System Admin Documentation
- Denny Miller
- Andy Brook [Plugin People]
Installing CSUM app
If not installed, find CSUM app, start subscription to start the trial. Refresh page on install to see the Configure button referred next.
Accessing CSUM App Configuration
Global System Settings for CSUMCloud can be accessed using the Configure button on the CSUMCloud listing within Manage Apps.
|
Accept app permissions
When the app is first installed, or updates change the permission scheme, you will need to grant the app the permissions listed.
|
To learn more about app scopes, see App Security Scopes.
Once accepted, you’ll see the CSUM config page, the primary requirement here is to provide a valid email address and API token (for the same user). See Configuring the Privileged user credentials for further information.
|
Privileged User Settings
|
The privileged user configuration is required in order to use the CSUM-Cloud app. Without these credentials, CSUM-Cloud has restricted access to the requests that can be made to access or alter Confluence group memberships, permissions, or name.
See Configuring the Privileged user credentials for further information on configuring workaround credentials.
Once entered, the API token is verified, success is indicated by:
Email address
This setting stores the user email used to make elevated privilege requests on behalf of the user, allowing operations such as group membership changes to be executed without the logged in user being a system admin.
API token
This setting stores the user API token used to make elevated privilege requests on behalf of the user, allowing operations such as group membership changes to be executed without the logged in user being a system admin.
Group Settings
The group settings cover the majority of CSUM-Cloud global configuration, including the space group pattern used to match against found groups.
Space Group Pattern
This setting manages which Groups appear in the Groups table in the Space settings integration, and is also used for Group creation and Group rename actions.
Both {SPACEKEY} and {NAME} are overwritten at runtime. The default {SPACEKEY}-{NAME} would find groups matching this pattern (e.g, for a Space with the Space Key as TEST, the default Space Group Pattern will display Groups matching TEST-{NAME}, plus creating a group would automatically place the users input inside {NAME}.
Below are some examples of the default Space Group Pattern to help further explain:
Examples | Action | Result |
|---|---|---|
| Viewing Groups in the Space Groups Table | Groups such as |
| Creating a new group with the name | A new group with the name |
| Renaming an existing group with the name | The new renamed group will be given the name |
As seen, anything outside of the {SPACE} and {NAME} match patterns will always be included when creating or renaming groups.
Pattern Matches for groups with similar names
Due to the behaviour of the Confluence Cloud REST API, finding groups matching a given value will match against any groups with the included term. What this means, if you have multiple projects with similar keys (E.g. PROJECT and NEWPROJECT), the rest API would show groups matching the pattern for NEWPROJECT when accessing the app through space PROJECT.
Space Group Pattern matching is case-insensitive.
To avoid groups meant for one space being visible in another space, exact match filtering is performed to ignore groups that do not match. Any groups that are filtered will be excluded from the space groups table (along with also being excluded from space-restricted group search select fields). Groups are still counted as part of the paged response to retain pagination behaviour.
Space Group Actions Permitted
When this setting is On, it allows Space Admins to perform Actions on the Space Settings page.
When this setting is Off, the Space Settings integration will display the following:
|
Delegated Group Actions Permitted
This feature is currently being reviewed and has not been fully implemented. Toggling this setting does not currently affect CSUMCloud performance.
Maximum Users to process at a time
This setting limits the total count of Users that can be managed in a single action (An action denotes Add/Remove User(s) or Group Member(s)). By default, the value is set to 0, which removes the limit for Users actions at one time.
Maximum Groups to process at a time
This setting limits the total count of Groups that can be managed in a single action (An action denotes Add/Remove User(s) or Group Member(s)). By default, the value is set to 0, which removes the limit for Group actions at one time.
Restrict space groups
This feature is intensive and may result in performance impact when searching for groups due to additional requests being made.
If you are unsure if you require this setting, it is advised to keep it disabled, and to refine permitted user operations using Permissions.
This setting filters the groups shown select drop-downs (used in the Add/Remove users space operations) to only allow group membership manipulation for space groups matching the given space group criteria.
For example, when using CSUM-Cloud in space Test, the ‘Groups to add’ field in the add users screen would only show groups matching the pattern, e.g. Test-group, test-1. Other groups, such as anotherspace-group or admin-group would be filtered out.
User Settings
The user settings provide the option to prevent restricted users from being shown and the option to inhibit user search to improve performance with large datasets.
|
Show Restricted Users
When this setting is Enabled, the User table will display these restricted users, along with an additional Restricted lozenge to distinguish between users. This allows Space Admins to operate with these users. Disabling this setting will remove the users from the table.
Auto Join Groups
This setting allows a selection of Groups to be chosen for Auto-Joining. When a user is added to a group, they will also be added to the selected Auto Join Groups.
User Search Enabled
During Add/Remove user actions, this setting allows Users to be searched, and allows the User table to be searched and filtered. Disabling this setting improves performance for large user instances, but limits Add/Remove user actions to operating via Group membership.
Restrict space users
This setting filters the users shown select drop-downs (used in the Add/Remove users space operations) to only allow group membership manipulation for users that already have .
For example, when using CSUM-Cloud in space Test, the ‘Users to add’ field in the add users screen would only show users that are a member of a group that matches the space group pattern. Any users without membership for a matching space group would be filtered out.
For example, When accessing CSUM-Cloud within the space TEST, if User A is a member of Test-group, but User B is not a member of any group matching the space group pattern, only User A would be shown in the user dropdown. User B is filtered due to lacking group membership.
General Settings
The general settings of the app cover downtime messages to restrict access of the app within space settings, alongside the option to restrict personal space management changes from being made.
|
Allow Personal Space Management
This setting configures the ability for CSUM Cloud to be used within a Users' personal Space. When this setting is Off, the following appears when attempting to access CSUM Cloud from within a Personal Space:
Add-on Enabled
This setting toggles the ability for Space Admins to access CSUM Cloud within a Space. When this setting is Off, the following appears when attempting to access CSUM Cloud from the Space Settings integration:
Deactivated Add-on message
This setting alters the message displayed to Space Admins when attempting to access the app from within the Space settings integration.