[LON-CAPA-cvs] cvs: doc /loncapafiles loncapafiles.lpml loncom/html/adm/help/tex Domain_Configuration_User_Privacy.tex

raeburn raeburn at source.lon-capa.org
Tue Jan 14 14:53:49 EST 2025 

raeburn		Tue Jan 14 19:53:49 2025 EDT

  Added files:                 
    /loncom/html/adm/help/tex	Domain_Configuration_User_Privacy.tex 

  Modified files:              
    /doc/loncapafiles	loncapafiles.lpml 
  Log:
  - Document domain configuration for role assignments and user privacy.
  
  
Index: doc/loncapafiles/loncapafiles.lpml
diff -u doc/loncapafiles/loncapafiles.lpml:1.1075 doc/loncapafiles/loncapafiles.lpml:1.1076
--- doc/loncapafiles/loncapafiles.lpml:1.1075	Mon Dec 30 21:19:08 2024
+++ doc/loncapafiles/loncapafiles.lpml	Tue Jan 14 19:53:49 2025
@@ -2,7 +2,7 @@
  "http://lpml.sourceforge.net/DTD/lpml.dtd">
 <!-- loncapafiles.lpml -->
 
-<!-- $Id: loncapafiles.lpml,v 1.1075 2024/12/30 21:19:08 raeburn Exp $ -->
+<!-- $Id: loncapafiles.lpml,v 1.1076 2025/01/14 19:53:49 raeburn Exp $ -->
 
 <!--
 
@@ -3841,6 +3841,7 @@
 Domain_Configuration_Trust.tex;
 Domain_Configuration_User_Creation.tex;
 Domain_Configuration_User_Modification.tex;
+Domain_Configuration_User_Privacy.tex;
 Domain_Configuration_User_Sessions.tex;
 Domain_Configuration_WAF_Proxy.tex;
 Domain_Coordination_Intro.tex;

Index: loncom/html/adm/help/tex/Domain_Configuration_User_Privacy.tex
+++ loncom/html/adm/help/tex/Domain_Configuration_User_Privacy.tex
\label{Domain_Configuration_User_Privacy}
When a domain is part of the LON-CAPA network of collaborating institutions
it is possible for users in your domain to be assigned roles in courses,
communities, or authoring spaces in another domain.  It is also possible for
a domain's users to be assigned domain-level roles outside their own domain.

Such types of role assignment can be subject to an approval process. In
addition, the types of ``directory'' and ``non-directory'' information
displayed in role contexts for a user's roles assigned in other domains
can be subject to restrictions.  Both the types of approval, and possible
restriction of information are part of the domain configuration in the user's 
own domain.

\begin{itemize}
\item \textbf{Approval options}

Approval options can be set for domains which belong to the same
institution, as determined by an identical ``internet domain'' entry for each
domain in the authoritative list of domains within a LON-CAPA cluster.

Approval options can also be set for domains which do not belong to the
same institution.

In each case, role authorization options will be set separately for roles of the 
following type: Domain, Co-author, Course, and Community.

Authorization options are:

\begin{itemize}
\item \textit{Not allowed}

Roles of the particular type outside the domain may not be assigned to the domain's users.
\item \textit{User authorizes}

Assignment of roles of this type will be queued, pending the user's approval. On 
the user's side a ``Show pending'' link in the Functions bar on the user's 
Courses/Roles page provides access to a list of roles assigned to them, but queued 
pending their approval.
\item \textit{Domain Coordinator authorizes}

Role assignments of this type will be queued, pending action by a Domain Coordinator
in the user's domain. The ``Create users or modify the roles and privileges of users''
link on a Domain Coordinator's Main Menu page provides access to a ``Queued Role 
Assignments (this domain)'' link which can be used to approve or deny the assignment.
\item \textit{Unrestricted}

When a role is assigned in another domain, it is available without further 
authorization, although a currently logged-in user would need to use the 
"Check for changes" to display the new role and have it selectable, if the start
and end dates mean it is an active role.  This is the default.
\end{itemize}

Active Domain Coordinators for whom checkboxes are checked in the ``Notify when role 
needs authorization'' will receive a LON-CAPA message when a role in another domain 
is assigned to a user in your domain and the approval is set to ``DC authorizes'' for
the corresponding role type.

\item \textbf{User information available}

The types of ``directory'' (i.e., last name, middle name, first name and generation) and 
``non-directory'' information (i.e., email address and student/employee ID) which will
be viewable in another domain both before and after assigning a role in that domain to 
a user from your domain can by configured for each institutional status type.

The default is for all user information to be viewable.

More information about the LON-CAPA-cvs mailing list