Skip to main content

Access Control

Prism implements fine grained access control for users having different access to the plaform.

Workspaces

Workspaces are organizational units within the platform. They have the following user roles:

RolePermissions
AdministratorAdmin, Member, Delete
MemberMember

Workspaces Permissions Explained

  • Admin: Full control over the workspace, including managing users and settings
  • Member: Basic access to workspace resources
  • Delete: Ability to delete the workspace

Computations

Computations have more complex access control with various user roles:

RolePermissions
AdministratorOwner, View, Edit, Run
ViewerView
EditorView, Edit
RunnerView, Run
Dataset ProviderView, Edit, Provide Data
Algo ProviderView, Edit, Provide Algo
Result ConsumerView, Edit, Consume Result

Computation Permissions Explained

  • Owner: Full control over the computation.
  • View: Ability to see computation details
  • Edit: Ability to modify computation settings
  • Run: Ability to execute the computation
  • Provide Data: Ability to input datasets for the computation
  • Provide Algo: Ability to provide algorithms for the computation
  • Consume Result: Ability to access and use computation results
graph TD
    U[User] --> D[Workspace]
    U --> C[Computation]

    D --> DA[Administrator]
    D --> DM[Member]

    C --> CA[Administrator]
    C --> CV[Viewer]
    C --> CE[Editor]
    C --> CR[Runner]
    C --> CDP[Dataset Provider]
    C --> CAP[Algo Provider]
    C --> CRC[Result Consumer]

    DA --> |Admin, Member, Delete| DP[Workspace Permissions]
    DM --> |Member| DP

    CA --> |Owner, View, Edit, Run| CP[Computation Permissions]
    CV --> |View| CP
    CE --> |View, Edit| CP
    CR --> |View, Run| CP
    CDP --> |View, Edit, Provide Data| CP
    CAP --> |View, Edit, Provide Algo| CP
    CRC --> |View, Edit, Consume Result| CP

Important Notes

  1. Workspace administrators automatically have admin permissions for computations within their workspace.
  2. Platform administrators have admin permissions for all workspaces on the platform.
  3. The access control system is designed to be flexible, allowing for fine-grained control over user permissions.