I can get a list of permissions from the Confluence REST API (using PythonConfluenceAPI):
p = api.get_space_information(space_key, expand=“permissions”)[‘permissions’]
I get a list of dictionaries, with information about operations and subjects. But there are mismatches between the information from the API, and the permissions displayed in Confluence:
There are operations in the API that are not in the browser (update blogpost).
There are operations in the browser that are not in the API (space export, space admin, mail delete).
There are entries in the API list that have no operation specified at all, and these entries are often duplicated appear multiple times.
What I really want to get is a list of space admins. I’m hoping someone can explain these permission structures the API is giving me.
Hi Ned,
First sorry for the delay! There is a lot public holidays in Sydney recently.
I think you can query as you did then search for operation=“administer” and targetType=“space”. That will give you the user and group can admin current space.
Ziming
I don’t see any entries in the permissions list with operation=“administer”. I see entries with no operation specified at all. Does that have something to do with this? Do I need some kind of super-user permission on the confluence instance to get this information?
On your first point, thanks for bringing up update blogpost; this is a valid bug of an incorrect mapping. I’ve created a public issue here ([CE-1020] - Ecosystem Jira) to track this particular operation.
On your second point, these missing operations were identified a few weeks ago by the team and have since been updated; a fix adding these to the REST endpoint should be rolling out to your cloud instance today. Once that has updated, you should be able to hit that endpoint again, and you’ll see a permission with an operation restrict_content and a target of space, for all users who are space admins.
On your third point; I’ll have to investigate this particular one. I’m unsure of what’s causing that issue at the moment. I’ll link an issue to track once i’ve investigated further.
It looks like getting permissions for a space is fixed. This takes care of point 3: now there are no operation-less duplicated entries. I have entries for “administer space” and “restrict_content space”, for example.
But: now if i try to list spaces with permissions expanded, I get a 500 error from the server.
This url: https://openedx.atlassian.net/wiki/rest/api/space?expand=permissions
Produces a 500 status code with this content: {“statusCode”:500,“message”:“java.lang.IllegalArgumentException: Could not convert space permission : REMOVEOWNCONTENT”}
Hi Ned, it looks like that 500 error is new (as in, in that last release). It’s due to that space containing a legacy permission (was this instance created via importing from a Confluence server instance?). I’ve put a code change in to fix it up, but unfortunately we have a release freeze in effect this coming week because of Atlassian Summit So it’ll get out probably sometime next week. For now, if you create a new space and test with that, I think it probably won’t be affected by that 500 error.
Also, I realised I made a small error before, you are in fact looking for the administer operation, like Ziming said before, not restrict_content.
Thanks, yes, some of these spaces were migrated from a different Confluence (though I’m unsure of the specifics). I had found the “administer” operation, so that’s cool. And I understand about freezes. Good luck with the Summit!
It looks like we are making progress. I can now list the permissions for all of my spaces. Thanks!
But I get a failure further on when trying to get the contents of a space:
Request for 'https://openedx.atlassian.net/wiki/rest/api/space/AN/content?expand=ancestors&start=0&limit=100' failed: status 500
Text response:
{"statusCode":500,"message":"org.springframework.orm.hibernate5.HibernateJdbcException: JDBC exception on Hibernate data access: SQLException for SQL [n/a]; SQL state [25006]; error code [0]; could not execute statement; nested exception is org.hibernate.exception.GenericJDBCException: could not execute statement"}
I’m able to use the same request on other spaces in my wiki, so it’s something particular to that space. Should I start a new discussion thread?
