38729ea1c35adbf59f72dee9e8bacbd58f149374
[moodle.git] / lib / db / access.php
1 <?php
3 // This file is part of Moodle - http://moodle.org/
4 //
5 // Moodle is free software: you can redistribute it and/or modify
6 // it under the terms of the GNU General Public License as published by
7 // the Free Software Foundation, either version 3 of the License, or
8 // (at your option) any later version.
9 //
10 // Moodle is distributed in the hope that it will be useful,
11 // but WITHOUT ANY WARRANTY; without even the implied warranty of
12 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
13 // GNU General Public License for more details.
14 //
15 // You should have received a copy of the GNU General Public License
16 // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
18 /**
19  * Capability definitions for Moodle core.
20  *
21  * The capabilities are loaded into the database table when the module is
22  * installed or updated. Whenever the capability definitions are updated,
23  * the module version number should be bumped up.
24  *
25  * The system has four possible values for a capability:
26  * CAP_ALLOW, CAP_PREVENT, CAP_PROHIBIT, and inherit (not set).
27  *
28  *
29  * CAPABILITY NAMING CONVENTION
30  *
31  * It is important that capability names are unique. The naming convention
32  * for capabilities that are specific to modules and blocks is as follows:
33  *   [mod/block]/<plugin_name>:<capabilityname>
34  *
35  * component_name should be the same as the directory name of the mod or block.
36  *
37  * Core moodle capabilities are defined thus:
38  *    moodle/<capabilityclass>:<capabilityname>
39  *
40  * Examples: mod/forum:viewpost
41  *           block/recent_activity:view
42  *           moodle/site:deleteuser
43  *
44  * The variable name for the capability definitions array is $capabilities
45  *
46  * @package    core
47  * @subpackage role
48  * @copyright  2006 onwards Martin Dougiamas  http://dougiamas.com
49  * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
50  */
52 defined('MOODLE_INTERNAL') || die();
54 $capabilities = array(
55     'moodle/site:config' => array(
57         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS | RISK_CONFIG | RISK_DATALOSS,
59         'captype' => 'write',
60         'contextlevel' => CONTEXT_SYSTEM,
61         'archetypes' => array(
62         )
63     ),
65     'moodle/site:readallmessages' => array(
67         'riskbitmask' => RISK_PERSONAL,
69         'captype' => 'read',
70         'contextlevel' => CONTEXT_SYSTEM,
71         'archetypes' => array(
72             'manager' => CAP_ALLOW,
73             'editingteacher' => CAP_ALLOW
74         )
75     ),
77     'moodle/site:sendmessage' => array(
79         'riskbitmask' => RISK_SPAM,
81         'captype' => 'write',
82         'contextlevel' => CONTEXT_SYSTEM,
83         'archetypes' => array(
84             'manager' => CAP_ALLOW,
85             'user' => CAP_ALLOW
86         )
87     ),
89     'moodle/site:approvecourse' => array(
91         'riskbitmask' => RISK_XSS,
93         'captype' => 'write',
94         'contextlevel' => CONTEXT_SYSTEM,
95         'archetypes' => array(
96             'manager' => CAP_ALLOW
97         )
98     ),
100     'moodle/backup:backupcourse' => array(
102         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
104         'captype' => 'write',
105         'contextlevel' => CONTEXT_COURSE,
106         'archetypes' => array(
107             'editingteacher' => CAP_ALLOW,
108             'manager' => CAP_ALLOW
109         ),
111         'clonepermissionsfrom' =>  'moodle/site:backup'
112     ),
114     'moodle/backup:backupsection' => array(
116         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
118         'captype' => 'write',
119         'contextlevel' => CONTEXT_COURSE,
120         'archetypes' => array(
121             'editingteacher' => CAP_ALLOW,
122             'manager' => CAP_ALLOW
123         ),
125         'clonepermissionsfrom' =>  'moodle/backup:backupcourse'
126     ),
128     'moodle/backup:backupactivity' => array(
130         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
132         'captype' => 'write',
133         'contextlevel' => CONTEXT_MODULE,
134         'archetypes' => array(
135             'editingteacher' => CAP_ALLOW,
136             'manager' => CAP_ALLOW
137         ),
139         'clonepermissionsfrom' =>  'moodle/backup:backupcourse'
140     ),
142     'moodle/backup:backuptargethub' => array(
144         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
146         'captype' => 'write',
147         'contextlevel' => CONTEXT_COURSE,
148         'archetypes' => array(
149             'editingteacher' => CAP_ALLOW,
150             'manager' => CAP_ALLOW
151         ),
153         'clonepermissionsfrom' =>  'moodle/backup:backupcourse'
154     ),
156     'moodle/backup:backuptargetimport' => array(
158         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
160         'captype' => 'write',
161         'contextlevel' => CONTEXT_COURSE,
162         'archetypes' => array(
163             'editingteacher' => CAP_ALLOW,
164             'manager' => CAP_ALLOW
165         ),
167         'clonepermissionsfrom' =>  'moodle/backup:backupcourse'
168     ),
170     'moodle/backup:downloadfile' => array(
172         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
174         'captype' => 'write',
175         'contextlevel' => CONTEXT_COURSE,
176         'archetypes' => array(
177             'editingteacher' => CAP_ALLOW,
178             'manager' => CAP_ALLOW
179         ),
181         'clonepermissionsfrom' =>  'moodle/site:backupdownload'
182     ),
184     'moodle/backup:configure' => array(
186         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
188         'captype' => 'write',
189         'contextlevel' => CONTEXT_COURSE,
190         'archetypes' => array(
191             'editingteacher' => CAP_ALLOW,
192             'manager' => CAP_ALLOW
193         )
194     ),
196     'moodle/backup:userinfo' => array(
198         'riskbitmask' => RISK_PERSONAL,
200         'captype' => 'read',
201         'contextlevel' => CONTEXT_COURSE,
202         'archetypes' => array(
203             'manager' => CAP_ALLOW
204         )
205     ),
207     'moodle/backup:anonymise' => array(
209         'riskbitmask' => RISK_PERSONAL,
211         'captype' => 'read',
212         'contextlevel' => CONTEXT_COURSE,
213         'archetypes' => array(
214             'manager' => CAP_ALLOW
215         )
216     ),
218     'moodle/restore:restorecourse' => array(
220         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
222         'captype' => 'write',
223         'contextlevel' => CONTEXT_COURSE,
224         'archetypes' => array(
225             'editingteacher' => CAP_ALLOW,
226             'manager' => CAP_ALLOW
227         ),
229         'clonepermissionsfrom' =>  'moodle/site:restore'
230     ),
232     'moodle/restore:restoresection' => array(
234         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
236         'captype' => 'write',
237         'contextlevel' => CONTEXT_COURSE,
238         'archetypes' => array(
239             'editingteacher' => CAP_ALLOW,
240             'manager' => CAP_ALLOW
241         ),
243         'clonepermissionsfrom' =>  'moodle/restore:restorecourse'
244     ),
246     'moodle/restore:restoreactivity' => array(
248         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
250         'captype' => 'write',
251         'contextlevel' => CONTEXT_COURSE,
252         'archetypes' => array(
253             'editingteacher' => CAP_ALLOW,
254             'manager' => CAP_ALLOW
255         ),
257         'clonepermissionsfrom' =>  'moodle/restore:restorecourse'
258     ),
260     'moodle/restore:viewautomatedfilearea' => array(
262         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
264         'captype' => 'write',
265         'contextlevel' => CONTEXT_COURSE,
266     ),
268     'moodle/restore:restoretargethub' => array(
270         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
272         'captype' => 'write',
273         'contextlevel' => CONTEXT_COURSE,
274         'archetypes' => array(
275             'editingteacher' => CAP_ALLOW,
276             'manager' => CAP_ALLOW
277         ),
279         'clonepermissionsfrom' =>  'moodle/restore:restorecourse'
280     ),
282     'moodle/restore:restoretargetimport' => array(
284         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
286         'captype' => 'write',
287         'contextlevel' => CONTEXT_COURSE,
288         'archetypes' => array(
289             'editingteacher' => CAP_ALLOW,
290             'manager' => CAP_ALLOW
291         ),
293         'clonepermissionsfrom' =>  'moodle/site:import'
294     ),
296     'moodle/restore:uploadfile' => array(
298         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
300         'captype' => 'write',
301         'contextlevel' => CONTEXT_COURSE,
302         'archetypes' => array(
303             'editingteacher' => CAP_ALLOW,
304             'manager' => CAP_ALLOW
305         ),
307         'clonepermissionsfrom' =>  'moodle/site:backupupload'
308     ),
310     'moodle/restore:configure' => array(
312         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
314         'captype' => 'write',
315         'contextlevel' => CONTEXT_COURSE,
316         'archetypes' => array(
317             'editingteacher' => CAP_ALLOW,
318             'manager' => CAP_ALLOW
319         )
320     ),
322     'moodle/restore:rolldates' => array(
324         'captype' => 'write',
325         'contextlevel' => CONTEXT_COURSE,
326         'archetypes' => array(
327             'coursecreator' => CAP_ALLOW,
328             'manager' => CAP_ALLOW
329         )
330     ),
332     'moodle/restore:userinfo' => array(
334         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS | RISK_CONFIG,
336         'captype' => 'write',
337         'contextlevel' => CONTEXT_COURSE,
338         'archetypes' => array(
339             'manager' => CAP_ALLOW
340         )
341     ),
343     'moodle/restore:createuser' => array(
345         'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
347         'captype' => 'write',
348         'contextlevel' => CONTEXT_SYSTEM,
349         'archetypes' => array(
350             'manager' => CAP_ALLOW
351         )
352     ),
354     'moodle/site:manageblocks' => array(
356         'riskbitmask' => RISK_SPAM | RISK_XSS,
358         'captype' => 'write',
359         'contextlevel' => CONTEXT_BLOCK,
360         'archetypes' => array(
361             'editingteacher' => CAP_ALLOW,
362             'manager' => CAP_ALLOW
363         )
364     ),
366     'moodle/site:accessallgroups' => array(
368         'captype' => 'read',
369         'contextlevel' => CONTEXT_COURSE,
370         'archetypes' => array(
371             'teacher' => CAP_ALLOW,
372             'editingteacher' => CAP_ALLOW,
373             'manager' => CAP_ALLOW
374         )
375     ),
377     'moodle/site:viewfullnames' => array(
379         'captype' => 'read',
380         'contextlevel' => CONTEXT_COURSE,
381         'archetypes' => array(
382             'teacher' => CAP_ALLOW,
383             'editingteacher' => CAP_ALLOW,
384             'manager' => CAP_ALLOW
385         )
386     ),
388     'moodle/site:viewreports' => array(
390         'riskbitmask' => RISK_PERSONAL,
392         'captype' => 'read',
393         'contextlevel' => CONTEXT_COURSE,
394         'archetypes' => array(
395             'teacher' => CAP_ALLOW,
396             'editingteacher' => CAP_ALLOW,
397             'manager' => CAP_ALLOW
398         )
399     ),
401     'moodle/site:trustcontent' => array(
403         'riskbitmask' => RISK_XSS,
405         'captype' => 'write',
406         'contextlevel' => CONTEXT_COURSE,
407         'archetypes' => array(
408             'editingteacher' => CAP_ALLOW,
409             'manager' => CAP_ALLOW
410         )
411     ),
413     'moodle/site:uploadusers' => array(
415         'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
417         'captype' => 'write',
418         'contextlevel' => CONTEXT_SYSTEM,
419         'archetypes' => array(
420             'manager' => CAP_ALLOW
421         )
422     ),
424     // Permission to manage filter setting overrides in subcontexts.
425     'moodle/filter:manage' => array(
427         'captype' => 'write',
428         'contextlevel' => CONTEXT_COURSE,
429         'archetypes' => array(
430             'editingteacher' => CAP_ALLOW,
431             'coursecreator' => CAP_ALLOW,
432             'manager' => CAP_ALLOW,
433         )
434     ),
436     'moodle/user:create' => array(
438         'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
440         'captype' => 'write',
441         'contextlevel' => CONTEXT_SYSTEM,
442         'archetypes' => array(
443             'manager' => CAP_ALLOW
444         )
445     ),
447     'moodle/user:delete' => array(
449         'riskbitmask' => RISK_PERSONAL, RISK_DATALOSS,
451         'captype' => 'write',
452         'contextlevel' => CONTEXT_SYSTEM,
453         'archetypes' => array(
454             'manager' => CAP_ALLOW
455         )
456     ),
458     'moodle/user:update' => array(
460         'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
462         'captype' => 'write',
463         'contextlevel' => CONTEXT_SYSTEM,
464         'archetypes' => array(
465             'manager' => CAP_ALLOW
466         )
467     ),
469     'moodle/user:viewdetails' => array(
471         'captype' => 'read',
472         'contextlevel' => CONTEXT_COURSE,
473         'archetypes' => array(
474             'guest' => CAP_ALLOW,
475             'student' => CAP_ALLOW,
476             'teacher' => CAP_ALLOW,
477             'editingteacher' => CAP_ALLOW,
478             'manager' => CAP_ALLOW
479         )
480     ),
482     'moodle/user:viewalldetails' => array(
483         'riskbitmask' => RISK_PERSONAL,
484         'captype' => 'read',
485         'contextlevel' => CONTEXT_USER,
486         'archetypes' => array(
487             'manager' => CAP_ALLOW
488         ),
489         'clonepermissionsfrom' => 'moodle/user:update'
490     ),
492     'moodle/user:viewhiddendetails' => array(
494         'riskbitmask' => RISK_PERSONAL,
496         'captype' => 'read',
497         'contextlevel' => CONTEXT_COURSE,
498         'archetypes' => array(
499             'teacher' => CAP_ALLOW,
500             'editingteacher' => CAP_ALLOW,
501             'manager' => CAP_ALLOW
502         )
503     ),
505     'moodle/user:loginas' => array(
507         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS | RISK_CONFIG,
509         'captype' => 'write',
510         'contextlevel' => CONTEXT_COURSE,
511         'archetypes' => array(
512             'manager' => CAP_ALLOW
513         )
514     ),
516     // can the user manage the system default profile page?
517     'moodle/user:managesyspages' => array(
519         'riskbitmap' => RISK_SPAM | RISK_PERSONAL | RISK_CONFIG,
521         'captype' => 'write',
522         'contextlevel' => CONTEXT_SYSTEM,
523         'archetypes' => array(
524             'manager' => CAP_ALLOW
525         )
526     ),
528     // can the user manage another user's profile page?
529     'moodle/user:manageblocks' => array(
531         'riskbitmap' => RISK_SPAM | RISK_PERSONAL,
533         'captype' => 'write',
534         'contextlevel' => CONTEXT_USER
535     ),
537     // can the user manage their own profile page?
538     'moodle/user:manageownblocks' => array(
540         'riskbitmap' => RISK_SPAM | RISK_PERSONAL,
542         'captype' => 'write',
543         'contextlevel' => CONTEXT_SYSTEM,
544         'archetypes' => array(
545             'user' => CAP_ALLOW
546         )
547     ),
549     // can the user manage their own files?
550     'moodle/user:manageownfiles' => array(
552         'riskbitmap' => RISK_SPAM | RISK_PERSONAL,
554         'captype' => 'write',
555         'contextlevel' => CONTEXT_SYSTEM,
556         'archetypes' => array(
557             'user' => CAP_ALLOW
558         )
559     ),
561     // can the user manage the system default dashboard page?
562     'moodle/my:configsyspages' => array(
564         'riskbitmap' => RISK_SPAM | RISK_PERSONAL | RISK_CONFIG,
566         'captype' => 'write',
567         'contextlevel' => CONTEXT_SYSTEM,
568         'archetypes' => array(
569             'manager' => CAP_ALLOW
570         )
571     ),
573     'moodle/role:assign' => array(
575         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
577         'captype' => 'write',
578         'contextlevel' => CONTEXT_COURSE,
579         'archetypes' => array(
580             'editingteacher' => CAP_ALLOW,
581             'manager' => CAP_ALLOW
582         )
583     ),
585     'moodle/role:review' => array(
587         'riskbitmask' => RISK_PERSONAL,
589         'captype' => 'read',
590         'contextlevel' => CONTEXT_COURSE,
591         'archetypes' => array(
592             'teacher' => CAP_ALLOW,
593             'editingteacher' => CAP_ALLOW,
594             'manager' => CAP_ALLOW
595         )
596     ),
598     'moodle/role:override' => array(
600         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
602         'captype' => 'write',
603         'contextlevel' => CONTEXT_COURSE,
604         'archetypes' => array(
605             'manager' => CAP_ALLOW
606         )
607     ),
609     'moodle/role:safeoverride' => array(
611         'riskbitmask' => RISK_SPAM,
613         'captype' => 'write',
614         'contextlevel' => CONTEXT_COURSE,
615         'archetypes' => array(
616             'editingteacher' => CAP_ALLOW
617         )
618     ),
620     'moodle/role:manage' => array(
622         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
624         'captype' => 'write',
625         'contextlevel' => CONTEXT_SYSTEM,
626         'archetypes' => array(
627             'manager' => CAP_ALLOW
628         )
629     ),
631     'moodle/role:switchroles' => array(
633         'riskbitmask' => RISK_XSS | RISK_PERSONAL,
635         'captype' => 'read',
636         'contextlevel' => CONTEXT_COURSE,
637         'archetypes' => array(
638             'editingteacher' => CAP_ALLOW,
639             'manager' => CAP_ALLOW
640         )
641     ),
643     // Create, update and delete course categories. (Deleting a course category
644     // does not let you delete the courses it contains, unless you also have
645     // moodle/course: delete.) Creating and deleting requires this permission in
646     // the parent category.
647     'moodle/category:manage' => array(
649         'riskbitmask' => RISK_XSS,
651         'captype' => 'write',
652         'contextlevel' => CONTEXT_COURSECAT,
653         'archetypes' => array(
654             'manager' => CAP_ALLOW
655         ),
656         'clonepermissionsfrom' => 'moodle/category:update'
657     ),
659     'moodle/category:viewhiddencategories' => array(
661         'captype' => 'read',
662         'contextlevel' => CONTEXT_COURSECAT,
663         'archetypes' => array(
664             'coursecreator' => CAP_ALLOW,
665             'manager' => CAP_ALLOW
666         ),
667         'clonepermissionsfrom' => 'moodle/category:visibility'
668     ),
670     // create, delete, move cohorts in system and course categories,
671     // (cohorts with component !== null can be only moved)
672     'moodle/cohort:manage' => array(
674         'captype' => 'write',
675         'contextlevel' => CONTEXT_COURSECAT,
676         'archetypes' => array(
677             'manager' => CAP_ALLOW
678         )
679     ),
681     // add and remove cohort members (only for cohorts where component !== null)
682     'moodle/cohort:assign' => array(
684         'captype' => 'write',
685         'contextlevel' => CONTEXT_COURSECAT,
686         'archetypes' => array(
687             'manager' => CAP_ALLOW
688         )
689     ),
691     // view members of a cohort, this can be used in course context too,
692     // this also controls the ability to actually use cohort
693     'moodle/cohort:view' => array(
695         'captype' => 'read',
696         'contextlevel' => CONTEXT_COURSE,
697         'archetypes' => array(
698             'editingteacher' => CAP_ALLOW,
699             'manager' => CAP_ALLOW
700         )
701     ),
703     'moodle/course:create' => array(
705         'riskbitmask' => RISK_XSS,
707         'captype' => 'write',
708         'contextlevel' => CONTEXT_COURSECAT,
709         'archetypes' => array(
710             'coursecreator' => CAP_ALLOW,
711             'manager' => CAP_ALLOW
712         )
713     ),
715     'moodle/course:request' => array(
716         'captype' => 'write',
717         'contextlevel' => CONTEXT_SYSTEM,
718         'archetypes' => array(
719             'user' => CAP_ALLOW,
720         )
721     ),
723     'moodle/course:delete' => array(
725         'riskbitmask' => RISK_DATALOSS,
727         'captype' => 'write',
728         'contextlevel' => CONTEXT_COURSE,
729         'archetypes' => array(
730             'editingteacher' => CAP_ALLOW,
731             'manager' => CAP_ALLOW
732         )
733     ),
735     'moodle/course:update' => array(
737         'riskbitmask' => RISK_XSS,
739         'captype' => 'write',
740         'contextlevel' => CONTEXT_COURSE,
741         'archetypes' => array(
742             'editingteacher' => CAP_ALLOW,
743             'manager' => CAP_ALLOW
744         )
745     ),
747     'moodle/course:view' => array(
749         'captype' => 'read',
750         'contextlevel' => CONTEXT_COURSE,
751         'archetypes' => array(
752             'manager' => CAP_ALLOW,
753         )
754     ),
756     /* review course enrolments - no group restrictions, it is really full access to all participants info*/
757     'moodle/course:enrolreview' => array(
759         'riskbitmask' => RISK_PERSONAL,
761         'captype' => 'read',
762         'contextlevel' => CONTEXT_COURSE,
763         'archetypes' => array(
764             'editingteacher' => CAP_ALLOW,
765             'manager' => CAP_ALLOW,
766         )
767     ),
769     /* add, remove, hide enrol instances in courses */
770     'moodle/course:enrolconfig' => array(
772         'riskbitmask' => RISK_PERSONAL,
774         'captype' => 'write',
775         'contextlevel' => CONTEXT_COURSE,
776         'archetypes' => array(
777             'editingteacher' => CAP_ALLOW,
778             'manager' => CAP_ALLOW,
779         )
780     ),
782     'moodle/course:bulkmessaging' => array(
784         'riskbitmask' => RISK_SPAM,
786         'captype' => 'write',
787         'contextlevel' => CONTEXT_COURSE,
788         'archetypes' => array(
789             'teacher' => CAP_ALLOW,
790             'editingteacher' => CAP_ALLOW,
791             'manager' => CAP_ALLOW
792         )
793     ),
795     'moodle/course:viewhiddenuserfields' => array(
797         'riskbitmask' => RISK_PERSONAL,
799         'captype' => 'read',
800         'contextlevel' => CONTEXT_COURSE,
801         'archetypes' => array(
802             'teacher' => CAP_ALLOW,
803             'editingteacher' => CAP_ALLOW,
804             'manager' => CAP_ALLOW
805         )
806     ),
808     'moodle/course:viewhiddencourses' => array(
810         'captype' => 'read',
811         'contextlevel' => CONTEXT_COURSE,
812         'archetypes' => array(
813             'coursecreator' => CAP_ALLOW,
814             'teacher' => CAP_ALLOW,
815             'editingteacher' => CAP_ALLOW,
816             'manager' => CAP_ALLOW
817         )
818     ),
820     'moodle/course:visibility' => array(
822         'captype' => 'write',
823         'contextlevel' => CONTEXT_COURSE,
824         'archetypes' => array(
825             'editingteacher' => CAP_ALLOW,
826             'manager' => CAP_ALLOW
827         )
828     ),
830     'moodle/course:managefiles' => array(
832         'riskbitmask' => RISK_XSS,
834         'captype' => 'write',
835         'contextlevel' => CONTEXT_COURSE,
836         'archetypes' => array(
837             'editingteacher' => CAP_ALLOW,
838             'manager' => CAP_ALLOW
839         )
840     ),
842     'moodle/course:manageactivities' => array(
844         'riskbitmask' => RISK_XSS,
846         'captype' => 'write',
847         'contextlevel' => CONTEXT_COURSE,
848         'archetypes' => array(
849             'editingteacher' => CAP_ALLOW,
850             'manager' => CAP_ALLOW
851         )
852     ),
854     'moodle/course:activityvisibility' => array(
856         'captype' => 'write',
857         'contextlevel' => CONTEXT_COURSE,
858         'archetypes' => array(
859             'editingteacher' => CAP_ALLOW,
860             'manager' => CAP_ALLOW
861         )
862     ),
864     'moodle/course:viewhiddenactivities' => array(
866         'captype' => 'write',
867         'contextlevel' => CONTEXT_COURSE,
868         'archetypes' => array(
869             'teacher' => CAP_ALLOW,
870             'editingteacher' => CAP_ALLOW,
871             'manager' => CAP_ALLOW
872         )
873     ),
875     'moodle/course:viewparticipants' => array(
877         'captype' => 'read',
878         'contextlevel' => CONTEXT_COURSE,
879         'archetypes' => array(
880             'student' => CAP_ALLOW,
881             'teacher' => CAP_ALLOW,
882             'editingteacher' => CAP_ALLOW,
883             'manager' => CAP_ALLOW
884         )
885     ),
887     'moodle/course:changefullname' => array(
889         'riskbitmask' => RISK_XSS,
891         'captype' => 'write',
892         'contextlevel' => CONTEXT_COURSE,
893         'archetypes' => array(
894             'editingteacher' => CAP_ALLOW,
895             'manager' => CAP_ALLOW
896         ),
897         'clonepermissionsfrom' => 'moodle/course:update'
898     ),
900     'moodle/course:changeshortname' => array(
902         'riskbitmask' => RISK_XSS,
904         'captype' => 'write',
905         'contextlevel' => CONTEXT_COURSE,
906         'archetypes' => array(
907             'editingteacher' => CAP_ALLOW,
908             'manager' => CAP_ALLOW
909         ),
910         'clonepermissionsfrom' => 'moodle/course:update'
911     ),
913     'moodle/course:changeidnumber' => array(
915         'riskbitmask' => RISK_XSS,
917         'captype' => 'write',
918         'contextlevel' => CONTEXT_COURSE,
919         'archetypes' => array(
920             'editingteacher' => CAP_ALLOW,
921             'manager' => CAP_ALLOW
922         ),
923         'clonepermissionsfrom' => 'moodle/course:update'
924     ),
925     'moodle/course:changecategory' => array(
926         'riskbitmask' => RISK_XSS,
928         'captype' => 'write',
929         'contextlevel' => CONTEXT_COURSE,
930         'archetypes' => array(
931             'editingteacher' => CAP_ALLOW,
932             'manager' => CAP_ALLOW
933         ),
934         'clonepermissionsfrom' => 'moodle/course:update'
935     ),
937     'moodle/course:changesummary' => array(
938         'riskbitmask' => RISK_XSS,
940         'captype' => 'write',
941         'contextlevel' => CONTEXT_COURSE,
942         'archetypes' => array(
943             'editingteacher' => CAP_ALLOW,
944             'manager' => CAP_ALLOW
945         ),
946         'clonepermissionsfrom' => 'moodle/course:update'
947     ),
950     'moodle/site:viewparticipants' => array(
952         'captype' => 'read',
953         'contextlevel' => CONTEXT_SYSTEM,
954         'archetypes' => array(
955             'manager' => CAP_ALLOW
956         )
957     ),
959     'moodle/course:viewscales' => array(
961         'captype' => 'read',
962         'contextlevel' => CONTEXT_COURSE,
963         'archetypes' => array(
964             'student' => CAP_ALLOW,
965             'teacher' => CAP_ALLOW,
966             'editingteacher' => CAP_ALLOW,
967             'manager' => CAP_ALLOW
968         )
969     ),
971     'moodle/course:managescales' => array(
973         'captype' => 'write',
974         'contextlevel' => CONTEXT_COURSE,
975         'archetypes' => array(
976             'editingteacher' => CAP_ALLOW,
977             'manager' => CAP_ALLOW
978         )
979     ),
981     'moodle/course:managegroups' => array(
983         'captype' => 'write',
984         'contextlevel' => CONTEXT_COURSE,
985         'archetypes' => array(
986             'editingteacher' => CAP_ALLOW,
987             'manager' => CAP_ALLOW
988         )
989     ),
991     'moodle/course:reset' => array(
993         'riskbitmask' => RISK_DATALOSS,
995         'captype' => 'write',
996         'contextlevel' => CONTEXT_COURSE,
997         'archetypes' => array(
998             'editingteacher' => CAP_ALLOW,
999             'manager' => CAP_ALLOW
1000         )
1001     ),
1003     'moodle/blog:view' => array(
1005         'captype' => 'read',
1006         'contextlevel' => CONTEXT_SYSTEM,
1007         'archetypes' => array(
1008             'guest' => CAP_ALLOW,
1009             'user' => CAP_ALLOW,
1010             'student' => CAP_ALLOW,
1011             'teacher' => CAP_ALLOW,
1012             'editingteacher' => CAP_ALLOW,
1013             'manager' => CAP_ALLOW
1014         )
1015     ),
1017     'moodle/blog:search' => array(
1018         'captype' => 'read',
1019         'contextlevel' => CONTEXT_SYSTEM,
1020         'archetypes' => array(
1021             'guest' => CAP_ALLOW,
1022             'user' => CAP_ALLOW,
1023             'student' => CAP_ALLOW,
1024             'teacher' => CAP_ALLOW,
1025             'editingteacher' => CAP_ALLOW,
1026             'manager' => CAP_ALLOW
1027         )
1028     ),
1030     'moodle/blog:viewdrafts' => array(
1032         'riskbitmask' => RISK_PERSONAL,
1033         'captype' => 'read',
1034         'contextlevel' => CONTEXT_SYSTEM,
1035         'archetypes' => array(
1036             'manager' => CAP_ALLOW
1037         )
1038     ),
1040     'moodle/blog:create' => array( // works in CONTEXT_SYSTEM only
1042         'riskbitmask' => RISK_SPAM,
1044         'captype' => 'write',
1045         'contextlevel' => CONTEXT_SYSTEM,
1046         'archetypes' => array(
1047             'user' => CAP_ALLOW,
1048             'manager' => CAP_ALLOW
1049         )
1050     ),
1052     'moodle/blog:manageentries' => array(
1054         'riskbitmask' => RISK_SPAM,
1056         'captype' => 'write',
1057         'contextlevel' => CONTEXT_SYSTEM,
1058         'archetypes' => array(
1059             'teacher' => CAP_ALLOW,
1060             'editingteacher' => CAP_ALLOW,
1061             'manager' => CAP_ALLOW
1062         )
1063     ),
1065     'moodle/blog:manageexternal' => array(
1067         'riskbitmask' => RISK_SPAM,
1069         'captype' => 'write',
1070         'contextlevel' => CONTEXT_SYSTEM,
1071         'archetypes' => array(
1072             'student' => CAP_ALLOW,
1073             'user' => CAP_ALLOW,
1074             'teacher' => CAP_ALLOW,
1075             'editingteacher' => CAP_ALLOW,
1076             'manager' => CAP_ALLOW
1077         )
1078     ),
1080     'moodle/blog:associatecourse' => array(
1082         'captype' => 'write',
1083         'contextlevel' => CONTEXT_COURSE,
1084         'archetypes' => array(
1085             'student' => CAP_ALLOW,
1086             'user' => CAP_ALLOW,
1087             'teacher' => CAP_ALLOW,
1088             'editingteacher' => CAP_ALLOW,
1089             'manager' => CAP_ALLOW
1090         )
1091     ),
1093     'moodle/blog:associatemodule' => array(
1095         'captype' => 'write',
1096         'contextlevel' => CONTEXT_MODULE,
1097         'archetypes' => array(
1098             'student' => CAP_ALLOW,
1099             'user' => CAP_ALLOW,
1100             'teacher' => CAP_ALLOW,
1101             'editingteacher' => CAP_ALLOW,
1102             'manager' => CAP_ALLOW
1103         )
1104     ),
1106     'moodle/calendar:manageownentries' => array( // works in CONTEXT_SYSTEM only
1108         'riskbitmask' => RISK_SPAM,
1110         'captype' => 'write',
1111         'contextlevel' => CONTEXT_COURSE,
1112         'archetypes' => array(
1113             'user' => CAP_ALLOW,
1114             'manager' => CAP_ALLOW
1115         )
1116     ),
1118     'moodle/calendar:managegroupentries' => array(
1120         'riskbitmask' => RISK_SPAM,
1122         'captype' => 'write',
1123         'contextlevel' => CONTEXT_COURSE,
1124         'archetypes' => array(
1125             'teacher' => CAP_ALLOW,
1126             'editingteacher' => CAP_ALLOW,
1127             'manager' => CAP_ALLOW
1128         )
1129     ),
1131     'moodle/calendar:manageentries' => array(
1133         'riskbitmask' => RISK_SPAM,
1135         'captype' => 'write',
1136         'contextlevel' => CONTEXT_COURSE,
1137         'archetypes' => array(
1138             'teacher' => CAP_ALLOW,
1139             'editingteacher' => CAP_ALLOW,
1140             'manager' => CAP_ALLOW
1141         )
1142     ),
1144     'moodle/user:editprofile' => array(
1146         'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
1148         'captype' => 'write',
1149         'contextlevel' => CONTEXT_USER,
1150         'archetypes' => array(
1151             'manager' => CAP_ALLOW
1152         )
1153     ),
1155     'moodle/user:editownprofile' => array(
1157         'riskbitmask' => RISK_SPAM,
1159         'captype' => 'write',
1160         'contextlevel' => CONTEXT_SYSTEM,
1161         'archetypes' => array(
1162             'guest' => CAP_PROHIBIT,
1163             'user' => CAP_ALLOW,
1164             'manager' => CAP_ALLOW
1165         )
1166     ),
1168     'moodle/user:changeownpassword' => array(
1170         'captype' => 'write',
1171         'contextlevel' => CONTEXT_SYSTEM,
1172         'archetypes' => array(
1173             'guest' => CAP_PROHIBIT,
1174             'user' => CAP_ALLOW,
1175             'manager' => CAP_ALLOW
1176         )
1177     ),
1179     // The next 3 might make no sense for some roles, e.g teacher, etc.
1180     // since the next level up is site. These are more for the parent role
1181     'moodle/user:readuserposts' => array(
1183         'captype' => 'read',
1184         'contextlevel' => CONTEXT_USER,
1185         'archetypes' => array(
1186             'student' => CAP_ALLOW,
1187             'teacher' => CAP_ALLOW,
1188             'editingteacher' => CAP_ALLOW,
1189             'manager' => CAP_ALLOW
1190         )
1191     ),
1193     'moodle/user:readuserblogs' => array(
1195         'captype' => 'read',
1196         'contextlevel' => CONTEXT_USER,
1197         'archetypes' => array(
1198             'student' => CAP_ALLOW,
1199             'teacher' => CAP_ALLOW,
1200             'editingteacher' => CAP_ALLOW,
1201             'manager' => CAP_ALLOW
1202         )
1203     ),
1205     // designed for parent role - not used in legacy roles
1206     'moodle/user:viewuseractivitiesreport' => array(
1207         'riskbitmask' => RISK_PERSONAL,
1209         'captype' => 'read',
1210         'contextlevel' => CONTEXT_USER,
1211         'archetypes' => array(
1212         )
1213     ),
1215     //capabilities designed for the new message system configuration
1216     'moodle/user:editmessageprofile' => array(
1218          'riskbitmask' => RISK_SPAM,
1220          'captype' => 'write',
1221          'contextlevel' => CONTEXT_USER,
1222          'archetypes' => array(
1223              'manager' => CAP_ALLOW
1224          )
1225      ),
1227      'moodle/user:editownmessageprofile' => array(
1229          'captype' => 'write',
1230          'contextlevel' => CONTEXT_SYSTEM,
1231          'archetypes' => array(
1232              'guest' => CAP_PROHIBIT,
1233              'user' => CAP_ALLOW,
1234              'manager' => CAP_ALLOW
1235          )
1236      ),
1238     'moodle/question:managecategory' => array(
1239         'riskbitmask' => RISK_SPAM | RISK_XSS,
1240         'captype' => 'write',
1241         'contextlevel' => CONTEXT_COURSE,
1242         'archetypes' => array(
1243             'editingteacher' => CAP_ALLOW,
1244             'manager' => CAP_ALLOW
1245         )
1246     ),
1248     //new in moodle 1.9
1249     'moodle/question:add' => array(
1250         'riskbitmask' => RISK_SPAM | RISK_XSS,
1251         'captype' => 'write',
1252         'contextlevel' => CONTEXT_COURSE,
1253         'archetypes' => array(
1254             'editingteacher' => CAP_ALLOW,
1255             'manager' => CAP_ALLOW
1256         ),
1257         'clonepermissionsfrom' =>  'moodle/question:manage'
1258     ),
1259     'moodle/question:editmine' => array(
1260         'riskbitmask' => RISK_SPAM | RISK_XSS,
1261         'captype' => 'write',
1262         'contextlevel' => CONTEXT_COURSE,
1263         'archetypes' => array(
1264             'editingteacher' => CAP_ALLOW,
1265             'manager' => CAP_ALLOW
1266         ),
1267         'clonepermissionsfrom' =>  'moodle/question:manage'
1268     ),
1269     'moodle/question:editall' => array(
1270         'riskbitmask' => RISK_SPAM | RISK_XSS,
1271         'captype' => 'write',
1272         'contextlevel' => CONTEXT_COURSE,
1273         'archetypes' => array(
1274             'editingteacher' => CAP_ALLOW,
1275             'manager' => CAP_ALLOW
1276         ),
1277         'clonepermissionsfrom' =>  'moodle/question:manage'
1278     ),
1279     'moodle/question:viewmine' => array(
1280         'captype' => 'read',
1281         'contextlevel' => CONTEXT_COURSE,
1282         'archetypes' => array(
1283             'editingteacher' => CAP_ALLOW,
1284             'manager' => CAP_ALLOW
1285         ),
1286         'clonepermissionsfrom' =>  'moodle/question:manage'
1287     ),
1288     'moodle/question:viewall' => array(
1289         'captype' => 'read',
1290         'contextlevel' => CONTEXT_COURSE,
1291         'archetypes' => array(
1292             'editingteacher' => CAP_ALLOW,
1293             'manager' => CAP_ALLOW
1294         ),
1295         'clonepermissionsfrom' =>  'moodle/question:manage'
1296     ),
1297     'moodle/question:usemine' => array(
1298         'captype' => 'read',
1299         'contextlevel' => CONTEXT_COURSE,
1300         'archetypes' => array(
1301             'editingteacher' => CAP_ALLOW,
1302             'manager' => CAP_ALLOW
1303         ),
1304         'clonepermissionsfrom' =>  'moodle/question:manage'
1305     ),
1306     'moodle/question:useall' => array(
1307         'captype' => 'read',
1308         'contextlevel' => CONTEXT_COURSE,
1309         'archetypes' => array(
1310             'editingteacher' => CAP_ALLOW,
1311             'manager' => CAP_ALLOW
1312         ),
1313         'clonepermissionsfrom' =>  'moodle/question:manage'
1314     ),
1315     'moodle/question:movemine' => array(
1316         'captype' => 'write',
1317         'contextlevel' => CONTEXT_COURSE,
1318         'archetypes' => array(
1319             'editingteacher' => CAP_ALLOW,
1320             'manager' => CAP_ALLOW
1321         ),
1322         'clonepermissionsfrom' =>  'moodle/question:manage'
1323     ),
1324     'moodle/question:moveall' => array(
1325         'captype' => 'write',
1326         'contextlevel' => CONTEXT_COURSE,
1327         'archetypes' => array(
1328             'editingteacher' => CAP_ALLOW,
1329             'manager' => CAP_ALLOW
1330         ),
1331         'clonepermissionsfrom' =>  'moodle/question:manage'
1332     ),
1333     //END new in moodle 1.9
1335     // Configure the installed question types.
1336     'moodle/question:config' => array(
1337         'riskbitmask' => RISK_CONFIG,
1338         'captype' => 'write',
1339         'contextlevel' => CONTEXT_SYSTEM,
1340         'archetypes' => array(
1341             'manager' => CAP_ALLOW
1342         )
1343     ),
1345     // While attempting questions, the ability to flag particular questions for later reference.
1346     'moodle/question:flag' => array(
1347         'captype' => 'write',
1348         'contextlevel' => CONTEXT_COURSE,
1349         'archetypes' => array(
1350             'student' => CAP_ALLOW,
1351             'teacher' => CAP_ALLOW,
1352             'editingteacher' => CAP_ALLOW,
1353             'coursecreator' => CAP_ALLOW,
1354             'manager' => CAP_ALLOW
1355         )
1356     ),
1358     'moodle/site:doclinks' => array(
1359         'captype' => 'read',
1360         'contextlevel' => CONTEXT_SYSTEM,
1361         'archetypes' => array(
1362             'teacher' => CAP_ALLOW,
1363             'editingteacher' => CAP_ALLOW,
1364             'manager' => CAP_ALLOW
1365         )
1366     ),
1368     'moodle/course:sectionvisibility' => array(
1370         'captype' => 'write',
1371         'contextlevel' => CONTEXT_COURSE,
1372         'archetypes' => array(
1373             'editingteacher' => CAP_ALLOW,
1374             'manager' => CAP_ALLOW
1375         )
1376     ),
1378     'moodle/course:useremail' => array(
1380         'captype' => 'write',
1381         'contextlevel' => CONTEXT_COURSE,
1382         'archetypes' => array(
1383             'editingteacher' => CAP_ALLOW,
1384             'manager' => CAP_ALLOW
1385         )
1386     ),
1388     'moodle/course:viewhiddensections' => array(
1390         'captype' => 'write',
1391         'contextlevel' => CONTEXT_COURSE,
1392         'archetypes' => array(
1393             'editingteacher' => CAP_ALLOW,
1394             'manager' => CAP_ALLOW
1395         )
1396     ),
1398     'moodle/course:setcurrentsection' => array(
1400         'captype' => 'write',
1401         'contextlevel' => CONTEXT_COURSE,
1402         'archetypes' => array(
1403             'editingteacher' => CAP_ALLOW,
1404             'manager' => CAP_ALLOW
1405         )
1406     ),
1408     'moodle/site:mnetlogintoremote' => array(
1410         'captype' => 'read',
1411         'contextlevel' => CONTEXT_SYSTEM,
1412         'archetypes' => array(
1413         )
1414     ),
1416     'moodle/grade:viewall' => array(
1417         'riskbitmask' => RISK_PERSONAL,
1418         'captype' => 'read',
1419         'contextlevel' => CONTEXT_COURSE, // and CONTEXT_USER
1420         'archetypes' => array(
1421             'teacher' => CAP_ALLOW,
1422             'editingteacher' => CAP_ALLOW,
1423             'manager' => CAP_ALLOW
1424         ),
1425         'clonepermissionsfrom' => 'moodle/course:viewcoursegrades'
1426     ),
1428     'moodle/grade:view' => array(
1429         'captype' => 'read',
1430         'contextlevel' => CONTEXT_COURSE,
1431         'archetypes' => array(
1432             'student' => CAP_ALLOW
1433         )
1434     ),
1436     'moodle/grade:viewhidden' => array(
1437         'riskbitmask' => RISK_PERSONAL,
1438         'captype' => 'read',
1439         'contextlevel' => CONTEXT_COURSE,
1440         'archetypes' => array(
1441             'teacher' => CAP_ALLOW,
1442             'editingteacher' => CAP_ALLOW,
1443             'manager' => CAP_ALLOW
1444         ),
1445         'clonepermissionsfrom' => 'moodle/course:viewcoursegrades'
1446     ),
1448     'moodle/grade:import' => array(
1449         'riskbitmask' => RISK_PERSONAL | RISK_XSS,
1450         'captype' => 'write',
1451         'contextlevel' => CONTEXT_COURSE,
1452         'archetypes' => array(
1453             'editingteacher' => CAP_ALLOW,
1454             'manager' => CAP_ALLOW
1455         ),
1456         'clonepermissionsfrom' => 'moodle/course:managegrades'
1457     ),
1459     'moodle/grade:export' => array(
1460         'riskbitmask' => RISK_PERSONAL,
1461         'captype' => 'read',
1462         'contextlevel' => CONTEXT_COURSE,
1463         'archetypes' => array(
1464             'teacher' => CAP_ALLOW,
1465             'editingteacher' => CAP_ALLOW,
1466             'manager' => CAP_ALLOW
1467         ),
1468         'clonepermissionsfrom' => 'moodle/course:managegrades'
1469     ),
1471     'moodle/grade:manage' => array(
1472         'riskbitmask' => RISK_PERSONAL | RISK_XSS,
1473         'captype' => 'write',
1474         'contextlevel' => CONTEXT_COURSE,
1475         'archetypes' => array(
1476             'editingteacher' => CAP_ALLOW,
1477             'manager' => CAP_ALLOW
1478         ),
1479         'clonepermissionsfrom' => 'moodle/course:managegrades'
1480     ),
1482     'moodle/grade:edit' => array(
1483         'riskbitmask' => RISK_PERSONAL | RISK_XSS,
1484         'captype' => 'write',
1485         'contextlevel' => CONTEXT_COURSE,
1486         'archetypes' => array(
1487             'editingteacher' => CAP_ALLOW,
1488             'manager' => CAP_ALLOW
1489         ),
1490         'clonepermissionsfrom' => 'moodle/course:managegrades'
1491     ),
1493     'moodle/grade:manageoutcomes' => array(
1494         'captype' => 'write',
1495         'contextlevel' => CONTEXT_COURSE,
1496         'archetypes' => array(
1497             'editingteacher' => CAP_ALLOW,
1498             'manager' => CAP_ALLOW
1499         ),
1500         'clonepermissionsfrom' => 'moodle/course:managegrades'
1501     ),
1503     'moodle/grade:manageletters' => array(
1504         'captype' => 'write',
1505         'contextlevel' => CONTEXT_COURSE,
1506         'archetypes' => array(
1507             'editingteacher' => CAP_ALLOW,
1508             'manager' => CAP_ALLOW
1509         ),
1510         'clonepermissionsfrom' => 'moodle/course:managegrades'
1511     ),
1513     'moodle/grade:hide' => array(
1514         'captype' => 'write',
1515         'contextlevel' => CONTEXT_COURSE,
1516         'archetypes' => array(
1517             'editingteacher' => CAP_ALLOW,
1518             'manager' => CAP_ALLOW
1519         )
1520     ),
1522     'moodle/grade:lock' => array(
1523         'captype' => 'write',
1524         'contextlevel' => CONTEXT_COURSE,
1525         'archetypes' => array(
1526             'editingteacher' => CAP_ALLOW,
1527             'manager' => CAP_ALLOW
1528         )
1529     ),
1531     'moodle/grade:unlock' => array(
1532         'captype' => 'write',
1533         'contextlevel' => CONTEXT_COURSE,
1534         'archetypes' => array(
1535             'editingteacher' => CAP_ALLOW,
1536             'manager' => CAP_ALLOW
1537         )
1538     ),
1540     'moodle/my:manageblocks' => array(
1541         'captype' => 'write',
1542         'contextlevel' => CONTEXT_SYSTEM,
1543         'archetypes' => array(
1544             'user' => CAP_ALLOW
1545         )
1546     ),
1548     'moodle/notes:view' => array(
1549         'captype' => 'read',
1550         'contextlevel' => CONTEXT_COURSE,
1551         'archetypes' => array(
1552             'teacher' => CAP_ALLOW,
1553             'editingteacher' => CAP_ALLOW,
1554             'manager' => CAP_ALLOW
1555         )
1556     ),
1558     'moodle/notes:manage' => array(
1559         'riskbitmask' => RISK_SPAM,
1561         'captype' => 'write',
1562         'contextlevel' => CONTEXT_COURSE,
1563         'archetypes' => array(
1564             'teacher' => CAP_ALLOW,
1565             'editingteacher' => CAP_ALLOW,
1566             'manager' => CAP_ALLOW
1567         )
1568     ),
1570     'moodle/tag:manage' => array(
1571         'riskbitmask' => RISK_SPAM,
1573         'captype' => 'write',
1574         'contextlevel' => CONTEXT_SYSTEM,
1575         'archetypes' => array(
1576             'teacher' => CAP_ALLOW,
1577             'editingteacher' => CAP_ALLOW,
1578             'manager' => CAP_ALLOW
1579         )
1580     ),
1582     'moodle/tag:create' => array(
1583         'riskbitmask' => RISK_SPAM,
1585         'captype' => 'write',
1586         'contextlevel' => CONTEXT_SYSTEM,
1587         'archetypes' => array(
1588             'manager' => CAP_ALLOW,
1589             'user' => CAP_ALLOW
1590         )
1591     ),
1593     'moodle/tag:edit' => array(
1594         'riskbitmask' => RISK_SPAM,
1596         'captype' => 'write',
1597         'contextlevel' => CONTEXT_SYSTEM,
1598         'archetypes' => array(
1599             'manager' => CAP_ALLOW,
1600             'user' => CAP_ALLOW
1601         )
1602     ),
1604     'moodle/tag:editblocks' => array(
1605         'captype' => 'write',
1606         'contextlevel' => CONTEXT_SYSTEM,
1607         'archetypes' => array(
1608             'teacher' => CAP_ALLOW,
1609             'editingteacher' => CAP_ALLOW,
1610             'manager' => CAP_ALLOW
1611         )
1612     ),
1614     'moodle/block:view' => array(
1615         'captype' => 'read',
1616         'contextlevel' => CONTEXT_BLOCK,
1617         'archetypes' => array(
1618             'guest' => CAP_ALLOW,
1619             'user' => CAP_ALLOW,
1620             'student' => CAP_ALLOW,
1621             'teacher' => CAP_ALLOW,
1622             'editingteacher' => CAP_ALLOW,
1623             'coursecreator' => CAP_ALLOW
1624         )
1625     ),
1627     'moodle/block:edit' => array(
1628         'riskbitmask' => RISK_SPAM | RISK_XSS,
1630         'captype' => 'write',
1631         'contextlevel' => CONTEXT_BLOCK,
1632         'archetypes' => array(
1633             'editingteacher' => CAP_ALLOW,
1634             'coursecreator' => CAP_ALLOW
1635         )
1636     ),
1638     'moodle/portfolio:export' => array(
1639         'captype' => 'read',
1640         'contextlevel' => CONTEXT_SYSTEM,
1641         'archetypes' => array(
1642             'user' => CAP_ALLOW,
1643             'student' => CAP_ALLOW,
1644             'teacher' => CAP_ALLOW,
1645             'editingteacher' => CAP_ALLOW,
1646             'coursecreator' => CAP_ALLOW
1647         )
1648     ),
1649     'moodle/comment:view' => array(
1651         'captype' => 'read',
1652         'contextlevel' => CONTEXT_COURSE,
1653         'archetypes' => array(
1654             'user' => CAP_ALLOW,
1655             'student' => CAP_ALLOW,
1656             'teacher' => CAP_ALLOW,
1657             'editingteacher' => CAP_ALLOW,
1658             'coursecreator' => CAP_ALLOW,
1659             'manager' => CAP_ALLOW
1660         )
1661     ),
1662     'moodle/comment:post' => array(
1664         'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
1665         'captype' => 'write',
1666         'contextlevel' => CONTEXT_COURSE,
1667         'archetypes' => array(
1668             'user' => CAP_ALLOW,
1669             'student' => CAP_ALLOW,
1670             'teacher' => CAP_ALLOW,
1671             'editingteacher' => CAP_ALLOW,
1672             'coursecreator' => CAP_ALLOW,
1673             'manager' => CAP_ALLOW
1674         )
1675     ),
1676     'moodle/comment:delete' => array(
1678         'riskbitmask' => RISK_DATALOSS,
1679         'captype' => 'write',
1680         'contextlevel' => CONTEXT_COURSE,
1681         'archetypes' => array(
1682             'editingteacher' => CAP_ALLOW,
1683             'coursecreator' => CAP_ALLOW,
1684             'manager' => CAP_ALLOW
1685         )
1686     ),
1687     'moodle/webservice:createtoken' => array(
1689         'riskbitmask' => RISK_CONFIG | RISK_DATALOSS | RISK_SPAM | RISK_PERSONAL | RISK_XSS,
1690         'captype' => 'write',
1691         'contextlevel' => CONTEXT_SYSTEM,
1692         'archetypes' => array(
1693             'manager' => CAP_ALLOW
1694         )
1695     ),
1696     'moodle/rating:view' => array(
1698         'captype' => 'read',
1699         'contextlevel' => CONTEXT_COURSE,
1700         'archetypes' => array(
1701             'user' => CAP_ALLOW,
1702             'student' => CAP_ALLOW,
1703             'teacher' => CAP_ALLOW,
1704             'editingteacher' => CAP_ALLOW,
1705             'manager' => CAP_ALLOW
1706         )
1707     ),
1708     'moodle/rating:viewany' => array(
1710         'riskbitmask' => RISK_PERSONAL,
1711         'captype' => 'read',
1712         'contextlevel' => CONTEXT_COURSE,
1713         'archetypes' => array(
1714             'user' => CAP_ALLOW,
1715             'student' => CAP_ALLOW,
1716             'teacher' => CAP_ALLOW,
1717             'editingteacher' => CAP_ALLOW,
1718             'manager' => CAP_ALLOW
1719         )
1720     ),
1721     'moodle/rating:viewall' => array(
1723         'riskbitmask' => RISK_PERSONAL,
1724         'captype' => 'read',
1725         'contextlevel' => CONTEXT_COURSE,
1726         'archetypes' => array(
1727             'user' => CAP_ALLOW,
1728             'student' => CAP_ALLOW,
1729             'teacher' => CAP_ALLOW,
1730             'editingteacher' => CAP_ALLOW,
1731             'manager' => CAP_ALLOW
1732         )
1733     ),
1734     'moodle/rating:rate' => array(
1736         'captype' => 'write',
1737         'contextlevel' => CONTEXT_COURSE,
1738         'archetypes' => array(
1739             'user' => CAP_ALLOW,
1740             'student' => CAP_ALLOW,
1741             'teacher' => CAP_ALLOW,
1742             'editingteacher' => CAP_ALLOW,
1743             'manager' => CAP_ALLOW
1744         )
1745     ),
1746      'moodle/course:publish' => array(
1748         'captype' => 'write',
1749         'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
1750         'contextlevel' => CONTEXT_SYSTEM,
1751         'archetypes' => array(
1752             'manager' => CAP_ALLOW
1753         )
1754     ),
1755     'moodle/course:markcomplete' => array(
1756         'captype' => 'write',
1757         'contextlevel' => CONTEXT_COURSE,
1758         'archetypes' => array(
1759             'teacher' => CAP_ALLOW,
1760             'editingteacher' => CAP_ALLOW,
1761             'coursecreator' => CAP_ALLOW,
1762             'manager' => CAP_ALLOW
1763         )
1764     ),
1765     'moodle/community:add' => array(
1766         'captype' => 'write',
1767         'contextlevel' => CONTEXT_SYSTEM,
1768         'archetypes' => array(
1769             'manager' => CAP_ALLOW,
1770             'teacher' => CAP_ALLOW,
1771             'editingteacher' => CAP_ALLOW,
1772             'coursecreator' => CAP_ALLOW
1773         )
1774     ),
1775     'moodle/community:download' => array(
1776         'captype' => 'write',
1777         'contextlevel' => CONTEXT_SYSTEM,
1778         'archetypes' => array(
1779             'manager' => CAP_ALLOW,
1780             'editingteacher' => CAP_ALLOW,
1781             'coursecreator' => CAP_ALLOW
1782         )
1783     )
1784 );