Permissions
Permissions is used to add rights to the needed users and groups.
Space admins can control the permissions of groups and individuals who can view and edit the space.
- Anonymous access means also search engines like google
- confluence-users is all logged in users (Haka and non-haka who have accounts)
- @csc.fi and similar domain groups include all users of said domain by email.
- Domain groups do not propagate from #-groups, they need to be defined in the wiki space permissions to be effective
https://confluence.atlassian.com/doc/space-permissions-overview-139521.html
Common access should be controlled from Space Tools -> Permissions
Restrictions
Restrictions can be used to limit the existing access given in permissions mentioned above.
Restrictions should not be used if not absolutely necessary. And if they are used, preferred way is to restrict a group and add macro "User list" (Reporting category) on the root of the restricted tree to list the people who have been allowed access to the restricted section.
...
The page title in confluence has a misleading button that typically says "Unrestricted" in the tooltip. This means restrictions, not the actual state of the space permissions.
As stated above, permissions determine the access rights, restrictions only constrain the existing rights further.