You can find our new documentation site and support forum for posting questions here.
Workspace Access Controls
FireCloud workspace access controls (ACLs) contain three access levels: READER, WRITER, and OWNER where each access level represents an expanded set of permissions from the previous.
You can update workspace access controls from the workspace Summary tab.
If a workspace ACL grants a user READER access, the user can:
- enter the workspace and view its contents
- clone the workspace
- copy data and method configs from that workspace to one in which the user has been granted WRITER or OWNER access
The user cannot:
- make changes to the data model (add/delete entities, edit metadata)
- add/delete method configs
- edit method configs
- launch an analysis (submit a method config for execution)
- abort submissions
If a workspace ACL grants a user WRITER access, the user has all the permissions granted to a user with READER access, and in addition can:
- make changes to the data model (add/delete entities)
- create new collections (sample sets, individual sets, pair sets) from existing non-set entities (samples, participants, pairs)
- delete and edit entities
- add/modify entities
- copy entities from another workspace’s data model into the workspace, provided user has at least READER access to the source workspace
- upload data entities and their data files directly to workspace
- add/modify/delete method configs, including the ability to
- copy method configs to the workspace from the method repository (provided user has read access to the method config)
- copy method configs from another workspace provided user has at least READER access to the source workspace
- edit method configs within the workspace
If a workspace ACL grants a user OWNER access, the user has all the permissions granted to a user with WRITER access, and in addition can:
- edit the workspace’s ACL
- delete a workspace
When you create or clone a workspace, the new workspace’s ACL automatically grants you OWNER-level permissions.