Schedule account expiration #3851

Closed
opened 2026-02-05 07:39:53 +03:00 by OVERLORD · 3 comments
Owner

Originally created by @austozi on GitHub (Jun 12, 2023).

Describe the feature you'd like

I would like for the admin to be able to pre-set an expiration date for any user account to help automate user management. It could be added as a setting under Settings > Users > Edit User. Perhaps it could be implemented as part of the user roles, e.g., when a user account expires, the user is demoted to a lower access level which does not give them access to any content, without erasing/messing up the history of their contributions. Even better, if the access level they are demoted to can be customised, e.g., instead of not being able to access the content at all, grant them read-only access.

Use case: I use BookStack to manage information for a group of users. The users join the group for a pre-determined amount of time (typically 1 year). After that, they leave the group, whereupon their access to the BookStack instance should be revoked. At the moment I am doing this manually, but having to do so manually for multiple users at different times of the year (they join at different times) has become a chore. I basically have to monitor which user leaves when, and remember to log on to BookStack to revoke access for them. If I forget to do it, then the users have access to contents they should no longer have access to. I have only about ~10 users at any one time. It's not the number of users, but the fact that they all have different joining dates (and therefore revocation dates) and the constant turnaround of users, that make this difficult to manage manually.

Describe the benefits this would bring to existing BookStack users

It helps automate user management. Many corporate IT systems do this already, e.g., when you cease to be an employee, your access to the IT systems gets cut immediately, or within a predefined grace period. It saves admin time and effort, and importantly, enhances security by making sure users who should no longer have access cannot continue to access the content.

Can the goal of this request already be achieved via other means?

Short of doing it manually, there is currently no existing way to do it programmatically in BookStack (that I'm aware of).

Have you searched for an existing open/closed issue?

  • I have searched for existing issues and none cover my fundemental request

How long have you been using BookStack?

1 to 5 years

Additional context

No response

Originally created by @austozi on GitHub (Jun 12, 2023). ### Describe the feature you'd like I would like for the admin to be able to pre-set an expiration date for any user account to help automate user management. It could be added as a setting under Settings > Users > Edit User. Perhaps it could be implemented as part of the user roles, e.g., when a user account expires, the user is demoted to a lower access level which does not give them access to any content, without erasing/messing up the history of their contributions. Even better, if the access level they are demoted to can be customised, e.g., instead of not being able to access the content at all, grant them read-only access. Use case: I use BookStack to manage information for a group of users. The users join the group for a pre-determined amount of time (typically 1 year). After that, they leave the group, whereupon their access to the BookStack instance should be revoked. At the moment I am doing this manually, but having to do so manually for multiple users at different times of the year (they join at different times) has become a chore. I basically have to monitor which user leaves when, and remember to log on to BookStack to revoke access for them. If I forget to do it, then the users have access to contents they should no longer have access to. I have only about ~10 users at any one time. It's not the number of users, but the fact that they all have different joining dates (and therefore revocation dates) and the constant turnaround of users, that make this difficult to manage manually. ### Describe the benefits this would bring to existing BookStack users It helps automate user management. Many corporate IT systems do this already, e.g., when you cease to be an employee, your access to the IT systems gets cut immediately, or within a predefined grace period. It saves admin time and effort, and importantly, enhances security by making sure users who should no longer have access cannot continue to access the content. ### Can the goal of this request already be achieved via other means? Short of doing it manually, there is currently no existing way to do it programmatically in BookStack (that I'm aware of). ### Have you searched for an existing open/closed issue? - [X] I have searched for existing issues and none cover my fundemental request ### How long have you been using BookStack? 1 to 5 years ### Additional context _No response_
OVERLORD added the 🔨 Feature Request label 2026-02-05 07:39:53 +03:00
Author
Owner

@ssddanbrown commented on GitHub (Jun 12, 2023):

Thanks for the request @austozi,
This feels like something quite specific though and, with lack of previous request for such a system, not something I'd maybe see as worthwhile supporting in the core project.

Can the goal of this request already be achieved via other means?
Short of doing it manually, there is currently no existing way to do it programmatically in BookStack (that I'm aware of).

There's a couple of options to achieve this:

  • The BookStack REST API supports management of users and roles. You could script your process against the API.
  • With a bit more intensive PHP hackery, you could use the logical theme system to add your own system command or endpoint to do whatever action your desire.

The API would be the best approach IMO, could likely tie it into any wider automation you may already have.

@ssddanbrown commented on GitHub (Jun 12, 2023): Thanks for the request @austozi, This feels like something quite specific though and, with lack of previous request for such a system, not something I'd maybe see as worthwhile supporting in the core project. > Can the goal of this request already be achieved via other means? > Short of doing it manually, there is currently no existing way to do it programmatically in BookStack (that I'm aware of). There's a couple of options to achieve this: - The [BookStack REST API](https://www.bookstackapp.com/docs/admin/hacking-bookstack/#bookstack-api) supports management of users and roles. You could script your process against the API. - With a bit more intensive PHP hackery, you could use the [logical theme system](https://github.com/BookStackApp/BookStack/blob/development/dev/docs/logical-theme-system.md) to add your own system command or endpoint to do whatever action your desire. The API would be the best approach IMO, could likely tie it into any wider automation you may already have.
Author
Owner

@austozi commented on GitHub (Jun 12, 2023):

Thanks for taking the time to reply, @ssddanbrown. I didn't know about the REST API. Sounds like the way forward. I'll investigate it!

@austozi commented on GitHub (Jun 12, 2023): Thanks for taking the time to reply, @ssddanbrown. I didn't know about the REST API. Sounds like the way forward. I'll investigate it!
Author
Owner

@ssddanbrown commented on GitHub (Jun 20, 2023):

I'm going to go ahead and close this off, as per my comments and alternatives above, but if you need any further guidance in using those alternative options feel free to let me know, here or via our discord.

@ssddanbrown commented on GitHub (Jun 20, 2023): I'm going to go ahead and close this off, as per my comments and alternatives above, but if you need any further guidance in using those alternative options feel free to let me know, here or via our discord.
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/BookStack#3851