SolveBio uses role-based access controls (RBAC) to control access to data (see Roles & Permissions in SolveBio). For fine-grained access, specific permission levels can be granted to users or groups within your account.
There are three types of permission levels available for users and groups collaborating on datasets within a Vault:
- Read: View, query, and filter all datasets within a dataset.
- Write: View, edit, and import datasets.
- Admin: Full control over a dataset, ability to grant access rights to users and groups.
Users with admin account roles (or above) always have admin permissions for all datasets within their account except for each individual user's personal Vault. For all other users, permissions needs to be granted explicitly for each Vault, as well as through group memberships.
By default, all members of your account have access only to public datasets and Vaults where the Everyone group has access.
When creating a new private Vault, the creator will be granted admin permissions on that Vault. The creator has to explicitly grant access to a user or group to the new Vault.
Example
Bob is a member of the Acme account. Bob creates a new Vault for his research group, but does not want to expose the data to any other members of his account (outside of his group). Bob will add his research group to the Vault with write permissions. With these settings, everyone in his group will be able to query and edit all the datasets within the Vault.
Permission Level Details
The following table shows the actions available for each permission level:
Admin | Write | Read | |
View all files, folders, and datasets within a Vault | ✓ | ✓ | ✓ |
Edit Vault, file, folder, and dataset settings | ✓ | ✓ | |
Delete a file, folder, and dataset | ✓ | ✓ | |
Grant or revoke access to users and groups | ✓ | ||
Query datasets in a Vault | ✓ | ✓ | ✓ |
Beacon datasets in a Vault | ✓ | ✓ | ✓ |
Edit and create files, folders, and datasets in a Vault | ✓ | ✓ | |
Import data into a dataset | ✓ | ✓ |
0 Comments