mirror of
https://github.com/BookStackApp/BookStack.git
synced 2026-02-09 19:06:13 +03:00
Share bookstack account - disable profile settings for this user #1753
Reference in New Issue
Block a user
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @potentialdiffer on GitHub (Jun 1, 2020).
Describe the feature you'd like
I would like to share a bookstack account between various people, that only need to read certain books. I do not want them to be able to change the password or anything else. They should only be able to login with a predefined username and password.
Describe the benefits this feature would bring to BookStack users
As for me, I want to give one login to a group of people (e.g. school class), with that they can login and access material. But any member of that group is not able to change the user settings.
Additional context
I do not want to make the whole site public, which would obviously kind of solve this problem. But I want the people to authenticate and only be able to access the content.
What would be the most convenient way to implement this? For now, I would be fine with just setting the display attribute of the "edit profile" and "view profile" to none.
Eventually it is already possible to achieve this with the current features of bookstack, but i do not know how.
Thanks!
@ssddanbrown commented on GitHub (Jun 21, 2020):
Hi @potentialdiffer,
I probably wouldn't want to build this in as a feature, since the use-case here is very specific.
If you want to hide the "edit profile" and "view profile" then you could do so, globally, via some CSS the "Custom HTML Head" setting. this would apply for all users. Let me know if you need an example for that.
Otherwise, You could potentially make the site public but add a layer of web server authentication over the top? I know both Nginx and Apache support "Basic Authentication". It would mean that you'd essentially need to login twice though (Login to webserver basic auth, then BookStack).
@ssddanbrown commented on GitHub (Jul 11, 2020):
Since there has been no followup on this I'll close this off.
@Premadness commented on GitHub (Jul 31, 2023):
Is it not possible to create a similar user to the default guest user but enable on password login that an admin can define?
I do want my database for example be "public" but only for people within my organisation that know about the visitor account
@ssddanbrown commented on GitHub (Aug 2, 2023):
@Premadness No, I don't really understand how that would be different to a normal user account to be honest.
@Premadness commented on GitHub (Aug 2, 2023):
A shared user account that needs to login to prevent complete public access however deny the possibility to change the user profile.
I dont want anyone to be able to view my database except for people in my organisation and i assume that people prefer to login with a simple setup visitor account to quickly look something up instead of needing to create their own personalised account.
A complete user option overhaul is too much ofcourse.
But is it possible to hide and lock information for a specific user the same way the guest account is locked?
@ssddanbrown commented on GitHub (Aug 2, 2023):
@Premadness You can manage access to content via roles and permissions.
You can't lock out specific functionality (without hacks or hiding via CSS as suggested above) like user options and preferences though.