title: Visibility rules for zettel role: manual tags: #authorization #configuration #manual #security #zettelstore syntax: zmk back: 00001010000000 00001010070300 00001012051200 00001012921200 00001017000000 backward: 00001004020000 00001006020000 00001010000000 00001010070300 00001012051200 00001012921200 00001017000000 box-number: 1 copyright: (c) 2020-present by Detlef Stern created: 20210126175322 forward: 00000000000004 00000000020001 00000000040001 00001004010000 00001004020000 00001006020000 00001006030500 00001007700000 00001010040100 00001014000000 lang: en license: EUPL-1.2-or-later modified: 20220923104643 published: 20220923104643 visibility: public For every zettel you can specify under which condition the zettel is visible to others. This is controlled with the metadata key [[''visibility''|00001006020000#visibility]]. The following values are supported: ; [!public|""public""] : The zettel is visible to everybody, even if the user is not authenticated. ; [!login|""login""] : Only an authenticated user can access the zettel. This is the default value for [[''default-visibility''|00001004020000#default-visibility]]. ; [!creator|""creator""] : Only an authenticated user that is allowed to create new zettel can access the zettel. ; [!owner|""owner""] : Only the owner of the Zettelstore can access the zettel. This is for zettel with sensitive content, e.g. the [[configuration zettel|00001004020000]] or the various zettel that contains the templates for rendering zettel in HTML. ; [!expert|""expert""] : Only the owner of the Zettelstore can access the zettel, if runtime configuration [[''expert-mode''|00001004020000#expert-mode]] is set to a [[boolean true value|00001006030500]]. This is for zettel with sensitive content that might irritate the owner. Computed zettel with internal runtime information are examples for such a zettel. When you install a Zettelstore, only [[some zettel|query:visibility:public]] have visibility ""public"". One is the zettel that contains [[CSS|00000000020001]] for displaying the [[web user interface|00001014000000]]. This is to ensure that the web interface looks nice even for not authenticated users. Another is the zettel containing the Zettelstore [[license|00000000000004]]. The [[default image|00000000040001]], used if an image reference is invalid, is also public visible. Please note: if [[authentication is not enabled|00001010040100]], every user has the same rights as the owner of a Zettelstore. This is also true, if the Zettelstore runs additionally in [[read-only mode|00001004010000#read-only-mode]]. In this case, the [[runtime configuration zettel|00001004020000]] is shown (its visibility is ""owner""). The [[startup configuration|00001004010000]] is not shown, because the associated computed zettel with identifier ''00000000000096'' is stored with the visibility ""expert"". If you want to show such a zettel, you must set ''expert-mode'' to true. === Examples By using a [[query expression|00001007700000]], you can easily create a zettel list based on the ''visibility'' metadata key: |public|[[visibility:public|query:visibility:public]] |login|[[visibility:login|query:visibility:login]] |creator|[[visibility:creator|query:visibility:creator]] |owner|[[visibility:owner|query:visibility:owner]] |expert|[[visibility:expert|query:visibility:expert]][^Only if [[''expert-mode''|00001004020000#expert-mode]] is enabled, this list will show some zettel.]