Access Restriction on Page&Children doesn't work

Hi everybody!

i’m running xwiki with contents for our customers. nearly 1 year ago i started documenting stuff for internal purposes inside a page and it’s children. i’m now facing the following issue:

  • i need to restrict the access to the page&children
  • therefore i defined 2 groups that have access (XwikiAdmin and another, custom one) and 2 groups that should not have access (Xwikiall and XwikiAuthor).
  • i “blocked out” all access rights for the last 2 groups like so:
    image

when “onboarding” new users, i put them in the restricted groups, but the users are randomly able to see the restricted contents. I tested with a test user (belonging to XwikiAuthor) and i reproduce the issue.
what am i missing?

thank you kindly for any hint in solving this mistery.

I am having the same issue

Did you read:

SuperAdmins always have access, so you must test with an user that is NOT SuperAdmin

And, to compensate for the information in the link above, I usually create a group that has all rights but no users on any level I set any permissions. This will “block” inheritance for sure.

image

HINT: Always use groups and try to embrace RBAC.

HTH