Data Access Control Reference

Data Access Control specifies the role's access to data within the organization hierarchy. 

Data Access Control permissions are divided into:

Table: Data Access Control Reference

Feature Access Permission Description
Highest Organization Level Visible

Managers and administrators who can review others need to be limited as to which organizations they have visibility into; this limit controls the level of visibility relative to the user's assigned organization structure.

Visibility is typically enforced by limiting the available organizations that may be selected when running a report or review function.

Select the Highest Organization Level Visible for the system role:

  • Root is the top level. All organizations in the LMS are under the Root level. If you select Root, the role can see users in all organizations.
  • Select User Org Level (Exclusive) to enable the role to see users in all sub-organizations below their own organization level.
  • Select User Org Level (Inclusive) to enable the role to see users in their own organization level and all sub-organizations below it.
  • Select a specific level as the highest level of visibility to enable to the role to see users in that level and all organization levels below it.

For more information, see About Organization Visibility Levels.

Widget Page Templates Select the Widget Page Template used to present the Widget Page that opens for users with the role if they do not have the new UI enabled.
Title and ID Format

Select the format used to display Courses in the Manage Center and learner pages where course names are shown:

  • Title
  • Title (ID)
  • (ID) Title
Account Display Format Select either a summary or detailed format for the Accounts page in the Career Development Center (CDC) for users with the role. The selected Account Display Format applies when a user views their own Accounts page and when their direct appraiser views their appraisee's Accounts page.
Role General Permissions
Allow Look and Feel Change Select Yes to enable the Skin Selection option in the User Preferences tab in the Settings page (Avatar menu > My Profile).
Allow Admin Online Help Select Yes to enable online help for administrators. (This does not apply to hosted Performance sites.)
Allow Organization Maintenance Select Yes to allow users with the role to access the Organization Maintenance page.
Allow Global Upload Maintenance

Select Yes to allow users with the role to view and delete the import logs or error logs of CSV files uploaded by other users via the User Data Loader. It also allows users with the role to delete homework files if the Allow Global Homework Files Access permission is also set to Yes.

Allow Course Deletes

Select Yes to allow users with the role to delete courses.

Deleting a course removes all course-related information from the LMS.

Allow User Deletes Select Yes to allow users with the role to delete users.
Allow User Creation Select Yes to allow users with the role to create new users. This also requires unrestricted access for the Users feature (Manage Features > User Manager Features).
Allow User Status Change Select Yes to allow users with the role update a user's status in the Users page.
Allow User Password Change Select Yes to allow users with the role to reset user's password in the Users page.
Allow Attachment in New Mail Form Select Yes to allow users with the role to attach files when sending emails to participants in the Participants page (Catalog Editor > Session tab > Participants).
Allow Enrollment Override Select Yes to allow users with the role to bypass enrollment restrictions and checks for valid enrollment in the Group Enroll page.
Allow Question Creation Select Yes to allow users with the role to create questions for exams.
Allow Question Review

Select Yes to allow users with the role to review questions (they can change a question's status to Under Review or Reviewed).

This permission is effective when the Question Approval Mode System Configuration setting is set to Approval Mode.

Allow Question Approval

Select Yes to allow users with the role to review questions. They can change a question's status to:

  • Under Review
  • Reviewed
  • Approved
  • Retired

This permission is effective when the Question Approval Mode System Configuration setting is set to Approval Mode.

Allow Question Open for Editing

Select Yes to allow users with the role to change a question's status back to Work in Progress in order to reopen the question for editing.

This permission is effective when the Question Approval Mode System Configuration setting is set to Approval Mode.

Allow Exam Creation Select Yes to allow users with the role to create exams. This also requires unrestricted access for the Exams feature (Manage Features > Exam Manager Features).
Allow Exam Generation Select Yes to allow users with the role to generate exam learning modules from exams. This also requires read-only or unrestricted access for the Exam Generator feature (Manage Features > Exam Manager Features).
Allow Exam Grading

Select Yes to allow users with the role to grade exams. They can change the score that a user has originally achieved for answering a question. This also requires the user to have unrestricted access to review the Exam (Exam Editor > Reviewer Permissions) and the Exam Pool

Allow Exam Instance Manager Select Yes to allow users with the role to generate an exam instance from an exam template in the Exam Editor.
Allow Exam Instance Deletion Select Yes to allow users with the role to delete exam attempts (rather than just deactivate them).
Display Exam Editor Select Yes to allow users with the role to access the Exam Participants Review page from the Exam and Question Manager even if this role is not allowed to otherwise edit the exam.
Display Exam Password Select Yes to allow users with the role to see the exam password in the Exam Schedule page.
Is External Question Approver Select Yes to restrict users with the role to accessing only the Preview/Approval tab in the Questions Editor.
Allow Question Approval Override

Select Yes to allow users with the role to override the question approval workflow and directly set a Work in Progress question to Approved.

This permission is effective when the Question Approval Mode System Configuration setting is set to Approval Mode.

Allow Forum Moderation Select Yes to allow users with the role to create and delete forums, and delete other users' forum messages.
Allow Global Approval

Select Yes to allow users with the role to approve or deny enrollment and withdrawal approval requests (in addition to the original approver) for any user within their organizational view.

This can be very useful for training center administrators who need to monitor all enrollments and withdrawals. By default, an administrator or manager is only allowed to act on approvals routed to them directly.

Allow Exam Remedial Training Comments Select Yes to allow users with the role to change the exam status of a user's exam attempt and enter remedial training comments when reviewing learners' transcripts in the CDC.
Allow Bulk Session Status Update Select Yes to allow users with the role to change the session status for multiple sessions at once, via the Session Administration page (Home > Teach > Session Administration).
Show Tokens Tab Select Yes to allow users with the role to access the Tokens page (new UI: Home > Explore > Tokens) to review the token balance and purchase more tokens.
Show only top-level learning objects in enrolled learning modules Select Yes to show top-level learning objects in enrolled learning modules for users with the role.
Allow Token Manual Adjustment Select Yes to allow users with the role to change the token value and expiry date of token accounts.
Allow User Editor Group View Select Yes to allow users with the role to view all members of an accessible User Group, and, therefore, access them in the User Editor, even if the members are not within the role's organizational view.
Is Organizational External Training Approver Select Yes to allow users with the role to approve or deny external training for anyone in the user's organizational view. (Normally, external training requests are accessible for direct appraisers only.)
Allow User Appraisal Administration Select Yes to allow users with the role to delete a user's current performance appraisal, re-open the last completed appraisal (if no current appraisal exists), or change the status and reviewer of the current appraisal. 
Allow Review Employee All User Appraisal Select Yes to allow users with the role to review all performance appraisals instead of only appraisals for which they are the reviewer.
Show biographies and activities of other users in the same learning group

Select Yes to allow users with the role to view the recent activities of users that belong to the role's learning group, and have access to their profile summaries. The role will also have access to the profile summaries of instructors in the same group (in Instructor Info).

Allow Unrestricted Delegation Select Yes to allow users with the role to delegate authority for approval requests to someone else for a certain period of time. This enables another user to switch to the delegating user account, therefore user being delegated to must have unrestricted access to the Switch User feature (Manage Features > System Administration).
Allow Full Organization View of Participants

Select Yes to allow users with the role to see all participants of a course, instead of just those in the user's organizational view.

This overrides the usual user visibility in the Report Wizard for the following report types:

  • Courseware Information
  • Exam Results
  • Learning Program Detail
  • Withdrawn User Details
Allow Skillsoft (OLSA) Search Select Yes to allow users with the role to access to courses from Skillsoft in search results.
Allow Global Homework Files Access Select Yes to allow users with the role to access the Knowledge Center File Share area, which is normally restricted to the course instructors.
OWASP Restrictions Override Select Yes to allow users with the role to bypass the HTML Sanitizer system configuration, which (if enabled) disallows entering form-based data containing HTML and JavaScript.
Allow Custom Language String Editing Select Yes to allow users with the role to access the Search/Customize Language Strings page in the Manage Center in order to add or edit custom labels.
Display Details, Progress, and Course Interactions when Reviewing Learner Transcript Detail Select Yes to allow users with the role to bypass the normal transcript viewing restrictions when reviewing users' transcripts.
Disable Smartphone UI Select Yes to allow users with the role to bypass the mobile view for smartphone use of the LMS.
Limit Catalog Administration Privileges Select Yes to restrict users who can create new learning modules to creating only Classroom learning modules.
Import and Export XLIFF files Select Yes to allow users with the role to access the XLIFF Import/Export feature.
User and Organization Visibility Report Wizard Filter Select Yes to allow users with the role to change the User and Organization Visibility filter criteria setting in the Report Wizard from Users and Organizations filtered based on User executing the report to Users and Organizations filtered based on Report Owner.
Allow session level reference resource upload from Teach Select Yes to allow users with the role to attach reference resources to classroom sessions from the Teach menu, so they do not need access to the Catalog Editor in the Manage Center.
User Data Export Select Yes to allow users with the role to
Privilege Level

Privilege levels specify the relative hierarchy among different user roles, with 0 being the lowest setting and 9 being the highest, except for system administrators who have a privilege level setting of 10 by default. These numbers are themselves arbitrary within the LMS, and are only meaningful in relation to each other. 

Privilege levels work in conjunction with other access rights. For example, a user can create users only with privilege levels lower than their own. They can update the role of other users whose privilege level is lower than theirs. This prevents local administrators who have access to the User Editor from updating their role (or the role of someone who reports to them) to gain new system privileges that they should not have.

Additional Information

About Organization Visibility Levels

About System Roles 

Configure a Role's Access Permissions

 

Why does the help differ from what I see on the screen?

 

Powered by PeopleFluent