Knowledge base - selected articles only visible to internal users

I am looking to build an internal wiki which contains articles describing & defining internal standard procedures for whatever situation.

From the tools available Knowledge base seems to be the one to use. Naturally only employees should be able to see those articles, Is there any way to restrict website access to knpwledge base articles to defined ERPNext system users?

There is an option to not publish them. But if you want to read an unpublished article you access it through the Knowledge Base in a r/w interface which is not what I am after.

You can use Notes.

yes, I know about notes. I’d prefer using the Knowledge Base articles though but if you can not restrict access it’s probably not an option. Thanks anyway

Hi @vrms, it is good to see that someone has had this idea for some time.

I only use Note for my own personal Notes, not for everyone to learn since it is difficult to navigate and keep track.

If you see the DocType list for Web Page and Help Article, there is an option not to have Guest view them, but this can only be changed in Developer mode.

I tried using Newsletter module, since this has publish option but have the default of not allowing Guest to view. However, there is a bug even though a guest cannot see any items, but if they type the exact extension directly, they can still access that page.

I have also posted this security issue on Security issues // Pages publicly accessible, but somehow no one really cares about this.

Anyway, if you have any progress since the last time, please share.

Thank you.

Hi there,

Any progress on this topic?

I have the same problem. When unmarking the Allow Guest on the DocType Help article, only the Help Category are restricted by guest and shows the Login button. The help article are still accessible by guest.

Hi guys,

I’m putting this one out of the archives ones again. @vrms I saw you also mentioned this issue a few times already.

To me an internal knowledge base is an essential part for a company, and it would be great to achieve that within ERPnext.

I mean, all the basic features are already here to make that a fully functional internal wiki. For now I didn’t find a function to restrict several KB categories from guest access.
Has somebody already solved this problem? I’d be willing to contribute a bit, if that needs to be coded.

I haven’t looked into this a long time but I do not believe anything has changed. As a workaround we are using Notes.

That said … the “Help Article” seems not to provide any better features (in terms of Editor features/quality, or traceability of changes) then “Notes”. The only difference seems to be that help articles (once published) appear in the public internet, while notes never do.

I think code changes in the core application would be needed to be able to restrict public accesss to certain articles, or categories. Due to lack of knowledge I can’t tell where, nor how exactly

Alright, it was worth a try. I didn’t find any options yet either to restrict certain categories of the KB to usergroups.

Notes seems not to be a good place to build up a intranet to me. I’ll gonna look if I can build something locally outside of erpnext (Wordpress, Doku Wiki or Nextcloud with Pico CMS are my thoughts for the moment) for now.

there is no such option I believe

if you do anything that integrates such services with ERPNext in a way. it would be slick whether such work could be merged into the core code integrations. Maybe you wanna keep that in mind and work towards that.

Will do. Sadly I’m not a coder. So it will only happen if I hire someone to do it.

Hi all!

I was looking into building an internal knowledge base. Using public notes doesn’t seem to bad as it lets you do a lot of things including linking between each other. Did you find any downsides?

I want to add to this conversation. I’m trying to document ERPNext for our own installation, and there doesn’t appear to be a good way to do this.

Notes makes a poor substitute, and doesn’t have a consumable presentation. In fact, you need to understand the system on some level before you can even access them.
Web Pages require managing sidebars, are generally more difficult to maintain, and prone to bugs due to being more difficult to maintain. They also don’t have a way to restrict access by default.
Blog Posts are somewhere in between Web Pages and Help Articles, and they don’t have a way to restrict access.
Help Articles are perfect for the job, except they don’t have a way to restrict access for Guests.

Things I’ve tried:

hooks.py: (path.to.my.permission.def returns False)

has_permission = {
    "Help Article": "path.to.my.permission.def"
}
has_website_permission = {
    "Help Article": "path.to.my.permission.def"
}

This one is bad, because it relies on “Edit Doctype” which breaks on update:

Edit the Help Article DocType:
image

After trying all of these settings, the help article is stubbornly viewable in an incognito window without being logged in.

2 Likes