Security Roles
A role is a named
set of permissions that defines what a user (or group of users) can do.
Site Administrator: The site administrator role is the most powerful role in LabKey Server. Site admins can see and do everything that LabKey Server is designed to do in any project or folder on the server. They control the user accounts, configure security settings for any resource, assign roles to users and groups, create and delete folders, etc. See
Site Administrator.
Users and groups can be assigned the following
roles at the project or folder level:
Project and Folder Admin: Project and folder admins are like site admins, except their powers are granted only within a given project or folder. Within that scope, like site admins, project/folder admins can configure security settings, assign users to project groups, add new users to the server by adding them to a project group, create and delete subfolders, add web parts, and manage other project and study resources.
Editor: The editor role lets the user add new information and in most cases modify existing information. For example, an editor can add and modify wiki pages, post new messages to a message board and edit existing messages, post new issues to an issue tracker and update existing issues, create and manage sample sets, view and manage MS2 runs, and so on.
Author: The author role lets you create new data and in some cases edit or delete your own data, but an author may only read and not modify the work of others. For example, a user assigned the author role can edit or delete their own message board posts, but not anyone else's posts. With assay or study data, an author has an expanded role and can modify & delete the data they have added themselves.
Reader: The reader role lets you read text and data, but generally you can't modify it.
Message Board Contributor: This role lets you participate in message board converstations and
Object-Level Discussions. You cannot start new discussions, but can post comments on existing discussions. You can also edit or delete your own comments on message boards.
Submitter: The submitter role lets you insert new records, but not view or change other records.
Assay Designer: Assay designers may perform several actions related to designing assays.
Specimen Coordinator: Specimen Coordinators may perform a number of management tasks related to specimens. A Specimen Coordinator must also be given Reader permission. This role is available only in a project or folder containing a study or with a study in a descendant folder.
Specimen Requester: Specimen Requesters may request specimen vials. This role is available only in a project or folder containing a study or with a study in a descendant folder.
Developer: Developers can create executable code on the server, for example, adding <script> tags to wiki pages. The developer role is granted by adding a user to the site-level group "Developers". For details see
Global Groups.
Site Level Permissions
In addition to the above, there are specific permissions that may be assigned at the site level to grant specific subsets of admin permission to individual users or groups.
To assign these roles, select
Admin > Site > Site Permissions.
Troubleshooter: Troubleshooter may view administration settings but may not change them. Troubleshooters see an abbreviated admin menu that allows them to access the Admin Console. Most of the diagnostic links on the Admin Console are available to Troubleshooters.
See Email Addresses: Allows selected non-administrators to see email addresses.
See Audit Log Events: Only admins and selected non-administrators granted this permission may view audit log events and queries.
Email Non-Users: Allows sending email to addresses that are not associated with a LabKey Server user account.
