Hi all,
I’d like to pick your brains over sensitive data exposure & Docebo course access.
We have two groups of people accessing our LMS, one are internal, the others contractors. There are courses that we do not want contractors to view. Thus I have set up catalogs so that they can only search or browse to those courses that we allow access to. We do not use the public catalog at all.
The problem is, if someone (be it internal team leader or power user) enrols them on a course, they can see it, even if it isn’t in the catalogs they can access.
How can we restrict content?
Wihlst at the moment this isn’t major, as contractors are covered explicitly by contracts, this question will become critical when we open the platform to a further third group of partners who are not covered by contracts.