Leveraging the SDK in a gear's code gives the gear additional functionality and flexibility to access the Flywheel application.
Permissions for an SDK Gear
The SDK requires an API key input, which gives the gear permissions to access data as a user. With the SDK a gear can perform most anything a user can do with the Flywheel web interface. For example, it is possible to delete files, launch gears, set up users, create projects, etc.
When the gear is run in an adhoc way the user's API key is provided to the gear when it runs, so the gear has the same role and permissions as the user.
SDK Gears in a Gear Rule
When the gear is run in a project gear rule, a permission is configured in the rule, and the gear is executed as the 'system user' with access limited to that project. For SDK gears the user is shown in the Jobs Log, as well as the gear rule name.
Since version 16.13 it is possible to use any SDK gear in a gear rule. Prior to this version, SDK gears that were read/write could not be used in a gear rule and rules were limited to read-only SDK gears.
Gear Behavior without using the SDK
Gears that do not use the SDK are limited to getting input from the input file or container they are launched in and are limited to writing files to the specific container (or analysis container for analysis gears). Gears can modify metadata at any level of the hierarchy without using the SDK.