Library Model and Entity Security

How to apply additional layers of security to models and entities within your library

HubSpot Video

Model Level Security

All organization owners and administrators have full access to all models, samples and datasets. If a model is protected and a member is not given any access to that model, they will not see the model at all in their library.  Model Security settings can be accessed by selecting the gear icon to edit the model and the lock icon located on the upper right hand corner of the model edit configuration.

Screen Shot 2021-08-16 at 1.34.31 PM

If a model is protected and a member is given "read" access to the model only, they will only be able to see the name of the entities and the dictionary properties in the model as seen below. 

Screen Shot 2021-08-16 at 12.55.21 PM

Organization owners and administrators grant members the following Model permissions; 

  • Read: Can see the model exists but cannot see the properties associated with each entities 
  • Update: Can update the model, this includes adding/ removing dictionary terms and granting themselves additional permissions 
  • Delete: Can delete the model completely 
  • Create Entities: Can create new entities under the model 
  • Read Entities: Can see all of the properties associated with ALL entities in the model 
  • Update Entities: Can update the properties of all entities in the model 
  • Delete Entities: Can delete any/ all of the entities in the model 

Entity Level Security 

Additional layers of security can be applied on an entity level basis. Each cell line ( CELL-006, CELL-022, CELL-009 etc) in the model Cell Line are entities. Members can be granted permission to read, update, and delete specific entities. Entity security settings can be accessed by using the check box to select the specific entity and select edit. Within the edit page select the lock icon located in the upper right hand corner. 

Screen Shot 2021-08-16 at 1.39.31 PM

If a model is protected and a user is given "read" access to a specific entity, they will be able to see all of the properties associated with the entity as seen below. 

Screen Shot 2021-08-16 at 1.41.46 PM

Organization owners and administrators can grant members the following Entity specific permissions; 

  • Read: Can see all of the properties associated with the entity 
  • Update: Can access the entity edit page, change the properties associated with the entity and grant themselves additional permission 
  • Delete: Can delete the entity 

Authorization policies  

 

Screen Shot 2021-08-16 at 2.28.47 PM

Security Parameters 

  1. When a Model is protected, all entities of that model are automatically protected.

  2. When an entity is protected, all samples pointing to that entity are automatically protected.

  3. When a sample entity is protected, all file entities pointing to that sample entity are automatically protected

  4. In model and entity security screen, only organization members will show up in the permissions grid, since owners and admins can always do everything.