Policies
Policies are rules or terms of use that users must accept before they can use certain features in OpenVLE.
This can include, for example, privacy policies, IT usage guidelines, or liability disclaimers.
Active policies are displayed at login.
Where can I find this section?
Via main menu: Access Control -> Policies
Features at a Glance
- View and manage existing policies
- Create new policies with title, description, and content
- Specify whether a policy is active or inactive
- See which users have already agreed to a policy
- Delete or deactivate policies that are no longer needed
Key Fields at a Glance
| Field name | Description |
|---|---|
Content | Full text of the policy that is shown to users when accepting. Supports **Markdown** formatting (e.g., headings, lists, links, emphasis). |
Description | Brief description of the policy, e.g., "Privacy policy for students" or "General terms of use for administrators". |
Name | Name of the policy. Displayed in lists, dialogs, and when users give their consent. |
Status | Current status of the policy, either "Inactive" or "Active". |
Creating a Policy
- Open the Access Control -> Policies section in the main menu.
- Click Add to create a new policy.
- Enter the name, description, and text content of the policy.
The text content supports Markdown formatting, so you can use headings, lists, links, or emphasis. - Save the policy.
Activating or Deactivating a Policy
- Open the Access Control -> Policies section in the main menu.
- Search for the desired policy in the list and open it.
- In the policy's action bar, you will see either a red "Inactive" button (to activate) or a green "Active" button (to deactivate).
Click the respective button to activate or deactivate the policy.
Policies can be activated and deactivated any number of times.
After activation, the policy will only be displayed at the next login of users.
Users who are already logged in will remain signed in until the end of their current session.
To log out all users at once, see Administration -> Operations and Management -> FAQ.
Editing a Policy
- Open the Access Control -> Policies section in the main menu.
- Search for the desired policy in the list.
- Click Edit, or open the policy's context menu and select Edit.
- The form displays all current policy data.
- Adjust the desired fields — for example, Name, Description, or Text content.
- Save the changes.
A policy can only be edited if it is inactive and no users have already agreed to it.
Active policies or policies with existing consents can no longer be modified.
If, for example, your privacy policy has changed, create a new policy (e.g., "Privacy Policy v2"),
deactivate the old policy, and then activate the new version.
Deleting a Policy
- Open the Access Control -> Policies section in the main menu.
- Search for the desired policy in the list.
- Click Delete, or open the policy's context menu and select Delete.
- Confirm the deletion in the displayed dialog.
- The policy will then be permanently removed.
Only inactive policies can be deleted.
Example or Use Case
An administrator wants to ensure that all users have read and accepted the privacy terms. They create a new policy in the Policies section with the title "Privacy Policy". The policy is marked as active, so all users will be prompted for confirmation at their next login.
Notes / Special Considerations
- Users can only read and accept active policies, not edit them.
- Policies are marked as accepted per user in the policy detail view.
- Active policies are enforced exclusively within OpenVLE — not within Apache Guacamole.
- A policy can be deactivated without deleting it.
- Changes to already active policies are no longer possible.
- In the Users tab, administrators can check who has already accepted a policy.
Relationships to Other Objects
Many objects in OpenVLE are related to other elements within the system. The following overview shows which relationships exist and whether they trigger certain automations.
| Object | Description | Automatic behavior |
|---|---|---|
| Changelogs | All changes to the object are automatically logged. | Automatic removal when the object is deleted. |
| Permissions | Object-specific permissions can be assigned directly to the object. | Automatic removal when the object is deleted. |
| Tags | Objects can be tagged with any number of tags to categorize or filter them. | Automatic removal when the object is deleted. |
| Users | Any number of users can agree to a policy. | No automations. |
Required Permissions
The permissions required for actions can be assigned via roles or individually. If you lack certain rights, the corresponding functions in the user interface are hidden or disabled.
| Action | Required permission | Path | Additional information |
|---|---|---|---|
| View policies | policies_read | / or /<objectID> | |
| Create policies | policies_create | / | |
| Edit policies | policies_update | / or /<objectID> | |
| Delete policies | policies_delete | / or /<objectID> | |
| View user consents | policies_users_read | / |
Example:
/4a3bc312-d1af-4b3f-b222-f5e9cecbf007 – This gives the user access to this single object only.If the path / is used, the permission applies globally to all objects of this type.
For *_create permissions, only the global path / is allowed.