Allow granular item-level permission control #3443

New Issue

Open

opened 2026-02-05 06:44:33 +03:00 by OVERLORD · 4 comments

OVERLORD commented 2026-02-05 06:44:33 +03:00

Owner

Copy Link

Originally created by @at-ng on GitHub (Jan 12, 2023).

Describe the feature you'd like

For now you can set either of these two:

• Manage all book, chapter & page permissions

• Manage permissions on own book, chapter & pages

But I think there is room for something in between here. For example "Manage permissions on book, chapter & pages you allowed to update".

Another way this could be solved would be to change how ownership works so that you can have multiple owners, a group, or a role could be an owner instead. Then the "Manage permissions on own book, chapter & pages" option could be enough.

Describe the benefits this would bring to existing BookStack users

I think this would be good for all users that has multiple people responsible for a book. Since then you can't use Owner as the restriction and have to resort to allowing people to edit all permissions.

Can the goal of this request already be achieved via other means?

No, I think you are either limited to only letting the owner edit permissions or allowing users to edit all permissions.

Have you searched for an existing open/closed issue?

• I have searched for existing issues and none cover my fundemental request

How long have you been using BookStack?

0 to 6 months

Additional context

Probably not a super important feature as it's only a problem when more than one person is responsible for a book (and permissions is not something you change very often) but I figured it was worth having an issue for it.

Originally created by @at-ng on GitHub (Jan 12, 2023). ### Describe the feature you'd like For now you can set either of these two: - [ ] Manage all book, chapter & page permissions - [ ] Manage permissions on own book, chapter & pages But I think there is room for something in between here. For example "Manage permissions on book, chapter & pages you allowed to update". Another way this could be solved would be to change how ownership works so that you can have multiple owners, a group, or a role could be an owner instead. Then the "Manage permissions on own book, chapter & pages" option could be enough. ### Describe the benefits this would bring to existing BookStack users I think this would be good for all users that has multiple people responsible for a book. Since then you can't use Owner as the restriction and have to resort to allowing people to edit all permissions. ### Can the goal of this request already be achieved via other means? No, I think you are either limited to only letting the owner edit permissions or allowing users to edit all permissions. ### Have you searched for an existing open/closed issue? - [X] I have searched for existing issues and none cover my fundemental request ### How long have you been using BookStack? 0 to 6 months ### Additional context Probably not a super important feature as it's only a problem when more than one person is responsible for a book (and permissions is not something you change very often) but I figured it was worth having an issue for it.

OVERLORD added the 🔨 Feature Request label 2026-02-05 06:44:33 +03:00

OVERLORD commented 2026-02-05 06:44:36 +03:00

Author

Owner

Copy Link

@adamzvolanek commented on GitHub (May 4, 2023):

I concur, it would be nice to set permission on a per {book, chapter & pages} level based on role.

My example use-case is you can have a public facing BookStack instance with certain pages restricted from view, however authenticated user's can view the same pages with the content present.

@adamzvolanek commented on GitHub (May 4, 2023): I concur, it would be nice to set permission on a per {book, chapter & pages} level based on role. My example use-case is you can have a public facing BookStack instance with certain pages restricted from view, however authenticated user's can view the same pages with the content present.

OVERLORD commented 2026-02-05 06:44:40 +03:00

Author

Owner

Copy Link

@at-ng commented on GitHub (May 4, 2023):

I concur, it would be nice to set permission on a per {book, chapter & pages} level based on role.

My example use-case is you can have a public facing BookStack instance with certain pages restricted from view, however authenticated user's can view the same pages with the content present.

This issue is not about setting permissions but who is allowed to set permissions on an item. E.g. I want people who are allowed to update a book to be able to set it's permissions but not update permissions of books they are not allowed to update.

Books, chapter and pages already have the option of settings permissions per role.

@at-ng commented on GitHub (May 4, 2023): > I concur, it would be nice to set permission on a per {book, chapter & pages} level based on role. > > My example use-case is you can have a public facing BookStack instance with certain pages restricted from view, however authenticated user's can view the same pages with the content present. This issue is not about setting permissions but who is allowed to set permissions on an item. E.g. I want people who are allowed to update a book to be able to set it's permissions but not update permissions of books they are not allowed to update. [Books, chapter and pages already have the option of settings permissions per role.](https://www.bookstackapp.com/docs/user/roles-and-permissions/)

OVERLORD commented 2026-02-05 06:44:44 +03:00

Author

Owner

Copy Link

@matthias4217 commented on GitHub (May 26, 2023):

Being able to set the owner as being a role or group of people would be great. We have several books which should be owned by several people.

@matthias4217 commented on GitHub (May 26, 2023): Being able to set the owner as being a role or group of people would be great. We have several books which should be owned by several people.

OVERLORD commented 2026-02-05 06:44:47 +03:00

Author

Owner

Copy Link

@Coros commented on GitHub (Jun 21, 2023):

Adding another request here. We have several books that should own/managed by their respective role/groups. Currently only one member of each book can manage the permissions on the book itself. The ability to set their role(s) as the owner, or add a new grantable right to manage permissions on an object, would solve this problem.

@Coros commented on GitHub (Jun 21, 2023): Adding another request here. We have several books that should own/managed by their respective role/groups. Currently only one member of each book can manage the permissions on the book itself. The ability to set their role(s) as the owner, or add a new grantable right to manage permissions on an object, would solve this problem.

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

development

l10n_development

release

llm_only

vectors

v25-11

docker_env

drawio_rendering

user_permissions

ldap_host_failover

svg_image

prosemirror

captcha_example

fix/video-export

v25.12.3

v25.12.2

v25.12.1

v25.12

v25.11.6

v25.11.5

v25.11.4

v24.11.4

v25.11.3

v25.11.2

v25.11.1

v25.11

v25.07.3

v25.07.2

v25.07.1

v25.07

v25.05.2

v25.05.1

v25.05

v25.02.5

v25.02.4

v25.02.3

v25.02.2

v25.02.1

v25.02

v24.12.1

v24.12

v24.10.3

v24.10.2

v24.10.1

v24.10

v24.05.4

v24.05.3

v24.05.2

v24.05.1

v24.05

v24.02.3

v24.02.2

v24.02.1

v24.02

v23.12.3

v23.12.2

v23.12.1

v23.12

v23.10.4

v23.10.3

v23.10.2

v23.10.1

v23.10

v23.08.3

v23.08.2

v23.08.1

v23.08

v23.06.2

v23.06.1

v23.06

v23.05.2

v23.05.1

v23.05

v23.02.3

v23.02.2

v23.02.1

v23.02

v23.01.1

v23.01

v22.11.1

v22.11

v22.10.2

v22.10.1

v22.10

v22.09.1

v22.09

v22.07.3

v22.07.2

v22.07.1

v22.07

v22.06.2

v22.06.1

v22.06

v22.04.2

v22.04.1

v22.04

v22.03.1

v22.03

v22.02.3

v22.02.2

v22.02.1

v22.02

v21.12.5

v21.12.4

v21.12.3

v21.12.2

v21.12.1

v21.12

v21.11.3

v21.11.2

v21.11.1

v21.11

v21.10.3

v21.10.2

v21.10.1

v21.10

v21.08.6

v21.08.5

v21.08.4

v21.08.3

v21.08.2

v21.08.1

v21.08

v21.05.4

v21.05.3

v21.05.2

v21.05.1

v21.05

v21.04.6

v21.04.5

v21.04.4

v21.04.3

v21.04.2

v21.04.1

v21.04

v0.31.8

v0.31.7

v0.31.6

v0.31.5

v0.31.4

v0.31.3

v0.31.2

v0.31.1

v0.31.0

v0.30.7

v0.30.6

v0.30.5

v0.30.4

v0.30.3

v0.30.2

v0.30.1

v0.30.0

v0.29.3

v0.29.2

v0.29.1

v0.29.0

v0.28.3

v0.28.2

v0.28.1

v0.28.0

v0.27.5

v0.27.4

v0.27.3

v0.27.2

v0.27.1

v0.27

v0.26.4

v0.26.3

v0.26.2

v0.26.1

v0.26.0

v0.25.5

v0.25.4

v0.25.3

v0.25.2

v0.25.1

v0.25.0

v0.24.3

v0.24.2

v0.24.1

v0.24.0

v0.23.2

v0.23.1

v0.23.0

v0.22.0

v0.21.0

v0.20.3

v0.20.2

v0.20.1

v0.20.0

v0.19.0

v0.18.5

v0.18.4

v0.18.3

v0.18.2

v0.18.1

v0.18.0

v0.17.4

v0.17.3

v0.17.2

v0.17.1

v0.17.0

v0.16.3

v0.16.2

v0.16.1

v0.16.0

v0.15.3

v0.15.2

v0.15.1

v0.15.0

v0.14.3

v0.14.2

v0.14.1

v0.14.0

v0.13.1

v0.13.0

v0.12.2

v0.12.1

v0.12.0

v0.11.2

v0.11.1

v0.11.0

v0.10.0

v0.9.3

v0.9.2

v0.9.1

v0.9.0

v0.8.2

v0.8.1

v0.8.0

v0.7.6

v0.7.5

v0.7.4

v0.7.3

0.7.2

v.0.7.1

v0.7.0

v0.6.3

v0.6.2

v0.6.1

v0.6.0

v0.5.0

Labels

Clear labels

🎨 Design

📖 Docs Update

🐛 Bug

🐛 Bug

:cat2:🐈 Possible duplicate

💿 Database

☕ Open to discussion

💻 Front-End

🐕 Support

🚪 Authentication

🌍 Translations

🔌 API Task

🏭 Back-End

⛲ Upstream

🔨 Feature Request

🛠️ Enhancement

🛠️ Enhancement

🛠️ Enhancement

❤️ Happy feedback

🔒 Security

🔍 Pending Validation

💆 UX

📝 WYSIWYG Editor

🌔 Out of scope

🔩 API Request

:octocat: Admin/Meta

🖌️ View Customization

❓ Question

🚀 Priority

🛡️ Blocked

🚚 Export System

♿ A11y

🔧 Maintenance

> Markdown Editor

pull-request

Mirrored from GitHub Pull Request

No Label 🔨 Feature Request

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

OVERLORD

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/BookStack#3443