Skip to main content

Set public role for specific content

[TOC]

Overview

By default, the Public role often has "View All" permissions enabled. When you turned on "Allow public viewing," those role-level permissions immediately applied to every book and page on your site. To fix this and keep only specific pages public (the "whitelist" approach), follow these steps:

  1. Strip the Public Role of its "View All" Power This is the most important step to prevent everything from being visible.

Steps

To allow everyone (unauthenticated guests) to view a specific page in BookStack, you must enable Public Viewing in the system settings and then grant the Public role permission to view that specific content.

Step 1: Enable Public Access

Before you can make a single page public, the entire instance must allow public visitors.

  1. Log in as an Admin.
  2. Navigate to Settings > Application Settings.
  3. Locate the "Security" section and check the box for "Allow public viewing?".
  4. Save the settings.

Step 2: Configure the Public Role

By default, the Public role might have access to more than you intend. It is recommended to restrict its base permissions so you can "whitelist" only specific pages.

  1. Go to Settings > Roles.
  2. Edit the Public role (sometimes called "Guest").
  3. Uncheck all "Asset Permissions" (like View All/Own, Create, etc.) if you want a fully private site with only specific public pages.
  4. Save the role.

Step 3: Set Permissions for the Specific Page

Now, grant the Public role access to the individual item.

  1. Navigate to the Page (or Book/Chapter) you want to share.
  2. Click the Permissions action in the sidebar or dropdown.
  3. Check the box for "Enable Custom Permissions".
  4. Under the "Role Overrides" section, find the Public role and check the View permission.
  5. Click Save Permissions.

[!NOTE] If you set these permissions at the Book level, they will automatically cascade down to all chapters and pages within that book unless they have their own custom permissions set.

If all pages are public now

This happens because, by default, the Public role often has "View All" permissions enabled. When you turned on "Allow public viewing," those role-level permissions immediately applied to every book and page on your site.

1. Strip the Public Role of its "View All" Power

  • Go to Settings > Roles.
  • Edit the Public role (sometimes called "Guest").
  • Scroll down to Asset Permissions.
  • Uncheck every box under "View", "Create", "Edit", and "Delete" for Books, Chapters, and Pages.
  • Save the role.
  • Result: Now, even though public viewing is "On," guests can't see anything because their role has no permission to view any assets.

2. Grant Permission to ONLY the Specific Content

Now that the door is locked for everything else, you can unlock just the items you want.

  • Navigate to the specific Book or Page you want to make public.
  • Click Permissions in the sidebar.
  • Check "Enable Custom Permissions".
  • In the Role Overrides section, find the Public role and check only the View box.
  • Save the permissions.

[!IMPORTANT] Watch out for "Everyone Else" In the Page/Book permission settings, there is often an "Everyone Else" row at the bottom.

  • Make sure "Inherit defaults" is unchecked for that row if you want to be extra sure nothing leaks.
  • If it is checked, it will fall back to whatever you set in the main Public Role settings (which we just cleared in Step 1).

[!TIP] Permissions in BookStack cascade downwards (Book -> Chapter -> Page). If you make a Book public, every page inside it becomes public too. If you only want one page public, set the permissions only on that page.

Back to top