Feature: Custom group and personal user roles

[Bolthier]

Describe the feature you'd like
For normal users to give permissions for items to certain users it's always necessary to create user roles on a global level through an admin. Be it personal user roles or user groups.

1. I'ld like a feature where users would always have a personal user role which can be given permissions through a dropdown menu on any custom permission site.
2. The second feature would allow normal users to create custom groups which then could be used in custom permissions. The user with ownership of this custom group (and any admin with permission to manage user roles) should be able to add users to the group. This feature should be optional and configurable through the system permissions of a role through an optional check like "Manage own custom group roles". Besides the option to add or remove users of this custom group, there should be an option to change the visibility to "Group owner", "Group members" and "Public". This way a custom group role would only appear in custom permissions for users with said visibility. Should a user loose visibility for a custom user group, but has set active permissions for this group for one of their items, the custom user group should still be visible. Lastly a user should have the option to delete a custom group role.

Some minor improvements I would also suggest:

1. Sort roles alphabetically in custom permissions and roles overview. Right now they are sorted by insert date.
2. A filter option to easily search for a role. Mostly relevent for the personal user roles.
3. Option to add users directly while managing a global role.
4. Overview of roles existing and active roles for every role type.

Describe the benefits this feature would bring to BookStack users
Improved options for users to manage their own custom permissions for whole books, shelves and pages without an admin or the need to give normal users permissions to manage global user roles.

Additional context
Was thinking about these features for some time now and just wanted them off my chest. Keep up the good work!

[ssddanbrown]

Thanks for the suggestions and feedback @Bolthier. To be honest, multi-request issues are quite hard to manage so I'm going to close this off otherwise it'll remain open forever.

Per-user entity permissions have been requested in #1747 and are something I'd very much hope to achieve during the permission system review later in the roadmap.

I've added a reference to these suggestions within #410 since that'll be a core part of changing up the permission user interface (Again, planned for permission review on roadmap).

In regards to the "Custom Group Roles", to be honest it looks like a bit of a minefield, I'm having trouble getting my head around the various abilities, further permissions and added UI that may be needed to support that. The permission and role system is already fairly complex, adding user-level permissions will take that a step further then I think I'll be at the limit of my desired complexity for a good while. Such a system seems like it'll introduce a fair amount of new logical confusion scenarios to handle. You've explained this functionality out in detail but you have not described what this would fundamentally achieve/allow within BookStack. Maybe if you could explain that we might be able to come up with a simpler path to solving the core issue you have.

In regards to the addition improvements:

1. Sort roles alphabetically in custom permissions and roles overview. Right now they are sorted by insert date.

That's an awesome idea which I'm sure others may appreciate, while being pretty darn easy & quick to implement. Feel free to re-open that as a new issue if still desired.

2. A filter option to easily search for a role. Mostly relevant for the personal user roles.

As part of #410, I envision there being no big list by default. Instead you'd search for an existing role/user and then bring them into the "list of checkboxes". The overrides would then only apply to the roles you bring into the list. Will probably have some form of an "Everyone else" option within this as well. It will be a fairly large shift to managing permissions yet ideally a more intuitive one.

3. Option to add users directly while managing a global role.

We could do this, but it'd be one of those things that is a little annoying to implement via the design of how BookStack is built, since you're wanting two different modification abilities on a single view. Would require AJAX/Dynamic handling for the user assignment parts since you could not do page refreshes since the main priority of that page would be intended for editing the role itself. Not impossible though and I can understand the benefit.

4. Overview of roles existing and active roles for every role type.

I'm not sure I understand this, Is this in relation to the two core additions requested?

[Bolthier]

Per-user entity permissions have been requested in #1747 and are something I'd very much hope to achieve during the permission system review later in the roadmap.

Nice. I'll look forward to it.

In regards to the "Custom Group Roles", to be honest it looks like a bit of a minefield,[...]

Agree with you on that one. With the permissions system for review on the roadmap I'll just wait and see.

1. Sort roles alphabetically in custom permissions and roles overview. Right now they are sorted by insert date.

That's an awesome idea which I'm sure others may appreciate, while being pretty darn easy & quick to implement. Feel free to re-open that as a new issue if still desired.

I'll do that. The other minor suggestions would only be needed with a bulkier system.