Differences Between: [Versions 310 and 400] [Versions 311 and 400] [Versions 39 and 400] [Versions 400 and 401] [Versions 400 and 402] [Versions 400 and 403]
1 <?php 2 // This file is part of Moodle - http://moodle.org/ 3 // 4 // Moodle is free software: you can redistribute it and/or modify 5 // it under the terms of the GNU General Public License as published by 6 // the Free Software Foundation, either version 3 of the License, or 7 // (at your option) any later version. 8 // 9 // Moodle is distributed in the hope that it will be useful, 10 // but WITHOUT ANY WARRANTY; without even the implied warranty of 11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 // GNU General Public License for more details. 13 // 14 // You should have received a copy of the GNU General Public License 15 // along with Moodle. If not, see <http://www.gnu.org/licenses/>. 16 17 /** 18 * Capability definitions for Moodle core. 19 * 20 * The capabilities are loaded into the database table when the module is 21 * installed or updated. Whenever the capability definitions are updated, 22 * the module version number should be bumped up. 23 * 24 * The system has four possible values for a capability: 25 * CAP_ALLOW, CAP_PREVENT, CAP_PROHIBIT, and inherit (not set). 26 * 27 * 28 * CAPABILITY NAMING CONVENTION 29 * 30 * It is important that capability names are unique. The naming convention 31 * for capabilities that are specific to modules and blocks is as follows: 32 * [mod/block]/<plugin_name>:<capabilityname> 33 * 34 * component_name should be the same as the directory name of the mod or block. 35 * 36 * Core moodle capabilities are defined thus: 37 * moodle/<capabilityclass>:<capabilityname> 38 * 39 * Examples: mod/forum:viewpost 40 * block/recent_activity:view 41 * moodle/site:deleteuser 42 * 43 * The variable name for the capability definitions array is $capabilities 44 * 45 * For more information, take a look to the documentation available: 46 * - Access API: {@link http://docs.moodle.org/dev/Access_API} 47 * - Upgrade API: {@link http://docs.moodle.org/dev/Upgrade_API} 48 * 49 * @package core_access 50 * @category access 51 * @copyright 2006 onwards Martin Dougiamas http://dougiamas.com 52 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later 53 */ 54 55 defined('MOODLE_INTERNAL') || die(); 56 57 $capabilities = array( 58 'moodle/site:config' => array( 59 60 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS | RISK_CONFIG | RISK_DATALOSS, 61 62 'captype' => 'write', 63 'contextlevel' => CONTEXT_SYSTEM, 64 'archetypes' => array( 65 ) 66 ), 67 'moodle/site:configview' => array( 68 'captype' => 'read', 69 'contextlevel' => CONTEXT_SYSTEM, 70 'archetypes' => array( 71 'manager' => CAP_ALLOW, 72 'coursecreator' => CAP_ALLOW, 73 ) 74 ), 75 76 'moodle/site:readallmessages' => array( 77 78 'riskbitmask' => RISK_PERSONAL, 79 80 'captype' => 'read', 81 'contextlevel' => CONTEXT_SYSTEM, 82 'archetypes' => array( 83 'manager' => CAP_ALLOW, 84 'editingteacher' => CAP_ALLOW 85 ) 86 ), 87 88 'moodle/site:manageallmessaging' => array( 89 90 'riskbitmask' => RISK_PERSONAL, 91 92 'captype' => 'write', 93 'contextlevel' => CONTEXT_SYSTEM, 94 'archetypes' => array( 95 'manager' => CAP_ALLOW 96 ) 97 ), 98 99 'moodle/site:deleteanymessage' => array( 100 101 'riskbitmask' => RISK_DATALOSS, 102 103 'captype' => 'write', 104 'contextlevel' => CONTEXT_SYSTEM, 105 'archetypes' => array( 106 'manager' => CAP_ALLOW 107 ) 108 ), 109 110 'moodle/site:sendmessage' => array( 111 112 'riskbitmask' => RISK_SPAM, 113 114 'captype' => 'write', 115 'contextlevel' => CONTEXT_SYSTEM, 116 'archetypes' => array( 117 'manager' => CAP_ALLOW, 118 'user' => CAP_ALLOW 119 ) 120 ), 121 122 'moodle/site:senderrormessage' => [ 123 'riskbitmask' => RISK_SPAM, 124 'captype' => 'write', 125 'contextlevel' => CONTEXT_SYSTEM, 126 'archetypes' => array( 127 'user' => CAP_ALLOW 128 ) 129 ], 130 131 'moodle/site:deleteownmessage' => array( 132 133 'captype' => 'write', 134 'contextlevel' => CONTEXT_SYSTEM, 135 'archetypes' => array( 136 'user' => CAP_ALLOW 137 ) 138 ), 139 140 'moodle/site:approvecourse' => array( 141 142 'riskbitmask' => RISK_XSS, 143 144 'captype' => 'write', 145 'contextlevel' => CONTEXT_COURSECAT, 146 'archetypes' => array( 147 'manager' => CAP_ALLOW 148 ) 149 ), 150 151 'moodle/backup:backupcourse' => array( 152 153 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS, 154 155 'captype' => 'write', 156 'contextlevel' => CONTEXT_COURSE, 157 'archetypes' => array( 158 'editingteacher' => CAP_ALLOW, 159 'manager' => CAP_ALLOW 160 ), 161 162 'clonepermissionsfrom' => 'moodle/site:backup' 163 ), 164 165 'moodle/backup:backupsection' => array( 166 167 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS, 168 169 'captype' => 'write', 170 'contextlevel' => CONTEXT_COURSE, 171 'archetypes' => array( 172 'editingteacher' => CAP_ALLOW, 173 'manager' => CAP_ALLOW 174 ), 175 176 'clonepermissionsfrom' => 'moodle/backup:backupcourse' 177 ), 178 179 'moodle/backup:backupactivity' => array( 180 181 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS, 182 183 'captype' => 'write', 184 'contextlevel' => CONTEXT_MODULE, 185 'archetypes' => array( 186 'editingteacher' => CAP_ALLOW, 187 'manager' => CAP_ALLOW 188 ), 189 190 'clonepermissionsfrom' => 'moodle/backup:backupcourse' 191 ), 192 193 'moodle/backup:backuptargetimport' => array( 194 195 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS, 196 197 'captype' => 'read', 198 'contextlevel' => CONTEXT_COURSE, 199 'archetypes' => array( 200 'editingteacher' => CAP_ALLOW, 201 'manager' => CAP_ALLOW 202 ), 203 204 'clonepermissionsfrom' => 'moodle/backup:backupcourse' 205 ), 206 207 'moodle/backup:downloadfile' => array( 208 209 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS, 210 211 'captype' => 'write', 212 'contextlevel' => CONTEXT_COURSE, 213 'archetypes' => array( 214 'editingteacher' => CAP_ALLOW, 215 'manager' => CAP_ALLOW 216 ), 217 218 'clonepermissionsfrom' => 'moodle/site:backupdownload' 219 ), 220 221 'moodle/backup:configure' => array( 222 223 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS, 224 225 'captype' => 'write', 226 'contextlevel' => CONTEXT_COURSE, 227 'archetypes' => array( 228 'editingteacher' => CAP_ALLOW, 229 'manager' => CAP_ALLOW 230 ) 231 ), 232 233 'moodle/backup:userinfo' => array( 234 235 'riskbitmask' => RISK_PERSONAL, 236 237 'captype' => 'read', 238 'contextlevel' => CONTEXT_COURSE, 239 'archetypes' => array( 240 'manager' => CAP_ALLOW 241 ) 242 ), 243 244 'moodle/backup:anonymise' => array( 245 246 'riskbitmask' => RISK_PERSONAL, 247 248 'captype' => 'read', 249 'contextlevel' => CONTEXT_COURSE, 250 'archetypes' => array( 251 'manager' => CAP_ALLOW 252 ) 253 ), 254 255 'moodle/restore:restorecourse' => array( 256 257 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS, 258 259 'captype' => 'write', 260 'contextlevel' => CONTEXT_COURSE, 261 'archetypes' => array( 262 'editingteacher' => CAP_ALLOW, 263 'manager' => CAP_ALLOW 264 ), 265 266 'clonepermissionsfrom' => 'moodle/site:restore' 267 ), 268 269 'moodle/restore:restoresection' => array( 270 271 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS, 272 273 'captype' => 'write', 274 'contextlevel' => CONTEXT_COURSE, 275 'archetypes' => array( 276 'editingteacher' => CAP_ALLOW, 277 'manager' => CAP_ALLOW 278 ), 279 280 'clonepermissionsfrom' => 'moodle/restore:restorecourse' 281 ), 282 283 'moodle/restore:restoreactivity' => array( 284 285 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS, 286 287 'captype' => 'write', 288 'contextlevel' => CONTEXT_COURSE, 289 'archetypes' => array( 290 'editingteacher' => CAP_ALLOW, 291 'manager' => CAP_ALLOW 292 ), 293 294 'clonepermissionsfrom' => 'moodle/restore:restorecourse' 295 ), 296 297 'moodle/restore:viewautomatedfilearea' => array( 298 299 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS, 300 301 'captype' => 'write', 302 'contextlevel' => CONTEXT_COURSE, 303 'archetypes' => array( 304 'editingteacher' => CAP_ALLOW, 305 'manager' => CAP_ALLOW 306 ), 307 ), 308 309 'moodle/restore:restoretargetimport' => array( 310 311 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS, 312 313 'captype' => 'write', 314 'contextlevel' => CONTEXT_COURSE, 315 'archetypes' => array( 316 'editingteacher' => CAP_ALLOW, 317 'manager' => CAP_ALLOW 318 ), 319 320 'clonepermissionsfrom' => 'moodle/site:import' 321 ), 322 323 'moodle/restore:uploadfile' => array( 324 325 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS, 326 327 'captype' => 'write', 328 'contextlevel' => CONTEXT_COURSE, 329 'archetypes' => array( 330 'editingteacher' => CAP_ALLOW, 331 'manager' => CAP_ALLOW 332 ), 333 334 'clonepermissionsfrom' => 'moodle/site:backupupload' 335 ), 336 337 'moodle/restore:configure' => array( 338 339 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS, 340 341 'captype' => 'write', 342 'contextlevel' => CONTEXT_COURSE, 343 'archetypes' => array( 344 'editingteacher' => CAP_ALLOW, 345 'manager' => CAP_ALLOW 346 ) 347 ), 348 349 'moodle/restore:rolldates' => array( 350 351 'captype' => 'write', 352 'contextlevel' => CONTEXT_COURSE, 353 'archetypes' => array( 354 'coursecreator' => CAP_ALLOW, 355 'manager' => CAP_ALLOW 356 ) 357 ), 358 359 'moodle/restore:userinfo' => array( 360 361 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS | RISK_CONFIG, 362 363 'captype' => 'write', 364 'contextlevel' => CONTEXT_COURSE, 365 'archetypes' => array( 366 'manager' => CAP_ALLOW 367 ) 368 ), 369 370 'moodle/restore:createuser' => array( 371 372 'riskbitmask' => RISK_SPAM | RISK_PERSONAL, 373 374 'captype' => 'write', 375 'contextlevel' => CONTEXT_SYSTEM, 376 'archetypes' => array( 377 'manager' => CAP_ALLOW 378 ) 379 ), 380 381 'moodle/site:manageblocks' => array( 382 383 'riskbitmask' => RISK_SPAM | RISK_XSS, 384 385 'captype' => 'write', 386 'contextlevel' => CONTEXT_BLOCK, 387 'archetypes' => array( 388 'editingteacher' => CAP_ALLOW, 389 'manager' => CAP_ALLOW 390 ) 391 ), 392 393 'moodle/site:accessallgroups' => array( 394 395 'captype' => 'read', 396 'contextlevel' => CONTEXT_MODULE, 397 'archetypes' => array( 398 'editingteacher' => CAP_ALLOW, 399 'manager' => CAP_ALLOW 400 ) 401 ), 402 403 'moodle/site:viewanonymousevents' => array( 404 405 'riskbitmask' => RISK_PERSONAL, 406 407 'captype' => 'read', 408 'contextlevel' => CONTEXT_MODULE, 409 'archetypes' => array( 410 'manager' => CAP_ALLOW, 411 ) 412 ), 413 414 'moodle/site:viewfullnames' => array( 415 416 'captype' => 'read', 417 'contextlevel' => CONTEXT_MODULE, 418 'archetypes' => array( 419 'teacher' => CAP_ALLOW, 420 'editingteacher' => CAP_ALLOW, 421 'manager' => CAP_ALLOW 422 ) 423 ), 424 425 // In reports that give lists of users, extra information about each user's 426 // identity (the fields configured in site option showuseridentity) will be 427 // displayed to users who have this capability. 428 'moodle/site:viewuseridentity' => array( 429 430 'captype' => 'read', 431 'contextlevel' => CONTEXT_MODULE, 432 'archetypes' => array( 433 'teacher' => CAP_ALLOW, 434 'editingteacher' => CAP_ALLOW, 435 'manager' => CAP_ALLOW 436 ) 437 ), 438 439 'moodle/site:viewreports' => array( 440 441 'riskbitmask' => RISK_PERSONAL, 442 443 'captype' => 'read', 444 'contextlevel' => CONTEXT_COURSE, 445 'archetypes' => array( 446 'teacher' => CAP_ALLOW, 447 'editingteacher' => CAP_ALLOW, 448 'manager' => CAP_ALLOW 449 ) 450 ), 451 452 'moodle/site:trustcontent' => array( 453 454 'riskbitmask' => RISK_XSS, 455 456 'captype' => 'write', 457 'contextlevel' => CONTEXT_MODULE, 458 'archetypes' => array( 459 'editingteacher' => CAP_ALLOW, 460 'manager' => CAP_ALLOW 461 ) 462 ), 463 464 'moodle/site:uploadusers' => array( 465 466 'riskbitmask' => RISK_SPAM | RISK_PERSONAL, 467 468 'captype' => 'write', 469 'contextlevel' => CONTEXT_SYSTEM, 470 'archetypes' => array( 471 'manager' => CAP_ALLOW 472 ) 473 ), 474 475 // Permission to manage filter setting overrides in subcontexts. 476 'moodle/filter:manage' => array( 477 478 'captype' => 'write', 479 'contextlevel' => CONTEXT_COURSE, 480 'archetypes' => array( 481 'editingteacher' => CAP_ALLOW, 482 'manager' => CAP_ALLOW, 483 ) 484 ), 485 486 'moodle/user:create' => array( 487 488 'riskbitmask' => RISK_SPAM | RISK_PERSONAL, 489 490 'captype' => 'write', 491 'contextlevel' => CONTEXT_SYSTEM, 492 'archetypes' => array( 493 'manager' => CAP_ALLOW 494 ) 495 ), 496 497 'moodle/user:delete' => array( 498 499 'riskbitmask' => RISK_PERSONAL | RISK_DATALOSS, 500 501 'captype' => 'write', 502 'contextlevel' => CONTEXT_SYSTEM, 503 'archetypes' => array( 504 'manager' => CAP_ALLOW 505 ) 506 ), 507 508 'moodle/user:update' => array( 509 510 'riskbitmask' => RISK_SPAM | RISK_PERSONAL, 511 512 'captype' => 'write', 513 'contextlevel' => CONTEXT_SYSTEM, 514 'archetypes' => array( 515 'manager' => CAP_ALLOW 516 ) 517 ), 518 519 'moodle/user:viewdetails' => array( 520 521 'captype' => 'read', 522 'contextlevel' => CONTEXT_COURSE, 523 'archetypes' => array( 524 'guest' => CAP_ALLOW, 525 'student' => CAP_ALLOW, 526 'teacher' => CAP_ALLOW, 527 'editingteacher' => CAP_ALLOW, 528 'manager' => CAP_ALLOW 529 ) 530 ), 531 532 'moodle/user:viewalldetails' => array( 533 'riskbitmask' => RISK_PERSONAL, 534 'captype' => 'read', 535 'contextlevel' => CONTEXT_USER, 536 'archetypes' => array( 537 'manager' => CAP_ALLOW 538 ), 539 'clonepermissionsfrom' => 'moodle/user:update' 540 ), 541 542 'moodle/user:viewlastip' => array( 543 'riskbitmask' => RISK_PERSONAL, 544 'captype' => 'read', 545 'contextlevel' => CONTEXT_USER, 546 'archetypes' => array( 547 'manager' => CAP_ALLOW 548 ), 549 'clonepermissionsfrom' => 'moodle/user:update' 550 ), 551 552 'moodle/user:viewhiddendetails' => array( 553 554 'riskbitmask' => RISK_PERSONAL, 555 556 'captype' => 'read', 557 'contextlevel' => CONTEXT_COURSE, 558 'archetypes' => array( 559 'teacher' => CAP_ALLOW, 560 'editingteacher' => CAP_ALLOW, 561 'manager' => CAP_ALLOW 562 ) 563 ), 564 565 'moodle/user:loginas' => array( 566 567 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS | RISK_CONFIG, 568 569 'captype' => 'write', 570 'contextlevel' => CONTEXT_COURSE, 571 'archetypes' => array( 572 'manager' => CAP_ALLOW 573 ) 574 ), 575 576 // can the user manage the system default profile page? 577 'moodle/user:managesyspages' => array( 578 579 'riskbitmap' => RISK_SPAM | RISK_PERSONAL | RISK_CONFIG, 580 581 'captype' => 'write', 582 'contextlevel' => CONTEXT_SYSTEM, 583 'archetypes' => array( 584 'manager' => CAP_ALLOW 585 ) 586 ), 587 588 // can the user manage another user's profile page? 589 'moodle/user:manageblocks' => array( 590 591 'riskbitmap' => RISK_SPAM | RISK_PERSONAL, 592 593 'captype' => 'write', 594 'contextlevel' => CONTEXT_USER 595 ), 596 597 // can the user manage their own profile page? 598 'moodle/user:manageownblocks' => array( 599 600 'riskbitmap' => RISK_SPAM | RISK_PERSONAL, 601 602 'captype' => 'write', 603 'contextlevel' => CONTEXT_SYSTEM, 604 'archetypes' => array( 605 'user' => CAP_ALLOW 606 ) 607 ), 608 609 // can the user manage their own files? 610 'moodle/user:manageownfiles' => array( 611 612 'riskbitmap' => RISK_SPAM | RISK_PERSONAL, 613 614 'captype' => 'write', 615 'contextlevel' => CONTEXT_SYSTEM, 616 'archetypes' => array( 617 'user' => CAP_ALLOW 618 ) 619 ), 620 621 // Can the user ignore the setting userquota? 622 // The permissions are cloned from ignorefilesizelimits as it was partly used for that purpose. 623 'moodle/user:ignoreuserquota' => array( 624 'riskbitmap' => RISK_SPAM, 625 'captype' => 'write', 626 'contextlevel' => CONTEXT_SYSTEM, 627 'clonepermissionsfrom' => 'moodle/course:ignorefilesizelimits' 628 ), 629 630 // can the user manage the system default dashboard page? 631 'moodle/my:configsyspages' => array( 632 633 'riskbitmap' => RISK_SPAM | RISK_PERSONAL | RISK_CONFIG, 634 635 'captype' => 'write', 636 'contextlevel' => CONTEXT_SYSTEM, 637 'archetypes' => array( 638 'manager' => CAP_ALLOW 639 ) 640 ), 641 642 'moodle/role:assign' => array( 643 644 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS, 645 646 'captype' => 'write', 647 'contextlevel' => CONTEXT_COURSE, 648 'archetypes' => array( 649 'editingteacher' => CAP_ALLOW, 650 'manager' => CAP_ALLOW 651 ) 652 ), 653 654 'moodle/role:review' => array( 655 656 'riskbitmask' => RISK_PERSONAL, 657 658 'captype' => 'read', 659 'contextlevel' => CONTEXT_COURSE, 660 'archetypes' => array( 661 'teacher' => CAP_ALLOW, 662 'editingteacher' => CAP_ALLOW, 663 'manager' => CAP_ALLOW 664 ) 665 ), 666 667 // The ability to override the permissions for any capability. 668 'moodle/role:override' => array( 669 670 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS, 671 672 'captype' => 'write', 673 'contextlevel' => CONTEXT_COURSE, 674 'archetypes' => array( 675 'manager' => CAP_ALLOW 676 ) 677 ), 678 679 // The ability to override the permissions for 'safe' capabilities (those without risks). 680 // If a user has moodle/role:override then you should not check this capability. 681 'moodle/role:safeoverride' => array( 682 683 'riskbitmask' => RISK_SPAM, 684 685 'captype' => 'write', 686 'contextlevel' => CONTEXT_COURSE, 687 'archetypes' => array( 688 'editingteacher' => CAP_ALLOW 689 ) 690 ), 691 692 'moodle/role:manage' => array( 693 694 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS, 695 696 'captype' => 'write', 697 'contextlevel' => CONTEXT_SYSTEM, 698 'archetypes' => array( 699 'manager' => CAP_ALLOW 700 ) 701 ), 702 703 'moodle/role:switchroles' => array( 704 705 'riskbitmask' => RISK_XSS | RISK_PERSONAL, 706 707 'captype' => 'read', 708 'contextlevel' => CONTEXT_COURSE, 709 'archetypes' => array( 710 'editingteacher' => CAP_ALLOW, 711 'manager' => CAP_ALLOW 712 ) 713 ), 714 715 // Create, update and delete course categories. (Deleting a course category 716 // does not let you delete the courses it contains, unless you also have 717 // moodle/course: delete.) Creating and deleting requires this permission in 718 // the parent category. 719 'moodle/category:manage' => array( 720 721 'riskbitmask' => RISK_XSS, 722 723 'captype' => 'write', 724 'contextlevel' => CONTEXT_COURSECAT, 725 'archetypes' => array( 726 'manager' => CAP_ALLOW 727 ), 728 'clonepermissionsfrom' => 'moodle/category:update' 729 ), 730 731 'moodle/category:viewcourselist' => array( 732 733 'captype' => 'read', 734 'contextlevel' => CONTEXT_COURSECAT, 735 'archetypes' => array( 736 'guest' => CAP_ALLOW, 737 'user' => CAP_ALLOW, 738 ) 739 ), 740 741 'moodle/category:viewhiddencategories' => array( 742 743 'captype' => 'read', 744 'contextlevel' => CONTEXT_COURSECAT, 745 'archetypes' => array( 746 'coursecreator' => CAP_ALLOW, 747 'manager' => CAP_ALLOW 748 ), 749 'clonepermissionsfrom' => 'moodle/category:visibility' 750 ), 751 752 // create, delete, move cohorts in system and course categories, 753 // (cohorts with component !== null can be only moved) 754 'moodle/cohort:manage' => array( 755 756 'captype' => 'write', 757 'contextlevel' => CONTEXT_COURSECAT, 758 'archetypes' => array( 759 'manager' => CAP_ALLOW 760 ) 761 ), 762 763 // add and remove cohort members (only for cohorts where component !== null) 764 'moodle/cohort:assign' => array( 765 766 'captype' => 'write', 767 'contextlevel' => CONTEXT_COURSECAT, 768 'archetypes' => array( 769 'manager' => CAP_ALLOW 770 ) 771 ), 772 773 // View visible and hidden cohorts defined in the current context. 774 'moodle/cohort:view' => array( 775 776 'captype' => 'read', 777 'contextlevel' => CONTEXT_COURSE, 778 'archetypes' => array( 779 'editingteacher' => CAP_ALLOW, 780 'manager' => CAP_ALLOW 781 ) 782 ), 783 784 'moodle/course:create' => array( 785 786 'riskbitmask' => RISK_XSS, 787 788 'captype' => 'write', 789 'contextlevel' => CONTEXT_COURSECAT, 790 'archetypes' => array( 791 'coursecreator' => CAP_ALLOW, 792 'manager' => CAP_ALLOW 793 ) 794 ), 795 796 'moodle/course:creategroupconversations' => array( 797 'riskbitmask' => RISK_XSS, 798 'captype' => 'write', 799 'contextlevel' => CONTEXT_COURSE, 800 'archetypes' => array( 801 'editingteacher' => CAP_ALLOW, 802 'manager' => CAP_ALLOW 803 ) 804 ), 805 806 'moodle/course:request' => array( 807 'captype' => 'write', 808 'contextlevel' => CONTEXT_COURSECAT, 809 ), 810 811 'moodle/course:delete' => array( 812 813 'riskbitmask' => RISK_DATALOSS, 814 815 'captype' => 'write', 816 'contextlevel' => CONTEXT_COURSE, 817 'archetypes' => array( 818 'manager' => CAP_ALLOW 819 ) 820 ), 821 822 'moodle/course:update' => array( 823 824 'riskbitmask' => RISK_XSS, 825 826 'captype' => 'write', 827 'contextlevel' => CONTEXT_COURSE, 828 'archetypes' => array( 829 'editingteacher' => CAP_ALLOW, 830 'manager' => CAP_ALLOW 831 ) 832 ), 833 834 'moodle/course:view' => array( 835 836 'captype' => 'read', 837 'contextlevel' => CONTEXT_COURSE, 838 'archetypes' => array( 839 'manager' => CAP_ALLOW, 840 ) 841 ), 842 843 /* review course enrolments - no group restrictions, it is really full access to all participants info*/ 844 'moodle/course:enrolreview' => array( 845 846 'riskbitmask' => RISK_PERSONAL, 847 848 'captype' => 'read', 849 'contextlevel' => CONTEXT_COURSE, 850 'archetypes' => array( 851 'editingteacher' => CAP_ALLOW, 852 'manager' => CAP_ALLOW, 853 ) 854 ), 855 856 /* add, remove, hide enrol instances in courses */ 857 'moodle/course:enrolconfig' => array( 858 859 'riskbitmask' => RISK_PERSONAL, 860 861 'captype' => 'write', 862 'contextlevel' => CONTEXT_COURSE, 863 'archetypes' => array( 864 'editingteacher' => CAP_ALLOW, 865 'manager' => CAP_ALLOW, 866 ) 867 ), 868 869 'moodle/course:reviewotherusers' => array( 870 871 'captype' => 'read', 872 'contextlevel' => CONTEXT_COURSE, 873 'archetypes' => array( 874 'editingteacher' => CAP_ALLOW, 875 'manager' => CAP_ALLOW, 876 ), 877 'clonepermissionsfrom' => 'moodle/role:assign' 878 ), 879 880 'moodle/course:bulkmessaging' => array( 881 882 'riskbitmask' => RISK_SPAM, 883 884 'captype' => 'write', 885 'contextlevel' => CONTEXT_COURSE, 886 'archetypes' => array( 887 'teacher' => CAP_ALLOW, 888 'editingteacher' => CAP_ALLOW, 889 'manager' => CAP_ALLOW 890 ) 891 ), 892 893 'moodle/course:viewhiddenuserfields' => array( 894 895 'riskbitmask' => RISK_PERSONAL, 896 897 'captype' => 'read', 898 'contextlevel' => CONTEXT_COURSE, 899 'archetypes' => array( 900 'teacher' => CAP_ALLOW, 901 'editingteacher' => CAP_ALLOW, 902 'manager' => CAP_ALLOW 903 ) 904 ), 905 906 'moodle/course:viewhiddencourses' => array( 907 908 'captype' => 'read', 909 'contextlevel' => CONTEXT_COURSE, 910 'archetypes' => array( 911 'coursecreator' => CAP_ALLOW, 912 'teacher' => CAP_ALLOW, 913 'editingteacher' => CAP_ALLOW, 914 'manager' => CAP_ALLOW 915 ) 916 ), 917 918 'moodle/course:visibility' => array( 919 920 'captype' => 'write', 921 'contextlevel' => CONTEXT_COURSE, 922 'archetypes' => array( 923 'editingteacher' => CAP_ALLOW, 924 'manager' => CAP_ALLOW 925 ) 926 ), 927 928 'moodle/course:managefiles' => array( 929 930 'riskbitmask' => RISK_XSS, 931 932 'captype' => 'write', 933 'contextlevel' => CONTEXT_COURSE, 934 'archetypes' => array( 935 'editingteacher' => CAP_ALLOW, 936 'manager' => CAP_ALLOW 937 ) 938 ), 939 940 'moodle/course:ignoreavailabilityrestrictions' => array( 941 'captype' => 'read', 942 'contextlevel' => CONTEXT_MODULE, 943 'archetypes' => array( 944 'manager' => CAP_ALLOW, 945 'coursecreator' => CAP_ALLOW, 946 'editingteacher' => CAP_ALLOW, 947 'teacher' => CAP_ALLOW, 948 ), 949 'clonepermissionsfrom' => 'moodle/course:viewhiddenactivities' 950 ), 951 952 'moodle/course:ignorefilesizelimits' => array( 953 954 'captype' => 'write', 955 'contextlevel' => CONTEXT_COURSE, 956 'archetypes' => array( 957 ) 958 ), 959 960 'moodle/course:manageactivities' => array( 961 962 'riskbitmask' => RISK_XSS, 963 964 'captype' => 'write', 965 'contextlevel' => CONTEXT_MODULE, 966 'archetypes' => array( 967 'editingteacher' => CAP_ALLOW, 968 'manager' => CAP_ALLOW 969 ) 970 ), 971 972 'moodle/course:activityvisibility' => array( 973 974 'captype' => 'write', 975 'contextlevel' => CONTEXT_MODULE, 976 'archetypes' => array( 977 'editingteacher' => CAP_ALLOW, 978 'manager' => CAP_ALLOW 979 ) 980 ), 981 982 'moodle/course:viewhiddenactivities' => array( 983 984 'captype' => 'read', 985 'contextlevel' => CONTEXT_MODULE, 986 'archetypes' => array( 987 'teacher' => CAP_ALLOW, 988 'editingteacher' => CAP_ALLOW, 989 'manager' => CAP_ALLOW 990 ) 991 ), 992 993 'moodle/course:viewparticipants' => array( 994 995 'captype' => 'read', 996 'contextlevel' => CONTEXT_COURSE, 997 'archetypes' => array( 998 'student' => CAP_ALLOW, 999 'teacher' => CAP_ALLOW, 1000 'editingteacher' => CAP_ALLOW, 1001 'manager' => CAP_ALLOW 1002 ) 1003 ), 1004 1005 'moodle/course:changefullname' => array( 1006 1007 'riskbitmask' => RISK_XSS, 1008 1009 'captype' => 'write', 1010 'contextlevel' => CONTEXT_COURSE, 1011 'archetypes' => array( 1012 'editingteacher' => CAP_ALLOW, 1013 'manager' => CAP_ALLOW 1014 ), 1015 'clonepermissionsfrom' => 'moodle/course:update' 1016 ), 1017 1018 'moodle/course:changeshortname' => array( 1019 1020 'riskbitmask' => RISK_XSS, 1021 1022 'captype' => 'write', 1023 'contextlevel' => CONTEXT_COURSE, 1024 'archetypes' => array( 1025 'editingteacher' => CAP_ALLOW, 1026 'manager' => CAP_ALLOW 1027 ), 1028 'clonepermissionsfrom' => 'moodle/course:update' 1029 ), 1030 1031 'moodle/course:changelockedcustomfields' => array( 1032 1033 'riskbitmask' => RISK_SPAM, 1034 1035 'captype' => 'write', 1036 'contextlevel' => CONTEXT_COURSE, 1037 'archetypes' => array( 1038 'manager' => CAP_ALLOW 1039 ), 1040 ), 1041 1042 'moodle/course:configurecustomfields' => array( 1043 1044 'riskbitmask' => RISK_SPAM, 1045 1046 'captype' => 'write', 1047 'contextlevel' => CONTEXT_SYSTEM, 1048 'clonepermissionsfrom' => 'moodle/site:config' 1049 ), 1050 1051 'moodle/course:renameroles' => array( 1052 'captype' => 'write', 1053 'contextlevel' => CONTEXT_COURSE, 1054 'archetypes' => array( 1055 'editingteacher' => CAP_ALLOW, 1056 'manager' => CAP_ALLOW 1057 ), 1058 'clonepermissionsfrom' => 'moodle/course:update' 1059 ), 1060 1061 'moodle/course:changeidnumber' => array( 1062 1063 'riskbitmask' => RISK_XSS, 1064 1065 'captype' => 'write', 1066 'contextlevel' => CONTEXT_COURSE, 1067 'archetypes' => array( 1068 'editingteacher' => CAP_ALLOW, 1069 'manager' => CAP_ALLOW 1070 ), 1071 'clonepermissionsfrom' => 'moodle/course:update' 1072 ), 1073 'moodle/course:changecategory' => array( 1074 'riskbitmask' => RISK_XSS, 1075 1076 'captype' => 'write', 1077 'contextlevel' => CONTEXT_COURSE, 1078 'archetypes' => array( 1079 'editingteacher' => CAP_ALLOW, 1080 'manager' => CAP_ALLOW 1081 ), 1082 'clonepermissionsfrom' => 'moodle/course:update' 1083 ), 1084 1085 'moodle/course:changesummary' => array( 1086 'riskbitmask' => RISK_XSS, 1087 1088 'captype' => 'write', 1089 'contextlevel' => CONTEXT_COURSE, 1090 'archetypes' => array( 1091 'editingteacher' => CAP_ALLOW, 1092 'manager' => CAP_ALLOW 1093 ), 1094 'clonepermissionsfrom' => 'moodle/course:update' 1095 ), 1096 1097 'moodle/course:setforcedlanguage' => array( 1098 'captype' => 'write', 1099 'contextlevel' => CONTEXT_COURSE, 1100 'archetypes' => array( 1101 'editingteacher' => CAP_ALLOW, 1102 'manager' => CAP_ALLOW 1103 ), 1104 'clonepermissionsfrom' => 'moodle/course:update' 1105 ), 1106 1107 1108 'moodle/site:viewparticipants' => array( 1109 1110 'captype' => 'read', 1111 'contextlevel' => CONTEXT_SYSTEM, 1112 'archetypes' => array( 1113 'manager' => CAP_ALLOW 1114 ) 1115 ), 1116 1117 'moodle/course:isincompletionreports' => array( 1118 'captype' => 'read', 1119 'contextlevel' => CONTEXT_COURSE, 1120 'archetypes' => array( 1121 'student' => CAP_ALLOW, 1122 ), 1123 ), 1124 1125 'moodle/course:viewscales' => array( 1126 1127 'captype' => 'read', 1128 'contextlevel' => CONTEXT_COURSE, 1129 'archetypes' => array( 1130 'student' => CAP_ALLOW, 1131 'teacher' => CAP_ALLOW, 1132 'editingteacher' => CAP_ALLOW, 1133 'manager' => CAP_ALLOW 1134 ) 1135 ), 1136 1137 'moodle/course:managescales' => array( 1138 1139 'captype' => 'write', 1140 'contextlevel' => CONTEXT_COURSE, 1141 'archetypes' => array( 1142 'editingteacher' => CAP_ALLOW, 1143 'manager' => CAP_ALLOW 1144 ) 1145 ), 1146 1147 'moodle/course:managegroups' => array( 1148 'riskbitmask' => RISK_XSS, 1149 1150 'captype' => 'write', 1151 'contextlevel' => CONTEXT_COURSE, 1152 'archetypes' => array( 1153 'editingteacher' => CAP_ALLOW, 1154 'manager' => CAP_ALLOW 1155 ) 1156 ), 1157 1158 'moodle/course:reset' => array( 1159 1160 'riskbitmask' => RISK_DATALOSS, 1161 1162 'captype' => 'write', 1163 'contextlevel' => CONTEXT_COURSE, 1164 'archetypes' => array( 1165 'editingteacher' => CAP_ALLOW, 1166 'manager' => CAP_ALLOW 1167 ) 1168 ), 1169 1170 'moodle/course:viewsuspendedusers' => array( 1171 1172 'captype' => 'read', 1173 'contextlevel' => CONTEXT_COURSE, 1174 'archetypes' => array( 1175 'editingteacher' => CAP_ALLOW, 1176 'manager' => CAP_ALLOW 1177 ) 1178 ), 1179 1180 'moodle/course:tag' => array( 1181 'riskbitmask' => RISK_SPAM, 1182 'captype' => 'write', 1183 'contextlevel' => CONTEXT_COURSE, 1184 'archetypes' => array( 1185 'manager' => CAP_ALLOW, 1186 'editingteacher' => CAP_ALLOW, 1187 ), 1188 'clonepermissionsfrom' => 'moodle/course:update' 1189 ), 1190 1191 'moodle/blog:view' => array( 1192 1193 'captype' => 'read', 1194 'contextlevel' => CONTEXT_SYSTEM, 1195 'archetypes' => array( 1196 'guest' => CAP_ALLOW, 1197 'user' => CAP_ALLOW, 1198 'student' => CAP_ALLOW, 1199 'teacher' => CAP_ALLOW, 1200 'editingteacher' => CAP_ALLOW, 1201 'manager' => CAP_ALLOW 1202 ) 1203 ), 1204 1205 'moodle/blog:search' => array( 1206 'captype' => 'read', 1207 'contextlevel' => CONTEXT_SYSTEM, 1208 'archetypes' => array( 1209 'guest' => CAP_ALLOW, 1210 'user' => CAP_ALLOW, 1211 'student' => CAP_ALLOW, 1212 'teacher' => CAP_ALLOW, 1213 'editingteacher' => CAP_ALLOW, 1214 'manager' => CAP_ALLOW 1215 ) 1216 ), 1217 1218 'moodle/blog:viewdrafts' => array( 1219 1220 'riskbitmask' => RISK_PERSONAL, 1221 'captype' => 'read', 1222 'contextlevel' => CONTEXT_SYSTEM, 1223 'archetypes' => array( 1224 'manager' => CAP_ALLOW 1225 ) 1226 ), 1227 1228 'moodle/blog:create' => array( // works in CONTEXT_SYSTEM only 1229 1230 'riskbitmask' => RISK_SPAM, 1231 1232 'captype' => 'write', 1233 'contextlevel' => CONTEXT_SYSTEM, 1234 'archetypes' => array( 1235 'user' => CAP_ALLOW, 1236 'manager' => CAP_ALLOW 1237 ) 1238 ), 1239 1240 'moodle/blog:manageentries' => array( 1241 1242 'riskbitmask' => RISK_SPAM, 1243 1244 'captype' => 'write', 1245 'contextlevel' => CONTEXT_SYSTEM, 1246 'archetypes' => array( 1247 'teacher' => CAP_ALLOW, 1248 'editingteacher' => CAP_ALLOW, 1249 'manager' => CAP_ALLOW 1250 ) 1251 ), 1252 1253 'moodle/blog:manageexternal' => array( 1254 1255 'riskbitmask' => RISK_SPAM, 1256 1257 'captype' => 'write', 1258 'contextlevel' => CONTEXT_SYSTEM, 1259 'archetypes' => array( 1260 'student' => CAP_ALLOW, 1261 'user' => CAP_ALLOW, 1262 'teacher' => CAP_ALLOW, 1263 'editingteacher' => CAP_ALLOW, 1264 'manager' => CAP_ALLOW 1265 ) 1266 ), 1267 1268 'moodle/calendar:manageownentries' => array( // works in CONTEXT_SYSTEM only 1269 1270 'riskbitmask' => RISK_SPAM, 1271 1272 'captype' => 'write', 1273 'contextlevel' => CONTEXT_COURSE, 1274 'archetypes' => array( 1275 'user' => CAP_ALLOW, 1276 'manager' => CAP_ALLOW 1277 ) 1278 ), 1279 1280 'moodle/calendar:managegroupentries' => array( 1281 1282 'riskbitmask' => RISK_SPAM, 1283 1284 'captype' => 'write', 1285 'contextlevel' => CONTEXT_COURSE, 1286 'archetypes' => array( 1287 'teacher' => CAP_ALLOW, 1288 'editingteacher' => CAP_ALLOW, 1289 'manager' => CAP_ALLOW 1290 ) 1291 ), 1292 1293 'moodle/calendar:manageentries' => array( 1294 1295 'riskbitmask' => RISK_SPAM, 1296 1297 'captype' => 'write', 1298 'contextlevel' => CONTEXT_COURSE, 1299 'archetypes' => array( 1300 'teacher' => CAP_ALLOW, 1301 'editingteacher' => CAP_ALLOW, 1302 'manager' => CAP_ALLOW 1303 ) 1304 ), 1305 1306 'moodle/user:editprofile' => array( 1307 1308 'riskbitmask' => RISK_SPAM | RISK_PERSONAL, 1309 1310 'captype' => 'write', 1311 'contextlevel' => CONTEXT_USER, 1312 'archetypes' => array( 1313 'manager' => CAP_ALLOW 1314 ) 1315 ), 1316 1317 'moodle/user:editownprofile' => array( 1318 1319 'riskbitmask' => RISK_SPAM, 1320 1321 'captype' => 'write', 1322 'contextlevel' => CONTEXT_SYSTEM, 1323 'archetypes' => array( 1324 'guest' => CAP_PROHIBIT, 1325 'user' => CAP_ALLOW, 1326 'manager' => CAP_ALLOW 1327 ) 1328 ), 1329 1330 'moodle/user:changeownpassword' => array( 1331 1332 'captype' => 'write', 1333 'contextlevel' => CONTEXT_SYSTEM, 1334 'archetypes' => array( 1335 'guest' => CAP_PROHIBIT, 1336 'user' => CAP_ALLOW, 1337 'manager' => CAP_ALLOW 1338 ) 1339 ), 1340 1341 // The next 3 might make no sense for some roles, e.g teacher, etc. 1342 // since the next level up is site. These are more for the parent role 1343 'moodle/user:readuserposts' => array( 1344 1345 'captype' => 'read', 1346 'contextlevel' => CONTEXT_USER, 1347 'archetypes' => array( 1348 'student' => CAP_ALLOW, 1349 'teacher' => CAP_ALLOW, 1350 'editingteacher' => CAP_ALLOW, 1351 'manager' => CAP_ALLOW 1352 ) 1353 ), 1354 1355 'moodle/user:readuserblogs' => array( 1356 1357 'captype' => 'read', 1358 'contextlevel' => CONTEXT_USER, 1359 'archetypes' => array( 1360 'student' => CAP_ALLOW, 1361 'teacher' => CAP_ALLOW, 1362 'editingteacher' => CAP_ALLOW, 1363 'manager' => CAP_ALLOW 1364 ) 1365 ), 1366 1367 // designed for parent role - not used in legacy roles 1368 'moodle/user:viewuseractivitiesreport' => array( 1369 'riskbitmask' => RISK_PERSONAL, 1370 1371 'captype' => 'read', 1372 'contextlevel' => CONTEXT_USER, 1373 'archetypes' => array( 1374 ) 1375 ), 1376 1377 //capabilities designed for the new message system configuration 1378 'moodle/user:editmessageprofile' => array( 1379 1380 'riskbitmask' => RISK_SPAM, 1381 1382 'captype' => 'write', 1383 'contextlevel' => CONTEXT_USER, 1384 'archetypes' => array( 1385 'manager' => CAP_ALLOW 1386 ) 1387 ), 1388 1389 'moodle/user:editownmessageprofile' => array( 1390 1391 'captype' => 'write', 1392 'contextlevel' => CONTEXT_SYSTEM, 1393 'archetypes' => array( 1394 'guest' => CAP_PROHIBIT, 1395 'user' => CAP_ALLOW, 1396 'manager' => CAP_ALLOW 1397 ) 1398 ), 1399 1400 'moodle/question:managecategory' => array( 1401 'riskbitmask' => RISK_SPAM | RISK_XSS, 1402 'captype' => 'write', 1403 'contextlevel' => CONTEXT_COURSE, 1404 'archetypes' => array( 1405 'editingteacher' => CAP_ALLOW, 1406 'manager' => CAP_ALLOW 1407 ) 1408 ), 1409 1410 //new in moodle 1.9 1411 'moodle/question:add' => array( 1412 'riskbitmask' => RISK_SPAM | RISK_XSS, 1413 'captype' => 'write', 1414 'contextlevel' => CONTEXT_COURSE, 1415 'archetypes' => array( 1416 'editingteacher' => CAP_ALLOW, 1417 'manager' => CAP_ALLOW 1418 ), 1419 'clonepermissionsfrom' => 'moodle/question:manage' 1420 ), 1421 'moodle/question:editmine' => array( 1422 'riskbitmask' => RISK_SPAM | RISK_XSS, 1423 'captype' => 'write', 1424 'contextlevel' => CONTEXT_COURSE, 1425 'archetypes' => array( 1426 'editingteacher' => CAP_ALLOW, 1427 'manager' => CAP_ALLOW 1428 ), 1429 'clonepermissionsfrom' => 'moodle/question:manage' 1430 ), 1431 'moodle/question:editall' => array( 1432 'riskbitmask' => RISK_SPAM | RISK_XSS, 1433 'captype' => 'write', 1434 'contextlevel' => CONTEXT_COURSE, 1435 'archetypes' => array( 1436 'editingteacher' => CAP_ALLOW, 1437 'manager' => CAP_ALLOW 1438 ), 1439 'clonepermissionsfrom' => 'moodle/question:manage' 1440 ), 1441 'moodle/question:viewmine' => array( 1442 'captype' => 'read', 1443 'contextlevel' => CONTEXT_COURSE, 1444 'archetypes' => array( 1445 'editingteacher' => CAP_ALLOW, 1446 'manager' => CAP_ALLOW 1447 ), 1448 'clonepermissionsfrom' => 'moodle/question:manage' 1449 ), 1450 'moodle/question:viewall' => array( 1451 'captype' => 'read', 1452 'contextlevel' => CONTEXT_COURSE, 1453 'archetypes' => array( 1454 'editingteacher' => CAP_ALLOW, 1455 'manager' => CAP_ALLOW 1456 ), 1457 'clonepermissionsfrom' => 'moodle/question:manage' 1458 ), 1459 'moodle/question:usemine' => array( 1460 'captype' => 'read', 1461 'contextlevel' => CONTEXT_COURSE, 1462 'archetypes' => array( 1463 'editingteacher' => CAP_ALLOW, 1464 'manager' => CAP_ALLOW 1465 ), 1466 'clonepermissionsfrom' => 'moodle/question:manage' 1467 ), 1468 'moodle/question:useall' => array( 1469 'captype' => 'read', 1470 'contextlevel' => CONTEXT_COURSE, 1471 'archetypes' => array( 1472 'editingteacher' => CAP_ALLOW, 1473 'manager' => CAP_ALLOW 1474 ), 1475 'clonepermissionsfrom' => 'moodle/question:manage' 1476 ), 1477 'moodle/question:movemine' => array( 1478 'captype' => 'write', 1479 'contextlevel' => CONTEXT_COURSE, 1480 'archetypes' => array( 1481 'editingteacher' => CAP_ALLOW, 1482 'manager' => CAP_ALLOW 1483 ), 1484 'clonepermissionsfrom' => 'moodle/question:manage' 1485 ), 1486 'moodle/question:moveall' => array( 1487 'captype' => 'write', 1488 'contextlevel' => CONTEXT_COURSE, 1489 'archetypes' => array( 1490 'editingteacher' => CAP_ALLOW, 1491 'manager' => CAP_ALLOW 1492 ), 1493 'clonepermissionsfrom' => 'moodle/question:manage' 1494 ), 1495 //END new in moodle 1.9 1496 1497 // Configure the installed question types. 1498 'moodle/question:config' => array( 1499 'riskbitmask' => RISK_CONFIG, 1500 'captype' => 'write', 1501 'contextlevel' => CONTEXT_SYSTEM, 1502 'archetypes' => array( 1503 'manager' => CAP_ALLOW 1504 ) 1505 ), 1506 1507 // While attempting questions, the ability to flag particular questions for later reference. 1508 'moodle/question:flag' => array( 1509 'captype' => 'write', 1510 'contextlevel' => CONTEXT_COURSE, 1511 'archetypes' => array( 1512 'student' => CAP_ALLOW, 1513 'teacher' => CAP_ALLOW, 1514 'editingteacher' => CAP_ALLOW, 1515 'manager' => CAP_ALLOW 1516 ) 1517 ), 1518 1519 // Controls whether the user can tag his own questions. 1520 'moodle/question:tagmine' => array( 1521 'captype' => 'write', 1522 'contextlevel' => CONTEXT_COURSE, 1523 'archetypes' => array( 1524 'editingteacher' => CAP_ALLOW, 1525 'manager' => CAP_ALLOW 1526 ), 1527 'clonepermissionsfrom' => 'moodle/question:editmine' 1528 ), 1529 1530 // Controls whether the user can tag all questions. 1531 'moodle/question:tagall' => array( 1532 'captype' => 'write', 1533 'contextlevel' => CONTEXT_COURSE, 1534 'archetypes' => array( 1535 'editingteacher' => CAP_ALLOW, 1536 'manager' => CAP_ALLOW 1537 ), 1538 'clonepermissionsfrom' => 'moodle/question:editall' 1539 ), 1540 1541 'moodle/site:doclinks' => array( 1542 'captype' => 'read', 1543 'contextlevel' => CONTEXT_SYSTEM, 1544 'archetypes' => array( 1545 'teacher' => CAP_ALLOW, 1546 'editingteacher' => CAP_ALLOW, 1547 'manager' => CAP_ALLOW 1548 ) 1549 ), 1550 1551 'moodle/course:sectionvisibility' => array( 1552 1553 'captype' => 'write', 1554 'contextlevel' => CONTEXT_COURSE, 1555 'archetypes' => array( 1556 'editingteacher' => CAP_ALLOW, 1557 'manager' => CAP_ALLOW 1558 ) 1559 ), 1560 1561 'moodle/course:useremail' => array( 1562 1563 'captype' => 'write', 1564 'contextlevel' => CONTEXT_COURSE, 1565 'archetypes' => array( 1566 'editingteacher' => CAP_ALLOW, 1567 'manager' => CAP_ALLOW 1568 ) 1569 ), 1570 1571 'moodle/course:viewhiddensections' => array( 1572 1573 'captype' => 'read', 1574 'contextlevel' => CONTEXT_COURSE, 1575 'archetypes' => array( 1576 'editingteacher' => CAP_ALLOW, 1577 'manager' => CAP_ALLOW 1578 ) 1579 ), 1580 1581 'moodle/course:setcurrentsection' => array( 1582 1583 'captype' => 'write', 1584 'contextlevel' => CONTEXT_COURSE, 1585 'archetypes' => array( 1586 'editingteacher' => CAP_ALLOW, 1587 'manager' => CAP_ALLOW 1588 ) 1589 ), 1590 1591 'moodle/course:movesections' => array( 1592 1593 'captype' => 'write', 1594 'contextlevel' => CONTEXT_COURSE, 1595 'archetypes' => array( 1596 'editingteacher' => CAP_ALLOW, 1597 'manager' => CAP_ALLOW 1598 ), 1599 'clonepermissionsfrom' => 'moodle/course:update' 1600 ), 1601 1602 'moodle/site:mnetlogintoremote' => array( 1603 1604 'captype' => 'read', 1605 'contextlevel' => CONTEXT_SYSTEM, 1606 'archetypes' => array( 1607 ) 1608 ), 1609 1610 'moodle/grade:viewall' => array( 1611 'riskbitmask' => RISK_PERSONAL, 1612 'captype' => 'read', 1613 'contextlevel' => CONTEXT_COURSE, // and CONTEXT_USER 1614 'archetypes' => array( 1615 'teacher' => CAP_ALLOW, 1616 'editingteacher' => CAP_ALLOW, 1617 'manager' => CAP_ALLOW 1618 ), 1619 'clonepermissionsfrom' => 'moodle/course:viewcoursegrades' 1620 ), 1621 1622 'moodle/grade:view' => array( 1623 'captype' => 'read', 1624 'contextlevel' => CONTEXT_COURSE, 1625 'archetypes' => array( 1626 'student' => CAP_ALLOW 1627 ) 1628 ), 1629 1630 'moodle/grade:viewhidden' => array( 1631 'riskbitmask' => RISK_PERSONAL, 1632 'captype' => 'read', 1633 'contextlevel' => CONTEXT_COURSE, 1634 'archetypes' => array( 1635 'teacher' => CAP_ALLOW, 1636 'editingteacher' => CAP_ALLOW, 1637 'manager' => CAP_ALLOW 1638 ), 1639 'clonepermissionsfrom' => 'moodle/course:viewcoursegrades' 1640 ), 1641 1642 'moodle/grade:import' => array( 1643 'riskbitmask' => RISK_PERSONAL | RISK_XSS, 1644 'captype' => 'write', 1645 'contextlevel' => CONTEXT_COURSE, 1646 'archetypes' => array( 1647 'editingteacher' => CAP_ALLOW, 1648 'manager' => CAP_ALLOW 1649 ), 1650 'clonepermissionsfrom' => 'moodle/course:managegrades' 1651 ), 1652 1653 'moodle/grade:export' => array( 1654 'riskbitmask' => RISK_PERSONAL, 1655 'captype' => 'read', 1656 'contextlevel' => CONTEXT_COURSE, 1657 'archetypes' => array( 1658 'teacher' => CAP_ALLOW, 1659 'editingteacher' => CAP_ALLOW, 1660 'manager' => CAP_ALLOW 1661 ), 1662 'clonepermissionsfrom' => 'moodle/course:managegrades' 1663 ), 1664 1665 'moodle/grade:manage' => array( 1666 'riskbitmask' => RISK_PERSONAL | RISK_XSS, 1667 'captype' => 'write', 1668 'contextlevel' => CONTEXT_COURSE, 1669 'archetypes' => array( 1670 'editingteacher' => CAP_ALLOW, 1671 'manager' => CAP_ALLOW 1672 ), 1673 'clonepermissionsfrom' => 'moodle/course:managegrades' 1674 ), 1675 1676 'moodle/grade:edit' => array( 1677 'riskbitmask' => RISK_PERSONAL | RISK_XSS, 1678 'captype' => 'write', 1679 'contextlevel' => CONTEXT_COURSE, 1680 'archetypes' => array( 1681 'editingteacher' => CAP_ALLOW, 1682 'manager' => CAP_ALLOW 1683 ), 1684 'clonepermissionsfrom' => 'moodle/course:managegrades' 1685 ), 1686 1687 // ability to define advanced grading forms in activities either from scratch 1688 // or from a shared template 1689 'moodle/grade:managegradingforms' => array( 1690 'riskbitmask' => RISK_PERSONAL | RISK_XSS, 1691 'captype' => 'write', 1692 'contextlevel' => CONTEXT_COURSE, 1693 'archetypes' => array( 1694 'editingteacher' => CAP_ALLOW, 1695 'manager' => CAP_ALLOW 1696 ), 1697 'clonepermissionsfrom' => 'moodle/course:managegrades' 1698 ), 1699 1700 // ability to save a grading form as a new shared template and eventually edit 1701 // and remove own templates (templates originally shared by that user) 1702 'moodle/grade:sharegradingforms' => array( 1703 'riskbitmask' => RISK_XSS, 1704 'captype' => 'write', 1705 'contextlevel' => CONTEXT_SYSTEM, 1706 'archetypes' => array( 1707 'manager' => CAP_ALLOW 1708 ), 1709 ), 1710 1711 // ability to edit and remove any shared template, even those originally shared 1712 // by other users 1713 'moodle/grade:managesharedforms' => array( 1714 'riskbitmask' => RISK_XSS, 1715 'captype' => 'write', 1716 'contextlevel' => CONTEXT_SYSTEM, 1717 'archetypes' => array( 1718 'manager' => CAP_ALLOW 1719 ), 1720 ), 1721 1722 'moodle/grade:manageoutcomes' => array( 1723 'captype' => 'write', 1724 'contextlevel' => CONTEXT_COURSE, 1725 'archetypes' => array( 1726 'editingteacher' => CAP_ALLOW, 1727 'manager' => CAP_ALLOW 1728 ), 1729 'clonepermissionsfrom' => 'moodle/course:managegrades' 1730 ), 1731 1732 'moodle/grade:manageletters' => array( 1733 'captype' => 'write', 1734 'contextlevel' => CONTEXT_COURSE, 1735 'archetypes' => array( 1736 'editingteacher' => CAP_ALLOW, 1737 'manager' => CAP_ALLOW 1738 ), 1739 'clonepermissionsfrom' => 'moodle/course:managegrades' 1740 ), 1741 1742 'moodle/grade:hide' => array( 1743 'captype' => 'write', 1744 'contextlevel' => CONTEXT_COURSE, 1745 'archetypes' => array( 1746 'editingteacher' => CAP_ALLOW, 1747 'manager' => CAP_ALLOW 1748 ) 1749 ), 1750 1751 'moodle/grade:lock' => array( 1752 'captype' => 'write', 1753 'contextlevel' => CONTEXT_COURSE, 1754 'archetypes' => array( 1755 'editingteacher' => CAP_ALLOW, 1756 'manager' => CAP_ALLOW 1757 ) 1758 ), 1759 1760 'moodle/grade:unlock' => array( 1761 'captype' => 'write', 1762 'contextlevel' => CONTEXT_COURSE, 1763 'archetypes' => array( 1764 'editingteacher' => CAP_ALLOW, 1765 'manager' => CAP_ALLOW 1766 ) 1767 ), 1768 1769 'moodle/my:manageblocks' => array( 1770 'captype' => 'write', 1771 'contextlevel' => CONTEXT_SYSTEM, 1772 'archetypes' => array( 1773 'user' => CAP_ALLOW 1774 ) 1775 ), 1776 1777 'moodle/notes:view' => array( 1778 'captype' => 'read', 1779 'contextlevel' => CONTEXT_COURSE, 1780 'archetypes' => array( 1781 'teacher' => CAP_ALLOW, 1782 'editingteacher' => CAP_ALLOW, 1783 'manager' => CAP_ALLOW 1784 ) 1785 ), 1786 1787 'moodle/notes:manage' => array( 1788 'riskbitmask' => RISK_SPAM, 1789 1790 'captype' => 'write', 1791 'contextlevel' => CONTEXT_COURSE, 1792 'archetypes' => array( 1793 'teacher' => CAP_ALLOW, 1794 'editingteacher' => CAP_ALLOW, 1795 'manager' => CAP_ALLOW 1796 ) 1797 ), 1798 1799 'moodle/tag:manage' => array( 1800 'riskbitmask' => RISK_SPAM, 1801 1802 'captype' => 'write', 1803 'contextlevel' => CONTEXT_SYSTEM, 1804 'archetypes' => array( 1805 'manager' => CAP_ALLOW 1806 ) 1807 ), 1808 1809 'moodle/tag:edit' => array( 1810 'riskbitmask' => RISK_SPAM, 1811 1812 'captype' => 'write', 1813 'contextlevel' => CONTEXT_SYSTEM, 1814 'archetypes' => array( 1815 'manager' => CAP_ALLOW 1816 ) 1817 ), 1818 1819 'moodle/tag:flag' => array( 1820 'riskbitmask' => RISK_SPAM, 1821 1822 'captype' => 'write', 1823 'contextlevel' => CONTEXT_SYSTEM, 1824 'archetypes' => array( 1825 'user' => CAP_ALLOW 1826 ) 1827 ), 1828 1829 'moodle/tag:editblocks' => array( 1830 'captype' => 'write', 1831 'contextlevel' => CONTEXT_SYSTEM, 1832 'archetypes' => array( 1833 'teacher' => CAP_ALLOW, 1834 'editingteacher' => CAP_ALLOW, 1835 'manager' => CAP_ALLOW 1836 ) 1837 ), 1838 1839 'moodle/block:view' => array( 1840 'captype' => 'read', 1841 'contextlevel' => CONTEXT_BLOCK, 1842 'archetypes' => array( 1843 'guest' => CAP_ALLOW, 1844 'user' => CAP_ALLOW, 1845 'student' => CAP_ALLOW, 1846 'teacher' => CAP_ALLOW, 1847 'editingteacher' => CAP_ALLOW, 1848 ) 1849 ), 1850 1851 'moodle/block:edit' => array( 1852 'riskbitmask' => RISK_SPAM | RISK_XSS, 1853 1854 'captype' => 'write', 1855 'contextlevel' => CONTEXT_BLOCK, 1856 'archetypes' => array( 1857 'editingteacher' => CAP_ALLOW, 1858 'manager' => CAP_ALLOW 1859 ) 1860 ), 1861 1862 'moodle/portfolio:export' => array( 1863 'captype' => 'read', 1864 'contextlevel' => CONTEXT_SYSTEM, 1865 'archetypes' => array( 1866 'user' => CAP_ALLOW, 1867 'student' => CAP_ALLOW, 1868 'teacher' => CAP_ALLOW, 1869 'editingteacher' => CAP_ALLOW, 1870 ) 1871 ), 1872 'moodle/comment:view' => array( 1873 'captype' => 'read', 1874 'contextlevel' => CONTEXT_COURSE, 1875 'archetypes' => array( 1876 'frontpage' => CAP_ALLOW, 1877 'guest' => CAP_ALLOW, 1878 'user' => CAP_ALLOW, 1879 'student' => CAP_ALLOW, 1880 'teacher' => CAP_ALLOW, 1881 'editingteacher' => CAP_ALLOW, 1882 'manager' => CAP_ALLOW 1883 ) 1884 ), 1885 'moodle/comment:post' => array( 1886 1887 'riskbitmask' => RISK_SPAM | RISK_PERSONAL, 1888 'captype' => 'write', 1889 'contextlevel' => CONTEXT_COURSE, 1890 'archetypes' => array( 1891 'user' => CAP_ALLOW, 1892 'student' => CAP_ALLOW, 1893 'teacher' => CAP_ALLOW, 1894 'editingteacher' => CAP_ALLOW, 1895 'manager' => CAP_ALLOW 1896 ) 1897 ), 1898 'moodle/comment:delete' => array( 1899 1900 'riskbitmask' => RISK_DATALOSS, 1901 'captype' => 'write', 1902 'contextlevel' => CONTEXT_COURSE, 1903 'archetypes' => array( 1904 'editingteacher' => CAP_ALLOW, 1905 'manager' => CAP_ALLOW 1906 ) 1907 ), 1908 'moodle/webservice:createtoken' => array( 1909 1910 'riskbitmask' => RISK_CONFIG | RISK_DATALOSS | RISK_SPAM | RISK_PERSONAL | RISK_XSS, 1911 'captype' => 'write', 1912 'contextlevel' => CONTEXT_SYSTEM, 1913 'archetypes' => array( 1914 'manager' => CAP_ALLOW 1915 ) 1916 ), 1917 'moodle/webservice:managealltokens' => array( 1918 1919 'riskbitmask' => RISK_CONFIG | RISK_DATALOSS | RISK_PERSONAL, 1920 'captype' => 'write', 1921 'contextlevel' => CONTEXT_SYSTEM, 1922 'archetypes' => array() 1923 ), 1924 'moodle/webservice:createmobiletoken' => array( 1925 1926 'riskbitmask' => RISK_SPAM | RISK_PERSONAL, 1927 'captype' => 'write', 1928 'contextlevel' => CONTEXT_SYSTEM, 1929 'archetypes' => array( 1930 'user' => CAP_ALLOW 1931 ) 1932 ), 1933 'moodle/rating:view' => array( 1934 1935 'captype' => 'read', 1936 'contextlevel' => CONTEXT_COURSE, 1937 'archetypes' => array( 1938 'user' => CAP_ALLOW, 1939 'student' => CAP_ALLOW, 1940 'teacher' => CAP_ALLOW, 1941 'editingteacher' => CAP_ALLOW, 1942 'manager' => CAP_ALLOW 1943 ) 1944 ), 1945 'moodle/rating:viewany' => array( 1946 1947 'riskbitmask' => RISK_PERSONAL, 1948 'captype' => 'read', 1949 'contextlevel' => CONTEXT_COURSE, 1950 'archetypes' => array( 1951 'user' => CAP_ALLOW, 1952 'student' => CAP_ALLOW, 1953 'teacher' => CAP_ALLOW, 1954 'editingteacher' => CAP_ALLOW, 1955 'manager' => CAP_ALLOW 1956 ) 1957 ), 1958 'moodle/rating:viewall' => array( 1959 1960 'riskbitmask' => RISK_PERSONAL, 1961 'captype' => 'read', 1962 'contextlevel' => CONTEXT_COURSE, 1963 'archetypes' => array( 1964 'user' => CAP_ALLOW, 1965 'student' => CAP_ALLOW, 1966 'teacher' => CAP_ALLOW, 1967 'editingteacher' => CAP_ALLOW, 1968 'manager' => CAP_ALLOW 1969 ) 1970 ), 1971 'moodle/rating:rate' => array( 1972 1973 'captype' => 'write', 1974 'contextlevel' => CONTEXT_COURSE, 1975 'archetypes' => array( 1976 'user' => CAP_ALLOW, 1977 'student' => CAP_ALLOW, 1978 'teacher' => CAP_ALLOW, 1979 'editingteacher' => CAP_ALLOW, 1980 'manager' => CAP_ALLOW 1981 ) 1982 ), 1983 'moodle/course:markcomplete' => array( 1984 'captype' => 'write', 1985 'contextlevel' => CONTEXT_COURSE, 1986 'archetypes' => array( 1987 'teacher' => CAP_ALLOW, 1988 'editingteacher' => CAP_ALLOW, 1989 'manager' => CAP_ALLOW 1990 ) 1991 ), 1992 'moodle/course:overridecompletion' => array( 1993 'captype' => 'write', 1994 'contextlevel' => CONTEXT_COURSE, 1995 'archetypes' => array( 1996 'teacher' => CAP_ALLOW, 1997 'editingteacher' => CAP_ALLOW, 1998 'manager' => CAP_ALLOW 1999 ) 2000 ), 2001 2002 // Badges. 2003 'moodle/badges:manageglobalsettings' => array( 2004 'riskbitmask' => RISK_DATALOSS | RISK_CONFIG, 2005 'captype' => 'write', 2006 'contextlevel' => CONTEXT_SYSTEM, 2007 'archetypes' => array( 2008 'manager' => CAP_ALLOW, 2009 ) 2010 ), 2011 2012 // View available badges without earning them. 2013 'moodle/badges:viewbadges' => array( 2014 'captype' => 'read', 2015 'contextlevel' => CONTEXT_COURSE, 2016 'archetypes' => array( 2017 'user' => CAP_ALLOW, 2018 ) 2019 ), 2020 2021 // Manage badges on own private badges page. 2022 'moodle/badges:manageownbadges' => array( 2023 'riskbitmap' => RISK_SPAM, 2024 'captype' => 'write', 2025 'contextlevel' => CONTEXT_USER, 2026 'archetypes' => array( 2027 'user' => CAP_ALLOW 2028 ) 2029 ), 2030 2031 // View public badges in other users' profiles. 2032 'moodle/badges:viewotherbadges' => array( 2033 'riskbitmap' => RISK_PERSONAL, 2034 'captype' => 'read', 2035 'contextlevel' => CONTEXT_USER, 2036 'archetypes' => array( 2037 'user' => CAP_ALLOW 2038 ) 2039 ), 2040 2041 // Earn badge. 2042 'moodle/badges:earnbadge' => array( 2043 'captype' => 'write', 2044 'contextlevel' => CONTEXT_COURSE, 2045 'archetypes' => array( 2046 'user' => CAP_ALLOW, 2047 ) 2048 ), 2049 2050 // Create/duplicate badges. 2051 'moodle/badges:createbadge' => array( 2052 'riskbitmask' => RISK_SPAM, 2053 'captype' => 'write', 2054 'contextlevel' => CONTEXT_COURSE, 2055 'archetypes' => array( 2056 'manager' => CAP_ALLOW, 2057 'editingteacher' => CAP_ALLOW, 2058 ) 2059 ), 2060 2061 // Delete badges. 2062 'moodle/badges:deletebadge' => array( 2063 'riskbitmask' => RISK_DATALOSS, 2064 'captype' => 'write', 2065 'contextlevel' => CONTEXT_COURSE, 2066 'archetypes' => array( 2067 'manager' => CAP_ALLOW, 2068 'editingteacher' => CAP_ALLOW, 2069 ) 2070 ), 2071 2072 // Set up/edit badge details. 2073 'moodle/badges:configuredetails' => array( 2074 'riskbitmask' => RISK_SPAM, 2075 'captype' => 'write', 2076 'contextlevel' => CONTEXT_COURSE, 2077 'archetypes' => array( 2078 'manager' => CAP_ALLOW, 2079 'editingteacher' => CAP_ALLOW, 2080 ) 2081 ), 2082 2083 // Set up/edit criteria of earning a badge. 2084 'moodle/badges:configurecriteria' => array( 2085 'riskbitmask' => RISK_XSS, 2086 'captype' => 'write', 2087 'contextlevel' => CONTEXT_COURSE, 2088 'archetypes' => array( 2089 'manager' => CAP_ALLOW, 2090 'editingteacher' => CAP_ALLOW, 2091 ) 2092 ), 2093 2094 // Configure badge messages. 2095 'moodle/badges:configuremessages' => array( 2096 'riskbitmask' => RISK_SPAM, 2097 'captype' => 'write', 2098 'contextlevel' => CONTEXT_COURSE, 2099 'archetypes' => array( 2100 'manager' => CAP_ALLOW, 2101 'editingteacher' => CAP_ALLOW, 2102 ) 2103 ), 2104 2105 // Award badge to a user. 2106 'moodle/badges:awardbadge' => array( 2107 'riskbitmask' => RISK_SPAM, 2108 'captype' => 'write', 2109 'contextlevel' => CONTEXT_COURSE, 2110 'archetypes' => array( 2111 'manager' => CAP_ALLOW, 2112 'teacher' => CAP_ALLOW, 2113 'editingteacher' => CAP_ALLOW, 2114 ) 2115 ), 2116 2117 // Revoke badge from a user. 2118 'moodle/badges:revokebadge' => array( 2119 'riskbitmask' => RISK_SPAM, 2120 'captype' => 'write', 2121 'contextlevel' => CONTEXT_COURSE, 2122 'archetypes' => array( 2123 'manager' => CAP_ALLOW, 2124 'teacher' => CAP_ALLOW, 2125 'editingteacher' => CAP_ALLOW, 2126 ) 2127 ), 2128 2129 // View users who earned a specific badge without being able to award a badge. 2130 'moodle/badges:viewawarded' => array( 2131 'riskbitmask' => RISK_PERSONAL, 2132 'captype' => 'read', 2133 'contextlevel' => CONTEXT_COURSE, 2134 'archetypes' => array( 2135 'manager' => CAP_ALLOW, 2136 'teacher' => CAP_ALLOW, 2137 'editingteacher' => CAP_ALLOW, 2138 ) 2139 ), 2140 2141 'moodle/site:forcelanguage' => array( 2142 'captype' => 'read', 2143 'contextlevel' => CONTEXT_SYSTEM, 2144 'archetypes' => array( 2145 ) 2146 ), 2147 2148 // Perform site-wide search queries through the search API. 2149 'moodle/search:query' => array( 2150 'captype' => 'read', 2151 'contextlevel' => CONTEXT_SYSTEM, 2152 'archetypes' => array( 2153 'guest' => CAP_ALLOW, 2154 'user' => CAP_ALLOW, 2155 'student' => CAP_ALLOW, 2156 'teacher' => CAP_ALLOW, 2157 'editingteacher' => CAP_ALLOW, 2158 'manager' => CAP_ALLOW 2159 ) 2160 ), 2161 2162 // Competencies. 2163 'moodle/competency:competencymanage' => array( 2164 'captype' => 'write', 2165 'contextlevel' => CONTEXT_COURSECAT, 2166 'archetypes' => array( 2167 'manager' => CAP_ALLOW 2168 ) 2169 ), 2170 'moodle/competency:competencyview' => array( 2171 'captype' => 'read', 2172 'contextlevel' => CONTEXT_COURSECAT, 2173 'archetypes' => array( 2174 'user' => CAP_ALLOW 2175 ), 2176 ), 2177 'moodle/competency:competencygrade' => array( 2178 'captype' => 'write', 2179 'contextlevel' => CONTEXT_COURSE, // And CONTEXT_USER. 2180 'archetypes' => array( 2181 'editingteacher' => CAP_ALLOW, 2182 'teacher' => CAP_ALLOW, 2183 'manager' => CAP_ALLOW 2184 ), 2185 ), 2186 // Course competencies. 2187 'moodle/competency:coursecompetencymanage' => array( 2188 'captype' => 'write', 2189 'contextlevel' => CONTEXT_COURSE, 2190 'archetypes' => array( 2191 'editingteacher' => CAP_ALLOW, 2192 'manager' => CAP_ALLOW 2193 ), 2194 ), 2195 'moodle/competency:coursecompetencyconfigure' => array( 2196 'captype' => 'write', 2197 'contextlevel' => CONTEXT_MODULE, 2198 'archetypes' => array( 2199 'manager' => CAP_ALLOW 2200 ), 2201 ), 2202 'moodle/competency:coursecompetencygradable' => array( 2203 'captype' => 'read', 2204 'contextlevel' => CONTEXT_COURSE, 2205 'archetypes' => array( 2206 'student' => CAP_ALLOW 2207 ), 2208 'clonepermissionsfrom' => 'moodle/course:isincompletionreports' 2209 ), 2210 'moodle/competency:coursecompetencyview' => array( 2211 'captype' => 'read', 2212 'contextlevel' => CONTEXT_COURSE, 2213 'archetypes' => array( 2214 'user' => CAP_ALLOW 2215 ), 2216 ), 2217 // Evidence. 2218 'moodle/competency:evidencedelete' => array( 2219 'captype' => 'write', 2220 'contextlevel' => CONTEXT_USER, 2221 'archetypes' => array( 2222 ), 2223 'clonepermissionsfrom' => 'moodle/site:config' 2224 ), 2225 // User plans. 2226 'moodle/competency:planmanage' => array( 2227 'captype' => 'write', 2228 'contextlevel' => CONTEXT_USER, 2229 'archetypes' => array( 2230 'manager' => CAP_ALLOW 2231 ), 2232 ), 2233 'moodle/competency:planmanagedraft' => array( 2234 'captype' => 'write', 2235 'contextlevel' => CONTEXT_USER, 2236 'archetypes' => array( 2237 'manager' => CAP_ALLOW 2238 ), 2239 ), 2240 'moodle/competency:planmanageown' => array( 2241 'captype' => 'write', 2242 'contextlevel' => CONTEXT_USER, 2243 'archetypes' => array( 2244 ), 2245 ), 2246 'moodle/competency:planmanageowndraft' => array( 2247 'captype' => 'write', 2248 'contextlevel' => CONTEXT_USER, 2249 'archetypes' => array( 2250 ), 2251 ), 2252 'moodle/competency:planview' => array( 2253 'captype' => 'read', 2254 'contextlevel' => CONTEXT_USER, 2255 'archetypes' => array( 2256 'manager' => CAP_ALLOW 2257 ), 2258 ), 2259 'moodle/competency:planviewdraft' => array( 2260 'captype' => 'read', 2261 'contextlevel' => CONTEXT_USER, 2262 'archetypes' => array( 2263 'manager' => CAP_ALLOW 2264 ), 2265 ), 2266 'moodle/competency:planviewown' => array( 2267 'captype' => 'read', 2268 'contextlevel' => CONTEXT_USER, 2269 'archetypes' => array( 2270 'user' => CAP_ALLOW 2271 ), 2272 ), 2273 'moodle/competency:planviewowndraft' => array( 2274 'captype' => 'read', 2275 'contextlevel' => CONTEXT_USER, 2276 'archetypes' => array( 2277 ), 2278 ), 2279 'moodle/competency:planrequestreview' => array( 2280 'captype' => 'write', 2281 'contextlevel' => CONTEXT_USER, 2282 'archetypes' => array( 2283 'manager' => CAP_ALLOW 2284 ) 2285 ), 2286 'moodle/competency:planrequestreviewown' => array( 2287 'captype' => 'write', 2288 'contextlevel' => CONTEXT_USER, 2289 'archetypes' => array( 2290 'user' => CAP_ALLOW 2291 ) 2292 ), 2293 'moodle/competency:planreview' => array( 2294 'captype' => 'write', 2295 'contextlevel' => CONTEXT_USER, 2296 'archetypes' => array( 2297 'manager' => CAP_ALLOW 2298 ), 2299 ), 2300 'moodle/competency:plancomment' => array( 2301 'captype' => 'write', 2302 'contextlevel' => CONTEXT_USER, 2303 'archetypes' => array( 2304 'manager' => CAP_ALLOW 2305 ), 2306 ), 2307 'moodle/competency:plancommentown' => array( 2308 'captype' => 'write', 2309 'contextlevel' => CONTEXT_USER, 2310 'archetypes' => array( 2311 'user' => CAP_ALLOW 2312 ), 2313 ), 2314 // User competencies. 2315 'moodle/competency:usercompetencyview' => array( 2316 'captype' => 'read', 2317 'contextlevel' => CONTEXT_USER, // And CONTEXT_COURSE. 2318 'archetypes' => array( 2319 'manager' => CAP_ALLOW, 2320 'editingteacher' => CAP_ALLOW, 2321 'teacher' => CAP_ALLOW 2322 ) 2323 ), 2324 'moodle/competency:usercompetencyrequestreview' => array( 2325 'captype' => 'write', 2326 'contextlevel' => CONTEXT_USER, 2327 'archetypes' => array( 2328 'manager' => CAP_ALLOW 2329 ) 2330 ), 2331 'moodle/competency:usercompetencyrequestreviewown' => array( 2332 'captype' => 'write', 2333 'contextlevel' => CONTEXT_USER, 2334 'archetypes' => array( 2335 'user' => CAP_ALLOW 2336 ) 2337 ), 2338 'moodle/competency:usercompetencyreview' => array( 2339 'captype' => 'write', 2340 'contextlevel' => CONTEXT_USER, 2341 'archetypes' => array( 2342 'manager' => CAP_ALLOW 2343 ), 2344 ), 2345 'moodle/competency:usercompetencycomment' => array( 2346 'captype' => 'write', 2347 'contextlevel' => CONTEXT_USER, 2348 'archetypes' => array( 2349 'manager' => CAP_ALLOW 2350 ), 2351 ), 2352 'moodle/competency:usercompetencycommentown' => array( 2353 'captype' => 'write', 2354 'contextlevel' => CONTEXT_USER, 2355 'archetypes' => array( 2356 'user' => CAP_ALLOW 2357 ), 2358 ), 2359 // Template. 2360 'moodle/competency:templatemanage' => array( 2361 'captype' => 'write', 2362 'contextlevel' => CONTEXT_COURSECAT, 2363 'archetypes' => array( 2364 'manager' => CAP_ALLOW 2365 ), 2366 ), 2367 'moodle/analytics:listinsights' => array( 2368 'riskbitmask' => RISK_PERSONAL, 2369 'captype' => 'read', 2370 'contextlevel' => CONTEXT_COURSE, 2371 'archetypes' => array( 2372 'teacher' => CAP_ALLOW, 2373 'editingteacher' => CAP_ALLOW, 2374 'manager' => CAP_ALLOW 2375 ) 2376 ), 2377 'moodle/analytics:managemodels' => array( 2378 'riskbitmask' => RISK_CONFIG, 2379 'captype' => 'write', 2380 'contextlevel' => CONTEXT_SYSTEM, 2381 'archetypes' => array( 2382 'manager' => CAP_ALLOW 2383 ), 2384 ), 2385 'moodle/competency:templateview' => array( 2386 'captype' => 'read', 2387 'contextlevel' => CONTEXT_COURSECAT, 2388 'archetypes' => array( 2389 'manager' => CAP_ALLOW 2390 ), 2391 ), 2392 // User evidence. 2393 'moodle/competency:userevidencemanage' => array( 2394 'captype' => 'write', 2395 'contextlevel' => CONTEXT_USER, 2396 'archetypes' => array( 2397 'manager' => CAP_ALLOW 2398 ), 2399 ), 2400 'moodle/competency:userevidencemanageown' => array( 2401 'captype' => 'write', 2402 'contextlevel' => CONTEXT_USER, 2403 'archetypes' => array( 2404 'user' => CAP_ALLOW 2405 ), 2406 ), 2407 'moodle/competency:userevidenceview' => array( 2408 'captype' => 'read', 2409 'contextlevel' => CONTEXT_USER, 2410 'archetypes' => array( 2411 'manager' => CAP_ALLOW 2412 ), 2413 ), 2414 'moodle/site:maintenanceaccess' => array( 2415 'captype' => 'write', 2416 'contextlevel' => CONTEXT_SYSTEM, 2417 'archetypes' => array( 2418 ) 2419 ), 2420 // Allow message any user, regardlesss of the privacy preferences for messaging. 2421 'moodle/site:messageanyuser' => array( 2422 'riskbitmask' => RISK_SPAM, 2423 'captype' => 'write', 2424 'contextlevel' => CONTEXT_SYSTEM, 2425 'archetypes' => array( 2426 'teacher' => CAP_ALLOW, 2427 'editingteacher' => CAP_ALLOW, 2428 'manager' => CAP_ALLOW 2429 ) 2430 ), 2431 2432 // Context locking/unlocking. 2433 'moodle/site:managecontextlocks' => [ 2434 'captype' => 'write', 2435 'contextlevel' => CONTEXT_MODULE, 2436 'archetypes' => [ 2437 ], 2438 ], 2439 2440 // Manual completion toggling. 2441 'moodle/course:togglecompletion' => [ 2442 'captype' => 'write', 2443 'contextlevel' => CONTEXT_MODULE, 2444 'archetypes' => [ 2445 'user' => CAP_ALLOW, 2446 ], 2447 ], 2448 2449 'moodle/analytics:listowninsights' => array( 2450 'captype' => 'read', 2451 'contextlevel' => CONTEXT_SYSTEM, 2452 'archetypes' => array( 2453 'user' => CAP_ALLOW 2454 ) 2455 ), 2456 2457 // Set display option buttons to an H5P content. 2458 'moodle/h5p:setdisplayoptions' => array( 2459 'captype' => 'write', 2460 'contextlevel' => CONTEXT_MODULE, 2461 'archetypes' => array( 2462 'editingteacher' => CAP_ALLOW, 2463 ) 2464 ), 2465 2466 // Allow to deploy H5P content. 2467 'moodle/h5p:deploy' => array( 2468 'riskbitmask' => RISK_XSS, 2469 'captype' => 'write', 2470 'contextlevel' => CONTEXT_MODULE, 2471 'archetypes' => array( 2472 'manager' => CAP_ALLOW, 2473 'editingteacher' => CAP_ALLOW, 2474 ) 2475 ), 2476 2477 // Allow to update H5P content-type libraries. 2478 'moodle/h5p:updatelibraries' => [ 2479 'riskbitmask' => RISK_XSS, 2480 'captype' => 'write', 2481 'contextlevel' => CONTEXT_MODULE, 2482 'archetypes' => [ 2483 'manager' => CAP_ALLOW, 2484 ] 2485 ], 2486 2487 // Allow users to recommend activities in the activity chooser. 2488 'moodle/course:recommendactivity' => [ 2489 'captype' => 'write', 2490 'contextlevel' => CONTEXT_SYSTEM, 2491 'archetypes' => [ 2492 'manager' => CAP_ALLOW, 2493 ] 2494 ], 2495 2496 // Content bank capabilities. 2497 'moodle/contentbank:access' => array( 2498 'captype' => 'read', 2499 'contextlevel' => CONTEXT_COURSE, 2500 'archetypes' => array( 2501 'manager' => CAP_ALLOW, 2502 'coursecreator' => CAP_ALLOW, 2503 'editingteacher' => CAP_ALLOW, 2504 ) 2505 ), 2506 2507 'moodle/contentbank:upload' => array( 2508 'riskbitmask' => RISK_SPAM, 2509 'captype' => 'write', 2510 'contextlevel' => CONTEXT_COURSE, 2511 'archetypes' => array( 2512 'manager' => CAP_ALLOW, 2513 'coursecreator' => CAP_ALLOW, 2514 'editingteacher' => CAP_ALLOW, 2515 ) 2516 ), 2517 2518 // Delete any content from the content bank. 2519 'moodle/contentbank:deleteanycontent' => [ 2520 'riskbitmask' => RISK_DATALOSS, 2521 'captype' => 'write', 2522 'contextlevel' => CONTEXT_COURSE, 2523 'archetypes' => [ 2524 'manager' => CAP_ALLOW, 2525 'coursecreator' => CAP_ALLOW, 2526 ] 2527 ], 2528 2529 // Delete content created by yourself. 2530 'moodle/contentbank:deleteowncontent' => [ 2531 'captype' => 'write', 2532 'contextlevel' => CONTEXT_COURSE, 2533 'archetypes' => [ 2534 'user' => CAP_ALLOW, 2535 ] 2536 ], 2537 2538 // Manage (rename, move, publish, share, etc.) any content from the content bank. 2539 'moodle/contentbank:manageanycontent' => [ 2540 'riskbitmask' => RISK_DATALOSS, 2541 'captype' => 'write', 2542 'contextlevel' => CONTEXT_COURSE, 2543 'archetypes' => array( 2544 'manager' => CAP_ALLOW, 2545 'coursecreator' => CAP_ALLOW, 2546 ) 2547 ], 2548 2549 // Manage (rename, move, publish, share, etc.) content created by yourself. 2550 'moodle/contentbank:manageowncontent' => [ 2551 'captype' => 'write', 2552 'contextlevel' => CONTEXT_COURSE, 2553 'archetypes' => array( 2554 'manager' => CAP_ALLOW, 2555 'coursecreator' => CAP_ALLOW, 2556 'editingteacher' => CAP_ALLOW, 2557 ) 2558 ], 2559 2560 // Allow users to create/edit content within the content bank. 2561 'moodle/contentbank:useeditor' => [ 2562 'riskbitmask' => RISK_SPAM, 2563 'captype' => 'write', 2564 'contextlevel' => CONTEXT_COURSE, 2565 'archetypes' => array( 2566 'manager' => CAP_ALLOW, 2567 'coursecreator' => CAP_ALLOW, 2568 'editingteacher' => CAP_ALLOW, 2569 ) 2570 ], 2571 2572 // Allow users to download content. 2573 'moodle/contentbank:downloadcontent' => [ 2574 'captype' => 'read', 2575 'contextlevel' => CONTEXT_COURSE, 2576 'archetypes' => [ 2577 'manager' => CAP_ALLOW, 2578 'coursecreator' => CAP_ALLOW, 2579 'editingteacher' => CAP_ALLOW, 2580 ] 2581 ], 2582 2583 // Allow users to download course content. 2584 'moodle/course:downloadcoursecontent' => [ 2585 'captype' => 'read', 2586 'contextlevel' => CONTEXT_COURSE, 2587 'archetypes' => array( 2588 'student' => CAP_ALLOW, 2589 'teacher' => CAP_ALLOW, 2590 'editingteacher' => CAP_ALLOW, 2591 'manager' => CAP_ALLOW 2592 ) 2593 ], 2594 2595 // Allow users to configure download course content functionality within a course, if the feature is available. 2596 'moodle/course:configuredownloadcontent' => [ 2597 'captype' => 'write', 2598 'contextlevel' => CONTEXT_COURSE, 2599 'archetypes' => array( 2600 'editingteacher' => CAP_ALLOW, 2601 'manager' => CAP_ALLOW 2602 ), 2603 ], 2604 2605 // Allow to manage payment accounts. 2606 'moodle/payment:manageaccounts' => [ 2607 'captype' => 'write', 2608 'riskbitmask' => RISK_PERSONAL | RISK_CONFIG | RISK_DATALOSS, 2609 'contextlevel' => CONTEXT_COURSE, 2610 'archetypes' => [], 2611 ], 2612 2613 // Allow to view payments. 2614 'moodle/payment:viewpayments' => [ 2615 'captype' => 'read', 2616 'riskbitmask' => RISK_PERSONAL, 2617 'contextlevel' => CONTEXT_COURSE, 2618 'archetypes' => [], 2619 ], 2620 2621 // Allow users to view hidden content. 2622 'moodle/contentbank:viewunlistedcontent' => [ 2623 'captype' => 'read', 2624 'contextlevel' => CONTEXT_COURSE, 2625 'archetypes' => [ 2626 'manager' => CAP_ALLOW, 2627 'coursecreator' => CAP_ALLOW, 2628 ] 2629 ], 2630 2631 // Allow users to view custom reports. 2632 'moodle/reportbuilder:view' => [ 2633 'captype' => 'read', 2634 'contextlevel' => CONTEXT_SYSTEM, 2635 'archetypes' => [ 2636 'user' => CAP_ALLOW, 2637 ], 2638 ], 2639 2640 // Allow users to create/edit their own custom reports. 2641 'moodle/reportbuilder:edit' => [ 2642 'captype' => 'write', 2643 'riskbitmap' => RISK_PERSONAL, 2644 'contextlevel' => CONTEXT_SYSTEM, 2645 'archetypes' => [ 2646 'manager' => CAP_ALLOW, 2647 ], 2648 ], 2649 2650 // Allow users to create/edit all custom reports. 2651 'moodle/reportbuilder:editall' => [ 2652 'captype' => 'write', 2653 'riskbitmap' => RISK_PERSONAL, 2654 'contextlevel' => CONTEXT_SYSTEM, 2655 'archetypes' => [], 2656 ], 2657 2658 // Allow users to schedule reports as other users. 2659 'moodle/reportbuilder:scheduleviewas' => [ 2660 'captype' => 'read', 2661 'riskbitmap' => RISK_PERSONAL, 2662 'contextlevel' => CONTEXT_SYSTEM, 2663 'archetypes' => [], 2664 ], 2665 );
title
Description
Body
title
Description
Body
title
Description
Body
title
Body