We’ve been working on Content Controller for three years now, and in that time our focus has been on core functionality, usability, and adding and improving features based on feedback from our customers. We’re proud of the resulting application, and proud that it has delivered content to millions of learners since its initial release in 2016. However, it’s always the case when developing software that you need to prioritize, and some of the work that you’d like to do ends up getting pushed back in favor of more pressing needs. For Content Controller, one piece of work that kept getting pushed back was improving the user model, which is why it’s exciting that Content Controller v2.1 includes Administrative Users and Account Access Controls.
You see, Content Controller has from the very beginning had an extremely simple user model. Every authenticated user can perform every action, from sharing a course with an account, to adding and removing users. This has been mostly fine, because our expectation has always been that only a very small number of trusted people in an organization will ever need to sign into Content Controller, but it’s never been a solution that we’ve been entirely comfortable with.
For one thing, it’s clear that not everyone should have access to administrative features, like user management. For another, the user model didn’t line up with how we talk about Content Controller’s other features. Some of those are for “account managers,” some are for “content managers,” and some are for someone else entirely. The “everyone can do everything” model certainly allows all these types of users to do what they need – but it doesn’t prevent anyone else from doing something potentially dangerous or disruptive. Just because an account manager needs to be able to adjust license limits doesn’t mean an instructional designer (for example) should be able to as well.
Content Controller v2.1 extends the user model in two ways. First, it adds access control lists to accounts, allowing you to control which users have access to which accounts, and also what sort of access they have. Users who aren’t on an account’s access control list can’t see the account at all. It doesn’t show up in the accounts list, and data from the account isn’t visible in usage and learner reports. Users with read-only access can see the account’s content list, and usage and reporting data, and also make use of troubleshooting tools. Users with read-write access can also add and remove content from the account, adjust license limits, and view and adjust the account’s more advanced settings. They have the ability to manage the account.
Second, Content Controller v2.1 adds a distinction between normal users, who can work with accounts, content, and reports, and admin users, who can also manage users, API credentials, and system-wide settings. Admin users also automatically have read-write access to all accounts, which means that admin users in v2.1 have exactly the same capabilities that all users had in previous versions of Content Controller.
New customers starting with Content Controller v2.1 will be able to take advantage of these new access control features immediately. As we work with our existing customers to upgrade their instances, we’ll help them decide between keeping the current “every user is an admin” model, or implementing a new user policy. We’re also looking forward to getting feedback on the new access control features, and the other changes we’ve made in v2.1, so let us know what you think.