(In testing on our staging server running CES, CMS and BB 9.1.70081.25)
I've created a hierarchy for the University and nodes for each of our different Schools, eg School of Law & Justice, School of Education, and within each of these children that breakdown into different programmes, eg undergraduate, postgraduate, research. Within each of these I've assigned an administrator with a system role that allows them to manage their own area's users, courses and organisations.
When I test this role I would expect to be able to only see and change users and courses that are assigned to that child. However, I am instead able to view all users, courses, etc.
Have I set the system role privileges incorrectly, or have I missed something else. There is not a lot of detailed information available in the online Sys Admin manual. Any help would be appreciated.
Regards
Schelly
Schelly Gardner | Systems Manager, eLearning Systems | TS | Southern Cross University | http://www.scu.edu.au | +61 2 6620.3522 | schelly.gardner@scu.edu.au | skype: schelly.gardner
Schelly,
That's not the behavior I'm seeing. I created a hierarchy, with top level as "UNO", a node underneath it called "IS", and an child node under "IS" called "Systems" (i.e. UNO -> IS -> Systems), then add some users and courses to the "IS" node and some to the "Systems" node. For the "Systems" node, I added a user as administrator to the node giving them the role of "System Support". When I logged into that account and looked under Admin Panel > Users or Admin Panel > Courses, the only users and courses they could see where the ones that were part of the "Systems" node.
Aside from the admin role that you assigned within the hierarchy, did the user in question have any "real" (system-wide) system roles assigned? The admin roles within the hierarchy are for granting admin privileges to users who don't have system-wide admin privileges, so if your user already had a system role before being added as administrator to the hierarchy, they're going to be able to see everything they could before.
Mike
Michael
Thanks for your reply. I've since changed some settings and now see the expected behaviour. One thing I can't seem to close off though is the Tabs and Modules - limiting the ability for them to manage only their own. If you think of any setting that I might change, I would appreciate it.
How would you define which tabs and modules are "their own"? The only things defined to be specifically within a particular node in the hierarchy are users, courses, and organizations, plus child nodes--there's no way to specify that a tab or module is part of a node. So, if you don't want the node administrator to have rights to edit tabs and modules, you need to assign them a system role that can't change those things, I think.