Security settings for a study can be configured in addition to the typical permissions for a folder. Study/dataset-level security gives you finer-grained control over access to the individual datasets within a folder. Groups that are to be granted any dataset-level access must have at least Reader access to the folder as a whole. Note that dataset-level configurations override the equivalent folder-level configurations, making it possible for Readers of a folder as a whole to have enhanced editor permissions on selected datasets in the same folder. Similarly, you can make selected datasets unreadable to groups that otherwise have access to the folder.

Configure Study Security

Before you configure dataset-level security for a given group, you must first ensure that they have at least "Reader" permissions on the folder containing the study datasets.

  • Within the study, select (Admin) > Folder > Permissions.
  • Add the target group(s) to the Reader role (or higher).
  • Click Save and Finish. Return to the study folder if no new access is needed.
  • Select the Manage tab, then click Manage Security.
  • On the Study Security page, use the dropdown Study Security Type to select a study security "style", described below.

Study Security Types

Type 1: Basic Security with Read-Only Datasets

  • Uses the security settings of the containing folder for dataset security. Only administrators can import or delete dataset data.
  • Users with read-only or update permissions on the folder can see all datasets, but cannot edit, import, update, or delete them.
Type 2: Basic Security with Editable Datasets
  • Identical to Basic Security, except that individuals with the Editor role (UPDATE permission) can edit, update, and delete data from datasets.
  • Users with read-only access to the folder will see a view identical to "Basic Security with Read-only Datasets" above. Only users with update permission will see the edit option.
Type 3: Custom Security with Read-Only Datasets
  • Allows the configuration of dataset-level access.
  • Only administrators can import or delete dataset data.
  • Users with read access to the folder may also be granted access to read certain datasets.
  • No edit permissions can be granted and edit options are not visible.
  • Per-dataset read-only access can be granted or revoked at on the study dataset security page.
Type 4: Custom Security with Editable Datasets
  • This security type is identical to the one above, except that users with folder access may also be granted edit permissions on selected datasets.
Note: Site Admins can always bulk import and delete data, regardless of the type of security chosen for the dataset. However, their ability to edit and insert individual records within uploaded datasets depends on the dataset-level security settings for their group, as for other user groups.

Configure Dataset Security

The Study Security section lets you specify general dataset access for each group.

These options are available only for "Custom Security" types (types 3 and 4 above).

  • Select (Admin) > Manage Study > Manage Security.
  • In the Study Security section, specify permissions for each group in the project:
    • Edit All. Members of the group may view and edit all rows in all datasets. (Only available with Custom security with editable datasets is selected (type 4 above).)
    • Read All. Members of the group may view all rows in all datasets.
    • Per-Dataset. Members of the group may view and possibly edit rows in some datasets; permissions are configured per-dataset.
    • None. Members of the group may not view or edit any rows in any datasets. They will be able to view some summary data for the study.
  • Note that these options override the general Reader access granted at the folder level.

The screen shot below shows an example configuration for general dataset permissions. Guests are given no read/edit access to the datasets; Lab A Group has permissions specified per individual dataset; the Study Group can edit all datasets; etc.

Note the red exclamation mark at the end of the Z Team row -- this indicates that this group lacks folder-level read permissions to the study itself, so cannot be assigned any access to the data.

Configure Per Dataset Permissions

The Per Dataset Permissions section lets you specify access for specific datasets. This option is available only for "Custom Security" types (types 3 and 4 above) and groups set to "PER DATASET" above.

  • In the column for each group you can grant edit or read access for each individual dataset by setting the dropdown to Read, Edit, Restricted Reader, No Permissions.
  • You can block access to a dataset by setting the dropdown to None.
  • Note that these options override the general Reader access granted at the folder level.

Dataset-Level and Folder-Level Permissions

The following table lists the level of access granted for a study dataset when a user has both

  • a given role (Editor/Author/Reader, etc.) or group membership at the folder-level and
  • dataset-level permissions (None/Edit/Read) over the dataset
 Site/Project AdministratorEditorAuthorReaderSubmitterNo permissions
NoneLimited editing. Admins can always Import and Delete by default.NoneNoneNoneNoneNone
ReadNo additional permissions on top of those granted to Admins by default.ViewViewViewNoneNone
EditFull Edit permissions (Insert, New, and Edit) added on top of default permissions.View and editView and editView and editNoneNone

Import/Export Security Policy XML

You can import and export the study security policy as an XML file, regardless of which security type you select. On the Manage Security page, use the Import/Export Policy web part to do so.

Click Export to export the current study security settings as an xml file.

You can provide an alternate configuration by editing this file or providing your own. To import new settings, use Browse or Choose File to select the desired studyPolicy.xml file, then click Import.

Related Topics


Was this content helpful?

Log in or register an account to provide feedback

expand all collapse all