MDL-30981 Upgrade API: Added related phpdocs
[moodle.git] / lib / db / access.php
1 <?php
2 // This file is part of Moodle - http://moodle.org/
3 //
4 // Moodle is free software: you can redistribute it and/or modify
5 // it under the terms of the GNU General Public License as published by
6 // the Free Software Foundation, either version 3 of the License, or
7 // (at your option) any later version.
8 //
9 // Moodle is distributed in the hope that it will be useful,
10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12 // GNU General Public License for more details.
13 //
14 // You should have received a copy of the GNU General Public License
15 // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
17 /**
18  * Capability definitions for Moodle core.
19  *
20  * The capabilities are loaded into the database table when the module is
21  * installed or updated. Whenever the capability definitions are updated,
22  * the module version number should be bumped up.
23  *
24  * The system has four possible values for a capability:
25  * CAP_ALLOW, CAP_PREVENT, CAP_PROHIBIT, and inherit (not set).
26  *
27  *
28  * CAPABILITY NAMING CONVENTION
29  *
30  * It is important that capability names are unique. The naming convention
31  * for capabilities that are specific to modules and blocks is as follows:
32  *   [mod/block]/<plugin_name>:<capabilityname>
33  *
34  * component_name should be the same as the directory name of the mod or block.
35  *
36  * Core moodle capabilities are defined thus:
37  *    moodle/<capabilityclass>:<capabilityname>
38  *
39  * Examples: mod/forum:viewpost
40  *           block/recent_activity:view
41  *           moodle/site:deleteuser
42  *
43  * The variable name for the capability definitions array is $capabilities
44  *
45  * For more information, take a look to the documentation available:
46  *     - Access API: {@link http://docs.moodle.org/dev/Access_API}
47  *     - Upgrade API: {@link http://docs.moodle.org/dev/Upgrade_API}
48  *
49  * @package   core_access
50  * @category  access
51  * @copyright 2006 onwards Martin Dougiamas  http://dougiamas.com
52  * @license   http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
53  */
55 defined('MOODLE_INTERNAL') || die();
57 $capabilities = array(
58     'moodle/site:config' => array(
60         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS | RISK_CONFIG | RISK_DATALOSS,
62         'captype' => 'write',
63         'contextlevel' => CONTEXT_SYSTEM,
64         'archetypes' => array(
65         )
66     ),
68     'moodle/site:readallmessages' => array(
70         'riskbitmask' => RISK_PERSONAL,
72         'captype' => 'read',
73         'contextlevel' => CONTEXT_SYSTEM,
74         'archetypes' => array(
75             'manager' => CAP_ALLOW,
76             'editingteacher' => CAP_ALLOW
77         )
78     ),
80     'moodle/site:sendmessage' => array(
82         'riskbitmask' => RISK_SPAM,
84         'captype' => 'write',
85         'contextlevel' => CONTEXT_SYSTEM,
86         'archetypes' => array(
87             'manager' => CAP_ALLOW,
88             'user' => CAP_ALLOW
89         )
90     ),
92     'moodle/site:approvecourse' => array(
94         'riskbitmask' => RISK_XSS,
96         'captype' => 'write',
97         'contextlevel' => CONTEXT_SYSTEM,
98         'archetypes' => array(
99             'manager' => CAP_ALLOW
100         )
101     ),
103     'moodle/backup:backupcourse' => array(
105         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
107         'captype' => 'write',
108         'contextlevel' => CONTEXT_COURSE,
109         'archetypes' => array(
110             'editingteacher' => CAP_ALLOW,
111             'manager' => CAP_ALLOW
112         ),
114         'clonepermissionsfrom' =>  'moodle/site:backup'
115     ),
117     'moodle/backup:backupsection' => array(
119         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
121         'captype' => 'write',
122         'contextlevel' => CONTEXT_COURSE,
123         'archetypes' => array(
124             'editingteacher' => CAP_ALLOW,
125             'manager' => CAP_ALLOW
126         ),
128         'clonepermissionsfrom' =>  'moodle/backup:backupcourse'
129     ),
131     'moodle/backup:backupactivity' => array(
133         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
135         'captype' => 'write',
136         'contextlevel' => CONTEXT_MODULE,
137         'archetypes' => array(
138             'editingteacher' => CAP_ALLOW,
139             'manager' => CAP_ALLOW
140         ),
142         'clonepermissionsfrom' =>  'moodle/backup:backupcourse'
143     ),
145     'moodle/backup:backuptargethub' => array(
147         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
149         'captype' => 'write',
150         'contextlevel' => CONTEXT_COURSE,
151         'archetypes' => array(
152             'editingteacher' => CAP_ALLOW,
153             'manager' => CAP_ALLOW
154         ),
156         'clonepermissionsfrom' =>  'moodle/backup:backupcourse'
157     ),
159     'moodle/backup:backuptargetimport' => array(
161         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
163         'captype' => 'write',
164         'contextlevel' => CONTEXT_COURSE,
165         'archetypes' => array(
166             'editingteacher' => CAP_ALLOW,
167             'manager' => CAP_ALLOW
168         ),
170         'clonepermissionsfrom' =>  'moodle/backup:backupcourse'
171     ),
173     'moodle/backup:downloadfile' => array(
175         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
177         'captype' => 'write',
178         'contextlevel' => CONTEXT_COURSE,
179         'archetypes' => array(
180             'editingteacher' => CAP_ALLOW,
181             'manager' => CAP_ALLOW
182         ),
184         'clonepermissionsfrom' =>  'moodle/site:backupdownload'
185     ),
187     'moodle/backup:configure' => array(
189         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
191         'captype' => 'write',
192         'contextlevel' => CONTEXT_COURSE,
193         'archetypes' => array(
194             'editingteacher' => CAP_ALLOW,
195             'manager' => CAP_ALLOW
196         )
197     ),
199     'moodle/backup:userinfo' => array(
201         'riskbitmask' => RISK_PERSONAL,
203         'captype' => 'read',
204         'contextlevel' => CONTEXT_COURSE,
205         'archetypes' => array(
206             'manager' => CAP_ALLOW
207         )
208     ),
210     'moodle/backup:anonymise' => array(
212         'riskbitmask' => RISK_PERSONAL,
214         'captype' => 'read',
215         'contextlevel' => CONTEXT_COURSE,
216         'archetypes' => array(
217             'manager' => CAP_ALLOW
218         )
219     ),
221     'moodle/restore:restorecourse' => array(
223         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
225         'captype' => 'write',
226         'contextlevel' => CONTEXT_COURSE,
227         'archetypes' => array(
228             'editingteacher' => CAP_ALLOW,
229             'manager' => CAP_ALLOW
230         ),
232         'clonepermissionsfrom' =>  'moodle/site:restore'
233     ),
235     'moodle/restore:restoresection' => array(
237         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
239         'captype' => 'write',
240         'contextlevel' => CONTEXT_COURSE,
241         'archetypes' => array(
242             'editingteacher' => CAP_ALLOW,
243             'manager' => CAP_ALLOW
244         ),
246         'clonepermissionsfrom' =>  'moodle/restore:restorecourse'
247     ),
249     'moodle/restore:restoreactivity' => array(
251         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
253         'captype' => 'write',
254         'contextlevel' => CONTEXT_COURSE,
255         'archetypes' => array(
256             'editingteacher' => CAP_ALLOW,
257             'manager' => CAP_ALLOW
258         ),
260         'clonepermissionsfrom' =>  'moodle/restore:restorecourse'
261     ),
263     'moodle/restore:viewautomatedfilearea' => array(
265         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
267         'captype' => 'write',
268         'contextlevel' => CONTEXT_COURSE,
269     ),
271     'moodle/restore:restoretargethub' => array(
273         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
275         'captype' => 'write',
276         'contextlevel' => CONTEXT_COURSE,
277         'archetypes' => array(
278             'editingteacher' => CAP_ALLOW,
279             'manager' => CAP_ALLOW
280         ),
282         'clonepermissionsfrom' =>  'moodle/restore:restorecourse'
283     ),
285     'moodle/restore:restoretargetimport' => array(
287         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
289         'captype' => 'write',
290         'contextlevel' => CONTEXT_COURSE,
291         'archetypes' => array(
292             'editingteacher' => CAP_ALLOW,
293             'manager' => CAP_ALLOW
294         ),
296         'clonepermissionsfrom' =>  'moodle/site:import'
297     ),
299     'moodle/restore:uploadfile' => array(
301         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
303         'captype' => 'write',
304         'contextlevel' => CONTEXT_COURSE,
305         'archetypes' => array(
306             'editingteacher' => CAP_ALLOW,
307             'manager' => CAP_ALLOW
308         ),
310         'clonepermissionsfrom' =>  'moodle/site:backupupload'
311     ),
313     'moodle/restore:configure' => array(
315         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
317         'captype' => 'write',
318         'contextlevel' => CONTEXT_COURSE,
319         'archetypes' => array(
320             'editingteacher' => CAP_ALLOW,
321             'manager' => CAP_ALLOW
322         )
323     ),
325     'moodle/restore:rolldates' => array(
327         'captype' => 'write',
328         'contextlevel' => CONTEXT_COURSE,
329         'archetypes' => array(
330             'coursecreator' => CAP_ALLOW,
331             'manager' => CAP_ALLOW
332         )
333     ),
335     'moodle/restore:userinfo' => array(
337         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS | RISK_CONFIG,
339         'captype' => 'write',
340         'contextlevel' => CONTEXT_COURSE,
341         'archetypes' => array(
342             'manager' => CAP_ALLOW
343         )
344     ),
346     'moodle/restore:createuser' => array(
348         'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
350         'captype' => 'write',
351         'contextlevel' => CONTEXT_SYSTEM,
352         'archetypes' => array(
353             'manager' => CAP_ALLOW
354         )
355     ),
357     'moodle/site:manageblocks' => array(
359         'riskbitmask' => RISK_SPAM | RISK_XSS,
361         'captype' => 'write',
362         'contextlevel' => CONTEXT_BLOCK,
363         'archetypes' => array(
364             'editingteacher' => CAP_ALLOW,
365             'manager' => CAP_ALLOW
366         )
367     ),
369     'moodle/site:accessallgroups' => array(
371         'captype' => 'read',
372         'contextlevel' => CONTEXT_COURSE,
373         'archetypes' => array(
374             'teacher' => CAP_ALLOW,
375             'editingteacher' => CAP_ALLOW,
376             'manager' => CAP_ALLOW
377         )
378     ),
380     'moodle/site:viewfullnames' => array(
382         'captype' => 'read',
383         'contextlevel' => CONTEXT_COURSE,
384         'archetypes' => array(
385             'teacher' => CAP_ALLOW,
386             'editingteacher' => CAP_ALLOW,
387             'manager' => CAP_ALLOW
388         )
389     ),
391     // In reports that give lists of users, extra information about each user's
392     // identity (the fields configured in site option showuseridentity) will be
393     // displayed to users who have this capability.
394     'moodle/site:viewuseridentity' => array(
396         'captype' => 'read',
397         'contextlevel' => CONTEXT_COURSE,
398         'archetypes' => array(
399             'teacher' => CAP_ALLOW,
400             'editingteacher' => CAP_ALLOW,
401             'manager' => CAP_ALLOW
402         )
403     ),
405     'moodle/site:viewreports' => array(
407         'riskbitmask' => RISK_PERSONAL,
409         'captype' => 'read',
410         'contextlevel' => CONTEXT_COURSE,
411         'archetypes' => array(
412             'teacher' => CAP_ALLOW,
413             'editingteacher' => CAP_ALLOW,
414             'manager' => CAP_ALLOW
415         )
416     ),
418     'moodle/site:trustcontent' => array(
420         'riskbitmask' => RISK_XSS,
422         'captype' => 'write',
423         'contextlevel' => CONTEXT_COURSE,
424         'archetypes' => array(
425             'editingteacher' => CAP_ALLOW,
426             'manager' => CAP_ALLOW
427         )
428     ),
430     'moodle/site:uploadusers' => array(
432         'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
434         'captype' => 'write',
435         'contextlevel' => CONTEXT_SYSTEM,
436         'archetypes' => array(
437             'manager' => CAP_ALLOW
438         )
439     ),
441     // Permission to manage filter setting overrides in subcontexts.
442     'moodle/filter:manage' => array(
444         'captype' => 'write',
445         'contextlevel' => CONTEXT_COURSE,
446         'archetypes' => array(
447             'editingteacher' => CAP_ALLOW,
448             'manager' => CAP_ALLOW,
449         )
450     ),
452     'moodle/user:create' => array(
454         'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
456         'captype' => 'write',
457         'contextlevel' => CONTEXT_SYSTEM,
458         'archetypes' => array(
459             'manager' => CAP_ALLOW
460         )
461     ),
463     'moodle/user:delete' => array(
465         'riskbitmask' => RISK_PERSONAL, RISK_DATALOSS,
467         'captype' => 'write',
468         'contextlevel' => CONTEXT_SYSTEM,
469         'archetypes' => array(
470             'manager' => CAP_ALLOW
471         )
472     ),
474     'moodle/user:update' => array(
476         'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
478         'captype' => 'write',
479         'contextlevel' => CONTEXT_SYSTEM,
480         'archetypes' => array(
481             'manager' => CAP_ALLOW
482         )
483     ),
485     'moodle/user:viewdetails' => array(
487         'captype' => 'read',
488         'contextlevel' => CONTEXT_COURSE,
489         'archetypes' => array(
490             'guest' => CAP_ALLOW,
491             'student' => CAP_ALLOW,
492             'teacher' => CAP_ALLOW,
493             'editingteacher' => CAP_ALLOW,
494             'manager' => CAP_ALLOW
495         )
496     ),
498     'moodle/user:viewalldetails' => array(
499         'riskbitmask' => RISK_PERSONAL,
500         'captype' => 'read',
501         'contextlevel' => CONTEXT_USER,
502         'archetypes' => array(
503             'manager' => CAP_ALLOW
504         ),
505         'clonepermissionsfrom' => 'moodle/user:update'
506     ),
508     'moodle/user:viewhiddendetails' => array(
510         'riskbitmask' => RISK_PERSONAL,
512         'captype' => 'read',
513         'contextlevel' => CONTEXT_COURSE,
514         'archetypes' => array(
515             'teacher' => CAP_ALLOW,
516             'editingteacher' => CAP_ALLOW,
517             'manager' => CAP_ALLOW
518         )
519     ),
521     'moodle/user:loginas' => array(
523         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS | RISK_CONFIG,
525         'captype' => 'write',
526         'contextlevel' => CONTEXT_COURSE,
527         'archetypes' => array(
528             'manager' => CAP_ALLOW
529         )
530     ),
532     // can the user manage the system default profile page?
533     'moodle/user:managesyspages' => array(
535         'riskbitmap' => RISK_SPAM | RISK_PERSONAL | RISK_CONFIG,
537         'captype' => 'write',
538         'contextlevel' => CONTEXT_SYSTEM,
539         'archetypes' => array(
540             'manager' => CAP_ALLOW
541         )
542     ),
544     // can the user manage another user's profile page?
545     'moodle/user:manageblocks' => array(
547         'riskbitmap' => RISK_SPAM | RISK_PERSONAL,
549         'captype' => 'write',
550         'contextlevel' => CONTEXT_USER
551     ),
553     // can the user manage their own profile page?
554     'moodle/user:manageownblocks' => array(
556         'riskbitmap' => RISK_SPAM | RISK_PERSONAL,
558         'captype' => 'write',
559         'contextlevel' => CONTEXT_SYSTEM,
560         'archetypes' => array(
561             'user' => CAP_ALLOW
562         )
563     ),
565     // can the user manage their own files?
566     'moodle/user:manageownfiles' => array(
568         'riskbitmap' => RISK_SPAM | RISK_PERSONAL,
570         'captype' => 'write',
571         'contextlevel' => CONTEXT_SYSTEM,
572         'archetypes' => array(
573             'user' => CAP_ALLOW
574         )
575     ),
577     // can the user manage the system default dashboard page?
578     'moodle/my:configsyspages' => array(
580         'riskbitmap' => RISK_SPAM | RISK_PERSONAL | RISK_CONFIG,
582         'captype' => 'write',
583         'contextlevel' => CONTEXT_SYSTEM,
584         'archetypes' => array(
585             'manager' => CAP_ALLOW
586         )
587     ),
589     'moodle/role:assign' => array(
591         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
593         'captype' => 'write',
594         'contextlevel' => CONTEXT_COURSE,
595         'archetypes' => array(
596             'editingteacher' => CAP_ALLOW,
597             'manager' => CAP_ALLOW
598         )
599     ),
601     'moodle/role:review' => array(
603         'riskbitmask' => RISK_PERSONAL,
605         'captype' => 'read',
606         'contextlevel' => CONTEXT_COURSE,
607         'archetypes' => array(
608             'teacher' => CAP_ALLOW,
609             'editingteacher' => CAP_ALLOW,
610             'manager' => CAP_ALLOW
611         )
612     ),
614     'moodle/role:override' => array(
616         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
618         'captype' => 'write',
619         'contextlevel' => CONTEXT_COURSE,
620         'archetypes' => array(
621             'manager' => CAP_ALLOW
622         )
623     ),
625     'moodle/role:safeoverride' => array(
627         'riskbitmask' => RISK_SPAM,
629         'captype' => 'write',
630         'contextlevel' => CONTEXT_COURSE,
631         'archetypes' => array(
632             'editingteacher' => CAP_ALLOW
633         )
634     ),
636     'moodle/role:manage' => array(
638         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
640         'captype' => 'write',
641         'contextlevel' => CONTEXT_SYSTEM,
642         'archetypes' => array(
643             'manager' => CAP_ALLOW
644         )
645     ),
647     'moodle/role:switchroles' => array(
649         'riskbitmask' => RISK_XSS | RISK_PERSONAL,
651         'captype' => 'read',
652         'contextlevel' => CONTEXT_COURSE,
653         'archetypes' => array(
654             'editingteacher' => CAP_ALLOW,
655             'manager' => CAP_ALLOW
656         )
657     ),
659     // Create, update and delete course categories. (Deleting a course category
660     // does not let you delete the courses it contains, unless you also have
661     // moodle/course: delete.) Creating and deleting requires this permission in
662     // the parent category.
663     'moodle/category:manage' => array(
665         'riskbitmask' => RISK_XSS,
667         'captype' => 'write',
668         'contextlevel' => CONTEXT_COURSECAT,
669         'archetypes' => array(
670             'manager' => CAP_ALLOW
671         ),
672         'clonepermissionsfrom' => 'moodle/category:update'
673     ),
675     'moodle/category:viewhiddencategories' => array(
677         'captype' => 'read',
678         'contextlevel' => CONTEXT_COURSECAT,
679         'archetypes' => array(
680             'coursecreator' => CAP_ALLOW,
681             'manager' => CAP_ALLOW
682         ),
683         'clonepermissionsfrom' => 'moodle/category:visibility'
684     ),
686     // create, delete, move cohorts in system and course categories,
687     // (cohorts with component !== null can be only moved)
688     'moodle/cohort:manage' => array(
690         'captype' => 'write',
691         'contextlevel' => CONTEXT_COURSECAT,
692         'archetypes' => array(
693             'manager' => CAP_ALLOW
694         )
695     ),
697     // add and remove cohort members (only for cohorts where component !== null)
698     'moodle/cohort:assign' => array(
700         'captype' => 'write',
701         'contextlevel' => CONTEXT_COURSECAT,
702         'archetypes' => array(
703             'manager' => CAP_ALLOW
704         )
705     ),
707     // view members of a cohort, this can be used in course context too,
708     // this also controls the ability to actually use cohort
709     'moodle/cohort:view' => array(
711         'captype' => 'read',
712         'contextlevel' => CONTEXT_COURSE,
713         'archetypes' => array(
714             'editingteacher' => CAP_ALLOW,
715             'manager' => CAP_ALLOW
716         )
717     ),
719     'moodle/course:create' => array(
721         'riskbitmask' => RISK_XSS,
723         'captype' => 'write',
724         'contextlevel' => CONTEXT_COURSECAT,
725         'archetypes' => array(
726             'coursecreator' => CAP_ALLOW,
727             'manager' => CAP_ALLOW
728         )
729     ),
731     'moodle/course:request' => array(
732         'captype' => 'write',
733         'contextlevel' => CONTEXT_SYSTEM,
734         'archetypes' => array(
735             'user' => CAP_ALLOW,
736         )
737     ),
739     'moodle/course:delete' => array(
741         'riskbitmask' => RISK_DATALOSS,
743         'captype' => 'write',
744         'contextlevel' => CONTEXT_COURSE,
745         'archetypes' => array(
746             'manager' => CAP_ALLOW
747         )
748     ),
750     'moodle/course:update' => array(
752         'riskbitmask' => RISK_XSS,
754         'captype' => 'write',
755         'contextlevel' => CONTEXT_COURSE,
756         'archetypes' => array(
757             'editingteacher' => CAP_ALLOW,
758             'manager' => CAP_ALLOW
759         )
760     ),
762     'moodle/course:view' => array(
764         'captype' => 'read',
765         'contextlevel' => CONTEXT_COURSE,
766         'archetypes' => array(
767             'manager' => CAP_ALLOW,
768         )
769     ),
771     /* review course enrolments - no group restrictions, it is really full access to all participants info*/
772     'moodle/course:enrolreview' => array(
774         'riskbitmask' => RISK_PERSONAL,
776         'captype' => 'read',
777         'contextlevel' => CONTEXT_COURSE,
778         'archetypes' => array(
779             'editingteacher' => CAP_ALLOW,
780             'manager' => CAP_ALLOW,
781         )
782     ),
784     /* add, remove, hide enrol instances in courses */
785     'moodle/course:enrolconfig' => array(
787         'riskbitmask' => RISK_PERSONAL,
789         'captype' => 'write',
790         'contextlevel' => CONTEXT_COURSE,
791         'archetypes' => array(
792             'editingteacher' => CAP_ALLOW,
793             'manager' => CAP_ALLOW,
794         )
795     ),
797     'moodle/course:bulkmessaging' => array(
799         'riskbitmask' => RISK_SPAM,
801         'captype' => 'write',
802         'contextlevel' => CONTEXT_COURSE,
803         'archetypes' => array(
804             'teacher' => CAP_ALLOW,
805             'editingteacher' => CAP_ALLOW,
806             'manager' => CAP_ALLOW
807         )
808     ),
810     'moodle/course:viewhiddenuserfields' => array(
812         'riskbitmask' => RISK_PERSONAL,
814         'captype' => 'read',
815         'contextlevel' => CONTEXT_COURSE,
816         'archetypes' => array(
817             'teacher' => CAP_ALLOW,
818             'editingteacher' => CAP_ALLOW,
819             'manager' => CAP_ALLOW
820         )
821     ),
823     'moodle/course:viewhiddencourses' => array(
825         'captype' => 'read',
826         'contextlevel' => CONTEXT_COURSE,
827         'archetypes' => array(
828             'coursecreator' => CAP_ALLOW,
829             'teacher' => CAP_ALLOW,
830             'editingteacher' => CAP_ALLOW,
831             'manager' => CAP_ALLOW
832         )
833     ),
835     'moodle/course:visibility' => array(
837         'captype' => 'write',
838         'contextlevel' => CONTEXT_COURSE,
839         'archetypes' => array(
840             'editingteacher' => CAP_ALLOW,
841             'manager' => CAP_ALLOW
842         )
843     ),
845     'moodle/course:managefiles' => array(
847         'riskbitmask' => RISK_XSS,
849         'captype' => 'write',
850         'contextlevel' => CONTEXT_COURSE,
851         'archetypes' => array(
852             'editingteacher' => CAP_ALLOW,
853             'manager' => CAP_ALLOW
854         )
855     ),
857     'moodle/course:manageactivities' => array(
859         'riskbitmask' => RISK_XSS,
861         'captype' => 'write',
862         'contextlevel' => CONTEXT_MODULE,
863         'archetypes' => array(
864             'editingteacher' => CAP_ALLOW,
865             'manager' => CAP_ALLOW
866         )
867     ),
869     'moodle/course:activityvisibility' => array(
871         'captype' => 'write',
872         'contextlevel' => CONTEXT_MODULE,
873         'archetypes' => array(
874             'editingteacher' => CAP_ALLOW,
875             'manager' => CAP_ALLOW
876         )
877     ),
879     'moodle/course:viewhiddenactivities' => array(
881         'captype' => 'write',
882         'contextlevel' => CONTEXT_MODULE,
883         'archetypes' => array(
884             'teacher' => CAP_ALLOW,
885             'editingteacher' => CAP_ALLOW,
886             'manager' => CAP_ALLOW
887         )
888     ),
890     'moodle/course:viewparticipants' => array(
892         'captype' => 'read',
893         'contextlevel' => CONTEXT_COURSE,
894         'archetypes' => array(
895             'student' => CAP_ALLOW,
896             'teacher' => CAP_ALLOW,
897             'editingteacher' => CAP_ALLOW,
898             'manager' => CAP_ALLOW
899         )
900     ),
902     'moodle/course:changefullname' => array(
904         'riskbitmask' => RISK_XSS,
906         'captype' => 'write',
907         'contextlevel' => CONTEXT_COURSE,
908         'archetypes' => array(
909             'editingteacher' => CAP_ALLOW,
910             'manager' => CAP_ALLOW
911         ),
912         'clonepermissionsfrom' => 'moodle/course:update'
913     ),
915     'moodle/course:changeshortname' => array(
917         'riskbitmask' => RISK_XSS,
919         'captype' => 'write',
920         'contextlevel' => CONTEXT_COURSE,
921         'archetypes' => array(
922             'editingteacher' => CAP_ALLOW,
923             'manager' => CAP_ALLOW
924         ),
925         'clonepermissionsfrom' => 'moodle/course:update'
926     ),
928     'moodle/course:changeidnumber' => array(
930         'riskbitmask' => RISK_XSS,
932         'captype' => 'write',
933         'contextlevel' => CONTEXT_COURSE,
934         'archetypes' => array(
935             'editingteacher' => CAP_ALLOW,
936             'manager' => CAP_ALLOW
937         ),
938         'clonepermissionsfrom' => 'moodle/course:update'
939     ),
940     'moodle/course:changecategory' => array(
941         'riskbitmask' => RISK_XSS,
943         'captype' => 'write',
944         'contextlevel' => CONTEXT_COURSE,
945         'archetypes' => array(
946             'editingteacher' => CAP_ALLOW,
947             'manager' => CAP_ALLOW
948         ),
949         'clonepermissionsfrom' => 'moodle/course:update'
950     ),
952     'moodle/course:changesummary' => array(
953         'riskbitmask' => RISK_XSS,
955         'captype' => 'write',
956         'contextlevel' => CONTEXT_COURSE,
957         'archetypes' => array(
958             'editingteacher' => CAP_ALLOW,
959             'manager' => CAP_ALLOW
960         ),
961         'clonepermissionsfrom' => 'moodle/course:update'
962     ),
965     'moodle/site:viewparticipants' => array(
967         'captype' => 'read',
968         'contextlevel' => CONTEXT_SYSTEM,
969         'archetypes' => array(
970             'manager' => CAP_ALLOW
971         )
972     ),
974     'moodle/course:viewscales' => array(
976         'captype' => 'read',
977         'contextlevel' => CONTEXT_COURSE,
978         'archetypes' => array(
979             'student' => CAP_ALLOW,
980             'teacher' => CAP_ALLOW,
981             'editingteacher' => CAP_ALLOW,
982             'manager' => CAP_ALLOW
983         )
984     ),
986     'moodle/course:managescales' => array(
988         'captype' => 'write',
989         'contextlevel' => CONTEXT_COURSE,
990         'archetypes' => array(
991             'editingteacher' => CAP_ALLOW,
992             'manager' => CAP_ALLOW
993         )
994     ),
996     'moodle/course:managegroups' => array(
998         'captype' => 'write',
999         'contextlevel' => CONTEXT_COURSE,
1000         'archetypes' => array(
1001             'editingteacher' => CAP_ALLOW,
1002             'manager' => CAP_ALLOW
1003         )
1004     ),
1006     'moodle/course:reset' => array(
1008         'riskbitmask' => RISK_DATALOSS,
1010         'captype' => 'write',
1011         'contextlevel' => CONTEXT_COURSE,
1012         'archetypes' => array(
1013             'editingteacher' => CAP_ALLOW,
1014             'manager' => CAP_ALLOW
1015         )
1016     ),
1018     'moodle/blog:view' => array(
1020         'captype' => 'read',
1021         'contextlevel' => CONTEXT_SYSTEM,
1022         'archetypes' => array(
1023             'guest' => CAP_ALLOW,
1024             'user' => CAP_ALLOW,
1025             'student' => CAP_ALLOW,
1026             'teacher' => CAP_ALLOW,
1027             'editingteacher' => CAP_ALLOW,
1028             'manager' => CAP_ALLOW
1029         )
1030     ),
1032     'moodle/blog:search' => array(
1033         'captype' => 'read',
1034         'contextlevel' => CONTEXT_SYSTEM,
1035         'archetypes' => array(
1036             'guest' => CAP_ALLOW,
1037             'user' => CAP_ALLOW,
1038             'student' => CAP_ALLOW,
1039             'teacher' => CAP_ALLOW,
1040             'editingteacher' => CAP_ALLOW,
1041             'manager' => CAP_ALLOW
1042         )
1043     ),
1045     'moodle/blog:viewdrafts' => array(
1047         'riskbitmask' => RISK_PERSONAL,
1048         'captype' => 'read',
1049         'contextlevel' => CONTEXT_SYSTEM,
1050         'archetypes' => array(
1051             'manager' => CAP_ALLOW
1052         )
1053     ),
1055     'moodle/blog:create' => array( // works in CONTEXT_SYSTEM only
1057         'riskbitmask' => RISK_SPAM,
1059         'captype' => 'write',
1060         'contextlevel' => CONTEXT_SYSTEM,
1061         'archetypes' => array(
1062             'user' => CAP_ALLOW,
1063             'manager' => CAP_ALLOW
1064         )
1065     ),
1067     'moodle/blog:manageentries' => array(
1069         'riskbitmask' => RISK_SPAM,
1071         'captype' => 'write',
1072         'contextlevel' => CONTEXT_SYSTEM,
1073         'archetypes' => array(
1074             'teacher' => CAP_ALLOW,
1075             'editingteacher' => CAP_ALLOW,
1076             'manager' => CAP_ALLOW
1077         )
1078     ),
1080     'moodle/blog:manageexternal' => array(
1082         'riskbitmask' => RISK_SPAM,
1084         'captype' => 'write',
1085         'contextlevel' => CONTEXT_SYSTEM,
1086         'archetypes' => array(
1087             'student' => CAP_ALLOW,
1088             'user' => CAP_ALLOW,
1089             'teacher' => CAP_ALLOW,
1090             'editingteacher' => CAP_ALLOW,
1091             'manager' => CAP_ALLOW
1092         )
1093     ),
1095     'moodle/blog:associatecourse' => array(
1097         'captype' => 'write',
1098         'contextlevel' => CONTEXT_COURSE,
1099         'archetypes' => array(
1100             'student' => CAP_ALLOW,
1101             'user' => CAP_ALLOW,
1102             'teacher' => CAP_ALLOW,
1103             'editingteacher' => CAP_ALLOW,
1104             'manager' => CAP_ALLOW
1105         )
1106     ),
1108     'moodle/blog:associatemodule' => array(
1110         'captype' => 'write',
1111         'contextlevel' => CONTEXT_MODULE,
1112         'archetypes' => array(
1113             'student' => CAP_ALLOW,
1114             'user' => CAP_ALLOW,
1115             'teacher' => CAP_ALLOW,
1116             'editingteacher' => CAP_ALLOW,
1117             'manager' => CAP_ALLOW
1118         )
1119     ),
1121     'moodle/calendar:manageownentries' => array( // works in CONTEXT_SYSTEM only
1123         'riskbitmask' => RISK_SPAM,
1125         'captype' => 'write',
1126         'contextlevel' => CONTEXT_COURSE,
1127         'archetypes' => array(
1128             'user' => CAP_ALLOW,
1129             'manager' => CAP_ALLOW
1130         )
1131     ),
1133     'moodle/calendar:managegroupentries' => array(
1135         'riskbitmask' => RISK_SPAM,
1137         'captype' => 'write',
1138         'contextlevel' => CONTEXT_COURSE,
1139         'archetypes' => array(
1140             'teacher' => CAP_ALLOW,
1141             'editingteacher' => CAP_ALLOW,
1142             'manager' => CAP_ALLOW
1143         )
1144     ),
1146     'moodle/calendar:manageentries' => array(
1148         'riskbitmask' => RISK_SPAM,
1150         'captype' => 'write',
1151         'contextlevel' => CONTEXT_COURSE,
1152         'archetypes' => array(
1153             'teacher' => CAP_ALLOW,
1154             'editingteacher' => CAP_ALLOW,
1155             'manager' => CAP_ALLOW
1156         )
1157     ),
1159     'moodle/user:editprofile' => array(
1161         'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
1163         'captype' => 'write',
1164         'contextlevel' => CONTEXT_USER,
1165         'archetypes' => array(
1166             'manager' => CAP_ALLOW
1167         )
1168     ),
1170     'moodle/user:editownprofile' => array(
1172         'riskbitmask' => RISK_SPAM,
1174         'captype' => 'write',
1175         'contextlevel' => CONTEXT_SYSTEM,
1176         'archetypes' => array(
1177             'guest' => CAP_PROHIBIT,
1178             'user' => CAP_ALLOW,
1179             'manager' => CAP_ALLOW
1180         )
1181     ),
1183     'moodle/user:changeownpassword' => array(
1185         'captype' => 'write',
1186         'contextlevel' => CONTEXT_SYSTEM,
1187         'archetypes' => array(
1188             'guest' => CAP_PROHIBIT,
1189             'user' => CAP_ALLOW,
1190             'manager' => CAP_ALLOW
1191         )
1192     ),
1194     // The next 3 might make no sense for some roles, e.g teacher, etc.
1195     // since the next level up is site. These are more for the parent role
1196     'moodle/user:readuserposts' => array(
1198         'captype' => 'read',
1199         'contextlevel' => CONTEXT_USER,
1200         'archetypes' => array(
1201             'student' => CAP_ALLOW,
1202             'teacher' => CAP_ALLOW,
1203             'editingteacher' => CAP_ALLOW,
1204             'manager' => CAP_ALLOW
1205         )
1206     ),
1208     'moodle/user:readuserblogs' => array(
1210         'captype' => 'read',
1211         'contextlevel' => CONTEXT_USER,
1212         'archetypes' => array(
1213             'student' => CAP_ALLOW,
1214             'teacher' => CAP_ALLOW,
1215             'editingteacher' => CAP_ALLOW,
1216             'manager' => CAP_ALLOW
1217         )
1218     ),
1220     // designed for parent role - not used in legacy roles
1221     'moodle/user:viewuseractivitiesreport' => array(
1222         'riskbitmask' => RISK_PERSONAL,
1224         'captype' => 'read',
1225         'contextlevel' => CONTEXT_USER,
1226         'archetypes' => array(
1227         )
1228     ),
1230     //capabilities designed for the new message system configuration
1231     'moodle/user:editmessageprofile' => array(
1233          'riskbitmask' => RISK_SPAM,
1235          'captype' => 'write',
1236          'contextlevel' => CONTEXT_USER,
1237          'archetypes' => array(
1238              'manager' => CAP_ALLOW
1239          )
1240      ),
1242      'moodle/user:editownmessageprofile' => array(
1244          'captype' => 'write',
1245          'contextlevel' => CONTEXT_SYSTEM,
1246          'archetypes' => array(
1247              'guest' => CAP_PROHIBIT,
1248              'user' => CAP_ALLOW,
1249              'manager' => CAP_ALLOW
1250          )
1251      ),
1253     'moodle/question:managecategory' => array(
1254         'riskbitmask' => RISK_SPAM | RISK_XSS,
1255         'captype' => 'write',
1256         'contextlevel' => CONTEXT_COURSE,
1257         'archetypes' => array(
1258             'editingteacher' => CAP_ALLOW,
1259             'manager' => CAP_ALLOW
1260         )
1261     ),
1263     //new in moodle 1.9
1264     'moodle/question:add' => array(
1265         'riskbitmask' => RISK_SPAM | RISK_XSS,
1266         'captype' => 'write',
1267         'contextlevel' => CONTEXT_COURSE,
1268         'archetypes' => array(
1269             'editingteacher' => CAP_ALLOW,
1270             'manager' => CAP_ALLOW
1271         ),
1272         'clonepermissionsfrom' =>  'moodle/question:manage'
1273     ),
1274     'moodle/question:editmine' => array(
1275         'riskbitmask' => RISK_SPAM | RISK_XSS,
1276         'captype' => 'write',
1277         'contextlevel' => CONTEXT_COURSE,
1278         'archetypes' => array(
1279             'editingteacher' => CAP_ALLOW,
1280             'manager' => CAP_ALLOW
1281         ),
1282         'clonepermissionsfrom' =>  'moodle/question:manage'
1283     ),
1284     'moodle/question:editall' => array(
1285         'riskbitmask' => RISK_SPAM | RISK_XSS,
1286         'captype' => 'write',
1287         'contextlevel' => CONTEXT_COURSE,
1288         'archetypes' => array(
1289             'editingteacher' => CAP_ALLOW,
1290             'manager' => CAP_ALLOW
1291         ),
1292         'clonepermissionsfrom' =>  'moodle/question:manage'
1293     ),
1294     'moodle/question:viewmine' => array(
1295         'captype' => 'read',
1296         'contextlevel' => CONTEXT_COURSE,
1297         'archetypes' => array(
1298             'editingteacher' => CAP_ALLOW,
1299             'manager' => CAP_ALLOW
1300         ),
1301         'clonepermissionsfrom' =>  'moodle/question:manage'
1302     ),
1303     'moodle/question:viewall' => array(
1304         'captype' => 'read',
1305         'contextlevel' => CONTEXT_COURSE,
1306         'archetypes' => array(
1307             'editingteacher' => CAP_ALLOW,
1308             'manager' => CAP_ALLOW
1309         ),
1310         'clonepermissionsfrom' =>  'moodle/question:manage'
1311     ),
1312     'moodle/question:usemine' => array(
1313         'captype' => 'read',
1314         'contextlevel' => CONTEXT_COURSE,
1315         'archetypes' => array(
1316             'editingteacher' => CAP_ALLOW,
1317             'manager' => CAP_ALLOW
1318         ),
1319         'clonepermissionsfrom' =>  'moodle/question:manage'
1320     ),
1321     'moodle/question:useall' => array(
1322         'captype' => 'read',
1323         'contextlevel' => CONTEXT_COURSE,
1324         'archetypes' => array(
1325             'editingteacher' => CAP_ALLOW,
1326             'manager' => CAP_ALLOW
1327         ),
1328         'clonepermissionsfrom' =>  'moodle/question:manage'
1329     ),
1330     'moodle/question:movemine' => array(
1331         'captype' => 'write',
1332         'contextlevel' => CONTEXT_COURSE,
1333         'archetypes' => array(
1334             'editingteacher' => CAP_ALLOW,
1335             'manager' => CAP_ALLOW
1336         ),
1337         'clonepermissionsfrom' =>  'moodle/question:manage'
1338     ),
1339     'moodle/question:moveall' => array(
1340         'captype' => 'write',
1341         'contextlevel' => CONTEXT_COURSE,
1342         'archetypes' => array(
1343             'editingteacher' => CAP_ALLOW,
1344             'manager' => CAP_ALLOW
1345         ),
1346         'clonepermissionsfrom' =>  'moodle/question:manage'
1347     ),
1348     //END new in moodle 1.9
1350     // Configure the installed question types.
1351     'moodle/question:config' => array(
1352         'riskbitmask' => RISK_CONFIG,
1353         'captype' => 'write',
1354         'contextlevel' => CONTEXT_SYSTEM,
1355         'archetypes' => array(
1356             'manager' => CAP_ALLOW
1357         )
1358     ),
1360     // While attempting questions, the ability to flag particular questions for later reference.
1361     'moodle/question:flag' => array(
1362         'captype' => 'write',
1363         'contextlevel' => CONTEXT_COURSE,
1364         'archetypes' => array(
1365             'student' => CAP_ALLOW,
1366             'teacher' => CAP_ALLOW,
1367             'editingteacher' => CAP_ALLOW,
1368             'manager' => CAP_ALLOW
1369         )
1370     ),
1372     'moodle/site:doclinks' => array(
1373         'captype' => 'read',
1374         'contextlevel' => CONTEXT_SYSTEM,
1375         'archetypes' => array(
1376             'teacher' => CAP_ALLOW,
1377             'editingteacher' => CAP_ALLOW,
1378             'manager' => CAP_ALLOW
1379         )
1380     ),
1382     'moodle/course:sectionvisibility' => array(
1384         'captype' => 'write',
1385         'contextlevel' => CONTEXT_COURSE,
1386         'archetypes' => array(
1387             'editingteacher' => CAP_ALLOW,
1388             'manager' => CAP_ALLOW
1389         )
1390     ),
1392     'moodle/course:useremail' => array(
1394         'captype' => 'write',
1395         'contextlevel' => CONTEXT_COURSE,
1396         'archetypes' => array(
1397             'editingteacher' => CAP_ALLOW,
1398             'manager' => CAP_ALLOW
1399         )
1400     ),
1402     'moodle/course:viewhiddensections' => array(
1404         'captype' => 'write',
1405         'contextlevel' => CONTEXT_COURSE,
1406         'archetypes' => array(
1407             'editingteacher' => CAP_ALLOW,
1408             'manager' => CAP_ALLOW
1409         )
1410     ),
1412     'moodle/course:setcurrentsection' => array(
1414         'captype' => 'write',
1415         'contextlevel' => CONTEXT_COURSE,
1416         'archetypes' => array(
1417             'editingteacher' => CAP_ALLOW,
1418             'manager' => CAP_ALLOW
1419         )
1420     ),
1422     'moodle/site:mnetlogintoremote' => array(
1424         'captype' => 'read',
1425         'contextlevel' => CONTEXT_SYSTEM,
1426         'archetypes' => array(
1427         )
1428     ),
1430     'moodle/grade:viewall' => array(
1431         'riskbitmask' => RISK_PERSONAL,
1432         'captype' => 'read',
1433         'contextlevel' => CONTEXT_COURSE, // and CONTEXT_USER
1434         'archetypes' => array(
1435             'teacher' => CAP_ALLOW,
1436             'editingteacher' => CAP_ALLOW,
1437             'manager' => CAP_ALLOW
1438         ),
1439         'clonepermissionsfrom' => 'moodle/course:viewcoursegrades'
1440     ),
1442     'moodle/grade:view' => array(
1443         'captype' => 'read',
1444         'contextlevel' => CONTEXT_COURSE,
1445         'archetypes' => array(
1446             'student' => CAP_ALLOW
1447         )
1448     ),
1450     'moodle/grade:viewhidden' => array(
1451         'riskbitmask' => RISK_PERSONAL,
1452         'captype' => 'read',
1453         'contextlevel' => CONTEXT_COURSE,
1454         'archetypes' => array(
1455             'teacher' => CAP_ALLOW,
1456             'editingteacher' => CAP_ALLOW,
1457             'manager' => CAP_ALLOW
1458         ),
1459         'clonepermissionsfrom' => 'moodle/course:viewcoursegrades'
1460     ),
1462     'moodle/grade:import' => array(
1463         'riskbitmask' => RISK_PERSONAL | RISK_XSS,
1464         'captype' => 'write',
1465         'contextlevel' => CONTEXT_COURSE,
1466         'archetypes' => array(
1467             'editingteacher' => CAP_ALLOW,
1468             'manager' => CAP_ALLOW
1469         ),
1470         'clonepermissionsfrom' => 'moodle/course:managegrades'
1471     ),
1473     'moodle/grade:export' => array(
1474         'riskbitmask' => RISK_PERSONAL,
1475         'captype' => 'read',
1476         'contextlevel' => CONTEXT_COURSE,
1477         'archetypes' => array(
1478             'teacher' => CAP_ALLOW,
1479             'editingteacher' => CAP_ALLOW,
1480             'manager' => CAP_ALLOW
1481         ),
1482         'clonepermissionsfrom' => 'moodle/course:managegrades'
1483     ),
1485     'moodle/grade:manage' => array(
1486         'riskbitmask' => RISK_PERSONAL | RISK_XSS,
1487         'captype' => 'write',
1488         'contextlevel' => CONTEXT_COURSE,
1489         'archetypes' => array(
1490             'editingteacher' => CAP_ALLOW,
1491             'manager' => CAP_ALLOW
1492         ),
1493         'clonepermissionsfrom' => 'moodle/course:managegrades'
1494     ),
1496     'moodle/grade:edit' => array(
1497         'riskbitmask' => RISK_PERSONAL | RISK_XSS,
1498         'captype' => 'write',
1499         'contextlevel' => CONTEXT_COURSE,
1500         'archetypes' => array(
1501             'editingteacher' => CAP_ALLOW,
1502             'manager' => CAP_ALLOW
1503         ),
1504         'clonepermissionsfrom' => 'moodle/course:managegrades'
1505     ),
1507     // ability to define advanced grading forms in activities either from scratch
1508     // or from a shared template
1509     'moodle/grade:managegradingforms' => array(
1510         'riskbitmask' => RISK_PERSONAL | RISK_XSS,
1511         'captype' => 'write',
1512         'contextlevel' => CONTEXT_COURSE,
1513         'archetypes' => array(
1514             'editingteacher' => CAP_ALLOW,
1515             'manager' => CAP_ALLOW
1516         ),
1517         'clonepermissionsfrom' => 'moodle/course:managegrades'
1518     ),
1520     // ability to save a grading form as a new shared template and eventually edit
1521     // and remove own templates (templates originally shared by that user)
1522     'moodle/grade:sharegradingforms' => array(
1523         'riskbitmask' => RISK_XSS,
1524         'captype' => 'write',
1525         'contextlevel' => CONTEXT_SYSTEM,
1526         'archetypes' => array(
1527             'manager' => CAP_ALLOW
1528         ),
1529     ),
1531     // ability to edit and remove any shared template, even those originally shared
1532     // by other users
1533     'moodle/grade:managesharedforms' => array(
1534         'riskbitmask' => RISK_XSS,
1535         'captype' => 'write',
1536         'contextlevel' => CONTEXT_SYSTEM,
1537         'archetypes' => array(
1538             'manager' => CAP_ALLOW
1539         ),
1540     ),
1542     'moodle/grade:manageoutcomes' => array(
1543         'captype' => 'write',
1544         'contextlevel' => CONTEXT_COURSE,
1545         'archetypes' => array(
1546             'editingteacher' => CAP_ALLOW,
1547             'manager' => CAP_ALLOW
1548         ),
1549         'clonepermissionsfrom' => 'moodle/course:managegrades'
1550     ),
1552     'moodle/grade:manageletters' => array(
1553         'captype' => 'write',
1554         'contextlevel' => CONTEXT_COURSE,
1555         'archetypes' => array(
1556             'editingteacher' => CAP_ALLOW,
1557             'manager' => CAP_ALLOW
1558         ),
1559         'clonepermissionsfrom' => 'moodle/course:managegrades'
1560     ),
1562     'moodle/grade:hide' => array(
1563         'captype' => 'write',
1564         'contextlevel' => CONTEXT_COURSE,
1565         'archetypes' => array(
1566             'editingteacher' => CAP_ALLOW,
1567             'manager' => CAP_ALLOW
1568         )
1569     ),
1571     'moodle/grade:lock' => array(
1572         'captype' => 'write',
1573         'contextlevel' => CONTEXT_COURSE,
1574         'archetypes' => array(
1575             'editingteacher' => CAP_ALLOW,
1576             'manager' => CAP_ALLOW
1577         )
1578     ),
1580     'moodle/grade:unlock' => array(
1581         'captype' => 'write',
1582         'contextlevel' => CONTEXT_COURSE,
1583         'archetypes' => array(
1584             'editingteacher' => CAP_ALLOW,
1585             'manager' => CAP_ALLOW
1586         )
1587     ),
1589     'moodle/my:manageblocks' => array(
1590         'captype' => 'write',
1591         'contextlevel' => CONTEXT_SYSTEM,
1592         'archetypes' => array(
1593             'user' => CAP_ALLOW
1594         )
1595     ),
1597     'moodle/notes:view' => array(
1598         'captype' => 'read',
1599         'contextlevel' => CONTEXT_COURSE,
1600         'archetypes' => array(
1601             'teacher' => CAP_ALLOW,
1602             'editingteacher' => CAP_ALLOW,
1603             'manager' => CAP_ALLOW
1604         )
1605     ),
1607     'moodle/notes:manage' => array(
1608         'riskbitmask' => RISK_SPAM,
1610         'captype' => 'write',
1611         'contextlevel' => CONTEXT_COURSE,
1612         'archetypes' => array(
1613             'teacher' => CAP_ALLOW,
1614             'editingteacher' => CAP_ALLOW,
1615             'manager' => CAP_ALLOW
1616         )
1617     ),
1619     'moodle/tag:manage' => array(
1620         'riskbitmask' => RISK_SPAM,
1622         'captype' => 'write',
1623         'contextlevel' => CONTEXT_SYSTEM,
1624         'archetypes' => array(
1625             'teacher' => CAP_ALLOW,
1626             'editingteacher' => CAP_ALLOW,
1627             'manager' => CAP_ALLOW
1628         )
1629     ),
1631     'moodle/tag:create' => array(
1632         'riskbitmask' => RISK_SPAM,
1634         'captype' => 'write',
1635         'contextlevel' => CONTEXT_SYSTEM,
1636         'archetypes' => array(
1637             'manager' => CAP_ALLOW,
1638             'user' => CAP_ALLOW
1639         )
1640     ),
1642     'moodle/tag:edit' => array(
1643         'riskbitmask' => RISK_SPAM,
1645         'captype' => 'write',
1646         'contextlevel' => CONTEXT_SYSTEM,
1647         'archetypes' => array(
1648             'manager' => CAP_ALLOW,
1649             'user' => CAP_ALLOW
1650         )
1651     ),
1653     'moodle/tag:editblocks' => array(
1654         'captype' => 'write',
1655         'contextlevel' => CONTEXT_SYSTEM,
1656         'archetypes' => array(
1657             'teacher' => CAP_ALLOW,
1658             'editingteacher' => CAP_ALLOW,
1659             'manager' => CAP_ALLOW
1660         )
1661     ),
1663     'moodle/block:view' => array(
1664         'captype' => 'read',
1665         'contextlevel' => CONTEXT_BLOCK,
1666         'archetypes' => array(
1667             'guest' => CAP_ALLOW,
1668             'user' => CAP_ALLOW,
1669             'student' => CAP_ALLOW,
1670             'teacher' => CAP_ALLOW,
1671             'editingteacher' => CAP_ALLOW,
1672         )
1673     ),
1675     'moodle/block:edit' => array(
1676         'riskbitmask' => RISK_SPAM | RISK_XSS,
1678         'captype' => 'write',
1679         'contextlevel' => CONTEXT_BLOCK,
1680         'archetypes' => array(
1681             'editingteacher' => CAP_ALLOW,
1682         )
1683     ),
1685     'moodle/portfolio:export' => array(
1686         'captype' => 'read',
1687         'contextlevel' => CONTEXT_SYSTEM,
1688         'archetypes' => array(
1689             'user' => CAP_ALLOW,
1690             'student' => CAP_ALLOW,
1691             'teacher' => CAP_ALLOW,
1692             'editingteacher' => CAP_ALLOW,
1693         )
1694     ),
1695     'moodle/comment:view' => array(
1696         'captype' => 'read',
1697         'contextlevel' => CONTEXT_COURSE,
1698         'archetypes' => array(
1699             'frontpage' => CAP_ALLOW,
1700             'guest' => CAP_ALLOW,
1701             'user' => CAP_ALLOW,
1702             'student' => CAP_ALLOW,
1703             'teacher' => CAP_ALLOW,
1704             'editingteacher' => CAP_ALLOW,
1705             'manager' => CAP_ALLOW
1706         )
1707     ),
1708     'moodle/comment:post' => array(
1710         'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
1711         'captype' => 'write',
1712         'contextlevel' => CONTEXT_COURSE,
1713         'archetypes' => array(
1714             'user' => CAP_ALLOW,
1715             'student' => CAP_ALLOW,
1716             'teacher' => CAP_ALLOW,
1717             'editingteacher' => CAP_ALLOW,
1718             'manager' => CAP_ALLOW
1719         )
1720     ),
1721     'moodle/comment:delete' => array(
1723         'riskbitmask' => RISK_DATALOSS,
1724         'captype' => 'write',
1725         'contextlevel' => CONTEXT_COURSE,
1726         'archetypes' => array(
1727             'editingteacher' => CAP_ALLOW,
1728             'manager' => CAP_ALLOW
1729         )
1730     ),
1731     'moodle/webservice:createtoken' => array(
1733         'riskbitmask' => RISK_CONFIG | RISK_DATALOSS | RISK_SPAM | RISK_PERSONAL | RISK_XSS,
1734         'captype' => 'write',
1735         'contextlevel' => CONTEXT_SYSTEM,
1736         'archetypes' => array(
1737             'manager' => CAP_ALLOW
1738         )
1739     ),
1740     'moodle/webservice:createmobiletoken' => array(
1742         'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
1743         'captype' => 'write',
1744         'contextlevel' => CONTEXT_SYSTEM,
1745         'archetypes' => array(
1746             'user' => CAP_ALLOW
1747         )
1748     ),
1749     'moodle/rating:view' => array(
1751         'captype' => 'read',
1752         'contextlevel' => CONTEXT_COURSE,
1753         'archetypes' => array(
1754             'user' => CAP_ALLOW,
1755             'student' => CAP_ALLOW,
1756             'teacher' => CAP_ALLOW,
1757             'editingteacher' => CAP_ALLOW,
1758             'manager' => CAP_ALLOW
1759         )
1760     ),
1761     'moodle/rating:viewany' => array(
1763         'riskbitmask' => RISK_PERSONAL,
1764         'captype' => 'read',
1765         'contextlevel' => CONTEXT_COURSE,
1766         'archetypes' => array(
1767             'user' => CAP_ALLOW,
1768             'student' => CAP_ALLOW,
1769             'teacher' => CAP_ALLOW,
1770             'editingteacher' => CAP_ALLOW,
1771             'manager' => CAP_ALLOW
1772         )
1773     ),
1774     'moodle/rating:viewall' => array(
1776         'riskbitmask' => RISK_PERSONAL,
1777         'captype' => 'read',
1778         'contextlevel' => CONTEXT_COURSE,
1779         'archetypes' => array(
1780             'user' => CAP_ALLOW,
1781             'student' => CAP_ALLOW,
1782             'teacher' => CAP_ALLOW,
1783             'editingteacher' => CAP_ALLOW,
1784             'manager' => CAP_ALLOW
1785         )
1786     ),
1787     'moodle/rating:rate' => array(
1789         'captype' => 'write',
1790         'contextlevel' => CONTEXT_COURSE,
1791         'archetypes' => array(
1792             'user' => CAP_ALLOW,
1793             'student' => CAP_ALLOW,
1794             'teacher' => CAP_ALLOW,
1795             'editingteacher' => CAP_ALLOW,
1796             'manager' => CAP_ALLOW
1797         )
1798     ),
1799      'moodle/course:publish' => array(
1801         'captype' => 'write',
1802         'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
1803         'contextlevel' => CONTEXT_SYSTEM,
1804         'archetypes' => array(
1805             'manager' => CAP_ALLOW
1806         )
1807     ),
1808     'moodle/course:markcomplete' => array(
1809         'captype' => 'write',
1810         'contextlevel' => CONTEXT_COURSE,
1811         'archetypes' => array(
1812             'teacher' => CAP_ALLOW,
1813             'editingteacher' => CAP_ALLOW,
1814             'manager' => CAP_ALLOW
1815         )
1816     ),
1817     'moodle/community:add' => array(
1818         'captype' => 'write',
1819         'contextlevel' => CONTEXT_SYSTEM,
1820         'archetypes' => array(
1821             'manager' => CAP_ALLOW,
1822             'teacher' => CAP_ALLOW,
1823             'editingteacher' => CAP_ALLOW,
1824         )
1825     ),
1826     'moodle/community:download' => array(
1827         'captype' => 'write',
1828         'contextlevel' => CONTEXT_SYSTEM,
1829         'archetypes' => array(
1830             'manager' => CAP_ALLOW,
1831             'editingteacher' => CAP_ALLOW,
1832         )
1833     )
1834 );