• Sign In
  1. Start Page
  2. Research Studies
  3. Study Administrator Guide
  4. Manage a Study

Manage Study Security (Dataset-Level Security)

_Documentation

Manage Study Security (Dataset-Level Security)

Print Print Branch
Security settings for a study are configured differently than the typical permissions for a folder. Whereas folder-level security configures access for all of the contents of a folder as a whole, study/dataset-level security gives you finer-grained control over access to the individual datasets within a folder. Groups that are to be configured for dataset-level access must have at least Reader access to the folder, that is, they must be assigned the Reader role or above for the folder as a whole. Once they have been assigned the Reader role, you can provide fine-grained access on individual datasets. Note that dataset-level configurations override the equivalent folder-level configurations, making it possible for Readers of a folder as a whole to have enhanced editor permissions on selected datasets in the same folder. Similarly, you can make selected datasets unreadable to groups that otherwise are Readers within the folder as a whole.

Configure Study/Dateset-level Security

Before you configure dataset-level security for a given group, you must first ensure that they have at least "Reader" permissions on the folder containing the study datasets. Follow these steps:

  • Navigate to the folder containing the study and choose Admin > Folder > Permissions.
  • On the Permissions page, grant "Reader" access or higher to the target group. Click Save and Finish. Return to the study folder if no new access is needed.
  • Select the Manage tab, then click Manage Security.
  • On the Study Security page, use the dropdown Study Security Type to select a study security "style", described below.

Study Security Types

Type 1: Basic Security with Read-Only Datasets

  • Uses the security settings of the containing folder for dataset security. Only administrators can import or delete dataset data.
  • Users with read-only or update permissions on the folder can see all datasets, but cannot edit, import, update, or delete them.
Type 2: Basic Security with Editable Datasets
  • Identical to Basic Read-Only Security, except that individuals with UPDATE permission can edit, update, and delete data from datasets.
  • Users with read-only access to the folder will see a view identical to "Basic Security with Read-only Datasets" above. Only users with update permission will see the edit option.
Type 3: Custom Security with Read-Only Datasets
  • Allows the configuration of security on individual datasets.
  • Only administrators can import or delete dataset data.
  • Users with read access to the folder may also be granted access to read certain datasets.
  • No edit permissions can be granted and edit options are not visible.
  • Per-dataset read-only access can be granted or revoked at on the study dataset security page (see below for further info).
Type 4: Custom Security with Editable Datasets
  • This security type is identical to the one above, except that users with folder access may also be granted "edit" permissions on selected datasets.
For a matrix of folder-level permissions crossed with dataset-level permissions, see Matrix of Permissions.

Note: Site Admins can always bulk import and delete data, regardless of the type of security chosen for the dataset. However, their abilities to edit and insert individual records depend on the dataset-level security settings for their group, just the same as for other user groups.

Configure General Dataset Permissions

The Study Security section lets you specify general dataset access for each group.

These options are available only for "Custom Security" types (types 3 and 4 above).

  • In the Study Security section, specify "Read" and possibly "Edit" permissions for each group in the project:
    • Edit All. Members of the group may view and edit all rows in all datasets. (Only available with Custom security with editable datasets is selected (type 4 above).)
    • Read All. Members of the group may view all rows in all datasets.
    • Per-Dataset. Members of the group may view and possibly edit rows in some datasets; permissions are configured per-dataset.
    • None. Members of the group may not view or edit any rows in any datasets. They will be able to view some summary data for the study.
  • Note that these options override the general Reader access granted at the folder level.

The screen shot below shows an example configuration for general dataset permissions. Guests are given no read/edit access to the datasets; Lab A Group has permissions specified per individual dataset; the Study Group can edit all datasets; etc.

Note the red exclamation mark at the end of the All site users row -- this indicates that they lack folder-level read permissions to the study.

Configure Per Dataset Permissions

The Per Dataset Permissions section lets you specify access for specific datasets.

  • For a given group you can grant edit or read access for each individual dataset by setting the dropdown to Read or Edit.
  • You can block access to a dataset by setting the dropdown to None.
  • Note that these options override the general Reader access granted at the folder level.

This option is available only for "Custom Security" types (types 3 and 4 above) and groups set to "PER DATASET" above.

The following image shows example per-dataset permission settings.

Configure Report Permissions

Please see Configure Permissions for Reports & Views.

Search

 

Pages

 

previousnext
 
expand allcollapse all