Skin Editor - Permissions
The Skin Editor Permissions screen allows theme developers to restrict certain functionality to specific user groups.
To set a permission, enter the group name in the appropriate field. You can use
* for wildcard selections:
@spaceadmin-* = any group that begins with 'spaceadmin-'
For multiple groups, use commas to separate:
Skin Selection Restrictions
Default: Any Space Administrator and Site Administrators
This permission allows you to restrict who can select this skin in Select Skin to users—who must also be Space Administrators—in specific user groups.
Site Administrators will always be able to select the skin, regardless of the settings of this permission.
|It is still possible for Space Administrators, and even normal users, to bypass this privilege by using the Use Skin Macro; however, they will not be able to set it as the default skin for their space.|
The most common requirement for this permission is if you have a skin that uses your company design but don’t want to restrict where that design can be used.
Skin Editing Restrictions
Default: Anyone who can access the skin manager
By default, any registered Confluence user can access the Skin Editor; however, Site Administrators can restrict access to the skin manager to people in specific user groups using the options on the Editor Permissions screen—this is a highly recommended task.
Theme developers can further restrict access to specific skins by restricting editing to a specific user group. For example, let’s say the following groups existed:
Bob, Jane, Mark
If you restricted editing to just the Senior Mangers group, only Jane would be able to edit your skin. Bob and Mark, although able to edit other skins in the skin manager, would not be able to edit your skin.
Site Administrators can always edit all skins, regardless of any editing restrictions you set.
|People can still make child skins based on your skin and edit those child skins. If you want to prevent this, restrict who can create child skins to the same user groups as those who can edit your skin.|
In large wikis, there may be a large group of people who can edit skins, and there are many cases where key skins (e.g., master templates or important company skins) need to be restricted to a smaller group of editors. When you restrict editing of your skin, you are also restricting who can change the privileges on your skin.
Panel Editing Restrictions
Default: Anyone who can edit the skin
This permission allows you to restrict who can view and edit the content of panels in the skin—see Panel Content for more information.
Site Administrators can always view and edit panel content, regardless of any editing restrictions you set.
|The panel content is still transmitted to the browser when the skin is opened in the Skin Editor, so anyone with sufficient knowledge could find a way to view the panel content, although they could not make changes to it.|
The most common scenarios for restricting who can edit panel content are as follows: * The panel contains complex code and you don’t want anyone to break it * The code in the panel contains information you would rather other people not see.
If you’re restricting access because of the latter, you need to rethink your strategy. View the answer to the question below.
How to Prevent Anyone from Viewing Panel Content
There are several ways to reliably prevent anyone from viewing your panel content: * Create a User Macro in the AtlassianConfluence Administration Console - these macros can only be viewed and edited by Site Administrators. * Use a Portal or Widget (requires Community Bubbles app) which again requires Site Administration privileges to view and edit. * Create a Java plugin which contains a macro that fulfils your requirements.
Child Skin Restrictions
Default: Anyone who can access the skin manager
This privilege allows you to restrict who can create child skins based on your skin to users in specific user groups. With restrictions in place, anyone who cannot create child skins will see a warning message if they try to create a child skin.
Site Administrators will always be able to create child skins, regardless of the permissions.
|For someone to be able to create child skins in the first place, they must already have access to the Skin Editor, in which case they could also edit your skin to remove this permission. To prevent this, restrict edit privileges to the same groups which you are allowing to create child skins.|
This permission allows you to prevent a child skin, which may look identical to your skin, from overriding various settings and permissions in your skin.
If you restrict which user groups can select the skin, consider adding a note to the skin description to let Space Administrators know who to contact if they need to join that group.
You will need to click the Save button to apply any changes made in the Permissions screen.
What are the 'Use Default' links?
See the Skin Hierarchy page.