-
Notifications
You must be signed in to change notification settings - Fork 4
Roles
The purpose of this page is to explain the different Roles that are available in Anchor be default as well as how to create new roles.
The currents roles are:
- Patient
- Clinician
- Analyst
- Researcher
- Admin
- Root
The Patient role is just a general user. This platform was based on for the use of medical or HIPPA backend applications. So the basic user was named Patient. This role is assigned to everyone and can not be removed. This role can use the API routes with the scope of null and will be blocked if the scope is set to any value. Patient routes are designed to be called by anyone in the system, independent of there user role. Patients can view data their own data.
The Clinician Role is a user who can see all data of a subset of users. Patients can invite a Clinicians to view their data. Root, Admin, and Researchers and also add Clinicians to Users. This role is assigned to a user by a Researcher, Admin, or Root User. The role is also dominated by yourself or a Researcher, Admin, or Root User. If a clinician is demoted the clinician's user information is dropped and can not be restored. The Clinician user can use any routes with the scope of 'clinician'.
The Clinician Role is a user who can see all data of all users, but certain columns are hidden. Columns that are hidden include username, email, and name to help hide the user's identity. Users have StudyID field where the analyst can differentiate users from one another. If a user has no StudyID, the analyst will still be able to view the data, but unable to determine which user it is. This role is assigned to a user by a Researcher, Admin, or Root User. The role is also dominated by yourself or a Researcher, Admin, or Root User. The Analyst user can use any routes with the scope of 'analyst'.
The Researcher Role is a user who can see all data of all users. This role is read-only over all the data. This role is assigned to a user by an Admin or the Root User. The role is also dominated by an Admin, or Root User. The Researcher user can use any routes with the scope of 'researcher'.
The Admin Role is a user who can see, update and delete all data of all users, as well as view and edit the system settings such as backups or environment variables. This role is assigned to a user by the Root User. The role is also dominated the Root User. The Admin user can use any routes with the scope of 'admin'.
The Root Role is a user who can see, update and delete all data of all users, as well as view and edit the system settings such as backups or environment variables. This role is assigned to the user who completed the setup instructions. This user cannot be removed or edited. Only one root user is allowed and cannot be promoted or demoted. The purpose of this account should be to create Admin Users. Admin user will have the same permission, but each person can have their owned admin account rather than sharing the root user. The Root user can use any routes with the scope of 'root'.
- Where Roles Are Stored
- API Routes
- How to Add New Role
- Roles UI