Overview
The SEAtS security model is based on the principle of least privilege, enabling a restricted view of student data within the system. It can be used to restrict access to specific student data to the staff members to whom it is pertinent. Data can be restricted at various levels such as Programme, School, Course and Module.
Common Uses
The most common use is to allow an academic to only view students belonging to courses or modules they instruct. Other uses include permitting tutors to only see data related to their own tutees, or ensuring that staff can only view sensitive information for students assigned to them.
Security Model Import
Staff security data is added via the Staff Security import. The mandatory columns are: STAFF_NUMBER and IS_SUPER_USER. At least one of the following must also be provided: COLLEGE_CODE, SCHOOL_CODE, PROGRAMME_CODE, COURSE_CODE, MODULE_CODE, or STUDENT_NUMBER.
Example Staff Security Setup
Staff with a specific COLLEGE_CODE can see all students in that faculty. Staff with a specific MODULE_CODE can only see students enrolled on that module. Staff with IS_SUPER_USER = Y can see all students in the system regardless of other settings.
Making Adjustments
Once the security model is deployed, permissions can be viewed and adjusted in the Admin Site under Users > Security Level Permissions. Additions can be made by searching for the relevant entity, clicking Add and then Apply. Removals can be made by ticking the checkbox next to an entity and deleting it.
Adjustments via Import
For any STAFF_NUMBER referenced in a Staff Security import, all previous permissions for that staff member are replaced by those in the current file. Staff not present in the import file are not affected.