Custom roles
This feature helps you define custom roles and assign specific responsibilities to set of users. This feature enables you to assign responsibilities outside the purview of the individual’s existing role.
You can create a custom role to provide authoring capabilities limited to a particular catalog. You can also create a role dedicated to manage reporting. Such roles can then be assigned to individuals who are supposed to take up these specific responsibilities.
Admins have the ability to create custom admin and custom author roles with tailored permissions for each role. Below is an overview of the permissions associated with each role:
Custom Author Role Permissions
Custom authors can perform the following tasks:
-
Access the content library to add, edit, or delete core content.
-
Create, edit, and delete:
- Courses
- Job aids
- Certifications
- Learning paths
- Learning plans
Admins and authors, including custom admins and custom authors, will have the ability to share learning objects (LOs) to externally shared catalogs. Admins and authors should be able to search for externally shared catalogs while creating learning objects (LOs).
Custom Admin Role Permissions
The custom admin role replicates a set of admin responsibilities, including access to account-level privileges. Custom admins are granted permissions for managing key features related to learning activities, such as:
- Learning plans
- Catalogs
- Reports
- Tags
In addition, custom admins can:
- Manage courses and job aids, including enrolling and deleting users.
- Create, edit, and delete certifications, learning paths, and learning plans.
- Access reporting and enrollment features for all learning objects (LOs).
Admins can now view CSV-created permissions within ÃÛ¶¹ÊÓƵ Learning Manager. The filter by option filters custom roles by admin created and those imported via a CSV. After you select a custom role, you can see its permissions.
Filter custom roles
Create a custom role create-role
-
Log in as an Administrator. Open Users > Custom Role.
-
Select Create Role. The Create New Role tab opens.
Create a custom role
-
Enter the name in the Name of the Role field.
-
Account privileges: These privileges give the role owners access to specific system configuration aspects and which act on the entire account. Choose the access permissions. The user gets full control over assigned permissions.
Admins can grant detailed permissions for the User section, which has Internal/External Users, User Groups, and Advanced users.
note note NOTE Scope is not applicable on these privileges. Set the scope
-
Feature privileges - Core features: Used to grant access to specific features for managing learning activities. Permissions to the following features can be given using this option.
Admins can provide detailed permissions like read-only, create, edit, and delete permissions for the Catalogs.
- Catalogs
- Reports
- Tags
Set scope for Catalogs, Reports, and Tags
-
Feature privileges- Learning Objects: Use this option to provide access to LOs related features. Admins can provide detailed permissions for all learning objects, including courses, learning paths, certifications, and job aids. They can assign users permissions like create, edit, delete, or read-only access.
- Certifications
- Courses
- Job Aids
- Learning Programs
You can also grant specific operation control for the learning objects. The permission can be one of the following:
- Read only
- Create
- Edit
- Delete
- Enrollment
- Report
You can also grant full control for the LOs.
Grant specific permissions
-
Scope for feature privileges: The scope of Feature privileges allocated to this role can be restricted to a specific User Group or one or more Catalogs.
Catalogs: Use the radio button to provide control over All catalogs or use the Set access per Catalog option to provide access to specific catalogs. You can also select multiple catalogs.
User Groups: Provide access to All User Groups or use the Set access per user group option to provide access to specific user groups. Only a single user group can be specified.
note note NOTE If you have selected Announcement, Gamification, Email Templates, Skills, and Users under Account Privileges, the User Group access is provided to all user groups by default and this option is disabled. If you have selected Learning Plans under Account Privileges, access to all Catalogs and User Groups is provided by default and these options under Scope is disabled.
Define scope of privileges
To grant various permissions to the catalogs, follow the steps below:
-
Click the option Set access per Catalog.
-
Choose the catalogs and you can see the level of permission for each catalog. The permissions are as follows:
table 0-row-2 1-row-2 2-row-2 3-row-2 4-row-2 html-authored no-header Permission Description Full Control Grants Full Control on all Learning Objects. Permissions include Add, Edit, Delete, Read, Enroll, and Report. Report Grants access to the Reports tab only of the Learning Object. Enroll Grants permission to only enroll for the Learning Object. Read Only Grants permission to only view the Learning Objects in the Catalog. -
Enable or disable the permissions according to your requirements.
-
To save the changes, click OK. Then, to save the changes for the Custom Role, click Save.
For example, consider the following scenario.
The resultant permission, a custom user would have on a Learning Object, is an intersection of the Learning Object Permission and Catalog Permission.
A custom user has Full Permission on Courses and only Read Only access on Catalog A but Full Permission on Catalog B. The results are a Read Only access on the courses of Catalog A and Full Control over the courses of Catalog B.
A user with a Custom Role can:
-
Only view content from the catalogs he/she has access to.
-
Access any Learning Object based on the permissions of the Catalog the Learning Object is a part of.
As an Administrator, you can:
-
Choose more than one catalog for a Custom Role.
-
Modify the permissions of a catalog any time.
-
Remove the catalogs from a scope to which you no longer want to grant permissions.
-
Implicitly grant Read Only permission to a catalog, when you grant permissions to the catalog.
The table below illustrates how permissions are granted.
table 0-row-2 1-row-5 2-row-5 3-row-5 4-row-5 5-row-5 html-authored no-header Catalog Level Permission Learning Object- Level Permission
(Ex: Courses)
Full Control Enrol Report Read Only Full Control Full Control Enrol Report Read Only Enrol Enrol Enrol Read Only Read Only Edit & Delete Edit & Delete Read Only Read Only Read Only Report Report Read Only Report Read Only
-
Users: Use this option to determine which users are assigned this role. You can choose one or more users using the search box.
Add users to custom role CSV upload: To add users via CSV uploaded, add a CustomRole column to the .csv file that the Administrator used to import users. Enter the role of the user under the CustomRole column for the users to whom you wish to assign a custom role. To upload the CSV file, click Add > Upload a CSV.
- You cannot search User Groups.
- You cannot search users who already have Admin role assigned to them.
- Assigning a new custom role to a user overrides user’s previous custom role.
- A custom admin having permission to Settings will be able to configure the schedule for sync or sync users from Data-source even if they don’t have permission to the Users entity.
- If a custom admin has permission on the Users entity, they can assign Admin role to themselves and become a standard Admin.
Custom role report
Admins can download a CSV report of all custom roles and their permissions. The report shows how each role was created, either by an admin or through a CSV file, and outlines the highlights the access given to each role.
To download the report, follow these steps:
- Log in as an Admin.
- Select Users > Custom Roles.
- Select the Download option to download the CSV report.
Download report of custom roles
The report has two CSV files: role.csv and user_role.csv. The role.csv file includes:
- Custom role
- User IDs
- Source of creation.
The user_role.csv file includes the fields, Custom role, Source of creation and detailed information for Catalogs, Users, Courses, Learning Paths, and more.
Audit trail for custom roles
Admins can download the custom role audit report to tracks all changes made to the custom roles, including creating, modifying, and deleting custom roles and their associated feature access.
Refer this article Audit trail for custom roles for more information.
Restrict folder access for custom authors folder-custom-author
Learning Manager already supports an ability to give access to content Library using custom roles. All custom authors who already have access to the content library, will continue to have access to all content files even after content folders are configured. This is to maintain the legacy behavior. Administrators need not make any changes in case they wish to continue to current behavior.
In case they wish to restrict access to these custom authors, Administrators need to edit the existing custom role and configure them by providing access to only specific content folders.
Restrict folder access for custom authors
While creating a custom author, you can now assign content folders to the author. Choose the option Selected Folders.
After you click the option, a new dialog opens, where you can assign the folders to the custom author.
Select the folders for the custom author
Choose the folders and click OK.
Learning Summary Dashboard for Custom Admin custom-admin-dashboard
Custom admins can see the same view as what an Admin sees. A custom admin may data outside his scope. This is only applicable if the custom admin has full scope. To grant full scope, while creating a custom admin, enable the option Full Control in Account Summary Report.
Create a custom role
As a result, the options, All Catalogs and All User Groups will get selected and the rest disabled.
Define scope of privileges
Implicit permissions implicitpermissions
When a user is given a role with a specific entity, there might be cases where they need access to other entities as well to be able to perform tasks on the granted entity. For Instance, if a user is given Create access on Course entity, they need access to Skill and Tag entities so that they can associate them with the course being created. This tables gives you information of such implicit permissions.
Access a custom role accessacustomrole
When an Administrator assigns a custom role, you receive an email notification.
Note: If you are already logged in to Learning Manager under a custom role, you would require to relogin to Learning Manager to access the new role.
To switch between roles, click your profile icon on the upper-right corner of Learning Manager and select the role.
Learning plans scoped by configurable roles scopeconfigure
In earlier versions of Learning Manager, any Custom Role with permission to create learning plans could scope the learning plan for all types of user groups and Learning Objects.
The scope setting used to be disabled when learning plan access was granted, which gave the user access to All Catalogs and All User Groups by default.
All learning plans created by an Admin, by default, are applicable to all users. Users can also be assigned any Learning Object. On the other hand, users with Custom Roles have access to full scopes, for example, all catalogs, Learning Objects, or User Groups. This meant that admins were unable to create Custom Roles as expected that allowed access to Learning Plans for users with limited scope.
In this update of Learning Manager, you can create Custom Roles for Learning Plans that allow scoping of users and Learning Objects. In other words, Learning Plans can be created with a limited scope that is derived from a custom admin’s role scope.
Now, an Admin can define or restrict the scope while granting learning plan management access.
Custom admins can create learning plans with a limited scope, determined by the scope of the custom admin’s configurable role. Such learning plans are only accessible to custom admins with the same role, besides being accessible to regular admins. In addition, the custom admins cannot see any other Learning Plans in the account.
Existing custom admins, having access to Learning Plans, will always have full scope (by definition). They will have access to all learning plans in the account just like a regular admins do. New custom roles created with full scope and new custom admins added to such roles, will continue to have access to all learning plans.
Learning plans created by Admins and full scope custom admins will be created as usual and will not be limited by scope.
In the section Scope for Feature Privileges, grant access to User Groups and/or Catalog for the Custom Role.
Grant access to User Groups and/or Catalog for the Custom Role
Assign a user to the Custom Role.
Assign a user to a Custom Role
The user now logs in to Learning Manager as Custom Admin and now adds a Learning Plan.
When a new learner is added, the Custom Admin can select a training from the configurable role’s scoped catalogs only.
This learning plan is now applicable to the learner only if the user is also added to the group within the learning plan’s scoped user group. All other learners get exempted from this learning plan.
Learner gets added to the group learnergetsaddedtothegroup
The custom admin can select any user group that has users from within the role’s scoped user group.
When a user is added to the specified group, only users that are already part of the learning plan’s scoped user group and got added to the specified user group will be assigned the Learning Object.
Change in scope changeinscope
When the Admin changes the scope of the custom role, the change also cascades to the Custom Admin. When the Custom Admin chooses a Learning Plan that was already scoped by a previous custom role, a message is displayed, as shown below:
Message after scope changes
The Custom Admin now must update or refresh the earlier scope to the new scope.
Clicking Refresh Scope updates the scope. There is a warning message that displays.
Warning message after refreshing a scope
Clicking Yes updates the scope.
Add gamification report to a custom role gamification-custom
An administrator can enable gamification reports for a custom user.
-
In the Custom Roles page, enter the name of the custom role.
-
In the Feature Privileges: Core Features section, enable the option Full Control for the category Reports.
-
In the section Users, select the user that will be assigned the newly created custom role.
-
Click Save.
When a user logs in as Custom Admin and clicks Reports on the left pane, the transcripts appear, as shown below:
Download the gamification transcripts
Click Gamification Transcripts, choose a user, and generate the report.
If an Administrator changes the level points, the reports show levels according to the current points.
Resetting gamification does not reset the level achieved date.
Frequently Asked Questions frequentlyaskedquestions
A Custom Role is like a subset of an Author or Administrator role. Allow one or multiple privileges, define the scope, and assign the role to a user.
Click Users > Custom Roles. In the Custom Roles page, click Create Role. Enter the name of the custom role and set the privileges for the role. For more information, see Create a custom role.