Search moodle.org's
Developer Documentation
Developer Documentation
See Release Notes
Long Term Support Release
- Bug fixes for general core bugs in 3.9.x will end* 10 May 2021 (12 months).
- Bug fixes for security issues in 3.9.x will end* 8 May 2023 (36 months).
- PHP version: minimum PHP 7.2.0 Note: minimum PHP version has increased since Moodle 3.8. PHP 7.3.x and 7.4.x are supported too.
/lib/db/ -> access.php (source)
Differences Between: [Versions 39 and 310] [Versions 39 and 311] [Versions 39 and 400] [Versions 39 and 401] [Versions 39 and 402] [Versions 39 and 403]
1 <?php 2 // This file is part of Moodle - http://moodle.org/ 3 // 4 // Moodle is free software: you can redistribute it and/or modify 5 // it under the terms of the GNU General Public License as published by 6 // the Free Software Foundation, either version 3 of the License, or 7 // (at your option) any later version. 8 // 9 // Moodle is distributed in the hope that it will be useful, 10 // but WITHOUT ANY WARRANTY; without even the implied warranty of 11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 // GNU General Public License for more details. 13 // 14 // You should have received a copy of the GNU General Public License 15 // along with Moodle. If not, see <http://www.gnu.org/licenses/>. 16 17 /** 18 * Capability definitions for Moodle core. 19 * 20 * The capabilities are loaded into the database table when the module is 21 * installed or updated. Whenever the capability definitions are updated, 22 * the module version number should be bumped up. 23 * 24 * The system has four possible values for a capability: 25 * CAP_ALLOW, CAP_PREVENT, CAP_PROHIBIT, and inherit (not set). 26 * 27 * 28 * CAPABILITY NAMING CONVENTION 29 * 30 * It is important that capability names are unique. The naming convention 31 * for capabilities that are specific to modules and blocks is as follows: 32 * [mod/block]/<plugin_name>:<capabilityname> 33 * 34 * component_name should be the same as the directory name of the mod or block. 35 * 36 * Core moodle capabilities are defined thus: 37 * moodle/<capabilityclass>:<capabilityname> 38 * 39 * Examples: mod/forum:viewpost 40 * block/recent_activity:view 41 * moodle/site:deleteuser 42 * 43 * The variable name for the capability definitions array is $capabilities 44 * 45 * For more information, take a look to the documentation available: 46 * - Access API: {@link http://docs.moodle.org/dev/Access_API} 47 * - Upgrade API: {@link http://docs.moodle.org/dev/Upgrade_API} 48 * 49 * @package core_access 50 * @category access 51 * @copyright 2006 onwards Martin Dougiamas http://dougiamas.com 52 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later 53 */ 54 55 defined('MOODLE_INTERNAL') || die(); 56 57 $capabilities = array( 58 'moodle/site:config' => array( 59 60 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS | RISK_CONFIG | RISK_DATALOSS, 61 62 'captype' => 'write', 63 'contextlevel' => CONTEXT_SYSTEM, 64 'archetypes' => array( 65 ) 66 ), 67 'moodle/site:configview' => array( 68 'captype' => 'read', 69 'contextlevel' => CONTEXT_SYSTEM, 70 'archetypes' => array( 71 'manager' => CAP_ALLOW, 72 'coursecreator' => CAP_ALLOW, 73 ) 74 ), 75 76 'moodle/site:readallmessages' => array( 77 78 'riskbitmask' => RISK_PERSONAL, 79 80 'captype' => 'read', 81 'contextlevel' => CONTEXT_SYSTEM, 82 'archetypes' => array( 83 'manager' => CAP_ALLOW, 84 'editingteacher' => CAP_ALLOW 85 ) 86 ), 87 88 'moodle/site:manageallmessaging' => array( 89 90 'riskbitmask' => RISK_PERSONAL, 91 92 'captype' => 'write', 93 'contextlevel' => CONTEXT_SYSTEM, 94 'archetypes' => array( 95 'manager' => CAP_ALLOW 96 ) 97 ), 98 99 'moodle/site:deleteanymessage' => array( 100 101 'riskbitmask' => RISK_DATALOSS, 102 103 'captype' => 'write', 104 'contextlevel' => CONTEXT_SYSTEM, 105 'archetypes' => array( 106 'manager' => CAP_ALLOW 107 ) 108 ), 109 110 'moodle/site:sendmessage' => array( 111 112 'riskbitmask' => RISK_SPAM, 113 114 'captype' => 'write', 115 'contextlevel' => CONTEXT_SYSTEM, 116 'archetypes' => array( 117 'manager' => CAP_ALLOW, 118 'user' => CAP_ALLOW 119 ) 120 ), 121 122 'moodle/site:deleteownmessage' => array( 123 124 'captype' => 'write', 125 'contextlevel' => CONTEXT_SYSTEM, 126 'archetypes' => array( 127 'user' => CAP_ALLOW 128 ) 129 ), 130 131 'moodle/site:approvecourse' => array( 132 133 'riskbitmask' => RISK_XSS, 134 135 'captype' => 'write', 136 'contextlevel' => CONTEXT_COURSECAT, 137 'archetypes' => array( 138 'manager' => CAP_ALLOW 139 ) 140 ), 141 142 'moodle/backup:backupcourse' => array( 143 144 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS, 145 146 'captype' => 'write', 147 'contextlevel' => CONTEXT_COURSE, 148 'archetypes' => array( 149 'editingteacher' => CAP_ALLOW, 150 'manager' => CAP_ALLOW 151 ), 152 153 'clonepermissionsfrom' => 'moodle/site:backup' 154 ), 155 156 'moodle/backup:backupsection' => array( 157 158 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS, 159 160 'captype' => 'write', 161 'contextlevel' => CONTEXT_COURSE, 162 'archetypes' => array( 163 'editingteacher' => CAP_ALLOW, 164 'manager' => CAP_ALLOW 165 ), 166 167 'clonepermissionsfrom' => 'moodle/backup:backupcourse' 168 ), 169 170 'moodle/backup:backupactivity' => array( 171 172 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS, 173 174 'captype' => 'write', 175 'contextlevel' => CONTEXT_MODULE, 176 'archetypes' => array( 177 'editingteacher' => CAP_ALLOW, 178 'manager' => CAP_ALLOW 179 ), 180 181 'clonepermissionsfrom' => 'moodle/backup:backupcourse' 182 ), 183 184 'moodle/backup:backuptargetimport' => array( 185 186 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS, 187 188 'captype' => 'read', 189 'contextlevel' => CONTEXT_COURSE, 190 'archetypes' => array( 191 'editingteacher' => CAP_ALLOW, 192 'manager' => CAP_ALLOW 193 ), 194 195 'clonepermissionsfrom' => 'moodle/backup:backupcourse' 196 ), 197 198 'moodle/backup:downloadfile' => array( 199 200 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS, 201 202 'captype' => 'write', 203 'contextlevel' => CONTEXT_COURSE, 204 'archetypes' => array( 205 'editingteacher' => CAP_ALLOW, 206 'manager' => CAP_ALLOW 207 ), 208 209 'clonepermissionsfrom' => 'moodle/site:backupdownload' 210 ), 211 212 'moodle/backup:configure' => array( 213 214 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS, 215 216 'captype' => 'write', 217 'contextlevel' => CONTEXT_COURSE, 218 'archetypes' => array( 219 'editingteacher' => CAP_ALLOW, 220 'manager' => CAP_ALLOW 221 ) 222 ), 223 224 'moodle/backup:userinfo' => array( 225 226 'riskbitmask' => RISK_PERSONAL, 227 228 'captype' => 'read', 229 'contextlevel' => CONTEXT_COURSE, 230 'archetypes' => array( 231 'manager' => CAP_ALLOW 232 ) 233 ), 234 235 'moodle/backup:anonymise' => array( 236 237 'riskbitmask' => RISK_PERSONAL, 238 239 'captype' => 'read', 240 'contextlevel' => CONTEXT_COURSE, 241 'archetypes' => array( 242 'manager' => CAP_ALLOW 243 ) 244 ), 245 246 'moodle/restore:restorecourse' => array( 247 248 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS, 249 250 'captype' => 'write', 251 'contextlevel' => CONTEXT_COURSE, 252 'archetypes' => array( 253 'editingteacher' => CAP_ALLOW, 254 'manager' => CAP_ALLOW 255 ), 256 257 'clonepermissionsfrom' => 'moodle/site:restore' 258 ), 259 260 'moodle/restore:restoresection' => array( 261 262 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS, 263 264 'captype' => 'write', 265 'contextlevel' => CONTEXT_COURSE, 266 'archetypes' => array( 267 'editingteacher' => CAP_ALLOW, 268 'manager' => CAP_ALLOW 269 ), 270 271 'clonepermissionsfrom' => 'moodle/restore:restorecourse' 272 ), 273 274 'moodle/restore:restoreactivity' => array( 275 276 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS, 277 278 'captype' => 'write', 279 'contextlevel' => CONTEXT_COURSE, 280 'archetypes' => array( 281 'editingteacher' => CAP_ALLOW, 282 'manager' => CAP_ALLOW 283 ), 284 285 'clonepermissionsfrom' => 'moodle/restore:restorecourse' 286 ), 287 288 'moodle/restore:viewautomatedfilearea' => array( 289 290 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS, 291 292 'captype' => 'write', 293 'contextlevel' => CONTEXT_COURSE, 294 'archetypes' => array( 295 'editingteacher' => CAP_ALLOW, 296 'manager' => CAP_ALLOW 297 ), 298 ), 299 300 'moodle/restore:restoretargetimport' => array( 301 302 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS, 303 304 'captype' => 'write', 305 'contextlevel' => CONTEXT_COURSE, 306 'archetypes' => array( 307 'editingteacher' => CAP_ALLOW, 308 'manager' => CAP_ALLOW 309 ), 310 311 'clonepermissionsfrom' => 'moodle/site:import' 312 ), 313 314 'moodle/restore:uploadfile' => array( 315 316 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS, 317 318 'captype' => 'write', 319 'contextlevel' => CONTEXT_COURSE, 320 'archetypes' => array( 321 'editingteacher' => CAP_ALLOW, 322 'manager' => CAP_ALLOW 323 ), 324 325 'clonepermissionsfrom' => 'moodle/site:backupupload' 326 ), 327 328 'moodle/restore:configure' => array( 329 330 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS, 331 332 'captype' => 'write', 333 'contextlevel' => CONTEXT_COURSE, 334 'archetypes' => array( 335 'editingteacher' => CAP_ALLOW, 336 'manager' => CAP_ALLOW 337 ) 338 ), 339 340 'moodle/restore:rolldates' => array( 341 342 'captype' => 'write', 343 'contextlevel' => CONTEXT_COURSE, 344 'archetypes' => array( 345 'coursecreator' => CAP_ALLOW, 346 'manager' => CAP_ALLOW 347 ) 348 ), 349 350 'moodle/restore:userinfo' => array( 351 352 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS | RISK_CONFIG, 353 354 'captype' => 'write', 355 'contextlevel' => CONTEXT_COURSE, 356 'archetypes' => array( 357 'manager' => CAP_ALLOW 358 ) 359 ), 360 361 'moodle/restore:createuser' => array( 362 363 'riskbitmask' => RISK_SPAM | RISK_PERSONAL, 364 365 'captype' => 'write', 366 'contextlevel' => CONTEXT_SYSTEM, 367 'archetypes' => array( 368 'manager' => CAP_ALLOW 369 ) 370 ), 371 372 'moodle/site:manageblocks' => array( 373 374 'riskbitmask' => RISK_SPAM | RISK_XSS, 375 376 'captype' => 'write', 377 'contextlevel' => CONTEXT_BLOCK, 378 'archetypes' => array( 379 'editingteacher' => CAP_ALLOW, 380 'manager' => CAP_ALLOW 381 ) 382 ), 383 384 'moodle/site:accessallgroups' => array( 385 386 'captype' => 'read', 387 'contextlevel' => CONTEXT_MODULE, 388 'archetypes' => array( 389 'editingteacher' => CAP_ALLOW, 390 'manager' => CAP_ALLOW 391 ) 392 ), 393 394 'moodle/site:viewanonymousevents' => array( 395 396 'riskbitmask' => RISK_PERSONAL, 397 398 'captype' => 'read', 399 'contextlevel' => CONTEXT_MODULE, 400 'archetypes' => array( 401 'manager' => CAP_ALLOW, 402 ) 403 ), 404 405 'moodle/site:viewfullnames' => array( 406 407 'captype' => 'read', 408 'contextlevel' => CONTEXT_MODULE, 409 'archetypes' => array( 410 'teacher' => CAP_ALLOW, 411 'editingteacher' => CAP_ALLOW, 412 'manager' => CAP_ALLOW 413 ) 414 ), 415 416 // In reports that give lists of users, extra information about each user's 417 // identity (the fields configured in site option showuseridentity) will be 418 // displayed to users who have this capability. 419 'moodle/site:viewuseridentity' => array( 420 421 'captype' => 'read', 422 'contextlevel' => CONTEXT_MODULE, 423 'archetypes' => array( 424 'teacher' => CAP_ALLOW, 425 'editingteacher' => CAP_ALLOW, 426 'manager' => CAP_ALLOW 427 ) 428 ), 429 430 'moodle/site:viewreports' => array( 431 432 'riskbitmask' => RISK_PERSONAL, 433 434 'captype' => 'read', 435 'contextlevel' => CONTEXT_COURSE, 436 'archetypes' => array( 437 'teacher' => CAP_ALLOW, 438 'editingteacher' => CAP_ALLOW, 439 'manager' => CAP_ALLOW 440 ) 441 ), 442 443 'moodle/site:trustcontent' => array( 444 445 'riskbitmask' => RISK_XSS, 446 447 'captype' => 'write', 448 'contextlevel' => CONTEXT_MODULE, 449 'archetypes' => array( 450 'editingteacher' => CAP_ALLOW, 451 'manager' => CAP_ALLOW 452 ) 453 ), 454 455 'moodle/site:uploadusers' => array( 456 457 'riskbitmask' => RISK_SPAM | RISK_PERSONAL, 458 459 'captype' => 'write', 460 'contextlevel' => CONTEXT_SYSTEM, 461 'archetypes' => array( 462 'manager' => CAP_ALLOW 463 ) 464 ), 465 466 // Permission to manage filter setting overrides in subcontexts. 467 'moodle/filter:manage' => array( 468 469 'captype' => 'write', 470 'contextlevel' => CONTEXT_COURSE, 471 'archetypes' => array( 472 'editingteacher' => CAP_ALLOW, 473 'manager' => CAP_ALLOW, 474 ) 475 ), 476 477 'moodle/user:create' => array( 478 479 'riskbitmask' => RISK_SPAM | RISK_PERSONAL, 480 481 'captype' => 'write', 482 'contextlevel' => CONTEXT_SYSTEM, 483 'archetypes' => array( 484 'manager' => CAP_ALLOW 485 ) 486 ), 487 488 'moodle/user:delete' => array( 489 490 'riskbitmask' => RISK_PERSONAL | RISK_DATALOSS, 491 492 'captype' => 'write', 493 'contextlevel' => CONTEXT_SYSTEM, 494 'archetypes' => array( 495 'manager' => CAP_ALLOW 496 ) 497 ), 498 499 'moodle/user:update' => array( 500 501 'riskbitmask' => RISK_SPAM | RISK_PERSONAL, 502 503 'captype' => 'write', 504 'contextlevel' => CONTEXT_SYSTEM, 505 'archetypes' => array( 506 'manager' => CAP_ALLOW 507 ) 508 ), 509 510 'moodle/user:viewdetails' => array( 511 512 'captype' => 'read', 513 'contextlevel' => CONTEXT_COURSE, 514 'archetypes' => array( 515 'guest' => CAP_ALLOW, 516 'student' => CAP_ALLOW, 517 'teacher' => CAP_ALLOW, 518 'editingteacher' => CAP_ALLOW, 519 'manager' => CAP_ALLOW 520 ) 521 ), 522 523 'moodle/user:viewalldetails' => array( 524 'riskbitmask' => RISK_PERSONAL, 525 'captype' => 'read', 526 'contextlevel' => CONTEXT_USER, 527 'archetypes' => array( 528 'manager' => CAP_ALLOW 529 ), 530 'clonepermissionsfrom' => 'moodle/user:update' 531 ), 532 533 'moodle/user:viewlastip' => array( 534 'riskbitmask' => RISK_PERSONAL, 535 'captype' => 'read', 536 'contextlevel' => CONTEXT_USER, 537 'archetypes' => array( 538 'manager' => CAP_ALLOW 539 ), 540 'clonepermissionsfrom' => 'moodle/user:update' 541 ), 542 543 'moodle/user:viewhiddendetails' => array( 544 545 'riskbitmask' => RISK_PERSONAL, 546 547 'captype' => 'read', 548 'contextlevel' => CONTEXT_COURSE, 549 'archetypes' => array( 550 'teacher' => CAP_ALLOW, 551 'editingteacher' => CAP_ALLOW, 552 'manager' => CAP_ALLOW 553 ) 554 ), 555 556 'moodle/user:loginas' => array( 557 558 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS | RISK_CONFIG, 559 560 'captype' => 'write', 561 'contextlevel' => CONTEXT_COURSE, 562 'archetypes' => array( 563 'manager' => CAP_ALLOW 564 ) 565 ), 566 567 // can the user manage the system default profile page? 568 'moodle/user:managesyspages' => array( 569 570 'riskbitmap' => RISK_SPAM | RISK_PERSONAL | RISK_CONFIG, 571 572 'captype' => 'write', 573 'contextlevel' => CONTEXT_SYSTEM, 574 'archetypes' => array( 575 'manager' => CAP_ALLOW 576 ) 577 ), 578 579 // can the user manage another user's profile page? 580 'moodle/user:manageblocks' => array( 581 582 'riskbitmap' => RISK_SPAM | RISK_PERSONAL, 583 584 'captype' => 'write', 585 'contextlevel' => CONTEXT_USER 586 ), 587 588 // can the user manage their own profile page? 589 'moodle/user:manageownblocks' => array( 590 591 'riskbitmap' => RISK_SPAM | RISK_PERSONAL, 592 593 'captype' => 'write', 594 'contextlevel' => CONTEXT_SYSTEM, 595 'archetypes' => array( 596 'user' => CAP_ALLOW 597 ) 598 ), 599 600 // can the user manage their own files? 601 'moodle/user:manageownfiles' => array( 602 603 'riskbitmap' => RISK_SPAM | RISK_PERSONAL, 604 605 'captype' => 'write', 606 'contextlevel' => CONTEXT_SYSTEM, 607 'archetypes' => array( 608 'user' => CAP_ALLOW 609 ) 610 ), 611 612 // Can the user ignore the setting userquota? 613 // The permissions are cloned from ignorefilesizelimits as it was partly used for that purpose. 614 'moodle/user:ignoreuserquota' => array( 615 'riskbitmap' => RISK_SPAM, 616 'captype' => 'write', 617 'contextlevel' => CONTEXT_SYSTEM, 618 'clonepermissionsfrom' => 'moodle/course:ignorefilesizelimits' 619 ), 620 621 // can the user manage the system default dashboard page? 622 'moodle/my:configsyspages' => array( 623 624 'riskbitmap' => RISK_SPAM | RISK_PERSONAL | RISK_CONFIG, 625 626 'captype' => 'write', 627 'contextlevel' => CONTEXT_SYSTEM, 628 'archetypes' => array( 629 'manager' => CAP_ALLOW 630 ) 631 ), 632 633 'moodle/role:assign' => array( 634 635 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS, 636 637 'captype' => 'write', 638 'contextlevel' => CONTEXT_COURSE, 639 'archetypes' => array( 640 'editingteacher' => CAP_ALLOW, 641 'manager' => CAP_ALLOW 642 ) 643 ), 644 645 'moodle/role:review' => array( 646 647 'riskbitmask' => RISK_PERSONAL, 648 649 'captype' => 'read', 650 'contextlevel' => CONTEXT_COURSE, 651 'archetypes' => array( 652 'teacher' => CAP_ALLOW, 653 'editingteacher' => CAP_ALLOW, 654 'manager' => CAP_ALLOW 655 ) 656 ), 657 658 // The ability to override the permissions for any capability. 659 'moodle/role:override' => array( 660 661 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS, 662 663 'captype' => 'write', 664 'contextlevel' => CONTEXT_COURSE, 665 'archetypes' => array( 666 'manager' => CAP_ALLOW 667 ) 668 ), 669 670 // The ability to override the permissions for 'safe' capabilities (those without risks). 671 // If a user has moodle/role:override then you should not check this capability. 672 'moodle/role:safeoverride' => array( 673 674 'riskbitmask' => RISK_SPAM, 675 676 'captype' => 'write', 677 'contextlevel' => CONTEXT_COURSE, 678 'archetypes' => array( 679 'editingteacher' => CAP_ALLOW 680 ) 681 ), 682 683 'moodle/role:manage' => array( 684 685 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS, 686 687 'captype' => 'write', 688 'contextlevel' => CONTEXT_SYSTEM, 689 'archetypes' => array( 690 'manager' => CAP_ALLOW 691 ) 692 ), 693 694 'moodle/role:switchroles' => array( 695 696 'riskbitmask' => RISK_XSS | RISK_PERSONAL, 697 698 'captype' => 'read', 699 'contextlevel' => CONTEXT_COURSE, 700 'archetypes' => array( 701 'editingteacher' => CAP_ALLOW, 702 'manager' => CAP_ALLOW 703 ) 704 ), 705 706 // Create, update and delete course categories. (Deleting a course category 707 // does not let you delete the courses it contains, unless you also have 708 // moodle/course: delete.) Creating and deleting requires this permission in 709 // the parent category. 710 'moodle/category:manage' => array( 711 712 'riskbitmask' => RISK_XSS, 713 714 'captype' => 'write', 715 'contextlevel' => CONTEXT_COURSECAT, 716 'archetypes' => array( 717 'manager' => CAP_ALLOW 718 ), 719 'clonepermissionsfrom' => 'moodle/category:update' 720 ), 721 722 'moodle/category:viewcourselist' => array( 723 724 'captype' => 'read', 725 'contextlevel' => CONTEXT_COURSECAT, 726 'archetypes' => array( 727 'guest' => CAP_ALLOW, 728 'user' => CAP_ALLOW, 729 ) 730 ), 731 732 'moodle/category:viewhiddencategories' => array( 733 734 'captype' => 'read', 735 'contextlevel' => CONTEXT_COURSECAT, 736 'archetypes' => array( 737 'coursecreator' => CAP_ALLOW, 738 'manager' => CAP_ALLOW 739 ), 740 'clonepermissionsfrom' => 'moodle/category:visibility' 741 ), 742 743 // create, delete, move cohorts in system and course categories, 744 // (cohorts with component !== null can be only moved) 745 'moodle/cohort:manage' => array( 746 747 'captype' => 'write', 748 'contextlevel' => CONTEXT_COURSECAT, 749 'archetypes' => array( 750 'manager' => CAP_ALLOW 751 ) 752 ), 753 754 // add and remove cohort members (only for cohorts where component !== null) 755 'moodle/cohort:assign' => array( 756 757 'captype' => 'write', 758 'contextlevel' => CONTEXT_COURSECAT, 759 'archetypes' => array( 760 'manager' => CAP_ALLOW 761 ) 762 ), 763 764 // View visible and hidden cohorts defined in the current context. 765 'moodle/cohort:view' => array( 766 767 'captype' => 'read', 768 'contextlevel' => CONTEXT_COURSE, 769 'archetypes' => array( 770 'editingteacher' => CAP_ALLOW, 771 'manager' => CAP_ALLOW 772 ) 773 ), 774 775 'moodle/course:create' => array( 776 777 'riskbitmask' => RISK_XSS, 778 779 'captype' => 'write', 780 'contextlevel' => CONTEXT_COURSECAT, 781 'archetypes' => array( 782 'coursecreator' => CAP_ALLOW, 783 'manager' => CAP_ALLOW 784 ) 785 ), 786 787 'moodle/course:creategroupconversations' => array( 788 'riskbitmask' => RISK_XSS, 789 'captype' => 'write', 790 'contextlevel' => CONTEXT_COURSE, 791 'archetypes' => array( 792 'editingteacher' => CAP_ALLOW, 793 'manager' => CAP_ALLOW 794 ) 795 ), 796 797 'moodle/course:request' => array( 798 'captype' => 'write', 799 'contextlevel' => CONTEXT_COURSECAT, 800 ), 801 802 'moodle/course:delete' => array( 803 804 'riskbitmask' => RISK_DATALOSS, 805 806 'captype' => 'write', 807 'contextlevel' => CONTEXT_COURSE, 808 'archetypes' => array( 809 'manager' => CAP_ALLOW 810 ) 811 ), 812 813 'moodle/course:update' => array( 814 815 'riskbitmask' => RISK_XSS, 816 817 'captype' => 'write', 818 'contextlevel' => CONTEXT_COURSE, 819 'archetypes' => array( 820 'editingteacher' => CAP_ALLOW, 821 'manager' => CAP_ALLOW 822 ) 823 ), 824 825 'moodle/course:view' => array( 826 827 'captype' => 'read', 828 'contextlevel' => CONTEXT_COURSE, 829 'archetypes' => array( 830 'manager' => CAP_ALLOW, 831 ) 832 ), 833 834 /* review course enrolments - no group restrictions, it is really full access to all participants info*/ 835 'moodle/course:enrolreview' => array( 836 837 'riskbitmask' => RISK_PERSONAL, 838 839 'captype' => 'read', 840 'contextlevel' => CONTEXT_COURSE, 841 'archetypes' => array( 842 'editingteacher' => CAP_ALLOW, 843 'manager' => CAP_ALLOW, 844 ) 845 ), 846 847 /* add, remove, hide enrol instances in courses */ 848 'moodle/course:enrolconfig' => array( 849 850 'riskbitmask' => RISK_PERSONAL, 851 852 'captype' => 'write', 853 'contextlevel' => CONTEXT_COURSE, 854 'archetypes' => array( 855 'editingteacher' => CAP_ALLOW, 856 'manager' => CAP_ALLOW, 857 ) 858 ), 859 860 'moodle/course:reviewotherusers' => array( 861 862 'captype' => 'read', 863 'contextlevel' => CONTEXT_COURSE, 864 'archetypes' => array( 865 'editingteacher' => CAP_ALLOW, 866 'manager' => CAP_ALLOW, 867 ), 868 'clonepermissionsfrom' => 'moodle/role:assign' 869 ), 870 871 'moodle/course:bulkmessaging' => array( 872 873 'riskbitmask' => RISK_SPAM, 874 875 'captype' => 'write', 876 'contextlevel' => CONTEXT_COURSE, 877 'archetypes' => array( 878 'teacher' => CAP_ALLOW, 879 'editingteacher' => CAP_ALLOW, 880 'manager' => CAP_ALLOW 881 ) 882 ), 883 884 'moodle/course:viewhiddenuserfields' => array( 885 886 'riskbitmask' => RISK_PERSONAL, 887 888 'captype' => 'read', 889 'contextlevel' => CONTEXT_COURSE, 890 'archetypes' => array( 891 'teacher' => CAP_ALLOW, 892 'editingteacher' => CAP_ALLOW, 893 'manager' => CAP_ALLOW 894 ) 895 ), 896 897 'moodle/course:viewhiddencourses' => array( 898 899 'captype' => 'read', 900 'contextlevel' => CONTEXT_COURSE, 901 'archetypes' => array( 902 'coursecreator' => CAP_ALLOW, 903 'teacher' => CAP_ALLOW, 904 'editingteacher' => CAP_ALLOW, 905 'manager' => CAP_ALLOW 906 ) 907 ), 908 909 'moodle/course:visibility' => array( 910 911 'captype' => 'write', 912 'contextlevel' => CONTEXT_COURSE, 913 'archetypes' => array( 914 'editingteacher' => CAP_ALLOW, 915 'manager' => CAP_ALLOW 916 ) 917 ), 918 919 'moodle/course:managefiles' => array( 920 921 'riskbitmask' => RISK_XSS, 922 923 'captype' => 'write', 924 'contextlevel' => CONTEXT_COURSE, 925 'archetypes' => array( 926 'editingteacher' => CAP_ALLOW, 927 'manager' => CAP_ALLOW 928 ) 929 ), 930 931 'moodle/course:ignoreavailabilityrestrictions' => array( 932 'captype' => 'read', 933 'contextlevel' => CONTEXT_MODULE, 934 'archetypes' => array( 935 'manager' => CAP_ALLOW, 936 'coursecreator' => CAP_ALLOW, 937 'editingteacher' => CAP_ALLOW, 938 'teacher' => CAP_ALLOW, 939 ), 940 'clonepermissionsfrom' => 'moodle/course:viewhiddenactivities' 941 ), 942 943 'moodle/course:ignorefilesizelimits' => array( 944 945 'captype' => 'write', 946 'contextlevel' => CONTEXT_COURSE, 947 'archetypes' => array( 948 ) 949 ), 950 951 'moodle/course:manageactivities' => array( 952 953 'riskbitmask' => RISK_XSS, 954 955 'captype' => 'write', 956 'contextlevel' => CONTEXT_MODULE, 957 'archetypes' => array( 958 'editingteacher' => CAP_ALLOW, 959 'manager' => CAP_ALLOW 960 ) 961 ), 962 963 'moodle/course:activityvisibility' => array( 964 965 'captype' => 'write', 966 'contextlevel' => CONTEXT_MODULE, 967 'archetypes' => array( 968 'editingteacher' => CAP_ALLOW, 969 'manager' => CAP_ALLOW 970 ) 971 ), 972 973 'moodle/course:viewhiddenactivities' => array( 974 975 'captype' => 'read', 976 'contextlevel' => CONTEXT_MODULE, 977 'archetypes' => array( 978 'teacher' => CAP_ALLOW, 979 'editingteacher' => CAP_ALLOW, 980 'manager' => CAP_ALLOW 981 ) 982 ), 983 984 'moodle/course:viewparticipants' => array( 985 986 'captype' => 'read', 987 'contextlevel' => CONTEXT_COURSE, 988 'archetypes' => array( 989 'student' => CAP_ALLOW, 990 'teacher' => CAP_ALLOW, 991 'editingteacher' => CAP_ALLOW, 992 'manager' => CAP_ALLOW 993 ) 994 ), 995 996 'moodle/course:changefullname' => array( 997 998 'riskbitmask' => RISK_XSS, 999 1000 'captype' => 'write', 1001 'contextlevel' => CONTEXT_COURSE, 1002 'archetypes' => array( 1003 'editingteacher' => CAP_ALLOW, 1004 'manager' => CAP_ALLOW 1005 ), 1006 'clonepermissionsfrom' => 'moodle/course:update' 1007 ), 1008 1009 'moodle/course:changeshortname' => array( 1010 1011 'riskbitmask' => RISK_XSS, 1012 1013 'captype' => 'write', 1014 'contextlevel' => CONTEXT_COURSE, 1015 'archetypes' => array( 1016 'editingteacher' => CAP_ALLOW, 1017 'manager' => CAP_ALLOW 1018 ), 1019 'clonepermissionsfrom' => 'moodle/course:update' 1020 ), 1021 1022 'moodle/course:changelockedcustomfields' => array( 1023 1024 'riskbitmask' => RISK_SPAM, 1025 1026 'captype' => 'write', 1027 'contextlevel' => CONTEXT_COURSE, 1028 'archetypes' => array( 1029 'manager' => CAP_ALLOW 1030 ), 1031 ), 1032 1033 'moodle/course:configurecustomfields' => array( 1034 1035 'riskbitmask' => RISK_SPAM, 1036 1037 'captype' => 'write', 1038 'contextlevel' => CONTEXT_SYSTEM, 1039 'clonepermissionsfrom' => 'moodle/site:config' 1040 ), 1041 1042 'moodle/course:renameroles' => array( 1043 'captype' => 'write', 1044 'contextlevel' => CONTEXT_COURSE, 1045 'archetypes' => array( 1046 'editingteacher' => CAP_ALLOW, 1047 'manager' => CAP_ALLOW 1048 ), 1049 'clonepermissionsfrom' => 'moodle/course:update' 1050 ), 1051 1052 'moodle/course:changeidnumber' => array( 1053 1054 'riskbitmask' => RISK_XSS, 1055 1056 'captype' => 'write', 1057 'contextlevel' => CONTEXT_COURSE, 1058 'archetypes' => array( 1059 'editingteacher' => CAP_ALLOW, 1060 'manager' => CAP_ALLOW 1061 ), 1062 'clonepermissionsfrom' => 'moodle/course:update' 1063 ), 1064 'moodle/course:changecategory' => array( 1065 'riskbitmask' => RISK_XSS, 1066 1067 'captype' => 'write', 1068 'contextlevel' => CONTEXT_COURSE, 1069 'archetypes' => array( 1070 'editingteacher' => CAP_ALLOW, 1071 'manager' => CAP_ALLOW 1072 ), 1073 'clonepermissionsfrom' => 'moodle/course:update' 1074 ), 1075 1076 'moodle/course:changesummary' => array( 1077 'riskbitmask' => RISK_XSS, 1078 1079 'captype' => 'write', 1080 'contextlevel' => CONTEXT_COURSE, 1081 'archetypes' => array( 1082 'editingteacher' => CAP_ALLOW, 1083 'manager' => CAP_ALLOW 1084 ), 1085 'clonepermissionsfrom' => 'moodle/course:update' 1086 ), 1087 1088 'moodle/course:setforcedlanguage' => array( 1089 'captype' => 'write', 1090 'contextlevel' => CONTEXT_COURSE, 1091 'archetypes' => array( 1092 'editingteacher' => CAP_ALLOW, 1093 'manager' => CAP_ALLOW 1094 ), 1095 'clonepermissionsfrom' => 'moodle/course:update' 1096 ), 1097 1098 1099 'moodle/site:viewparticipants' => array( 1100 1101 'captype' => 'read', 1102 'contextlevel' => CONTEXT_SYSTEM, 1103 'archetypes' => array( 1104 'manager' => CAP_ALLOW 1105 ) 1106 ), 1107 1108 'moodle/course:isincompletionreports' => array( 1109 'captype' => 'read', 1110 'contextlevel' => CONTEXT_COURSE, 1111 'archetypes' => array( 1112 'student' => CAP_ALLOW, 1113 ), 1114 ), 1115 1116 'moodle/course:viewscales' => array( 1117 1118 'captype' => 'read', 1119 'contextlevel' => CONTEXT_COURSE, 1120 'archetypes' => array( 1121 'student' => CAP_ALLOW, 1122 'teacher' => CAP_ALLOW, 1123 'editingteacher' => CAP_ALLOW, 1124 'manager' => CAP_ALLOW 1125 ) 1126 ), 1127 1128 'moodle/course:managescales' => array( 1129 1130 'captype' => 'write', 1131 'contextlevel' => CONTEXT_COURSE, 1132 'archetypes' => array( 1133 'editingteacher' => CAP_ALLOW, 1134 'manager' => CAP_ALLOW 1135 ) 1136 ), 1137 1138 'moodle/course:managegroups' => array( 1139 'riskbitmask' => RISK_XSS, 1140 1141 'captype' => 'write', 1142 'contextlevel' => CONTEXT_COURSE, 1143 'archetypes' => array( 1144 'editingteacher' => CAP_ALLOW, 1145 'manager' => CAP_ALLOW 1146 ) 1147 ), 1148 1149 'moodle/course:reset' => array( 1150 1151 'riskbitmask' => RISK_DATALOSS, 1152 1153 'captype' => 'write', 1154 'contextlevel' => CONTEXT_COURSE, 1155 'archetypes' => array( 1156 'editingteacher' => CAP_ALLOW, 1157 'manager' => CAP_ALLOW 1158 ) 1159 ), 1160 1161 'moodle/course:viewsuspendedusers' => array( 1162 1163 'captype' => 'read', 1164 'contextlevel' => CONTEXT_COURSE, 1165 'archetypes' => array( 1166 'editingteacher' => CAP_ALLOW, 1167 'manager' => CAP_ALLOW 1168 ) 1169 ), 1170 1171 'moodle/course:tag' => array( 1172 'riskbitmask' => RISK_SPAM, 1173 'captype' => 'write', 1174 'contextlevel' => CONTEXT_COURSE, 1175 'archetypes' => array( 1176 'manager' => CAP_ALLOW, 1177 'editingteacher' => CAP_ALLOW, 1178 ), 1179 'clonepermissionsfrom' => 'moodle/course:update' 1180 ), 1181 1182 'moodle/blog:view' => array( 1183 1184 'captype' => 'read', 1185 'contextlevel' => CONTEXT_SYSTEM, 1186 'archetypes' => array( 1187 'guest' => CAP_ALLOW, 1188 'user' => CAP_ALLOW, 1189 'student' => CAP_ALLOW, 1190 'teacher' => CAP_ALLOW, 1191 'editingteacher' => CAP_ALLOW, 1192 'manager' => CAP_ALLOW 1193 ) 1194 ), 1195 1196 'moodle/blog:search' => array( 1197 'captype' => 'read', 1198 'contextlevel' => CONTEXT_SYSTEM, 1199 'archetypes' => array( 1200 'guest' => CAP_ALLOW, 1201 'user' => CAP_ALLOW, 1202 'student' => CAP_ALLOW, 1203 'teacher' => CAP_ALLOW, 1204 'editingteacher' => CAP_ALLOW, 1205 'manager' => CAP_ALLOW 1206 ) 1207 ), 1208 1209 'moodle/blog:viewdrafts' => array( 1210 1211 'riskbitmask' => RISK_PERSONAL, 1212 'captype' => 'read', 1213 'contextlevel' => CONTEXT_SYSTEM, 1214 'archetypes' => array( 1215 'manager' => CAP_ALLOW 1216 ) 1217 ), 1218 1219 'moodle/blog:create' => array( // works in CONTEXT_SYSTEM only 1220 1221 'riskbitmask' => RISK_SPAM, 1222 1223 'captype' => 'write', 1224 'contextlevel' => CONTEXT_SYSTEM, 1225 'archetypes' => array( 1226 'user' => CAP_ALLOW, 1227 'manager' => CAP_ALLOW 1228 ) 1229 ), 1230 1231 'moodle/blog:manageentries' => array( 1232 1233 'riskbitmask' => RISK_SPAM, 1234 1235 'captype' => 'write', 1236 'contextlevel' => CONTEXT_SYSTEM, 1237 'archetypes' => array( 1238 'teacher' => CAP_ALLOW, 1239 'editingteacher' => CAP_ALLOW, 1240 'manager' => CAP_ALLOW 1241 ) 1242 ), 1243 1244 'moodle/blog:manageexternal' => array( 1245 1246 'riskbitmask' => RISK_SPAM, 1247 1248 'captype' => 'write', 1249 'contextlevel' => CONTEXT_SYSTEM, 1250 'archetypes' => array( 1251 'student' => CAP_ALLOW, 1252 'user' => CAP_ALLOW, 1253 'teacher' => CAP_ALLOW, 1254 'editingteacher' => CAP_ALLOW, 1255 'manager' => CAP_ALLOW 1256 ) 1257 ), 1258 1259 'moodle/calendar:manageownentries' => array( // works in CONTEXT_SYSTEM only 1260 1261 'riskbitmask' => RISK_SPAM, 1262 1263 'captype' => 'write', 1264 'contextlevel' => CONTEXT_COURSE, 1265 'archetypes' => array( 1266 'user' => CAP_ALLOW, 1267 'manager' => CAP_ALLOW 1268 ) 1269 ), 1270 1271 'moodle/calendar:managegroupentries' => array( 1272 1273 'riskbitmask' => RISK_SPAM, 1274 1275 'captype' => 'write', 1276 'contextlevel' => CONTEXT_COURSE, 1277 'archetypes' => array( 1278 'teacher' => CAP_ALLOW, 1279 'editingteacher' => CAP_ALLOW, 1280 'manager' => CAP_ALLOW 1281 ) 1282 ), 1283 1284 'moodle/calendar:manageentries' => array( 1285 1286 'riskbitmask' => RISK_SPAM, 1287 1288 'captype' => 'write', 1289 'contextlevel' => CONTEXT_COURSE, 1290 'archetypes' => array( 1291 'teacher' => CAP_ALLOW, 1292 'editingteacher' => CAP_ALLOW, 1293 'manager' => CAP_ALLOW 1294 ) 1295 ), 1296 1297 'moodle/user:editprofile' => array( 1298 1299 'riskbitmask' => RISK_SPAM | RISK_PERSONAL, 1300 1301 'captype' => 'write', 1302 'contextlevel' => CONTEXT_USER, 1303 'archetypes' => array( 1304 'manager' => CAP_ALLOW 1305 ) 1306 ), 1307 1308 'moodle/user:editownprofile' => array( 1309 1310 'riskbitmask' => RISK_SPAM, 1311 1312 'captype' => 'write', 1313 'contextlevel' => CONTEXT_SYSTEM, 1314 'archetypes' => array( 1315 'guest' => CAP_PROHIBIT, 1316 'user' => CAP_ALLOW, 1317 'manager' => CAP_ALLOW 1318 ) 1319 ), 1320 1321 'moodle/user:changeownpassword' => array( 1322 1323 'captype' => 'write', 1324 'contextlevel' => CONTEXT_SYSTEM, 1325 'archetypes' => array( 1326 'guest' => CAP_PROHIBIT, 1327 'user' => CAP_ALLOW, 1328 'manager' => CAP_ALLOW 1329 ) 1330 ), 1331 1332 // The next 3 might make no sense for some roles, e.g teacher, etc. 1333 // since the next level up is site. These are more for the parent role 1334 'moodle/user:readuserposts' => array( 1335 1336 'captype' => 'read', 1337 'contextlevel' => CONTEXT_USER, 1338 'archetypes' => array( 1339 'student' => CAP_ALLOW, 1340 'teacher' => CAP_ALLOW, 1341 'editingteacher' => CAP_ALLOW, 1342 'manager' => CAP_ALLOW 1343 ) 1344 ), 1345 1346 'moodle/user:readuserblogs' => array( 1347 1348 'captype' => 'read', 1349 'contextlevel' => CONTEXT_USER, 1350 'archetypes' => array( 1351 'student' => CAP_ALLOW, 1352 'teacher' => CAP_ALLOW, 1353 'editingteacher' => CAP_ALLOW, 1354 'manager' => CAP_ALLOW 1355 ) 1356 ), 1357 1358 // designed for parent role - not used in legacy roles 1359 'moodle/user:viewuseractivitiesreport' => array( 1360 'riskbitmask' => RISK_PERSONAL, 1361 1362 'captype' => 'read', 1363 'contextlevel' => CONTEXT_USER, 1364 'archetypes' => array( 1365 ) 1366 ), 1367 1368 //capabilities designed for the new message system configuration 1369 'moodle/user:editmessageprofile' => array( 1370 1371 'riskbitmask' => RISK_SPAM, 1372 1373 'captype' => 'write', 1374 'contextlevel' => CONTEXT_USER, 1375 'archetypes' => array( 1376 'manager' => CAP_ALLOW 1377 ) 1378 ), 1379 1380 'moodle/user:editownmessageprofile' => array( 1381 1382 'captype' => 'write', 1383 'contextlevel' => CONTEXT_SYSTEM, 1384 'archetypes' => array( 1385 'guest' => CAP_PROHIBIT, 1386 'user' => CAP_ALLOW, 1387 'manager' => CAP_ALLOW 1388 ) 1389 ), 1390 1391 'moodle/question:managecategory' => array( 1392 'riskbitmask' => RISK_SPAM | RISK_XSS, 1393 'captype' => 'write', 1394 'contextlevel' => CONTEXT_COURSE, 1395 'archetypes' => array( 1396 'editingteacher' => CAP_ALLOW, 1397 'manager' => CAP_ALLOW 1398 ) 1399 ), 1400 1401 //new in moodle 1.9 1402 'moodle/question:add' => array( 1403 'riskbitmask' => RISK_SPAM | RISK_XSS, 1404 'captype' => 'write', 1405 'contextlevel' => CONTEXT_COURSE, 1406 'archetypes' => array( 1407 'editingteacher' => CAP_ALLOW, 1408 'manager' => CAP_ALLOW 1409 ), 1410 'clonepermissionsfrom' => 'moodle/question:manage' 1411 ), 1412 'moodle/question:editmine' => array( 1413 'riskbitmask' => RISK_SPAM | RISK_XSS, 1414 'captype' => 'write', 1415 'contextlevel' => CONTEXT_COURSE, 1416 'archetypes' => array( 1417 'editingteacher' => CAP_ALLOW, 1418 'manager' => CAP_ALLOW 1419 ), 1420 'clonepermissionsfrom' => 'moodle/question:manage' 1421 ), 1422 'moodle/question:editall' => array( 1423 'riskbitmask' => RISK_SPAM | RISK_XSS, 1424 'captype' => 'write', 1425 'contextlevel' => CONTEXT_COURSE, 1426 'archetypes' => array( 1427 'editingteacher' => CAP_ALLOW, 1428 'manager' => CAP_ALLOW 1429 ), 1430 'clonepermissionsfrom' => 'moodle/question:manage' 1431 ), 1432 'moodle/question:viewmine' => array( 1433 'captype' => 'read', 1434 'contextlevel' => CONTEXT_COURSE, 1435 'archetypes' => array( 1436 'editingteacher' => CAP_ALLOW, 1437 'manager' => CAP_ALLOW 1438 ), 1439 'clonepermissionsfrom' => 'moodle/question:manage' 1440 ), 1441 'moodle/question:viewall' => array( 1442 'captype' => 'read', 1443 'contextlevel' => CONTEXT_COURSE, 1444 'archetypes' => array( 1445 'editingteacher' => CAP_ALLOW, 1446 'manager' => CAP_ALLOW 1447 ), 1448 'clonepermissionsfrom' => 'moodle/question:manage' 1449 ), 1450 'moodle/question:usemine' => array( 1451 'captype' => 'read', 1452 'contextlevel' => CONTEXT_COURSE, 1453 'archetypes' => array( 1454 'editingteacher' => CAP_ALLOW, 1455 'manager' => CAP_ALLOW 1456 ), 1457 'clonepermissionsfrom' => 'moodle/question:manage' 1458 ), 1459 'moodle/question:useall' => array( 1460 'captype' => 'read', 1461 'contextlevel' => CONTEXT_COURSE, 1462 'archetypes' => array( 1463 'editingteacher' => CAP_ALLOW, 1464 'manager' => CAP_ALLOW 1465 ), 1466 'clonepermissionsfrom' => 'moodle/question:manage' 1467 ), 1468 'moodle/question:movemine' => array( 1469 'captype' => 'write', 1470 'contextlevel' => CONTEXT_COURSE, 1471 'archetypes' => array( 1472 'editingteacher' => CAP_ALLOW, 1473 'manager' => CAP_ALLOW 1474 ), 1475 'clonepermissionsfrom' => 'moodle/question:manage' 1476 ), 1477 'moodle/question:moveall' => array( 1478 'captype' => 'write', 1479 'contextlevel' => CONTEXT_COURSE, 1480 'archetypes' => array( 1481 'editingteacher' => CAP_ALLOW, 1482 'manager' => CAP_ALLOW 1483 ), 1484 'clonepermissionsfrom' => 'moodle/question:manage' 1485 ), 1486 //END new in moodle 1.9 1487 1488 // Configure the installed question types. 1489 'moodle/question:config' => array( 1490 'riskbitmask' => RISK_CONFIG, 1491 'captype' => 'write', 1492 'contextlevel' => CONTEXT_SYSTEM, 1493 'archetypes' => array( 1494 'manager' => CAP_ALLOW 1495 ) 1496 ), 1497 1498 // While attempting questions, the ability to flag particular questions for later reference. 1499 'moodle/question:flag' => array( 1500 'captype' => 'write', 1501 'contextlevel' => CONTEXT_COURSE, 1502 'archetypes' => array( 1503 'student' => CAP_ALLOW, 1504 'teacher' => CAP_ALLOW, 1505 'editingteacher' => CAP_ALLOW, 1506 'manager' => CAP_ALLOW 1507 ) 1508 ), 1509 1510 // Controls whether the user can tag his own questions. 1511 'moodle/question:tagmine' => array( 1512 'captype' => 'write', 1513 'contextlevel' => CONTEXT_COURSE, 1514 'archetypes' => array( 1515 'editingteacher' => CAP_ALLOW, 1516 'manager' => CAP_ALLOW 1517 ), 1518 'clonepermissionsfrom' => 'moodle/question:editmine' 1519 ), 1520 1521 // Controls whether the user can tag all questions. 1522 'moodle/question:tagall' => array( 1523 'captype' => 'write', 1524 'contextlevel' => CONTEXT_COURSE, 1525 'archetypes' => array( 1526 'editingteacher' => CAP_ALLOW, 1527 'manager' => CAP_ALLOW 1528 ), 1529 'clonepermissionsfrom' => 'moodle/question:editall' 1530 ), 1531 1532 'moodle/site:doclinks' => array( 1533 'captype' => 'read', 1534 'contextlevel' => CONTEXT_SYSTEM, 1535 'archetypes' => array( 1536 'teacher' => CAP_ALLOW, 1537 'editingteacher' => CAP_ALLOW, 1538 'manager' => CAP_ALLOW 1539 ) 1540 ), 1541 1542 'moodle/course:sectionvisibility' => array( 1543 1544 'captype' => 'write', 1545 'contextlevel' => CONTEXT_COURSE, 1546 'archetypes' => array( 1547 'editingteacher' => CAP_ALLOW, 1548 'manager' => CAP_ALLOW 1549 ) 1550 ), 1551 1552 'moodle/course:useremail' => array( 1553 1554 'captype' => 'write', 1555 'contextlevel' => CONTEXT_COURSE, 1556 'archetypes' => array( 1557 'editingteacher' => CAP_ALLOW, 1558 'manager' => CAP_ALLOW 1559 ) 1560 ), 1561 1562 'moodle/course:viewhiddensections' => array( 1563 1564 'captype' => 'read', 1565 'contextlevel' => CONTEXT_COURSE, 1566 'archetypes' => array( 1567 'editingteacher' => CAP_ALLOW, 1568 'manager' => CAP_ALLOW 1569 ) 1570 ), 1571 1572 'moodle/course:setcurrentsection' => array( 1573 1574 'captype' => 'write', 1575 'contextlevel' => CONTEXT_COURSE, 1576 'archetypes' => array( 1577 'editingteacher' => CAP_ALLOW, 1578 'manager' => CAP_ALLOW 1579 ) 1580 ), 1581 1582 'moodle/course:movesections' => array( 1583 1584 'captype' => 'write', 1585 'contextlevel' => CONTEXT_COURSE, 1586 'archetypes' => array( 1587 'editingteacher' => CAP_ALLOW, 1588 'manager' => CAP_ALLOW 1589 ), 1590 'clonepermissionsfrom' => 'moodle/course:update' 1591 ), 1592 1593 'moodle/site:mnetlogintoremote' => array( 1594 1595 'captype' => 'read', 1596 'contextlevel' => CONTEXT_SYSTEM, 1597 'archetypes' => array( 1598 ) 1599 ), 1600 1601 'moodle/grade:viewall' => array( 1602 'riskbitmask' => RISK_PERSONAL, 1603 'captype' => 'read', 1604 'contextlevel' => CONTEXT_COURSE, // and CONTEXT_USER 1605 'archetypes' => array( 1606 'teacher' => CAP_ALLOW, 1607 'editingteacher' => CAP_ALLOW, 1608 'manager' => CAP_ALLOW 1609 ), 1610 'clonepermissionsfrom' => 'moodle/course:viewcoursegrades' 1611 ), 1612 1613 'moodle/grade:view' => array( 1614 'captype' => 'read', 1615 'contextlevel' => CONTEXT_COURSE, 1616 'archetypes' => array( 1617 'student' => CAP_ALLOW 1618 ) 1619 ), 1620 1621 'moodle/grade:viewhidden' => array( 1622 'riskbitmask' => RISK_PERSONAL, 1623 'captype' => 'read', 1624 'contextlevel' => CONTEXT_COURSE, 1625 'archetypes' => array( 1626 'teacher' => CAP_ALLOW, 1627 'editingteacher' => CAP_ALLOW, 1628 'manager' => CAP_ALLOW 1629 ), 1630 'clonepermissionsfrom' => 'moodle/course:viewcoursegrades' 1631 ), 1632 1633 'moodle/grade:import' => array( 1634 'riskbitmask' => RISK_PERSONAL | RISK_XSS, 1635 'captype' => 'write', 1636 'contextlevel' => CONTEXT_COURSE, 1637 'archetypes' => array( 1638 'editingteacher' => CAP_ALLOW, 1639 'manager' => CAP_ALLOW 1640 ), 1641 'clonepermissionsfrom' => 'moodle/course:managegrades' 1642 ), 1643 1644 'moodle/grade:export' => array( 1645 'riskbitmask' => RISK_PERSONAL, 1646 'captype' => 'read', 1647 'contextlevel' => CONTEXT_COURSE, 1648 'archetypes' => array( 1649 'teacher' => CAP_ALLOW, 1650 'editingteacher' => CAP_ALLOW, 1651 'manager' => CAP_ALLOW 1652 ), 1653 'clonepermissionsfrom' => 'moodle/course:managegrades' 1654 ), 1655 1656 'moodle/grade:manage' => array( 1657 'riskbitmask' => RISK_PERSONAL | RISK_XSS, 1658 'captype' => 'write', 1659 'contextlevel' => CONTEXT_COURSE, 1660 'archetypes' => array( 1661 'editingteacher' => CAP_ALLOW, 1662 'manager' => CAP_ALLOW 1663 ), 1664 'clonepermissionsfrom' => 'moodle/course:managegrades' 1665 ), 1666 1667 'moodle/grade:edit' => array( 1668 'riskbitmask' => RISK_PERSONAL | RISK_XSS, 1669 'captype' => 'write', 1670 'contextlevel' => CONTEXT_COURSE, 1671 'archetypes' => array( 1672 'editingteacher' => CAP_ALLOW, 1673 'manager' => CAP_ALLOW 1674 ), 1675 'clonepermissionsfrom' => 'moodle/course:managegrades' 1676 ), 1677 1678 // ability to define advanced grading forms in activities either from scratch 1679 // or from a shared template 1680 'moodle/grade:managegradingforms' => array( 1681 'riskbitmask' => RISK_PERSONAL | RISK_XSS, 1682 'captype' => 'write', 1683 'contextlevel' => CONTEXT_COURSE, 1684 'archetypes' => array( 1685 'editingteacher' => CAP_ALLOW, 1686 'manager' => CAP_ALLOW 1687 ), 1688 'clonepermissionsfrom' => 'moodle/course:managegrades' 1689 ), 1690 1691 // ability to save a grading form as a new shared template and eventually edit 1692 // and remove own templates (templates originally shared by that user) 1693 'moodle/grade:sharegradingforms' => array( 1694 'riskbitmask' => RISK_XSS, 1695 'captype' => 'write', 1696 'contextlevel' => CONTEXT_SYSTEM, 1697 'archetypes' => array( 1698 'manager' => CAP_ALLOW 1699 ), 1700 ), 1701 1702 // ability to edit and remove any shared template, even those originally shared 1703 // by other users 1704 'moodle/grade:managesharedforms' => array( 1705 'riskbitmask' => RISK_XSS, 1706 'captype' => 'write', 1707 'contextlevel' => CONTEXT_SYSTEM, 1708 'archetypes' => array( 1709 'manager' => CAP_ALLOW 1710 ), 1711 ), 1712 1713 'moodle/grade:manageoutcomes' => array( 1714 'captype' => 'write', 1715 'contextlevel' => CONTEXT_COURSE, 1716 'archetypes' => array( 1717 'editingteacher' => CAP_ALLOW, 1718 'manager' => CAP_ALLOW 1719 ), 1720 'clonepermissionsfrom' => 'moodle/course:managegrades' 1721 ), 1722 1723 'moodle/grade:manageletters' => array( 1724 'captype' => 'write', 1725 'contextlevel' => CONTEXT_COURSE, 1726 'archetypes' => array( 1727 'editingteacher' => CAP_ALLOW, 1728 'manager' => CAP_ALLOW 1729 ), 1730 'clonepermissionsfrom' => 'moodle/course:managegrades' 1731 ), 1732 1733 'moodle/grade:hide' => array( 1734 'captype' => 'write', 1735 'contextlevel' => CONTEXT_COURSE, 1736 'archetypes' => array( 1737 'editingteacher' => CAP_ALLOW, 1738 'manager' => CAP_ALLOW 1739 ) 1740 ), 1741 1742 'moodle/grade:lock' => array( 1743 'captype' => 'write', 1744 'contextlevel' => CONTEXT_COURSE, 1745 'archetypes' => array( 1746 'editingteacher' => CAP_ALLOW, 1747 'manager' => CAP_ALLOW 1748 ) 1749 ), 1750 1751 'moodle/grade:unlock' => array( 1752 'captype' => 'write', 1753 'contextlevel' => CONTEXT_COURSE, 1754 'archetypes' => array( 1755 'editingteacher' => CAP_ALLOW, 1756 'manager' => CAP_ALLOW 1757 ) 1758 ), 1759 1760 'moodle/my:manageblocks' => array( 1761 'captype' => 'write', 1762 'contextlevel' => CONTEXT_SYSTEM, 1763 'archetypes' => array( 1764 'user' => CAP_ALLOW 1765 ) 1766 ), 1767 1768 'moodle/notes:view' => array( 1769 'captype' => 'read', 1770 'contextlevel' => CONTEXT_COURSE, 1771 'archetypes' => array( 1772 'teacher' => CAP_ALLOW, 1773 'editingteacher' => CAP_ALLOW, 1774 'manager' => CAP_ALLOW 1775 ) 1776 ), 1777 1778 'moodle/notes:manage' => array( 1779 'riskbitmask' => RISK_SPAM, 1780 1781 'captype' => 'write', 1782 'contextlevel' => CONTEXT_COURSE, 1783 'archetypes' => array( 1784 'teacher' => CAP_ALLOW, 1785 'editingteacher' => CAP_ALLOW, 1786 'manager' => CAP_ALLOW 1787 ) 1788 ), 1789 1790 'moodle/tag:manage' => array( 1791 'riskbitmask' => RISK_SPAM, 1792 1793 'captype' => 'write', 1794 'contextlevel' => CONTEXT_SYSTEM, 1795 'archetypes' => array( 1796 'manager' => CAP_ALLOW 1797 ) 1798 ), 1799 1800 'moodle/tag:edit' => array( 1801 'riskbitmask' => RISK_SPAM, 1802 1803 'captype' => 'write', 1804 'contextlevel' => CONTEXT_SYSTEM, 1805 'archetypes' => array( 1806 'manager' => CAP_ALLOW 1807 ) 1808 ), 1809 1810 'moodle/tag:flag' => array( 1811 'riskbitmask' => RISK_SPAM, 1812 1813 'captype' => 'write', 1814 'contextlevel' => CONTEXT_SYSTEM, 1815 'archetypes' => array( 1816 'user' => CAP_ALLOW 1817 ) 1818 ), 1819 1820 'moodle/tag:editblocks' => array( 1821 'captype' => 'write', 1822 'contextlevel' => CONTEXT_SYSTEM, 1823 'archetypes' => array( 1824 'teacher' => CAP_ALLOW, 1825 'editingteacher' => CAP_ALLOW, 1826 'manager' => CAP_ALLOW 1827 ) 1828 ), 1829 1830 'moodle/block:view' => array( 1831 'captype' => 'read', 1832 'contextlevel' => CONTEXT_BLOCK, 1833 'archetypes' => array( 1834 'guest' => CAP_ALLOW, 1835 'user' => CAP_ALLOW, 1836 'student' => CAP_ALLOW, 1837 'teacher' => CAP_ALLOW, 1838 'editingteacher' => CAP_ALLOW, 1839 ) 1840 ), 1841 1842 'moodle/block:edit' => array( 1843 'riskbitmask' => RISK_SPAM | RISK_XSS, 1844 1845 'captype' => 'write', 1846 'contextlevel' => CONTEXT_BLOCK, 1847 'archetypes' => array( 1848 'editingteacher' => CAP_ALLOW, 1849 'manager' => CAP_ALLOW 1850 ) 1851 ), 1852 1853 'moodle/portfolio:export' => array( 1854 'captype' => 'read', 1855 'contextlevel' => CONTEXT_SYSTEM, 1856 'archetypes' => array( 1857 'user' => CAP_ALLOW, 1858 'student' => CAP_ALLOW, 1859 'teacher' => CAP_ALLOW, 1860 'editingteacher' => CAP_ALLOW, 1861 ) 1862 ), 1863 'moodle/comment:view' => array( 1864 'captype' => 'read', 1865 'contextlevel' => CONTEXT_COURSE, 1866 'archetypes' => array( 1867 'frontpage' => CAP_ALLOW, 1868 'guest' => CAP_ALLOW, 1869 'user' => CAP_ALLOW, 1870 'student' => CAP_ALLOW, 1871 'teacher' => CAP_ALLOW, 1872 'editingteacher' => CAP_ALLOW, 1873 'manager' => CAP_ALLOW 1874 ) 1875 ), 1876 'moodle/comment:post' => array( 1877 1878 'riskbitmask' => RISK_SPAM | RISK_PERSONAL, 1879 'captype' => 'write', 1880 'contextlevel' => CONTEXT_COURSE, 1881 'archetypes' => array( 1882 'user' => CAP_ALLOW, 1883 'student' => CAP_ALLOW, 1884 'teacher' => CAP_ALLOW, 1885 'editingteacher' => CAP_ALLOW, 1886 'manager' => CAP_ALLOW 1887 ) 1888 ), 1889 'moodle/comment:delete' => array( 1890 1891 'riskbitmask' => RISK_DATALOSS, 1892 'captype' => 'write', 1893 'contextlevel' => CONTEXT_COURSE, 1894 'archetypes' => array( 1895 'editingteacher' => CAP_ALLOW, 1896 'manager' => CAP_ALLOW 1897 ) 1898 ), 1899 'moodle/webservice:createtoken' => array( 1900 1901 'riskbitmask' => RISK_CONFIG | RISK_DATALOSS | RISK_SPAM | RISK_PERSONAL | RISK_XSS, 1902 'captype' => 'write', 1903 'contextlevel' => CONTEXT_SYSTEM, 1904 'archetypes' => array( 1905 'manager' => CAP_ALLOW 1906 ) 1907 ), 1908 'moodle/webservice:managealltokens' => array( 1909 1910 'riskbitmask' => RISK_CONFIG | RISK_DATALOSS | RISK_PERSONAL, 1911 'captype' => 'write', 1912 'contextlevel' => CONTEXT_SYSTEM, 1913 'archetypes' => array() 1914 ), 1915 'moodle/webservice:createmobiletoken' => array( 1916 1917 'riskbitmask' => RISK_SPAM | RISK_PERSONAL, 1918 'captype' => 'write', 1919 'contextlevel' => CONTEXT_SYSTEM, 1920 'archetypes' => array( 1921 'user' => CAP_ALLOW 1922 ) 1923 ), 1924 'moodle/rating:view' => array( 1925 1926 'captype' => 'read', 1927 'contextlevel' => CONTEXT_COURSE, 1928 'archetypes' => array( 1929 'user' => CAP_ALLOW, 1930 'student' => CAP_ALLOW, 1931 'teacher' => CAP_ALLOW, 1932 'editingteacher' => CAP_ALLOW, 1933 'manager' => CAP_ALLOW 1934 ) 1935 ), 1936 'moodle/rating:viewany' => array( 1937 1938 'riskbitmask' => RISK_PERSONAL, 1939 'captype' => 'read', 1940 'contextlevel' => CONTEXT_COURSE, 1941 'archetypes' => array( 1942 'user' => CAP_ALLOW, 1943 'student' => CAP_ALLOW, 1944 'teacher' => CAP_ALLOW, 1945 'editingteacher' => CAP_ALLOW, 1946 'manager' => CAP_ALLOW 1947 ) 1948 ), 1949 'moodle/rating:viewall' => array( 1950 1951 'riskbitmask' => RISK_PERSONAL, 1952 'captype' => 'read', 1953 'contextlevel' => CONTEXT_COURSE, 1954 'archetypes' => array( 1955 'user' => CAP_ALLOW, 1956 'student' => CAP_ALLOW, 1957 'teacher' => CAP_ALLOW, 1958 'editingteacher' => CAP_ALLOW, 1959 'manager' => CAP_ALLOW 1960 ) 1961 ), 1962 'moodle/rating:rate' => array( 1963 1964 'captype' => 'write', 1965 'contextlevel' => CONTEXT_COURSE, 1966 'archetypes' => array( 1967 'user' => CAP_ALLOW, 1968 'student' => CAP_ALLOW, 1969 'teacher' => CAP_ALLOW, 1970 'editingteacher' => CAP_ALLOW, 1971 'manager' => CAP_ALLOW 1972 ) 1973 ), 1974 'moodle/course:markcomplete' => array( 1975 'captype' => 'write', 1976 'contextlevel' => CONTEXT_COURSE, 1977 'archetypes' => array( 1978 'teacher' => CAP_ALLOW, 1979 'editingteacher' => CAP_ALLOW, 1980 'manager' => CAP_ALLOW 1981 ) 1982 ), 1983 'moodle/course:overridecompletion' => array( 1984 'captype' => 'write', 1985 'contextlevel' => CONTEXT_COURSE, 1986 'archetypes' => array( 1987 'teacher' => CAP_ALLOW, 1988 'editingteacher' => CAP_ALLOW, 1989 'manager' => CAP_ALLOW 1990 ) 1991 ), 1992 1993 // Badges. 1994 'moodle/badges:manageglobalsettings' => array( 1995 'riskbitmask' => RISK_DATALOSS | RISK_CONFIG, 1996 'captype' => 'write', 1997 'contextlevel' => CONTEXT_SYSTEM, 1998 'archetypes' => array( 1999 'manager' => CAP_ALLOW, 2000 ) 2001 ), 2002 2003 // View available badges without earning them. 2004 'moodle/badges:viewbadges' => array( 2005 'captype' => 'read', 2006 'contextlevel' => CONTEXT_COURSE, 2007 'archetypes' => array( 2008 'user' => CAP_ALLOW, 2009 ) 2010 ), 2011 2012 // Manage badges on own private badges page. 2013 'moodle/badges:manageownbadges' => array( 2014 'riskbitmap' => RISK_SPAM, 2015 'captype' => 'write', 2016 'contextlevel' => CONTEXT_USER, 2017 'archetypes' => array( 2018 'user' => CAP_ALLOW 2019 ) 2020 ), 2021 2022 // View public badges in other users' profiles. 2023 'moodle/badges:viewotherbadges' => array( 2024 'riskbitmap' => RISK_PERSONAL, 2025 'captype' => 'read', 2026 'contextlevel' => CONTEXT_USER, 2027 'archetypes' => array( 2028 'user' => CAP_ALLOW 2029 ) 2030 ), 2031 2032 // Earn badge. 2033 'moodle/badges:earnbadge' => array( 2034 'captype' => 'write', 2035 'contextlevel' => CONTEXT_COURSE, 2036 'archetypes' => array( 2037 'user' => CAP_ALLOW, 2038 ) 2039 ), 2040 2041 // Create/duplicate badges. 2042 'moodle/badges:createbadge' => array( 2043 'riskbitmask' => RISK_SPAM, 2044 'captype' => 'write', 2045 'contextlevel' => CONTEXT_COURSE, 2046 'archetypes' => array( 2047 'manager' => CAP_ALLOW, 2048 'editingteacher' => CAP_ALLOW, 2049 ) 2050 ), 2051 2052 // Delete badges. 2053 'moodle/badges:deletebadge' => array( 2054 'riskbitmask' => RISK_DATALOSS, 2055 'captype' => 'write', 2056 'contextlevel' => CONTEXT_COURSE, 2057 'archetypes' => array( 2058 'manager' => CAP_ALLOW, 2059 'editingteacher' => CAP_ALLOW, 2060 ) 2061 ), 2062 2063 // Set up/edit badge details. 2064 'moodle/badges:configuredetails' => array( 2065 'riskbitmask' => RISK_SPAM, 2066 'captype' => 'write', 2067 'contextlevel' => CONTEXT_COURSE, 2068 'archetypes' => array( 2069 'manager' => CAP_ALLOW, 2070 'editingteacher' => CAP_ALLOW, 2071 ) 2072 ), 2073 2074 // Set up/edit criteria of earning a badge. 2075 'moodle/badges:configurecriteria' => array( 2076 'riskbitmask' => RISK_XSS, 2077 'captype' => 'write', 2078 'contextlevel' => CONTEXT_COURSE, 2079 'archetypes' => array( 2080 'manager' => CAP_ALLOW, 2081 'editingteacher' => CAP_ALLOW, 2082 ) 2083 ), 2084 2085 // Configure badge messages. 2086 'moodle/badges:configuremessages' => array( 2087 'riskbitmask' => RISK_SPAM, 2088 'captype' => 'write', 2089 'contextlevel' => CONTEXT_COURSE, 2090 'archetypes' => array( 2091 'manager' => CAP_ALLOW, 2092 'editingteacher' => CAP_ALLOW, 2093 ) 2094 ), 2095 2096 // Award badge to a user. 2097 'moodle/badges:awardbadge' => array( 2098 'riskbitmask' => RISK_SPAM, 2099 'captype' => 'write', 2100 'contextlevel' => CONTEXT_COURSE, 2101 'archetypes' => array( 2102 'manager' => CAP_ALLOW, 2103 'teacher' => CAP_ALLOW, 2104 'editingteacher' => CAP_ALLOW, 2105 ) 2106 ), 2107 2108 // Revoke badge from a user. 2109 'moodle/badges:revokebadge' => array( 2110 'riskbitmask' => RISK_SPAM, 2111 'captype' => 'write', 2112 'contextlevel' => CONTEXT_COURSE, 2113 'archetypes' => array( 2114 'manager' => CAP_ALLOW, 2115 'teacher' => CAP_ALLOW, 2116 'editingteacher' => CAP_ALLOW, 2117 ) 2118 ), 2119 2120 // View users who earned a specific badge without being able to award a badge. 2121 'moodle/badges:viewawarded' => array( 2122 'riskbitmask' => RISK_PERSONAL, 2123 'captype' => 'read', 2124 'contextlevel' => CONTEXT_COURSE, 2125 'archetypes' => array( 2126 'manager' => CAP_ALLOW, 2127 'teacher' => CAP_ALLOW, 2128 'editingteacher' => CAP_ALLOW, 2129 ) 2130 ), 2131 2132 'moodle/site:forcelanguage' => array( 2133 'captype' => 'read', 2134 'contextlevel' => CONTEXT_SYSTEM, 2135 'archetypes' => array( 2136 ) 2137 ), 2138 2139 // Perform site-wide search queries through the search API. 2140 'moodle/search:query' => array( 2141 'captype' => 'read', 2142 'contextlevel' => CONTEXT_SYSTEM, 2143 'archetypes' => array( 2144 'guest' => CAP_ALLOW, 2145 'user' => CAP_ALLOW, 2146 'student' => CAP_ALLOW, 2147 'teacher' => CAP_ALLOW, 2148 'editingteacher' => CAP_ALLOW, 2149 'manager' => CAP_ALLOW 2150 ) 2151 ), 2152 2153 // Competencies. 2154 'moodle/competency:competencymanage' => array( 2155 'captype' => 'write', 2156 'contextlevel' => CONTEXT_COURSECAT, 2157 'archetypes' => array( 2158 'manager' => CAP_ALLOW 2159 ) 2160 ), 2161 'moodle/competency:competencyview' => array( 2162 'captype' => 'read', 2163 'contextlevel' => CONTEXT_COURSECAT, 2164 'archetypes' => array( 2165 'user' => CAP_ALLOW 2166 ), 2167 ), 2168 'moodle/competency:competencygrade' => array( 2169 'captype' => 'write', 2170 'contextlevel' => CONTEXT_COURSE, // And CONTEXT_USER. 2171 'archetypes' => array( 2172 'editingteacher' => CAP_ALLOW, 2173 'teacher' => CAP_ALLOW, 2174 'manager' => CAP_ALLOW 2175 ), 2176 ), 2177 // Course competencies. 2178 'moodle/competency:coursecompetencymanage' => array( 2179 'captype' => 'write', 2180 'contextlevel' => CONTEXT_COURSE, 2181 'archetypes' => array( 2182 'editingteacher' => CAP_ALLOW, 2183 'manager' => CAP_ALLOW 2184 ), 2185 ), 2186 'moodle/competency:coursecompetencyconfigure' => array( 2187 'captype' => 'write', 2188 'contextlevel' => CONTEXT_MODULE, 2189 'archetypes' => array( 2190 'manager' => CAP_ALLOW 2191 ), 2192 ), 2193 'moodle/competency:coursecompetencygradable' => array( 2194 'captype' => 'read', 2195 'contextlevel' => CONTEXT_COURSE, 2196 'archetypes' => array( 2197 'student' => CAP_ALLOW 2198 ), 2199 'clonepermissionsfrom' => 'moodle/course:isincompletionreports' 2200 ), 2201 'moodle/competency:coursecompetencyview' => array( 2202 'captype' => 'read', 2203 'contextlevel' => CONTEXT_COURSE, 2204 'archetypes' => array( 2205 'user' => CAP_ALLOW 2206 ), 2207 ), 2208 // Evidence. 2209 'moodle/competency:evidencedelete' => array( 2210 'captype' => 'write', 2211 'contextlevel' => CONTEXT_USER, 2212 'archetypes' => array( 2213 ), 2214 'clonepermissionsfrom' => 'moodle/site:config' 2215 ), 2216 // User plans. 2217 'moodle/competency:planmanage' => array( 2218 'captype' => 'write', 2219 'contextlevel' => CONTEXT_USER, 2220 'archetypes' => array( 2221 'manager' => CAP_ALLOW 2222 ), 2223 ), 2224 'moodle/competency:planmanagedraft' => array( 2225 'captype' => 'write', 2226 'contextlevel' => CONTEXT_USER, 2227 'archetypes' => array( 2228 'manager' => CAP_ALLOW 2229 ), 2230 ), 2231 'moodle/competency:planmanageown' => array( 2232 'captype' => 'write', 2233 'contextlevel' => CONTEXT_USER, 2234 'archetypes' => array( 2235 ), 2236 ), 2237 'moodle/competency:planmanageowndraft' => array( 2238 'captype' => 'write', 2239 'contextlevel' => CONTEXT_USER, 2240 'archetypes' => array( 2241 ), 2242 ), 2243 'moodle/competency:planview' => array( 2244 'captype' => 'read', 2245 'contextlevel' => CONTEXT_USER, 2246 'archetypes' => array( 2247 'manager' => CAP_ALLOW 2248 ), 2249 ), 2250 'moodle/competency:planviewdraft' => array( 2251 'captype' => 'read', 2252 'contextlevel' => CONTEXT_USER, 2253 'archetypes' => array( 2254 'manager' => CAP_ALLOW 2255 ), 2256 ), 2257 'moodle/competency:planviewown' => array( 2258 'captype' => 'read', 2259 'contextlevel' => CONTEXT_USER, 2260 'archetypes' => array( 2261 'user' => CAP_ALLOW 2262 ), 2263 ), 2264 'moodle/competency:planviewowndraft' => array( 2265 'captype' => 'read', 2266 'contextlevel' => CONTEXT_USER, 2267 'archetypes' => array( 2268 ), 2269 ), 2270 'moodle/competency:planrequestreview' => array( 2271 'captype' => 'write', 2272 'contextlevel' => CONTEXT_USER, 2273 'archetypes' => array( 2274 'manager' => CAP_ALLOW 2275 ) 2276 ), 2277 'moodle/competency:planrequestreviewown' => array( 2278 'captype' => 'write', 2279 'contextlevel' => CONTEXT_USER, 2280 'archetypes' => array( 2281 'user' => CAP_ALLOW 2282 ) 2283 ), 2284 'moodle/competency:planreview' => array( 2285 'captype' => 'write', 2286 'contextlevel' => CONTEXT_USER, 2287 'archetypes' => array( 2288 'manager' => CAP_ALLOW 2289 ), 2290 ), 2291 'moodle/competency:plancomment' => array( 2292 'captype' => 'write', 2293 'contextlevel' => CONTEXT_USER, 2294 'archetypes' => array( 2295 'manager' => CAP_ALLOW 2296 ), 2297 ), 2298 'moodle/competency:plancommentown' => array( 2299 'captype' => 'write', 2300 'contextlevel' => CONTEXT_USER, 2301 'archetypes' => array( 2302 'user' => CAP_ALLOW 2303 ), 2304 ), 2305 // User competencies. 2306 'moodle/competency:usercompetencyview' => array( 2307 'captype' => 'read', 2308 'contextlevel' => CONTEXT_USER, // And CONTEXT_COURSE. 2309 'archetypes' => array( 2310 'manager' => CAP_ALLOW, 2311 'editingteacher' => CAP_ALLOW, 2312 'teacher' => CAP_ALLOW 2313 ) 2314 ), 2315 'moodle/competency:usercompetencyrequestreview' => array( 2316 'captype' => 'write', 2317 'contextlevel' => CONTEXT_USER, 2318 'archetypes' => array( 2319 'manager' => CAP_ALLOW 2320 ) 2321 ), 2322 'moodle/competency:usercompetencyrequestreviewown' => array( 2323 'captype' => 'write', 2324 'contextlevel' => CONTEXT_USER, 2325 'archetypes' => array( 2326 'user' => CAP_ALLOW 2327 ) 2328 ), 2329 'moodle/competency:usercompetencyreview' => array( 2330 'captype' => 'write', 2331 'contextlevel' => CONTEXT_USER, 2332 'archetypes' => array( 2333 'manager' => CAP_ALLOW 2334 ), 2335 ), 2336 'moodle/competency:usercompetencycomment' => array( 2337 'captype' => 'write', 2338 'contextlevel' => CONTEXT_USER, 2339 'archetypes' => array( 2340 'manager' => CAP_ALLOW 2341 ), 2342 ), 2343 'moodle/competency:usercompetencycommentown' => array( 2344 'captype' => 'write', 2345 'contextlevel' => CONTEXT_USER, 2346 'archetypes' => array( 2347 'user' => CAP_ALLOW 2348 ), 2349 ), 2350 // Template. 2351 'moodle/competency:templatemanage' => array( 2352 'captype' => 'write', 2353 'contextlevel' => CONTEXT_COURSECAT, 2354 'archetypes' => array( 2355 'manager' => CAP_ALLOW 2356 ), 2357 ), 2358 'moodle/analytics:listinsights' => array( 2359 'riskbitmask' => RISK_PERSONAL, 2360 'captype' => 'read', 2361 'contextlevel' => CONTEXT_COURSE, 2362 'archetypes' => array( 2363 'teacher' => CAP_ALLOW, 2364 'editingteacher' => CAP_ALLOW, 2365 'manager' => CAP_ALLOW 2366 ) 2367 ), 2368 'moodle/analytics:managemodels' => array( 2369 'riskbitmask' => RISK_CONFIG, 2370 'captype' => 'write', 2371 'contextlevel' => CONTEXT_SYSTEM, 2372 'archetypes' => array( 2373 'manager' => CAP_ALLOW 2374 ), 2375 ), 2376 'moodle/competency:templateview' => array( 2377 'captype' => 'read', 2378 'contextlevel' => CONTEXT_COURSECAT, 2379 'archetypes' => array( 2380 'manager' => CAP_ALLOW 2381 ), 2382 ), 2383 // User evidence. 2384 'moodle/competency:userevidencemanage' => array( 2385 'captype' => 'write', 2386 'contextlevel' => CONTEXT_USER, 2387 'archetypes' => array( 2388 'manager' => CAP_ALLOW 2389 ), 2390 ), 2391 'moodle/competency:userevidencemanageown' => array( 2392 'captype' => 'write', 2393 'contextlevel' => CONTEXT_USER, 2394 'archetypes' => array( 2395 'user' => CAP_ALLOW 2396 ), 2397 ), 2398 'moodle/competency:userevidenceview' => array( 2399 'captype' => 'read', 2400 'contextlevel' => CONTEXT_USER, 2401 'archetypes' => array( 2402 'manager' => CAP_ALLOW 2403 ), 2404 ), 2405 'moodle/site:maintenanceaccess' => array( 2406 'captype' => 'write', 2407 'contextlevel' => CONTEXT_SYSTEM, 2408 'archetypes' => array( 2409 ) 2410 ), 2411 // Allow message any user, regardlesss of the privacy preferences for messaging. 2412 'moodle/site:messageanyuser' => array( 2413 'riskbitmask' => RISK_SPAM, 2414 'captype' => 'write', 2415 'contextlevel' => CONTEXT_SYSTEM, 2416 'archetypes' => array( 2417 'teacher' => CAP_ALLOW, 2418 'editingteacher' => CAP_ALLOW, 2419 'manager' => CAP_ALLOW 2420 ) 2421 ), 2422 2423 // Context locking/unlocking. 2424 'moodle/site:managecontextlocks' => [ 2425 'captype' => 'write', 2426 'contextlevel' => CONTEXT_MODULE, 2427 'archetypes' => [ 2428 ], 2429 ], 2430 2431 // Manual completion toggling. 2432 'moodle/course:togglecompletion' => [ 2433 'captype' => 'write', 2434 'contextlevel' => CONTEXT_MODULE, 2435 'archetypes' => [ 2436 'user' => CAP_ALLOW, 2437 ], 2438 ], 2439 2440 'moodle/analytics:listowninsights' => array( 2441 'captype' => 'read', 2442 'contextlevel' => CONTEXT_SYSTEM, 2443 'archetypes' => array( 2444 'user' => CAP_ALLOW 2445 ) 2446 ), 2447 2448 // Set display option buttons to an H5P content. 2449 'moodle/h5p:setdisplayoptions' => array( 2450 'captype' => 'write', 2451 'contextlevel' => CONTEXT_MODULE, 2452 'archetypes' => array( 2453 'editingteacher' => CAP_ALLOW, 2454 ) 2455 ), 2456 2457 // Allow to deploy H5P content. 2458 'moodle/h5p:deploy' => array( 2459 'riskbitmask' => RISK_XSS, 2460 'captype' => 'write', 2461 'contextlevel' => CONTEXT_MODULE, 2462 'archetypes' => array( 2463 'manager' => CAP_ALLOW, 2464 'editingteacher' => CAP_ALLOW, 2465 ) 2466 ), 2467 2468 // Allow to update H5P content-type libraries. 2469 'moodle/h5p:updatelibraries' => [ 2470 'riskbitmask' => RISK_XSS, 2471 'captype' => 'write', 2472 'contextlevel' => CONTEXT_MODULE, 2473 'archetypes' => [ 2474 'manager' => CAP_ALLOW, 2475 ] 2476 ], 2477 2478 // Allow users to recommend activities in the activity chooser. 2479 'moodle/course:recommendactivity' => [ 2480 'captype' => 'write', 2481 'contextlevel' => CONTEXT_SYSTEM, 2482 'archetypes' => [ 2483 'manager' => CAP_ALLOW, 2484 ] 2485 ], 2486 2487 // Content bank capabilities. 2488 'moodle/contentbank:access' => array( 2489 'captype' => 'read', 2490 'contextlevel' => CONTEXT_COURSE, 2491 'archetypes' => array( 2492 'manager' => CAP_ALLOW, 2493 'coursecreator' => CAP_ALLOW, 2494 'editingteacher' => CAP_ALLOW, 2495 ) 2496 ), 2497 2498 'moodle/contentbank:upload' => array( 2499 'riskbitmask' => RISK_SPAM, 2500 'captype' => 'write', 2501 'contextlevel' => CONTEXT_COURSE, 2502 'archetypes' => array( 2503 'manager' => CAP_ALLOW, 2504 'coursecreator' => CAP_ALLOW, 2505 'editingteacher' => CAP_ALLOW, 2506 ) 2507 ), 2508 2509 // Delete any content from the content bank. 2510 'moodle/contentbank:deleteanycontent' => [ 2511 'riskbitmask' => RISK_DATALOSS, 2512 'captype' => 'write', 2513 'contextlevel' => CONTEXT_COURSE, 2514 'archetypes' => [ 2515 'manager' => CAP_ALLOW, 2516 'coursecreator' => CAP_ALLOW, 2517 ] 2518 ], 2519 2520 // Delete content created by yourself. 2521 'moodle/contentbank:deleteowncontent' => [ 2522 'captype' => 'write', 2523 'contextlevel' => CONTEXT_COURSE, 2524 'archetypes' => [ 2525 'user' => CAP_ALLOW, 2526 ] 2527 ], 2528 2529 // Manage (rename, move, publish, share, etc.) any content from the content bank. 2530 'moodle/contentbank:manageanycontent' => [ 2531 'riskbitmask' => RISK_DATALOSS, 2532 'captype' => 'write', 2533 'contextlevel' => CONTEXT_COURSE, 2534 'archetypes' => array( 2535 'manager' => CAP_ALLOW, 2536 'coursecreator' => CAP_ALLOW, 2537 ) 2538 ], 2539 2540 // Manage (rename, move, publish, share, etc.) content created by yourself. 2541 'moodle/contentbank:manageowncontent' => [ 2542 'captype' => 'write', 2543 'contextlevel' => CONTEXT_COURSE, 2544 'archetypes' => array( 2545 'manager' => CAP_ALLOW, 2546 'coursecreator' => CAP_ALLOW, 2547 'editingteacher' => CAP_ALLOW, 2548 ) 2549 ], 2550 2551 // Allow users to create/edit content within the content bank. 2552 'moodle/contentbank:useeditor' => [ 2553 'riskbitmask' => RISK_SPAM, 2554 'captype' => 'write', 2555 'contextlevel' => CONTEXT_COURSE, 2556 'archetypes' => array( 2557 'manager' => CAP_ALLOW, 2558 'coursecreator' => CAP_ALLOW, 2559 'editingteacher' => CAP_ALLOW, 2560 ) 2561 ], 2562 );
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
