FAIR roles are groupings of permissions that can be assigned to users of the service. These roles can be managed via the user interface or API as described here. Two types of roles exist:
- Managed: roles created and managed by Aridhia. The list of managed roles can be found here.
- Custom: roles created and managed by the service administrator(s)
The Role Management interface can be found from the Administer dropdown.
Roles can be viewed by navigating to the Roles panel. This displays the four Managed roles (Observer, Standard, Data Steward and Administrator) as well as any custom roles, e.g. Admin Data Steward shown below.
The Roles panel displays the following information:
- The Role display name
- The Role ID as specified during creation
- The Role description
- The number of assigned permission split between the number of admin and non-admin permissions
- The number of users assigned to the role as well as the number of users who have been approved to use FAIR (there can be cases where a user has a role but has not been approved to access the service yet)
Roles can be created by selecting the 'New role' item in the 'Administer' dropdown or directly within the Roles panel above. A role creation dialog allows the following information to be specified:
- ID: the optional ID for the role.
- Name: the name of the role.
- Based on: the name of an existing role to base the new role's permissions on. These can then be adjusted accordingly.
- Description: an optional description for the role.
A default role can be set, this means that all new users will be assigned the same role by default.
To do this click the 'Default' option in the Roles panel, and choose the role you wish to make the default. This can be a managed role or a custom role.
Assigning Permissions to Roles
After creating a role, or editing an existing role, permissions assigned to the role can be toggled on or off.
Permissions are categorised into the following sets:
- Dataset permissions
- Data Access Request (DAR) permissions (for DAR-enabled customers only)
- Cohort Builder permissions
- Administrative permissions
- Collections administration permissions
- Saved search permissions
- User API access permissions
Permissions can also be discovered via the filter box situated on the top right of the panel.
When the required permissions are enabled, the 'Save' button will update the role's permissions with these taking affect immediately.