User avatar

            Pete B

            11 Dec 2014
  40. User avatar

    Susan Pedicini

    Is Confluence working on creating a macro that would let me restrict content on a single page? I'd like to be able to set restrictions on a content-level basis rather than a page-level basis. Is there a plug-in for this? We manage wikis for both our internal employees and our customers, and this would make it easier to integrate content that is applicable to both parties.

    02 Feb 2015
    1. User avatar

      Pete B

      Have you tried the Visibility plug-in by ServiceRocket?

      https://docs.servicerocket.com/display/VIS/Visibility

      It works well for us and it also keeps the content out of the page source, so it's not just hidden in HTML comment tags.

      02 Feb 2015
  41. User avatar

    Alice

    Hi Atlassian,

    I would like to create page-trees where the child page has different permissions than the parent page. e.g. A parent could have view restrictions, and the child page different view restrictions. Is there an open ticket for this, or any possibility that this may come about?

     

    Thanks,

    Alice

    10 Feb 2015
    1. User avatar

      Rachel Robins [Atlassian Tech Writer]

      Hi Alice,  I've had a quick look, and can't see any issues about non-inheriting page restrictions, feel free to raise the suggestion yourself.  There's no way to stop child pages inheriting the view permission of their parent pages. 

       

       

      10 Feb 2015
  42. User avatar

    Henry

    Hi Atlassian, 

    I saw it mentioned earlier but it didn't appear to have been answered. Is there a way or possible upcoming feature which allows for a page to be view-able and editable but cannot be deleted?

    08 Mar 2015
    1. User avatar

      Rachel Robins [Atlassian Tech Writer]

      Hi Henry, the only way to prevent users from deleting pages in a space is to not grant Delete Page permission in the space permissions. 

      There's no way to do this on a page by page basis. 

      09 Mar 2015
  43. User avatar

    Matthias Oddiah

    Hello, is there a limit to the number of users that can be given view access to a page using restrictions? We noticed that once we have given approx. 60 users view rights, it is not possible to open the page restrictions dialog anymore using the padlock icon or "Tools/Restrictions" . If we delete 5 users using "Page information / Page permissions", then the dialog can be opened again. This leads me to believe that there is a limit at 55 users. Can you confirm this and is there a workaround? We are currently using Confluence version 5.4.4

    31 Mar 2015
    1. User avatar

      Hans-Peter Geier

      just curious, why don't you group them?

      31 Mar 2015
      1. User avatar

        Matthias Oddiah

        Our users are not managed locally in Confluence. We connect the users through an external user directory.  It is therefore not possible to add them to local Confluence groups. This is a pain for managing page restrictions but these can only be set at user level.

        31 Mar 2015
        1. User avatar

          Hans-Peter Geier

          there is no limitation (as far as I'm aware) of grouping users from external directory (LDAP) into local groups. We are doing this all the time. (we are also on 5.4.4).  It is also possible to configure the LDAP adapter to import groups from the LDAP, if such exist in your directory.

           

          31 Mar 2015
          1. User avatar

            Matthias Oddiah

            We have a special connector which allows us to use SAP User Management Engine as user directory. Unfortunately it is not possible to add users from this source to local groups. We are able to import groups from SAP but we do not want to manage grouping for page restrictions in SAP.

            31 Mar 2015
  44. User avatar

    Marc

    Hello Community!

    Just one quick question/use case

    1. User X can see a Pagetree with different Pages.
    2. User X clicks on a specific Page from the Pagetree.
    3. User X can't see the contnt of the page, but can reques access.

    As long a I understand that, this only works via the "share" function and if a user clicks on a page link for example. 

    Any ideas on that? Thanks!

    13 May 2015
Powered by Confluence and Scroll Viewport