Which features are being secured by Space Privacy?
Our App aims to secure every standard Confluence UI and interface, that were not added by third-party-Apps. Some third-party-Apps are being supported, if they use standard interfaces (e.g. for user search). In any other cases we kindly ask you to inform us about problems with third-party-Apps, so that we can evaluate possible solutions. (https://seibert.biz/Apphelp)
Space Privacy not only secures content via Confluence permissions. It also makes sure, that only users who share at least on extranet space, can see each other on the system. For content permissions the App uses and manages Confluence Space permissions. You don’t have to assign your own permissions in extranet spaces, this would even be counterproductive, because it skips the extranet user administration.
The restriction of the visibility of users is only made possible by mechanisms of our App. Thus, deactivating the App makes all users visible again. Assigned content permissions on the other hand remain the same.
The following points should help to understand our security concept.
- Visibility of extranet users is bidirectional except for administrative roles (confluence administrator, extranet administrator, extranet user administrator). If user Alice can see user Bob, user Bob can see user Alice. The administrator Charlie can see Alice and Bob, even though they might not share an extranet space.
- Visibilities are different for global features (user profile, search, user directory) and space features (@-mention, share page).
- In global features (user profile, search, user directory) a extranet user can see every user, whom he shares an extranet space with. Alice is assigned to extranet spaces A and C, Bob to B and C. That’s why they find each other using search, or look at each others profiles.
- In space features (@-mention, share page) a user can only interact with extranet users, that are also assigned to this extranet space. Alice is assigned to extranet spaces A and C, Bob to B and C. They can both mention each other in extranet space C via @-mention and share pages, but not in extranet space A and B.
You can find more information regarding global and space features in sections "What are global features and which of them are secured?" and "What are space features and which of them are secured?".