← Lab Administration

User Permissions and Roles in NAN

This page explains how user permissions are managed in the NAN portal, including account setup, lab permissions, project-based access, and facility management.

Account Setup and Access Requirements

To access non-public features of the NAN portal:

• Users must log in using the Single Sign-On (SSO) service hosted on NMRhub.org, which is shared between NAN and NMRbox.
• Each user must:
  • Provide a valid ORCID iD.
  • Declare their principal investigator (PI), or self-identify as a PI.
• All user accounts and PI declarations are reviewed and verified by NMRhub staff.
• PI assignments initiated by users are validated by the designated PI or a delegate.
• Access to non-public NAN features is disabled until PI designation and validation are complete.

Lab Structure and Permissions

Data Ownership and Visibility

• Data harvested by NAN is associated with the NAN user who collected it, but is officially owned by the PI as a proxy for their institution.
• All users linked to a PI appear in the PI’s Lab Permissions Dashboard.
• Users can see:
  • All public and published datasets.
  • Any datasets for which they have been granted view permissions.

PI Permissions

PIs have full control over their lab's data and permissions, including:

• Granting or revoking read/write access for individual lab members.
• Controlling who can publish data.
• Assigning read access to external collaborators.
• Managing fine-grained permissions on a per-user or per-project basis.
• Setting default permissions for all lab members to simplify management.
• Removing users from the current lab group (they remain linked as past members).
• Managing permissions for both active and former lab members.

Lab View Permissions

An example of the Lab View permission is shown in the figure.

• Pending PI requests appear at the top and can be accepted or declined by selecting the thumbs up/down icons
• Current lab members automatically appear in the Lab-group Users
• Lab-group Defaults will create the selection across all users. This feature is nice in that any new users who are added to the lab-group automatically obtain those permissions.
• Permissions can be adjusted for:
  • UHF Viewer - ability to view UHF requests
  • UHF Submitter - ability to submit UHF requests
  • Read (Blue) - User can read/view data where they are the assigned NAN user
  • Write (Blue) - User can edit data where they are the assigned NAN user
  • Read (Orange) - User can read/view all data owned by the PI
  • Write (Orange) - User can edit all data owned by the PI
  • Additional columns show whether the PI is the primary PI (only applicable if a user has more than one PI) and when they joined the lab-group.
• Collaborative users can be added and permission granted to Read and Publish lab data
• Past users remain on the Lab Permission page for continued management.

Project-Specific Permissions

• Permissions can be assigned at the project level to:
  • Provide specific access to subsets of lab members or collaborators.
  • Prevent broader lab access when unnecessary.
• PIs can define default project-level permissions for all lab members to reduce administrative overhead.

PI Delegates

PIs can assign trusted users as Delegates who:

• May switch roles to act as the PI.
• Accept PI requests submitted by users.
• Manage lab member permissions.
• Control data access on behalf of the PI.

Facility Managers

Facility Managers are responsible for overseeing data generated at their NMR facilities. They can:

• View all datasets collected within their facility.
• Manage dataset ownership when:
  • No NAN user or PI was associated at the time of harvesting.
  • Ownership must be reassigned post-harvest.
• Link spectrometer workstation users to NAN accounts.
• Define and manage default data harvesting modes.
• Choose whether users can:
  • Modify the harvesting setting.
  • Specify a different NAN username during harvesting.
• Remove datasets that were harvested in error.