Omniscope has a built-in permissioning system, which allows the administrator to control who has access to different files, as well as which individual user can edit reports or only view them.


The permissioning system of the application is split into two distinct parts: 


  1. Authentication - how the user is authenticated to access the projects.

  2. Permissions - what the user can do, once they have been successfully authenticated.


Omniscope also has project write-protection similar to write-protect of memory disk. For more information see here.



In order to configure permissions you need to login to the “Admin”, and click on the “Permissions” items. This will open a the main listing page where you see the files and folders, but now with the ability to set up permissions for each folder. 



If a folder doesn’t have a permission set, Omniscope will try to find the permission for the folder by recursively going up to the parent folders, until it finds the first folder that has the permission set. If there are still no permissions found, then the “Default” permissions are used.


NOTE: This approach allows you to organise your folders in such a way that multiple folders share the same permission.



Default permissions


The default permissions are permissions which take effect when there are no other permissions found for a given folder.


To configure them click on the “Default permissions”.


Folder permissions

These are permissions that take effect when you explicitly set a permission on a folder. 


To set/edit “Folder permissions” click on the “Permissions” button next to the folder name. 


Permission settings 

Anonymous / Public permissions

The option allows you to control what are the permissions for the user who is not authenticated and they visit the link to the folder through their web browser.


Groups

This option is managing multiple authenticated user groups. Each group can have their own permissions and authentication mechanisms.




Group permissions

Define the permissions for each user within the group.


Authentication mechanisms


Authentication mechanisms allow you to specify the authentication method:


  • List of users - this method is relying on a list of usernames and passwords.
     

  • LDAP Query - this type allows you to authenticate against your company’s LDAP server.

  • Spnego (Single sign on) - authenticate against your company’s Spnego mechanism.