Data Permissions Handling in Multi-User Installation


We are looking to build a CryoSPARC installation on a campus-wide SLURM GPU server. Since this installation will potentially span multiple labs, I was hoping for some clarification on how cryosparc handles read/write permissions at the user level.

I know that the master process is run by a central linux user (we will call “cryosparc-admin”, which will need read/write access to any/all project directories), and access to the filesystem is done under the “mask” of this user account. In this way, if we have users from two different labs (can call them “user1” from “lab1” and “user2” from “lab2”), then they could potentially gain access to each other’s directory trees through this central “cryosparc-admin” linux user.

Is there some way to limit the permissions of independent users? Such that “user1” can only see and create projects under /data/cryosparc_projects/lab1 and “user2” can only do the same under /data/cryosparc_projects/lab2, or will “user2” always be able to see /data/cryosparc_projects/lab1 (and vice versa)?

Thanks in advance.