Forums | Mahara Community
Support
/
Admin Permissions
06 February 2012, 7:52
We're piloting the latest version of Mahara.
When I login as admin, I still don't have permissions to look at a student's view (or page) unless the student specifically grants it. Is this correct? Any way to change this? I understand it should function like that for regular users, but I would assume the admin would be able to see everything/anything. I relalize I could login as that user, then go find the view, but that is a lot of extra work.
Also, is there a way to see a list of all exisiting views from all users?
06 February 2012, 9:39
I thought that was the expected behaviour, though I might be wrong. I am an admin and I can't natively see all users' pages unless I log in as them or they grant me access.
06 February 2012, 12:42
Really? Maybe I'm just used to other systems where the admin is the admin and can do/see anything. It is a little difficult to manage, or just to sample, what your users are doing when you can't see what they're doing.
06 February 2012, 15:43
Hello John,
It is by design that you as admin cannot immediately see everything another user does. An admin should not be involved in what users do. Mahara is designed as personal learning environment in which the users can decide who shall have access to their portfolio pages and their content.
An admin has the possibility to see other user's account though by masquerading as that user. When you go to a user profile as admin, you will see the "Login as" link. That allows you to see an account as if you were a user. It is great for figuring out permission problems,
Cheers
Kristina
07 February 2012, 7:05
On the one hand, you say that the user should decide if an admin can see thier pages, but then acknowledge that the admin can just ignore this and login as the user to see the page. So really, the user cannot trully decide, since the admin can just login as them! So why make it hard on the admin to see the pages if (as you acknowledge) they can just do so by logging in as the user?
I'm not trying to be arguementative, it just seems poorly thought out...
07 February 2012, 9:55
Personally, I would prefer the admin has no access at all to users data, to respect the idea of a ePortfolio system, but I understand that my point of view can be considered by extreme. :-)
-dajan
08 February 2012, 9:19
I fully agree to the policy that the admin should only be allowed to have access to a user's view if there is a problem like misuse or reported copyright infringement. Mahara has been designed to give the user full control of his work and we cannot expect students to use and trust a system like Mahara where the teacher tells them that they are the owners of their stuff but then they find out that an admin ( or worse, if an institution has more than 1 admin) can easily access their views. I also think it is a good idea if the admin can masquerade as a user and then in the online users list the masquerated user appears. I also have to do this sometimes as I manage a Mahara with several institutions to find out if a user has been inactive and eventually can be removed...
What I would rather wish for is the possibility like in Moodle that you can see in the users list for how long users have been inactive so that you could write them a message to check whether they still want to be members. This would help me as an admin immensily.
But whatever your rights are as an admin, the users should be told and also be told the reasons for that. I hope I could make myself understood ;-)
08 February 2012, 12:28
Hi Sigi,
Thank you for your thoughts.
You could set an inactivity time in the site settings so that you don't have to monitor this manually.
Cheers
Kristina
07 February 2012, 12:48
Hello John,
Unfortunately, I cannot tell you what the initial thinking was for allowing admins to login as users as I was not involved in the project then. Maybe it was a relic from Moodle? Maybe it was designed so that admins could troubleshoot issues?
It can be viewed as counterproductive to a very personal space but then IMO on any online tool there is a way for an administrator (maybe even more difficult) to get into a user's account as everything is saved in a database somewhere.
But as you can see, this admin role should not be misused and only a select few people should have this role in an institution or maybe even none and just the site admin who administers the entire site. Teachers IMO should not have this role at all. They can have the staff role which allows them to create course groups.
It would be interesting to know if there are schools that utilize this admin function to an advantage with their users.
Recently, Dirk suggested to log an admin's activity on an account so that users know when an admin had logged in: https://bugs.launchpad.net/mahara/+bug/900983 This would be a great step into more transparency of admin activity.
Cheers
Kristina
07 February 2012, 14:00
For my two cents on this, I would find it useful for a user to give permission to someone to edit their page for them...not just the administrator.
In this way, an intermediary could upload content for a learner that could help them, such as an advisor uploading a video of an apprentice's skills demonstration.
But maybe this could be adequately done using a group named for the learner...
- «Previous page
- 1
- 2
- »Next page