Granular Role System for Citizen Science or working with Student Assistants

[kadewe]

When working on a project with a couple of people, we need to have a granular role system.

Consider this use case:
We are doing a citizen science project.
We are integrating citizens in our research project.
They should be able to access a certain SET of DOCUMENTS and do CODING only.
Therefore they log in and only see the CODING TAB and the ASSIGNED DOCUMENTS in the SET, nothing else.
Or a Student research assistant only gets to see the documents s/he should CODE. Or just see the ANALYSIS TAB to do some analysis but not CODING or PREPARING.

So a PROJECT has MEMBERS which have PROJECT-SPECIFIC-RIGHTS (such as which TAB to see, which SET to work on, which ANALYIS TOOLS to use) and even maybe DOCUMENT-SPECIFIC-RIGHTS.

[kadewe]

and also reviewers should be able to just view the whole project including the project log. I really would like to get a realistic release plan for role management. I would like to write down a list of roles and their rights and then we should discuss, what to implement in what release.

[kadewe]

I mentioned this thread to a colleague and she pointed out (very rightfully), that we need to support ANONYMOUS REVIEW ACCESS for double blind reviews. Therefore, we have to add an option to only show PSEUDONYMS (like in Google docs) instead of real names.

[jankapunkt]

This raises the question in regards to GDPR and personal data in interviews. A reviewer could be considered a "third party" and while we can show pseudonyms and other integrity mechanisms (hashes, sums etc.) we cannot make sure (in an automated way) that the author scrubbed the interviews appropriately.

[alessandrobelli]

There are a lot of variables to define:

1. where is the access? Coding/analytics page?
2. so far there are no notes, what the reviewer should be able to do?
3. should the public access be limited by time or amount of accesses?
4. password protected access?
5. we need to be clear that if the url is public, we are not responsible for the privacy of the shared project.

The public url is rather easy to do, but we need to create barriers

[kadewe]

well, the idea is for a first version, just to be able to enable a reviewer account for each project., which can be shared with a reviewer. this reviewer account has a password and it can only read, not edit - but maybe add notes. this could be used e.g. for friendly reviews.

for double blind peer review the names of the project members need to be Anonymized.

but the data has to be anonymized for review so i agree that this is a 2.x version feature to be discussed further on