Roles and permissions apply to three levels within your Flywheel hierarchy: Site, Group, and Project. This helps you make sure users only have access to the data they need. This article explains the permissions for each role in Flywheel.
Site Roles
You assign the site role when you create a user in Flywheel. To edit site roles:
- Go to Users > choose a user.
- Select the Information tab.
- Next to Role, select a new role from the dropdown.
User
The User role does not carry any special permissions. Admins must assign Users permissions to specific Groups and Projects to be able to see data.
Developer
The Developer role is identical to the User role with the exception that Developers have site-wide permission to upload gears. Admins must assign Developers permissions to Groups and Projects to be able to see data. Developers can only be designated as such by a Site Admin.
Changing a user from a User role to Developer does not affect that user's explicitly granted permissions. Changing a user from Site Admin to Developer revokes that user's Admin permissions.
Site Admin
The Site Admin has the highest site-level permissions. Site Admins can create new users, Groups and can modify user roles and permissions site-wide.
Compare Roles
| User | Developer | Site Admin | |
| Create Users | ✔ | ||
| Create Groups | ✔ | ||
| Create Projects | Can be granted at project level | Can be granted at project level | ✔ |
| Upload Gears | ✔ | ✔ | |
| Manage Devices | ✔ | ||
| Jobs Log | ✔ | ||
| Access Log | ✔ | ||
| Group Admin Panel | Can be granted at group level | Can be granted at group level | ✔ |
| Gear Rule Templates | ✔ | ||
| Usage Report | ✔ | ||
| CLI | ✔ | ✔ | ✔ |
Group Roles
These permissions apply to Flywheel Groups. By default, users get the same level of access for the projects associated with the group. To give a user permission to a Group:
- Go to Users > choose a user.
- Select the Permissions tab, and click Add.
- From the dropdown menu, select a Group and a role for the user.
Admin
Admins for the group can:
- Add/Edit/Delete Group Tags
- Manage Group Permissions
- Create New Project
- Delete Project
Read-Write
- Create New Project
- Delete Project
Read
- View Projects
None
Select this role if you only want to give users access to specific projects instead of all of the Projects associated with the group. For example, if you are working with an outside collaborator on a single Project, you can give them access to just the Project they are working on.
Project Roles
Project roles are important ways to control who can edit data within your project. Group roles do not automatically apply to Project Roles. You can give a user access to only a Project and not the Group.
To give users permissions to a project:
- Go to Users > choose a user.
- Select the Permissions tab, and click Add.
- From the dropdown menu, select a Group and a role for the user.
- Next to the project, select a role from the dropdown menu.
Admin
- Modify project settings, like description, Project Gear Rules, Session Templates
- Add/Remove Project Users
- Modify Project Users
Read/Write
- Add, edit and delete Subjects, Sessions and Acquisitions
- Add, edit and delete data (files, metadata & analyses)
- Run Gears
Read Only
- Download and view data
Compare Roles
| Read-Only | Read-Write | Admin | |
|
View Data |
✔ | ✔ | ✔ |
| Add/Edit/Delete Non-Instrument Data | ✔ | ✔ | |
| Delete Instrument Data | ✔ | ||
| View Subject | ✔ | ✔ | ✔ |
|
Add/Edit/Delete Subject |
✔ | ✔ | |
|
View Session |
✔ | ✔ | ✔ |
|
Add/Edit/Delete Session |
✔ | ✔ | |
| View Acquisition | ✔ | ✔ | ✔ |
| Add/Edit/Delete Acquisition | ✔ | ✔ | |
| View Analysis | ✔ | ✔ | ✔ |
| Add/Edit/Delete Analysis | ✔ | ✔ | |
| Manage Session Templates | ✔ | ||
| Manage Gear Rules | ✔ | ||
| Manage Project Permissions | ✔ | ||
| Add/Edit/Delete Tags | ✔ | ✔ | |
| Run Gears | ✔ | ✔ | |
| Cancel Gear Jobs | ✔ | ✔ | |
| Add Acquisitions to a collection | ✔ | ✔ | ✔ |
| Move Subject/Session to different project Also requires same user to have Read-Write or Admin role on the destination Project. |
✔ | ✔ |