Access rules

Whether an operation of the Zettelstore is allowed or rejected, depends on various factors.

The following rules are checked first, in this order:

  1. In read-only mode, every operation except the “Read” operation is rejected.
  2. If there is no owner, authentication is disabled and every operation is allowed for everybody.
  3. If the user is authenticated and it is the owner, then the operation is allowed.

In the second step, when authentication is enabled and the requesting user is not the owner, everything depends on the requested operation.