You can customise the permissions for built-in system roles and also assign permission to a custom dynamic security role that you created in SchoolWise. Permissions control what reports and screens users in each role can access.
Granting permissions to a role does not automatically grant the users in the role access to all learner data. The data that each user can access within a role depends on a few conditions;
Is this the only role the user is a member of?
Is the user is a member of any other built-in system roles or custom roles you have created?
A user is a member of only one security role
If this is the only role the user is a member of then access to learner data will depend on;
Is the user a member of only one built-in system role?
Is the user a member of only one custom security role?
A user is a member of only one built-in system role
Each built-in system role has pre-defined access to learner data. You can see what learner data each built-in system role has in this article. In summary, access to learner data by each system role is;
Management - all learner data for all year groups.
Guidance and Counselling - all learner data for all year groups.
Learning support - all learner data for all year groups.
Special needs - all learner data for all year groups.
Year heads - only learner data where the user is assigned the year head role. Usually all learners within a single year group.
Tutor - only learner data where the user is assigned the tutor role. Usually a subset of users within a single year group.
A user is a member of only one custom security role
When you create a custom dynamic security role, you also define what year groups the users within the custom role will have access to. If a user is a member of only one custom security role, then access to learner data is defined by the year groups explicitly assigned to that role. You can learn about creating custom roles here.
A user is a member of other built-in system roles or custom dynamic security roles
If a user is a member of other roles, system or custom, you must take into account the learner data they already have access to.
Example 1: a user is a year head and has access to first year. You create a custom security role and assign access to sixth year data. You add the same year head to the custom role. The combined permission for the year head is access to both first and sixth year data. Therefore, if you grant permission to reports and screens in Learner Support, the year head will be able to see both first and sixth year data in these reports.
Example 2: a user is in the Guidance and Counselling role. You create a custom role and grant access to first, second and third year data. You add the same user to the custom role. The user already had access to all data in all year groups. Therefore, if you grant permission to reports and screens in Learner Support, the user will be able to see all learner data in all year groups in these reports.
Assigning permission to a security role
Note: Only people in the Management role have permission to create a custom role.
To assign permission to either a built-in system or custom security role you need to do the following;
1. Click on the Manage button on the Learner Support main menu, and then under the Settings panel click the Manage button.
2. On the Settings screen, click on the Permission button.
3. You can then use the toggle buttons to grant or deny access to reports and screens in the platform. Each column represents a role with both built-in system and custom roles displayed. The sections on the left represent specific areas of the platform with each row for every item within those sections. The colour for each toggle is as follows;
Green - the role has access
Red - the role is denied access
Lock - this setting cannot be modified
Related Articles