We have several different administrative roles (each role having a subset of permissions) within Figshare for Institutions; an overview of these can be seen below followed by a guide on how to assign them within your portal.
Apart from administrative roles, Figshare has a default role, called the user role, that allows any user to perform basic actions like creating items, collection, and projects, uploading files, and publishing items. This is the role given to any account created. We can tailor the role to remove permissions, such as creating collections, or we can add the ability to select which group items created by the user should be affiliated with.
An account can have as many roles as needed.
Institutional administrator (displayed as Administrator in the role drop down): This role is given to all "administrators" configured at the top institution level. This role is not available on Edit group. The administrator can manage quota/storage for the entire institution, can manage quota request that are assigned to him and can create groups. The administrator has access to the reporting module (statistics dashboard) but also to the private stats page (OrganizationDomain.com/stats - see here for a public version of this page) if this is kept private. Administrators can modify the institution structure by creating or editing groups, impersonating accounts, downloading user reports and, if needed, unpublish public content. Administrators do not have access to the review (curation) module.
Institutional Reporter (displayed as Reporter in the role drop down): this role has view only rights within the admin portal and can see the private stats page. The reporter has access to the statistics dashboard.
Group owner (displayed as owner in the role drop down): this role will be attributed to the person that creates the group. A group can have only one owner at a time. If an owner is removed then another must be added. The group owner can edit the group’s details, create other groups, approve quota request assigned to them by the system. Every owner can impersonate the users assigned to their group(s).
Group admin (displayed as admin in the role dropdown): this role will be attributed to a person by the group owner, when the group is created or edited. The admin has similar permissions to the group owner, except deleting groups.
Data steward: this role is available only for specific institutions on request. The Data steward is a type of group admin that cannot edit the group details, however they can manage quota request for users and projects associated to their managed groups.
Embargo administrator: this role can be applied to any user within your organisation. This role can see the items that were created with an embargo on the whole item and files that have an Administration embargo, meaning they’re visible to embargo administrators.
Institutional reviewer: this role is available only in the Configure institution page. The institutional curator can approve manage revision request from every group in the institution and can assign and deassign request from everyone. They can also edit all the metadata for the items sent in review and assigned to themselves. Institutional reviewers can add comments and send emails to submitting authors, for any of the pending/open requests visible to them.
Group reviewer (displayed as Reviewer in the role drop down): this role is available only in the Configure group page. The group reviewer can only manage requests coming within their group and subgroups below their managed groups. Group reviewers can only assign requests to themselves. They can also edit all the metadata for the items sent in review and assigned to themselves. Group reviewers can add comments and send emails to submitting authors for any of the pending/open requests visible to them.
Fellow: this role is part of the review module. It is designed to allow reviewers to perform an initial triage of new review requests before passing over to another reviewer. This role can see only requests assigned to them by actual reviewers. Upon opening a request, a user with the Fellow role can only see the files and metadata, in the same way as an actual reviewer but they cannot make any changes nor approve or decline the request. The only action they are allowed to do is post comments (internal only), and assign it to an actual reviewer; they cannot assign it to other fellows. The Fellow role does not receive any email notification when requests are assigned to them.
We currently have a constraint that the person given the fellow role cannot be a reviewer on any other group within the institution, because their permissions are mutually exclusive.
How to configure roles
If you have administrative rights for the institution (or a group), you will see an additional option called Administration in the menu in the top right. Select this option and you will see the groups that you have administrative rights over. To add a group level owner and/or admin click the cog under Actions for that group and select Configure.
You are now on the Configure group page. Scroll down and you’ll see a Define roles section.
In the example above, Alan Hammon is already set up as the group owner. You can remove him and add a different owner by clicking the x next to the user’s name. To add additional administrators for the group, select +Add more. Users can have more than one role. When you have finished, be sure to select Save configuration before leaving the page.