Role Access Control Permission
Applicable Product
- PeopleFluent Learning
Applicable Release:
- All versions
Summary:
In the Role Access screen you define which menus and functions user roles may access and under what conditions. The proper configuration of role access rights should be done in the context of an overall organizational security policy. As part of this policy, organizations determine which roles need to be defined, the areas to which each role is allowed access and the type of access allowed.
Keywords:
Permission, Role Access Control, RAC
The LMS allows three types of access to functional areas:
- No Access
- Read-only
- Unrestricted (i.e. Read/Write/Delete access)
When setting access rights, keep in mind that if a user has access to the function but not the menu, he cannot access the function through the menu (though he can access the function by directly accessing the URL). For example, if a user role had access to News Manager but not the Manage menu, the user role could not access News Manager from the Manage menu but could access news manager directly from the News Manager URL or another path (if known). Therefore if you do not wish to allow a role to access a function, it is better to deny access at the function level, as well as access to the menu screen in which the function appears.
Manage System Roles Screen
Each user is at least tagged with a role on the system. On a global system, there could be roles set up that are region-specific. System Roles are managed from Manage > USERS > ROLES > System Roles
From here you can do the following per role:
- Configure role access control
- Clone the role
- Edit the role
- Configure permissions
- Delete the role
For the creation, editing and cloning actions, a dialog pops up to ask for the role code, role name and description:
Configuring Role Access Control
There are presently five licensing options for the LMS, each with a subset of features that you can enable/disable per system role:
- Performance
- Exams
- Learning
- E-Learning
- E-Learning Plus
The following features are categorized into:
- Learning Oriented Features
- Review Features
- Manage Features
- Data Access Control
For each role, you can configure which features the role may access and if it should be Read-only or Unrestricted access. Some functions or pages may be grouped together as a single feature.
Navigation menus are configured separately. For example, if a user role has access to Review Enrollments but Review Enrollments is not in the navigation menu, the user role will not be able to see Review Enrollments in the menu but would be able to access it directly using the Review Enrollments URL.