Roles

While the permissions assigned to each user can be customized on a user-by-user basis, it’s convenient to use roles for expressing the collection of permissions for different user types (e.g. viewers, editors, administrators). Roles are a convenient shorthand for defining and assigning permissions to users.

System Roles

There are a number of roles that are predefined in the system. These roles cannot be modified and are always available. The predefined roles are as follows:

• Administrator: has all possible permissions
• Editor: has all permissions except for the ability to manage team-level settings, plus the ability to preview activities
• Viewer: has permissions to view and download files and metadata but cannot edit or delete any data
• Anonymized Viewer: has all the permissions of the Viewer except they cannot view PHI, download items, or preview activities

Custom Roles

[BioPharma]

To complement the builtin System Roles, you may need to create additional roles. A major benefit of custom Roles comes from inheritance; changes made to a role are inherited by all users that are associated with the role. In this sense, custom roles allow administrators to control the permissions of several users at once.

Editing Custom Roles

Editing roles is a convenient way to modify the permission of all users that are associated with a particular role. For this reason, use caution when editing roles.

Deleting Custom Roles

When a role is deleted, all the users associated with the role retain the permissions they had before the role was deleted. All users that were associated with the deleted role became users with custom permissions.