BookStack comes with a simple permissions system based round Roles. The Roles are defined on a screen like this, which shows the default permissions for the Editor Role:
Where it says "Own" under "Create" that means you can create these things inside things that you own. For example "Pages Create Own" means you can create a Page inside a Book or Chapter that you own. You own anything that you create.
It is possible to set permissions on individual Shelves, Books, Chapters and Pages. Here is the screen for a Book (these images were taken before the Contributor role was created):
And here is the screen for Page:
Note that you cannot give permission to individual users, only to Roles. Also it is not possible to change the owner of an item.
Out of the box, BookStack has no gradation of Roles who can change content on the site. The Editor Role has complete control over content, up to creating and deleting Shelves. We have created a new Role called Contributor who can edit all Pages, and create new Pages in any Chapter or Book (update: and now books and chapters too). This reduces the danger that someone will accidentally start moving all the Books around. All new sign-ups automatically start as Contributors. This is controlled via the "Default user role after registration" option on the Settings page (Admins only).
So in summary we have the following Roles. Each role is able to do everything that can be done by the roles below, plus some more.
Admin - all permissions
Editor - change any content
Contributor - create Books, create and edit Pages (logged in default)
Viewer - view content
Public - view content (not logged in)
If you are not logged in, you have the Public role. If you are logged in, you have the Contributor role. Just a few experienced users have been promoted to Editor and Admin.
All new Shelves are created by Editors. If we need more people in this role, an Admin can manually set individual users to be Editors.
Individual Books can be locked to prevent the creation of new Pages by Contributors by setting custom permissions (this has to be enabled for Editors in the Edit Role screen, see "Manage all book, chapter & page permissions", or ask an Admin to do it).
If a person wants complete control over their content, ie no one else can change it, then they should be encouraged to publish their work on the UK Cloud, as either a public share, or in the Library. They can add a link on this site, with the understanding that it may get changed!
Contributors have "Delete Own Page" capability so they can delete pages they make by mistake or move pages they create in the wrong place. I have deleted the screen shot for Contributor (contributor-permissions.png) which was on this page because it has changed; we only really needed to see those details while we were working out how to set up the permissions.