Workspace User Management
A workspace is a private, access-controlled environment where registered users can upload data. The data in the workspace is only visible to those granted access to it, and the data will remain in the workspace after it is made public in an ImmPort Study. A workspace can contain multiple studies, and multiple users may access a workspace.
Starting July 2024, each registered user in a workspace will be assigned a role. Each role has different access permissions to studies in a workspace. The three possible roles for a user in a workspace are:
- Administrator
- Submitter
- Viewer
These workspace roles are for ImmPort internal use only and are designed to provide fine-grained access control within the private workspaces. They do not have significance outside the ImmPort systems.
Administrator
Definition: Primary point of contact of the ImmPort workspace with administrative access privileges
- Administrators have read and write access to all studies and uploads in a workspace and grant access permissions to other users in a workspace
- Administrators can be PIs, lab managers, and/or active data submitters with active ImmPort registered accounts
- Each workspace is required to have at least one administrator, but multiple administrators (up to three) are allowed in a workspace
A user becomes an Administrator by:
- Specifying themselves as an "Administrator" upon creating a workspace
- Being granted an "Administrator" role by another workspace "Administrator"
An Administrator can:
- Access all studies in the workspace
- Register new studies
- Add/remove users to the workspace
- This requires users' email addresses. The Administrator can search by exact match for existing users, invite new users to register
- Grant submitter/viewer workspace roles to the users at the workspace level
- Grant read/write access to workspace users for individual studies in the workspace
- Grant submitters with the following access permissions
- See other user info
- Access file uploads
- Remove other administrators/users
An Administrator's Workspace dashboard has:
- Access to all studies and all users in the workspace
- Access all workspace studies in the search user interface and study detail interfaces
Submitter
Definition: Data submitter responsible for data management
- Submitters have read and write access to studies that they have registered themselves and studies to which the Administrator grants them read/write access
- Submitters should be active data submitters
- There are no requirements on the number of Submitters per workspace
A user becomes a Submitter by:
- Being granted a "Submitter" role by a workspace Administrator
- Requesting a new workspace and specifying the Administrator user info upon the request
A Submitter can:
- Register a new study. This provides default read/write access to the registered study
- Edit (granted read/write access) to other studies in the workspace that have been registered by other users if granted access to the study by an Administrator
A Submitter's Workspace dashboard access:
- Cannot view all other studies in the workspace by default. The administrator can grant read/write access at the study level
- Cannot view other associated users by default. The administrator can grant permissions to see other associated users
- Within the Search UI, can search only the studies with access
- Within the Study Detail UI, can view only the studies with access
Viewer
Definition: Viewers have read-only access to studies in a workspace specified by the administrator
- Viewers have read access to studies in a workspace they are granted access to by an Administrator
- Viewers should be responsible for reviewing a study but not actively editing it
- There are no requirements on the number of Viewers per workspace
A user becomes a Viewer by:
- Being granted a "Viewer" role by a workspace Administrator
A viewer can:
- Access study metadata and download files
Workspace Dashboard Access:
- Cannot view all other studies in the workspace by default. The Administrator can grant read/write access at the study level
- Cannot view other associated users by default. The administrator can grant permissions to see other associated users
- Within the Search UI, can search only the studies with access
- Within the Study Detail UI, can view only the studies with access
New Workspace Requests
Users requesting the workspace can choose from the two options.
- Administrator
- Add other administrators and users
- Grant submitter and viewer roles at the workspace level
- Can register studies once the workspace request is approved
- Submitter
- Provide at least one Administrator email address - required
- Cannot add other users
- Can register studies once the workspace request is approved
Workspace Administrators Identification
The immPort team has adopted the following mechanism to identify the initial set of workspace administrators.
- Identify active data submitters in private workspaces
- ImmPort internal data submitters are excluded
- The three most recent data submitters are assigned the Administrator role, and any remaining users are assigned the Submitter role for all the studies in the workspace
- This ensures that there is no disruption to their current access within the workspace
- During the software release in July 2024, an email will be sent to the identified administrators for acknowledgment.
- The email includes a link to the new workspace user management dashboard where the identified administrator
- Can review/change the roles and access assigned to the users within the workspace by default.
- Example: The administrator role can be assigned to a more suitable user within the workspace.
- Example: A user's default access to all studies can be restricted to a specific set of studies.
- Example: Grant users permission to see other workspace user information, such as first name, last name, email address, and organization.
- Can review/change the roles and access assigned to the users within the workspace by default.
- The email includes a link to the new workspace user management dashboard where the identified administrator