App scope and permissions

Global scope and permissions

 

Each app for Confluence Cloud (like Comala Document Management) has to be configured with a specific scope.

Scopes allow an app to request a particular level of access to an Atlassian product.

This configuration is done automatically when the app is installed. This adds the Comala Document Management app user as an individual user in Global permissions.

cdmc_globalpermissions_app_user.png

The automatic configuration also adds the Comala Document Management app user as an individual user for each space in the Space permissions screen.

The app system user is assigned all individual user permissions for the space except Restrictions Add/Delete, Archive, Delete own, Space Export.

cdm_spacepermissions_appuser.png

Within an instance, a global administrator may decide to further limit the actions that an app may perform

  • changes in scope by a global administrator may affect the global permissions for the app system user and the functioning of the app in the instance

  • changes in the individual space permissions for the app system user (due to either the global change or a space administrator change) may affect the functioning of the app in that space

  • page restrictions added to content prior to applying an app workflow to the content can cause an error

The ability to change the scope and permissions is valuable because it allows administrators to safely install apps that they otherwise would not.

See Troubleshooting.

Pages with page-level restrictions

You must have page-level permission view and edit permission to use the applied workflow.

If the page-level restrictions do not include the Comala Document Management app add-on user, these pages are not processed by an applied workflow, for example, when a page is updated or created.