Permissions & Data Spaces
TianGong LCA spreads permission boundaries across several pages. Instead of piecing them together from Data, Team, Review, and System Management docs, use this page as the quick reference.
First: these are different permission systems
At least three permission layers can overlap in the platform:
- Data-space permissions: Open Data, Commercial Data, My Data, Team Data
- Team collaboration roles: team owner / admin / member
- Special workspace roles:
review-admin/review-member, plus systemowner/admin/member
Do not treat them as one linear hierarchy. A person may hold different roles across different domains.
Data-space matrix
| Data space | View full data | View metadata | Copy into My Data | Edit directly | Import | Export JSON | Submit for review | Contribute to team |
|---|---|---|---|---|---|---|---|---|
| Open Data | Yes | Yes | Yes | No | No | Yes | No | No |
| Commercial Data | Mostly metadata | Yes | Depends on UI availability | No | No | Usually not a full-data export path | No | No |
| My Data | Yes | Yes | Yes | Yes | Yes | Yes | Yes | Yes |
| Team Data | Yes | Yes | Yes | No | No | Usually not the main export path | No | No |
How to read this matrix
- Open Data is for discovery, reference, copy, and analysis rather than direct editing
- Commercial Data is mainly about metadata and provider contact information, not the same as openly downloadable full modelling data
- My Data is the main authoring, import, export, and review-submission workspace
- Team Data is for sharing and reuse, not simultaneous direct editing by multiple users
Team-role matrix
| Team action | owner | admin | member |
|---|---|---|---|
| Edit team profile | Yes | No | No |
| Invite / resend invites | Yes | Yes | No |
| Change team roles | Yes | No | No |
| Remove members | Yes | Yes | No |
| View team data | Yes | Yes | Yes |
| Contribute personal data to team | Yes | Yes | Yes |
For collaboration workflow details, also read Team Functions.
Review-role matrix
| Review action | Author | review-member | review-admin |
|---|---|---|---|
| Submit data for review from My Data | Yes | May also hold this ability | May also hold this ability |
| Open Review Management | No, usually | Yes | Yes |
| View pending review tasks | No | Yes, only assigned tasks | Yes, for the broader review pool |
| Assign reviewers | No | No | Yes |
| Submit review comments | No | Yes | Can monitor overall progress |
| Manage review members | No | No | Yes |
| Approve / reject the whole review | No | No | Yes |
If your task is review execution, continue with Data Review.
System-role matrix
| System action | member | admin | owner |
|---|---|---|---|
| Open System Management | Yes | Yes | Yes |
| View Show Management | Yes | Yes | Yes |
| Edit homepage display teams | No or limited | Yes | Yes |
| Add system members | No | Yes | Yes |
| Remove non-owner members | No | Yes | Yes |
| Change admin / member roles | No | No | Yes |
For platform-level maintenance work, continue with System Management Workspace.
Data scopes inside Process Analysis
The Process Analysis Workspace introduces another scope layer that is related to data spaces, but not identical to role permissions:
| Analysis scope | Meaning |
|---|---|
| Current user data | Primarily the data the current account can analyse from My Data |
| Open data | Primarily published open datasets |
| All data | The full candidate range available to the current analysis context in that deployment |
These scopes are for analysis selection rather than team-role or system-role definition.
Common misunderstandings
Does team admin automatically mean reviewer?
No. Team roles and review roles are separate permission systems.
Does system admin automatically mean access to every business page?
No. System roles mainly govern the system-management workspace and related operations.
Why can’t I edit directly in Team Data?
Because Team Data is designed for sharing and reuse. When you need to change something, the usual pattern is to copy it into My Data, edit it there, and contribute the updated version back.