OppiaMobile Server Permissions¶
There are various permissions associated with users in OppiaMobile, some based on the default Django users system and others based on extra permissions the user has been specifically given.
- Admin User - this is the standard Django superuser (https://docs.djangoproject.com/en/2.2/topics/auth/default/ - a typical user with this role would be a system/server administrator
- Staff - this is the standard Django staff user (https://docs.djangoproject.com/en/2.2/topics/auth/default/) - a typical user would be a project manager/officer, college or ministry staff, essentially users who need to access all the data/reports within the server, but not necessarily responsible for the technical maintenance or server level admin.
- Teachers/Students - in Django permissions terms, both teachers and students are standard users. The only difference between them is that a teacher has been assigned the teacher status to a particular cohort of students. A cohort is just a group of teachers and students assigned to a particular set of courses. A user may have the role of teacher on one set of courses, but then be a student on other courses.
Permissions on the OppiaMobile Server dashboard:¶
|Access Django Admin||Yes||No (1)||No||No|
|Upload Course||Yes||Yes||No (2)||No (2)|
|Update a Course||Yes||Yes||No (9)||No (9)|
|Bulk Upload Users||Yes||No||No||No|
|View Cohorts||Yes||Yes||Yes (3)||No (4)|
|Add New Cohort||Yes||Yes||No||No|
|Edit Existing Cohort||Yes||Yes||No||No|
|View course list||Yes||Yes||Yes (5)||Yes (5)|
|View draft courses||Yes||Yes||No (8)||No (8)|
|View course recent activity||Yes||Yes||Yes (6)||No (7)|
|View course activity detail||Yes||Yes||Yes (6)||No (7)|
|Download course activity detail||Yes||Yes||No||No|
|Download quiz responses detail||Yes||Yes||No||No|
|Download feedback responses detail||Yes||Yes||No||No|
|View course quizzes||Yes||Yes||Yes (6)||No (7)|
|View student activity (all activity)||Yes||Yes||No (6)||No (7)|
|View student activity (for specific course)||Yes||Yes||Yes (6)||No (7)|
|View student activity (for specific cohort)||Yes||Yes||Yes (6)||No (7)|
|View server level analytics||Yes||Yes||No||No|
|Upload media files||Yes||Yes||No||No|
|Upload activity logs||Yes||Yes||No||No|
|Change password and update user info||Yes (any user)||Yes (any user)||Yes (own only)||Yes (own only)|
|Delete user account||Yes (from admin pages)||No||Yes (own only)||Yes (own only)|
|Export user data||Yes (own only)||Yes (own only)||Yes (own only)||Yes (own only)|
- Staff are able to access the Django admin URL, however they do not have permissions to view any of the data models or actual data through this
- Any user (teacher or student) may be given permissions to upload courses by changing the ‘can upload’ field in their UserProfile to be true.
- Teachers may only view cohorts that they are teachers in.
- Students may view their own activity within a cohort
- Students and Teachers may view all the courses available on the server, except those that are still in draft stage
- A teacher may only view the activity for courses they are assigned to be teachers on, and then only for the students in the cohorts they are teachers in.
- Students may see their own activity within a course or cohort - but not anyone elses
- Any user may be given Course viewer permissions to be able to view a specific course that is currently draft
- Any user may be given Course manager permissions to be able to update (republish) a course