FAIR Permissions

Below is a list of all permissions available within FAIR and those assigned to managed roles. This permission list can be used to create custom roles where necessary.

The permission are divided into eight categories

Datasets

  • Users can create new datasets
  • Users can list and open datasets
  • Users can modify datasets - subject to data owners permission
  • Users can delete datasets - subject to data owners permission
  • Users can upload csv data - subject to data owners permission
  • Users can download dataset metadata
  • Users can directly share datasets with other users - subject to data owners permission
  • Users can assign dataset level permissions to other users - subject to data owners permission
  • Users view audit events for a specific dataset - subject to data owners permission
  • Users can add resources to datasets - subject to data owners permission
  • Users can list dataset resources
  • Users can download dataset resources
  • Users can delete dataset resources
  • Users can add data files to datasets - subject to data owners permission - also requires user ability to list and download dataset data files.
  • Users can list and download dataset data files - subject to data owners permission
  • Users can delete dataset data files - subject to data owners permission
  • Users can assign data to a dictionary - subject to data owners permission
  • Users can create their own catalogue definitions for use in datasets - API only
  • Users can view all catalogue definitions
  • Users can modify which catalogue fields will be used when creating datasets - API only
  • Users can delete catalogue definitions - API only

Data access request permissions

  • Users can request access to datasets
  • Users can list and view data access requests that they have created
  • Users can delete requests - subject to creators permission
  • Data owners can review then approve or deny data access requests
  • Users view audit events for a specific request
  • Users can assign a dataset workflow that will be used when requesting access
  • Users can modify which workflow fields will be used when requesting access - API only
  • Requesters and approvers can see a list of transfers for a data access request - API only
  • Requesters can transfer data to a workspace on approval

Cohort builder permissions

  • Users can save a new cohort
  • Users can list saved cohorts
  • Users can modify cohorts - subject to creators permission
  • Users can delete cohorts - subject to creators permission
  • Users can directly share cohorts with other users - subject to creators permission
  • Users can assign cohort level permissions to other users - subject to creators permission
  • Users can view audit events for a specific cohort - subject to creators permission

User group permissions

  • Users can create FAIR user groups - API only
  • Users can view FAIR user groups - API only
  • Users can update FAIR user groups - API only
  • Users can destroy FAIR user groups - API only
  • Users can view audit events for FAIR user groups - API only
  • Users can assign or remove users from FAIR user groups - API only

Administrative permissions

  • Users can modify theme names and set which themes are available to users
  • Users can override links and text in FAIR vocabulary
  • Users can create new roles
  • Users can view roles and their permissions
  • Users can modify non-system roles
  • Users can destroy roles - API only
  • Users can assign a role to another user
  • Users view audit events for a specific role
  • Users can view all audit events
  • Users can list FAIR users
  • Users can approve or unapprove FAIR users
  • Users can update FAIR users, such as searchable
  • Users can view system configuration details, e.g. the default system role
  • Users can update system configuration details
  • Users can view API access tokens
  • Users can disable API access tokens
  • Users can delete API access tokens
  • Users can create custom search configurations
  • Users can view custom search configurations
  • Users can update custom search configurations
  • Users can delete custom search configurations
  • Users can view global datasource types and available features - API Only

Collections administration permissions

  • Users can save a new collection
  • Users can modify all collections
  • Users can delete all collections
  • Users can view audit events for all collections
  • Users can directly share all collections with other users
  • Users can assign collections level permissions to other users for all collections
  • Users can add and remove datasets in all collections

Search permissions

  • Users can perform searches
  • Users can save a new search
  • Users can list saved searches
  • Users can modify searches - subject to creators permission
  • Users can delete searches - subject to creators permission
  • Users can directly share searches with other users - subject to creators permission
  • Users can assign search level permissions to other users - subject to creators permission
  • Users view audit events for a specific saved search - subject to creators permission

User API access

  • Users can create API access tokens
  • Users can view their own API access tokens
  • Users can disable their own API access tokens
  • Users can delete their own API access tokens
Updated on May 24, 2024

Was this article helpful?