Content Exporter - Cloud Platform Security

This page is obsolate. Please visit here for the latest documentation: https://metainf.atlassian.net/wiki/display/CEX/Cloud+Platform+Security

IMPORTANT! REALLY, REALLY READ THIS!

Content Exporter - as all addons in Atlassian Cloud - accesses Confluence in the context of a technical user created when you install the addon.

This user needs to have View permission to access the content you want to export. If the export fails, we recommend you make sure that the addon user is authorized to access the pages.

The addon user is called: addon_com.metainf.confluence.plugin.pagetreeexporter.pagetree-word-exporter-plugin

Alternatives for granting Content Exporter to export pages

Add permission space by space

View permission for the Content Exporter user can be added in the Space Admin. See the picture below.

  1. Go to the Space Administration
  2. At the Security section choose Permission
  3. At the Individual Users section grant the Content Exporter user the View permission
    (Name: Content Exporter, Username:addon_com.metainf.confluence.plugin.pagetreeexporter.pagetree-word-exporter-plugin)

Add permission globally

If you have a group (e.g. confluence-users) which has at least read only access to every space, you can add the Content Exporter User to this group.

  1. Go to the Administration
  2. At the User&Security section choose Groups
  3. Select the proper group mentioned above (if you have at least one group having read permission to all of your spaces)
  4. Add the Content Exporter User to the group
    (Name: Content Exporter, Username:addon_com.metainf.confluence.plugin.pagetreeexporter.pagetree-word-exporter-plugin)

No access when restrictions in effect

No access when restrictions in effect

Please note, after adding Content Exporter user to a restricted pages Confluence reindex may needed. If Content Exporter's user to added the view restrictions, but export is still not working, please wait some minutes while Confluence reindexing the content.

Explanation of Atlassian Cloud Platform Security

Atlassian Cloud platform provides customers with maximized security capabilities. This involves Cloud platform addons as well.

When a Cloud Add-on is installed in an Atlassian Cloud application such as Confluence, an addon user is created.

Administrators can add special permissions and privileges to the addon users.

Content Exporter's cloud version can export pages only if its addon user has the same read permissions as the ordinary Confluence user who initiated the export.

For example, if a user can view a page in Confluence, but the Content Exporter user is not granted access to the page, the user will not be able to export it.

Is this a security vulnerability to you?

No. Content Exporter does not make requests to your Confluence instance without a user wanting to export content. 

Confluence in Atlassian Cloud validates every request and respects the user's permissions. This guarantees that Content Exporter will not allow users to export pages they are not authorized to view.