Admin panel user control doesn't work

[ados8]

Just set this up and it's incredible, perfect for the job of fast information with excellent snapshots. Set up what I wanted to be a read only user. Doesn't matter if I set the permissions to view only control the user can add, delete and do anything (except super admin).

Does the user portal not work?

[sissbruecker]

No, permissions are not implemented. It seems the individual permissions are generated automatically by the Django framework that linkding uses, but linkding itself doesn't implement any checks that would make use of them. The general approach in linkding is that each user manages and sees only their own data. The exception is that users can enable bookmark sharing and then mark individual bookmarks as shared, which allows other users to see them from the shared bookmarks view. On top of that users can enable public bookmark sharing, which allows guest users (without login) to view those bookmarks as well. Bookmarks shared by other users can only be viewed and not edited. So maybe that is something that could help with your use-case.

[ados8]

Problem with public access is confidential bookmarks. Would be nice to have a read only login account.

[ados8]

I found a clunky way to do it, setup authentication app or just restrict via IP. https://domain.com/new and /settings to block users from accessing those areas.

[sissbruecker]

Out of curiosity, why would you want to prevent a user from creating new bookmarks?

[ados8]

Mainly security and privacy. Some URLs are private or have confidential data. Since my server is hosting the snapshots and accessing the URLs I want to control who can add bookmarks. Essential I need public sharing off which means I need users to login. However user accounts allow adding address which might be malicious. Maybe my use case is too unique.