[Permissions] Granular Course Import/Export Permissions

Scenario:

It's not uncommon for faculty to try importing from their old shells and get the entire course. Then, in the process of cleaning up the mess, they delete more than they should.

Not only does this cause a mess in the shells that students get to see, it also has the potential for faculty to import their own content, en masse, and completely disregard the established curriculum and evaluation methods used for accreditation and performance statistics (we can't determine if an assignment works well if faculty keep deleting or unpublishing it).

For a long time, we've used CSS and JavaScript to hide the buttons for importing and exporting content (include the new ones in the activity list pages), but these don't work on the mobile app!

Solution:

It's pretty straight forward, make all course content importing/exporting a separate permission set from creating content so it can be applicable across all access points (UI, API, and mobile apps). Sure, we'd get me copy/paste breakage, but overall it's significantly less to clean up.

7 Comments
Stef_retired
Instructure Alumni
Instructure Alumni
Status changed to: Open
 
jason_cummings
Community Member

We are looking to do this same thing at my institution. Faculty, with the best of intentions, importing entire past courses by mistake causes our admin staff to have to spend hours and hours helping people clean up messes. Seems like this would be an easy fix, Canvas.

Nancy_Webb_CCSF
Community Champion

Hi @cesbrandt and @jason_cummings thanks for this idea to make course import/export a granular permission.  You're right, you might want instructors to edit content but not import and those are tied into the same permission.  Using css to hide the two buttons is a good idea but shouldn't be necessary, esp. since it doesn't work in mobile apps.

We are also concerned because any role based on the teacher role, such as TAs, has the right to export a course they don't own.  We don't want course reviewers and others to have the right to export someone else's course, it is an intellectual property issue.  This idea would cover that, give us the ability to remove that permission for most roles.

I was told in 2019 that pretty much every role but student or observer, or roles based on those, have the right to export the course content. 

KristinL
Community Team
Community Team
Status changed to: New
 
KristinL
Community Team
Community Team
Status changed to: Added to Theme
 
nathanatkinson
Community Team
Community Team
Status changed to: New
 
nathanatkinson
Community Team
Community Team
Status changed to: Open