Your Role & Permissions¶
We use a role-based model to control what you can do in GitHub. Your role determines your permissions and responsibilities.
👁️ Viewer Role¶
Who gets this role:
- Clinicians reviewing educational materials
- Stakeholders getting project updates
- External collaborators (limited involvement)
- Students in early learning phases
What you can do: - ✅ Read repository contents - ✅ Download files and code - ✅ Open issues (if repository allows) - ✅ Comment on existing discussions - ✅ View project boards and wikis
What you cannot do: - ❌ Make changes to any files - ❌ Upload new content - ❌ Create branches or pull requests - ❌ Modify repository settings
Responsibilities: - Follow data safety rules when viewing content - Report any inappropriate content you discover - Provide constructive feedback through issues/comments - Respect intellectual property and licensing terms
✏️ Contributor Role¶
Who gets this role:
- Research analysts contributing to projects
- Students working on assignments
- Developers implementing features
- Content creators adding documentation
What you can do: - ✅ Everything Viewers can do, plus: - ✅ Create branches for your work - ✅ Submit pull requests with proposed changes - ✅ Collaborate on shared projects - ✅ Upload files (following data safety rules)
What you cannot do: - ❌ Merge pull requests (requires review) - ❌ Directly edit the main branch - ❌ Modify repository settings or permissions - ❌ Delete repositories or major content
Responsibilities: - Complete data classification before uploading anything - Follow pull request workflows (no direct commits to main) - Respond promptly to review feedback - Maintain code quality and documentation standards - Follow security practices (no secrets in code)
🔧 Maintainer Role¶
Who gets this role: - Experienced developers and engineers - Project leads and senior analysts - Team members with proven track record - Subject matter experts for specific repositories
What you can do: - ✅ Everything Contributors can do, plus: - ✅ Review and merge pull requests - ✅ Manage issues and project boards - ✅ Configure repository settings - ✅ Assign roles for repository access - ✅ Enable/disable features and integrations
What you cannot do: - ❌ Delete the repository - ❌ Transfer repository ownership - ❌ Bypass security policies - ❌ Grant organization-level permissions
Responsibilities:
- Review all pull requests thoroughly for quality and safety
- Enforce data classification and security policies
- Mentor contributors and provide helpful feedback
- Maintain repository health (dependencies, documentation)
- Respond to security alerts and compliance requirements
- Conduct regular repository audits
👑 Repository Admin¶
Who gets this role: - Principal investigators (PIs) - Technical leads - Senior project managers - Designated repository owners
What you can do: - ✅ Everything Maintainers can do, plus: - ✅ Full administrative control of repository - ✅ Delete or transfer repository - ✅ Manage all access permissions - ✅ Configure advanced security settings - ✅ Set up automation and webhooks
Responsibilities: - Ultimate accountability for repository compliance - Approve access for new repository users - Ensure proper data classification and governance - Manage repository lifecycle (creation to archival) - Coordinate with governance team on policy compliance - Handle escalated security or policy issues
🏢 Organization Owner¶
Who gets this role:
- Technical compliance lead
- IT security representative
- Designated governance administrators
- Senior leadership (limited number)
What you can do: - ✅ Organization-wide administrative control - ✅ Create/delete repositories - ✅ Manage all user access across organization - ✅ Configure organization security policies - ✅ Set up organization-wide automation - ✅ Access all repositories and settings
Responsibilities:
- Organization-wide governance and compliance oversight
- Incident response and security coordination
- Policy enforcement and exception management
- User access management and quarterly reviews
- Automation setup and monitoring
- Liaison with institutional IT and compliance teams
🎯 Role Assignment Principles¶
Principle of Least Privilege¶
- Start with minimum access needed for your role
- Escalate only when necessary with clear justification
- Regular reviews ensure access remains appropriate
- Temporary elevation for specific projects when needed
Role Progression¶
Typical path:
1. Viewer → Learn policies and observe workflows
2. Contributor → Practice with pull requests and collaboration
3. Maintainer → Demonstrate responsibility and technical skills
4. Admin → Prove leadership and governance understanding
Role Requests¶
- Request through your supervisor or project lead
- Justify why you need elevated permissions
- Demonstrate competence at current role first
- Understand additional responsibilities that come with higher roles
🔄 Role Changes¶
When Roles Change¶
- Project completion - may reduce access level
- Role changes - new job responsibilities
- Performance issues - may require access reduction
- Policy violations - temporary or permanent reduction
- Departures - immediate access removal
Review Schedule¶
- Quarterly reviews of all access levels
- Annual comprehensive audit
- Project milestone reviews
- As-needed for policy violations or changes
📋 Role Comparison Table¶
| Capability | Viewer | Contributor | Maintainer | Repo Admin | Org Owner |
|---|---|---|---|---|---|
| Read content | ✅ | ✅ | ✅ | ✅ | ✅ |
| Open issues | ✅ | ✅ | ✅ | ✅ | ✅ |
| Create branches | ❌ | ✅ | ✅ | ✅ | ✅ |
| Submit PRs | ❌ | ✅ | ✅ | ✅ | ✅ |
| Merge PRs | ❌ | ❌ | ✅ | ✅ | ✅ |
| Repository settings | ❌ | ❌ | Limited | ✅ | ✅ |
| User permissions | ❌ | ❌ | ❌ | ✅ | ✅ |
| Delete repository | ❌ | ❌ | ❌ | ✅ | ✅ |
| Organization settings | ❌ | ❌ | ❌ | ❌ | ✅ |
❓ Common Questions¶
"How do I request a role change?"¶
Contact your supervisor or project lead with justification for why you need different permissions.
"Can I have different roles in different repositories?"¶
Yes! Your role can vary by repository based on your involvement and responsibilities.
"What if I need temporary elevated access?"¶
Speak with the repository admin about temporary role elevation for specific tasks.
"How often are roles reviewed?"¶
Quarterly for all users, plus whenever there are significant changes in responsibilities.
Questions about your role? Contact your supervisor or the GitHub Tech Managers