Study Admins

[tkallady]

Resolves #412

• Org admin can give a user study admin role (Must leave at least one Org admin / Cannot demote self)
• Create admin: org admin can create any kind of admin, study admin can only create other study admins
• Can view/add/remove them as admin of studies
• Handle when study admin is removed from all studies (can't access admin portal, show message)
• Study based routes are restricted to admins of that study
  • Profiles
  • Participants
  • Study editing
  • Surveys
  • Integrations
  • Families (cannot edit families if a member is present in another study that studyadmin is not admin of) https://garvan-data-science.slack.com/archives/C044Z3WEBUN/p1762299494789919
  • Restore participants
• Study admin can only see their own studies
  Admin users page:
  https://garvan-data-science.slack.com/archives/C044Z3WEBUN/p1762405069210759
• Study admin can add and remove another studyadmin to their study
• Study admin can view other admins but not edit
• Study admin can edit their own details but not their role
• Study admins cannot delete other admin users
• Study admin cannot view or change settings
• Study admins can only view and restore deleted participants from their own studies

[tkallady]

I've disabled some features to do with Redcap and mailer config due to conflict with another PR

[Copilot]

Pull Request Overview

This PR implements a new "Study Admin" role to enable more granular access control within the application. Organization Admins can now delegate study-specific administrative privileges to Study Admins, who have restricted access limited to the studies they manage.

Key Changes:

• Added StudyAdmin role with permissions limited to assigned studies
• Study Admins can create other Study Admins and manage participants/surveys within their studies
• Updated authentication to check study-specific permissions and restrict access accordingly

Reviewed Changes

Copilot reviewed 52 out of 52 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
application/backend/prisma/schema.prisma	Added StudyAdmin role enum and many-to-many relationship between Users and Studies
application/backend/src/authentication.ts	Modified JWT authentication to fetch and validate study-specific permissions
application/backend/src/controllers/UsersController.ts	Added endpoints to manage study admin assignments and enforce role-based restrictions
application/backend/src/controllers/StudiesController.ts	Filtered study access based on user permissions
application/backend/src/controllers/ProfilesController.ts	Added permission checks for profile access across studies
application/backend/src/controllers/ParticipantsController.ts	Restricted participant access to assigned studies
application/backend/src/controllers/FamiliesController.ts	Added cross-study permission validation for family operations
application/admin-client/src/providers/authProvider.ts	Updated to store and manage user role and ID in localStorage
application/admin-client/src/pages/users/list.tsx	Added role-based UI restrictions and study admin tooltips
application/admin-client/src/pages/users/edit.tsx	Implemented study assignment UI with checkboxes for Study Admins
application/common/testing/seed.ts	Added test data for Study Admin user

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[tkallady]

Also, I have added a test study admin user '[email protected]' which will be useful for testing this feature.