Hi Ali W

Hi Ali

I know your question is specific to just one permission but it raises a wider issue of best practice in Totara around Role & Permission assignments.  Below is a summary of our roles configuration and I hope by sharing others will do the same.

We launched as a Moodle site in 2006 and assigned everyone as a Staff Member (Moodle Student Role) and anyone who needed to create/edit course pages we gave them the Site Admin role.  This worked surprisingly well as those ‘trusted’ with this right were informed (and regularly reminded) that they are ‘only four clicks away’ from deleting the LMS.

We only had two problems with this approach; Site Admin’s couldn’t complete courses as Staff Members (their scores weren't recorded), and when they visited the course settings page the first field (a drop down list of places where the course could be placed in the Categories) was selected and they tended to randomly re-locate courses with their scroll wheel mouse!

My advice for new sites is to start with this level of openness as early adopters feel much more valued and involved in the wider process of implementing the LMS in the business. Although, I’d quietly rename the Administrator role to ‘IT Admin’ and create a duplicate Administrator role without the System permission “Change Site Configuration.”

In 2008 we moved our 100+ Site Admins, a little reluctantly, to the following role structure:

 Site Admin: Can assign rights to others in the LMS, able to make system changes to the LMS software & server. Only a handful of users with this role – it is set at the site level.

Reporting Admin: a clone of the Site Admin role but not able to assign rights to others, not able to re-locate courses to different categories, and limited server access. Can view the grades and reporting data of any course. Used by business group L&D staff. Due to our single-sign-on process (staff are automatically logged in) we have had to create manual accounts (with ‘_Reporting Admin’ added to their surname) for this level of access. It is set at the site level.

Course Creator: is essentially the Instructor role but with the permissions to create courses and assign Instructors in those courses. This is set at the top of the Category we use for creating courses. Our course creation category is not visible to staff members and course owners have to get a Site Admin to move the course into the visible part of the course categories (which how we enforce our course development guidelines).

Instructor: Is able to do anything inside a course, including add/edit/delete all activities and resources within the course. Able to view add/edit grades within the course. Able to assign Non-Editing Instructors to the course, can enrol Staff members to the course, and can 'logon as' enrolled staff inside the course page. It is set at the course page level.

Non-Editing Instructor: Is not able to change course or activity settings in the course. Can mark assessments in the course, able to view Staff member grades and activity in the course, able to administrator all aspects of the Face-to-face module, including adding & deleting sessions to an existing F2F instance in the course page. It is set at the course page level.

Trainer:  is a clone of Staff member role but with F2F permissions to add sessions, see attendees and take attendance.  It is set at the course page level.



We also toyed with a site wide F2F host role, which is a clone of the Trainer role but set at the site level to allow a few national training administrators access to all F2F sessions.  In the end we moved away from this and now use either the Reporting Admin role or a course level use of Non-editing instructor. 


Hope this is of value!

Cheers
Austen

Hi Ali

In general  roles access permissions is changed through the Site Administration block on teh home page.

Select Users > Permissions > Define roles and select the role you want to change and edit.

This will bring up a choice of permissions grouped by capability - with the option to Allow prevent Prohibit and warnings.

It is probably best to select the role you want to change and choose duplicate role which means the orginial role settings are kept intact.

To see the effect of the change in role setting use the Switch role to box in a course (this isn't 100% accurate though so logging in as a person in the role should also be used)

Each role can be assigned at different context levels - eg system , course category, course see http://help.totaralms.com/Assigning_roles.htm for more detail.

As for your query on how to make profiles of all users available to the learner role - I can't see a setting for this . There is one called moodle/user:viewdetails which is already allowed for courses. According to the Moodle website there is one moodle/user:viewalldetails that looks as though this would do this but I can't see this. 

Craig