We know from research that some users are confused about how permissions work.
In particular, it can be hard to understand how user and organisation permissions combine to determine what users can do.
What we did
We added a guidance page to ‘How to use this service’, explaining that:
- all users can view applications to courses they run
- some things users can do are only affected by user permissions
- organisation permissions only affect courses run with a partner organisation and reflect the relationship between the 2 organisations
- users can check organisation permissions in the organisation settings
- users with permission to manage organisations can change organisation permissions
Future considerations
We do not want to rely on guidance to help users understand how to use the service. We would like to introduce a simpler permissions model.