Omniscope Evo User Roles - Managing Permissions Settings

This article discusses how you can configure Omniscope Evo permissions to create certain Roles when setting up the folder permissions. For more information on how to configure permissions see here. In order to create roles the role MUST be created inside a Group. 

If you want to create site-wide roles, which are applied to any folder regardless of sub-folder permissions, you should create these as "super-groups" in the default permissions. 

Server admin

If you want to create a "Server-wide" admin role we recommend you to set this up by creating a "super-group", which has all the permissions enabled - setting all the permission to be true, also set the super-group on the default permissions.

By creating the group inside a super-group you would ensure that you would be able to login as server admin regardless of what permissions are set on any given folder.

Project editor 

If you want to create a role where the user can edit and run the data workflows, and build / publish workflows that may contain report blocks with visualisations you should set the following permissions set to YES (and the rest to No) :

• File management
• List directory 
• Project editor
• Project publisher
• Download file
• Access to static resource
• Design views
• Edit bookmarks
• Export view data

Data refresh can be automated by using the scheduler application.

NOTE: If you have a Project editor permission - you are automatically able to edit any "Reports" it contains.

Report only editor

If you want to create editors who are only allowed to edit the reports/visualisations, and you do not want them to have access to the Workflow app, you should set the following permissions to Yes and the rest to No:

• List directory
• Access to static resource
• Shared report editor
• Shared report data refresh (only if you want them to be able to refresh the data)
• Shared report data editor (only if you want the user to be able to edit the data using an editable table view)
• Export view data
• Download file (if you want them to be able to download the project)
• Design views (If you want them to be able to design views you would need to give them Workflow access)
• Workflow execution via APIs (if you want them to be able to execute workflow blocks using API)

NOTE: Report editors can also be configured on a per-report basis.

Report viewer

If you want to create users who are only allowed to view the reports to explore and examine the data, then you should set the following permissions to Yes and the rest to No:

• List directory
• Access to static resource
• Shared report viewer
• Shared report data refresh (only if you want them to be able to refresh the data)
• Export view data (only if you want them to be able to download the data shown inside views)

Permission presets

Starting from the build 2021.1 b21176 we have added ability to define the roles as "Presets", and then subsequently use them from the permissions dialog.

Omniscope is bundled with some pre-defined presets by default. To administer preset you need to first go to the Admin section of the server application, and then go to "Folder permissions sets".

You will then be able to add/delete/duplicate presets (including the presets bundled with the application).

A preset MUST have a name and some defined permissions. Once you have created the presets you can use them from the permission dialog. 

Navigate to the Project list page, and to a folder where you wish to apply the preset. Then click on "three dots" button in the top right hand corner and choose "Edit permissions".

You should then be able to choose the preset from the dropdown: 

The presets are also available for the "Group" and "Super groups". 

To create a custom folder permission - choose "Custom". This will allow you to define your own folder permissions. If you wish to customise a pre-existing preset, then simply select it first, and then select "Custom" again from the dropdown. Then click on "Configure" button to set the permissions.