mirror of
https://github.com/BookStackApp/BookStack.git
synced 2026-02-08 11:19:36 +03:00
Role ownership based permissions #101
Reference in New Issue
Block a user
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @riorii on GitHub (May 12, 2016).
It would be nice the possibility of creating groups of users and manage permissions that groups. For example, create Group 1 and 2, with 2 members each, and you give permissions to Group1 to see pages created by a member of any group.
@jonigl commented on GitHub (May 12, 2016):
Hey @riorii ,
You can create some roles for achieve this task.
Best!
Jonathan
@riorii commented on GitHub (May 12, 2016):
Yes but the problem is that, imagine you create role 1 & 2. If you are member of role 1, and you create a book/chapter/page, members from role 2 can see it and there's no way of revoke the view permission from them. I think this is related with #92 issue right?
@ssddanbrown commented on GitHub (May 12, 2016):
@riorii Yes, That seems correct, Although in the latest release you can achieve your example by preventing members of Role2 seeing the book & it's contents by activating permissions on the book and not giving role 2 view access. (So it's kind of a black-listing approach)
This issue you linked to is now complete and as of the next release you'll be able to have roles without any default view permissions then override this on a per-book (Then also chapter or page) basis (As a white-listing approach).
View access depending on fellow role-member ownership is not currently planned as its not been requested before. It would also add a lot of complexity to the permission calculations. If you would like this as a feature just let me know and I'll tag this as 'Open to discussion' so it can sit to gain support otherwise, if the above features would be enough for your use case, this issue can be closed.
@riorii commented on GitHub (May 13, 2016):
@ssddanbrown I tried this using custom permissions and it worked =)
Evenly it would be nice to have the functionality of showing book/chapters/pages based on your role.
Leave this issue as you said, open to discussion, and if it does not have quorum, you can close it.
Thanks!!
@ssddanbrown commented on GitHub (May 13, 2016):
@riorii Awesome, Glad to hear you could sort out your issue with the in-built system.
Cool, I'll add the label and change the issue title to be more specific and we'll see if anyone requests 'role ownership' based permissions.
@fredericmohr commented on GitHub (May 13, 2016):
I sort of had the same problem, and also solved it the same way. The only thing is, that whenever I create a book, it has open permissions by default. To restrict a book to be only visible by my group, I have to check the "use custom permissions" button. I think it would be nice to automatically choose that one (more restrictive) and give users the option to choose a more permissive setting, than the other way around.
Sort of like social media works. Default is share with your friend, but another option you can select is share publicly.
@ssddanbrown commented on GitHub (May 13, 2016):
@fredericmohr As of the next release (v0.10) there will be view permissions at a role level so you will be able to have a more restrictive approach. It just won't be automatic based on fellow role member ownership as it suggested in this issue.
@fredericmohr commented on GitHub (May 13, 2016):
Thanks for the info, I'll look into it when v0.10 is out :)
@galaxyfeeder commented on GitHub (Nov 8, 2017):
Maybe I'm losing something but I think this request should be closed. Right now I think that all the feature requests have been satisfied.
@ssddanbrown commented on GitHub (Aug 4, 2018):
Bit of a late reply but yeah, I think this may be achievable now so closing. Let me know if I am wrong though.