User Roles & Permissions

The User Roles & Permissions system in EduDesk provides granular access control, ensuring users have appropriate access to features based on their responsibilities within the organization.

Overview

EduDesk's role-based access control system:

• Defines what actions users can perform

• Restricts access to sensitive information

• Customizes the user interface based on permissions

• Allows for role customization (Pro & Premium tiers)

Default User Roles

EduDesk comes with five predefined roles:

End User

Basic role for teachers and staff who need to submit and track IT support requests.

Permissions:

• Create and view their own tickets

• Add comments to their tickets

• Access the knowledge base

• Update their profile information

• View announcements

IT Staff

For technical support personnel who handle day-to-day ticket resolution.

Permissions:

• View and process all tickets

• Create and update knowledge base articles

• Generate basic reports

• View user information

• Manage their assigned tickets

• Access internal notes and resources

IT Administrator

For technical leaders who manage the IT support operation.

Permissions:

• Full ticket management capabilities

• User management within their school

• Knowledge base administration

• Report generation and analytics

• System configuration

• Automation rule creation

• SLA management

School Administrator

For principals, directors, or other school leaders who oversee IT operations.

Permissions:

• View all tickets and reports

• Manage subscription and billing

• Add/remove users

• Configure school settings

• Access all analytics

• Manage departments and locations

Super Administrator

For district-level administrators managing multiple schools (Premium tier only).

Permissions:

• Manage multiple schools

• System-wide configuration

• Access to all features and settings

• Create and manage school administrators

• Configure global policies

• View cross-school analytics

Accessing Role Management

1. Log in with administrator privileges

2. Go to "Administration" in the main navigation

3. Select "Roles & Permissions"

Viewing Role Permissions

To see what permissions are assigned to each role:

1. Go to Roles & Permissions

2. Select a role from the list

3. View the permission matrix showing:

   • Feature access (Full, Limited, None)

   • Action permissions (Create, Read, Update, Delete)

   • Scope limitations (Own, Department, School, All)

Managing Default Roles

While you cannot delete default roles, you can modify their permissions:

1. Go to Roles & Permissions

2. Select the role you want to modify

3. Click "Edit Permissions"

4. Adjust permissions as needed

5. Click "Save Changes"

Note: Basic tier subscribers can only make limited adjustments to default roles.

Custom Roles (Pro & Premium)

Create specialized roles tailored to your organization's needs:

Creating a Custom Role

1. Go to Roles & Permissions

2. Click "Create Role"

3. Enter role details:

   • Role name

   • Description

   • Base role (optional, to inherit permissions)

4. Configure permissions for each system area:

   • Tickets

   • Knowledge Base

   • Reports

   • Users

   • Settings

   • etc.

5. Set scope limitations

6. Click "Create Role"

Editing Custom Roles

1. Go to Roles & Permissions

2. Select the custom role

3. Click "Edit Role"

4. Make necessary changes

5. Click "Save Changes"

Deleting Custom Roles

1. Go to Roles & Permissions

2. Select the custom role

3. Click "Delete Role"

4. Reassign users with this role to another role

5. Confirm deletion

Permission Categories

EduDesk organizes permissions into several categories:

Ticket Management

• Create tickets

• View tickets (own/department/all)

• Update ticket status

• Assign tickets

• Delete tickets

• Add comments (public/internal)

• View internal notes

• Set priority levels

• Manage SLAs

User Management

• Create users

• View user profiles

• Update user information

• Deactivate/reactivate users

• Delete users

• Assign roles

• Reset passwords

• Manage user groups

Knowledge Base

• Create articles

• Edit articles

• Publish articles

• Delete articles

• Manage categories

• View usage analytics

• Create templates

Reporting & Analytics

• View reports

• Create custom reports

• Export reports

• Schedule reports

• Access sensitive data

• View performance metrics

System Configuration

• Manage school profile

• Configure system settings

• Set up integrations

• Manage automation rules

• Configure email templates

• Set up custom fields

Subscription & Billing

• View subscription details

• Change subscription plan

• Update payment information

• Purchase add-ons

• View billing history

• Manage tax information

Role Assignment

Assigning Roles to Users

1. Go to User Management

2. Search for and select a user

3. Click "Edit User"

4. Select the appropriate role from the dropdown

5. Click "Save Changes"

Bulk Role Assignment

For updating multiple users at once:

1. Go to User Management

2. Select multiple users using checkboxes

3. Click "Bulk Actions"

4. Select "Change Role"

5. Choose the new role

6. Click "Apply Changes"

Advanced Permission Features (Premium)

Department-Specific Permissions

Customize permissions based on department:

1. Go to Roles & Permissions

2. Select "Department Permissions"

3. Choose a department

4. Customize role permissions for this department

5. Click "Save Department Permissions"

Time-Based Permissions

Grant temporary access for specific periods:

1. Go to Roles & Permissions

2. Select "Temporary Permissions"

3. Choose a user

4. Select additional permissions to grant

5. Set a time period

6. Click "Grant Temporary Access"

Permission Delegation

Allow certain users to grant specific permissions to others:

1. Go to Roles & Permissions

2. Select "Permission Delegation"

3. Choose which roles can delegate which permissions

4. Set delegation limits

5. Click "Save Delegation Settings"

Permission Auditing

Track permission changes for security and compliance:

1. Go to Roles & Permissions

2. Select "Permission Audit Log"

3. View a history of:

   • Role changes

   • Permission modifications

   • Role assignments

   • Temporary permission grants

4. Filter by date, user, or action

5. Export audit logs as needed

Best Practices

Security

• Follow the principle of least privilege

• Regularly audit user roles and permissions

• Remove unnecessary permissions

• Create custom roles instead of modifying default ones

• Use temporary permissions for short-term needs

Organization

• Create roles based on job functions, not individuals

• Document your role structure and permission settings

• Establish a clear process for requesting permission changes

• Review and update roles when job responsibilities change

Implementation

• Start with default roles before creating custom ones

• Test custom roles before wide deployment

• Train administrators on permission management

• Create a permission matrix document for reference

Troubleshooting

Common Issues

Access Denied Errors

If a user cannot access a feature they should have permission for:

1. Verify their assigned role

2. Check if the permission is explicitly granted

3. Look for conflicting permission settings

4. Ensure the feature is available in your subscription tier

5. Clear browser cache and cookies

Excessive Permissions

If a user has more access than they should:

1. Review their assigned role

2. Check for temporary permissions that haven't expired

3. Verify they aren't assigned to multiple roles

4. Check department-specific permission overrides

Role Management Issues

If you cannot create or modify roles:

1. Verify you have administrator privileges

2. Check your subscription tier limitations

3. Ensure you're not trying to modify protected system roles

4. Contact support if problems persist

Getting Help

For assistance with roles and permissions:

• Review the detailed permissions guide in the Knowledge Base

• Contact support at support@edudesk.org

• Schedule a consultation with our security team (Premium tier)