paulmataruso/zulip
1
0
Fork 0
mirror of https://github.com/zulip/zulip.git synced 2025-10-23 04:52:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

help: Rewrite channel permissions page.

Browse Source 
- Explain channel types and other permissions in words.
- Drop tables of permissions.
This commit is contained in:
Alya Abbott
2024-12-13 11:42:34 -08:00
committed by Tim Abbott
parent e4a33f7c48
commit 8a60b83c55
6 changed files with 122 additions and 122 deletions
Download Patch File Download Diff File Expand all files Collapse all files

195
help/channel-permissions.md
View File

@@ -1,131 +1,124 @@
# Channel privacy settings
# Private, public, and web-public channels
{!channels-intro.md!}
Zulip supports a few types of channels:
There are three types of channels in Zulip:
* **Public** (<i class="zulip-icon zulip-icon-hashtag"></i>):
Members can join and view the complete message history.
Public channels are visible to [guest users](/help/guest-users)
only if they are subscribed (exactly like private channels with
shared history).
* [Private channels](#private-channels) (indicated by <i class="zulip-icon
zulip-icon-lock"></i>), where only subscribers can access messages and
subscribe other users. You can choose whether new subscribers can see messages
sent before they were subscribed.
* **Private** (<i class="zulip-icon zulip-icon-lock"></i>):
New subscribers must be added by an existing subscriber. Only subscribers
and organization administrators can see the channel's name and description,
and only subscribers can view topics and messages with the channel:
* In **private channels with shared history**, new subscribers can
access the channel's full message history.
* In **private channels with protected history**, new subscribers
can only see messages sent after they join.
* [Public channels](#public-channels) (indicated by <i class="zulip-icon
zulip-icon-hashtag"></i>), which are open to everyone in your organization
other than guests.
* [**Web-public**](/help/public-access-option) (<i class="zulip-icon
zulip-icon-globe"></i>): Members can join (guests must be invited by a
subscriber). Anyone on the Internet can view complete message history without
* [Web-public channels](#web-public-channels) (indicated by <i class="zulip-icon
zulip-icon-globe"></i>), where anyone on the Internet can see messages without
creating an account.
## Privacy model for private channels
In addition, you can configure the following permissions for each channel,
regardless of its type:
At a high level:
* [Who can send messages](/help/channel-posting-policy)
* [Who can administer the channel](/help/configure-who-can-administer-a-channel)
* [Who can unsubscribe other users](/help/configure-who-can-unsubscribe-others)
* Organization owners and administrators can see and modify most
aspects of a private channel, including the membership and estimated
traffic. Owners and administrators generally cannot see private
channel messages or do things that would give them access to private
channel messages, like adding new subscribers or changing the channel
privacy settings.
For the organization as a whole, you can:
* [Organization members and moderators](/help/user-roles)
cannot easily see which private channels exist, or interact with them
in any way until they are added. Given a channel name, they can
figure out whether a channel with that name exists, but cannot see
any other details about the channel.
* [Restrict channel creation](/help/configure-who-can-create-channels)
* [Restrict who can add users to channels](/help/configure-who-can-invite-to-channels)
* From the perspective of a guest, all channels are private channels,
and they additionally can't add other members to the channels they
are subscribed to.
Any permission, including whether a channel is private, public, or web-public,
can be modified after the channel is created.
There are two situations in which an organization owner or
administrator can access private channel messages:
## Private channels
* Via some types of [data export](/help/export-your-organization).
[Private channels](#private-channels) (indicated by <i class="zulip-icon
zulip-icon-lock"></i>) are for conversations that should be accessible only to
users who are specifically added to the channel. There are two types of private
channels in Zulip:
* Owners and administrators can change the ownership of a bot. If a
bot is subscribed to a private channel, then an administrator can get
access to that channel by taking control of the bot, though the
access will be limited to what the bot can do. (e.g., incoming
webhook bots cannot read messages.)
- In private channels with **shared history**, new subscribers can access the
channel's full message history. For example, a newly added team member can get
ramped up on a secret project by seeing prior discussions.
- In private channels with **protected history**, new subscribers can only see
messages sent after they join. For example, a new manager would not be able to
see past discussions regarding their own hiring process or performance management.
## Detailed permissions
Organization administrators can see information about all private channels and
manage some configurations. However, they cannot access messages in private
channels that they are not subscribed to, or subscribe themselves to private
channels.
### Public channels
Organization administrators and [channel
administrators](/help/configure-who-can-administer-a-channel) can always:
<div class="centered_table"></div>
| | Owners and admins | Moderators | Members | Guests
|--- |--- |--- |--- |---
| View channel name | &#10004; | &#10004; | &#10004; | &#9726;
| Join | &#10004; | &#10004; | &#10004; |
| Unsubscribe | &#9726; | &#9726; | &#9726; | &#9726;
| Add others | &#10004; | &#10038; | &#10038; |
| Remove others | &#10004; | &#10038; | &#10038; | &#10038;
| See subscriber list | &#10004; | &#10004; | &#10004; | &#9726;
| See full history | &#10004; | &#10004; | &#10004; | &#9726;
| See estimated traffic | &#10004; | &#10004; | &#10004; | &#9726;
| Post | &#10004; | &#10038; | &#10038; | &#10038;
| Change the privacy | &#10004; | | |
| Rename | &#10004; | | |
| Edit the description | &#10004; | | |
| Delete | &#10004; | | |
- See and modify the channel's [name](/help/rename-a-channel) and [description](/help/change-the-channel-description).
- See who is subscribed to the channel, and [unsubscribe](/help/add-or-remove-users-from-a-channel#remove-users-from-a-channel) them.
- See the channel's permissions settings.
- See how much message traffic the channel gets (but not its contents).
- [Archive](/help/archive-a-channel) the channel.
<span class="legend_symbol">&#10004;</span><span class="legend_label">Always</span>
However, only users who have the relevant permissions *and are subscribed to the
channel* can:
<span class="legend_symbol">&#9726;</span><span class="legend_label">If subscribed to the channel</span>
- See messages or topics.
- Subscribe other users.
- Modify the channel's permissions settings, including settings that control who
can see messages in the channel (public vs. private, shared history vs.
protected history).
<span class="legend_symbol">&#10038;</span>
<span class="legend_label">
Configurable. See [Channel posting policy](/help/channel-posting-policy),
[Configure who can add users][add-users], and
[Configure who can remove users][remove-users]
for details.
</span>
Administrators can [export](/help/export-your-organization) messages in private
channels only if [granted permission to do
so](/help/export-your-organization#configure-whether-administrators-can-export-your-private-data)
by a subscriber.
### Private channels
Users who do not have special permissions (they are not organization
administrators, and have not been granted access to the channel) cannot easily
see which private channels exist. They can find out that a channel exists only
by attempting to create a channel with the same name, if they have [permission
to create channels](/help/configure-who-can-create-channels). They can't get any
other information about private channels they are not subscribed to.
<div class="centered_table"></div>
| | Owners and admins | Moderators | Members | Guests
|--- |--- |--- |--- |---
| View channel name | &#10004; | &#9726; | &#9726; | &#9726;
| Join | | | |
| Unsubscribe | &#9726; | &#9726; | &#9726; | &#9726;
| Add others | &#9726; | &#10038; | &#10038; |
| Remove others | &#10004; | &#10038; | &#10038; | &#10038;
| See subscriber list | &#10004; | &#9726; | &#9726; | &#9726;
| See full history | &#10038; | &#10038; | &#10038; | &#10038;
| See estimated traffic | &#10004; | &#9726; | &#9726; | &#9726;
| Post | &#9726; | &#10038; | &#10038; | &#10038;
| Change the privacy | &#9726; | | |
| Rename | &#10004; | | |
| Edit the description | &#10004; | | |
| Delete | &#10004; | | |
!!! warn ""
<span class="legend_symbol">&#10004;</span><span class="legend_label">Always</span>
If you create a [bot](/help/bots-overview) that is allowed to read messages
in a private channel (e.g., a **generic bot**, *not* an **incoming webhook bot**,
which is more limited), an administrator can in theory gain access to messages
in the channel by making themselves the bot's owner.
<span class="legend_symbol">&#9726;</span><span class="legend_label">If subscribed to the channel</span>
## Public channels
<span class="legend_symbol">&#10038;</span>
<span class="legend_label">
Configurable, but at minimum must be subscribed to the channel.
See [Channel posting policy](/help/channel-posting-policy),
[Configure who can add users][add-users], and
[Configure who can remove users][remove-users]
for details.
</span>
Public channels (indicated by <i class="zulip-icon
zulip-icon-hashtag"></i>) are open to all members of your organization other than
[guests](/help/guest-users). Anyone who is not a guest can:
- See information about the channel, including its name, description, permission
settings, and subscribers.
- Subscribe or unsubscribe themselves to the channel.
- See all messages and topics, whether or not they are subscribed.
You can configure other permissions for public channels, such as [who is allowed
to post](/help/channel-posting-policy).
Guest users can't see public (or private) channels, unless they have been specifically added to the channel.
## Web-public channels
{!web-public-channels-intro.md!}
Web-public channels are indicated with a **globe** (<i class="zulip-icon
zulip-icon-globe"></i>) icon.
## Related articles
* [User roles](/help/user-roles)
* [Channel sending policy](/help/channel-posting-policy)
* [Web-public channels](/help/public-access-option)
[add-users]: /help/configure-who-can-invite-to-channels#configure-who-can-add-users
[remove-users]: /help/configure-who-can-invite-to-channels#configure-who-can-remove-users
* [Guest users](/help/guest-users)
* [User groups](/help/user-groups)
* [Public access option](/help/public-access-option)
* [Channel posting policy](/help/channel-posting-policy)
* [Restrict channel creation](/help/configure-who-can-create-channels)
* [Configure who can administer a channel](/help/configure-who-can-administer-a-channel)
* [Restrict who can subscribe others](/help/configure-who-can-invite-to-channels)
* [Configure who can unsubscribe others](/help/configure-who-can-unsubscribe-others)

13
help/configure-automated-notices.md
View File

@@ -22,13 +22,14 @@ Notices about channel settings changes, such as [name](/help/rename-a-channel),
{!admin-only.md!}
When creating a new [public channel](/help/channel-permissions), the
channel creator can choose to advertise the new channel via an automated
notice. You can configure what channel Zulip uses for these notices, or
disable these notices entirely. The topic for these messages is “new
channels”.
When creating a new [public](/help/channel-permissions#public-channels) or
[web-public](/help/channel-permissions#web-public-channels) channel, the channel
creator can choose to advertise the new channel via an automated notice. You can
configure what channel Zulip uses for these notices, or disable these notices
entirely. The topic for these messages is “new channels”.
New [private](/help/channel-permissions) channels are never announced.
New [private](/help/channel-permissions#private-channels) channels are never
announced.
{start_tabs}

9
help/configure-who-can-administer-a-channel.md
View File

@@ -4,7 +4,9 @@
Organization administrators can automatically administer all channels.
If you have permission to administer a [public](/help/channel-permissions) or [web-public](/help/public-access-option) channel, you can:
If you have permission to administer a
[public](/help/channel-permissions#public-channels) or
[web-public](/help/channel-permissions#web-public-channels) channel, you can:
- See and modify the channel's [name](/help/rename-a-channel) and [description](/help/change-the-channel-description).
- [Subscribe](/help/add-or-remove-users-from-a-channel#add-users-to-a-channel) and [unsubscribe](/help/add-or-remove-users-from-a-channel#remove-users-from-a-channel) users.
@@ -13,8 +15,9 @@ If you have permission to administer a [public](/help/channel-permissions) or [w
protected history).
- [Archive](/help/archive-a-channel) the channel.
For [private](/help/channel-permissions) channels, you additionally need to be a
subscriber in order to add subscribers or change channel permissions.
For [private](/help/channel-permissions#private-channels) channels, you
additionally need to be a subscriber in order to add subscribers or change
channel permissions.
## Configure who can administer a channel

4
help/include/channels-intro.md
View File

@@ -1,5 +1,5 @@
Channels organize conversations based on who needs to see them. For example, it
is common to have a channel for each team in an organization. Because Zulip
Channels organize conversations based on who needs to see them. For example,
it's common to have a channel for each team in an organization. Because Zulip
further organizes messages into conversations labeled with
[topics](/help/introduction-to-topics), there is generally no need to create
dedicated channels for specific projects.

4
help/include/sidebar_index.md
View File

@@ -206,8 +206,10 @@
## Channel management
* [Create a channel](/help/create-a-channel)
* [Channel permissions](/help/channel-permissions)
* [Private channels](/help/channel-permissions#private-channels)
* [Public channels](/help/channel-permissions#public-channels)
* [Public access option](/help/public-access-option)
* [Channel permissions](/help/channel-permissions)
* [Channel posting policy](/help/channel-posting-policy)
* [Configure who can administer a channel](/help/configure-who-can-administer-a-channel)
* [Restrict channel creation](/help/configure-who-can-create-channels)

19
help/move-content-to-another-channel.md
View File

@@ -78,21 +78,22 @@ Access to messages moved to another channel will immediately be controlled by th
access policies for the destination channel. Content moved to a private channel will
thus appear to be deleted to users who are not subscribers of the destination channel.
Content moved to a [private channel with protected history](/help/channel-permissions)
will only be accessible to users who both:
Content moved to a [private channel with protected
history](/help/channel-permissions#private-channels) will only be accessible to
users who both:
* Were subscribed to the *original* channel when the content was *sent*.
* Are subscribed to the *destination* channel when the content is *moved*.
## Moving content out of private channels
In [private channels with protected history](/help/channel-permissions),
Zulip determines whether to treat the entire topic as moved using the
access permissions of the user requesting the topic move. This means
that the automated notices sent by the notification bot will report
that the entire topic was moved if the requesting user moved every
message in the topic that they can access, regardless of whether older
messages exist that they cannot access.
In [private channels with protected
history](/help/channel-permissions#private-channels), Zulip determines whether
to treat the entire topic as moved using the access permissions of the user
requesting the topic move. This means that the automated notices sent by the
notification bot will report that the entire topic was moved if the requesting
user moved every message in the topic that they can access, regardless of
whether older messages exist that they cannot access.
Similarly, [muted topics](/help/mute-a-topic) will be migrated to the
new channel and topic if the requesting user moved every message in the