Note
This documentation is for the new OMERO 5.2 version. See the latest OMERO 5.1.x version or the previous versions page to find documentation for the OMERO version you are using if you have not upgraded yet.
A user may belong to one or more groups, and the data in a group may now at most be shared with users in the same group on the same OMERO server. The degree to which their data is available to other members of the group depends on the permissions settings for that group. Whenever a user logs on to an OMERO server, they are connected under one of their groups. All data they import and any work that is done is assigned to the current group, however the user can now easily copy their data into another group.
Groups and users must be created by the server administrator. Users can then be added by the administrator or by one of the group owners assigned by the administrator. This would typically be the PI of the lab. The group’s owners or server administrator can also choose the permission level for that group. See the Help guide for managing groups for more information about how to administrate them in OMERO.
The various permission levels are:
This group is the most restrictive:
Potential use cases of Private group:
This group is the intermediate option that allows visibility of other users and their data, but minimal ability to annotate their data:
Potential use cases of Read-only group:
This is a more collaborative group:
Potential use cases of Read-annotate group:
This group essentially allows all the group members to behave as if they co-own all the data:
Potential use cases of Read-write group:
See also
It is possible for the Group owner or server Administrator to change the permissions level on a group after it has been created and filled with data, with the following limitations:
Warning
Please be very careful before downgrading a group’s permission level. If a user has annotated other users’ data and the group is downgraded, any links to annotations that are not permitted by the new permissions level will be lost.
What can you do with your data?
All OMERO users in all groups can perform all actions on their own data.
The main actions available include, but are not limited to:
What can you do with someone else’s data in your group?
Actions available for you on someone else in your group’s data will depend both on the permissions of the group you are working in, and what sort of user you are. See the table below for a quick reference guide to permissions available on other people’s data.
Some of these policies may evolve as the permissions functionality matures in response to user feedback. Please let us know any comments or suggestions you have via our mailing lists or through the forums.
The following are the permissions valid for users working on data belonging to other group members. These permissions depend on the group permissions and on the type of the user performing the action.
Action | Private | Read-only | Read-annotate | Read-write |
View | Y | Y | Y | Y |
Annotate | N | Y | Y | Y |
Delete | Y | Y | Y | Y |
Edit | Y | Y | Y | Y |
Move between groups | Y | Y | Y | Y |
Remove annotations | Y | Y | Y | Y |
Mix data | N | Y | Y | Y |
Action | Private | Read-only | Read-annotate | Read-write |
View | Y | Y | Y | Y |
Annotate | N | Y | Y | Y |
Delete | Y | Y | Y | Y |
Edit | Y | Y | Y | Y |
Move between groups | N | N | N | N |
Remove annotations | Y | Y | Y | Y |
Mix data | N | Y | Y | Y |
Action | Private | Read-only | Read-annotate | Read-write |
View | N | Y | Y | Y |
Annotate | N | N | Y | Y |
Delete | N | N | N | Y |
Edit | N | N | N | Y |
Move between groups | N | N | N | N |
Remove annotations | N | N | N | Y |
Mix data | N | N | N | Y |
Copy, Move or Remove other users’ data to or from your Projects, Datasets or Screens. Copy, Move or Remove your or others’ data to or from others’ Projects, Datasets or Screens.
Note
You should always be able to remove annotations (such as tags) that you linked to other users’ data (you own the link). The link can be deleted, but the tag itself will not be deleted.
Only the admin has the right to move other users’ data between groups.
Note
The admin does not have to be member of the destination group.