[v23.12.2] Book custom permissions not cascading to chapters and pages #4457

New Issue

OVERLORD · 2026-02-05T08:55:48+03:00

OVERLORD commented

2026-02-05 08:55:48 +03:00

Originally created by @jsarnowski96 on GitHub (Feb 8, 2024).

Describe the Bug

After migrating content between old and new shelves I've received several reports that users are unable to display certain chapters or pages despite cascading shelf permissions to books.

"Inherit defaults" usually helps, but that's not something we want to get into because of more restricted access policy. right now only direct permissions override per chapter/page solves that issue.

Steps to Reproduce

Cascade permissions from shelf
Verify that target role has permissions override set in book
Open up chapter/page permissions and verify that no permissions override has been inherited from book - only Everyone Else is available by default.

Expected Behaviour

Chapter/page permissions should behave the way it is described in BookStack documentation - by auto cascading from book.

Screenshots or Additional Context

Browser Details

No response

Exact BookStack Version

v23.12.2

Originally created by @jsarnowski96 on GitHub (Feb 8, 2024). ### Describe the Bug After migrating content between old and new shelves I've received several reports that users are unable to display certain chapters or pages despite cascading shelf permissions to books. "Inherit defaults" usually helps, but that's not something we want to get into because of more restricted access policy. right now only direct permissions override per chapter/page solves that issue. ### Steps to Reproduce 1. Cascade permissions from shelf 2. Verify that target role has permissions override set in book 3. Open up chapter/page permissions and verify that no permissions override has been inherited from book - only Everyone Else is available by default. ### Expected Behaviour Chapter/page permissions should behave the way it is described in BookStack documentation - by auto cascading from book. ### Screenshots or Additional Context ![image](https://github.com/BookStackApp/BookStack/assets/20375860/f86b5620-282d-4a80-a1e5-8123e91af7d9) ![image](https://github.com/BookStackApp/BookStack/assets/20375860/7fa4005e-87a0-497f-bb7d-3af27ff67ef4) ### Browser Details _No response_ ### Exact BookStack Version v23.12.2

OVERLORD added the 🐛 Bug label 2026-02-05 08:55:48 +03:00

OVERLORD closed this issue

2026-02-05 08:55:50 +03:00

OVERLORD commented

2026-02-05 08:55:53 +03:00

@ssddanbrown commented on GitHub (Feb 8, 2024):

Hi @jsarnowski96,

Chapter/page permissions should behave the way it is described in BookStack documentation - by auto cascading from book.

They do auto-cascade from books to chapters (and chapters to pages), but they don't appear in the permissions view for that specific item (Since they're not permissions specifically set on that item).

@ssddanbrown commented on GitHub (Feb 8, 2024): Hi @jsarnowski96, > Chapter/page permissions should behave the way it is described in BookStack documentation - by auto cascading from book. They do auto-cascade from books to chapters (and chapters to pages), but they don't appear in the permissions view for that specific item (Since they're not permissions specifically set on that item).

OVERLORD commented

2026-02-05 08:55:57 +03:00

@jsarnowski96 commented on GitHub (Feb 8, 2024):

@ssddanbrown ok, I'd like to clear things up here - "inherit defaults" means that chapter/page gets the permissions set on book level and not that any role with global "View All" permission, not specified in override section, will suddenly gain access to that content?

by global I mean this:

@jsarnowski96 commented on GitHub (Feb 8, 2024): @ssddanbrown ok, I'd like to clear things up here - "inherit defaults" means that chapter/page gets the permissions set on book level and not that any role with global "View All" permission, not specified in override section, will suddenly gain access to that content? by global I mean this: ![image](https://github.com/BookStackApp/BookStack/assets/20375860/b230e1b1-afdb-4444-a8ea-2d8572ddd05a)

OVERLORD commented

2026-02-05 08:56:02 +03:00

@ssddanbrown commented on GitHub (Feb 8, 2024):

"inherit defaults" means that chapter/page gets the permissions set on book level and not that any role with global "View All" permission, not specified in override section, will suddenly gain access to that content?

"inherit defaults" will accept the permissions from the parent (and/or grandparent if the parent is inheriting) if set, and the role permissions if none of the parents have disabled inheritance.
Combination of permissions follows the "Advanced Permission Logic" section on this page: https://www.bookstackapp.com/docs/user/roles-and-permissions/#advanced-permission-logic

@ssddanbrown commented on GitHub (Feb 8, 2024): > "inherit defaults" means that chapter/page gets the permissions set on book level and not that any role with global "View All" permission, not specified in override section, will suddenly gain access to that content? "inherit defaults" will accept the permissions from the parent (and/or grandparent if the parent is inheriting) if set, and the role permissions if none of the parents have disabled inheritance. Combination of permissions follows the "Advanced Permission Logic" section on this page: https://www.bookstackapp.com/docs/user/roles-and-permissions/#advanced-permission-logic

OVERLORD commented

2026-02-05 08:56:06 +03:00

@jsarnowski96 commented on GitHub (Feb 8, 2024):

@ssddanbrown so only if both shelf and book had this setting ticked off AND no permission override set, chapters and pages would be available to any role having global view own/all permission?

@jsarnowski96 commented on GitHub (Feb 8, 2024): @ssddanbrown so only if both shelf and book had this setting ticked off AND no permission override set, chapters and pages would be available to any role having global view own/all permission?

OVERLORD commented

2026-02-05 08:56:10 +03:00

@ssddanbrown commented on GitHub (Feb 8, 2024):

so only if both shelf and book had this setting ticked off AND no permission override set, chapters and pages would be available to any role having global view own/all permission?

Shelf permissions don't come into play here, since they don't auto-cascade (Only copied to books on demand).

If the "Everyone Else" > "inherit defaults" is unchecked on a book, with no other role permissions added, and child chapter/page left inheriting with no other permissions configured, then the book and all pages/chapters within would only be visible to those assigned to the default admin role.

@ssddanbrown commented on GitHub (Feb 8, 2024): > so only if both shelf and book had this setting ticked off AND no permission override set, chapters and pages would be available to any role having global view own/all permission? Shelf permissions don't come into play here, since they don't auto-cascade (Only copied to books on demand). If the "Everyone Else" > "inherit defaults" is unchecked on a book, with no other role permissions added, and child chapter/page left inheriting with no other permissions configured, then the book and all pages/chapters within would only be visible to those assigned to the default admin role.

OVERLORD commented

2026-02-05 08:56:15 +03:00

@jsarnowski96 commented on GitHub (Feb 8, 2024):

@ssddanbrown great, that's exactly what I wanted to achieve. thanks a lot, in that case I'll close this issue

@jsarnowski96 commented on GitHub (Feb 8, 2024): @ssddanbrown great, that's exactly what I wanted to achieve. thanks a lot, in that case I'll close this issue

OVERLORD referenced this issue

2026-02-05 10:30:13 +03:00

[PR #4457] [MERGED] Browser-based drawing backup storage system #6357

Sign in to join this conversation.

Branches Tags

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/BookStack#4457