OHDSI Home | Forums | Wiki | Github

Atlas security - editing other users' work

(Scott Fischbein) #1

Hi all,
We have a local implementation of Atlas running with basic security (will be integrating with some more secure auth/n/z down the line) and with a small set of users/roles defined.

We’re curious to know if there is any way to lock down editing access to concepts/cohorts sets created by other users. Ideally, it would be possible to use/view someone else’s work (and copy it if alteration is necessary), but not to alter it, whether intentionally or by mistake.

As far as I can tell, while it’s possible to grant/revoke the ability to create/edit cohorts/concepts for a given user once someone has the permission to do so, they can alter any other users work.

I assume this “feature” has been discussed before (though I couldn’t find any answer to the question after a few minutes of searching) so I’m wondering if I’ve missed some setting that would allow that level of security, or if there was a decision made to allow anyone to edit anyone else’s work, and if so, what the rationale for that decision was (or maybe preventing this just isn’t a feature that’s been implemented yet).

Thanks for any clarification/insight you can provide on this topic.

Scott Fischbein
Application Developer
UC Davis School of Veterinary Medicine

(Konstantin Yaroshovets) #2

Hi Scott,

This functionality exists out of box in ATLAS. Your users should be granted with “public”, “Atlas users” roles including “Source user” that provides access to data.
These roles will not allow to edit or delete records created by other people in application.

I hope it will help.


(Scott Fischbein) #3

Thanks Konstantin,
That is very helpful! I had the user to “Concept/Cohort Creator” which allows for editing of other users’ concepts/cohorts - I thought those roles were necessary for being able to create concepts/cohorts but I now see that the Atlas User role gives the permission to create concepts/cohorts without being able to edit others. Thanks so much for this clarification.