Atlassian3Python_logo_and_wordmark.svg

Recently, during a painful Confluence instance merge/migration, I needed a way to address messed up space permissions.  We won’t get into why they were messed up, but a little better group alignment before the merge would have been helpful.  Anyway, there was no turning back and I needed to be able to fix spaces that were rendered inaccessible because of bad groups and a different set of global permissions.  Python and the XML-RPC API to the rescue!  Using the Confluence remote API reference, I was able to relatively quickly whip up a script that can be used to assign restricted content a default set of permissions.

Usage example:

The user needs to have administrative rights in your instance.

$ python update-page-permissions.py "adam.martin" "Password1" "EX" "Example Page"

The Script

Use this to set confluence-administrators as the default for view and edit permissions. Don’t forget to set the wikiURL variable to your Confluence instance.

#!/usr/bin/python
from __future__ import with_statement
import sys, string, xmlrpclib, re, os
# If user didn't provide the right args
if len(sys.argv) < 5:
  exit("Usage: " + sys.argv[0] + " username password spacekey pagetitle");
username = sys.argv[1];
password = sys.argv[2];
spacekey = sys.argv[3];
pagetitle = sys.argv[4];
# PRODUCTION Confluence
# wikiURL = 'http://example.com/rpc/xmlrpc'
# TEST Confluence
wikiURL = 'http://example-dev.com/rpc/xmlrpc';
server = xmlrpclib.ServerProxy(wikiURL);
token = server.confluence2.login(username, password);
page = server.confluence2.getPage(token, spacekey, pagetitle);
# If Page not found
if page is None:
  exit("Could not find page " + spacekey + ":" + pagetitle);
# Get the current permissions on the page
allPermissions = server.confluence2.getContentPermissionSets(token, page['id']);
print '---ORIGINAL RESTRICTIONS---';
print allPermissions;
print '--- UPDATING ' + wikiURL + '....';
print '--- SPACE = ' + spacekey;
print '--- PAGE = ' + pagetitle;
print '--- PAGEID = ' + page['id'];
print '********************************************************************************';
server.confluence2.setContentPermissions(token, page['id'], 'View', [{'groupName': 'confluence-administrators', 'type':'View'}]);
server.confluence2.setContentPermissions(token, page['id'], 'Edit', [{'groupName': 'confluence-administrators'}]);
allPermissions = server.confluence2.getContentPermissionSets(token, page['id']);
viewPermissions = server.confluence2.getContentPermissionSet(token, page['id'], 'View');
editPermissions = server.confluence2.getContentPermissionSet(token, page['id'], 'Edit');
print "---NEW RESTRICTIONS---";
print allPermissions;
print "---NEW VIEW RESTRICTION---";
print viewPermissions['contentPermissions'][0];
print "---NEW EDIT RESTRICTION---";
print editPermissions['contentPermissions'][0];
print "---DONE---";

Expected output

---ORIGINAL PERMISSIONS--
[{'contentPermissions': [{'userName': 'efunkhouser', 'type': 'View'}], 'type': 'View'}, {'contentPermissions': [{'userName': 'efunkhouser', 'type': 'Edit'}], 'type': 'Edit'}]
--- UPDATING http://example-dev.com/rpc/xmlrpc....
--- SPACE = EX
--- PAGE = Example Page
--- PAGEID = 55577494
********************************************************************************
---NEW RESTRICTIONS---
[{'contentPermissions': [{'groupName': 'confluence-administrators', 'type': 'View'}], 'type': 'View'}, {'contentPermissions': [{'groupName': 'confluence-administrators', 'type': 'Edit'}], 'type': 'Edit'}]
---NEW VIEW RESTRICTION---
{'groupName': 'confluence-administrators', 'type': 'View'}
---NEW EDIT RESTRICTION---
{'groupName': 'confluence-administrators', 'type': 'Edit'}
---DONE---

Maybe not the best solution, but it works, and it’s a good skeleton to adapt for other uses.  Check out the Confluence remote API reference for the methods. Hopefully this will help someone else out!