User Roles

Note

Roles are exclusive: each user holds exactly one of admin, researcher or viewer. The admin role already includes every researcher capability, so administrators do not need additional role grants to perform researcher actions.

Role

Description

admin

Grants all platform permissions including; project approval, unstaging projects, deleting any project, managing deployments (deployment mode), managing the site banner, user management, accessing the admin panel, and all researcher capabilities.

researcher

Allows a user to create and manage FLIP projects.

  • On projects they own: Researchers can edit project details, stage projects for approval on specified trusts, create cohort queries, create models, upload files required for those models, and initiate model training.

  • On projects they have been added to as a member (via a ProjectUserAccess record) but do not own: Researchers may contribute their own models — creating models, uploading files for those models, and initiating training — but they cannot edit, stage, or delete the project itself, nor modify models created by other Researchers.

viewer

Provides read-only access to assigned projects. Viewers can view project details, cohort query results, model metrics and training results, and download model results. Viewers cannot create or edit projects, run or save cohort queries, create or edit models, upload model files, or initiate training.

Permissions

The following table summarises the permissions assigned to each role:

Permission

Admin

Researcher

Viewer

Access admin panel

Yes

No

No

Approve projects

Yes

No

No

Unstage projects

Yes

No

No

Delete any project

Yes

No

No

Manage deployments (deployment mode)

Yes

No

No

Manage site banner

Yes

No

No

Manage users

Yes

No

No

Manage projects (create, edit, stage, train)

Yes

Yes

No

Note

Viewers have no explicit permissions. Their read-only access to projects is granted through project user access records (i.e., being added to a project by its owner or an admin).

Note

ProjectUserAccess membership grants different write capabilities depending on the user’s role: a Researcher member may contribute their own models on the project, while a Viewer member retains read-only access. Project-level writes (editing, staging, or deleting the project itself) remain restricted to the project owner and admins regardless of membership.

Warning

Project ownership is not revoked by a role change. A user who created a project keeps project-level write access to it (editing, staging, deleting, and submitting cohort queries) even after being demoted to Viewer — ownership, not the current role, is the authority for owned projects. Demotion still removes the user’s ability to create new projects or write to projects they do not own. To fully revoke a former owner’s access to a project they own, transfer ownership to another user or delete the project.