You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2490 lines
67 KiB
2490 lines
67 KiB
<?php
|
|
// This file is part of Moodle - http://moodle.org/
|
|
//
|
|
// Moodle is free software: you can redistribute it and/or modify
|
|
// it under the terms of the GNU General Public License as published by
|
|
// the Free Software Foundation, either version 3 of the License, or
|
|
// (at your option) any later version.
|
|
//
|
|
// Moodle is distributed in the hope that it will be useful,
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
// GNU General Public License for more details.
|
|
//
|
|
// You should have received a copy of the GNU General Public License
|
|
// along with Moodle. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
/**
|
|
* Capability definitions for Moodle core.
|
|
*
|
|
* The capabilities are loaded into the database table when the module is
|
|
* installed or updated. Whenever the capability definitions are updated,
|
|
* the module version number should be bumped up.
|
|
*
|
|
* The system has four possible values for a capability:
|
|
* CAP_ALLOW, CAP_PREVENT, CAP_PROHIBIT, and inherit (not set).
|
|
*
|
|
*
|
|
* CAPABILITY NAMING CONVENTION
|
|
*
|
|
* It is important that capability names are unique. The naming convention
|
|
* for capabilities that are specific to modules and blocks is as follows:
|
|
* [mod/block]/<plugin_name>:<capabilityname>
|
|
*
|
|
* component_name should be the same as the directory name of the mod or block.
|
|
*
|
|
* Core moodle capabilities are defined thus:
|
|
* moodle/<capabilityclass>:<capabilityname>
|
|
*
|
|
* Examples: mod/forum:viewpost
|
|
* block/recent_activity:view
|
|
* moodle/site:deleteuser
|
|
*
|
|
* The variable name for the capability definitions array is $capabilities
|
|
*
|
|
* For more information, take a look to the documentation available:
|
|
* - Access API: {@link http://docs.moodle.org/dev/Access_API}
|
|
* - Upgrade API: {@link http://docs.moodle.org/dev/Upgrade_API}
|
|
*
|
|
* @package core_access
|
|
* @category access
|
|
* @copyright 2006 onwards Martin Dougiamas http://dougiamas.com
|
|
* @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
|
|
*/
|
|
|
|
defined('MOODLE_INTERNAL') || die();
|
|
|
|
$capabilities = array(
|
|
'moodle/site:config' => array(
|
|
|
|
'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS | RISK_CONFIG | RISK_DATALOSS,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
)
|
|
),
|
|
'moodle/site:configview' => array(
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW,
|
|
'coursecreator' => CAP_ALLOW,
|
|
)
|
|
),
|
|
|
|
'moodle/site:readallmessages' => array(
|
|
|
|
'riskbitmask' => RISK_PERSONAL,
|
|
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/site:manageallmessaging' => array(
|
|
|
|
'riskbitmask' => RISK_PERSONAL,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/site:deleteanymessage' => array(
|
|
|
|
'riskbitmask' => RISK_DATALOSS,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/site:sendmessage' => array(
|
|
|
|
'riskbitmask' => RISK_SPAM,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW,
|
|
'user' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/site:deleteownmessage' => array(
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'user' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/site:approvecourse' => array(
|
|
|
|
'riskbitmask' => RISK_XSS,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/backup:backupcourse' => array(
|
|
|
|
'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
|
|
'clonepermissionsfrom' => 'moodle/site:backup'
|
|
),
|
|
|
|
'moodle/backup:backupsection' => array(
|
|
|
|
'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
|
|
'clonepermissionsfrom' => 'moodle/backup:backupcourse'
|
|
),
|
|
|
|
'moodle/backup:backupactivity' => array(
|
|
|
|
'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_MODULE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
|
|
'clonepermissionsfrom' => 'moodle/backup:backupcourse'
|
|
),
|
|
|
|
'moodle/backup:backuptargethub' => array(
|
|
|
|
'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
|
|
'clonepermissionsfrom' => 'moodle/backup:backupcourse'
|
|
),
|
|
|
|
'moodle/backup:backuptargetimport' => array(
|
|
|
|
'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
|
|
'clonepermissionsfrom' => 'moodle/backup:backupcourse'
|
|
),
|
|
|
|
'moodle/backup:downloadfile' => array(
|
|
|
|
'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
|
|
'clonepermissionsfrom' => 'moodle/site:backupdownload'
|
|
),
|
|
|
|
'moodle/backup:configure' => array(
|
|
|
|
'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/backup:userinfo' => array(
|
|
|
|
'riskbitmask' => RISK_PERSONAL,
|
|
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/backup:anonymise' => array(
|
|
|
|
'riskbitmask' => RISK_PERSONAL,
|
|
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/restore:restorecourse' => array(
|
|
|
|
'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
|
|
'clonepermissionsfrom' => 'moodle/site:restore'
|
|
),
|
|
|
|
'moodle/restore:restoresection' => array(
|
|
|
|
'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
|
|
'clonepermissionsfrom' => 'moodle/restore:restorecourse'
|
|
),
|
|
|
|
'moodle/restore:restoreactivity' => array(
|
|
|
|
'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
|
|
'clonepermissionsfrom' => 'moodle/restore:restorecourse'
|
|
),
|
|
|
|
'moodle/restore:viewautomatedfilearea' => array(
|
|
|
|
'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
),
|
|
|
|
'moodle/restore:restoretargethub' => array(
|
|
|
|
'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
|
|
'clonepermissionsfrom' => 'moodle/restore:restorecourse'
|
|
),
|
|
|
|
'moodle/restore:restoretargetimport' => array(
|
|
|
|
'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
|
|
'clonepermissionsfrom' => 'moodle/site:import'
|
|
),
|
|
|
|
'moodle/restore:uploadfile' => array(
|
|
|
|
'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
|
|
'clonepermissionsfrom' => 'moodle/site:backupupload'
|
|
),
|
|
|
|
'moodle/restore:configure' => array(
|
|
|
|
'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/restore:rolldates' => array(
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'coursecreator' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/restore:userinfo' => array(
|
|
|
|
'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS | RISK_CONFIG,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/restore:createuser' => array(
|
|
|
|
'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/site:manageblocks' => array(
|
|
|
|
'riskbitmask' => RISK_SPAM | RISK_XSS,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_BLOCK,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/site:accessallgroups' => array(
|
|
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_MODULE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/site:viewfullnames' => array(
|
|
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_MODULE,
|
|
'archetypes' => array(
|
|
'teacher' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
// In reports that give lists of users, extra information about each user's
|
|
// identity (the fields configured in site option showuseridentity) will be
|
|
// displayed to users who have this capability.
|
|
'moodle/site:viewuseridentity' => array(
|
|
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_MODULE,
|
|
'archetypes' => array(
|
|
'teacher' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/site:viewreports' => array(
|
|
|
|
'riskbitmask' => RISK_PERSONAL,
|
|
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'teacher' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/site:trustcontent' => array(
|
|
|
|
'riskbitmask' => RISK_XSS,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_MODULE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/site:uploadusers' => array(
|
|
|
|
'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
// Permission to manage filter setting overrides in subcontexts.
|
|
'moodle/filter:manage' => array(
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW,
|
|
)
|
|
),
|
|
|
|
'moodle/user:create' => array(
|
|
|
|
'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/user:delete' => array(
|
|
|
|
'riskbitmask' => RISK_PERSONAL | RISK_DATALOSS,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/user:update' => array(
|
|
|
|
'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/user:viewdetails' => array(
|
|
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'guest' => CAP_ALLOW,
|
|
'student' => CAP_ALLOW,
|
|
'teacher' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/user:viewalldetails' => array(
|
|
'riskbitmask' => RISK_PERSONAL,
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_USER,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
'clonepermissionsfrom' => 'moodle/user:update'
|
|
),
|
|
|
|
'moodle/user:viewlastip' => array(
|
|
'riskbitmask' => RISK_PERSONAL,
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_USER,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
'clonepermissionsfrom' => 'moodle/user:update'
|
|
),
|
|
|
|
'moodle/user:viewhiddendetails' => array(
|
|
|
|
'riskbitmask' => RISK_PERSONAL,
|
|
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'teacher' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/user:loginas' => array(
|
|
|
|
'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS | RISK_CONFIG,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
// can the user manage the system default profile page?
|
|
'moodle/user:managesyspages' => array(
|
|
|
|
'riskbitmap' => RISK_SPAM | RISK_PERSONAL | RISK_CONFIG,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
// can the user manage another user's profile page?
|
|
'moodle/user:manageblocks' => array(
|
|
|
|
'riskbitmap' => RISK_SPAM | RISK_PERSONAL,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_USER
|
|
),
|
|
|
|
// can the user manage their own profile page?
|
|
'moodle/user:manageownblocks' => array(
|
|
|
|
'riskbitmap' => RISK_SPAM | RISK_PERSONAL,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'user' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
// can the user manage their own files?
|
|
'moodle/user:manageownfiles' => array(
|
|
|
|
'riskbitmap' => RISK_SPAM | RISK_PERSONAL,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'user' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
// Can the user ignore the setting userquota?
|
|
// The permissions are cloned from ignorefilesizelimits as it was partly used for that purpose.
|
|
'moodle/user:ignoreuserquota' => array(
|
|
'riskbitmap' => RISK_SPAM,
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'clonepermissionsfrom' => 'moodle/course:ignorefilesizelimits'
|
|
),
|
|
|
|
// can the user manage the system default dashboard page?
|
|
'moodle/my:configsyspages' => array(
|
|
|
|
'riskbitmap' => RISK_SPAM | RISK_PERSONAL | RISK_CONFIG,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/role:assign' => array(
|
|
|
|
'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/role:review' => array(
|
|
|
|
'riskbitmask' => RISK_PERSONAL,
|
|
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'teacher' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/role:override' => array(
|
|
|
|
'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/role:safeoverride' => array(
|
|
|
|
'riskbitmask' => RISK_SPAM,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/role:manage' => array(
|
|
|
|
'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/role:switchroles' => array(
|
|
|
|
'riskbitmask' => RISK_XSS | RISK_PERSONAL,
|
|
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
// Create, update and delete course categories. (Deleting a course category
|
|
// does not let you delete the courses it contains, unless you also have
|
|
// moodle/course: delete.) Creating and deleting requires this permission in
|
|
// the parent category.
|
|
'moodle/category:manage' => array(
|
|
|
|
'riskbitmask' => RISK_XSS,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSECAT,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
'clonepermissionsfrom' => 'moodle/category:update'
|
|
),
|
|
|
|
'moodle/category:viewcourselist' => array(
|
|
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_COURSECAT,
|
|
'archetypes' => array(
|
|
'guest' => CAP_ALLOW,
|
|
'user' => CAP_ALLOW,
|
|
)
|
|
),
|
|
|
|
'moodle/category:viewhiddencategories' => array(
|
|
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_COURSECAT,
|
|
'archetypes' => array(
|
|
'coursecreator' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
'clonepermissionsfrom' => 'moodle/category:visibility'
|
|
),
|
|
|
|
// create, delete, move cohorts in system and course categories,
|
|
// (cohorts with component !== null can be only moved)
|
|
'moodle/cohort:manage' => array(
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSECAT,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
// add and remove cohort members (only for cohorts where component !== null)
|
|
'moodle/cohort:assign' => array(
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSECAT,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
// View visible and hidden cohorts defined in the current context.
|
|
'moodle/cohort:view' => array(
|
|
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/course:create' => array(
|
|
|
|
'riskbitmask' => RISK_XSS,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSECAT,
|
|
'archetypes' => array(
|
|
'coursecreator' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/course:creategroupconversations' => array(
|
|
'riskbitmask' => RISK_XSS,
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/course:request' => array(
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'user' => CAP_ALLOW,
|
|
)
|
|
),
|
|
|
|
'moodle/course:delete' => array(
|
|
|
|
'riskbitmask' => RISK_DATALOSS,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/course:update' => array(
|
|
|
|
'riskbitmask' => RISK_XSS,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/course:view' => array(
|
|
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW,
|
|
)
|
|
),
|
|
|
|
/* review course enrolments - no group restrictions, it is really full access to all participants info*/
|
|
'moodle/course:enrolreview' => array(
|
|
|
|
'riskbitmask' => RISK_PERSONAL,
|
|
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW,
|
|
)
|
|
),
|
|
|
|
/* add, remove, hide enrol instances in courses */
|
|
'moodle/course:enrolconfig' => array(
|
|
|
|
'riskbitmask' => RISK_PERSONAL,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW,
|
|
)
|
|
),
|
|
|
|
'moodle/course:reviewotherusers' => array(
|
|
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW,
|
|
),
|
|
'clonepermissionsfrom' => 'moodle/role:assign'
|
|
),
|
|
|
|
'moodle/course:bulkmessaging' => array(
|
|
|
|
'riskbitmask' => RISK_SPAM,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'teacher' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/course:viewhiddenuserfields' => array(
|
|
|
|
'riskbitmask' => RISK_PERSONAL,
|
|
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'teacher' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/course:viewhiddencourses' => array(
|
|
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'coursecreator' => CAP_ALLOW,
|
|
'teacher' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/course:visibility' => array(
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/course:managefiles' => array(
|
|
|
|
'riskbitmask' => RISK_XSS,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/course:ignoreavailabilityrestrictions' => array(
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_MODULE,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW,
|
|
'coursecreator' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
'teacher' => CAP_ALLOW,
|
|
),
|
|
'clonepermissionsfrom' => 'moodle/course:viewhiddenactivities'
|
|
),
|
|
|
|
'moodle/course:ignorefilesizelimits' => array(
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
)
|
|
),
|
|
|
|
'moodle/course:manageactivities' => array(
|
|
|
|
'riskbitmask' => RISK_XSS,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_MODULE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/course:activityvisibility' => array(
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_MODULE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/course:viewhiddenactivities' => array(
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_MODULE,
|
|
'archetypes' => array(
|
|
'teacher' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/course:viewparticipants' => array(
|
|
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'student' => CAP_ALLOW,
|
|
'teacher' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/course:changefullname' => array(
|
|
|
|
'riskbitmask' => RISK_XSS,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
'clonepermissionsfrom' => 'moodle/course:update'
|
|
),
|
|
|
|
'moodle/course:changeshortname' => array(
|
|
|
|
'riskbitmask' => RISK_XSS,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
'clonepermissionsfrom' => 'moodle/course:update'
|
|
),
|
|
|
|
'moodle/course:changelockedcustomfields' => array(
|
|
|
|
'riskbitmask' => RISK_SPAM,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
),
|
|
|
|
'moodle/course:configurecustomfields' => array(
|
|
|
|
'riskbitmask' => RISK_SPAM,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'clonepermissionsfrom' => 'moodle/site:config'
|
|
),
|
|
|
|
'moodle/course:renameroles' => array(
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
'clonepermissionsfrom' => 'moodle/course:update'
|
|
),
|
|
|
|
'moodle/course:changeidnumber' => array(
|
|
|
|
'riskbitmask' => RISK_XSS,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
'clonepermissionsfrom' => 'moodle/course:update'
|
|
),
|
|
'moodle/course:changecategory' => array(
|
|
'riskbitmask' => RISK_XSS,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
'clonepermissionsfrom' => 'moodle/course:update'
|
|
),
|
|
|
|
'moodle/course:changesummary' => array(
|
|
'riskbitmask' => RISK_XSS,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
'clonepermissionsfrom' => 'moodle/course:update'
|
|
),
|
|
|
|
'moodle/course:setforcedlanguage' => array(
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
'clonepermissionsfrom' => 'moodle/course:update'
|
|
),
|
|
|
|
|
|
'moodle/site:viewparticipants' => array(
|
|
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/course:isincompletionreports' => array(
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'student' => CAP_ALLOW,
|
|
),
|
|
),
|
|
|
|
'moodle/course:viewscales' => array(
|
|
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'student' => CAP_ALLOW,
|
|
'teacher' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/course:managescales' => array(
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/course:managegroups' => array(
|
|
'riskbitmask' => RISK_XSS,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/course:reset' => array(
|
|
|
|
'riskbitmask' => RISK_DATALOSS,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/course:viewsuspendedusers' => array(
|
|
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/course:tag' => array(
|
|
'riskbitmask' => RISK_SPAM,
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
),
|
|
'clonepermissionsfrom' => 'moodle/course:update'
|
|
),
|
|
|
|
'moodle/blog:view' => array(
|
|
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'guest' => CAP_ALLOW,
|
|
'user' => CAP_ALLOW,
|
|
'student' => CAP_ALLOW,
|
|
'teacher' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/blog:search' => array(
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'guest' => CAP_ALLOW,
|
|
'user' => CAP_ALLOW,
|
|
'student' => CAP_ALLOW,
|
|
'teacher' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/blog:viewdrafts' => array(
|
|
|
|
'riskbitmask' => RISK_PERSONAL,
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/blog:create' => array( // works in CONTEXT_SYSTEM only
|
|
|
|
'riskbitmask' => RISK_SPAM,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'user' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/blog:manageentries' => array(
|
|
|
|
'riskbitmask' => RISK_SPAM,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'teacher' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/blog:manageexternal' => array(
|
|
|
|
'riskbitmask' => RISK_SPAM,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'student' => CAP_ALLOW,
|
|
'user' => CAP_ALLOW,
|
|
'teacher' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/calendar:manageownentries' => array( // works in CONTEXT_SYSTEM only
|
|
|
|
'riskbitmask' => RISK_SPAM,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'user' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/calendar:managegroupentries' => array(
|
|
|
|
'riskbitmask' => RISK_SPAM,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'teacher' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/calendar:manageentries' => array(
|
|
|
|
'riskbitmask' => RISK_SPAM,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'teacher' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/user:editprofile' => array(
|
|
|
|
'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_USER,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/user:editownprofile' => array(
|
|
|
|
'riskbitmask' => RISK_SPAM,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'guest' => CAP_PROHIBIT,
|
|
'user' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/user:changeownpassword' => array(
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'guest' => CAP_PROHIBIT,
|
|
'user' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
// The next 3 might make no sense for some roles, e.g teacher, etc.
|
|
// since the next level up is site. These are more for the parent role
|
|
'moodle/user:readuserposts' => array(
|
|
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_USER,
|
|
'archetypes' => array(
|
|
'student' => CAP_ALLOW,
|
|
'teacher' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/user:readuserblogs' => array(
|
|
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_USER,
|
|
'archetypes' => array(
|
|
'student' => CAP_ALLOW,
|
|
'teacher' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
// designed for parent role - not used in legacy roles
|
|
'moodle/user:viewuseractivitiesreport' => array(
|
|
'riskbitmask' => RISK_PERSONAL,
|
|
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_USER,
|
|
'archetypes' => array(
|
|
)
|
|
),
|
|
|
|
//capabilities designed for the new message system configuration
|
|
'moodle/user:editmessageprofile' => array(
|
|
|
|
'riskbitmask' => RISK_SPAM,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_USER,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/user:editownmessageprofile' => array(
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'guest' => CAP_PROHIBIT,
|
|
'user' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/question:managecategory' => array(
|
|
'riskbitmask' => RISK_SPAM | RISK_XSS,
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
//new in moodle 1.9
|
|
'moodle/question:add' => array(
|
|
'riskbitmask' => RISK_SPAM | RISK_XSS,
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
'clonepermissionsfrom' => 'moodle/question:manage'
|
|
),
|
|
'moodle/question:editmine' => array(
|
|
'riskbitmask' => RISK_SPAM | RISK_XSS,
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
'clonepermissionsfrom' => 'moodle/question:manage'
|
|
),
|
|
'moodle/question:editall' => array(
|
|
'riskbitmask' => RISK_SPAM | RISK_XSS,
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
'clonepermissionsfrom' => 'moodle/question:manage'
|
|
),
|
|
'moodle/question:viewmine' => array(
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
'clonepermissionsfrom' => 'moodle/question:manage'
|
|
),
|
|
'moodle/question:viewall' => array(
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
'clonepermissionsfrom' => 'moodle/question:manage'
|
|
),
|
|
'moodle/question:usemine' => array(
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
'clonepermissionsfrom' => 'moodle/question:manage'
|
|
),
|
|
'moodle/question:useall' => array(
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
'clonepermissionsfrom' => 'moodle/question:manage'
|
|
),
|
|
'moodle/question:movemine' => array(
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
'clonepermissionsfrom' => 'moodle/question:manage'
|
|
),
|
|
'moodle/question:moveall' => array(
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
'clonepermissionsfrom' => 'moodle/question:manage'
|
|
),
|
|
//END new in moodle 1.9
|
|
|
|
// Configure the installed question types.
|
|
'moodle/question:config' => array(
|
|
'riskbitmask' => RISK_CONFIG,
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
// While attempting questions, the ability to flag particular questions for later reference.
|
|
'moodle/question:flag' => array(
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'student' => CAP_ALLOW,
|
|
'teacher' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
// Controls whether the user can tag his own questions.
|
|
'moodle/question:tagmine' => array(
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
'clonepermissionsfrom' => 'moodle/question:editmine'
|
|
),
|
|
|
|
// Controls whether the user can tag all questions.
|
|
'moodle/question:tagall' => array(
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
'clonepermissionsfrom' => 'moodle/question:editall'
|
|
),
|
|
|
|
'moodle/site:doclinks' => array(
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'teacher' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/course:sectionvisibility' => array(
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/course:useremail' => array(
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/course:viewhiddensections' => array(
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/course:setcurrentsection' => array(
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/course:movesections' => array(
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
'clonepermissionsfrom' => 'moodle/course:update'
|
|
),
|
|
|
|
'moodle/site:mnetlogintoremote' => array(
|
|
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
)
|
|
),
|
|
|
|
'moodle/grade:viewall' => array(
|
|
'riskbitmask' => RISK_PERSONAL,
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_COURSE, // and CONTEXT_USER
|
|
'archetypes' => array(
|
|
'teacher' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
'clonepermissionsfrom' => 'moodle/course:viewcoursegrades'
|
|
),
|
|
|
|
'moodle/grade:view' => array(
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'student' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/grade:viewhidden' => array(
|
|
'riskbitmask' => RISK_PERSONAL,
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'teacher' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
'clonepermissionsfrom' => 'moodle/course:viewcoursegrades'
|
|
),
|
|
|
|
'moodle/grade:import' => array(
|
|
'riskbitmask' => RISK_PERSONAL | RISK_XSS,
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
'clonepermissionsfrom' => 'moodle/course:managegrades'
|
|
),
|
|
|
|
'moodle/grade:export' => array(
|
|
'riskbitmask' => RISK_PERSONAL,
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'teacher' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
'clonepermissionsfrom' => 'moodle/course:managegrades'
|
|
),
|
|
|
|
'moodle/grade:manage' => array(
|
|
'riskbitmask' => RISK_PERSONAL | RISK_XSS,
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
'clonepermissionsfrom' => 'moodle/course:managegrades'
|
|
),
|
|
|
|
'moodle/grade:edit' => array(
|
|
'riskbitmask' => RISK_PERSONAL | RISK_XSS,
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
'clonepermissionsfrom' => 'moodle/course:managegrades'
|
|
),
|
|
|
|
// ability to define advanced grading forms in activities either from scratch
|
|
// or from a shared template
|
|
'moodle/grade:managegradingforms' => array(
|
|
'riskbitmask' => RISK_PERSONAL | RISK_XSS,
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
'clonepermissionsfrom' => 'moodle/course:managegrades'
|
|
),
|
|
|
|
// ability to save a grading form as a new shared template and eventually edit
|
|
// and remove own templates (templates originally shared by that user)
|
|
'moodle/grade:sharegradingforms' => array(
|
|
'riskbitmask' => RISK_XSS,
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
),
|
|
|
|
// ability to edit and remove any shared template, even those originally shared
|
|
// by other users
|
|
'moodle/grade:managesharedforms' => array(
|
|
'riskbitmask' => RISK_XSS,
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
),
|
|
|
|
'moodle/grade:manageoutcomes' => array(
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
'clonepermissionsfrom' => 'moodle/course:managegrades'
|
|
),
|
|
|
|
'moodle/grade:manageletters' => array(
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
'clonepermissionsfrom' => 'moodle/course:managegrades'
|
|
),
|
|
|
|
'moodle/grade:hide' => array(
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/grade:lock' => array(
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/grade:unlock' => array(
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/my:manageblocks' => array(
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'user' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/notes:view' => array(
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'teacher' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/notes:manage' => array(
|
|
'riskbitmask' => RISK_SPAM,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'teacher' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/tag:manage' => array(
|
|
'riskbitmask' => RISK_SPAM,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/tag:edit' => array(
|
|
'riskbitmask' => RISK_SPAM,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/tag:flag' => array(
|
|
'riskbitmask' => RISK_SPAM,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'user' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/tag:editblocks' => array(
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'teacher' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/block:view' => array(
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_BLOCK,
|
|
'archetypes' => array(
|
|
'guest' => CAP_ALLOW,
|
|
'user' => CAP_ALLOW,
|
|
'student' => CAP_ALLOW,
|
|
'teacher' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
)
|
|
),
|
|
|
|
'moodle/block:edit' => array(
|
|
'riskbitmask' => RISK_SPAM | RISK_XSS,
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_BLOCK,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
'moodle/portfolio:export' => array(
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'user' => CAP_ALLOW,
|
|
'student' => CAP_ALLOW,
|
|
'teacher' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
)
|
|
),
|
|
'moodle/comment:view' => array(
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'frontpage' => CAP_ALLOW,
|
|
'guest' => CAP_ALLOW,
|
|
'user' => CAP_ALLOW,
|
|
'student' => CAP_ALLOW,
|
|
'teacher' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
'moodle/comment:post' => array(
|
|
|
|
'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'user' => CAP_ALLOW,
|
|
'student' => CAP_ALLOW,
|
|
'teacher' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
'moodle/comment:delete' => array(
|
|
|
|
'riskbitmask' => RISK_DATALOSS,
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
'moodle/webservice:createtoken' => array(
|
|
|
|
'riskbitmask' => RISK_CONFIG | RISK_DATALOSS | RISK_SPAM | RISK_PERSONAL | RISK_XSS,
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
'moodle/webservice:managealltokens' => array(
|
|
|
|
'riskbitmask' => RISK_CONFIG | RISK_DATALOSS | RISK_PERSONAL,
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array()
|
|
),
|
|
'moodle/webservice:createmobiletoken' => array(
|
|
|
|
'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'user' => CAP_ALLOW
|
|
)
|
|
),
|
|
'moodle/rating:view' => array(
|
|
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'user' => CAP_ALLOW,
|
|
'student' => CAP_ALLOW,
|
|
'teacher' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
'moodle/rating:viewany' => array(
|
|
|
|
'riskbitmask' => RISK_PERSONAL,
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'user' => CAP_ALLOW,
|
|
'student' => CAP_ALLOW,
|
|
'teacher' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
'moodle/rating:viewall' => array(
|
|
|
|
'riskbitmask' => RISK_PERSONAL,
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'user' => CAP_ALLOW,
|
|
'student' => CAP_ALLOW,
|
|
'teacher' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
'moodle/rating:rate' => array(
|
|
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'user' => CAP_ALLOW,
|
|
'student' => CAP_ALLOW,
|
|
'teacher' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
'moodle/course:publish' => array(
|
|
|
|
'captype' => 'write',
|
|
'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
'moodle/course:markcomplete' => array(
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'teacher' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
'moodle/course:overridecompletion' => array(
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'teacher' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
'moodle/community:add' => array(
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW,
|
|
'teacher' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
)
|
|
),
|
|
'moodle/community:download' => array(
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
)
|
|
),
|
|
|
|
// Badges.
|
|
'moodle/badges:manageglobalsettings' => array(
|
|
'riskbitmask' => RISK_DATALOSS | RISK_CONFIG,
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW,
|
|
)
|
|
),
|
|
|
|
// View available badges without earning them.
|
|
'moodle/badges:viewbadges' => array(
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'user' => CAP_ALLOW,
|
|
)
|
|
),
|
|
|
|
// Manage badges on own private badges page.
|
|
'moodle/badges:manageownbadges' => array(
|
|
'riskbitmap' => RISK_SPAM,
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_USER,
|
|
'archetypes' => array(
|
|
'user' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
// View public badges in other users' profiles.
|
|
'moodle/badges:viewotherbadges' => array(
|
|
'riskbitmap' => RISK_PERSONAL,
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_USER,
|
|
'archetypes' => array(
|
|
'user' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
// Earn badge.
|
|
'moodle/badges:earnbadge' => array(
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'user' => CAP_ALLOW,
|
|
)
|
|
),
|
|
|
|
// Create/duplicate badges.
|
|
'moodle/badges:createbadge' => array(
|
|
'riskbitmask' => RISK_SPAM,
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
)
|
|
),
|
|
|
|
// Delete badges.
|
|
'moodle/badges:deletebadge' => array(
|
|
'riskbitmask' => RISK_DATALOSS,
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
)
|
|
),
|
|
|
|
// Set up/edit badge details.
|
|
'moodle/badges:configuredetails' => array(
|
|
'riskbitmask' => RISK_SPAM,
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
)
|
|
),
|
|
|
|
// Set up/edit criteria of earning a badge.
|
|
'moodle/badges:configurecriteria' => array(
|
|
'riskbitmask' => RISK_XSS,
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
)
|
|
),
|
|
|
|
// Configure badge messages.
|
|
'moodle/badges:configuremessages' => array(
|
|
'riskbitmask' => RISK_SPAM,
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
)
|
|
),
|
|
|
|
// Award badge to a user.
|
|
'moodle/badges:awardbadge' => array(
|
|
'riskbitmask' => RISK_SPAM,
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW,
|
|
'teacher' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
)
|
|
),
|
|
|
|
// Revoke badge from a user.
|
|
'moodle/badges:revokebadge' => array(
|
|
'riskbitmask' => RISK_SPAM,
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW,
|
|
'teacher' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
)
|
|
),
|
|
|
|
// View users who earned a specific badge without being able to award a badge.
|
|
'moodle/badges:viewawarded' => array(
|
|
'riskbitmask' => RISK_PERSONAL,
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW,
|
|
'teacher' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
)
|
|
),
|
|
|
|
'moodle/site:forcelanguage' => array(
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
)
|
|
),
|
|
|
|
// Perform site-wide search queries through the search API.
|
|
'moodle/search:query' => array(
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'guest' => CAP_ALLOW,
|
|
'user' => CAP_ALLOW,
|
|
'student' => CAP_ALLOW,
|
|
'teacher' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
// Competencies.
|
|
'moodle/competency:competencymanage' => array(
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSECAT,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
'moodle/competency:competencyview' => array(
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_COURSECAT,
|
|
'archetypes' => array(
|
|
'user' => CAP_ALLOW
|
|
),
|
|
),
|
|
'moodle/competency:competencygrade' => array(
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE, // And CONTEXT_USER.
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'teacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
),
|
|
// Course competencies.
|
|
'moodle/competency:coursecompetencymanage' => array(
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
),
|
|
'moodle/competency:coursecompetencyconfigure' => array(
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_MODULE,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
),
|
|
'moodle/competency:coursecompetencygradable' => array(
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'student' => CAP_ALLOW
|
|
),
|
|
'clonepermissionsfrom' => 'moodle/course:isincompletionreports'
|
|
),
|
|
'moodle/competency:coursecompetencyview' => array(
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'user' => CAP_ALLOW
|
|
),
|
|
),
|
|
// Evidence.
|
|
'moodle/competency:evidencedelete' => array(
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_USER,
|
|
'archetypes' => array(
|
|
),
|
|
'clonepermissionsfrom' => 'moodle/site:config'
|
|
),
|
|
// User plans.
|
|
'moodle/competency:planmanage' => array(
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_USER,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
),
|
|
'moodle/competency:planmanagedraft' => array(
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_USER,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
),
|
|
'moodle/competency:planmanageown' => array(
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_USER,
|
|
'archetypes' => array(
|
|
),
|
|
),
|
|
'moodle/competency:planmanageowndraft' => array(
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_USER,
|
|
'archetypes' => array(
|
|
),
|
|
),
|
|
'moodle/competency:planview' => array(
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_USER,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
),
|
|
'moodle/competency:planviewdraft' => array(
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_USER,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
),
|
|
'moodle/competency:planviewown' => array(
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_USER,
|
|
'archetypes' => array(
|
|
'user' => CAP_ALLOW
|
|
),
|
|
),
|
|
'moodle/competency:planviewowndraft' => array(
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_USER,
|
|
'archetypes' => array(
|
|
),
|
|
),
|
|
'moodle/competency:planrequestreview' => array(
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_USER,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
'moodle/competency:planrequestreviewown' => array(
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_USER,
|
|
'archetypes' => array(
|
|
'user' => CAP_ALLOW
|
|
)
|
|
),
|
|
'moodle/competency:planreview' => array(
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_USER,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
),
|
|
'moodle/competency:plancomment' => array(
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_USER,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
),
|
|
'moodle/competency:plancommentown' => array(
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_USER,
|
|
'archetypes' => array(
|
|
'user' => CAP_ALLOW
|
|
),
|
|
),
|
|
// User competencies.
|
|
'moodle/competency:usercompetencyview' => array(
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_USER, // And CONTEXT_COURSE.
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
'teacher' => CAP_ALLOW
|
|
)
|
|
),
|
|
'moodle/competency:usercompetencyrequestreview' => array(
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_USER,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
'moodle/competency:usercompetencyrequestreviewown' => array(
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_USER,
|
|
'archetypes' => array(
|
|
'user' => CAP_ALLOW
|
|
)
|
|
),
|
|
'moodle/competency:usercompetencyreview' => array(
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_USER,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
),
|
|
'moodle/competency:usercompetencycomment' => array(
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_USER,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
),
|
|
'moodle/competency:usercompetencycommentown' => array(
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_USER,
|
|
'archetypes' => array(
|
|
'user' => CAP_ALLOW
|
|
),
|
|
),
|
|
// Template.
|
|
'moodle/competency:templatemanage' => array(
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_COURSECAT,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
),
|
|
'moodle/analytics:listinsights' => array(
|
|
'riskbitmask' => RISK_PERSONAL,
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_COURSE,
|
|
'archetypes' => array(
|
|
'teacher' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
'moodle/analytics:managemodels' => array(
|
|
'riskbitmask' => RISK_CONFIG,
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
),
|
|
'moodle/competency:templateview' => array(
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_COURSECAT,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
),
|
|
// User evidence.
|
|
'moodle/competency:userevidencemanage' => array(
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_USER,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
),
|
|
'moodle/competency:userevidencemanageown' => array(
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_USER,
|
|
'archetypes' => array(
|
|
'user' => CAP_ALLOW
|
|
),
|
|
),
|
|
'moodle/competency:userevidenceview' => array(
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_USER,
|
|
'archetypes' => array(
|
|
'manager' => CAP_ALLOW
|
|
),
|
|
),
|
|
'moodle/site:maintenanceaccess' => array(
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
)
|
|
),
|
|
// Allow message any user, regardlesss of the privacy preferences for messaging.
|
|
'moodle/site:messageanyuser' => array(
|
|
'riskbitmask' => RISK_SPAM,
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'teacher' => CAP_ALLOW,
|
|
'editingteacher' => CAP_ALLOW,
|
|
'manager' => CAP_ALLOW
|
|
)
|
|
),
|
|
|
|
// Context locking/unlocking.
|
|
'moodle/site:managecontextlocks' => [
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_MODULE,
|
|
'archetypes' => [
|
|
],
|
|
],
|
|
|
|
// Manual completion toggling.
|
|
'moodle/course:togglecompletion' => [
|
|
'captype' => 'write',
|
|
'contextlevel' => CONTEXT_MODULE,
|
|
'archetypes' => [
|
|
'user' => CAP_ALLOW,
|
|
],
|
|
],
|
|
|
|
'moodle/analytics:listowninsights' => array(
|
|
'captype' => 'read',
|
|
'contextlevel' => CONTEXT_SYSTEM,
|
|
'archetypes' => array(
|
|
'user' => CAP_ALLOW
|
|
)
|
|
),
|
|
);
|
|
|