Add warning when removing default permissions without overrides #4256

New Issue

OVERLORD · 2026-02-05T08:21:58+03:00

OVERLORD commented

2026-02-05 08:21:58 +03:00

Originally created by @aswgxf on GitHub (Oct 3, 2023).

Describe the feature you'd like

I have noticed that if you edit the permissions on an item and uncheck the Inherit defaults box for Everyone Else then save, the item will become inaccessible to everyone, including the Owner of the item, except for the Admins role.

I would like a warning to popup when you attempt to save the permissions that lets the user know that they didn't set any permission overrides, and this may make the item inaccessible to everyone.

Describe the benefits this would bring to existing BookStack users

In a multi user environment, where not everyone is an admin, this would help prevent users from hiding content they own from themselves accidentally.

Can the goal of this request already be achieved via other means?

An alternative solution would be to allow the owner of an item to always have access to at least edit the permissions of it, if not just full permission override. Other than that I am not aware of any way to prevent users from removing their own permissions.

Have you searched for an existing open/closed issue?

I have searched for existing issues and none cover my fundamental request

How long have you been using BookStack?

3 months to 1 year

Additional context

No response

Originally created by @aswgxf on GitHub (Oct 3, 2023). ### Describe the feature you'd like I have noticed that if you edit the permissions on an item and uncheck the Inherit defaults box for Everyone Else then save, the item will become inaccessible to everyone, including the Owner of the item, except for the Admins role. I would like a warning to popup when you attempt to save the permissions that lets the user know that they didn't set any permission overrides, and this may make the item inaccessible to everyone. ### Describe the benefits this would bring to existing BookStack users In a multi user environment, where not everyone is an admin, this would help prevent users from hiding content they own from themselves accidentally. ### Can the goal of this request already be achieved via other means? An alternative solution would be to allow the owner of an item to always have access to at least edit the permissions of it, if not just full permission override. Other than that I am not aware of any way to prevent users from removing their own permissions. ### Have you searched for an existing open/closed issue? - [X] I have searched for existing issues and none cover my fundamental request ### How long have you been using BookStack? 3 months to 1 year ### Additional context _No response_

OVERLORD added the 🔨 Feature Request label 2026-02-05 08:21:58 +03:00

OVERLORD commented

2026-02-05 08:22:05 +03:00

@ssddanbrown commented on GitHub (Oct 3, 2023):

Thanks for the suggestion @aswgxf,

I wouldn't want to show a warning based on specific permission options selected (or lack of selection) since no overrides could be commonly desired in some environments, and that wouldn't specifically cover the pain points raised.

Instead I'd prefer to address the pain point directly, which I guess would be showing a warning if the configured permissions will remove view access to the permission setter, or the owner. Will be a bit more complex to implement though.

@ssddanbrown commented on GitHub (Oct 3, 2023): Thanks for the suggestion @aswgxf, I wouldn't want to show a warning based on specific permission options selected (or lack of selection) since no overrides could be commonly desired in some environments, and that wouldn't specifically cover the pain points raised. Instead I'd prefer to address the pain point directly, which I guess would be showing a warning if the configured permissions will remove view access to the permission setter, or the owner. Will be a bit more complex to implement though.

OVERLORD commented

2026-02-05 08:22:09 +03:00

@aswgxf commented on GitHub (Oct 3, 2023):

Oh that's a good point. Just warning if no overrides are selected also wouldn't help if they do select overrides, but they aren't in the roles they've added.

Originally I was just going with "warn if no overrides" because I wasn't sure if actually evaluating the permissions would be too complex to be worth it. If you think it could be done without too much pain though, that's a much better option.

@aswgxf commented on GitHub (Oct 3, 2023): Oh that's a good point. Just warning if no overrides are selected also wouldn't help if they do select overrides, but they aren't in the roles they've added. Originally I was just going with "warn if no overrides" because I wasn't sure if actually evaluating the permissions would be too complex to be worth it. If you think it could be done without too much pain though, that's a much better option.

OVERLORD referenced this issue

2026-02-05 10:29:35 +03:00

[PR #4256] [MERGED] Updated translations with latest Crowdin changes #6335

Sign in to join this conversation.

Branches Tags

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/BookStack#4256