Roles and permissions
This page documents track access control and organization settings.

Track access control

If a user is allowed to create, edit, or play a track is determined by:
  • Their role in the organization the track belongs to. The role is one of owner, content creator, or member.
  • The visibility settings of the track. You can independently set:
    • Published or not published
    • Maintenance or not in maintenance
    • Private or not private
Who can play a track? Navigating the visibility settings can be challenging, especially when it comes to figuring out who can play a track. This is how it works:
These users can always play a track:
  • A user with the owner role in the organization the track belongs to
  • The track authors (developers in track.yml)
Additionally, provided that the track is published and not in maintenance:
  • All members in the organization the track belongs to
  • Anyone, if the track is not private
  • Anyone, if they play the track through an embed
  • Anyone, if they access the track through a track invite link (track invites can require users to create an Instruqt account)

Who can skip challenges?

If every challenge has a solve script, challenges can potentially be skipped by a user. These users can always skip challenges:
  • A user with the owner role in the organization the track belongs to
  • The track authors (developers in track.yml)
Additionally, if the track is published and not in maintenance:
  • All members in the organization the track belongs to
Additionally, if Allow skipping is checked on the track (skipping_enabled in track.yml):
  • Anyone who can also play the track.

Who can edit a track?

  • A user with the owner role in the organization the track belongs to
  • The track authors (developers in track.yml)

Who can create a new track?

  • A user with the role owner or content creator in the organization can create a track
Who can copy a track?
  • Any user with the role owner or content creator in the organization of the track

Organization settings

Organization users can have elevated permissions to perform administrative actions:
Permission
Owner
Content creator
Member
Manage organization members
Manage API key
Update branding
Set track play limits
Update track pooling settings (hot start)
Manage track invites
Play tracks that are private and published

Common use cases

You want to prevent accidental updates to a track. If you remove all track authors, only users with the owner role in your organization can edit a track.
You want only users in your organization to play a track, but not make the track available for all users (including anonymous users). Change the visibility settings of the track:
  • Set published to checked
  • Set private to checked
  • Set maintenance to not checked
Last modified 29d ago