Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How do I remove the 'adding comments' from anonymous users?

Dick Visser
Dick Visser January 8, 2014

As it says on the tin. We have dozens of publicly viewable spaces, most of them have anonymous comments enabled. This was OK for years, but eventually spammers found this hole.

Even with CAPTCHA enabled a lot of spam comments are manually put in (almost all from China, Russia, India, Venezuele, India).

Thus, the time has now come to disable anonymous comments.

Because we have so many spaces, I'm looking for an automated way to remove the privileges from all spaces. Is this possibel? SQL is no problem here.

Thanks

Answer
Watch
Like Be the first to like this
1685 views

4 answers

1 vote
Matthew J. Horn
Matthew J. Horn
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 8, 2014

I do it by editing the Comment Layout decorator and adding a check: if the user is not logged in, then the comments area doesn't show up. Instead, I prompt them to log in. Here's the code:

#if ($permissionHelper.canComment($remoteUser, $page))
  ## comment code here
#elseif (!$permissionHelper.canComment($remoteUser, $page))
  #set($targetPage = "/login.action?os_destination=" + $generalUtil.urlEncode($page.getUrlPath()))
  You must <a href="$targetPage">log in</a> to comment.
#end

hth,

matt

Reply
0 votes
Peter Vojtech
Peter Vojtech August 27, 2018

While it's only hiding comments from anon. users, this is a way to achieve this:

https://confluence.atlassian.com/confkb/how-to-hide-page-tools-and-comments-section-for-anonymous-users-in-confluence-697139365.html

Reply
0 votes
Dick Visser
Dick Visser January 8, 2014

I already had a look at the spacepermissions table and came up with:

DELETE FROM spacepermissions WHERE permtype = 'COMMENT' AND permusername IS NULL and permgroupname IS NULL;

That seemed to do the trick.

I'll have a look at the CLI stuff because that seem to be a better abstraction layer then plain SQL.

Thanks!!

View More Comments
Bob Swift OSS (Bob Swift Atlassian Apps)
Bob Swift OSS (Bob Swift Atlassian Apps)
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 8, 2014

You have to be careful with the SQL approach not to corrupt your database (from a Confluence perspective). You should also not do SQL on a live server. For some things, you may be able to get away with it and it is hard to know what cases those are or if it changes from one release to another :(.

Like
Dick Visser
Dick Visser January 8, 2014

You're right. I just found out that my SQL solution in fact did NOT work.

Or, not any more. I swear that the anonymous comment was gone when I applied the commands, but several hours later it's there again. Even though the permissions manager shows a red cross.

If I manually enable all permissions, then disable, then it works.

I'll try the CLI tools now.

Like
Reply
0 votes
Bob Swift OSS (Bob Swift Atlassian Apps)
Bob Swift OSS (Bob Swift Atlassian Apps)
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 8, 2014

Yes, easy to do with Confluence Command Line Interface. Use the removePermissions action specifying the space. Use in combination with runFromSpaceList like so:

--action runFromSpaceList --common "--action removePermissions --space @space@ --userId anonymous --permissions comment"

If you don't need it for all space, there are other techniques to subset the list (regex) or just use a specific list with runFromList

Furthermore, you can view your permission settings across all your spaces with this example output: getSpacePermissionList

Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events