Roles and permissions
This page documents track access control and organization settings.

Track access control

If a user is allowed to create, edit, or play a track is determined by:
    Their role in the organization the track belongs to. The role is one of owner, content creator, or member.
    The visibility settings of the track. You can independently set:
      Published or not published
      Maintenance or not in maintenance
      Private or not private
Who can play a track? Navigating the visibility settings can be challenging, especially when it comes to figuring out who can play a track. This is how it works:
These users can always play a track:
    A user with the owner role in the organization the track belongs to
    The track authors (developers in track.yml)
Additionally, provided that the track is published and not in maintenance:
    All members in the organization the track belongs to
    Anyone, if the track is not private
    Anyone, if they play the track through an embed
    Anyone, if they access the track through a track invite link (track invites can require users to create an Instruqt account)

Who can skip challenges?

If every challenge has a solve script, challenges can potentially be skipped by a user. These users can always skip challenges:
    A user with the owner role in the organization the track belongs to
    The track authors (developers in track.yml)
Additionally, if the track is published and not in maintenance:
    All members in the organization the track belongs to
Additionally, if Allow skipping is checked on the track (skipping_enabled in track.yml):
    Anyone who can also play the track.

Who can edit a track?

    A user with the owner role in the organization the track belongs to
    The track authors (developers in track.yml)

Who can create a new track?

    A user with the role owner or content creator in the organization can create a track
Who can copy a track?
    Any user with the role owner or content creator in the organization of the track.

Organization settings

Organization users can have elevated permissions to perform administrative actions:
Permission
Owner
Content creator
Member
Manage organization members
Manage API key
Update branding
Set track play limits
Update track pooling settings (hot start)
Manage track invites
Play tracks that are private and published

Common use cases

You want to prevent accidental updates to a track. If you remove all track authors, only users with the owner role in your organization can edit a track.
You want only users in your organization to play a track, but not make the track available for all users (including anonymous users). Change the visibility settings of the track:
    Set published to checked
    Set private to checked
    Set maintenance to not checked
Last modified 1mo ago