Use Roles and Permissions to set what functionality is available to different users. Permissions correspond to tools in Brightspace and D2L products, for example, the ability to create discussion topics or edit an org unit’s navbar. You assign permissions to roles and then assign roles to users for specific org units. When a user accesses an org unit, they have access to the features set up for their role in that org unit.
Use Roles and Permissions to do any of the following:
- Create, define, change, delete, and copy user roles.
- Set user permissions around roles.
- Import and export permissions.
Role permissions versus configuration variables
Role permissions are not the same as configuration variables; however, the two objects share a relationship in Brightspace. When you set a configuration variable, you are configuring specific functionality in Brightspace. When you set role permissions, you are configuring what aspects of that functionality are available to the role. For example, you can set the configuration variable that allows locker file sharing in your Brightspace. As a security measure, you can choose to disable locker file sharing for the guest role.
Roles and Permissions terminology
|
Term
|
Description
|
|---|
|
Org units
|
Org units define the structure of an organization. By default, Brightspace contains org unit types for course offerings, course templates, departments, semesters, and the organization. You can define custom types to match your organization’s structure, such as consortium, college, community of practice, cohort, etc.
|
|
Role
|
A role is a mechanism for storing a set of permissions. Assigning permissions to a role dictates what users in that role are able to see and do in the system. You can create any number of roles for your organization and enroll individual users in different roles for different org units.
|
|
Cascading roles
|
If a role is cascading, a user enrolled in any org unit in that role is automatically enrolled in all other org units beneath it. For example, if you enroll a user in the science department in a cascading role, the user is automatically enrolled in all course templates, course offerings, and groups and sections under that department. Cascading roles are normally used for site administration.
|
|
User enrollment
|
You assign permissions to a user for a specific org unit by enrolling the user in that org unit in a specific role.
|
Role properties General terminology
| Field |
Description |
|---|
|
Name
|
The name of the role.
|
|
Description
|
A short description of the role. The description is visible on the Role List page.
|
|
Cascading
|
When enabled, users in this role automatically have access to all org units beneath the one in which they are enrolled.
|
| Primary Facilitator |
When enabled, users with this role are primary facilitators of the course. |
|
Role Alias
|
The alias for the role.
|
Tool Behavior Options
To edit Tool Behavior Options
- From the Admin menu, navigate to Roles and Permissions.
- Select a desired role from the Role List and click Edit Settings.
| Field |
Description |
|---|
|
Appear on Attendance Registers
|
Controls whether users in this role can appear on attendance registers.
|
|
Can have content statistics, feedback, and SCORM reports
|
Controls whether you keep statistics for, give feedback to, and include in SCORM reports for users in this role.
|
|
Can be assessed
|
Controls whether users in this role can be assessed in the Discussions tool.
|
|
Appear in Discussion statistics
|
Controls whether statistics are kept for users in this role in the Discussions tool.
|
|
Can be graded in Grades
|
Controls whether grades can be assigned to this role.
|
|
Can self-enroll in Groups
|
Controls whether users in this role can self-enroll in groups set up for self-enrollment.
|
|
Can register for a course
|
Controls whether users in this role can register in courses.
|
|
Can have Class Progress
|
Controls whether Class Progress information is recorded for users in this role.
|
Classlist Display Options
To edit Class Display Options
- From the Admin menu, navigate to Roles and Permissions.
- Select a desired role from the Role List and click Edit Settings.
| Field |
Description |
|---|
|
Display users enrolled as this role in classlist
|
Controls whether users in this role appear in Classlist.
|
|
Classlist Role Alias
|
The name of the role as it appears in Classlist.
|
|
Display this role in the classlist
|
Controls whether the role name appears in Classlist.
|
|
Appear on Seating Charts
|
Controls whether the role name appears in Seating Chart.
|
Course Access Options
To edit Course Access Options
- From the Admin menu, navigate to Roles and Permissions.
- Select a desired role from the Role List and click Edit Settings.
| Field |
Description |
|---|
|
Access inactive courses
|
Controls whether users in this role can access inactive courses.
|
|
Access past courses
|
Controls whether users in this role can access course offerings after the end date specified on the Course Offering Information page.
Notes:
- Roles without this option can still see past course offerings listed in the My Courses widget if the d2l.Security.BypassDateCheck configuration variable is enabled.
- This option only applies if the d2l.Security.HasOrgUnitDateRestrictions configuration variable is enabled.
|
|
Access future courses
|
Controls whether users in this role can access course offerings prior to the start date specified on the Course Offering Information page.
Notes:
- Roles without this option can still see past course offerings listed in the My Courses widget if the d2l.Security.BypassDateCheck configuration variable is enabled.
- This option only applies if the d2l.Security.HasOrgUnitDateRestrictions configuration variable is enabled.
|
|
Sections
|
You can give users access to all sections within a course offering (not required for cascading roles, which are automatically enrolled in all sections).
Alternately, you can make it possible for users in this role to auto-enroll in sections or you can exclude users in this role when sections are automatically created in a course offering. Users leading a course can still manually add these users to sections.
|
|
Groups
|
You can give users in this role access to all groups within a course offering (not required for cascading roles, which are automatically enrolled in all groups).
Alternately, you can make it possible for users in this role to auto-enroll in groups or you can exclude users in this role when groups are automatically created in a course offering. Users can still be added manually these users to groups.
|
Role interactions terminology
When creating a new role, you are prompted to define how other roles interact with this role in Brightspace: Customize Your Role > Edit Role interactions.
You must have the Manage Role Permissions permission (in Security) assigned to create or copy a role.
|
Permission
|
Description
|
|---|
|
Search For
|
Select which roles can search for members of this role in the Manage Users tool.
|
|
Impersonate
|
Select which roles can impersonate users with this role.
|
|
Enroll
|
Select which roles can enroll this role in an org unit.
|
|
Switch to
|
Select which roles can role switch to this role to view content as this role does.
|
|
See External Email Address
|
Select which roles can see the external email addresses for members of this role.
|
|
See Internal Email Address
|
Select which roles can see the internal email addresses for members of this role.
|
|
Make Brightspace ePortfolio Content Available to
|
Select which roles can provide Brightspace ePortfolio content to members of this role.
|