Global and Group roles
In the TAO Portal, there are two types of roles: global roles and group roles. Understanding the permissions associated with these roles is important when creating or editing a user or group.
Global roles
Global roles give users access to functionality across the whole application. A global role is assigned when a user account is created or edited. Users assigned to these roles have rights across the TAO Portal within the group and organizational unit they are enrolled in. The user will have those same rights within any organizational unit below their own in the hierarchy.
The TAO Portal supports the following Account (global) roles:
Global admin [ADMIN]
Content developer [CONTENT_CREATOR]
Group creator [GROUP_CREATOR]
Public sessions manager [PUBLIC_SESSION_MANAGER]
Battery manager (beta feature)
The names in brackets, such as [ADMIN], represent how each role is assigned in a CSV import. For more information, see CSV imports.
The table below summarizes the access and rights of each role:
Global Admin | Content Developer | Group Creator | Public sessions manager [PUBLIC_SESSION_MANAGER] | |
Account-wide settings | ||||
Access to authoring (Content Bank) | Yes | Yes | ||
Create groups | Yes | Yes. When a Group Creator creates a group, they are automatically assigned as Group Manager. | ||
Create, read, update and delete users | Yes | |||
Group-level actions | ||||
Read, update, and deactivate groups | Yes | |||
Add/remove users in a group | Yes | |||
Create, read, update and delete sessions | Yes | |||
Create, update, and delete public sessions | Yes | |||
Monitor session | Yes | |||
Grade session | Yes | |||
View sessions list | Yes | |||
Enter session | Yes | |||
Exempt test taker from session | Yes | |||
Take session | ||||
Review session | Yes | |||
View session reports | Yes | |||
View individual reports | Yes |
Group-related roles
Group roles pertain to a given group only. These roles are assigned as part of the enrollment of a user to a specific group and provide the right to perform certain actions within the scope of the given group.
The TAO Portal supports the following Group-related roles:
Group manager [GROUP_MANAGER]
Scorer [GRADER]
Test-taker [TEST_TAKER]
The names in brackets, such as [GRADER], represent how each role is assigned in a CSV import. For more information, see CSV imports.
The table below summarizes the access and rights of each role:
Group Manager [GROUP_MANAGER] | Scorer [GRADER] | Test-taker [TEST_TAKER] | |
Group-level actions | |||
Read, update, and deactivate groups | |||
Add/Remove users in group | Yes | ||
Create, Read, Update and Delete sessions | Yes | ||
Monitor session | Yes | ||
Grade session | Yes | Yes | |
View sessions list | Yes | Yes | |
Enter session | Yes | Yes | |
Exempt test taker from session | Yes | ||
Take session | Yes | ||
Review session | Yes | Yes, if allowed by the session’s configuration. For more information, see Creating a session. | |
View session reports | Yes | ||
View individual reports | Yes (for any test-takers) | Yes, if allowed by the session’s configuration. For more information, see Creating a session. |