REDCap allows strict control of user rights for each project. These rights include a user’s ability to edit, export and view data, add or edit reports, import data, create records, etc. Privileges to view and export data are specified for each instrument.
User roles can be set with predefined privileges and users can then be assigned to these user role groups.
Both REDCapR and Pycap have functions for exporting user rights.
redcap_users_export()
%%capture --no-display --no-stdout
%%R
users_data <- redcap_users_export(redcap_uri = url, token = token)
names(users_data)[1] "data_user" "data_user_form" "success" "status_code"
[5] "outcome_message" "elapsed_seconds" "raw_text" Extract the data_user table to view who has access to the REDCap project:
redcap_users_export output provides a list with several elements. The two most useful elements are the data_user and the data_user_form.
%%capture
%%R
users <- users_data$data_user
There is no way to export which user is in which named user role group with REDCapR or the native API. When you export this data, if a user has been assigned to a user role group, then it will return the user with the role’s defined privileges.
Extract the data_user_form table to view which forms each users has access to:
%%capture
%%R
users_forms <- users_data$data_user_form
export_users(), export_user_roles(), export_user_role_assignment()
Use export_users to view who has access to the REDCap project and what their rights are:
project.export_users(format_type='df') | username | firstname | lastname | expiration | data_access_group | data_access_group_id | design | alerts | user_rights | ... | mobile_app | mobile_app_download_data | record_create | record_rename | record_delete | lock_records_all_forms | lock_records | lock_records_customization | forms | forms_export | ||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 0 | alexey.gilman@doh.wa.gov | Alexey.Gilman@doh.wa.gov | Alexey | Gilman | NaN | records1_2 | 2716.0 | 0 | 0 | 1 | ... | 1 | 1 | 1 | 1 | 1 | 1 | 0 | 1 | demographics:3,symptoms:1,test_information:3,c... | demographics:1,symptoms:1,test_information:1,c... |
| 1 | caitlin.drover@doh.wa.gov | Caitlin.Drover@doh.wa.gov | Caitlin | Drover | NaN | NaN | NaN | 1 | 1 | 1 | ... | 1 | 0 | 1 | 1 | 1 | 0 | 0 | 1 | demographics:1,symptoms:1,test_information:1,c... | demographics:1,symptoms:1,test_information:1,c... |
| 2 | emily.pearman@doh.wa.gov | emily.pearman@doh.wa.gov | Emily | Pearman | NaN | NaN | NaN | 1 | 1 | 1 | ... | 1 | 1 | 1 | 1 | 1 | 0 | 0 | 0 | demographics:1,symptoms:1,test_information:1,c... | demographics:1,symptoms:1,test_information:1,c... |
3 rows × 34 columns
Use export_user_roles to view the defined user rold groups for that project and their permissions:
project.export_user_roles(format_type='df') | unique_role_name | role_label | design | alerts | user_rights | data_access_groups | reports | stats_and_charts | manage_survey_participants | calendar | ... | mobile_app | mobile_app_download_data | record_create | record_rename | record_delete | lock_records_customization | lock_records | lock_records_all_forms | forms | forms_export | |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 0 | U-5354FA3HYL | Admin | 1 | 1 | 1 | 1 | 1 | 1 | 1 | 1 | ... | 1 | 0 | 1 | 1 | 1 | 1 | 0 | 0 | demographics:1,symptoms:1,test_information:1,c... | demographics:1,symptoms:1,test_information:1,c... |
1 rows × 29 columns
Use export_user_role_assignment to view which user is in in which role group and data access group:
project.export_user_role_assignment(format_type='df')| username | unique_role_name | data_access_group | |
|---|---|---|---|
| 0 | alexey.gilman@doh.wa.gov | NaN | records1_2 |
| 1 | caitlin.drover@doh.wa.gov | U-5354FA3HYL | NaN |
| 2 | emily.pearman@doh.wa.gov | NaN | NaN |
You can use the unique_role_name field from the export_user_roles output to see which user is assigned to which user role in the ouput of export_user_role_assignment.
The user rights tables also include information on which Data Access Group each user is assigned to. For more information on Data Access Groups see Chapter 16