Skip to content

Permissions

The Gencove permissions system is a role-based access control (RBAC) system. This means that users are assigned roles (e.g., "Owner", "Manager", etc.) and each role is assigned a set of permissions.

Organization-level role permissions

Member Uploader Viewer Analyst Explorer Manager Owner
Update user profile
Upload data
View all projects
Run sample analysis
Access Explorer
Create and edit projects
Invite and manage users
Access billing portal

Project-level role permissions

In addition to assigning roles to users at the organization level, a subset of the roles listed above may also be assigned to users at the project level as needed. This enables providing users with basic access to the organization via Member or Uploader roles and escalating privileges for a subset of projects as needed.

To assign a project-level role to a user, the user must have already joined the organization via the standard invitation process.

It is important to note that organization- and project-level permissions are additive, i.e., the resulting project-level permissions are a union of the user's organization-level permissions and their project-level permissions. One consequence of this is that organization-level permissions cannot be "downgraded" at the project level. For example, if a user has the Owner role at the organization level, their project-level permissions for project A will not be reduced by setting their project-level role to Manager for project A.

Escalating a user's role to Owner at the project level will enable that user to list all users in the organization when adding users to the project.