Merge branch 'MDL-60352-master' of git://github.com/andrewnicols/moodle
[moodle.git] / lib / db / access.php
1 <?php
2 // This file is part of Moodle - http://moodle.org/
3 //
4 // Moodle is free software: you can redistribute it and/or modify
5 // it under the terms of the GNU General Public License as published by
6 // the Free Software Foundation, either version 3 of the License, or
7 // (at your option) any later version.
8 //
9 // Moodle is distributed in the hope that it will be useful,
10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12 // GNU General Public License for more details.
13 //
14 // You should have received a copy of the GNU General Public License
15 // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
17 /**
18  * Capability definitions for Moodle core.
19  *
20  * The capabilities are loaded into the database table when the module is
21  * installed or updated. Whenever the capability definitions are updated,
22  * the module version number should be bumped up.
23  *
24  * The system has four possible values for a capability:
25  * CAP_ALLOW, CAP_PREVENT, CAP_PROHIBIT, and inherit (not set).
26  *
27  *
28  * CAPABILITY NAMING CONVENTION
29  *
30  * It is important that capability names are unique. The naming convention
31  * for capabilities that are specific to modules and blocks is as follows:
32  *   [mod/block]/<plugin_name>:<capabilityname>
33  *
34  * component_name should be the same as the directory name of the mod or block.
35  *
36  * Core moodle capabilities are defined thus:
37  *    moodle/<capabilityclass>:<capabilityname>
38  *
39  * Examples: mod/forum:viewpost
40  *           block/recent_activity:view
41  *           moodle/site:deleteuser
42  *
43  * The variable name for the capability definitions array is $capabilities
44  *
45  * For more information, take a look to the documentation available:
46  *     - Access API: {@link http://docs.moodle.org/dev/Access_API}
47  *     - Upgrade API: {@link http://docs.moodle.org/dev/Upgrade_API}
48  *
49  * @package   core_access
50  * @category  access
51  * @copyright 2006 onwards Martin Dougiamas  http://dougiamas.com
52  * @license   http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
53  */
55 defined('MOODLE_INTERNAL') || die();
57 $capabilities = array(
58     'moodle/site:config' => array(
60         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS | RISK_CONFIG | RISK_DATALOSS,
62         'captype' => 'write',
63         'contextlevel' => CONTEXT_SYSTEM,
64         'archetypes' => array(
65         )
66     ),
67     'moodle/site:configview' => array(
68         'captype' => 'read',
69         'contextlevel' => CONTEXT_SYSTEM,
70         'archetypes' => array(
71             'manager' => CAP_ALLOW,
72             'coursecreator' => CAP_ALLOW,
73         )
74     ),
76     'moodle/site:readallmessages' => array(
78         'riskbitmask' => RISK_PERSONAL,
80         'captype' => 'read',
81         'contextlevel' => CONTEXT_SYSTEM,
82         'archetypes' => array(
83             'manager' => CAP_ALLOW,
84             'editingteacher' => CAP_ALLOW
85         )
86     ),
88     'moodle/site:manageallmessaging' => array(
90         'riskbitmask' => RISK_PERSONAL,
92         'captype' => 'write',
93         'contextlevel' => CONTEXT_SYSTEM,
94         'archetypes' => array(
95             'manager' => CAP_ALLOW
96         )
97     ),
99     'moodle/site:deleteanymessage' => array(
101         'riskbitmask' => RISK_DATALOSS,
103         'captype' => 'write',
104         'contextlevel' => CONTEXT_SYSTEM,
105         'archetypes' => array(
106             'manager' => CAP_ALLOW
107         )
108     ),
110     'moodle/site:sendmessage' => array(
112         'riskbitmask' => RISK_SPAM,
114         'captype' => 'write',
115         'contextlevel' => CONTEXT_SYSTEM,
116         'archetypes' => array(
117             'manager' => CAP_ALLOW,
118             'user' => CAP_ALLOW
119         )
120     ),
122     'moodle/site:deleteownmessage' => array(
124         'captype' => 'write',
125         'contextlevel' => CONTEXT_SYSTEM,
126         'archetypes' => array(
127             'user' => CAP_ALLOW
128         )
129     ),
131     'moodle/site:approvecourse' => array(
133         'riskbitmask' => RISK_XSS,
135         'captype' => 'write',
136         'contextlevel' => CONTEXT_SYSTEM,
137         'archetypes' => array(
138             'manager' => CAP_ALLOW
139         )
140     ),
142     'moodle/backup:backupcourse' => array(
144         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
146         'captype' => 'write',
147         'contextlevel' => CONTEXT_COURSE,
148         'archetypes' => array(
149             'editingteacher' => CAP_ALLOW,
150             'manager' => CAP_ALLOW
151         ),
153         'clonepermissionsfrom' =>  'moodle/site:backup'
154     ),
156     'moodle/backup:backupsection' => array(
158         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
160         'captype' => 'write',
161         'contextlevel' => CONTEXT_COURSE,
162         'archetypes' => array(
163             'editingteacher' => CAP_ALLOW,
164             'manager' => CAP_ALLOW
165         ),
167         'clonepermissionsfrom' =>  'moodle/backup:backupcourse'
168     ),
170     'moodle/backup:backupactivity' => array(
172         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
174         'captype' => 'write',
175         'contextlevel' => CONTEXT_MODULE,
176         'archetypes' => array(
177             'editingteacher' => CAP_ALLOW,
178             'manager' => CAP_ALLOW
179         ),
181         'clonepermissionsfrom' =>  'moodle/backup:backupcourse'
182     ),
184     'moodle/backup:backuptargethub' => array(
186         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
188         'captype' => 'write',
189         'contextlevel' => CONTEXT_COURSE,
190         'archetypes' => array(
191             'editingteacher' => CAP_ALLOW,
192             'manager' => CAP_ALLOW
193         ),
195         'clonepermissionsfrom' =>  'moodle/backup:backupcourse'
196     ),
198     'moodle/backup:backuptargetimport' => array(
200         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
202         'captype' => 'write',
203         'contextlevel' => CONTEXT_COURSE,
204         'archetypes' => array(
205             'editingteacher' => CAP_ALLOW,
206             'manager' => CAP_ALLOW
207         ),
209         'clonepermissionsfrom' =>  'moodle/backup:backupcourse'
210     ),
212     'moodle/backup:downloadfile' => array(
214         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
216         'captype' => 'write',
217         'contextlevel' => CONTEXT_COURSE,
218         'archetypes' => array(
219             'editingteacher' => CAP_ALLOW,
220             'manager' => CAP_ALLOW
221         ),
223         'clonepermissionsfrom' =>  'moodle/site:backupdownload'
224     ),
226     'moodle/backup:configure' => array(
228         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
230         'captype' => 'write',
231         'contextlevel' => CONTEXT_COURSE,
232         'archetypes' => array(
233             'editingteacher' => CAP_ALLOW,
234             'manager' => CAP_ALLOW
235         )
236     ),
238     'moodle/backup:userinfo' => array(
240         'riskbitmask' => RISK_PERSONAL,
242         'captype' => 'read',
243         'contextlevel' => CONTEXT_COURSE,
244         'archetypes' => array(
245             'manager' => CAP_ALLOW
246         )
247     ),
249     'moodle/backup:anonymise' => array(
251         'riskbitmask' => RISK_PERSONAL,
253         'captype' => 'read',
254         'contextlevel' => CONTEXT_COURSE,
255         'archetypes' => array(
256             'manager' => CAP_ALLOW
257         )
258     ),
260     'moodle/restore:restorecourse' => array(
262         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
264         'captype' => 'write',
265         'contextlevel' => CONTEXT_COURSE,
266         'archetypes' => array(
267             'editingteacher' => CAP_ALLOW,
268             'manager' => CAP_ALLOW
269         ),
271         'clonepermissionsfrom' =>  'moodle/site:restore'
272     ),
274     'moodle/restore:restoresection' => array(
276         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
278         'captype' => 'write',
279         'contextlevel' => CONTEXT_COURSE,
280         'archetypes' => array(
281             'editingteacher' => CAP_ALLOW,
282             'manager' => CAP_ALLOW
283         ),
285         'clonepermissionsfrom' =>  'moodle/restore:restorecourse'
286     ),
288     'moodle/restore:restoreactivity' => array(
290         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
292         'captype' => 'write',
293         'contextlevel' => CONTEXT_COURSE,
294         'archetypes' => array(
295             'editingteacher' => CAP_ALLOW,
296             'manager' => CAP_ALLOW
297         ),
299         'clonepermissionsfrom' =>  'moodle/restore:restorecourse'
300     ),
302     'moodle/restore:viewautomatedfilearea' => array(
304         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
306         'captype' => 'write',
307         'contextlevel' => CONTEXT_COURSE,
308     ),
310     'moodle/restore:restoretargethub' => array(
312         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
314         'captype' => 'write',
315         'contextlevel' => CONTEXT_COURSE,
316         'archetypes' => array(
317             'editingteacher' => CAP_ALLOW,
318             'manager' => CAP_ALLOW
319         ),
321         'clonepermissionsfrom' =>  'moodle/restore:restorecourse'
322     ),
324     'moodle/restore:restoretargetimport' => array(
326         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
328         'captype' => 'write',
329         'contextlevel' => CONTEXT_COURSE,
330         'archetypes' => array(
331             'editingteacher' => CAP_ALLOW,
332             'manager' => CAP_ALLOW
333         ),
335         'clonepermissionsfrom' =>  'moodle/site:import'
336     ),
338     'moodle/restore:uploadfile' => array(
340         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
342         'captype' => 'write',
343         'contextlevel' => CONTEXT_COURSE,
344         'archetypes' => array(
345             'editingteacher' => CAP_ALLOW,
346             'manager' => CAP_ALLOW
347         ),
349         'clonepermissionsfrom' =>  'moodle/site:backupupload'
350     ),
352     'moodle/restore:configure' => array(
354         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
356         'captype' => 'write',
357         'contextlevel' => CONTEXT_COURSE,
358         'archetypes' => array(
359             'editingteacher' => CAP_ALLOW,
360             'manager' => CAP_ALLOW
361         )
362     ),
364     'moodle/restore:rolldates' => array(
366         'captype' => 'write',
367         'contextlevel' => CONTEXT_COURSE,
368         'archetypes' => array(
369             'coursecreator' => CAP_ALLOW,
370             'manager' => CAP_ALLOW
371         )
372     ),
374     'moodle/restore:userinfo' => array(
376         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS | RISK_CONFIG,
378         'captype' => 'write',
379         'contextlevel' => CONTEXT_COURSE,
380         'archetypes' => array(
381             'manager' => CAP_ALLOW
382         )
383     ),
385     'moodle/restore:createuser' => array(
387         'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
389         'captype' => 'write',
390         'contextlevel' => CONTEXT_SYSTEM,
391         'archetypes' => array(
392             'manager' => CAP_ALLOW
393         )
394     ),
396     'moodle/site:manageblocks' => array(
398         'riskbitmask' => RISK_SPAM | RISK_XSS,
400         'captype' => 'write',
401         'contextlevel' => CONTEXT_BLOCK,
402         'archetypes' => array(
403             'editingteacher' => CAP_ALLOW,
404             'manager' => CAP_ALLOW
405         )
406     ),
408     'moodle/site:accessallgroups' => array(
410         'captype' => 'read',
411         'contextlevel' => CONTEXT_COURSE,
412         'archetypes' => array(
413             'editingteacher' => CAP_ALLOW,
414             'manager' => CAP_ALLOW
415         )
416     ),
418     'moodle/site:viewfullnames' => array(
420         'captype' => 'read',
421         'contextlevel' => CONTEXT_COURSE,
422         'archetypes' => array(
423             'teacher' => CAP_ALLOW,
424             'editingteacher' => CAP_ALLOW,
425             'manager' => CAP_ALLOW
426         )
427     ),
429     // In reports that give lists of users, extra information about each user's
430     // identity (the fields configured in site option showuseridentity) will be
431     // displayed to users who have this capability.
432     'moodle/site:viewuseridentity' => array(
434         'captype' => 'read',
435         'contextlevel' => CONTEXT_COURSE,
436         'archetypes' => array(
437             'teacher' => CAP_ALLOW,
438             'editingteacher' => CAP_ALLOW,
439             'manager' => CAP_ALLOW
440         )
441     ),
443     'moodle/site:viewreports' => array(
445         'riskbitmask' => RISK_PERSONAL,
447         'captype' => 'read',
448         'contextlevel' => CONTEXT_COURSE,
449         'archetypes' => array(
450             'teacher' => CAP_ALLOW,
451             'editingteacher' => CAP_ALLOW,
452             'manager' => CAP_ALLOW
453         )
454     ),
456     'moodle/site:trustcontent' => array(
458         'riskbitmask' => RISK_XSS,
460         'captype' => 'write',
461         'contextlevel' => CONTEXT_COURSE,
462         'archetypes' => array(
463             'editingteacher' => CAP_ALLOW,
464             'manager' => CAP_ALLOW
465         )
466     ),
468     'moodle/site:uploadusers' => array(
470         'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
472         'captype' => 'write',
473         'contextlevel' => CONTEXT_SYSTEM,
474         'archetypes' => array(
475             'manager' => CAP_ALLOW
476         )
477     ),
479     // Permission to manage filter setting overrides in subcontexts.
480     'moodle/filter:manage' => array(
482         'captype' => 'write',
483         'contextlevel' => CONTEXT_COURSE,
484         'archetypes' => array(
485             'editingteacher' => CAP_ALLOW,
486             'manager' => CAP_ALLOW,
487         )
488     ),
490     'moodle/user:create' => array(
492         'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
494         'captype' => 'write',
495         'contextlevel' => CONTEXT_SYSTEM,
496         'archetypes' => array(
497             'manager' => CAP_ALLOW
498         )
499     ),
501     'moodle/user:delete' => array(
503         'riskbitmask' => RISK_PERSONAL | RISK_DATALOSS,
505         'captype' => 'write',
506         'contextlevel' => CONTEXT_SYSTEM,
507         'archetypes' => array(
508             'manager' => CAP_ALLOW
509         )
510     ),
512     'moodle/user:update' => array(
514         'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
516         'captype' => 'write',
517         'contextlevel' => CONTEXT_SYSTEM,
518         'archetypes' => array(
519             'manager' => CAP_ALLOW
520         )
521     ),
523     'moodle/user:viewdetails' => array(
525         'captype' => 'read',
526         'contextlevel' => CONTEXT_COURSE,
527         'archetypes' => array(
528             'guest' => CAP_ALLOW,
529             'student' => CAP_ALLOW,
530             'teacher' => CAP_ALLOW,
531             'editingteacher' => CAP_ALLOW,
532             'manager' => CAP_ALLOW
533         )
534     ),
536     'moodle/user:viewalldetails' => array(
537         'riskbitmask' => RISK_PERSONAL,
538         'captype' => 'read',
539         'contextlevel' => CONTEXT_USER,
540         'archetypes' => array(
541             'manager' => CAP_ALLOW
542         ),
543         'clonepermissionsfrom' => 'moodle/user:update'
544     ),
546     'moodle/user:viewlastip' => array(
547         'riskbitmask' => RISK_PERSONAL,
548         'captype' => 'read',
549         'contextlevel' => CONTEXT_USER,
550         'archetypes' => array(
551             'manager' => CAP_ALLOW
552         ),
553         'clonepermissionsfrom' => 'moodle/user:update'
554     ),
556     'moodle/user:viewhiddendetails' => array(
558         'riskbitmask' => RISK_PERSONAL,
560         'captype' => 'read',
561         'contextlevel' => CONTEXT_COURSE,
562         'archetypes' => array(
563             'teacher' => CAP_ALLOW,
564             'editingteacher' => CAP_ALLOW,
565             'manager' => CAP_ALLOW
566         )
567     ),
569     'moodle/user:loginas' => array(
571         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS | RISK_CONFIG,
573         'captype' => 'write',
574         'contextlevel' => CONTEXT_COURSE,
575         'archetypes' => array(
576             'manager' => CAP_ALLOW
577         )
578     ),
580     // can the user manage the system default profile page?
581     'moodle/user:managesyspages' => array(
583         'riskbitmap' => RISK_SPAM | RISK_PERSONAL | RISK_CONFIG,
585         'captype' => 'write',
586         'contextlevel' => CONTEXT_SYSTEM,
587         'archetypes' => array(
588             'manager' => CAP_ALLOW
589         )
590     ),
592     // can the user manage another user's profile page?
593     'moodle/user:manageblocks' => array(
595         'riskbitmap' => RISK_SPAM | RISK_PERSONAL,
597         'captype' => 'write',
598         'contextlevel' => CONTEXT_USER
599     ),
601     // can the user manage their own profile page?
602     'moodle/user:manageownblocks' => array(
604         'riskbitmap' => RISK_SPAM | RISK_PERSONAL,
606         'captype' => 'write',
607         'contextlevel' => CONTEXT_SYSTEM,
608         'archetypes' => array(
609             'user' => CAP_ALLOW
610         )
611     ),
613     // can the user manage their own files?
614     'moodle/user:manageownfiles' => array(
616         'riskbitmap' => RISK_SPAM | RISK_PERSONAL,
618         'captype' => 'write',
619         'contextlevel' => CONTEXT_SYSTEM,
620         'archetypes' => array(
621             'user' => CAP_ALLOW
622         )
623     ),
625     // Can the user ignore the setting userquota?
626     // The permissions are cloned from ignorefilesizelimits as it was partly used for that purpose.
627     'moodle/user:ignoreuserquota' => array(
628         'riskbitmap' => RISK_SPAM,
629         'captype' => 'write',
630         'contextlevel' => CONTEXT_SYSTEM,
631         'clonepermissionsfrom' => 'moodle/course:ignorefilesizelimits'
632     ),
634     // can the user manage the system default dashboard page?
635     'moodle/my:configsyspages' => array(
637         'riskbitmap' => RISK_SPAM | RISK_PERSONAL | RISK_CONFIG,
639         'captype' => 'write',
640         'contextlevel' => CONTEXT_SYSTEM,
641         'archetypes' => array(
642             'manager' => CAP_ALLOW
643         )
644     ),
646     'moodle/role:assign' => array(
648         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
650         'captype' => 'write',
651         'contextlevel' => CONTEXT_COURSE,
652         'archetypes' => array(
653             'editingteacher' => CAP_ALLOW,
654             'manager' => CAP_ALLOW
655         )
656     ),
658     'moodle/role:review' => array(
660         'riskbitmask' => RISK_PERSONAL,
662         'captype' => 'read',
663         'contextlevel' => CONTEXT_COURSE,
664         'archetypes' => array(
665             'teacher' => CAP_ALLOW,
666             'editingteacher' => CAP_ALLOW,
667             'manager' => CAP_ALLOW
668         )
669     ),
671     'moodle/role:override' => array(
673         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
675         'captype' => 'write',
676         'contextlevel' => CONTEXT_COURSE,
677         'archetypes' => array(
678             'manager' => CAP_ALLOW
679         )
680     ),
682     'moodle/role:safeoverride' => array(
684         'riskbitmask' => RISK_SPAM,
686         'captype' => 'write',
687         'contextlevel' => CONTEXT_COURSE,
688         'archetypes' => array(
689             'editingteacher' => CAP_ALLOW
690         )
691     ),
693     'moodle/role:manage' => array(
695         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
697         'captype' => 'write',
698         'contextlevel' => CONTEXT_SYSTEM,
699         'archetypes' => array(
700             'manager' => CAP_ALLOW
701         )
702     ),
704     'moodle/role:switchroles' => array(
706         'riskbitmask' => RISK_XSS | RISK_PERSONAL,
708         'captype' => 'read',
709         'contextlevel' => CONTEXT_COURSE,
710         'archetypes' => array(
711             'editingteacher' => CAP_ALLOW,
712             'manager' => CAP_ALLOW
713         )
714     ),
716     // Create, update and delete course categories. (Deleting a course category
717     // does not let you delete the courses it contains, unless you also have
718     // moodle/course: delete.) Creating and deleting requires this permission in
719     // the parent category.
720     'moodle/category:manage' => array(
722         'riskbitmask' => RISK_XSS,
724         'captype' => 'write',
725         'contextlevel' => CONTEXT_COURSECAT,
726         'archetypes' => array(
727             'manager' => CAP_ALLOW
728         ),
729         'clonepermissionsfrom' => 'moodle/category:update'
730     ),
732     'moodle/category:viewhiddencategories' => array(
734         'captype' => 'read',
735         'contextlevel' => CONTEXT_COURSECAT,
736         'archetypes' => array(
737             'coursecreator' => CAP_ALLOW,
738             'manager' => CAP_ALLOW
739         ),
740         'clonepermissionsfrom' => 'moodle/category:visibility'
741     ),
743     // create, delete, move cohorts in system and course categories,
744     // (cohorts with component !== null can be only moved)
745     'moodle/cohort:manage' => array(
747         'captype' => 'write',
748         'contextlevel' => CONTEXT_COURSECAT,
749         'archetypes' => array(
750             'manager' => CAP_ALLOW
751         )
752     ),
754     // add and remove cohort members (only for cohorts where component !== null)
755     'moodle/cohort:assign' => array(
757         'captype' => 'write',
758         'contextlevel' => CONTEXT_COURSECAT,
759         'archetypes' => array(
760             'manager' => CAP_ALLOW
761         )
762     ),
764     // View visible and hidden cohorts defined in the current context.
765     'moodle/cohort:view' => array(
767         'captype' => 'read',
768         'contextlevel' => CONTEXT_COURSE,
769         'archetypes' => array(
770             'editingteacher' => CAP_ALLOW,
771             'manager' => CAP_ALLOW
772         )
773     ),
775     'moodle/course:create' => array(
777         'riskbitmask' => RISK_XSS,
779         'captype' => 'write',
780         'contextlevel' => CONTEXT_COURSECAT,
781         'archetypes' => array(
782             'coursecreator' => CAP_ALLOW,
783             'manager' => CAP_ALLOW
784         )
785     ),
787     'moodle/course:request' => array(
788         'captype' => 'write',
789         'contextlevel' => CONTEXT_SYSTEM,
790         'archetypes' => array(
791             'user' => CAP_ALLOW,
792         )
793     ),
795     'moodle/course:delete' => array(
797         'riskbitmask' => RISK_DATALOSS,
799         'captype' => 'write',
800         'contextlevel' => CONTEXT_COURSE,
801         'archetypes' => array(
802             'manager' => CAP_ALLOW
803         )
804     ),
806     'moodle/course:update' => array(
808         'riskbitmask' => RISK_XSS,
810         'captype' => 'write',
811         'contextlevel' => CONTEXT_COURSE,
812         'archetypes' => array(
813             'editingteacher' => CAP_ALLOW,
814             'manager' => CAP_ALLOW
815         )
816     ),
818     'moodle/course:view' => array(
820         'captype' => 'read',
821         'contextlevel' => CONTEXT_COURSE,
822         'archetypes' => array(
823             'manager' => CAP_ALLOW,
824         )
825     ),
827     /* review course enrolments - no group restrictions, it is really full access to all participants info*/
828     'moodle/course:enrolreview' => array(
830         'riskbitmask' => RISK_PERSONAL,
832         'captype' => 'read',
833         'contextlevel' => CONTEXT_COURSE,
834         'archetypes' => array(
835             'editingteacher' => CAP_ALLOW,
836             'manager' => CAP_ALLOW,
837         )
838     ),
840     /* add, remove, hide enrol instances in courses */
841     'moodle/course:enrolconfig' => array(
843         'riskbitmask' => RISK_PERSONAL,
845         'captype' => 'write',
846         'contextlevel' => CONTEXT_COURSE,
847         'archetypes' => array(
848             'editingteacher' => CAP_ALLOW,
849             'manager' => CAP_ALLOW,
850         )
851     ),
853     'moodle/course:reviewotherusers' => array(
855         'captype' => 'read',
856         'contextlevel' => CONTEXT_COURSE,
857         'archetypes' => array(
858             'editingteacher' => CAP_ALLOW,
859             'manager' => CAP_ALLOW,
860         ),
861         'clonepermissionsfrom' => 'moodle/role:assign'
862     ),
864     'moodle/course:bulkmessaging' => array(
866         'riskbitmask' => RISK_SPAM,
868         'captype' => 'write',
869         'contextlevel' => CONTEXT_COURSE,
870         'archetypes' => array(
871             'teacher' => CAP_ALLOW,
872             'editingteacher' => CAP_ALLOW,
873             'manager' => CAP_ALLOW
874         )
875     ),
877     'moodle/course:viewhiddenuserfields' => array(
879         'riskbitmask' => RISK_PERSONAL,
881         'captype' => 'read',
882         'contextlevel' => CONTEXT_COURSE,
883         'archetypes' => array(
884             'teacher' => CAP_ALLOW,
885             'editingteacher' => CAP_ALLOW,
886             'manager' => CAP_ALLOW
887         )
888     ),
890     'moodle/course:viewhiddencourses' => array(
892         'captype' => 'read',
893         'contextlevel' => CONTEXT_COURSE,
894         'archetypes' => array(
895             'coursecreator' => CAP_ALLOW,
896             'teacher' => CAP_ALLOW,
897             'editingteacher' => CAP_ALLOW,
898             'manager' => CAP_ALLOW
899         )
900     ),
902     'moodle/course:visibility' => array(
904         'captype' => 'write',
905         'contextlevel' => CONTEXT_COURSE,
906         'archetypes' => array(
907             'editingteacher' => CAP_ALLOW,
908             'manager' => CAP_ALLOW
909         )
910     ),
912     'moodle/course:managefiles' => array(
914         'riskbitmask' => RISK_XSS,
916         'captype' => 'write',
917         'contextlevel' => CONTEXT_COURSE,
918         'archetypes' => array(
919             'editingteacher' => CAP_ALLOW,
920             'manager' => CAP_ALLOW
921         )
922     ),
924     'moodle/course:ignoreavailabilityrestrictions' => array(
925         'captype' => 'read',
926         'contextlevel' => CONTEXT_MODULE,
927         'archetypes' => array(
928             'manager' => CAP_ALLOW,
929             'coursecreator' => CAP_ALLOW,
930             'editingteacher' => CAP_ALLOW,
931             'teacher' => CAP_ALLOW,
932         ),
933         'clonepermissionsfrom' => 'moodle/course:viewhiddenactivities'
934     ),
936     'moodle/course:ignorefilesizelimits' => array(
938         'captype' => 'write',
939         'contextlevel' => CONTEXT_COURSE,
940         'archetypes' => array(
941         )
942     ),
944     'moodle/course:manageactivities' => array(
946         'riskbitmask' => RISK_XSS,
948         'captype' => 'write',
949         'contextlevel' => CONTEXT_MODULE,
950         'archetypes' => array(
951             'editingteacher' => CAP_ALLOW,
952             'manager' => CAP_ALLOW
953         )
954     ),
956     'moodle/course:activityvisibility' => array(
958         'captype' => 'write',
959         'contextlevel' => CONTEXT_MODULE,
960         'archetypes' => array(
961             'editingteacher' => CAP_ALLOW,
962             'manager' => CAP_ALLOW
963         )
964     ),
966     'moodle/course:viewhiddenactivities' => array(
968         'captype' => 'write',
969         'contextlevel' => CONTEXT_MODULE,
970         'archetypes' => array(
971             'teacher' => CAP_ALLOW,
972             'editingteacher' => CAP_ALLOW,
973             'manager' => CAP_ALLOW
974         )
975     ),
977     'moodle/course:viewparticipants' => array(
979         'captype' => 'read',
980         'contextlevel' => CONTEXT_COURSE,
981         'archetypes' => array(
982             'student' => CAP_ALLOW,
983             'teacher' => CAP_ALLOW,
984             'editingteacher' => CAP_ALLOW,
985             'manager' => CAP_ALLOW
986         )
987     ),
989     'moodle/course:changefullname' => array(
991         'riskbitmask' => RISK_XSS,
993         'captype' => 'write',
994         'contextlevel' => CONTEXT_COURSE,
995         'archetypes' => array(
996             'editingteacher' => CAP_ALLOW,
997             'manager' => CAP_ALLOW
998         ),
999         'clonepermissionsfrom' => 'moodle/course:update'
1000     ),
1002     'moodle/course:changeshortname' => array(
1004         'riskbitmask' => RISK_XSS,
1006         'captype' => 'write',
1007         'contextlevel' => CONTEXT_COURSE,
1008         'archetypes' => array(
1009             'editingteacher' => CAP_ALLOW,
1010             'manager' => CAP_ALLOW
1011         ),
1012         'clonepermissionsfrom' => 'moodle/course:update'
1013     ),
1015     'moodle/course:renameroles' => array(
1016         'captype' => 'write',
1017         'contextlevel' => CONTEXT_COURSE,
1018         'archetypes' => array(
1019             'editingteacher' => CAP_ALLOW,
1020             'manager' => CAP_ALLOW
1021         ),
1022         'clonepermissionsfrom' => 'moodle/course:update'
1023     ),
1025     'moodle/course:changeidnumber' => array(
1027         'riskbitmask' => RISK_XSS,
1029         'captype' => 'write',
1030         'contextlevel' => CONTEXT_COURSE,
1031         'archetypes' => array(
1032             'editingteacher' => CAP_ALLOW,
1033             'manager' => CAP_ALLOW
1034         ),
1035         'clonepermissionsfrom' => 'moodle/course:update'
1036     ),
1037     'moodle/course:changecategory' => array(
1038         'riskbitmask' => RISK_XSS,
1040         'captype' => 'write',
1041         'contextlevel' => CONTEXT_COURSE,
1042         'archetypes' => array(
1043             'editingteacher' => CAP_ALLOW,
1044             'manager' => CAP_ALLOW
1045         ),
1046         'clonepermissionsfrom' => 'moodle/course:update'
1047     ),
1049     'moodle/course:changesummary' => array(
1050         'riskbitmask' => RISK_XSS,
1052         'captype' => 'write',
1053         'contextlevel' => CONTEXT_COURSE,
1054         'archetypes' => array(
1055             'editingteacher' => CAP_ALLOW,
1056             'manager' => CAP_ALLOW
1057         ),
1058         'clonepermissionsfrom' => 'moodle/course:update'
1059     ),
1062     'moodle/site:viewparticipants' => array(
1064         'captype' => 'read',
1065         'contextlevel' => CONTEXT_SYSTEM,
1066         'archetypes' => array(
1067             'manager' => CAP_ALLOW
1068         )
1069     ),
1071     'moodle/course:isincompletionreports' => array(
1072         'captype' => 'read',
1073         'contextlevel' => CONTEXT_COURSE,
1074         'archetypes' => array(
1075             'student' => CAP_ALLOW,
1076         ),
1077     ),
1079     'moodle/course:viewscales' => array(
1081         'captype' => 'read',
1082         'contextlevel' => CONTEXT_COURSE,
1083         'archetypes' => array(
1084             'student' => CAP_ALLOW,
1085             'teacher' => CAP_ALLOW,
1086             'editingteacher' => CAP_ALLOW,
1087             'manager' => CAP_ALLOW
1088         )
1089     ),
1091     'moodle/course:managescales' => array(
1093         'captype' => 'write',
1094         'contextlevel' => CONTEXT_COURSE,
1095         'archetypes' => array(
1096             'editingteacher' => CAP_ALLOW,
1097             'manager' => CAP_ALLOW
1098         )
1099     ),
1101     'moodle/course:managegroups' => array(
1103         'captype' => 'write',
1104         'contextlevel' => CONTEXT_COURSE,
1105         'archetypes' => array(
1106             'editingteacher' => CAP_ALLOW,
1107             'manager' => CAP_ALLOW
1108         )
1109     ),
1111     'moodle/course:reset' => array(
1113         'riskbitmask' => RISK_DATALOSS,
1115         'captype' => 'write',
1116         'contextlevel' => CONTEXT_COURSE,
1117         'archetypes' => array(
1118             'editingteacher' => CAP_ALLOW,
1119             'manager' => CAP_ALLOW
1120         )
1121     ),
1123     'moodle/course:viewsuspendedusers' => array(
1125         'captype' => 'read',
1126         'contextlevel' => CONTEXT_SYSTEM,
1127         'archetypes' => array(
1128             'editingteacher' => CAP_ALLOW,
1129             'manager' => CAP_ALLOW
1130         )
1131     ),
1133     'moodle/course:tag' => array(
1134         'riskbitmask' => RISK_SPAM,
1135         'captype' => 'write',
1136         'contextlevel' => CONTEXT_COURSE,
1137         'archetypes' => array(
1138             'manager' => CAP_ALLOW,
1139             'editingteacher' => CAP_ALLOW,
1140         ),
1141         'clonepermissionsfrom' => 'moodle/course:update'
1142     ),
1144     'moodle/blog:view' => array(
1146         'captype' => 'read',
1147         'contextlevel' => CONTEXT_SYSTEM,
1148         'archetypes' => array(
1149             'guest' => CAP_ALLOW,
1150             'user' => CAP_ALLOW,
1151             'student' => CAP_ALLOW,
1152             'teacher' => CAP_ALLOW,
1153             'editingteacher' => CAP_ALLOW,
1154             'manager' => CAP_ALLOW
1155         )
1156     ),
1158     'moodle/blog:search' => array(
1159         'captype' => 'read',
1160         'contextlevel' => CONTEXT_SYSTEM,
1161         'archetypes' => array(
1162             'guest' => CAP_ALLOW,
1163             'user' => CAP_ALLOW,
1164             'student' => CAP_ALLOW,
1165             'teacher' => CAP_ALLOW,
1166             'editingteacher' => CAP_ALLOW,
1167             'manager' => CAP_ALLOW
1168         )
1169     ),
1171     'moodle/blog:viewdrafts' => array(
1173         'riskbitmask' => RISK_PERSONAL,
1174         'captype' => 'read',
1175         'contextlevel' => CONTEXT_SYSTEM,
1176         'archetypes' => array(
1177             'manager' => CAP_ALLOW
1178         )
1179     ),
1181     'moodle/blog:create' => array( // works in CONTEXT_SYSTEM only
1183         'riskbitmask' => RISK_SPAM,
1185         'captype' => 'write',
1186         'contextlevel' => CONTEXT_SYSTEM,
1187         'archetypes' => array(
1188             'user' => CAP_ALLOW,
1189             'manager' => CAP_ALLOW
1190         )
1191     ),
1193     'moodle/blog:manageentries' => array(
1195         'riskbitmask' => RISK_SPAM,
1197         'captype' => 'write',
1198         'contextlevel' => CONTEXT_SYSTEM,
1199         'archetypes' => array(
1200             'teacher' => CAP_ALLOW,
1201             'editingteacher' => CAP_ALLOW,
1202             'manager' => CAP_ALLOW
1203         )
1204     ),
1206     'moodle/blog:manageexternal' => array(
1208         'riskbitmask' => RISK_SPAM,
1210         'captype' => 'write',
1211         'contextlevel' => CONTEXT_SYSTEM,
1212         'archetypes' => array(
1213             'student' => CAP_ALLOW,
1214             'user' => CAP_ALLOW,
1215             'teacher' => CAP_ALLOW,
1216             'editingteacher' => CAP_ALLOW,
1217             'manager' => CAP_ALLOW
1218         )
1219     ),
1221     'moodle/calendar:manageownentries' => array( // works in CONTEXT_SYSTEM only
1223         'riskbitmask' => RISK_SPAM,
1225         'captype' => 'write',
1226         'contextlevel' => CONTEXT_COURSE,
1227         'archetypes' => array(
1228             'user' => CAP_ALLOW,
1229             'manager' => CAP_ALLOW
1230         )
1231     ),
1233     'moodle/calendar:managegroupentries' => array(
1235         'riskbitmask' => RISK_SPAM,
1237         'captype' => 'write',
1238         'contextlevel' => CONTEXT_COURSE,
1239         'archetypes' => array(
1240             'teacher' => CAP_ALLOW,
1241             'editingteacher' => CAP_ALLOW,
1242             'manager' => CAP_ALLOW
1243         )
1244     ),
1246     'moodle/calendar:manageentries' => array(
1248         'riskbitmask' => RISK_SPAM,
1250         'captype' => 'write',
1251         'contextlevel' => CONTEXT_COURSE,
1252         'archetypes' => array(
1253             'teacher' => CAP_ALLOW,
1254             'editingteacher' => CAP_ALLOW,
1255             'manager' => CAP_ALLOW
1256         )
1257     ),
1259     'moodle/user:editprofile' => array(
1261         'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
1263         'captype' => 'write',
1264         'contextlevel' => CONTEXT_USER,
1265         'archetypes' => array(
1266             'manager' => CAP_ALLOW
1267         )
1268     ),
1270     'moodle/user:editownprofile' => array(
1272         'riskbitmask' => RISK_SPAM,
1274         'captype' => 'write',
1275         'contextlevel' => CONTEXT_SYSTEM,
1276         'archetypes' => array(
1277             'guest' => CAP_PROHIBIT,
1278             'user' => CAP_ALLOW,
1279             'manager' => CAP_ALLOW
1280         )
1281     ),
1283     'moodle/user:changeownpassword' => array(
1285         'captype' => 'write',
1286         'contextlevel' => CONTEXT_SYSTEM,
1287         'archetypes' => array(
1288             'guest' => CAP_PROHIBIT,
1289             'user' => CAP_ALLOW,
1290             'manager' => CAP_ALLOW
1291         )
1292     ),
1294     // The next 3 might make no sense for some roles, e.g teacher, etc.
1295     // since the next level up is site. These are more for the parent role
1296     'moodle/user:readuserposts' => array(
1298         'captype' => 'read',
1299         'contextlevel' => CONTEXT_USER,
1300         'archetypes' => array(
1301             'student' => CAP_ALLOW,
1302             'teacher' => CAP_ALLOW,
1303             'editingteacher' => CAP_ALLOW,
1304             'manager' => CAP_ALLOW
1305         )
1306     ),
1308     'moodle/user:readuserblogs' => array(
1310         'captype' => 'read',
1311         'contextlevel' => CONTEXT_USER,
1312         'archetypes' => array(
1313             'student' => CAP_ALLOW,
1314             'teacher' => CAP_ALLOW,
1315             'editingteacher' => CAP_ALLOW,
1316             'manager' => CAP_ALLOW
1317         )
1318     ),
1320     // designed for parent role - not used in legacy roles
1321     'moodle/user:viewuseractivitiesreport' => array(
1322         'riskbitmask' => RISK_PERSONAL,
1324         'captype' => 'read',
1325         'contextlevel' => CONTEXT_USER,
1326         'archetypes' => array(
1327         )
1328     ),
1330     //capabilities designed for the new message system configuration
1331     'moodle/user:editmessageprofile' => array(
1333          'riskbitmask' => RISK_SPAM,
1335          'captype' => 'write',
1336          'contextlevel' => CONTEXT_USER,
1337          'archetypes' => array(
1338              'manager' => CAP_ALLOW
1339          )
1340      ),
1342      'moodle/user:editownmessageprofile' => array(
1344          'captype' => 'write',
1345          'contextlevel' => CONTEXT_SYSTEM,
1346          'archetypes' => array(
1347              'guest' => CAP_PROHIBIT,
1348              'user' => CAP_ALLOW,
1349              'manager' => CAP_ALLOW
1350          )
1351      ),
1353     'moodle/question:managecategory' => array(
1354         'riskbitmask' => RISK_SPAM | RISK_XSS,
1355         'captype' => 'write',
1356         'contextlevel' => CONTEXT_COURSE,
1357         'archetypes' => array(
1358             'editingteacher' => CAP_ALLOW,
1359             'manager' => CAP_ALLOW
1360         )
1361     ),
1363     //new in moodle 1.9
1364     'moodle/question:add' => array(
1365         'riskbitmask' => RISK_SPAM | RISK_XSS,
1366         'captype' => 'write',
1367         'contextlevel' => CONTEXT_COURSE,
1368         'archetypes' => array(
1369             'editingteacher' => CAP_ALLOW,
1370             'manager' => CAP_ALLOW
1371         ),
1372         'clonepermissionsfrom' =>  'moodle/question:manage'
1373     ),
1374     'moodle/question:editmine' => array(
1375         'riskbitmask' => RISK_SPAM | RISK_XSS,
1376         'captype' => 'write',
1377         'contextlevel' => CONTEXT_COURSE,
1378         'archetypes' => array(
1379             'editingteacher' => CAP_ALLOW,
1380             'manager' => CAP_ALLOW
1381         ),
1382         'clonepermissionsfrom' =>  'moodle/question:manage'
1383     ),
1384     'moodle/question:editall' => array(
1385         'riskbitmask' => RISK_SPAM | RISK_XSS,
1386         'captype' => 'write',
1387         'contextlevel' => CONTEXT_COURSE,
1388         'archetypes' => array(
1389             'editingteacher' => CAP_ALLOW,
1390             'manager' => CAP_ALLOW
1391         ),
1392         'clonepermissionsfrom' =>  'moodle/question:manage'
1393     ),
1394     'moodle/question:viewmine' => array(
1395         'captype' => 'read',
1396         'contextlevel' => CONTEXT_COURSE,
1397         'archetypes' => array(
1398             'editingteacher' => CAP_ALLOW,
1399             'manager' => CAP_ALLOW
1400         ),
1401         'clonepermissionsfrom' =>  'moodle/question:manage'
1402     ),
1403     'moodle/question:viewall' => array(
1404         'captype' => 'read',
1405         'contextlevel' => CONTEXT_COURSE,
1406         'archetypes' => array(
1407             'editingteacher' => CAP_ALLOW,
1408             'manager' => CAP_ALLOW
1409         ),
1410         'clonepermissionsfrom' =>  'moodle/question:manage'
1411     ),
1412     'moodle/question:usemine' => array(
1413         'captype' => 'read',
1414         'contextlevel' => CONTEXT_COURSE,
1415         'archetypes' => array(
1416             'editingteacher' => CAP_ALLOW,
1417             'manager' => CAP_ALLOW
1418         ),
1419         'clonepermissionsfrom' =>  'moodle/question:manage'
1420     ),
1421     'moodle/question:useall' => array(
1422         'captype' => 'read',
1423         'contextlevel' => CONTEXT_COURSE,
1424         'archetypes' => array(
1425             'editingteacher' => CAP_ALLOW,
1426             'manager' => CAP_ALLOW
1427         ),
1428         'clonepermissionsfrom' =>  'moodle/question:manage'
1429     ),
1430     'moodle/question:movemine' => array(
1431         'captype' => 'write',
1432         'contextlevel' => CONTEXT_COURSE,
1433         'archetypes' => array(
1434             'editingteacher' => CAP_ALLOW,
1435             'manager' => CAP_ALLOW
1436         ),
1437         'clonepermissionsfrom' =>  'moodle/question:manage'
1438     ),
1439     'moodle/question:moveall' => array(
1440         'captype' => 'write',
1441         'contextlevel' => CONTEXT_COURSE,
1442         'archetypes' => array(
1443             'editingteacher' => CAP_ALLOW,
1444             'manager' => CAP_ALLOW
1445         ),
1446         'clonepermissionsfrom' =>  'moodle/question:manage'
1447     ),
1448     //END new in moodle 1.9
1450     // Configure the installed question types.
1451     'moodle/question:config' => array(
1452         'riskbitmask' => RISK_CONFIG,
1453         'captype' => 'write',
1454         'contextlevel' => CONTEXT_SYSTEM,
1455         'archetypes' => array(
1456             'manager' => CAP_ALLOW
1457         )
1458     ),
1460     // While attempting questions, the ability to flag particular questions for later reference.
1461     'moodle/question:flag' => array(
1462         'captype' => 'write',
1463         'contextlevel' => CONTEXT_COURSE,
1464         'archetypes' => array(
1465             'student' => CAP_ALLOW,
1466             'teacher' => CAP_ALLOW,
1467             'editingteacher' => CAP_ALLOW,
1468             'manager' => CAP_ALLOW
1469         )
1470     ),
1472     'moodle/site:doclinks' => array(
1473         'captype' => 'read',
1474         'contextlevel' => CONTEXT_SYSTEM,
1475         'archetypes' => array(
1476             'teacher' => CAP_ALLOW,
1477             'editingteacher' => CAP_ALLOW,
1478             'manager' => CAP_ALLOW
1479         )
1480     ),
1482     'moodle/course:sectionvisibility' => array(
1484         'captype' => 'write',
1485         'contextlevel' => CONTEXT_COURSE,
1486         'archetypes' => array(
1487             'editingteacher' => CAP_ALLOW,
1488             'manager' => CAP_ALLOW
1489         )
1490     ),
1492     'moodle/course:useremail' => array(
1494         'captype' => 'write',
1495         'contextlevel' => CONTEXT_COURSE,
1496         'archetypes' => array(
1497             'editingteacher' => CAP_ALLOW,
1498             'manager' => CAP_ALLOW
1499         )
1500     ),
1502     'moodle/course:viewhiddensections' => array(
1504         'captype' => 'write',
1505         'contextlevel' => CONTEXT_COURSE,
1506         'archetypes' => array(
1507             'editingteacher' => CAP_ALLOW,
1508             'manager' => CAP_ALLOW
1509         )
1510     ),
1512     'moodle/course:setcurrentsection' => array(
1514         'captype' => 'write',
1515         'contextlevel' => CONTEXT_COURSE,
1516         'archetypes' => array(
1517             'editingteacher' => CAP_ALLOW,
1518             'manager' => CAP_ALLOW
1519         )
1520     ),
1522     'moodle/course:movesections' => array(
1524         'captype' => 'write',
1525         'contextlevel' => CONTEXT_COURSE,
1526         'archetypes' => array(
1527             'editingteacher' => CAP_ALLOW,
1528             'manager' => CAP_ALLOW
1529         ),
1530         'clonepermissionsfrom' => 'moodle/course:update'
1531     ),
1533     'moodle/site:mnetlogintoremote' => array(
1535         'captype' => 'read',
1536         'contextlevel' => CONTEXT_SYSTEM,
1537         'archetypes' => array(
1538         )
1539     ),
1541     'moodle/grade:viewall' => array(
1542         'riskbitmask' => RISK_PERSONAL,
1543         'captype' => 'read',
1544         'contextlevel' => CONTEXT_COURSE, // and CONTEXT_USER
1545         'archetypes' => array(
1546             'teacher' => CAP_ALLOW,
1547             'editingteacher' => CAP_ALLOW,
1548             'manager' => CAP_ALLOW
1549         ),
1550         'clonepermissionsfrom' => 'moodle/course:viewcoursegrades'
1551     ),
1553     'moodle/grade:view' => array(
1554         'captype' => 'read',
1555         'contextlevel' => CONTEXT_COURSE,
1556         'archetypes' => array(
1557             'student' => CAP_ALLOW
1558         )
1559     ),
1561     'moodle/grade:viewhidden' => array(
1562         'riskbitmask' => RISK_PERSONAL,
1563         'captype' => 'read',
1564         'contextlevel' => CONTEXT_COURSE,
1565         'archetypes' => array(
1566             'teacher' => CAP_ALLOW,
1567             'editingteacher' => CAP_ALLOW,
1568             'manager' => CAP_ALLOW
1569         ),
1570         'clonepermissionsfrom' => 'moodle/course:viewcoursegrades'
1571     ),
1573     'moodle/grade:import' => array(
1574         'riskbitmask' => RISK_PERSONAL | RISK_XSS,
1575         'captype' => 'write',
1576         'contextlevel' => CONTEXT_COURSE,
1577         'archetypes' => array(
1578             'editingteacher' => CAP_ALLOW,
1579             'manager' => CAP_ALLOW
1580         ),
1581         'clonepermissionsfrom' => 'moodle/course:managegrades'
1582     ),
1584     'moodle/grade:export' => array(
1585         'riskbitmask' => RISK_PERSONAL,
1586         'captype' => 'read',
1587         'contextlevel' => CONTEXT_COURSE,
1588         'archetypes' => array(
1589             'teacher' => CAP_ALLOW,
1590             'editingteacher' => CAP_ALLOW,
1591             'manager' => CAP_ALLOW
1592         ),
1593         'clonepermissionsfrom' => 'moodle/course:managegrades'
1594     ),
1596     'moodle/grade:manage' => array(
1597         'riskbitmask' => RISK_PERSONAL | RISK_XSS,
1598         'captype' => 'write',
1599         'contextlevel' => CONTEXT_COURSE,
1600         'archetypes' => array(
1601             'editingteacher' => CAP_ALLOW,
1602             'manager' => CAP_ALLOW
1603         ),
1604         'clonepermissionsfrom' => 'moodle/course:managegrades'
1605     ),
1607     'moodle/grade:edit' => array(
1608         'riskbitmask' => RISK_PERSONAL | RISK_XSS,
1609         'captype' => 'write',
1610         'contextlevel' => CONTEXT_COURSE,
1611         'archetypes' => array(
1612             'editingteacher' => CAP_ALLOW,
1613             'manager' => CAP_ALLOW
1614         ),
1615         'clonepermissionsfrom' => 'moodle/course:managegrades'
1616     ),
1618     // ability to define advanced grading forms in activities either from scratch
1619     // or from a shared template
1620     'moodle/grade:managegradingforms' => array(
1621         'riskbitmask' => RISK_PERSONAL | RISK_XSS,
1622         'captype' => 'write',
1623         'contextlevel' => CONTEXT_COURSE,
1624         'archetypes' => array(
1625             'editingteacher' => CAP_ALLOW,
1626             'manager' => CAP_ALLOW
1627         ),
1628         'clonepermissionsfrom' => 'moodle/course:managegrades'
1629     ),
1631     // ability to save a grading form as a new shared template and eventually edit
1632     // and remove own templates (templates originally shared by that user)
1633     'moodle/grade:sharegradingforms' => array(
1634         'riskbitmask' => RISK_XSS,
1635         'captype' => 'write',
1636         'contextlevel' => CONTEXT_SYSTEM,
1637         'archetypes' => array(
1638             'manager' => CAP_ALLOW
1639         ),
1640     ),
1642     // ability to edit and remove any shared template, even those originally shared
1643     // by other users
1644     'moodle/grade:managesharedforms' => array(
1645         'riskbitmask' => RISK_XSS,
1646         'captype' => 'write',
1647         'contextlevel' => CONTEXT_SYSTEM,
1648         'archetypes' => array(
1649             'manager' => CAP_ALLOW
1650         ),
1651     ),
1653     'moodle/grade:manageoutcomes' => array(
1654         'captype' => 'write',
1655         'contextlevel' => CONTEXT_COURSE,
1656         'archetypes' => array(
1657             'editingteacher' => CAP_ALLOW,
1658             'manager' => CAP_ALLOW
1659         ),
1660         'clonepermissionsfrom' => 'moodle/course:managegrades'
1661     ),
1663     'moodle/grade:manageletters' => array(
1664         'captype' => 'write',
1665         'contextlevel' => CONTEXT_COURSE,
1666         'archetypes' => array(
1667             'editingteacher' => CAP_ALLOW,
1668             'manager' => CAP_ALLOW
1669         ),
1670         'clonepermissionsfrom' => 'moodle/course:managegrades'
1671     ),
1673     'moodle/grade:hide' => array(
1674         'captype' => 'write',
1675         'contextlevel' => CONTEXT_COURSE,
1676         'archetypes' => array(
1677             'editingteacher' => CAP_ALLOW,
1678             'manager' => CAP_ALLOW
1679         )
1680     ),
1682     'moodle/grade:lock' => array(
1683         'captype' => 'write',
1684         'contextlevel' => CONTEXT_COURSE,
1685         'archetypes' => array(
1686             'editingteacher' => CAP_ALLOW,
1687             'manager' => CAP_ALLOW
1688         )
1689     ),
1691     'moodle/grade:unlock' => array(
1692         'captype' => 'write',
1693         'contextlevel' => CONTEXT_COURSE,
1694         'archetypes' => array(
1695             'editingteacher' => CAP_ALLOW,
1696             'manager' => CAP_ALLOW
1697         )
1698     ),
1700     'moodle/my:manageblocks' => array(
1701         'captype' => 'write',
1702         'contextlevel' => CONTEXT_SYSTEM,
1703         'archetypes' => array(
1704             'user' => CAP_ALLOW
1705         )
1706     ),
1708     'moodle/notes:view' => array(
1709         'captype' => 'read',
1710         'contextlevel' => CONTEXT_COURSE,
1711         'archetypes' => array(
1712             'teacher' => CAP_ALLOW,
1713             'editingteacher' => CAP_ALLOW,
1714             'manager' => CAP_ALLOW
1715         )
1716     ),
1718     'moodle/notes:manage' => array(
1719         'riskbitmask' => RISK_SPAM,
1721         'captype' => 'write',
1722         'contextlevel' => CONTEXT_COURSE,
1723         'archetypes' => array(
1724             'teacher' => CAP_ALLOW,
1725             'editingteacher' => CAP_ALLOW,
1726             'manager' => CAP_ALLOW
1727         )
1728     ),
1730     'moodle/tag:manage' => array(
1731         'riskbitmask' => RISK_SPAM,
1733         'captype' => 'write',
1734         'contextlevel' => CONTEXT_SYSTEM,
1735         'archetypes' => array(
1736             'manager' => CAP_ALLOW
1737         )
1738     ),
1740     'moodle/tag:edit' => array(
1741         'riskbitmask' => RISK_SPAM,
1743         'captype' => 'write',
1744         'contextlevel' => CONTEXT_SYSTEM,
1745         'archetypes' => array(
1746             'manager' => CAP_ALLOW
1747         )
1748     ),
1750     'moodle/tag:flag' => array(
1751         'riskbitmask' => RISK_SPAM,
1753         'captype' => 'write',
1754         'contextlevel' => CONTEXT_SYSTEM,
1755         'archetypes' => array(
1756             'user' => CAP_ALLOW
1757         )
1758     ),
1760     'moodle/tag:editblocks' => array(
1761         'captype' => 'write',
1762         'contextlevel' => CONTEXT_SYSTEM,
1763         'archetypes' => array(
1764             'teacher' => CAP_ALLOW,
1765             'editingteacher' => CAP_ALLOW,
1766             'manager' => CAP_ALLOW
1767         )
1768     ),
1770     'moodle/block:view' => array(
1771         'captype' => 'read',
1772         'contextlevel' => CONTEXT_BLOCK,
1773         'archetypes' => array(
1774             'guest' => CAP_ALLOW,
1775             'user' => CAP_ALLOW,
1776             'student' => CAP_ALLOW,
1777             'teacher' => CAP_ALLOW,
1778             'editingteacher' => CAP_ALLOW,
1779         )
1780     ),
1782     'moodle/block:edit' => array(
1783         'riskbitmask' => RISK_SPAM | RISK_XSS,
1785         'captype' => 'write',
1786         'contextlevel' => CONTEXT_BLOCK,
1787         'archetypes' => array(
1788             'editingteacher' => CAP_ALLOW,
1789             'manager' => CAP_ALLOW
1790         )
1791     ),
1793     'moodle/portfolio:export' => array(
1794         'captype' => 'read',
1795         'contextlevel' => CONTEXT_SYSTEM,
1796         'archetypes' => array(
1797             'user' => CAP_ALLOW,
1798             'student' => CAP_ALLOW,
1799             'teacher' => CAP_ALLOW,
1800             'editingteacher' => CAP_ALLOW,
1801         )
1802     ),
1803     'moodle/comment:view' => array(
1804         'captype' => 'read',
1805         'contextlevel' => CONTEXT_COURSE,
1806         'archetypes' => array(
1807             'frontpage' => CAP_ALLOW,
1808             'guest' => CAP_ALLOW,
1809             'user' => CAP_ALLOW,
1810             'student' => CAP_ALLOW,
1811             'teacher' => CAP_ALLOW,
1812             'editingteacher' => CAP_ALLOW,
1813             'manager' => CAP_ALLOW
1814         )
1815     ),
1816     'moodle/comment:post' => array(
1818         'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
1819         'captype' => 'write',
1820         'contextlevel' => CONTEXT_COURSE,
1821         'archetypes' => array(
1822             'user' => CAP_ALLOW,
1823             'student' => CAP_ALLOW,
1824             'teacher' => CAP_ALLOW,
1825             'editingteacher' => CAP_ALLOW,
1826             'manager' => CAP_ALLOW
1827         )
1828     ),
1829     'moodle/comment:delete' => array(
1831         'riskbitmask' => RISK_DATALOSS,
1832         'captype' => 'write',
1833         'contextlevel' => CONTEXT_COURSE,
1834         'archetypes' => array(
1835             'editingteacher' => CAP_ALLOW,
1836             'manager' => CAP_ALLOW
1837         )
1838     ),
1839     'moodle/webservice:createtoken' => array(
1841         'riskbitmask' => RISK_CONFIG | RISK_DATALOSS | RISK_SPAM | RISK_PERSONAL | RISK_XSS,
1842         'captype' => 'write',
1843         'contextlevel' => CONTEXT_SYSTEM,
1844         'archetypes' => array(
1845             'manager' => CAP_ALLOW
1846         )
1847     ),
1848     'moodle/webservice:managealltokens' => array(
1850         'riskbitmask' => RISK_CONFIG | RISK_DATALOSS | RISK_PERSONAL,
1851         'captype' => 'write',
1852         'contextlevel' => CONTEXT_SYSTEM,
1853         'archetypes' => array()
1854     ),
1855     'moodle/webservice:createmobiletoken' => array(
1857         'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
1858         'captype' => 'write',
1859         'contextlevel' => CONTEXT_SYSTEM,
1860         'archetypes' => array(
1861             'user' => CAP_ALLOW
1862         )
1863     ),
1864     'moodle/rating:view' => array(
1866         'captype' => 'read',
1867         'contextlevel' => CONTEXT_COURSE,
1868         'archetypes' => array(
1869             'user' => CAP_ALLOW,
1870             'student' => CAP_ALLOW,
1871             'teacher' => CAP_ALLOW,
1872             'editingteacher' => CAP_ALLOW,
1873             'manager' => CAP_ALLOW
1874         )
1875     ),
1876     'moodle/rating:viewany' => array(
1878         'riskbitmask' => RISK_PERSONAL,
1879         'captype' => 'read',
1880         'contextlevel' => CONTEXT_COURSE,
1881         'archetypes' => array(
1882             'user' => CAP_ALLOW,
1883             'student' => CAP_ALLOW,
1884             'teacher' => CAP_ALLOW,
1885             'editingteacher' => CAP_ALLOW,
1886             'manager' => CAP_ALLOW
1887         )
1888     ),
1889     'moodle/rating:viewall' => array(
1891         'riskbitmask' => RISK_PERSONAL,
1892         'captype' => 'read',
1893         'contextlevel' => CONTEXT_COURSE,
1894         'archetypes' => array(
1895             'user' => CAP_ALLOW,
1896             'student' => CAP_ALLOW,
1897             'teacher' => CAP_ALLOW,
1898             'editingteacher' => CAP_ALLOW,
1899             'manager' => CAP_ALLOW
1900         )
1901     ),
1902     'moodle/rating:rate' => array(
1904         'captype' => 'write',
1905         'contextlevel' => CONTEXT_COURSE,
1906         'archetypes' => array(
1907             'user' => CAP_ALLOW,
1908             'student' => CAP_ALLOW,
1909             'teacher' => CAP_ALLOW,
1910             'editingteacher' => CAP_ALLOW,
1911             'manager' => CAP_ALLOW
1912         )
1913     ),
1914      'moodle/course:publish' => array(
1916         'captype' => 'write',
1917         'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
1918         'contextlevel' => CONTEXT_SYSTEM,
1919         'archetypes' => array(
1920             'manager' => CAP_ALLOW
1921         )
1922     ),
1923     'moodle/course:markcomplete' => array(
1924         'captype' => 'write',
1925         'contextlevel' => CONTEXT_COURSE,
1926         'archetypes' => array(
1927             'teacher' => CAP_ALLOW,
1928             'editingteacher' => CAP_ALLOW,
1929             'manager' => CAP_ALLOW
1930         )
1931     ),
1932     'moodle/community:add' => array(
1933         'captype' => 'write',
1934         'contextlevel' => CONTEXT_SYSTEM,
1935         'archetypes' => array(
1936             'manager' => CAP_ALLOW,
1937             'teacher' => CAP_ALLOW,
1938             'editingteacher' => CAP_ALLOW,
1939         )
1940     ),
1941     'moodle/community:download' => array(
1942         'captype' => 'write',
1943         'contextlevel' => CONTEXT_SYSTEM,
1944         'archetypes' => array(
1945             'manager' => CAP_ALLOW,
1946             'editingteacher' => CAP_ALLOW,
1947         )
1948     ),
1950     // Badges.
1951     'moodle/badges:manageglobalsettings' => array(
1952         'riskbitmask'  => RISK_DATALOSS | RISK_CONFIG,
1953         'captype'      => 'write',
1954         'contextlevel' => CONTEXT_SYSTEM,
1955         'archetypes'   => array(
1956             'manager'       => CAP_ALLOW,
1957         )
1958     ),
1960     // View available badges without earning them.
1961     'moodle/badges:viewbadges' => array(
1962         'captype'       => 'read',
1963         'contextlevel'  => CONTEXT_COURSE,
1964         'archetypes'    => array(
1965             'user'          => CAP_ALLOW,
1966         )
1967     ),
1969     // Manage badges on own private badges page.
1970     'moodle/badges:manageownbadges' => array(
1971         'riskbitmap'    => RISK_SPAM,
1972         'captype'       => 'write',
1973         'contextlevel'  => CONTEXT_USER,
1974         'archetypes'    => array(
1975             'user'    => CAP_ALLOW
1976         )
1977     ),
1979     // View public badges in other users' profiles.
1980     'moodle/badges:viewotherbadges' => array(
1981         'riskbitmap'    => RISK_PERSONAL,
1982         'captype'       => 'read',
1983         'contextlevel'  => CONTEXT_USER,
1984         'archetypes'    => array(
1985             'user'    => CAP_ALLOW
1986         )
1987     ),
1989     // Earn badge.
1990     'moodle/badges:earnbadge' => array(
1991         'captype'       => 'write',
1992         'contextlevel'  => CONTEXT_COURSE,
1993         'archetypes'    => array(
1994             'user'           => CAP_ALLOW,
1995         )
1996     ),
1998     // Create/duplicate badges.
1999     'moodle/badges:createbadge' => array(
2000         'riskbitmask'  => RISK_SPAM,
2001         'captype'      => 'write',
2002         'contextlevel' => CONTEXT_COURSE,
2003         'archetypes'   => array(
2004             'manager'        => CAP_ALLOW,
2005             'editingteacher' => CAP_ALLOW,
2006         )
2007     ),
2009     // Delete badges.
2010     'moodle/badges:deletebadge' => array(
2011         'riskbitmask'  => RISK_DATALOSS,
2012         'captype'      => 'write',
2013         'contextlevel' => CONTEXT_COURSE,
2014         'archetypes'   => array(
2015             'manager'        => CAP_ALLOW,
2016             'editingteacher' => CAP_ALLOW,
2017         )
2018     ),
2020     // Set up/edit badge details.
2021     'moodle/badges:configuredetails' => array(
2022         'riskbitmask'  => RISK_SPAM,
2023         'captype'      => 'write',
2024         'contextlevel' => CONTEXT_COURSE,
2025         'archetypes'   => array(
2026             'manager'        => CAP_ALLOW,
2027             'editingteacher' => CAP_ALLOW,
2028         )
2029     ),
2031     // Set up/edit criteria of earning a badge.
2032     'moodle/badges:configurecriteria' => array(
2033         'riskbitmask'  => RISK_XSS,
2034         'captype'      => 'write',
2035         'contextlevel' => CONTEXT_COURSE,
2036         'archetypes'   => array(
2037             'manager'        => CAP_ALLOW,
2038             'editingteacher' => CAP_ALLOW,
2039         )
2040     ),
2042     // Configure badge messages.
2043     'moodle/badges:configuremessages' => array(
2044         'riskbitmask'  => RISK_SPAM,
2045         'captype'      => 'write',
2046         'contextlevel' => CONTEXT_COURSE,
2047         'archetypes'   => array(
2048             'manager'        => CAP_ALLOW,
2049             'editingteacher' => CAP_ALLOW,
2050         )
2051     ),
2053     // Award badge to a user.
2054     'moodle/badges:awardbadge' => array(
2055         'riskbitmask'  => RISK_SPAM,
2056         'captype'      => 'write',
2057         'contextlevel' => CONTEXT_COURSE,
2058         'archetypes'   => array(
2059             'manager'        => CAP_ALLOW,
2060             'teacher'        => CAP_ALLOW,
2061             'editingteacher' => CAP_ALLOW,
2062         )
2063     ),
2065     // Revoke badge from a user.
2066     'moodle/badges:revokebadge' => array(
2067         'riskbitmask'  => RISK_SPAM,
2068         'captype'      => 'write',
2069         'contextlevel' => CONTEXT_COURSE,
2070         'archetypes'   => array(
2071             'manager'        => CAP_ALLOW,
2072             'teacher'        => CAP_ALLOW,
2073             'editingteacher' => CAP_ALLOW,
2074         )
2075     ),
2077     // View users who earned a specific badge without being able to award a badge.
2078     'moodle/badges:viewawarded' => array(
2079         'riskbitmask'  => RISK_PERSONAL,
2080         'captype'      => 'read',
2081         'contextlevel' => CONTEXT_COURSE,
2082         'archetypes'   => array(
2083                 'manager'        => CAP_ALLOW,
2084                 'teacher'        => CAP_ALLOW,
2085                 'editingteacher' => CAP_ALLOW,
2086         )
2087     ),
2089     'moodle/site:forcelanguage' => array(
2090         'captype' => 'read',
2091         'contextlevel' => CONTEXT_SYSTEM,
2092         'archetypes' => array(
2093         )
2094     ),
2096     // Perform site-wide search queries through the search API.
2097     'moodle/search:query' => array(
2098         'captype' => 'read',
2099         'contextlevel' => CONTEXT_SYSTEM,
2100         'archetypes' => array(
2101             'guest' => CAP_ALLOW,
2102             'user' => CAP_ALLOW,
2103             'student' => CAP_ALLOW,
2104             'teacher' => CAP_ALLOW,
2105             'editingteacher' => CAP_ALLOW,
2106             'manager' => CAP_ALLOW
2107         )
2108     ),
2110     // Competencies.
2111     'moodle/competency:competencymanage' => array(
2112         'captype' => 'write',
2113         'contextlevel' => CONTEXT_COURSECAT,
2114         'archetypes' => array(
2115             'manager' => CAP_ALLOW
2116         )
2117     ),
2118     'moodle/competency:competencyview' => array(
2119         'captype' => 'read',
2120         'contextlevel' => CONTEXT_COURSECAT,
2121         'archetypes' => array(
2122             'user' => CAP_ALLOW
2123         ),
2124     ),
2125     'moodle/competency:competencygrade' => array(
2126         'captype' => 'write',
2127         'contextlevel' => CONTEXT_COURSE, // And CONTEXT_USER.
2128         'archetypes' => array(
2129             'editingteacher' => CAP_ALLOW,
2130             'teacher' => CAP_ALLOW,
2131             'manager' => CAP_ALLOW
2132         ),
2133     ),
2134     // Course competencies.
2135     'moodle/competency:coursecompetencymanage' => array(
2136         'captype' => 'write',
2137         'contextlevel' => CONTEXT_COURSE,
2138         'archetypes' => array(
2139             'editingteacher' => CAP_ALLOW,
2140             'manager' => CAP_ALLOW
2141         ),
2142     ),
2143     'moodle/competency:coursecompetencyconfigure' => array(
2144         'captype' => 'write',
2145         'contextlevel' => CONTEXT_MODULE,
2146         'archetypes' => array(
2147             'manager' => CAP_ALLOW
2148         ),
2149     ),
2150     'moodle/competency:coursecompetencygradable' => array(
2151         'captype' => 'read',
2152         'contextlevel' => CONTEXT_COURSE,
2153         'archetypes' => array(
2154             'student' => CAP_ALLOW
2155         ),
2156         'clonepermissionsfrom' => 'moodle/course:isincompletionreports'
2157     ),
2158     'moodle/competency:coursecompetencyview' => array(
2159         'captype' => 'read',
2160         'contextlevel' => CONTEXT_COURSE,
2161         'archetypes' => array(
2162             'user' => CAP_ALLOW
2163         ),
2164     ),
2165     // Evidence.
2166     'moodle/competency:evidencedelete' => array(
2167         'captype' => 'write',
2168         'contextlevel' => CONTEXT_USER,
2169         'archetypes' => array(
2170         ),
2171         'clonepermissionsfrom' => 'moodle/site:config'
2172     ),
2173     // User plans.
2174     'moodle/competency:planmanage' => array(
2175         'captype' => 'write',
2176         'contextlevel' => CONTEXT_USER,
2177         'archetypes' => array(
2178             'manager' => CAP_ALLOW
2179         ),
2180     ),
2181     'moodle/competency:planmanagedraft' => array(
2182         'captype' => 'write',
2183         'contextlevel' => CONTEXT_USER,
2184         'archetypes' => array(
2185             'manager' => CAP_ALLOW
2186         ),
2187     ),
2188     'moodle/competency:planmanageown' => array(
2189         'captype' => 'write',
2190         'contextlevel' => CONTEXT_USER,
2191         'archetypes' => array(
2192         ),
2193     ),
2194     'moodle/competency:planmanageowndraft' => array(
2195         'captype' => 'write',
2196         'contextlevel' => CONTEXT_USER,
2197         'archetypes' => array(
2198         ),
2199     ),
2200     'moodle/competency:planview' => array(
2201         'captype' => 'read',
2202         'contextlevel' => CONTEXT_USER,
2203         'archetypes' => array(
2204             'manager' => CAP_ALLOW
2205         ),
2206     ),
2207     'moodle/competency:planviewdraft' => array(
2208         'captype' => 'read',
2209         'contextlevel' => CONTEXT_USER,
2210         'archetypes' => array(
2211             'manager' => CAP_ALLOW
2212         ),
2213     ),
2214     'moodle/competency:planviewown' => array(
2215         'captype' => 'read',
2216         'contextlevel' => CONTEXT_USER,
2217         'archetypes' => array(
2218             'user' => CAP_ALLOW
2219         ),
2220     ),
2221     'moodle/competency:planviewowndraft' => array(
2222         'captype' => 'read',
2223         'contextlevel' => CONTEXT_USER,
2224         'archetypes' => array(
2225         ),
2226     ),
2227     'moodle/competency:planrequestreview' => array(
2228         'captype' => 'write',
2229         'contextlevel' => CONTEXT_USER,
2230         'archetypes' => array(
2231             'manager' => CAP_ALLOW
2232         )
2233     ),
2234     'moodle/competency:planrequestreviewown' => array(
2235         'captype' => 'write',
2236         'contextlevel' => CONTEXT_USER,
2237         'archetypes' => array(
2238             'user' => CAP_ALLOW
2239         )
2240     ),
2241     'moodle/competency:planreview' => array(
2242         'captype' => 'write',
2243         'contextlevel' => CONTEXT_USER,
2244         'archetypes' => array(
2245             'manager' => CAP_ALLOW
2246         ),
2247     ),
2248     'moodle/competency:plancomment' => array(
2249         'captype' => 'write',
2250         'contextlevel' => CONTEXT_USER,
2251         'archetypes' => array(
2252             'manager' => CAP_ALLOW
2253         ),
2254     ),
2255     'moodle/competency:plancommentown' => array(
2256         'captype' => 'write',
2257         'contextlevel' => CONTEXT_USER,
2258         'archetypes' => array(
2259             'user' => CAP_ALLOW
2260         ),
2261     ),
2262     // User competencies.
2263     'moodle/competency:usercompetencyview' => array(
2264         'captype' => 'read',
2265         'contextlevel' => CONTEXT_USER,     // And CONTEXT_COURSE.
2266         'archetypes' => array(
2267             'manager' => CAP_ALLOW,
2268             'editingteacher' => CAP_ALLOW,
2269             'teacher' => CAP_ALLOW
2270         )
2271     ),
2272     'moodle/competency:usercompetencyrequestreview' => array(
2273         'captype' => 'write',
2274         'contextlevel' => CONTEXT_USER,
2275         'archetypes' => array(
2276             'manager' => CAP_ALLOW
2277         )
2278     ),
2279     'moodle/competency:usercompetencyrequestreviewown' => array(
2280         'captype' => 'write',
2281         'contextlevel' => CONTEXT_USER,
2282         'archetypes' => array(
2283             'user' => CAP_ALLOW
2284         )
2285     ),
2286     'moodle/competency:usercompetencyreview' => array(
2287         'captype' => 'write',
2288         'contextlevel' => CONTEXT_USER,
2289         'archetypes' => array(
2290             'manager' => CAP_ALLOW
2291         ),
2292     ),
2293     'moodle/competency:usercompetencycomment' => array(
2294         'captype' => 'write',
2295         'contextlevel' => CONTEXT_USER,
2296         'archetypes' => array(
2297             'manager' => CAP_ALLOW
2298         ),
2299     ),
2300     'moodle/competency:usercompetencycommentown' => array(
2301         'captype' => 'write',
2302         'contextlevel' => CONTEXT_USER,
2303         'archetypes' => array(
2304             'user' => CAP_ALLOW
2305         ),
2306     ),
2307     // Template.
2308     'moodle/competency:templatemanage' => array(
2309         'captype' => 'write',
2310         'contextlevel' => CONTEXT_COURSECAT,
2311         'archetypes' => array(
2312             'manager' => CAP_ALLOW
2313         ),
2314     ),
2315     'moodle/analytics:listinsights' => array(
2316         'riskbitmask' => RISK_PERSONAL,
2317         'captype' => 'read',
2318         'contextlevel' => CONTEXT_COURSE,
2319         'archetypes' => array(
2320             'teacher' => CAP_ALLOW,
2321             'editingteacher' => CAP_ALLOW,
2322             'manager' => CAP_ALLOW
2323         )
2324     ),
2325     'moodle/analytics:managemodels' => array(
2326         'riskbitmask' => RISK_CONFIG,
2327         'captype' => 'write',
2328         'contextlevel' => CONTEXT_SYSTEM,
2329         'archetypes' => array(
2330             'manager' => CAP_ALLOW
2331         ),
2332     ),
2333     'moodle/competency:templateview' => array(
2334         'captype' => 'read',
2335         'contextlevel' => CONTEXT_COURSECAT,
2336         'archetypes' => array(
2337             'manager' => CAP_ALLOW
2338         ),
2339     ),
2340     // User evidence.
2341     'moodle/competency:userevidencemanage' => array(
2342         'captype' => 'write',
2343         'contextlevel' => CONTEXT_USER,
2344         'archetypes' => array(
2345             'manager' => CAP_ALLOW
2346         ),
2347     ),
2348     'moodle/competency:userevidencemanageown' => array(
2349         'captype' => 'write',
2350         'contextlevel' => CONTEXT_USER,
2351         'archetypes' => array(
2352             'user' => CAP_ALLOW
2353         ),
2354     ),
2355     'moodle/competency:userevidenceview' => array(
2356         'captype' => 'read',
2357         'contextlevel' => CONTEXT_USER,
2358         'archetypes' => array(
2359             'manager' => CAP_ALLOW
2360         ),
2361     ),
2362     'moodle/site:maintenanceaccess' => array(
2363         'captype' => 'write',
2364         'contextlevel' => CONTEXT_SYSTEM,
2365         'archetypes' => array(
2366         )
2367     ),
2369 );