...
They should be able to create, design, and launch a study.
There should be a project in Synapse for that study.
They should be able to add collaborators to their Synapse project.
They should have access to the study data in Synapse.
Use case 4:
A researcher with a validated Synapse account and existing study wants to edit raw data in their Synapse project.
They should be able to edit the raw data. (This needs to be checked)
Use case 5:
A researcher with a validated Synapse account and existing study wants to add collaborators to their Synapse project.
They should be able to add collaborators with any level of permissions.
All collaborators need to be validated accounts.
Synapse allows permissions to be set at the project level. These permissions are summarized to view, download, edit, edit/delete, and administrator. Each level includes all access granted by the level before it. Notably, the administrator level is the only point where a user can adjust others' (or their own) permissions to the project. And the account that creates the project is automatically set as an administrator.
...
Granting Direct Project Permissions vs Using Teams
Use cases 4 and 5 are covered if If the researcher is given administrator access to their project. They , they would have the ability to edit/delete data and they would be able to change other users' access to the project. There are two issues here. The researcher could bypass the Bridge and Synapse data change request processes. And the researcher could remove access from Bridge accounts like BridgeAdmin or BridgeExporter.
...
Notes:
The study creator can make Teams to invite other users if they want.
The study creator can remove permissions from accounts that we need to retain access, like the exporter.
The study creator automatically has the ability to edit raw data.
This does not require Bridge to act on the Study Creator’s behalf through OAuth.
...