Anonymous users can access unpublished versioned pages

Description

This is closed as "Won't fix", because the expectation is against feature specification.
Rationale: To allow anonymous users to view pages in a space you have to allow usage of Confluence by anonymous in general and have to grant the view permission to anonymous for that space.
If you do both and do not set up Scroll roles for authors, consequentially no restrictions are enforced on any pages (by Scroll).

Steps to reproduce:

Activate VSN and create a version
Create a versioned page
Make the space available for anonymous users
Log in as anonymous user and try to access the versioned page (e.g. search or view in hierarchy)

Expected result:

Versioned pages are not displayed for anonymous users

Actual result:

Anonymous users can access the versioned pages via the Confluence search and the "view in hierarchy"
The versioned page is not displayed in Reader view.

Workaround:

Define an author group.

Environment

Confluence 5.8.15, 5.9.7

Linked issues

is related to

VSN-2970

Display warning if anonymous access is enabled in space and Version Management is enabled without authors configured

Activity

Show:

Christoffer Bromberg (K15t) July 29, 2016 at 7:18 PM

As this is intended behaviour, I proposed an improvement https://k15t.jira.com/browse/VSN-2970#icft=VSN-2970 to make aware of the situation.

Won't Fix

Details

Assignee

Unassigned

Reporter

Sync User [K15t]

Labels

Backbone Issue Sync

Created March 29, 2016 at 3:33 PM

Updated March 15, 2024 at 10:23 AM

Resolved July 29, 2016 at 6:47 PM

Configure