I’m working on an addon which is trying to read the content of all the pages in a space. However, pages which have restrictions don’t show up when our app hits up the wiki/rest/api/content
endpoint (https://developer.atlassian.com/cloud/confluence/rest/api-group-content/#api-wiki-rest-api-content-get). However, if a user who does have explicit access makes the request, the page is returned. This was confusing to me since our app doesn’t currently ask for ACT_AS_USER
. I’m not sure what the right way to work around this is. Any pointers?
Hi @kashev,
This is a problem we hit with app migrations from server to cloud. We have a ticket here
that covers the details. We don’t have an answer yet, but as you’ve seen the ACT_AS_USER
is the best way to get access to the page. Either that, or you ask your users to add the app user as a user to the pages that need updating.
Regards,
James.
Hi @jrichards , thanks so much for the info! I’m excited that the Atlassian team is working towards a resolution.
If we do go the route of using ACT_AS_USER
, it wasn’t clear to me how to make sure we’re actually getting a list of every page ID. Once we have the page IDs, we can impersonate users to read the page since someone will have view/edit access, but that’s assuming we know which pages to query for.
Thanks,
K
Hi @kashev,
I haven’t tested but do the scopes for SPACE_ADMIN
and ADMIN
give you what you need?
James.
Hi @jrichards, unfortunately no. Even with ADMIN
(which based on my reading of this page, implies SPACE_ADMIN
) the results of a GET
to rest/api/content
from our app, even when we’re using authenticatedAsAddon()
, seem to be filtered by the @AuthenticationPrincipal
who precipitated the request.
Hi @kashev,
Thanks for the update. I sorry but you’ll have to wait for [MIG-837] Apps can't access restricted content in Confluence Cloud - Create and track feature requests for Atlassian products. to be fixed. Otherwise, working out some use driven method to update the pages.
You can comment on, vote for and watch the bug report. It helps give it visibility.
Regards,
James.
Thank you @jrichards for your help! One last question – I’m wondering if, to help explain to users the situation, it’s possible to use whatever API generates the list of restricted pages that Space Admins can see by navigating to $CONFLUENCE_URL/wiki/pages/listpermissionpages.action?key=FOO
, that looks like this:
I can’t find an endpoint in https://developer.atlassian.com/cloud/confluence/rest that seems to do it.
Hi @kashev,
I had a look at this page is rendered in HTML before being sent, so I don’t think there’s a corresponding REST api as it’s not a React page. There’s no magic I can see we can do with calls direct to the back end.
Regards,
James.