(zettel (meta (back "00001010000000 00001010070300 00001012051200 00001012921200 00001017000000") (backward "00001004020000 00001006020000 00001010000000 00001010070300 00001012051200 00001012921200 00001017000000") (box-number "1") (created "20210126175322") (forward "00000000000004 00000000020001 00000000040001 00001004010000 00001004020000 00001006020000 00001006030500 00001007700000 00001010040100 00001014000000") (modified "20220923104643") (published "20220923104643") (role "manual") (syntax "zmk") (tags "#authorization #configuration #manual #security #zettelstore") (title "Visibility rules for zettel")) (rights 4) (encoding "") (content "For every zettel you can specify under which condition the zettel is visible to others.\nThis is controlled with the metadata key [[''visibility''|00001006020000#visibility]].\nThe following values are supported:\n\n; [!public|\"\"public\"\"]\n: The zettel is visible to everybody, even if the user is not authenticated.\n; [!login|\"\"login\"\"]\n: Only an authenticated user can access the zettel.\n\n  This is the default value for [[''default-visibility''|00001004020000#default-visibility]].\n; [!creator|\"\"creator\"\"]\n: Only an authenticated user that is allowed to create new zettel can access the zettel.\n; [!owner|\"\"owner\"\"]\n: Only the owner of the Zettelstore can access the zettel.\n\n  This is for zettel with sensitive content, e.g. the [[configuration zettel|00001004020000]] or the various zettel that contains the templates for rendering zettel in HTML.\n; [!expert|\"\"expert\"\"]\n: Only the owner of the Zettelstore can access the zettel, if runtime configuration [[''expert-mode''|00001004020000#expert-mode]] is set to a [[boolean true value|00001006030500]].\n\n  This is for zettel with sensitive content that might irritate the owner.\n  Computed zettel with internal runtime information are examples for such a zettel.\n\nWhen you install a Zettelstore, only [[some zettel|query:visibility:public]] have visibility \"\"public\"\".\nOne is the zettel that contains [[CSS|00000000020001]] for displaying the [[web user interface|00001014000000]].\nThis is to ensure that the web interface looks nice even for not authenticated users.\nAnother is the zettel containing the Zettelstore [[license|00000000000004]].\nThe [[default image|00000000040001]], used if an image reference is invalid, is also public visible.\n\nPlease note: if [[authentication is not enabled|00001010040100]], every user has the same rights as the owner of a Zettelstore.\nThis is also true, if the Zettelstore runs additionally in [[read-only mode|00001004010000#read-only-mode]].\nIn this case, the [[runtime configuration zettel|00001004020000]] is shown (its visibility is \"\"owner\"\").\nThe [[startup configuration|00001004010000]] is not shown, because the associated computed zettel with identifier ''00000000000096'' is stored with the visibility \"\"expert\"\".\nIf you want to show such a zettel, you must set ''expert-mode'' to true.\n\n=== Examples\nBy using a [[query expression|00001007700000]], you can easily create a zettel list based on the ''visibility'' metadata key:\n\n| public  | [[query:visibility:public]]\n| login   | [[query:visibility:login]]\n| creator | [[query:visibility:creator]]\n| owner   | [[query:visibility:owner]]\n| expert  | [[query:visibility:expert]][^Only if [[''expert-mode''|00001004020000#expert-mode]] is enabled, this list will show some zettel.]"))