Domain level permissions are at a lower level than system level permissions, but are at a higher level than course level permissions and item level permissions. Domain permissions are based on the scope of a domain and around the actions that can be taken.
The scope of a domain is how a domain is organized in terms of the campuses, schools, and departments that it can control. These three factors are mixed and matched to create an appropriate domain for an individual or group of individuals.
Here are four typical examples regarding domain scope:
- Department Chair: will be in a domain that has control strictly over that department.
- Dean: will be in a domain that controls all departments and campuses in their school.
- Provost: will be in a domain that controls all schools, departments, and campuses.
- Site Director: will be in a domain that has control over all departments and schools that are strictly on his/her campus.
The actions cover the functions available to you within the given domain. They include:
- Administer: Full access to all course content and settings. This means you can see and edit every syllabus item, register and drop users, modify course settings, and assign group permissions. Administer courses does NOT however mean the user can audit the given course as editing and auditing are purposefully separated. You will need to grant audit course permission if you also want the user to be able to audit courses within the domain.
- Edit: Edit every syllabus item.
- Audit: View all syllabi and update the audit status and trail for these courses. It also means you will receive an email if users select the notify auditors option when adding to the audit trail.
- Report: View all syllabus content as well as generate an audit report. You will not be notified about updates to the audit status and/or trail.
Also note that these permissions are additive, flexible, and may layer on top of each other. For example you can be designated a Reporter across all domains, an Auditor for one campus plus three departments, and an Editor of a whole school and all its department.
Additionally, select capabilities are implied with others. For example, if you can Edit content, you can implicitly view it. Similarly if you can Audit content, you can view it. This is why an individual with Administer, Edit, or Audit does not also need Report.
You can add or update a user's domain permissions by going to Admin > Users and searching for the username of the appropriate user. Once you have selected the appropriate user, you will be able to update their domain permissions by selecting the appropriate campus, school, and department information and checking Administer, Edit, Audit, or Report. The graphic below is an example of someone who has been given Administer and Audit domain permissions for all courses in the Biology department in the School of Science at the Hartford campus:
Once your comfortable with how domain permissions work, you can learn how to assign Domain Permissions in your system.