Once a user is added to CDD with one of the vault-level user roles, her access can be further refined at the project level. This can be done by either a vault admin or a project admin. Project roles are set on the "Manage Vault" or "Manage Projects" tab, by toggling the two types of permissions:
can add/edit project data? and can manage projects? When the unchecked, the user can not add/edit data, or manage the project.
Vault level role will determine what options are available at the project level.
- If the user is restricted to Read Export or below at the vault level, he will be restricted to read-only at the project level by default.
- For all vault-level roles above Read Export, a user may add/edit project data to the extent that is permitted by his vault role.
For example if a user has Read Add-Biology vault-level role, permission to add/edit project data will extend only to the user's own biological data, as described in the vault-level user role guide.
- For all vault-level roles above Read Export, a user can be granted permission to manage the project.
Managing a project currently means adding/removing members of a project.
Only Vault Admin users can give project access to brand new vault members.
TIP: To create a user who can export search results, and download any attached file, but can not add or edit any data, create a Read Add user at the vault level, but restrict his access to read-only at the project level.