Permission Question #3942

New Issue

OVERLORD · 2026-02-05T07:55:15+03:00

OVERLORD commented

2026-02-05 07:55:15 +03:00

Originally created by @wedowhateverwewant on GitHub (Jul 27, 2023).

Attempted Debugging

I have read the debugging page

Searched GitHub Issues

I have searched GitHub for the issue.

Describe the Scenario

So I get that you create roles and add members to group, then add that role to the shelves, but then the permissions don't cascade down to the books and chapters and pages unless you do the " copy permission" is there a way to have whatever permission shelve has apply to everything under it to NEW and existing items automatically ? some sort of script or is there an option ?

Exact BookStack Version

v23.06.2

Log Content

No response

PHP Version

No response

Hosting Environment

Docker Compose
Nginx Proxy Manager
Bookstack
SAML2 for SSO

Originally created by @wedowhateverwewant on GitHub (Jul 27, 2023). ### Attempted Debugging - [X] I have read the debugging page ### Searched GitHub Issues - [X] I have searched GitHub for the issue. ### Describe the Scenario So I get that you create roles and add members to group, then add that role to the shelves, but then the permissions don't cascade down to the books and chapters and pages unless you do the " copy permission" is there a way to have whatever permission shelve has apply to everything under it to NEW and existing items automatically ? some sort of script or is there an option ? ### Exact BookStack Version v23.06.2 ### Log Content _No response_ ### PHP Version _No response_ ### Hosting Environment Docker Compose Nginx Proxy Manager Bookstack SAML2 for SSO

OVERLORD added the 🐕 Support label 2026-02-05 07:55:15 +03:00

OVERLORD closed this issue

2026-02-05 07:55:17 +03:00

OVERLORD commented

2026-02-05 07:55:19 +03:00

@ssddanbrown commented on GitHub (Jul 27, 2023):

There's no in-platform automatic way. Open request in #1596.

There is a "Copy Shelf Permission" command which can do this externally from command line (including being scheduled if desired). This can run on all shelves in the system. Just be aware that books on multiple shelves will only get the permissions from one of the shelves (Whichever runs through the process later).

Alternatively, if you have some PHP skills, you could listen to book creation events via the logical theme system then trigger this process upon such events.

@ssddanbrown commented on GitHub (Jul 27, 2023): There's no in-platform automatic way. Open request in #1596. There is a ["Copy Shelf Permission" command](https://www.bookstackapp.com/docs/admin/commands/#copy-shelf-permission) which can do this externally from command line (including being scheduled if desired). This can run on all shelves in the system. Just be aware that books on multiple shelves will only get the permissions from one of the shelves (Whichever runs through the process later). Alternatively, if you have some PHP skills, you could listen to book creation events via the [logical theme system](https://github.com/BookStackApp/BookStack/blob/development/dev/docs/logical-theme-system.md) then trigger this process upon such events.

OVERLORD commented

2026-02-05 07:55:24 +03:00

@wedowhateverwewant commented on GitHub (Jul 27, 2023):

okay thanks for the info. however if one edits and makes some changes to php files and afterward theres an update to bookstack does that update erase the past changes ?

@wedowhateverwewant commented on GitHub (Jul 27, 2023): okay thanks for the info. however if one edits and makes some changes to php files and afterward theres an update to bookstack does that update erase the past changes ?

OVERLORD commented

2026-02-05 07:55:25 +03:00

@ssddanbrown commented on GitHub (Jul 27, 2023):

If you're making changes to core app files, then yes, that may conflict with git during update (on a normal install) or be wiped (if in a docker container).

The logical theme system allows customizations outside of core app files, so they run as an extension to the platform.
This may still conflict with updates (if your logic is depending on internal code that's changed) but the changes should persist and they can be toggled off via "toggling off" (removing the option) the theme. They wouldn't stop the updates or be lost in the say way as changing core app files.

@ssddanbrown commented on GitHub (Jul 27, 2023): If you're making changes to core app files, then yes, that may conflict with git during update (on a normal install) or be wiped (if in a docker container). The logical theme system allows customizations outside of core app files, so they run as an extension to the platform. This may still conflict with updates (if your logic is depending on internal code that's changed) but the changes should persist and they can be toggled off via "toggling off" (removing the option) the theme. They wouldn't stop the updates or be lost in the say way as changing core app files.

OVERLORD commented

2026-02-05 07:55:30 +03:00

@wedowhateverwewant commented on GitHub (Jul 27, 2023):

okay this makes sense, thanks

@wedowhateverwewant commented on GitHub (Jul 27, 2023): okay this makes sense, thanks

OVERLORD commented

2026-02-05 07:55:34 +03:00

@Sulkar commented on GitHub (Feb 24, 2024):

Hello, thanks for the hint. I managed to achieve the result with the following code in the theme's functions.php.

Theme::listen(ThemeEvents::ACTIVITY_LOGGED, function (string $activityType, $detail) {

    $validTypes = [ActivityType::BOOK_CREATE];
    if (!in_array($activityType, $validTypes)) {
        return;
    }

    if ($detail instanceof Book) {
        $contextBookshelfId = session()->get('context_bookshelf_id', null);
        $shelf = Bookshelf::visible()->find($contextBookshelfId);
        if ($shelf) {
            $shelfPermissions = $shelf->permissions()->get(['role_id', 'view', 'create', 'update', 'delete'])->toArray();
            $detail->permissions()->delete();
            $detail->permissions()->createMany($shelfPermissions);
            $detail->rebuildPermissions();
        }
    }
});

@Sulkar commented on GitHub (Feb 24, 2024): Hello, thanks for the hint. I managed to achieve the result with the following code in the theme's functions.php. ```php Theme::listen(ThemeEvents::ACTIVITY_LOGGED, function (string $activityType, $detail) { $validTypes = [ActivityType::BOOK_CREATE]; if (!in_array($activityType, $validTypes)) { return; } if ($detail instanceof Book) { $contextBookshelfId = session()->get('context_bookshelf_id', null); $shelf = Bookshelf::visible()->find($contextBookshelfId); if ($shelf) { $shelfPermissions = $shelf->permissions()->get(['role_id', 'view', 'create', 'update', 'delete'])->toArray(); $detail->permissions()->delete(); $detail->permissions()->createMany($shelfPermissions); $detail->rebuildPermissions(); } } }); ```

Sign in to join this conversation.

Branches Tags

development

l10n_development

release

v26-03

ci_fixing

codeberg-actions

lexical_may_2026

MilnerMart/development

sort_rule_text

GamerClassN7/impersonations-for-admin

Zhey-on/feature/csp-image-css-controls-6033

tortillas5/development

clauvaldez/mfaReset

llm_only

vectors

McTom234/oidc-key-algorithms

docker_env

drawio_rendering

user_permissions

ldap_host_failover

svg_image

prosemirror

captcha_example

fix/video-export

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/BookStack#3942