Administrator

Roles & Permissions

Follow
Ryan Richins
  • Agilix team member

Customize roles and permissions to suit your needs

How do roles and permissions relate?

Roles in Buzz represent a predetermined set of permissions. You are required to assign users a role when enrolling them in a course, giving them that role's permissions within the scope of that enrollment. All roles are automatically inherited by subdomains.

There are four standard roles in Buzz. The permissions for these roles are defined at the domain root and cannot be edited. If you want to give a user a set of permissions that is different from those given to the predefined roles, you can:

  • Grant individual users specific permissions.
  • Create custom roles with custom permission sets (see Additional articles below).

Buzz's four predefined roles are:

  • Administrator: This is a domain role that gives a user all available permissions within all levels (Domains, Users, Courses, Enrollments, and Objectives).
  • Owner: This is a course role that gives a user complete control over the course. Course-level permissions include: Read, Owner, Read Full, Edit, Delete, View Gradebook, Setup Gradebook, Grade Assessments, Grade Assignments, Grade Discussions, and Submit Final Grades.
  • Teacher: This is a course role with the same permissions as the Owner, except they cannot delete the course or enroll users. Course-level permissions include: Read, Read Full, Edit, View Gradebook, Setup Gradebook, Grade Assessments, Grade Assignments, Grade Discussions, and Submit Final Grades.
  • Student: This is a course role with Read and Participate permissions, basically, allowing the user to take the course.

Granting domain and course permissions

You can assign roles and permissions in various places within Buzz:

  • When you grant them from the Permissions screen in the Domain tool, they are attached to the user and apply throughout the domain, regardless of the user's specific enrollments.
  • When you grant them from the Enrollments screens of either the Users or Courses tool, they apply only to that enrollment in the specified course.
Granting domain and course permissions

Buzz permissions

The available permissions in Buzz fall under five different categories. These categories represent the component for which the permission grants privilege. They are: Domains, Users, Courses, Enrollments, and Objectives. The following tables describe the available permissions within each category.

Creating custom roles requires granting a combination of these permissions; you can edit these permissions sets after creation, but be aware that doing so changes permissions for all users assigned that role.

Domain permissions

In order for a user to employ domain role permissions, they must be granted from the Permissions screen in the Domain tool.

Domain Permission Role Type Allows users to ...
Owner Domain Grant, revoke, modify domain permissions for a user.
Create Domain Create domains and subdomains.
Read Domain Access the Admin app (this is the only permission that grants this access). Access (read) domain and subdomain information including subscriptions, roles, and settings.
Edit Domain Make changes to domains and subdomains, including subscriptions, roles, and settings
Delete Domain Delete domains and subdomains (including the domain they exist in).
Post Announcements Domain Post announcements to the domain.
Report Domain Run reports using domain data.

Users permissions

In order for a user to employ domain role permissions, they must be granted from the Permissions screen in the Domain tool.

Users Permission Role Type Allows users to ...
Owner Domain Assign rights and subscriptions to domain users.
Create Domain Create domain users, but cannot manage permissions.
Read Domain Access the domain user information.
Edit Domain Make changes to domain user information (first name, last name) and change password. Cannot edit permissions or username.
Delete Domain Delete domain users.
Proxy Domain Sign in and make changes as another domain user.
Report Domain Run reports using domain user data.

Courses permissions

In order for a user to employ domain role permissions, they must be granted from the Permissions screen in the Domain tool.

Courses Permission Role Type Allows users to ... Grants other permissions?
Read Course and Domain Access (read) specified courses in the domain. No
Participate Course Complete activities in specified courses; this permission is only available for student users. Yes: Read Course is granted for Course roles.
Owner Course and Domain Grant rights to specified courses. Yes: Read Course and Read Full Course are granted for Course roles.
Create Domain Create courses in the domain. Yes: Read Course and Read Full Course are granted for Course roles.
Read Full Course and Domain Access (read) all course content data in the domain, including assessment questions and hidden-from-student content, regardless of their other enrollment rights in the course. No
Edit Course and Domain Make changes to specified courses. Yes: Read Course and Read Full Course are granted for Course roles.
Delete Course and Domain Delete specified courses. Yes: Read Course and Read Full Course are granted for Course roles.
Report Course and Domain Run reports using specified course data. No
View Gradebook Course and Domain Access specified course Gradebooks. Yes: Read Course and Read Full Course are granted for Course roles.
Setup Gradebook Course and Domain Setup specified course Gradebooks and make changes to their settings (grading schemes, grade scales, item weight, etc.) in Activity Data and Course Data. Yes: Read Course and Read Full Course are granted for Course roles.
Grade Assessments Course and Domain Grade assessments in specified courses. Yes: Read Course, Read Full Course, and View Gradebook are granted for Course roles.
Grade Assignments Course and Domain Grade assignments in specified courses. Yes: Read Course, Read Full Course, and View Gradebook are granted for Course roles.
Grade Discussions Course and Domain Grade discussion activities in specified courses. Yes: Read Course, Read Full Course, and View Gradebook are granted for Course roles.
Submit Final Grades Course and Domain Submit final grades for specified courses and their grading periods. No

Enrollments permissions

In order for a user to employ domain role permissions, they must be granted from the Permissions screen in the Domain tool.

Enrollments Permission Role Type Allows users to ...
Owner Domain Grant and revoke specified enrollment rights.
Read Domain Access data, including grades, that is associated with the specified enrollments.

Objectives permissions

In order for a user to employ domain role permissions, they must be granted from the Permissions screen in the Domain tool.

Objectives Permission Role Type Allows users to ...
Read Domain Access objectives and objective maps from specified objective sets.
Edit Domain Make changes (add, update, or delete) to objectives and objective maps from specified objective sets.

Comments (5)

Sort by
Matthew Marichiba

Can you please give a high-level description of the relationship between Roles and Permissions? Why do roles apply to some things and permissions apply to others? When both options are available (Domain Options > Menu Entries - Custom, in particular), how do they interact? The existing docs note that these concepts intersect, but I cannot make heads or tales of why and to what end. It's not for lack of trying to understand! Thanks!

Ryan Richins
  • Agilix team member

Hi Matthew,

I've updated this article's introduction to (hopefully) better describe this relationship. Please don't hesitate to follow up on anything that is still unclear.

With relationship to the specific selection you mentioned (Settings > Domain Options > Menu Entries - Custom), there is some confusing overlap with the use of the term "Role":

  • In this specific instance, the Role field is asking you to identify which Buzz app you want the menu item to appear in (Admin, Teacher, Student, or Parent/Observer), and doesn’t indicate any inherent permissions. So, if you entered "Teacher" there, that menu item would only appear for users who choose “Teacher” when signing into Buzz.
  • The Rights field is asking for the specific permissions necessary to see the menu item, once the user is signed in.

This is, admittedly, confusing and we will look into ways to clarify either in the product, our documentation, or both.

Thanks and let us know if you need anything more.

Shane Foglesong

Is there a way to set the permissions so an observer of a student can view any part of the course without restrictions? This applies to elementary student parents who want to prepare for future lessons. Currently they cannot see past what their student has completed. Can we keep the restrictions for students, but allow observers to not be effected by them?

Jennifer Parzych

I have a question about Roles and Permissions. I have noticed this week that when I give the teacher the role of Owner they do not have the right to "Create" under "Manage Courses" and they do not have the right to "invite Students" to a course. I am not sure why this is. Please advise. 

Brad Marshall
  • Agilix team member

Shane, as of right now, observers have the same viewing rights as the student they observe. Observers cannot see anything that the student cannot.

Jennifer, in addition to the permissions they need in the course to add users, the teacher must also have domain permissions to find the users. So, they must have the "Users: Read" permission on the domain to add existing users to the course. Similarly, if they need to be able to have the rights to create and add new users to their course, they must also have "Users: Create". 

Please sign in to leave a comment.