User roles and access rights management
E-LEARNING PLATFORM – USER ROLES AND ACCESS RIGHTS MANAGEMENT – ELE-PRO-013-A
Version: 1.0 | Last update: 04/11/2025 | Department: IT & E-learning
🎯 Objective
Define the standardized process for managing user roles and access permissions on the
Dubai Precious Metals University e-learning platform
(dubai-precious-metals-university.com),
built with the MasterStudy LMS theme.
This ensures consistent, secure, and role-based access control aligned with organizational hierarchy and pedagogical responsibilities.
👤 Who
- IT & E-learning Administrator
- Academic Coordinator
- Administrative Assistant (CRM updates)
🧩 Inputs / Outputs
Inputs:
- List of active users (students, instructors, staff)
- Defined role matrix (see below)
- Zoho CRM user records with validated email and position
Outputs:
- Users assigned the correct roles and permissions in WordPress / MasterStudy
- Restricted access according to function and confidentiality
- Traceable updates recorded in Zoho CRM
⚙️ Process Steps
- Understand the Role Hierarchy
The DPMU platform uses the following official access hierarchy:- 🟢 Administrator – full system rights (IT team only)
- 🔵 Academic Coordinator – manage courses, instructors, and enrollments
- 🟣 Instructor – create, edit, and monitor their own courses
- 🟠 Student – view assigned courses and participate in quizzes
- ⚪ Alumni / Inactive – limited read-only access to certificates and archives
Custom roles may exist for communication, quality, or direction teams if needed (managed case-by-case).
- Role Assignment During Account Creation
When a new user is created:- Verify their status and position in Zoho CRM
- Log in to
dubai-precious-metals-university.com/wp-admin - Navigate to Users → Add New
- Assign the appropriate role based on function
- Click Add New User
Record the assigned role in the Zoho CRM user record (field “Platform Role”).
- Modify or Update User Roles
If a user’s function changes (promotion, end of contract, completion of studies):- Go to Users → All Users
- Select the account → click Edit
- Change the Role dropdown to the new status
- Click Update User
Example transitions:
- Instructor → Academic Coordinator (if promoted)
- Student → Alumni (after graduation)
- Temporary Staff → Inactive (end of contract)
Update the change in Zoho CRM with the note: “Role updated – [date]”.
- Access Rights Definition
The table below summarizes permissions for each role:Role Access Level Typical Permissions Administrator Full Manage users, courses, LMS settings, backups, themes, plugins Academic Coordinator High Create courses, assign instructors, validate content, monitor performance Instructor Medium Edit own courses, view student progress, grade quizzes, upload media Student Basic View courses, complete quizzes, download certificates Alumni / Inactive Limited Access archived materials or personal certificates only - Periodic Review of Roles
Every quarter, the IT team verifies:- That all active users have the correct role
- That no user has higher rights than necessary
- That ex-students or ex-staff accounts are deactivated
Export the All Users list from WordPress and cross-check with Zoho CRM for discrepancies.
- Role Security Controls
- Only IT Administrators can assign or modify the “Administrator” role
- Two-factor authentication (2FA) is mandatory for Administrator accounts
- Any role change must be recorded in ELE-LOG-007 (Role & Access Register)
- Former users’ access must be disabled within 24h of departure confirmation
- Archiving and Traceability
- All role modifications are documented in Zoho CRM Notes with date and author
- Export of the updated user list stored quarterly in
WorkDrive › IT › Access Rights › ELE-PRO-013-A - Keep historical versions of the role matrix for 24 months minimum
✅ Controls
- Quarterly access review between IT and Academic departments
- System log monitoring for unauthorized privilege escalations
- Audit of Zoho CRM and WordPress role alignment
📁 Records
- Role & Access Register (ELE-LOG-007)
- Exported user list (CSV / Excel)
- WorkDrive archive IT › Access Rights › ELE-PRO-013-A
156