The Owner of a Secure Macro may have forgotten to add a user, left the company, or just not be responding to requests for access. Ideally a Space Admin would be able to step in to recover access so that they could grant other access.
We could add a new screen in the Space Admin level to list the Macro, page the macro is on, Users, and Groups and a button to "Recover Access". This would add the requester to the macro's "Users" and allow them to add further users. This action should be logged in the Macro's audit logs.
We have recently delivered a partial of this feature - by making it easier for Confluence administrators and System administrators to recover access. They are now able to authenticate against any Secure Macro. There's also a helpful hint presented to them when visiting any Secure Macro.
We did not pursue with allowing space admins to recover because:
1. It opens up higher risk if a space admin account is compromised, as opposed to Confluence admins (we already know Confluence administrators can login as a normal user and therefore decrypt as the user).
2. Instead of implementing the rest of the features now, we want to learn if this would solve 80% of the problem.