Configuring Training Module Permissions

Training Module permissions control which security roles can access training features and determine the level of authority users have for viewing courses, managing content, assigning learners, and administering training programs. Unlike other Magentrix modules where permissions are configured through centralized security settings, Training Module permissions must be configured directly within the Training Module's dedicated Permissions interface to establish role-based access controls.

Proper permission configuration ensures appropriate users can create and manage training content, assign courses to learners, process enrollment requests, and mark assessments while maintaining security boundaries that protect sensitive training data and prevent unauthorized modifications. Permission configuration supports organizational hierarchies, manager relationships, and role-based responsibilities that align training administration with business structures.

Requirements

To configure Training Module permissions, users must be assigned a security role with the following permissions:

Administrator Security Role

Permissions Overview

Training Module permissions use a role-based access control model where administrators assign specific access levels and capabilities to security roles. Users inherit training permissions from their assigned security roles, with permission scopes determining which courses, learners, and administrative functions they can access and manage.

Permission Configuration Philosophy

Default behavior: By default, users do not have access to the Training Module. Security roles must be explicitly granted Training Module permissions before users can view courses, access training content, or perform administrative functions.

Role-based assignments: Permissions are assigned to security roles (groups of users with similar responsibilities) rather than individual users, enabling scalable permission management across organizational populations.

Hierarchical access levels: Training Module permissions offer progressive access levels from basic learner access to comprehensive administrative control, supporting diverse organizational roles and responsibilities.

Scope-based restrictions: Advanced permission options enable fine-grained control based on organizational hierarchies, manager relationships, and account structures for enterprise-scale training administration.

Permissions Tab Overview

The Permissions tab provides the interface for configuring security role access to Training Module features and establishing the authority levels that control what actions users can perform within the training environment.

Accessing the Permissions Tab

Navigate to the Training module and select the Settings tab
Click the Permissions tab in the horizontal navigation within Settings
The Permissions configuration page opens displaying role selection and access level options
A descriptive message explains: "By default, users don't have access to the Training module. Select a role below and then specify what access level they should have in the training area and then click on save."

Permissions Interface Layout

Security Role Selector: Dropdown menu for selecting which security role to configure permissions for

Access Level Options: Radio buttons or selection interface for choosing the permission level for the selected role

Additional Permission Controls: Checkboxes and dropdown options for configuring advanced permissions when higher access levels are selected

Save Button: Action button to apply permission configuration for the selected security role

Selecting Security Roles

Permission configuration begins with selecting the security role that will receive Training Module access. The selected role determines which users inherit the configured permissions based on their role assignments.

Security Role Selection Process

Locate the Security Role dropdown menu at the top of the Permissions configuration area
Click the dropdown to display available security roles
Review the list of security roles representing different user populations (e.g., Consulting Partner, Employee, Customer User, Administrator)
Select the role you want to configure by clicking its name
The permissions interface updates to show current permission settings for the selected role
Configure desired access level and permissions for the role
Click Save to apply permissions to the selected role
Repeat the process for additional roles requiring Training Module access

Security role examples:

Employee-type roles (Internal Staff, Managers, Directors)
Partner-type roles (Consulting Partner, Reseller Partner, Technology Partner)
Customer-type roles (Customer User, Customer Administrator)
Administrator roles (System Administrator, Training Administrator)

Role selection considerations:

Configure permissions for all security roles that should access training features
Different roles may receive different access levels based on their organizational responsibilities
Employee-type roles have access to more advanced permission options than external community roles
Multiple roles can have identical permission configurations if they serve similar purposes

External Community User Access Levels

External community users (partners, customers, external learners) have three available access levels that progressively increase training capabilities while maintaining appropriate security boundaries for external populations.

None Access Level

The None access level denies all Training Module access to users with the selected security role. Users cannot see the Training module, access courses, or interact with any training features.

Configuring None access:

Select the security role in the Security Role dropdown
Select None from the Access Level options
No additional configuration options appear—None completely blocks training access
Click Save to apply the None access level

When to use None access:

Security roles that should not have any training access (inactive user types, restricted populations)
External users who should not see training features in their portal interfaces
Roles being deprecated or transitioned away from training access
Temporary access revocation without deleting role configurations

Learner Access Level

The Learner access level provides basic training access enabling users to view assigned courses, access training content, complete lessons and assessments, and track their own learning progress. Learners cannot manage courses, assign other users, or perform administrative functions.

Configuring Learner access:

Select the security role in the Security Role dropdown
Select Learner from the Access Level options
No additional configuration options appear for basic Learner access
Click Save to apply Learner access level

Learner capabilities:

View courses assigned to them by administrators
Browse course catalog if "Users can browse the course library" setting is enabled
Request course access when self-registration is disabled
Complete lessons, quizzes, and assessments within assigned courses
View their own training history and progress
Download completion certificates for finished courses
Access learning paths assigned to them

Learner limitations:

Cannot create, edit, or delete courses or learning paths
Cannot assign courses or learning paths to other users
Cannot view other users' training progress or assignments
Cannot mark quizzes or process enrollment requests
Cannot access course management or administrative interfaces
Cannot modify course content, settings, or structure

When to use Learner access:

Partner populations who should take training but not manage programs
Customer users receiving product training or certification
External contractors or temporary workers requiring training access
Community members participating in voluntary training programs

Team Leader Access Level

The Team Leader access level provides Learner capabilities plus additional oversight functions enabling users to view and manage training progress for their teams. Team Leaders can monitor team performance while maintaining security boundaries that limit visibility to their organizational scope.

Configuring Team Leader access:

Select the security role in the Security Role dropdown
Select Team Leader from the Access Level options
Additional configuration checkboxes appear for Team Leader permissions
Configure Browse Courses and View Team Progress options
Click Save to apply Team Leader access level

Team Leader configuration options:

Browse Courses:

When checked, Team Leaders can view the course catalog and discover available training programs
When unchecked, Team Leaders see only assigned courses without catalog browsing
Enables or disables the same browsing capability available to standard Learners

View Team Progress:

When checked, Team Leaders can monitor training progress for users within their team scope
Requires selection of team scope defining which users the Team Leader can view
Opens team progress tracking interfaces showing completion status, assignment status, and learner advancement

Team Leader scope options:

Controlled By Account:

Team Leader can view training progress for users within the same account
Account-based scope aligns with partner organizations or customer accounts
Appropriate for partner managers overseeing training within their partner company
Limits visibility to organizational boundaries defined by account associations

Controlled By Account & Use Hierarchy:

Team Leader can view training progress for users in the same account and follows account hierarchy structures
Extends visibility through hierarchical account relationships
Appropriate for complex partner or customer structures with parent-child account relationships
Enables visibility across organizational subdivisions within account families

When to use Team Leader access:

Partner managers responsible for ensuring their team completes certification requirements
Customer account managers overseeing training compliance within their organizations
External team leaders managing training participation for distributed populations
Community leaders supporting training initiatives within defined user populations

Team Leader capabilities:

All Learner capabilities (take courses, view own progress, access training content)
View team members' training assignments and completion status
Monitor team progress toward training objectives and certification requirements
Identify team members requiring support or intervention
Generate informal reports on team training participation

Team Leader limitations:

Cannot assign courses or learning paths to team members (requires Manage Course Assignments)
Cannot create, edit, or delete courses or learning paths
Cannot mark quizzes or process enrollment requests
Cannot modify course content or settings
View-only access to team progress—cannot directly manage team assignments without additional permissions

Internal Employee User Access Levels

Internal employee users have four available access levels including all external community options plus Training Manager capabilities that provide comprehensive administrative control over training programs.

None Access Level (Employees)

Functions identically to external community None access—denies all Training Module access to employees with the selected security role.

Learner Access Level (Employees)

Functions identically to external community Learner access—provides basic training participation capabilities without administrative functions.

Team Leader Access Level (Employees)

Provides Learner capabilities plus team oversight functions for internal employees, with additional scope options reflecting organizational hierarchies and management structures.

Configuring Team Leader access for employees:

Select an employee-type security role in the Security Role dropdown
Select Team Leader from the Access Level options
Configure Browse Courses checkbox as desired
Configure View Team Progress checkbox to enable team monitoring
Select team scope from available employee hierarchy options
Click Save to apply Team Leader access level

Employee Team Leader scope options:

Direct Subordinates:

Team Leader can view training progress for users they directly manage in the organizational hierarchy
Follows manager-subordinate relationships defined in user profiles
Appropriate for first-line managers overseeing immediate team members
Limits visibility to direct reports without extending to indirect reports

All Subordinates:

Team Leader can view training progress for all users they manage directly and indirectly
Extends visibility throughout the entire management hierarchy below the Team Leader
Appropriate for senior managers or directors overseeing entire departments or divisions
Enables comprehensive visibility across multi-level organizational structures

When to use Team Leader access for employees:

Department managers monitoring training completion within their teams
Project leaders overseeing training requirements for project participants
Safety officers tracking compliance training across organizational units
Team leaders supporting professional development initiatives

Training Manager Access Level

The Training Manager access level provides comprehensive administrative control over training programs, including course creation, content management, user assignment, quiz marking, and full training administration capabilities. Training Managers have broad authority limited only by configured scope restrictions.

Configuring Training Manager access:

Select an employee-type security role in the Security Role dropdown
Select Training Manager from the Access Level options
Additional configuration sections appear: Browse Courses, Manage Courses, and Manage Course Assignments
Configure Browse Courses checkbox as desired
Configure Manage Courses permissions by selecting appropriate scope
Configure Manage Course Assignments permissions by selecting appropriate scope
Click Save to apply Training Manager access level

Manage Courses Permissions

Manage Courses permissions control which courses Training Managers can create, edit, and delete. Scope options determine whether Training Managers have full system-wide control or limited authority based on ownership, management relationships, or organizational structures.

Important Note: All users with Manage Courses permissions can add chapters with content to any shared course regardless of permission access level (private, team, etc.), but editing and deletion are restricted to the configured permission level.

Manage Courses Permission Scopes

Private:

Training Managers can create new courses
Training Managers can only edit and delete courses they personally created (courses they own)
Cannot edit or delete courses created by other administrators
Appropriate for distributed training development where administrators maintain independent course libraries

Team:

Training Managers can create new courses
Training Managers can edit and delete courses owned by their Manager
Training Managers can edit and delete courses owned by other users who report to the same Manager
Follows manager relationships defined in organizational hierarchy
Appropriate for collaborative teams sharing course development responsibilities

User & Direct Subordinates:

Training Managers can create new courses
Training Managers can edit and delete courses they own
Training Managers can edit and delete courses owned by their direct reports (users they directly manage)
Follows direct manager-subordinate relationships without extending to indirect reports
Appropriate for managers overseeing content developed by their immediate team

User & All Subordinates:

Training Managers can create new courses
Training Managers can edit and delete courses they own
Training Managers can edit and delete courses owned by anyone they manage directly or indirectly
Extends authority throughout entire management hierarchy below the Training Manager
Appropriate for senior training leaders overseeing departmental or divisional content

Team & Direct Subordinates:

Training Managers can create new courses
Training Managers can edit and delete courses owned by their Manager
Training Managers can edit and delete courses owned by team members (others with same Manager)
Training Managers can edit and delete courses owned by their direct reports
Combines team and direct subordinate scopes for broader authority
Appropriate for mid-level managers participating in collaborative teams while overseeing direct reports

Team & All Subordinates:

Training Managers can create new courses
Training Managers can edit and delete courses owned by their Manager
Training Managers can edit and delete courses owned by team members (others with same Manager)
Training Managers can edit and delete courses owned by anyone in their management hierarchy
Provides extensive authority across team and subordinate structures
Appropriate for senior managers coordinating with peers while overseeing hierarchical organizations

All:

Training Managers can create new courses
Training Managers can edit and delete all courses regardless of ownership
No restrictions based on relationships or hierarchies
Full system-wide course management authority
Appropriate for centralized training teams or system administrators

Manage Courses Permission Effects

Course creation:

All Manage Courses permission levels enable course creation
Newly created courses are owned by the creating administrator
Course ownership determines future edit and delete authority based on permission scopes

Course editing:

Training Managers can modify course settings, content, structure, and configuration within permission scope
Editing capabilities include adding chapters, lessons, quizzes, and managing all course properties
Scope restrictions prevent unauthorized modifications to courses outside permission boundaries

Course deletion:

Training Managers can permanently delete courses within permission scope
Deletion removes courses, all content, and user assignments
Scope restrictions protect courses from deletion by unauthorized administrators

Manage Course Assignments Permissions

Manage Course Assignments permissions control which users Training Managers can assign to courses, which enrollment requests they can approve, and which learner assignments they can manage. Scope options determine the population of learners the Training Manager has authority over.

Manage Course Assignments Permission Scopes

Team:

Training Managers can approve course requests, mark courses as completed or failed, and assign courses to their Manager
Training Managers have these capabilities for team members (users who share the same Manager)
Training Managers can remove these users from courses
Appropriate for collaborative training administration within teams

User & Direct Subordinates:

Training Managers can approve course requests, mark courses as completed or failed, and assign courses to users they directly manage
Follows direct manager-subordinate relationships
Training Managers can remove their direct reports from courses
Appropriate for managers handling training administration for immediate teams

User & All Subordinates:

Training Managers can approve course requests, mark courses as completed or failed, and assign courses to anyone they manage directly or indirectly
Extends authority throughout entire management hierarchy below the Training Manager
Training Managers can remove users in their hierarchy from courses
Appropriate for senior managers overseeing training across departments or divisions

Team & Direct Subordinates:

Training Managers can approve course requests, mark courses as completed or failed, and assign courses to their Manager, team members, and direct reports
Combines team and direct subordinate scopes
Training Managers can remove these users from courses
Appropriate for mid-level managers working within collaborative teams while managing direct reports

Team & All Subordinates:

Training Managers can approve course requests, mark courses as completed or failed, and assign courses to their Manager, team members, and entire management hierarchy
Provides extensive authority across team and hierarchical structures
Training Managers can remove users in combined scope from courses
Appropriate for senior managers coordinating team-based and hierarchical training administration

All:

Training Managers can approve course requests, mark courses as completed or failed, and assign any user to courses
No restrictions based on relationships or hierarchies
Training Managers can remove anyone from courses
Full system-wide assignment authority
Appropriate for centralized training administration or system administrators

Manage Course Assignments Capabilities

Course assignment:

Training Managers can enroll users within their scope in courses and learning paths
Assignment creates active enrollments with access to training content
Assigned users receive notification emails if notification settings are enabled

Request processing:

Training Managers can approve or reject course enrollment requests from users within their scope
Approval grants immediate access to requested training
Rejection removes requests from pending queues

Completion marking:

Training Managers can manually mark courses as completed or failed for users within their scope
Enables administrative override of completion status when necessary
Supports exceptional situations requiring manual status adjustment

User removal:

Training Managers can delete course assignments for users within their scope
Removal revokes training access and frees course licenses
Historical completion records may be preserved

Quiz marking:

Training Managers can mark quizzes with free text or file upload questions for users within their scope
Enables assessment evaluation and learner feedback provision
Supports timely quiz processing and learner progression

Saving Permission Changes

After configuring access levels and permission scopes for a security role:

Review all permission selections to verify appropriate access and authority levels
Locate the Save button at the bottom of the Permissions configuration area
Click Save to apply permission configuration to the selected security role
The page may refresh or display a confirmation message indicating successful permission update
Users assigned to the configured security role immediately inherit the new permissions
Repeat configuration process for additional security roles requiring Training Module access

Permission change impacts:

Immediate effects:

Users assigned to modified security roles gain or lose Training Module access immediately
New access levels and scopes take effect for current user sessions
Users may need to refresh browser or log out and back in to see permission changes in some implementations

User experience changes:

Users newly granted access see Training Module navigation and can access training features
Users with increased permissions gain access to administrative interfaces and functions
Users with reduced permissions lose access to features no longer authorized
Users with revoked access (None level) lose all Training Module visibility

Administrative coordination:

Communicate permission changes to affected users so they understand new capabilities or restrictions
Train users receiving new administrative permissions on proper feature usage and organizational policies
Monitor permission usage to ensure Training Managers use authority appropriately within scopes
Document permission decisions to support future administrators and ensure policy consistency

Best Practices and Recommendations

Strategic Permission Planning

Map roles to responsibilities: Align security role permissions with actual organizational responsibilities and training administration needs

Start restrictive: Begin with minimal permissions and expand as users demonstrate need and competency rather than granting excessive authority initially

Use hierarchy appropriately: Leverage organizational hierarchy and manager relationships for scope-based permissions rather than granting "All" scopes unnecessarily

Document permission frameworks: Maintain clear documentation explaining which roles have which permissions and why for policy consistency

Review permissions regularly: Schedule periodic audits of Training Module permissions to ensure they remain aligned with current organizational structures

Scope Selection Guidance

Private scope considerations:

Appropriate for distributed training development where content isolation is desired
Reduces coordination needs but may create content fragmentation
Consider when training teams operate independently without cross-editing needs

Team scope considerations:

Supports collaborative training development within organizational units
Enables peer review and shared content management responsibilities
Appropriate for flat organizational structures or project-based teams

Hierarchical scope considerations:

Aligns with traditional management structures and reporting relationships
Supports delegation of training administration through organizational levels
Distinguish between Direct and All Subordinates based on organizational depth

All scope considerations:

Reserve for centralized training teams or system administrators
Simplifies administration but reduces distributed responsibility
Monitor usage to prevent unauthorized modifications or deletions

Security and Access Control

Principle of least privilege: Grant only permissions necessary for users to perform their responsibilities rather than providing excessive authority

Separation of duties: Consider separating course creation/editing authority from assignment authority when organizational policies require controls

Monitor permission usage: Track administrative actions to identify inappropriate permission usage or security concerns

Coordinate with HR: Align Training Module permissions with HR organizational structures and manager relationships

Update during transitions: Modify permissions promptly when users change roles, responsibilities, or organizational positions

Training and Support

Train new administrators: Provide comprehensive training for users receiving Training Manager permissions on proper feature usage

Document procedures: Develop clear procedures for common administrative tasks within permission scopes

Establish escalation paths: Define how administrators should escalate issues beyond their permission scope

Share best practices: Facilitate knowledge sharing among Training Managers about effective training administration

Provide ongoing support: Offer continued support and guidance as administrators use their permissions

Permission Maintenance

Track organizational changes: Update permissions when organizational structures, manager relationships, or responsibilities change

Clean up unused roles: Review and remove Training Module permissions from security roles no longer requiring access

Coordinate with deprovisioning: Ensure Training Module permissions are revoked when users leave organizations or change roles

Version control: Maintain records of permission configuration changes for audit and rollback purposes

Test permission changes: Validate permission modifications in test environments before applying to production when possible

Troubleshooting Tips

Users Cannot Access Training Module

Verify role assignment: Confirm users are assigned to security roles with Training Module permissions configured

Check access level: Ensure security role has Learner, Team Leader, or Training Manager access rather than None

Review recent changes: Verify permissions weren't recently modified, removing user access

Test with different users: Confirm issue affects all users in role or only specific individuals

Refresh user sessions: Ask users to log out and back in to apply permission changes

Training Managers Cannot Edit Courses

Verify Manage Courses configuration: Confirm Manage Courses permissions are enabled with appropriate scope

Check course ownership: Verify courses Training Managers attempt to edit fall within their permission scope

Review manager relationships: Ensure organizational hierarchy and manager assignments are configured correctly in user profiles

Test scope logic: Verify permission scope selections align with intended authority boundaries

Check sharing settings: Confirm course sharing options don't prevent access despite permission configuration

Training Managers Cannot Assign Users

Verify Manage Course Assignments: Confirm Manage Course Assignments permissions are enabled with appropriate scope

Check user relationships: Verify users Training Managers attempt to assign fall within permission scope

Review hierarchical structures: Ensure manager-subordinate relationships are correctly configured

Test with different users: Confirm whether issue affects all assignments or specific user populations

Check license availability: Verify sufficient licenses exist for assignment operations

Permission Scopes Not Working as Expected

Review hierarchy configuration: Verify manager relationships and organizational structures are correctly established in user profiles

Understand scope definitions: Confirm understanding of scope differences (Direct vs. All Subordinates, Team vs. User)

Test systematically: Create test scenarios validating each permission scope behaves as documented

Check for conflicts: Verify users don't have multiple role assignments creating conflicting permissions

Consult documentation: Review detailed permission scope explanations to ensure correct configuration

Permissions Changed But Not Taking Effect

Force user refresh: Ask users to log out completely and log back in to refresh permission cache

Clear browser data: Remove cached application data that may reflect old permission configurations

Wait for propagation: Allow time for permission changes to propagate through system if delays exist

Verify save completed: Confirm permission configuration save operation completed successfully without errors

Check system status: Verify no system maintenance or updates are affecting permission processing

Table of Contents