Lab Permissions: Difference between revisions
From Network for Advanced NMR
Jump to navigationJump to search
Mmaciejewski (talk | contribs) No edit summary |
Mmaciejewski (talk | contribs) |
||
| Line 27: | Line 27: | ||
** Any datasets for which they have been granted view permissions. | ** Any datasets for which they have been granted view permissions. | ||
[[File:Lab-permissions.png|thumb|Lab Permissions Matrix]] | |||
=== PI Permissions === | === PI Permissions === | ||
| Line 38: | Line 39: | ||
* Removing users from the current lab group (they remain linked as past members). | * Removing users from the current lab group (they remain linked as past members). | ||
* Managing permissions for both active and former lab members. | * Managing permissions for both active and former lab members. | ||
==== Lab View Permission ==== | |||
=== Project-Specific Permissions === | === Project-Specific Permissions === | ||
Revision as of 20:05, 28 May 2025
User Permissions and Roles in NAN
This page explains how user permissions are managed in the NAN portal, including account setup, lab permissions, project-based access, and facility management.
Account Setup and Access Requirements
To access non-public features of the NAN portal:
- Users must log in using the Single Sign-On (SSO) service hosted on NMRhub.org, which is shared between NAN and NMRbox.
- Each user must:
- Provide a valid ORCID iD.
- Declare their principal investigator (PI), or self-identify as a PI.
- All user accounts and PI declarations are reviewed and verified by NMRhub staff.
- PI assignments initiated by users are validated by the designated PI or a delegate.
- Access to non-public NAN features is disabled until PI designation and validation are complete.
Lab Structure and Permissions
Data Ownership and Visibility
- Data harvested by NAN is associated with the NAN user who collected it, but is officially owned by the PI as a proxy for their institution.
- All users linked to a PI appear in the PI’s Lab Permissions Dashboard.
- Users can see:
- All public and published datasets.
- Any datasets for which they have been granted view permissions.
PI Permissions
PIs have full control over their lab's data and permissions, including:
- Granting or revoking read/write access for individual lab members.
- Controlling who can publish data.
- Assigning read access to external collaborators.
- Managing fine-grained permissions on a per-user or per-project basis.
- Setting default permissions for all lab members to simplify management.
- Removing users from the current lab group (they remain linked as past members).
- Managing permissions for both active and former lab members.
Lab View Permission
Project-Specific Permissions
- Permissions can be assigned at the project level to:
- Provide specific access to subsets of lab members or collaborators.
- Prevent broader lab access when unnecessary.
- PIs can define default project-level permissions for all lab members to reduce administrative overhead.
PI Delegates
PIs can assign trusted users as Delegates who:
- May switch roles to act as the PI.
- Accept PI requests submitted by users.
- Manage lab member permissions.
- Control data access on behalf of the PI.
Facility Managers
Facility Managers are responsible for overseeing data generated at their NMR facilities. They can:
- View all datasets collected within their facility.
- Manage dataset ownership when:
- No NAN user or PI was associated at the time of harvesting.
- Ownership must be reassigned post-harvest.
- Link spectrometer workstation users to NAN accounts.
- Define and manage default data harvesting modes.
- Choose whether users can:
- Modify the harvesting setting.
- Specify a different NAN username during harvesting.
- Remove datasets that were harvested in error.
