The ability to have more options when configuring an admin role would enable the following:
-The ability to allow users a to have a truly appropriate level of access
-The ability to not have to compromise to ensure an admin has access to a given function or area of the LMS
-The ability to enable additional operational and functional roles without having to rely on higher level administrators
We would want to give instructors full access to a user's transcript, specifically the lesson activity (see screenshot), without allowing them to modify enrolments. "View" enrolments doesn't provide them this level of access, but "modify" enrolments does.
This will enable them to see how much of the lesson their student completed.
I'd love to add to this, we'd love the ability to be able to flag certain fields for "Sys Admin update only". So any admin with update permissions on Users CANNOT update the fields we've flagged (these might be Absorb standard fields or custom fields we've created). There are many fields we need/want our admins to update and so they require admin permissions, but other ones they should only be able to view and sys admins are the only ones that can update.
I imagine a page similar to the custom fields page in the portal settings where there are a list of fields from the user page and we can choose the setting permissions from a drop-down (like with the custom fields), but need one that is Admin read-only. The current read only is only for learners.
We would love to see the ability to:
enroll people into a course but NOT the ability to mark someone complete - this is a significant vulnerability in our eyes. The updated audit trail reporting has helped but it would be great to be able to lock this down.
only see certain kinds of users - just admins, just learners, etc.
edit a user but not merge users - merging users should only be available to those who fully understand the implications. Way too wide open at the moment.
control who can and cannot message users from the admin side - because the email comes from the system email address and not from the person who actually sent it, it causes confusion to our users who reply to the email.
reset someone's password but have no other ability to edit user's info - our IT folks don't need to update anything but passwords but they have the ability to change all user demographic info. Not great.
Thanks -
Kris
Hello,
Could you provide some examples of permissions which you would want to see broken down further and the associated personas which would leverage them?