Roles and Permissions

The HB Life Science platform implements a comprehensive Role-Based Access Control (RBAC) system that ensures users can only access features and data appropriate to their role. This document covers the permission model, available roles, and how permissions are enforced throughout the platform.

Overview

📊 RBAC System Overview Diagram

Shows roles, resources, actions, and permission flow

The RBAC system consists of four key components:

Component	Description
Roles	User categories with specific responsibilities (e.g., Study Designer, Study Coordinator)
Resources	System entities that can be accessed (e.g., studies, subjects, CRFs)
Actions	Operations that can be performed (e.g., create, read, update, delete)
Permissions	Rules that link roles to resources and actions

User Roles

The platform supports four primary roles, each designed for specific responsibilities in clinical trial management:

Platform Administrator

Full system access with the ability to manage all aspects of the platform.

Capability	Access Level
System Configuration	Full
User Management	Full
All Studies	Full
Master Data	Full
Reports	Full

Study Designer

Designs studies, creates CRFs, and manages study configuration.

Capability	Access Level
Study Design	Create, Edit, Delete
CRF Designer	Full Access
Site Management	Full Access
Subject Clinical Data	Read-Only
Master Data	No Access

Study Designer Note

Study Designers have read-only access to all subject clinical data (Demographics, Vitals, Lab Results, etc.). This ensures they can view data for study design purposes without modifying clinical records.

Study Coordinator

Coordinates study execution and manages subjects at assigned sites.

Capability	Access Level
Studies	View Assigned Only
Subjects	Full Access (Assigned)
Clinical Data Entry	Full Access (Assigned)
Study Personnel	Create, Edit
CRF Design	View Only

Principal Investigator

Oversees study conduct and subject safety at assigned sites.

Capability	Access Level
Studies	View Assigned Only
Subjects	Full Access (Assigned)
Clinical Data Entry	Full Access (Assigned)
Adverse Events	Full Access
CRF Design	View Only

Permission Levels

Level	Description
Manage	Full access: Create, Read, Update, Delete
View	Read-only access
View - Assigned	Read-only access to assigned items only
Manage - Assigned	Full CRUD access to assigned items only
Hidden	Feature is completely hidden from the user

Permission Matrix

These permissions control access to main navigation items and administrative features.

🖼️ Navigation Permissions Screenshot

Shows sidebar access for different roles

Feature	Platform Admin	Study Designer	Study Coordinator	Principal Investigator
Dashboard	Admin View	Designer View	Coordinator View	PI View
Studies	Manage	Manage	View - Assigned	View - Assigned
Sites	Manage	Manage	View - Assigned	View - Assigned
Subjects	Manage	View	View - Assigned	View - Assigned
eCRF Designer	Hidden	Manage	Hidden	Hidden
Master Data	Manage	Hidden	Hidden	Hidden
Management	Manage	Hidden	Hidden	Hidden

2. Study Design & Configuration

Permissions for designing and configuring a selected study.

Feature	Platform Admin	Study Designer	Study Coordinator	Principal Investigator
Overview	Manage	Manage	View - Assigned	View - Assigned
Eligibility	Manage	Manage	View - Assigned	View - Assigned
Study Sites	Manage	Manage	View - Assigned	View - Assigned
Study Personnel	Manage	Manage	Manage - Assigned	View - Assigned
Study Subjects	Manage	Manage	Manage - Assigned	Manage - Assigned
Study CRFs	Manage	Manage	View - Assigned	View - Assigned

3. Clinical Data Entry (Execution)

Permissions for entering and managing subject clinical data.

Study Designer Access

Study Designers have read-only access to all clinical data forms. They cannot create, edit, or delete clinical records.

Feature	Platform Admin	Study Designer	Study Coordinator	Principal Investigator
Consent	Manage	View	Manage - Assigned	Manage - Assigned
Demographics	Manage	View	Manage - Assigned	Manage - Assigned
Vitals	Manage	View	Manage - Assigned	Manage - Assigned
Family Medical History	Manage	View	Manage - Assigned	Manage - Assigned
Concomitant Medication	Manage	View	Manage - Assigned	Manage - Assigned
Laboratory	Manage	View	Manage - Assigned	Manage - Assigned
Physical Examination	Manage	View	Manage - Assigned	Manage - Assigned
Events	Manage	View	Manage - Assigned	Manage - Assigned
Adverse Events	Manage	View	Manage - Assigned	Manage - Assigned
CRF Data Entry	Manage	View	Manage - Assigned	Manage - Assigned

Role-Based Dashboards

Each role sees a customized dashboard tailored to their responsibilities:

📊 Role-Based Dashboard Comparison

Shows different dashboard views for each role

Platform Administrator Dashboard

Total studies, sites, subjects, and users
System health metrics
Recent activity across all studies
Quick access to management tools

Study Designer Dashboard

Studies being designed
CRF completion status
Site and personnel configuration status
Quick access to eCRF Designer

Study Coordinator Dashboard

My Studies: Only assigned studies
My Subjects: Only subjects at assigned sites
Pending data entry tasks
Subject enrollment progress

Principal Investigator Dashboard

My Studies: Only assigned studies
My Subjects: Only subjects under their oversight
Adverse event alerts
Subject safety overview

How Permissions Work

Button and Action Visibility

Buttons and actions are automatically shown or hidden based on your permissions:

🖼️ Button Visibility Example

Shows Add/Edit/Delete buttons visible for authorized users

Create buttons: Only visible if you have create permission
Edit buttons: Only visible if you have update permission
Delete buttons: Only visible if you have delete permission
Bulk operations: Only visible for authorized roles (typically Admin only)

Dynamic Permission Updates

Permissions are managed centrally and take effect immediately:

Administrator updates permissions in the system
Next time you load a page, new permissions are applied
No logout/login required

Available Resources

The system protects the following resources:

Resource	Description
`study`	Clinical study records
`site`	Study site/location records
`subject`	Study subject/participant records
`personnel`	Study personnel assignments
`crf`	CRF form designs
`crf_entry`	Subject CRF data entries
`demographics`	Subject demographic information
`vitals`	Subject vital signs
`laboratory`	Laboratory test results
`physical_examination`	Physical examination records
`family_medical_history`	Family medical history
`concomitant_medication`	Concomitant medications
`adverse_event`	Adverse event records
`consent`	Informed consent records
`master_data`	System master data
`user`	User account management

Available Actions

Action	Description
`create`	Create new records
`read`	View existing records
`update`	Modify existing records
`delete`	Delete individual records
`bulk_delete`	Delete multiple records at once
`export`	Export data to external formats
`import`	Import data from external sources
`generate`	Generate reports or documents

Overview​

User Roles​

Platform Administrator​

Study Designer​

Study Coordinator​

Principal Investigator​

Permission Levels​

Permission Matrix​

1. Administration & Navigation​

2. Study Design & Configuration​

3. Clinical Data Entry (Execution)​

Role-Based Dashboards​

Platform Administrator Dashboard​

Study Designer Dashboard​

Study Coordinator Dashboard​

Principal Investigator Dashboard​

How Permissions Work​

Button and Action Visibility​

Dynamic Permission Updates​

Available Resources​

Available Actions​