Page Audience
The Audience setting controls which roles can view a page. It is optional — leaving all roles unchecked means global access policies apply.
Roles
| Role | Description |
|---|---|
| admin | Full system access to all features |
| user-admin | Can manage users — create, edit, deactivate, delete |
| editor | Can create, edit, delete, and rename pages |
| contributor | Can create and edit pages |
| reader | Read-only access to content |
| member | Community member — same read access as reader |
| anonymous | Public access without authentication |
How It Works
- Add one or more role names or individual usernames to restrict view access to those principals only
- Leave empty to apply the global access policies (the default)
- Audience entries can be role names (e.g.
editor) or usernames (e.g.jim) — both are matched - Audience does not grant edit access — only view access
Per-Action Access (access field)
For more granular control, use the access frontmatter field instead of audience. It accepts an object keyed by action name, each with an array of principals:
access:
view:
- reader
- editor
edit:
- editor
audience is a shorthand for access.view only.
The private Flag
If a page is marked Private, the page is stored in a separate per-creator location and the Audience field is bypassed entirely. Access is restricted to:
- Users with the
adminrole - The page's creator — the user who first saved the page with
private: true
Creator vs Author: access uses the page's creator as recorded in the page index, not the
authorfrontmatter field. If theauthorfield differs from the actual creator, theauthorfield is ignored for access control purposes.
Applying the private Flag
Check the Private checkbox on the page's Edit form (or on the Create New Page form for new pages), or set it directly in frontmatter:
private: true
The private frontmatter field is the canonical signal. Earlier versions of GeoHazardWatch stored privacy as a user-keywords: [private] entry; that mechanism was removed in v3.7.0 and all pages have been migrated.
Private vs Audience
| Feature | Audience field | Private flag |
|---|---|---|
| Where configured | audience: frontmatter / Edit form | private: frontmatter / Private checkbox |
| Who can view | Any roles or usernames listed | Admin + creator only |
| Storage location | Normal page store | Separate per-creator private location |
| Bypasses Audience | — | Yes — Audience setting is ignored |
The Private flag takes precedence. If a page has both an Audience setting and private: true, the Audience setting is ignored. See Page Private for the full description, precedence rules, and what Private does not do.
More Information
See also: Page Private, Author Lock, Editing a Page
No comments yet.