Create and Manage System Roles
System roles determine the LMS features and data access available to different types of user. Roles are an important part of a user’s profile and every user has a primary role. If configured to do so on the system level, you can also assign any number of additional roles to users, to cater for situations where one person is responsible for multiple learning management tasks. For example, a user can be both an instructor and a reviewer.
PeopleFluent recommends configuring roles for access to features and data in the context of an overall organizational security policy. As part of this policy, organizations determine which roles need to be defined, the features to which each role is allowed access and the type of access allowed.
New roles start with very limited access to Review Features, Manage Features and Data Access Control permissions. It may save time to clone an existing system role and update the permissions as required.
A consistent naming convention for role codes and names can help you keep them organized. For example, if you want to create course administrator roles for different geographic regions, you could suffix the role code (CA) with the region code: CA-NORAM, CA-EMEA, CA-APAC.
In this topic, we focus on managing system roles individually in the System Roles manager. For information about bulk importing role data, please see Import Role Access Data via the Data Loader.
To configure access and general permissions for system roles, your user role must have unrestricted access to the Role Permissions feature in System Roles (Manage Features > User Manager Features).
Create a System Role
To create a system role
- Go to Manage Center > Users > Roles and Permissions > System Roles.
- Click + Create System Role.
- Enter a unique code for the role.
- Enter a descriptive role name.
- Optionally, enter a brief description of the role. This appears only in the System Roles page.
- Click Save.
- To configure the new role's access permissions, click Go to Role Access Control. The three types of access for each feature are:
- No Access
- Read Only
- Unrestricted (which generally provides read, write and delete capability)
- For detailed information about the available permissions, refer to the following topics:
- Role Access Reference - Learner Features
- Role Access Permissions - Explore Features
- Role Access Permissions - Communicate Features
- Role Access Permissions - Personalization Features
- Role Access Permissions - Other Menus
- Role Access Reference - Review Features
- Role Access Reference - Manage Features
Clone a System Role
When you clone a system role, the role access permissions are retained from the source role. This can be more convenient that creating a new system role, which starts with very limited access to Review Features, Manage Features and Data Access Control permissions.
Remember to enable access to the navigation menu corresponding to the features you provide access to. The menu access is at the top of the list of each group of features.
To clone a system role
- Go to Manage Center > Users > Roles and Permissions > System Roles.
- Locate the role you want to copy and select Clone from the action menu.
- Enter a unique code for the role.
- Enter a descriptive role name.
- Optionally, enter a brief description of the role. This appears only in the System Roles page.
- Click Save.
- To configure the new role's access permissions, click Go to Role Access Control. To return to the System Roles page, click Close.
Manage a Role's Organization Visibility Level
Managers and administrators who can review others need to be limited as to which organizations they have visibility into; this limit controls the level of visibility relative to the user's assigned organization structure. Visibility is typically enforced by limiting the available organizations that may be selected when running a report or review function.
- A manager who has Highest Organization Level Visible set to a specific number can see his organization branch at that level and all others below that specific organization.
- A manager who has the limit set to User Org Level (Exclusive) can see only those below his organization.
- A manager who has the limit set to User Org Level (Inclusive) can select his organization and lower level organization units.
To manage the role's organization visibility level, click the Data Access Control option and configure the options as appropriate. For detailed information about each of the fields, please see Role Access Permission - Data Access Control.
Bulk Role Update
Roles of users with direct appraisees (for example, managers) can be updated in bulk.
To access the Bulk Role Update page, your system role must have unrestricted access to the Bulk Role Update feature in System Roles (Manage Features > User Manager Features).
To update appraisers roles using bulk role update
- Go to Manage Center > Users > Roles and Permissions > Bulk Role Update
- To only list the users who will have their role updated, select the List only, don't update check box.
- Select the current role you want to change.
- Select the role you want to assign instead.
- Click Submit. The page updates to show the users affected by the update. The Comments column shows Read Only if you selected List only, otherwise it shows Update action successful for those users you have permission to update.
Delete a System Role
Roles can be deleted only if they are not assigned to any users.
To delete a system role
- Go to Manage Center > Users > Roles and Permissions > System Roles.
- Locate the role you want to delete and select Delete on the action menu.
- Click OK.