Overview
The Roles and Permissions page provides a comprehensive view of the different roles and permissions available in DDOE. These roles define what actions users can perform and what resources they can access across both the organization level and project level.
Permissions are designed to ensure secure access control while enabling users to perform their responsibilities effectively based on their assigned role.
Within DDOE, permissions are categorized based on:
Organization-level
Project-level
The following sections provide detailed information about each category:
Organization-Level Roles and Permissions
Organization-level roles define permissions across the entire DDOE organization. These roles provide broader access and are typically assigned to administrators or users responsible for managing organizational resources.
Permissions at this level include:
Managing users and roles
Configuring integrations and system settings
Accessing all projects within the organization
Monitoring platform usage and governance
Organization-level permissions ensure centralized control and governance across all projects and resources.
Learn more about the organization.
Organization Roles
Members typically refers to the users who belong to or are affiliated with the organization. Members of an organization can have one of the following roles:
Important
The creator (owner) of an organization has the ability to add new owners, but it is not possible to remove the organization creator.
Members' roles are defined when adding them to the organization, but you can change them later on by an Organization Owner/Admin.
The Org role doesn't change the project role. You will still need to adjust their project roles as a separate step. For example, an Org Worker can still be added to a project with Owner, Developer, or Annotation Manager roles.
The Organization Worker role has specific restrictions including no access to the Data tab, inability to create new projects, and no permissions to manage tasks or labeling work for other team members.
Feature Actions Based on Org Roles
The following table details the action permissions granted to the organization roles in the DDOE platform. As you can view, the Worker role is not allowed to perform any organization-level operations, while the organization Owner is allowed to perform all.
Action/Role | Owner | Admin | Member | Worker |
|---|---|---|---|---|
Create a project | ✅ | ✅ | ✅ | 🚫 |
View secret | ✅ | ✅ | ✅ | 🚫 |
View integration | ✅ | ✅ | ✅ | 🚫 |
Add ORG members | ✅ | ✅ | ✅ | 🚫 |
List organizations projects | ✅ | ✅ | 🚫 | 🚫 |
Change members role | ✅ | ✅ | 🚫 | 🚫 |
Delete members | ✅ | ✅ | 🚫 | 🚫 |
Claim ownership over projects | ✅ | ✅ | 🚫 | 🚫 |
Create a group | ✅ | ✅ | 🚫 | 🚫 |
Update a group | ✅ | ✅ | 🚫 | 🚫 |
Delete a group | ✅ | ✅ | 🚫 | 🚫 |
Create integration | ✅ | ✅ | 🚫 | 🚫 |
Delete integration | ✅ | ✅ | 🚫 | 🚫 |
Update integration | ✅ | ✅ | 🚫 | 🚫 |
Create secret | ✅ | ✅ | 🚫 | 🚫 |
Delete secret | ✅ | ✅ | 🚫 | 🚫 |
Update secret | ✅ | ✅ | 🚫 | 🚫 |
Set a project under the organization | ✅ | 🚫 | 🚫 | 🚫 |
Delete inactive project users | ✅ | 🚫 | 🚫 | 🚫 |
Feature Menus Based on Org Roles
DDOE Feature (Menu Pages) | Project Owner | Admin | Member | Worker |
|---|---|---|---|---|
My Projects | ✅ | ✅ | ✅ | ✅ |
Dashboard | ✅ | ✅ | ✅ | ✅ |
Marketplace | ✅ | ✅ | ✅ | ✅ |
Data | ✅ | ✅ | ✅ | ✅ |
Ontology | ✅ | ✅ | ✅ | ✅ |
Human Tasks / Assignments | ✅ | ✅ | ✅ | ✅ A Worker can only access the “Human Tasks / Assignments” menu page |
CloudOps | ✅ | ✅ | ✅ | ✅ |
Pipelines | ✅ | ✅ | ✅ | ✅ |
Models | ✅ | ✅ | ✅ | ✅ |
Team | ✅ | ✅ | ✅ | ✅ |
Analytics | ✅ | ✅ | ✅ | ✅ |
Members & Groups | ✅ | ✅ | ✅ | 🚫 |
Getting Started | ✅ | ✅ | ✅ | 🚫 |
Organization Projects | ✅ | ✅ | 🚫 | 🚫 |
Audit Logs | ✅ | ✅ | 🚫 | 🚫 |
Data Governance | ✅ | ✅ | 🚫 | 🚫 |
Account | ✅ | ✅ | 🚫 | 🚫 |
Project-Level Roles and Permissions
Project-level roles define the permissions assigned to users within a specific project. These roles control actions such as:
Creating and managing datasets
Performing annotations
Running pipelines and tasks
Accessing project-specific resources
Permissions at this level are limited to the scope of the project, ensuring that users can only interact with resources relevant to their assigned projects.
Learn more about the project.
Project Roles
Roles are predefined permissions assigned to users or groups. These roles streamline permission management. Available roles include:
Feature Actions Based on Project Roles
Action/Role | Project Owner | Developer | Annotation Manager | Annotator |
|---|---|---|---|---|
Create annotation | ✅ | ✅ | ✅ | ✅ |
Delete annotation | ✅ | ✅ | ✅ | ✅ |
Edit annotation | ✅ | ✅ | ✅ | ✅ |
Open an issue | ✅ | ✅ | ✅ | ✅ Only on QA tasks. |
Export Annotations | ✅ | ✅ | ✅ | ✅ |
Import Annotations | ✅ | ✅ | ✅ | ✅ |
Export Mask | ✅ | ✅ | ✅ | ✅ |
Create a task | ✅ | ✅ | ✅ | 🚫 |
Approve an issue | ✅ | ✅ | ✅ | 🚫 |
Add users | ✅ | ✅ | ✅ | 🚫 |
Edit users | ✅ | ✅ | ✅ | 🚫 |
Delete users | ✅ | ✅ | ✅ | 🚫 |
Changing role | ✅ | ✅ | ✅ | 🚫 |
Delete a task | ✅ | ✅ | ✅ | 🚫 |
View Pipelines | ✅ | ✅ | ✅ | 🚫 |
View Datasets | ✅ | ✅ | ✅ | 🚫 |
Create Recipes | ✅ | ✅ | 🚫 | 🚫 |
Update Recipes | ✅ | ✅ | 🚫 | 🚫 |
Delete Recipes | ✅ | ✅ | 🚫 | 🚫 |
Clone Recipes | ✅ | ✅ | 🚫 | 🚫 |
Rename a task | ✅ | ✅ | 🚫 | 🚫 |
Upload an item | ✅ | ✅ | 🚫 | 🚫 |
Rename an item | ✅ | ✅ | 🚫 | 🚫 |
Delete an item | ✅ | ✅ | 🚫 | 🚫 |
Move an Item | ✅ | ✅ | 🚫 | 🚫 |
Create a folder | ✅ | ✅ | 🚫 | 🚫 |
Delete a folder | ✅ | ✅ | 🚫 | 🚫 |
Rename a folder | ✅ | ✅ | 🚫 | 🚫 |
Move a folder | ✅ | ✅ | 🚫 | 🚫 |
Create a dataset | ✅ | ✅ | 🚫 | 🚫 |
Delete a dataset | ✅ | ✅ | 🚫 | 🚫 |
Rename a dataset | ✅ | ✅ | 🚫 | 🚫 |
Edit labels | ✅ | ✅ | 🚫 | 🚫 |
Rename a Project | ✅ | ✅ | 🚫 | 🚫 |
Install/uninstall pipelines | ✅ | ✅ | 🚫 | 🚫 |
Create Pipelines | ✅ | ✅ | 🚫 | 🚫 |
Edit Pipelines | ✅ | ✅ | 🚫 | 🚫 |
View Storage Drivers | ✅ | ✅ | 🚫 | 🚫 |
Create Storage Drivers | ✅ | ✅ | 🚫 | 🚫 |
Update Storage Drivers | ✅ | ✅ | 🚫 | 🚫 |
Delete Storage Drivers | ✅ | ✅ | 🚫 | 🚫 |
Create Datasets | ✅ | ✅ | 🚫 | 🚫 |
Update Datasets | ✅ | ✅ | 🚫 | 🚫 |
Download Items | ✅ | ✅ | 🚫 | 🚫 |
Add labeling company | ✅ | 🚫 | 🚫 | 🚫 |
Delete a Project | ✅ | 🚫 | 🚫 | 🚫 |
Feature Menus Based on Project Roles
Feature | Project Owner | Developer | Annotation Manager | Annotator |
|---|---|---|---|---|
My Projects | ✅ | ✅ | ✅ | ✅ |
Dashboard | ✅ | ✅ | ✅ | 🚫 |
Marketplace | ✅ | ✅ | 🚫 | 🚫 |
Data | ✅ | ✅ | ✅ | 🚫 |
Ontology | ✅ | ✅ | 🚫 | 🚫 |
Human Tasks / Assignments | ✅ | ✅ | ✅ | ✅ |
CloudOps | ✅ | ✅ | 🚫 | 🚫 |
Pipelines | ✅ | ✅ | ✅ | 🚫 |
Models | ✅ | ✅ | 🚫 | 🚫 |
Team | ✅ | ✅ | ✅ | 🚫 |
Analytics | ✅ | ✅ | ✅ | 🚫 |
Organization Projects | ✅ | ✅ | ✅ | ✅ |
Audit Logs | ✅ | ✅ | ✅ | ✅ |
Members & Groups | ✅ | ✅ | ✅ | ✅ |
Integrations | ✅ | ✅ | ✅ | ✅ |
Account | ✅ | ✅ | ✅ | ✅ |