Permissions
The Skin Editor Permissions screen allows theme developers to restrict certain functionality to specific user groups.
Setting Permissions
To set a permission, enter the group name in the appropriate field. You can use * for wildcard selections:
@spaceadmin-* = any group that begins with 'spaceadmin-'
For multiple groups, use commas to separate:
@spaceadmin-*, @staff-*
Skin Selection Restrictions
This permission allows you to restrict who can select this skin. You may restrict Select Skin to users—who must also be Space Administrators—in specific user groups.
Select Skin is restricted to Any Space Administrator and Site Administrators by default.
Site Administrators will always be able to select the skin, regardless of the settings of this permission.
It is still possible for Space Administrators, and even normal users, to bypass this privilege by using the Use Skin Macro. However, they will not be able to set it as the default skin for their space.
The most common use for this permission is to have a skin that uses a company design and restrict where that design can be used.
Skin Editing Restrictions
By default, any registered Confluence user can access the Skin Editor. However, Site Administrators can restrict access to the skin manager to people in specific user groups. This is done using the options on the Editor Permissions screen. We highly recommend completing this task.
Theme developers can further restrict access to specific skins by restricting editing to a particular user group. For example, let’s say the following groups existed:
Theme Designers | Senior Managers |
Bob, Jane, Mark | Jane |
If you restricted editing to just the Senior Managers group, only Jane would be able to edit your skin. Although able to edit other skins in the skin manager, Bob and Mark would not be able to edit your skin.
Site Administrators can always edit all skins, regardless of any editing restrictions you set.
People can still make child skins based on your skin and edit those child skins. If you want to prevent this, restrict who can create child skins to the same user groups as those who can edit your skin.
In large wikis, there may be a large group of people who can edit skins, and there are many cases where essential skins, like master templates and other important company skins, need to be restricted to a smaller group of editors. When you restrict editing of your skin, you are also restricting who can change the privileges on your skin.
Panel Editing Restrictions
This permission allows you to restrict who can view and edit the content of panels in the skin—see Panel Content for more information. The default setting allows anyone who can edit the skin to edit the panel.
Site Administrators can always view and edit panel content, regardless of any editing restrictions you set.
The panel content is still transmitted to the browser when the skin is opened in the Skin Editor, so anyone with sufficient knowledge could find a way to view the panel content, although they could not make changes to it.
The most common scenarios for restricting who can edit panel content are as follows:
The panel contains complex code, and you don’t want anyone to break it.
The code in the panel contains information you would rather other people not see.
If you’re restricting access because of the latter, you may need to rethink your strategy. Consider one of the options detailed below.
How to Prevent Anyone from Viewing Panel Content
There are several ways to reliably prevent anyone from viewing your panel content:
Create a User Macro in the Atlassian Confluence Administration Console. These macros can only be viewed and edited by Site Administrators.
Use a Portal or Widget (requires Community Bubbles app), which requires Site Administration privileges to view and edit.
Create a Java plugin that contains a macro that fulfills your requirements.
Child Skin Restrictions
This privilege allows you to restrict who can create child skins to users in specific user groups based on your skin. With restrictions in place, anyone who cannot create child skins will see a warning message if they try to create a child skin. By default, anyone who can access the skin manager may create child skins.
Site Administrators will always be able to create child skins, regardless of the permissions.
For someone to be able to create child skins, they must already have access to the Skin Editor, in which case they could also edit your skin to remove this permission. To prevent this, restrict edit privileges to the same groups you are allowing to create child skins.
This permission allows you to prevent a child skin, which may look identical to your skin, from overriding various settings and permissions in your skin.
If you restrict which user groups can select the skin, consider adding a note to the skin description to let Space Administrators know who to contact if they need to join that group.
You will need to click the Save button to apply any changes made in the Permissions screen.
FAQ
What are the 'Use Default' links?
See the Skin Hierarchy page for more information.