Administrator Documentation

Security permissions

Setting	Expected Behavior
See Roles and Permissions	Applicable Org Unit Type: Organization Allows users to: Access the manage roles and permissions tool; view roles, role properties and permissions, and the event log Users will see: The Roles and Permissions link in the Admin Tools menu The Event Log button Also Required: N/A
Manage Content Security	Applicable Org Unit Type: Organization Allows users to: Apply and remove sandboxing in any org unit. Users will see: The Content Sandboxing area of the Course Offering Information area for an org unit and can edit the Enable Content Sandboxing setting. Without this permission, users who can see the Course Offering Information area for an org unit can see whether the course is sandboxed, but cannot edit the setting. By default, this permission is OFF for all roles. Also Required: Has Access to the Manage Courses Tool
Manage Roles	Applicable Org Unit Type: Organization Allows users to: Create roles, edit role properties, copy, delete and reorder roles Users will see: The New button, Edit Role and Delete options in the role's context menu, Copy and Reorder options in the More Actions button Editable fields on the Edit Role page Also Required: See Roles and Permissions
Manage Role Permissions	Applicable Org Unit Type: Organization Allows users to: Edit role permissions, import/export permissions Users will see: Check boxes on the Edit Role Permissions page The Import/Export button Also Required: See Roles and Permissions
Manage Password Policy	Applicable Org Unit Type: Organization Allows users to: Access and manage Password Policy tool Users will see: The Password Policy link in the Admin Tools menu Also Required: N/A
Manage Widget Security	Applicable Org Unit Type: Organization Allows users to: Apply and remove sandboxing to widgets. Users will see: The Widget Security section of the Widget Properties dialog, and have the ability to edit the Widget is Sandboxed setting. Without this permission, users with create/edit widget permissions can see whether or not a widget is sandboxed, but cannot edit the setting. If a widget is not sandboxed, and the Security.WidgetsApplySandbox configuration variable is ON, a user without this permission cannot edit the widget, as it is not secure. By default, this permission is off for all roles . Also Required: Has Access to the Manage Courses Tool