Example

Owned by Nate Edwards
Last updated: Jul 18, 2017
2 min read

In this example, you will create a new user, a new role, define permissions and assign a role.

The Teacher -Student Setup

In this scenario, there are a few Teachers and larger number of Students .

Teachers need to create items that are:

  • Public but Read-only to Students.
  • Private and Read/Write to Teachers. (Students can’t view them)

Students need to create items that are:

  • Private and Read/Write to only them. (Other Students can’t view them)
  • Public and Read-Only to Teachers

Here is one way to approach the problem:

  1. Create the roles.
    • A Teacher role.
    • Student role.
  2. Create the groups. Create the following folders:
    • Teacher Items
    • Lessons
    • Student Items
    • Public Items
  3. Create default group memberships. This is important because it forces items to be created with the correct
     groups set by default.
    • The Teacher Role should have the Teacher Items as a default group.
    • The Student Role should have the Student Items as a default group.
  4. Create user accounts. Every user will need an account in order to use the program. If there are a large number of students, this could be time-consuming. One way to do this efficiently is to put every student into an NT Group, then grant access to that group.
  5. Assign users to roles.
    • The NT Group should be assigned the Student role if it was used; otherwise, each Student will have to be
      individually assigned to the student role one at a time.
    • Assign each teacher to the Teacher role.
  6. Assign Permissions.
    • Teachers have Read-Write permission to Teacher Items, Lessons and Public Items.
    • Teachers should have at least Read permission to Student Items; optionally, they could be granted Read-
    • Write permission.
    • Students should have Read-Write permissions to Public Items.
    • Students should be assigned No Access to Student Items.

Does this fulfill the requirements?

  • Teachers can create items that students cannot see.
  • By default, Teacher items are created in the Teacher Items. Each teacher can organize their items by manually adding each item to the appropriate lesson group; for example, items for the first lesson could be added to a Lesson 1 group.
  • Teachers can reveal items to students at the appropriate time.

Once a teacher is ready for students to review a lesson, they can reveal the items in two ways:

  1. Grant the Student role Read-Only access to the appropriate Group.
  2. Add the item into the Public Items group.
  • Students can see their own items, but not any other Student’s items.

By blocking access to Student Items, the students will be unable to see any items that belong to that group. Any item created by a member of the Student role will be automatically added to that group; so all Student items are hidden from students. The only exception is the Owner rule – the owner of an item will ALWAYS have Read-Write access to that item, no matter what groups it belongs to.