In a centralized R&D platform like Uncountable, managing data access is crucial to maintaining security and control. Permissions can be configured on multiple levels: general permissions, project-level permissions, and ingredient/ingredient attribute/calculation-level permissions.
This article offers an introduction to general Uncountable permissions, which include the user’s license and user group and can be configured by admins on User Administration page.
For more information on other permission levels, please refer to Project Permissions.
Admin Role/Capabilities
Admins have control over Uncountable’s data and user access. They can manage all permissions, including adding or removing users, setting platform-wide access levels, and customizing data visibility for teams or individuals. Admins configure who can view, edit, or manage data across the platform, ensuring sensitive information is restricted to authorized users.
User Administration Panel
General permission configuration is done from the User Administration Panel, in which admins can perform actions such as:
- Adding new users
- Adding new user groups
- Assigning user groups and licenses
- Resetting passwords
- Deactivating/reactivating users
To access the User Administration panel, click your name in the lower left corner and select “User Administration”.
User Admin Page
On the main User Admin page, under the User Admin tab, is a listing of Uncountable admins. The listing displays the user’s:
- Name: The user’s first and last names.
- Email (Object 1): The company email address, in all lowercase font.
- User License (Object 2): A user license sets the foundational level of access a user has to the platform, defining what features and tools they can use. For example, licenses control where a user has access to the inventory module.
- User Access Group (Object 3): User groups control which inputs, outputs, and experiments a group of users can access (Read/Write), as well as admin rights and the ability to create new experiments. Grouping users with similar access needs simplifies permission management. If a user is in multiple groups, the group with the highest permissions will determine their overall access level in the existence of conflicts. Otherwise, the user groups are additive.
The cog (Object 4) associated with a user in the listing provides additional options:
- Change Password: Allows the user to update their current.
- Change User Project: Enables the user to change or set their current project.
- Show User Permissions: Displays a listing of all permissions assigned to the user, including the user group, scope, material family, project, and permissions type.
- Configure API Access: Provides options to set up or modify the user’s access to the platform’s API.
- Copy as New: Creates a duplicate of the user’s profile or settings, which can be used to set up a new user with similar configurations.
- View Profile: Opens the user’s profile page, showing their name, user group, email, location, bio, top projects, and activity over the past year.
- Add User Groups: Allows the user to be added to one or more access groups.
- Remove User Groups: Removes the user from one or more access groups.
At the very top of the listing is a space that admins can use to add new users to the platform (Object 5) by adding their email, name, access group, and user license. To deactivate an user, select the red “Deactivate” button (Object 6) associated with their profile.
User Groups Page
The User Groups page, under the User Groups tab, contains a listing of all user groups, including the number of users per group. To create a user group, enter a name and click the button at the top of the listing (Object 1). To edit group permissions, click the “…” (Object 2) associated with a group and select “Edit Permissions”.
From the User Group Permissions page, admins can fine tune permissions and access by adding and removing material family and lab specific permission sets.
Permission sets refer to combinations of Read/Write capabilities for outputs, inputs, experiments, equipment, and inventory within defined material families and labs.
Material Family Permissions (User Group)
The top section of the page is a section admins can define permissions specific to definitions within material families. Edit permission sets by selecting from the dropdown menus and checkboxes, or create a new permission set by clicking the blue button.
To create a new permission set, follow these steps:
- Select the material family (Object 1) these permissions are granted for. Permissions can be defined for a single material family or all material families (by clicking the “Set for All” button).
- Set output permissions (Object 2):
- Read: Only view outputs
- Write: View and modify outputs
- Set input permissions (Object 3):
- None: Cannot view inputs
- Read: Only view inputs
- Write: View and edit inputs
- Set experiment-level permissions (Object 4):
- None: Cannot view or edit any aspects of the experiment
- Read (Outputs Only): Can view only outputs (not inputs on the recipe), cannot edit anything
- Read: Can view measurements and inputs, cannot edit anything
- Write (Outputs Only): Can view and edit outputs, cannot view or edit inputs on the recipe
- Write Outputs, Read Inputs: Can view and edit outputs, can only view inputs
- Write: Can fully view and edit both recipe and results
- Determine whether or not the user group has Admin rights (Object 5) for the defined material family definitions. Admin rights include the ability to lock/unlock recipes, add/remove users, change settings, or adjust user permissions.
- Determine whether or not the user group can add experiments (Object 6) to the material family.
Lab Specific Permissions (User Group)
Beneath material family permissions, users can also define lab-specific permissions for the user group. These include whether or not the user group can view/edit the equipment or inventory for specific labs.
To create a new lab-specific permission set, follow these steps:
- Set equipment permissions (Object 1):
- None: Cannot view or edit equipment
- Read: Can view equipment, but cannot edit
- Write: Can view and edit equipment
- Set inventory permissions (Object 2):
- None: Cannot view or edit inventory
- Read: Can view inventory, but cannot edit
- Write: Can view and edit inventory
- Select the labs these permissions are granted for. Permissions can be defined for a select labs by selecting from the dropdown menu (Object 3) or all labs by clicking the “Set for All” button (Object 4).
- Determine whether or not the user group has Admin rights (Object 5) for the selected labs.
Once all the necessary material family and lab-specific settings have been configured, be sure to save the user group permission settings by clicking the blue “Save” button in the top left corner of the page.
Licenses Page
The Licenses page, under the Licenses tab, displays a listing of all Uncountable licenses. The listing includes a description and the number of active users per license. The five standard licenses include:
- Advanced: Users with full-access to the platform including the machine learning tools.
- Basic: Users who can store, enter, and search experiments, inventory, and related information.
- Business: Submit testing requests and see the results and status of requests.
- Pro: Users who can edit, visualize, and analyze data as well as create reports.
- Read-Only: Users who can monitor the progress of experiments and requests.
To add a new license, click the blue “Add License” button at the top of the listing.
Adding Permissions to a License
To add new permissions to a license, display the permissions column by clicking “List” and selecting “Set Columns”.
From the “Select Columns” modal, add a License Permissions column by selecting “License” > “License Permissions”.
Once added, the specific permissions for each license will be displayed. Permissions can be added by clicking the arrow and selecting from the dropdown menu. Permissions can be removed from a license by clicking on the “X”.
User Listings Page
The User Listings page, under the User Listings tab, is a complete listing of all active platform users. The listing displays each user’s username, first and last name, email, and user groups. Clicking the “…” associated with a user provides additional options:
- Show User Permissions: Displays a listing of all permissions assigned to the user, including the user group, scope, material family, project, and permissions type.
- View Profile: Opens the user’s profile page, showing their name, user group, email, location, bio, top projects, and activity over the past year.
- Add User Groups: Allows the user to be added to one or more access groups.
- Remove User Groups: Removes the user from one or more access groups.
- Copy as New: Creates a duplicate of the user’s profile or settings, which can be used to set up a new user with similar configurations.
- Change Password: Allows the user to update their current.
- Configure API Access: Provides options to set up or modify the user’s access to the platform’s API.
- Deactivate User: Deactivates that user’s account, preventing them from accessing Uncountable data. Users can be reactivated at any time from the “Show Deactivated Users” listing at the top of the listing.
To add a new user, click the blue “+ Add User” button.