This tab is accessed from the Layout Manager in Theme Builder 3.0 and above.
The Permissions Tab allows theme developers to restrict certain functionality to specific user groups.
To set a permission, click the "Edit..." button to display the Group dialog:
Simply select the desired groups and click "OK" to grant them the permission. You can select multiple groups by holding down the Ctrl key (on Windows) or the what key? (Apple Mac) when selecting groups.
Default: Any Space Administrator and Site Administrators
This permission allows you to restrict who can select this layout in the Layout Chooser to users (who must also be Space Administrators) in specific user groups.
Site Administrators will always be able to select the layout regardless of the settings of this permission.
It is still possible for Space Administrators and even normal users to bypass this privilege by using the use-layout macro, however they will not be able to set it as the default layout for their space.
The most common requirement for this permission is if you have a layout that's uses your company design, but don't want to restrict where that design can be used.
Default: Anyone who can access the layout manager
By default, any registered Confluence user can access the Layout Manager, however Site Administrators can restrict access to the Layout Manager to people in specific user groups using the options on the Global Permissions Tab (a highly recommended task).
Theme developers can further restrict access to specific layouts by restricting editing to a specific user group.
For example, let's say the following groups existed:
Bob, Jane, Mark
If you restricted editing to just the "Senior Mangers" group, then only Jane would be able to edit your layout. Bob and Mark, although able to edit other layouts in the Layout Manager, would not be able to edit your layout.
Site Administrators can always edit all layouts, regardless of any editing restrictions you set.
People can still make child layouts based on your layout and then edit those child layouts. If you want to prevent this, restrict who can create child layouts to the same user groups as those that can edit your layout.
In large wikis, there may be a large group of people who can edit layouts and there are many cases where key layouts (eg. master templates or important company layouts) need to be restricted to a smaller group of editors.
When you restrict editing of your layout, you are also restricting who can change the privileges on your layout.
Default: Anyone who can edit the layout
This permission allows you to restrict who can view and edit the content of panels (see Panel Content) in the layout.
Users who are prevented from viewing and editing the panel content with this permission can still customise the panel, for example change borders and text styles, using the Panel Editor. However the "Content..." button will disabled preventing them from viewing or editing the wiki notation within the panel.
Site Administrators can always view and edit panel content, regardless of any editing restrictions you set.
The panel content is still transmitted to the browser when the layout is opened in the Layout Manager so anyone with sufficient knowledge could find a way to view the panel content, although they could not make changes to it.
The most common scenarios for restricting who can edit panel content are:
- The panel contains complex wiki notation and you don't want anyone to break it
- The wiki notation in the panel contains information you would rather other people not see.
If you're restricting access because of the latter, you need to rethink your strategy! View the answer to the question below.
There are several ways to reliably prevent anyone from viewing your panel content:
- Create a User Macro in the [AtlassianConfluence:Administration Console] - these macros can be made from wiki notation or HTML (both with optional Velocity templating) and can only be viewed and edited by Site Administrators.
- Use a Portal or Widget (requires Community Bubbles plugin) which again requires Site Administration privileges to view and edit
- Create a Java plugin which contains a macro that fulfils your requirements.
Default: Anyone who can access the Layout Manager
This privilege allows you to restrict who can create child layouts based on your layout to users in specific user groups.
With restrictions in place, anyone who cannot create child layouts will see a warning message if they try and create a child layout either using the Layout Manager Toolbar or if they try to drag an existing layout on to your layout.
Site Administrators will always be able to create child layouts, regardless of the permissions.
For someone to be able to create child layouts in the first place, they must already have access to the Layout Manager in which case they could also edit your layout to remove this permission. To prevent this, restrict edit privileges to the same groups that you are allowing to create child layouts.
This permission allows you to prevent a child layout, which may look identical to your layout, from overriding various settings and permissions in your layout.
If you restrict which user groups can select the layout, consider adding a note to the layout description to let Space Administrators know who to contact if they need to join that group.
Read Layout Hierarchy to find out