Datasets: Assign Rights

From OSF Wiki
Jump to: navigation, search

Recall that datasets are one of the primary objects for managing access and use rights to an OSF installation.

Dataset access and permissions occur at two levels: that of the dataset owner, who sets access and permission rights; and that of the user, who must join a dataset group in order to obtain these rights. (Note that the general public need not join a dataset, since their rights are also set by the owner.) Each of these two levels are described below.

Dataset actions are accessed (if you have basic admin rights) through the broad Datasets tool Datasets icon from the main Tools listing, or from privileged positions on a few other screens.

For additional information, see the Individual OSF-Drupal Datasets Tool document.

Assign Permissions

If you are the dataset owner (that is, the individual who imported or defined the dataset initially), you have the ability to set basic CRUD (create - read - update - delete) rights to individual users, groups or roles.

We begin this process by clicking on the Manage Permissions icon Manage dataset permissions that occurs at various points throughout the application (including at the bottom of the dataset listing as described above) or under the general Tools link reserved for administrators. What next appears is a listing of roles, individuals, or groups, each of which may have differential rights and access to this dataset:

Manage dataset permissions screen

These assignments happen via CRUD rights (Create Create dataset icon, Read Read datasets icon, Update Update datasets icon, Delete Delete datasets icon ) at the dataset level as provided to other OSF Web Service installations and internal users (by IP address). The instance level CRUD rights are governed by the standard Drupal user permissions framework for the datasets available to a given Drupal installation (not shown).

Since each tool (Web service) in the system is also characterized as to which of the CRUD actions it supports, this simple assignment then provides the basis for tools access and use rights.

Because there are potentially many combinations of datasets, tools, users, roles and permissions, these possible assignments are combined into a number of standard, pre-configured profiles (such as Public, Private, Curated and Collaborative) that make it easy to rapidly set these parameters. (See further the Datasets and Access Rights document.) Of course, if more fine-grained control is needed or desirable, more profiles may be created or individual assignments to a tool-dataset-role-permission combo may be made.

These permissions capabilities are based on Drupal's existing Organic Groups (OG) contributed modules.

User View and Access (Joining)

The first screen you see after invoking the Dataset tool provides a listing of available datasets and existing access rights:

View dataset listing

A couple of aspects are worth noting from this screen:

  • Note the 'OSF Web Service #1' header. Each Web services framework available to the network (both here and remotely) is assigned a designator. The datasets listings are organized, then, by the host OSF Web Service
  • For each OSF Web Service, there may be 1 to N datasets listed
  • For datasets for which you have various enhanced permissions, the tools are then shown and these functions are accessed via the links and icons in the right column.

As an example, say, let's scroll down further to dataset #23 in this OSF Web Service and see these tools:

Dataset listing and permissions

If we scroll to the end of all of the available datasets we see the two overall registry functions for datasets, Join or Create:

Dataset options

For most read actions (Browse, Search, View Record, List Databases) simple access is sufficient to access a public dataset. However, for any actions beyond reading (such as Create, Update or Delete), you must be a registered member of a given dataset and have appropriate CRUD rights.

This is achieved by Joining. The Join option Join a dataset brings up this screen, which is a similar listing to the one noted above:

Join a dataset

A key difference is the Join link, which, if invoked, enables you to have higher-function access to that dataset (depending on the access rights earlier granted to you by the dataset owner; see above). After a simple confirmation screen, your membership is complete.

"Joining" a dataset is necessary in order to effectuate the varied read-write permissions assignable to users. Once joined, now as a member you will likely see many more tools available to you throughout other aspects of OSF-Drupal.