Disable Navigation Menu for Custom Account Admin Role

Jump to solution
casey_eubank
Community Explorer

I have added the following JavaScript code to hide the navigation tab in courses for faculty.  However, when I have impersonated a user assigned to a sub-account with one of the custom admin account roles I created, they are still able to see the navigation tab when they go into courses.  How do I make it so only those users that are assigned the default account admin role can see the navigation tab in Courses?

  1. Here is my Java Script code: 
    //hides Navigation tab in course settings
    var navigationTab = document.getElementById('navigation_tab');
    
    function isAdmin() {
        if (window.ENV && Array.isArray(window.ENV.current_user_roles)) {
            return window.ENV.current_user_roles.includes('admin') || window.ENV.current_user_roles.includes('root_admin');
        }
        return false;
    }
    
    if (navigationTab && !isAdmin()) {
        navigationTab.style.display = 'none';
    }
0 Likes
3 Solutions
JamesSekcienski
Community Contributor

@casey_eubank 

To refer to a specific type of admin user, you will want to use current_user_types instead of current_user_roles.  You can then check that it includes "AccountAdmin" for the default account admin role.

ENV.current_user_types.includes("AccountAdmin")

View solution in original post

chriscas
Community Coach
Community Coach

Hi @casey_eubank,

This issue is definitely a frustrating one to deal with, as the ENV variables are not in-context (the array will have "admin" included even if the user is not an admin of the course being viewed, but some other subaccounts) nor does it include custom role info.  I've been making an attempt to solve this recently, as documented at  Get admin roles through API - Instructure Community.  If you have access to Google Apps Script, you could try implementing my solution.  The problem is that it involves quite a few API calls for admin roles (it's got to do one API call per subaccount), so it may take a second or two for that to complete.  If you only care if the user is a root account full admin, you could strip my code down to just check for that with a single API call not using google API script (the API call may error out for some non-root-admins).  I've been hoping others could review my code to see if there may be a more efficient way to code it, but so far there hasn't been much response.  With that in mind, it might be better to use CSS to hide the tab by default and then have the javascript unhide it for root admin users.

I hope this helps a bit, and maybe it will get more eyes on my thread too to see if anyone has a better way to do this.

-Chris

View solution in original post

That is correct about what I refer to at least as full root admin.  You could also try the suggestions posted by @JamesSekcienski, if the subaccount admins (even out of context) could be allowed to see the navigation.  The suggestions he gave are definitely simpler if they fit your needs.  I have brought this situation up with our CSM, hoping one day Canvas will more easily expose exact and in-context role information in the ENV variable, but doesn't seem like that will be coming too soon.

-Chris

View solution in original post