Confluence Database Query to Find All Users Without Space or Content Access

Platform is Confluence 7.19.8 hosted on MySQL for context.

I am looking for a single query that finds all users with access to the Confluence application itself, but without permissions to view any spaces or content at all, with the exception of spaces or content shared with the user group that grants them access to the Confluence application in the first place.  I realize this is a very specific use case but we are in the process of purging users, and users that meet this criteria are subject to removal.

This is what I have so far, which I believe filters out spaces with anonymous access as well, but does not take into account individual content pages (i.e. does not select from the content_perm table):

SELECT c.user_name, c.display_name, p.spaceid, p.permgroupname, p.permusername, p.permtype
FROM cwd_user c
JOIN cwd_membership m ON c.id = m.child_user_id
JOIN cwd_group g ON m.parent_id = g.id
JOIN user_mapping um ON c.user_name = um.username
JOIN cwd_directory d ON c.directory_id = d.id
LEFT JOIN spacepermissions p ON um.user_key = p.permusername
    OR g.group_name = p.permgroupname
WHERE p.permusername IS NULL
    AND (p.permgroupname IN (SELECT DISTINCT permgroupname FROM spacepermissions WHERE (permtype = 'USECONFLUENCE' OR permtype = 'ADMINISTRATECONFLUENCE') AND permgroupname IS NOT NULL)
    OR p.permgroupname IS NULL)
    AND p.spaceid NOT IN (SELECT spaceid FROM spacepermissions WHERE permtype = 'VIEWSPACE' AND permusername IS NULL AND permgroupname IS NULL AND permalluserssubject IS NULL)
    AND c.active = 'T'
    AND d.active = 'T'
ORDER BY c.user_name;

If checking content permissions has to be a separate query, that would be fine as well.  But I have not yet been able to find a query that works.  This current one returns users that have permissions to view spaces and I can't figure out why.

Does anyone have any suggestions?