Permissions & Sharing
HyperStudy provides a unified permission system for controlling access to experiments, media, and data. This guide explains how permissions work and how to share resources with collaborators.
Overview
The permission system allows you to:
- Control who can view, edit, and duplicate your resources
- Share with individual users or entire groups
- Set organization-wide defaults
- Make resources publicly accessible
- Manage granular permissions for different actions
Permission Types
Different resource types support different permissions:
Experiments, Images & Videos
| Permission | Description |
|---|---|
| View | Can see the resource and its contents |
| Edit | Can modify the resource (design, settings, etc.) |
| Duplicate | Can create a copy of the resource |
| Manage Access | Can change permission settings for others |
Data
| Permission | Description |
|---|---|
| View | Can see data in the Data Management interface |
| Export | Can download data as files (CSV, JSON, etc.) |
Data permissions are separate from experiment permissions. Someone with experiment edit access doesn't automatically get data access.
Access Hierarchy
HyperStudy checks permissions in the following order:
- Owner - Full access to all actions
- Organization Admins - Full access to all organization resources
- Platform Admins - Global access for support and debugging (all access is logged)
- Explicitly Shared - Users, groups, or external organizations with explicit permissions
- Organization Members - Default permissions set for the organization group
- Public Access - Permissions granted to all authenticated users (if enabled)
Owner
↓
Organization Admin (same org)
↓
Platform Admin (global, logged)
↓
Explicitly Shared (user/group/external org)
↓
Organization Default (org members)
↓
Public (if enabled)
Using the Permission Manager
The Permission Manager provides a unified interface for managing access to any resource.
Opening the Permission Manager
For Experiments:
- Open the experiment in the Experiment Designer
- Click the Permissions tab
For Media (Images/Videos):
- Go to the Media Library
- Select an image or video
- Click Permissions in the info panel or context menu
For Data:
- Go to Data Management
- Select an experiment
- Click the Permissions tab
Understanding the Interface
The Permission Manager shows:
- Owner - The resource owner (you, if you created it)
- Who Has Access - List of all users, groups, and public access
- Grant Access - Options to add new users or groups
Permission Icons
Each row shows toggleable permission icons:
| Icon | Permission |
|---|---|
| Eye | View |
| Pencil | Edit |
| Copy | Duplicate |
| Gear | Manage Access |
| Download | Export (data only) |
- Colored = Permission enabled
- Gray = Permission disabled
Click any icon to toggle that permission.
Managing Access
Organization Default
When you create a resource, it automatically includes your Organization group with default permissions. This ensures all organization members have baseline access.
- The organization group shows a "Default" badge
- You can modify organization permissions but cannot remove the group
- All current and future organization members inherit these permissions
Adding Users
To share with a specific user:
- Click Add User in the Grant Access section
- Search for the user by name or email
- Select the user from the dropdown
- The user is added with default View permission
- Toggle additional permissions as needed
Adding Groups
To share with an experimenter group:
- Click Add Group in the Grant Access section
- Select from your available groups
- The group is added with default View permission
- Toggle additional permissions as needed
Removing Access
To remove a user or group:
- Find them in the "Who Has Access" list
- Click the X button on their row
- Access is revoked immediately
You cannot remove the organization default group. You can only modify its permissions.
Public Access
For experiments, images, and videos, you can enable public access:
- Find the Public row in the "Who Has Access" section
- Toggle the View permission to enable public access
- Optionally enable additional public permissions
When public access is enabled:
- Any authenticated HyperStudy user can access the resource
- They receive only the permissions you've enabled
- This is useful for shared templates or published experiments
Data resources cannot be made public. Data access must always be explicitly granted.
Permission Scenarios
Lab Team Collaboration
For a research lab working on shared experiments:
- Create an experimenter group for your lab
- When creating experiments, the organization group provides default access
- Optionally share with specific lab group for tighter control
- Grant Edit permission to collaborators who help design experiments
- Keep Manage Access limited to project leads
External Collaboration
For collaborating with researchers outside your organization:
- Add the external collaborator as a user (they need a HyperStudy account)
- Grant them specific permissions:
- View only for review purposes
- View + Duplicate to let them create their own version
- View + Edit for active collaboration
Data Sharing
For sharing experiment data with analysts:
- Go to Data Management > Permissions
- Add users who need data access
- Grant View for dashboard-only access
- Grant Export to allow data downloads
Published Templates
To share an experiment template publicly:
- Open experiment Permissions
- Enable View for Public access
- Enable Duplicate so others can copy it
- Keep Edit and Manage Access disabled
Cross-Organization Sharing
HyperStudy supports sharing resources with users and organizations outside your own organization.
Sharing with External Users
To share with a researcher at another institution:
- Click Add User in the Permission Manager
- Enter their email address
- Select them from the search results
- Configure their permissions
- They'll see the resource in their "Shared With Me" panel
External users are displayed with their organization name, making cross-org shares easy to identify.
Sharing with External Organizations
For ongoing collaborations, you can share with an entire organization:
- Click Add Organization in the Permission Manager
- Search for the organization by name
- Select the organization
- Configure organization-wide permissions
All current (and future) members of that organization inherit the permissions.
What External Collaborators Can Access
When you share a resource externally:
| Can Access | Cannot Access |
|---|---|
| The specific shared resource | Your organization's media library |
| Media used within that resource | Other experiments in your organization |
| Design/settings (based on permissions) | Data (unless separately shared) |
For comprehensive guidance, see Cross-Organization Collaboration.
Time-Limited Access
All permissions support optional expiration dates for enhanced security.
Setting Expiration Dates
- After adding a user, group, or organization to permissions
- Click the calendar icon next to their entry
- Select an expiration date
- Access automatically revokes at midnight (UTC) on that date
Expiration Recommendations
| Use Case | Suggested Expiration |
|---|---|
| One-time review | 1-2 weeks |
| Active collaboration | 3-6 months |
| Grant-aligned work | Match grant end date |
| Course collaboration | End of semester |
| Permanent team member | Leave blank |
Expiration Notifications
- Users receive notification 7 days before expiration
- Resource owners receive weekly summaries of expiring access
- All expirations are logged in the audit trail
Audit Trail
HyperStudy maintains comprehensive audit logs for compliance with research regulations (HIPAA, FERPA, GDPR).
What Gets Logged
All permission-related activities are recorded:
- When access was granted or revoked
- Who made the change
- What permissions were set
- Expiration dates configured
- When external users accessed resources
- Platform admin access events
Viewing Audit Logs
Organization administrators can access audit logs:
- Go to Settings > Organization > Audit Log
- Filter by resource type, action, time period, or user
- Export logs for compliance documentation
Compliance Support
| Regulation | Relevant Features |
|---|---|
| HIPAA | Access logging, role-based access, automatic revocation |
| FERPA | Data isolation, explicit permissions, audit trails |
| GDPR | Time-limited access, access logging, data separation |
Best Practices
Security
- Start with minimal permissions and add as needed
- Regularly audit who has access to sensitive resources
- Remove access promptly when collaboration ends
- Keep Manage Access permission restricted to owners and leads
Organization
- Use groups for team-based access rather than individual shares
- Document why specific users have elevated permissions
- Use consistent permission patterns across similar resources
Data Protection
- Keep data access separate from experiment access
- Only grant Export permission when data download is needed
- Use View permission for oversight without download capability
Frequently Asked Questions
Can I share with someone outside my organization?
Yes, as long as they have a HyperStudy account. Add them by their email address. They'll see shared resources in their dashboard.
What happens when someone leaves the organization?
When removed from your organization, they lose access to all organization-shared resources. Explicit individual shares remain until you remove them.
Can participants see experiment designs or data?
No. Participants only see the experiment interface during participation. They never have access to design, settings, or data.
How do I transfer ownership?
- Open the Permission Manager
- Click Transfer Owner in the Owner section
- Select the new owner from your organization members
- Confirm the transfer
Transferring ownership gives the new owner full control, including the ability to revoke your access.
Do folder permissions apply to contents?
Yes, for media folders. When you set permissions on a folder:
- All items in the folder inherit those permissions
- New items added to the folder get the same permissions
- You can override individual item permissions if needed
Related Documentation
- Cross-Organization Collaboration - Multi-site studies and external sharing
- Collaborating Through Groups - Managing experimenter groups
- Data Permissions - Detailed data access controls
- Media Management - Managing images and videos
- Organizations - Organization membership and roles