I think what you are talking about is a function of Roles. You really need to understand how the Roles work, for example, Administrators can go anywhere, see and do anything, but everyone else can go, see and do only what the Role they hold allows them to go, see and do. Roles have a part to play in the context of the Role, which is why you DO NOT assign Roles in the Front Page, except for Admins and Managers. I do not want my Science Teacher creating Courses in English, for example, only in the Science Category. The Role is assigned there, in the Science Category. I want Maths teachers teaching Maths, but not teaching English, so they are not a Teacher in English Category.
Same thing for Students. If some things are hidden resources, then a Teacher can see them, but a Student cannot. The Roles and Permissions documentation explains this clearly. There is a lot of reading to do, but it is worthwhile.