Grant Permissions
Optic provides a simplified UI to easily grant common permissions (read / edit / admin) to various objects in Synapse. While most permissions in Synapse are managed by Synapse Admins, users can set and manage permissions on objects that they create and control (such as Views that they fork). These objects include (but are not limited to):
Views
Workspaces
Spotlight documents
Stories
In most cases, the way you grant permissions using Optic is the same regardless of the object, so the process is covered generically here.
Note
Synapse supports highly flexible and fine-grained permissions. This section describes granting simplified permissions for common access requirements. Synapse Admins (or users who want a detailed description of Synapse permissions) should refer to the Synapse Admin Guide.
Default Permissions
Where user-created objects support permissions, the following defaults typically apply:
the user who creates the object is admin of that object; and
no other users or roles have access (the exception is Synapse Global Admins, who can see all objects by definition).
Using Optic, you can grant the following common permissions to users or roles:
read: allow the user or role to see the object and its content.
edit: in addition to read access, allow the user or role to modify the object and its content, including the ability to delete content where applicable. Edit permissions do not allow you to:
delete the object itself, or
modify permissions on the object.
admin: in addition to edit access, allow the user or role to fully manage the object, including deleting the object itself (such as a Story or a forked View) and modifying permissions on the object.
Note
For objects that are specific to the Optic UI (such as Workspaces, Stories, and Spotlight documents), you can grant admin to either users or roles. For Synapse objects (such as Views), you can only grant admin to users.
In some cases, a Synapse Admin can override the default permissions for particular objects (such as Spotlight documents). If you have questions about your Synapse environment, see your Synapse Admin.
Modify Permissions
How you access the permissions dialog for a particular object will vary. For example, Spotlight documents include a Document permissions option available from the document’s hamburger menu, while permissions for a View can be configured when the View is created (or managed later from the View’s PERMS tab in the Workspaces Tool).
Once you access the permissions dialog for a particular object, the process to add, modify, or remove permissions is similar in most cases. Note that each object’s permissions dialog may vary slightly.
Add Permissions for a User
From the permissions dialog, click + Add User:
From the drop-down list, select the user you wish to add:
Tip
The user is added with read permissions by default.
To grant edit permissions, toggle the edit switch to ON:
To grant admin permissions, toggle the admin switch to ON:
Tip
Permissions are cumulative; granting admin will also grant edit permissions if they are not already granted.
Add Permissions for a Role
From the permissions dialog, click + Add Role:
From the drop-down list, select the role you wish to add:
Tip
The role is added with read permissions by default.
To grant edit permissions, toggle the edit switch to ON:
To grant admin permissions, toggle the admin switch to ON:
Tip
Permissions are cumulative; granting admin will also grant edit permissions if they are not already granted.
Remove Permissions
To modify (downgrade or remove) existing permissions:
From the permissions dialog, select the user or role whose permissions you want to modify. Toggle the appropriate permission(s) to OFF:
To remove all permissions:
From the permissions dialog, select the user or role whose permissions you want to remove. Click the X to the right of the user or role to remove it:
Tip
To prevent accidentally creating an object without an admin, you cannot remove a user or role that has admin access to an object. You must first remove the admin permissions before removing the user or role.