Manage Authorisation includes sophisticated role-based authorisation and security for users such as sales agents, course administrators, accountants and management. In this section we are addressing security and authorisation for those people who will be given access to the administration functionality in, not the general public using a public web site.


Roles provide the first major means of granting and controlling access to information and functionality.

New roles can be added as needed using the Roles Configuration Table.

Course providers

For any particular user it is possible to allow access only to specific course providers. This dimension of control means an individual's Role may give them access to a wide range of functions, but in each function they will only be able to see and change information for the course providers they have been given access to.


The Individual table holds the user ID, password, roles and course providers that each person is associated with. Any particular individual can have more than one role, and be given access to more than one course provider.

Individuals can view and edit their own records, but may not change their own roles or course provider privileges unless they have system administrator level access.

Object permissions

Every function in is treated as an object. Every object can have permissions associated with them for every role. A typical usage scenario is:

Object Role View Add Edit Delete
Course Template Sales Agent        
Course Date Sales Agent        
Document (enquiry / registration) Sales Agent        

For the purposes of object permissions, there are over twenty objects in A typical configuration has between three and fifteen roles.

Left Hand Menu

The menu on the left hand side of the administration screens can be configured differently for each role. New menu items can be added at any time - this feature is particularly useful if you wish to setup favourite searches - e.g. all enquiries or registrations in London where the customer has not paid.

Each menu item can have one or more roles associated with it. Only people who have those roles will see the menu item.

This feature is different from the object permissions - a user that clicks a menu leading to a view they are not allowed to see will be given an error message.


If a user tries to gain access to a information or a function they do not have permission for, even if they type in a correct URL in the address bar of the browser, they will be barred from access.

If a user is only allowed to see a particular course provider's information, then they will not even see the names of other providers in list boxes.