Learn R Programming

redcapAPI (version 2.10.0)

userRoleMethods: Export, Import, or Delete User Roles in a Project

Description

These methods enable the user to export user roles, add user roles, or remove user roles from a project. They also enable the user to modify the permissions granted to a user.

Usage

exportUserRoles(rcon, ...)

importUserRoles(rcon, data, ...)

deleteUserRoles(rcon, user_roles, ...)

# S3 method for redcapApiConnection exportUserRoles(rcon, labels = TRUE, form_rights = TRUE, ...)

# S3 method for redcapApiConnection importUserRoles(rcon, data, consolidate = TRUE, ...)

# S3 method for redcapApiConnection deleteUserRoles(rcon, user_roles, ...)

Value

exportUserRoles returns a data frame with the columns:

unique_role_nameThe REDCap assigned unique role name.
role_labelThe user provided label describing the role.
designBoolean flag indicating if the user has permissions to utilize the project design modules.
alertsBoolean flag indicating if the user has permissions to utlize the alerts tools.
user_rightBoolean flag indicating if the user has permissions to modify user rights.
data_access_groupsBoolean flag indicating if the user has user has permission to assign user to Data Access Groups.
reportsBoolean flag indicating if the user has permissions to design reports.
stats_and_chartsBoolean flag indicating if the user has permissions to view the Statistics and Charts module.
manage_survey_participantsBoolean flag indicating if the user has permissions to manage survey participants.
calendarBoolean flag indicating if the user has permissions to utilize the project calendar module.
data_import_toolBoolean flag indicating if the user has permissions to use the data import tool.
data_comparison_toolBoolean flag indicating if the user has permissions to use the data comparison tool.
loggingBoolean flag indicating if the user has permissions to view the project logs (audit trail).
file_repositoryBoolean flag indicating if the user has permissions to access the project file repository.
data_quality_createBoolean flag indicating if the user has permission create new data quality rules.
data_quality_executeBoolean flag indicating if the user has permission to execute data quality rules.
api_exportBoolean flag indicating if the user has API export privileges.
api_importBoolean flag indicating if the user has API import privileges.
mobile_appBoolean flag indicating if the user has permissions to use the mobile app.
mobile_app_download_dataBoolean flag indicating if the user has permissions to download data on the mobile app.
record_createBoolean flag indicating if the user has permission to create new records.
record_renameBoolean flag indicating if the user has permission to rename existing records.
record_deleteBoolean flag indicating if the user has permission to delete records.
lock_records_all_formsBoolean flag indicating if the user has permission to lock records across all forms.
lock_recordsBoolean flag indicating if the user has permission to lock a records on individual forms.
lock_records_customizationBoolean flag indicating if the user has permission to customize record locking.
random_setupBoolean flag indicating if the user has permission to set up randomization rules.
random_dashboardBoolean flag indicating if the user has permission to view the randomization dashboard.
random_performBoolean flag indicating if the user has permission to perform record randomization.
formsCharacter string listing form access rights for each form.
forms_exportCharacter string listing the form export rights for each form.

When form_rights = TRUE, additional columns are created that give the form access and form export rights in an individual column for each form. Form access rights columns have the naming pattern [form_name]_access

and the form export rights columns have the naming pattern [form_name]_export_access.

importUserRoles invisibly returns the number of user roles that were added or modified.

deleteUserRoles invisibly returns the number of user roles that were deleted.

Arguments

rcon

A redcapConnection object.

labels

logical(1). When TRUE the data export and form access rights are converted to factor objects.

form_rights

logical(1). When TRUE, the form rights will be transformed to one column per form. The API-provided character string is always returned with the format [form_name]:[access_code] and a comma separating each form.

user_roles

character. Unique role names to be deleted from the project.

data

data.frame. Provides the user data for import. It must have a column titled unique_role_name. All other columns are optional.

consolidate

logical(1). When TRUE, the form and data export access values will be read from the expanded columns. Otherwise, the consolidated values (as provided by the API export) are utilized.

...

Arguments to pass to other methods

Functions

  • exportUserRoles(): Export user roles from a project.

  • importUserRoles(): Import user roles to a project.

  • deleteUserRoles(): Delete user roles from a project.

Details

User project access fields (those not related to forms or exports) are mapped between coded and labeled values as:

CodeLabel
0No Access
1Access

Form access fields are mapped as:

CodeLabel
0No Access
1View records/responses and edit records (survey responses are read-only)
2Read Only
3Edit survey responses

Form export permission fields are mapped as:

CodeLabel
0No Access
1Full Data Set
2De-Identified
3Remove Identifier Fields

Importing Users/User Roles

It is not required that the user provide a data frame with all of the fields available for modification. Only fields that are provided will be modified. The only required field for imports is the username field.

When setting permissions for a user project access fields, form access, and form export permissions, the user may provided any of the coded or labeled values above. The user data is passed through prepUserImportData() before sending it to the API; text values will be converted to the numeric value.

It is also permissible to use a column for each form individually, as can be exported via exportUsers(). With consolidate = TRUE, these settings will be consolidated into the text string expected by the API.

The REDCap API does not natively allow for modifying the rights of a user that is part of a User Role. When an attempt to modify the rights of a user in a User Role is made with this package, the user will be removed from the User Role, the rights modified, and then the User Role restored. This is done silently: be aware that modifications to a user's rights may not have an impact while the User Role is assigned.

Limitations

When importing via CSV, (as redcapAPI does by default) it appears that the form access rights are imported but may not always be reflected in the exported values. The form export rights do not appear to be imported when using the CSV format. We may be able to resolve this in the future using a JSON format.

See Also

exportUsers(),
importUsers(),
deleteUsers(),
exportUserRoleAssignments(),
importUserRoleAssignments()

Examples

Run this code
if (FALSE) {
unlockREDCap(connections = c(rcon = "project_alias"), 
             url = "your_redcap_url", 
             keyring = "API_KEYs", 
             envir = globalenv())
             
# Export users-roles
exportUserRoles(rcon)

# Export user-roles without additional form access variables
exportUsersRoles(rcon, 
                 form_rights = FALSE)
            
# Export users as raw data
exportUserRoles(rcon, 
                labels = FALSE)
            
            
# Import new permissions
NewData <- data.frame(unique_role_name = "KN439U", 
                      design = 0, 
                      api_export = 1, 
                      api_import = "No Access")
importUserRoles(rcon, 
                data = NewData)
            

# Remove a user from a project
deleteUserRoles(rcon, 
                user_roles = "KN439U")
} 

Run the code above in your browser using DataLab