Bookstack: Per-Book Role Membership

Hi @justein230, Sorry for the late reply. Your general request should already be available.
On any book, chapter or page you can click the 'More' menu in the top right then select permissions. You can then choose local permissions here which will override the global role-level permissions.
Permissions will cascade down from Book > Chapter > Page.

Let me know if that helps or if the current solution is lacking in any way.

That's what I was referring to with the per-book roles. Let's say, for example, that I have "Book1" and "Book2". I want to be able to provision editors for "Book1" and "Book2" at the local level. For example, user1 will be part of the "Book1" editors, while "user2" will be part of the "Book2" editors, and they will not be able to edit the other book.

Any update on this?

Hi, just wanted to check and see if there was any update on this.

Hi @justein230,
I'm a bit confused of where this is at?

Did you try following the instructions in my previous comment, Using this menu option on your books:

Or are you looking for something else?

It is a feature request. The feature does not already exist. I'm looking into ways that I can do this myself and submit a PR, but wanted to know if a feature like this was on the radar.

I agree it would be a useful feature ;)

Again on this one, Not really sure how this request differs to what's already implemented in BookStack. If someone could explain the difference between this request and the book-level role permissions already implemented that would be very useful for me.

Right now, when a user is made part of the editors role, they have edit permissions on every book. Sure, you could restrict this with book level permissions, but then all editors wouldn’t be able to edit a certain book. What I would prefer is to have a global editors group, then have the ability to define per-book memberships. Example:

User A should have permissions to edit ALL books in the instance, but user B should only have access to edit Book 1. User A is part of the global editors list, and user B would be part of the Book 1 editors list.

Let me know if you need more clarification. Theoretically, you could make a role for each book, but that could get messy really fast... would be willing to help develop this feature but wanted to gauge interest before.

I think what @justein230 means is that you can create permissions on a user basis. Currently you can only change permissions for whole groups of users. I think it would be nice if you could grant a single user permission to only one specific book or shelve. At the moment we work around this by creating new groups for single users. That's way too complicated.

With that it would be possible to create personal or private books for every user, that no other one can read.

@beegedesign A bit different from what I am proposing. I propose we allow a different role list per book. A user would be added to a role in Book A (say, read only role) which would allow them to have different role memberships per book.

Perhaps some graphics would help:

The image above is taken from Jira. You can see here that you can create roles. These role memberships can be different per Jira project (per BookStack book, shelf, chapter, etc. for this explanation). That way, we could use roles to define permissions, then put users into roles per entity instead of globally for all.

I would like to add a +1 to this feature request. I have more than one writer/editor duo who don't cross projects, and trying to go in and create different roles for every single project is proving to be a royal pain. It would be far better to have a couple of global roles such as "admin" and "writer" that everyone gets assigned to upon logging in, and then for each project (book, shelf, etc), a set of roles that individual users can then be assigned to. Then, if a writer gets the "editor" role on another writer's project, they're elevated for that project only.

Might be a little more work now, but it'll streamline permissions over time, instead of base restrictions.

Depending on number of books you have you could just create roles of Book A Editors, Book B Editors, etc and assign users to those. There are many requests for being able to assign permissions direct to users though, so that will probably stay on the list until someone gets round to it.

There is many cases that needs this feather. For example : I'm forming in an IT school. Students have to build project during the year, and they do it in teams. So each team creates a book in order to document its project. As there is around 75 teams, I can't create 75 groups to restrict accesses ...

Most of my stacks and books are public, some of them are only editable for the roles, which I have already defined. And some of them are private, which I would like to add a group just for one or two users.

For the last step, it would necessary to define user permission to specific books via roles. Unfortunatelly, I cannot create roles with userbased permission, only with functionbased permission.

That's why I want to add a +1 for userbased viewer/editor permissions to books and stacks.