Roles & Permissions

Overview

Tasks Manager supports various clinical trial roles with specific permissions that align with typical imaging study workflows. Understanding how clinical trial personas map to Flywheel permissions helps you configure appropriate access controls for your study team.

This guide maps common clinical trial roles to the permissions they need to perform their responsibilities in Tasks Manager.

Clinical Trial Personas

Reader

Clinical Trial Responsibilities:

Review medical images according to protocol
Create annotations and measurements
Complete assessment forms
Submit completed readings with e-signatures

Required Flywheel Permissions:

At least read-only role access to assigned projects
Ability to create, view, modify, delete annotations

Typical Access Pattern:

Can only view and complete tasks assigned to them or their staffing pool
Cannot see other Readers' tasks or annotations (blinded)
Cannot create or assign tasks
Cannot modify protocols or project settings

Study Administrator

Clinical Trial Responsibilities:

Create and assign reading tasks to Readers or staffing pools
Manage staffing pools and reader assignments
Configure protocols and project settings
Monitor task progress and completion
Review completed tasks and annotations from all Readers (unblinded access)
Export task data and generate reports
Manage user permissions within projects

Required Flywheel Permissions:

Site:

Site Admin Role - for Staffing pool management

Group:

Read/Write Role - for Protocol creation and editing permissions

Project:

read-write access to projects
Manage Tasks permission
Manage Task Exports permission
Project settings and permissions management

Typical Access Pattern:

Can create tasks for any session/acquisition in their projects
Can assign tasks to Readers or staffing pools
Can view all tasks in their projects (including completed tasks from all Readers)
Can view all annotations and form responses from all Readers
Can create and modify protocols
Can configure project settings and manage user permissions
Can export task data reports
Cannot modify completed tasks or Readers' annotations directly

Detailed Permission Mapping by Persona

The following tables detail the specific Flywheel permissions recommended for each clinical trial persona. These tables map to the standard Flywheel permission system and include Tasks Manager-specific permissions for tasks and protocols.

Container Hierarchy (Subject/Session/Acquisition)

Permission	Reader	Study Administrator	Description
View Metadata	x	x	View all metadata on projects, subjects, sessions, and acquisitions
Create Hierarchy		x	Create new subjects, sessions, and acquisitions
Modify Metadata		x	Alter project, subject, session, acquisition metadata (labels, custom info, comments, tags, etc.)
Delete		x	Delete subjects, sessions, and acquisitions within the project
Delete Project			Delete the project and all its contents (typically reserved for Site Admins)
Copy Project			Make Smart Copy from the project (typically reserved for Site Admins)

Analyses

Permission	Reader	Study Administrator	Description
View Metadata	x	x	View analyses and all their metadata at all levels
Create via SDK		x	Create ad hoc analyses without using an Analysis Gear
Create via Job		x	Create analyses by running Analysis Gears (jobs)
Modify Metadata		x	Alter metadata on analyses (label, custom info, comments, tags, etc.)
Delete		x	Delete analyses and their output files

Files

Permission	Reader	Study Administrator	Description
View Metadata	x	x	View files and all their metadata at all levels
View File Contents in Web UI	x	x	View file contents from the Flywheel Web UI (including viewer apps)
Download File	x	x	Download files, including single file and bulk file requests
Create/Upload		x	Upload file attachments to projects, subjects, sessions, and acquisitions (deprecated)
Modify Metadata		x	Alter metadata on files (file type, modality, classification, info, etc.)
Move Files		x	Move files to another container or rename files
Delete Non-Device Data		x	Delete files that originated from running a gear
Delete Device Data		x	Delete images uploaded from scanners, CLI bulk uploads, or direct user uploads

Notes

Permission	Reader	Study Administrator	Description
View Notes	x	x	View user notes added to the project and data within it
Manage Notes	x	x	Create/modify/delete your own user notes added to the project and data within it

Project Permissions

Permission	Reader	Study Administrator	Description
View Permissions	x	x	View users and their assigned roles on the project
Manage Permissions		x	Modify assigned user roles on the project and LDAP Sync configuration

Project Settings

Permission	Reader	Study Administrator	Description
View Project Settings	x	x	View project settings (Viewer Apps, De-id Profiles, Project Locking, Smart Copy)
Manage Project Settings		x	Modify project settings (Viewer Apps, De-id Profiles, Project Locking, Smart Copy)

Data Views

Permission	Reader	Study Administrator	Description
View Data View and Results	x	x	View Data Views (including their contents) defined for the project
Manage Data Views		x	Create/modify/delete Data Views (including their contents) defined for the project

Session Templates

Permission	Reader	Study Administrator	Description
View Session Templates and Results	x	x	View project's session template configuration and compliance status for each session
Manage Session Templates		x	Modify the project's Session Template configuration

Gear Rules

Permission	Reader	Study Administrator	Description
View Gear Rules	x	x	View details of the project's gear rule configuration
Manage Gear Rules		x	Modify the project's gear rules configuration

Jobs (Gear Runs)

Permission	Reader	Study Administrator	Description
View Jobs	x	x	View all details for all jobs belonging to the project
Manage My Jobs		x	Create new jobs, cancel, rerun, and update priority of jobs you create
Manage Others' Jobs		x	Cancel, rerun, and update priority of jobs created by others

Task Manager

Permission	Reader	Study Administrator	Description
Manage Tasks		x	Create, edit, cancel and manage tasks
Manage Task Reports		x	Create, view and delete task reports

Annotations

Permission	Reader	Study Administrator	Description
Manage My Annotations	x	x	Create/view/modify/delete your own annotations created via tasks
View Others' Annotations		x	View all annotations created by any user via tasks
Edit Others' Annotations		x	Modify or delete annotations created by any user via tasks

JupyterLab

Permission	Reader	Study Administrator	Description
Read	x	x	View servers and download source code
Launch and Publish			Retain user source code in Flywheel
Create			Create new JupyterLab servers
Modify			Modify server names and settings
Delete			Delete JupyterLab servers

Data Transfer

Permission	Reader	Study Administrator	Description
Manage Imports			View, create, modify, and delete project imports and their cloud storage configuration
Manage Exports			View, create, modify, and delete project exports, snapshots, and cloud storage configuration

Audit Trail Reports

Permission	Reader	Study Administrator	Description
Manage Audit Trail Reports		x	Create new reports, cancel creation of in-progress reports, and delete existing reports
View Audit Trail Reports		x	View list of available Audit Trail reports and download their contents

Permission	Reader	Study Administrator	Description
View Tags	x	x	View tags assigned to the project and data within it
Manage Tags		x	Create/modify/delete tags assigned to the project and data within it