MDL-54687 core_message: added userid parameter for altering contacts
[moodle.git] / lib / db / access.php
1 <?php
2 // This file is part of Moodle - http://moodle.org/
3 //
4 // Moodle is free software: you can redistribute it and/or modify
5 // it under the terms of the GNU General Public License as published by
6 // the Free Software Foundation, either version 3 of the License, or
7 // (at your option) any later version.
8 //
9 // Moodle is distributed in the hope that it will be useful,
10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12 // GNU General Public License for more details.
13 //
14 // You should have received a copy of the GNU General Public License
15 // along with Moodle.  If not, see <http://www.gnu.org/licenses/>.
17 /**
18  * Capability definitions for Moodle core.
19  *
20  * The capabilities are loaded into the database table when the module is
21  * installed or updated. Whenever the capability definitions are updated,
22  * the module version number should be bumped up.
23  *
24  * The system has four possible values for a capability:
25  * CAP_ALLOW, CAP_PREVENT, CAP_PROHIBIT, and inherit (not set).
26  *
27  *
28  * CAPABILITY NAMING CONVENTION
29  *
30  * It is important that capability names are unique. The naming convention
31  * for capabilities that are specific to modules and blocks is as follows:
32  *   [mod/block]/<plugin_name>:<capabilityname>
33  *
34  * component_name should be the same as the directory name of the mod or block.
35  *
36  * Core moodle capabilities are defined thus:
37  *    moodle/<capabilityclass>:<capabilityname>
38  *
39  * Examples: mod/forum:viewpost
40  *           block/recent_activity:view
41  *           moodle/site:deleteuser
42  *
43  * The variable name for the capability definitions array is $capabilities
44  *
45  * For more information, take a look to the documentation available:
46  *     - Access API: {@link http://docs.moodle.org/dev/Access_API}
47  *     - Upgrade API: {@link http://docs.moodle.org/dev/Upgrade_API}
48  *
49  * @package   core_access
50  * @category  access
51  * @copyright 2006 onwards Martin Dougiamas  http://dougiamas.com
52  * @license   http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
53  */
55 defined('MOODLE_INTERNAL') || die();
57 $capabilities = array(
58     'moodle/site:config' => array(
60         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS | RISK_CONFIG | RISK_DATALOSS,
62         'captype' => 'write',
63         'contextlevel' => CONTEXT_SYSTEM,
64         'archetypes' => array(
65         )
66     ),
68     'moodle/site:readallmessages' => array(
70         'riskbitmask' => RISK_PERSONAL,
72         'captype' => 'read',
73         'contextlevel' => CONTEXT_SYSTEM,
74         'archetypes' => array(
75             'manager' => CAP_ALLOW,
76             'editingteacher' => CAP_ALLOW
77         )
78     ),
80     'moodle/site:deleteanymessage' => array(
82         'riskbitmask' => RISK_DATALOSS,
84         'captype' => 'write',
85         'contextlevel' => CONTEXT_SYSTEM,
86         'archetypes' => array(
87             'manager' => CAP_ALLOW
88         )
89     ),
91     'moodle/site:sendmessage' => array(
93         'riskbitmask' => RISK_SPAM,
95         'captype' => 'write',
96         'contextlevel' => CONTEXT_SYSTEM,
97         'archetypes' => array(
98             'manager' => CAP_ALLOW,
99             'user' => CAP_ALLOW
100         )
101     ),
103     'moodle/site:deleteownmessage' => array(
105         'captype' => 'write',
106         'contextlevel' => CONTEXT_SYSTEM,
107         'archetypes' => array(
108             'user' => CAP_ALLOW
109         )
110     ),
112     'moodle/site:approvecourse' => array(
114         'riskbitmask' => RISK_XSS,
116         'captype' => 'write',
117         'contextlevel' => CONTEXT_SYSTEM,
118         'archetypes' => array(
119             'manager' => CAP_ALLOW
120         )
121     ),
123     'moodle/backup:backupcourse' => array(
125         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
127         'captype' => 'write',
128         'contextlevel' => CONTEXT_COURSE,
129         'archetypes' => array(
130             'editingteacher' => CAP_ALLOW,
131             'manager' => CAP_ALLOW
132         ),
134         'clonepermissionsfrom' =>  'moodle/site:backup'
135     ),
137     'moodle/backup:backupsection' => array(
139         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
141         'captype' => 'write',
142         'contextlevel' => CONTEXT_COURSE,
143         'archetypes' => array(
144             'editingteacher' => CAP_ALLOW,
145             'manager' => CAP_ALLOW
146         ),
148         'clonepermissionsfrom' =>  'moodle/backup:backupcourse'
149     ),
151     'moodle/backup:backupactivity' => array(
153         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
155         'captype' => 'write',
156         'contextlevel' => CONTEXT_MODULE,
157         'archetypes' => array(
158             'editingteacher' => CAP_ALLOW,
159             'manager' => CAP_ALLOW
160         ),
162         'clonepermissionsfrom' =>  'moodle/backup:backupcourse'
163     ),
165     'moodle/backup:backuptargethub' => array(
167         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
169         'captype' => 'write',
170         'contextlevel' => CONTEXT_COURSE,
171         'archetypes' => array(
172             'editingteacher' => CAP_ALLOW,
173             'manager' => CAP_ALLOW
174         ),
176         'clonepermissionsfrom' =>  'moodle/backup:backupcourse'
177     ),
179     'moodle/backup:backuptargetimport' => array(
181         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
183         'captype' => 'write',
184         'contextlevel' => CONTEXT_COURSE,
185         'archetypes' => array(
186             'editingteacher' => CAP_ALLOW,
187             'manager' => CAP_ALLOW
188         ),
190         'clonepermissionsfrom' =>  'moodle/backup:backupcourse'
191     ),
193     'moodle/backup:downloadfile' => array(
195         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
197         'captype' => 'write',
198         'contextlevel' => CONTEXT_COURSE,
199         'archetypes' => array(
200             'editingteacher' => CAP_ALLOW,
201             'manager' => CAP_ALLOW
202         ),
204         'clonepermissionsfrom' =>  'moodle/site:backupdownload'
205     ),
207     'moodle/backup:configure' => array(
209         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
211         'captype' => 'write',
212         'contextlevel' => CONTEXT_COURSE,
213         'archetypes' => array(
214             'editingteacher' => CAP_ALLOW,
215             'manager' => CAP_ALLOW
216         )
217     ),
219     'moodle/backup:userinfo' => array(
221         'riskbitmask' => RISK_PERSONAL,
223         'captype' => 'read',
224         'contextlevel' => CONTEXT_COURSE,
225         'archetypes' => array(
226             'manager' => CAP_ALLOW
227         )
228     ),
230     'moodle/backup:anonymise' => array(
232         'riskbitmask' => RISK_PERSONAL,
234         'captype' => 'read',
235         'contextlevel' => CONTEXT_COURSE,
236         'archetypes' => array(
237             'manager' => CAP_ALLOW
238         )
239     ),
241     'moodle/restore:restorecourse' => array(
243         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
245         'captype' => 'write',
246         'contextlevel' => CONTEXT_COURSE,
247         'archetypes' => array(
248             'editingteacher' => CAP_ALLOW,
249             'manager' => CAP_ALLOW
250         ),
252         'clonepermissionsfrom' =>  'moodle/site:restore'
253     ),
255     'moodle/restore:restoresection' => array(
257         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
259         'captype' => 'write',
260         'contextlevel' => CONTEXT_COURSE,
261         'archetypes' => array(
262             'editingteacher' => CAP_ALLOW,
263             'manager' => CAP_ALLOW
264         ),
266         'clonepermissionsfrom' =>  'moodle/restore:restorecourse'
267     ),
269     'moodle/restore:restoreactivity' => array(
271         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
273         'captype' => 'write',
274         'contextlevel' => CONTEXT_COURSE,
275         'archetypes' => array(
276             'editingteacher' => CAP_ALLOW,
277             'manager' => CAP_ALLOW
278         ),
280         'clonepermissionsfrom' =>  'moodle/restore:restorecourse'
281     ),
283     'moodle/restore:viewautomatedfilearea' => array(
285         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
287         'captype' => 'write',
288         'contextlevel' => CONTEXT_COURSE,
289     ),
291     'moodle/restore:restoretargethub' => array(
293         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
295         'captype' => 'write',
296         'contextlevel' => CONTEXT_COURSE,
297         'archetypes' => array(
298             'editingteacher' => CAP_ALLOW,
299             'manager' => CAP_ALLOW
300         ),
302         'clonepermissionsfrom' =>  'moodle/restore:restorecourse'
303     ),
305     'moodle/restore:restoretargetimport' => array(
307         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
309         'captype' => 'write',
310         'contextlevel' => CONTEXT_COURSE,
311         'archetypes' => array(
312             'editingteacher' => CAP_ALLOW,
313             'manager' => CAP_ALLOW
314         ),
316         'clonepermissionsfrom' =>  'moodle/site:import'
317     ),
319     'moodle/restore:uploadfile' => array(
321         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
323         'captype' => 'write',
324         'contextlevel' => CONTEXT_COURSE,
325         'archetypes' => array(
326             'editingteacher' => CAP_ALLOW,
327             'manager' => CAP_ALLOW
328         ),
330         'clonepermissionsfrom' =>  'moodle/site:backupupload'
331     ),
333     'moodle/restore:configure' => array(
335         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
337         'captype' => 'write',
338         'contextlevel' => CONTEXT_COURSE,
339         'archetypes' => array(
340             'editingteacher' => CAP_ALLOW,
341             'manager' => CAP_ALLOW
342         )
343     ),
345     'moodle/restore:rolldates' => array(
347         'captype' => 'write',
348         'contextlevel' => CONTEXT_COURSE,
349         'archetypes' => array(
350             'coursecreator' => CAP_ALLOW,
351             'manager' => CAP_ALLOW
352         )
353     ),
355     'moodle/restore:userinfo' => array(
357         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS | RISK_CONFIG,
359         'captype' => 'write',
360         'contextlevel' => CONTEXT_COURSE,
361         'archetypes' => array(
362             'manager' => CAP_ALLOW
363         )
364     ),
366     'moodle/restore:createuser' => array(
368         'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
370         'captype' => 'write',
371         'contextlevel' => CONTEXT_SYSTEM,
372         'archetypes' => array(
373             'manager' => CAP_ALLOW
374         )
375     ),
377     'moodle/site:manageblocks' => array(
379         'riskbitmask' => RISK_SPAM | RISK_XSS,
381         'captype' => 'write',
382         'contextlevel' => CONTEXT_BLOCK,
383         'archetypes' => array(
384             'editingteacher' => CAP_ALLOW,
385             'manager' => CAP_ALLOW
386         )
387     ),
389     'moodle/site:accessallgroups' => array(
391         'captype' => 'read',
392         'contextlevel' => CONTEXT_COURSE,
393         'archetypes' => array(
394             'teacher' => CAP_ALLOW,
395             'editingteacher' => CAP_ALLOW,
396             'manager' => CAP_ALLOW
397         )
398     ),
400     'moodle/site:viewfullnames' => array(
402         'captype' => 'read',
403         'contextlevel' => CONTEXT_COURSE,
404         'archetypes' => array(
405             'teacher' => CAP_ALLOW,
406             'editingteacher' => CAP_ALLOW,
407             'manager' => CAP_ALLOW
408         )
409     ),
411     // In reports that give lists of users, extra information about each user's
412     // identity (the fields configured in site option showuseridentity) will be
413     // displayed to users who have this capability.
414     'moodle/site:viewuseridentity' => array(
416         'captype' => 'read',
417         'contextlevel' => CONTEXT_COURSE,
418         'archetypes' => array(
419             'teacher' => CAP_ALLOW,
420             'editingteacher' => CAP_ALLOW,
421             'manager' => CAP_ALLOW
422         )
423     ),
425     'moodle/site:viewreports' => array(
427         'riskbitmask' => RISK_PERSONAL,
429         'captype' => 'read',
430         'contextlevel' => CONTEXT_COURSE,
431         'archetypes' => array(
432             'teacher' => CAP_ALLOW,
433             'editingteacher' => CAP_ALLOW,
434             'manager' => CAP_ALLOW
435         )
436     ),
438     'moodle/site:trustcontent' => array(
440         'riskbitmask' => RISK_XSS,
442         'captype' => 'write',
443         'contextlevel' => CONTEXT_COURSE,
444         'archetypes' => array(
445             'editingteacher' => CAP_ALLOW,
446             'manager' => CAP_ALLOW
447         )
448     ),
450     'moodle/site:uploadusers' => array(
452         'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
454         'captype' => 'write',
455         'contextlevel' => CONTEXT_SYSTEM,
456         'archetypes' => array(
457             'manager' => CAP_ALLOW
458         )
459     ),
461     // Permission to manage filter setting overrides in subcontexts.
462     'moodle/filter:manage' => array(
464         'captype' => 'write',
465         'contextlevel' => CONTEXT_COURSE,
466         'archetypes' => array(
467             'editingteacher' => CAP_ALLOW,
468             'manager' => CAP_ALLOW,
469         )
470     ),
472     'moodle/user:create' => array(
474         'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
476         'captype' => 'write',
477         'contextlevel' => CONTEXT_SYSTEM,
478         'archetypes' => array(
479             'manager' => CAP_ALLOW
480         )
481     ),
483     'moodle/user:delete' => array(
485         'riskbitmask' => RISK_PERSONAL, RISK_DATALOSS,
487         'captype' => 'write',
488         'contextlevel' => CONTEXT_SYSTEM,
489         'archetypes' => array(
490             'manager' => CAP_ALLOW
491         )
492     ),
494     'moodle/user:update' => array(
496         'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
498         'captype' => 'write',
499         'contextlevel' => CONTEXT_SYSTEM,
500         'archetypes' => array(
501             'manager' => CAP_ALLOW
502         )
503     ),
505     'moodle/user:viewdetails' => array(
507         'captype' => 'read',
508         'contextlevel' => CONTEXT_COURSE,
509         'archetypes' => array(
510             'guest' => CAP_ALLOW,
511             'student' => CAP_ALLOW,
512             'teacher' => CAP_ALLOW,
513             'editingteacher' => CAP_ALLOW,
514             'manager' => CAP_ALLOW
515         )
516     ),
518     'moodle/user:viewalldetails' => array(
519         'riskbitmask' => RISK_PERSONAL,
520         'captype' => 'read',
521         'contextlevel' => CONTEXT_USER,
522         'archetypes' => array(
523             'manager' => CAP_ALLOW
524         ),
525         'clonepermissionsfrom' => 'moodle/user:update'
526     ),
528     'moodle/user:viewlastip' => array(
529         'riskbitmask' => RISK_PERSONAL,
530         'captype' => 'read',
531         'contextlevel' => CONTEXT_USER,
532         'archetypes' => array(
533             'manager' => CAP_ALLOW
534         ),
535         'clonepermissionsfrom' => 'moodle/user:update'
536     ),
538     'moodle/user:viewhiddendetails' => array(
540         'riskbitmask' => RISK_PERSONAL,
542         'captype' => 'read',
543         'contextlevel' => CONTEXT_COURSE,
544         'archetypes' => array(
545             'teacher' => CAP_ALLOW,
546             'editingteacher' => CAP_ALLOW,
547             'manager' => CAP_ALLOW
548         )
549     ),
551     'moodle/user:loginas' => array(
553         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS | RISK_CONFIG,
555         'captype' => 'write',
556         'contextlevel' => CONTEXT_COURSE,
557         'archetypes' => array(
558             'manager' => CAP_ALLOW
559         )
560     ),
562     // can the user manage the system default profile page?
563     'moodle/user:managesyspages' => array(
565         'riskbitmap' => RISK_SPAM | RISK_PERSONAL | RISK_CONFIG,
567         'captype' => 'write',
568         'contextlevel' => CONTEXT_SYSTEM,
569         'archetypes' => array(
570             'manager' => CAP_ALLOW
571         )
572     ),
574     // can the user manage another user's profile page?
575     'moodle/user:manageblocks' => array(
577         'riskbitmap' => RISK_SPAM | RISK_PERSONAL,
579         'captype' => 'write',
580         'contextlevel' => CONTEXT_USER
581     ),
583     // can the user manage their own profile page?
584     'moodle/user:manageownblocks' => array(
586         'riskbitmap' => RISK_SPAM | RISK_PERSONAL,
588         'captype' => 'write',
589         'contextlevel' => CONTEXT_SYSTEM,
590         'archetypes' => array(
591             'user' => CAP_ALLOW
592         )
593     ),
595     // can the user manage their own files?
596     'moodle/user:manageownfiles' => array(
598         'riskbitmap' => RISK_SPAM | RISK_PERSONAL,
600         'captype' => 'write',
601         'contextlevel' => CONTEXT_SYSTEM,
602         'archetypes' => array(
603             'user' => CAP_ALLOW
604         )
605     ),
607     // Can the user ignore the setting userquota?
608     // The permissions are cloned from ignorefilesizelimits as it was partly used for that purpose.
609     'moodle/user:ignoreuserquota' => array(
610         'riskbitmap' => RISK_SPAM,
611         'captype' => 'write',
612         'contextlevel' => CONTEXT_SYSTEM,
613         'clonepermissionsfrom' => 'moodle/course:ignorefilesizelimits'
614     ),
616     // can the user manage the system default dashboard page?
617     'moodle/my:configsyspages' => array(
619         'riskbitmap' => RISK_SPAM | RISK_PERSONAL | RISK_CONFIG,
621         'captype' => 'write',
622         'contextlevel' => CONTEXT_SYSTEM,
623         'archetypes' => array(
624             'manager' => CAP_ALLOW
625         )
626     ),
628     'moodle/role:assign' => array(
630         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
632         'captype' => 'write',
633         'contextlevel' => CONTEXT_COURSE,
634         'archetypes' => array(
635             'editingteacher' => CAP_ALLOW,
636             'manager' => CAP_ALLOW
637         )
638     ),
640     'moodle/role:review' => array(
642         'riskbitmask' => RISK_PERSONAL,
644         'captype' => 'read',
645         'contextlevel' => CONTEXT_COURSE,
646         'archetypes' => array(
647             'teacher' => CAP_ALLOW,
648             'editingteacher' => CAP_ALLOW,
649             'manager' => CAP_ALLOW
650         )
651     ),
653     'moodle/role:override' => array(
655         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
657         'captype' => 'write',
658         'contextlevel' => CONTEXT_COURSE,
659         'archetypes' => array(
660             'manager' => CAP_ALLOW
661         )
662     ),
664     'moodle/role:safeoverride' => array(
666         'riskbitmask' => RISK_SPAM,
668         'captype' => 'write',
669         'contextlevel' => CONTEXT_COURSE,
670         'archetypes' => array(
671             'editingteacher' => CAP_ALLOW
672         )
673     ),
675     'moodle/role:manage' => array(
677         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
679         'captype' => 'write',
680         'contextlevel' => CONTEXT_SYSTEM,
681         'archetypes' => array(
682             'manager' => CAP_ALLOW
683         )
684     ),
686     'moodle/role:switchroles' => array(
688         'riskbitmask' => RISK_XSS | RISK_PERSONAL,
690         'captype' => 'read',
691         'contextlevel' => CONTEXT_COURSE,
692         'archetypes' => array(
693             'editingteacher' => CAP_ALLOW,
694             'manager' => CAP_ALLOW
695         )
696     ),
698     // Create, update and delete course categories. (Deleting a course category
699     // does not let you delete the courses it contains, unless you also have
700     // moodle/course: delete.) Creating and deleting requires this permission in
701     // the parent category.
702     'moodle/category:manage' => array(
704         'riskbitmask' => RISK_XSS,
706         'captype' => 'write',
707         'contextlevel' => CONTEXT_COURSECAT,
708         'archetypes' => array(
709             'manager' => CAP_ALLOW
710         ),
711         'clonepermissionsfrom' => 'moodle/category:update'
712     ),
714     'moodle/category:viewhiddencategories' => array(
716         'captype' => 'read',
717         'contextlevel' => CONTEXT_COURSECAT,
718         'archetypes' => array(
719             'coursecreator' => CAP_ALLOW,
720             'manager' => CAP_ALLOW
721         ),
722         'clonepermissionsfrom' => 'moodle/category:visibility'
723     ),
725     // create, delete, move cohorts in system and course categories,
726     // (cohorts with component !== null can be only moved)
727     'moodle/cohort:manage' => array(
729         'captype' => 'write',
730         'contextlevel' => CONTEXT_COURSECAT,
731         'archetypes' => array(
732             'manager' => CAP_ALLOW
733         )
734     ),
736     // add and remove cohort members (only for cohorts where component !== null)
737     'moodle/cohort:assign' => array(
739         'captype' => 'write',
740         'contextlevel' => CONTEXT_COURSECAT,
741         'archetypes' => array(
742             'manager' => CAP_ALLOW
743         )
744     ),
746     // View visible and hidden cohorts defined in the current context.
747     'moodle/cohort:view' => array(
749         'captype' => 'read',
750         'contextlevel' => CONTEXT_COURSE,
751         'archetypes' => array(
752             'editingteacher' => CAP_ALLOW,
753             'manager' => CAP_ALLOW
754         )
755     ),
757     'moodle/course:create' => array(
759         'riskbitmask' => RISK_XSS,
761         'captype' => 'write',
762         'contextlevel' => CONTEXT_COURSECAT,
763         'archetypes' => array(
764             'coursecreator' => CAP_ALLOW,
765             'manager' => CAP_ALLOW
766         )
767     ),
769     'moodle/course:request' => array(
770         'captype' => 'write',
771         'contextlevel' => CONTEXT_SYSTEM,
772         'archetypes' => array(
773             'user' => CAP_ALLOW,
774         )
775     ),
777     'moodle/course:delete' => array(
779         'riskbitmask' => RISK_DATALOSS,
781         'captype' => 'write',
782         'contextlevel' => CONTEXT_COURSE,
783         'archetypes' => array(
784             'manager' => CAP_ALLOW
785         )
786     ),
788     'moodle/course:update' => array(
790         'riskbitmask' => RISK_XSS,
792         'captype' => 'write',
793         'contextlevel' => CONTEXT_COURSE,
794         'archetypes' => array(
795             'editingteacher' => CAP_ALLOW,
796             'manager' => CAP_ALLOW
797         )
798     ),
800     'moodle/course:view' => array(
802         'captype' => 'read',
803         'contextlevel' => CONTEXT_COURSE,
804         'archetypes' => array(
805             'manager' => CAP_ALLOW,
806         )
807     ),
809     /* review course enrolments - no group restrictions, it is really full access to all participants info*/
810     'moodle/course:enrolreview' => array(
812         'riskbitmask' => RISK_PERSONAL,
814         'captype' => 'read',
815         'contextlevel' => CONTEXT_COURSE,
816         'archetypes' => array(
817             'editingteacher' => CAP_ALLOW,
818             'manager' => CAP_ALLOW,
819         )
820     ),
822     /* add, remove, hide enrol instances in courses */
823     'moodle/course:enrolconfig' => array(
825         'riskbitmask' => RISK_PERSONAL,
827         'captype' => 'write',
828         'contextlevel' => CONTEXT_COURSE,
829         'archetypes' => array(
830             'editingteacher' => CAP_ALLOW,
831             'manager' => CAP_ALLOW,
832         )
833     ),
835     'moodle/course:reviewotherusers' => array(
837         'captype' => 'read',
838         'contextlevel' => CONTEXT_COURSE,
839         'archetypes' => array(
840             'editingteacher' => CAP_ALLOW,
841             'manager' => CAP_ALLOW,
842         ),
843         'clonepermissionsfrom' => 'moodle/role:assign'
844     ),
846     'moodle/course:bulkmessaging' => array(
848         'riskbitmask' => RISK_SPAM,
850         'captype' => 'write',
851         'contextlevel' => CONTEXT_COURSE,
852         'archetypes' => array(
853             'teacher' => CAP_ALLOW,
854             'editingteacher' => CAP_ALLOW,
855             'manager' => CAP_ALLOW
856         )
857     ),
859     'moodle/course:viewhiddenuserfields' => array(
861         'riskbitmask' => RISK_PERSONAL,
863         'captype' => 'read',
864         'contextlevel' => CONTEXT_COURSE,
865         'archetypes' => array(
866             'teacher' => CAP_ALLOW,
867             'editingteacher' => CAP_ALLOW,
868             'manager' => CAP_ALLOW
869         )
870     ),
872     'moodle/course:viewhiddencourses' => array(
874         'captype' => 'read',
875         'contextlevel' => CONTEXT_COURSE,
876         'archetypes' => array(
877             'coursecreator' => CAP_ALLOW,
878             'teacher' => CAP_ALLOW,
879             'editingteacher' => CAP_ALLOW,
880             'manager' => CAP_ALLOW
881         )
882     ),
884     'moodle/course:visibility' => array(
886         'captype' => 'write',
887         'contextlevel' => CONTEXT_COURSE,
888         'archetypes' => array(
889             'editingteacher' => CAP_ALLOW,
890             'manager' => CAP_ALLOW
891         )
892     ),
894     'moodle/course:managefiles' => array(
896         'riskbitmask' => RISK_XSS,
898         'captype' => 'write',
899         'contextlevel' => CONTEXT_COURSE,
900         'archetypes' => array(
901             'editingteacher' => CAP_ALLOW,
902             'manager' => CAP_ALLOW
903         )
904     ),
906     'moodle/course:ignorefilesizelimits' => array(
908         'captype' => 'write',
909         'contextlevel' => CONTEXT_COURSE,
910         'archetypes' => array(
911         )
912     ),
914     'moodle/course:manageactivities' => array(
916         'riskbitmask' => RISK_XSS,
918         'captype' => 'write',
919         'contextlevel' => CONTEXT_MODULE,
920         'archetypes' => array(
921             'editingteacher' => CAP_ALLOW,
922             'manager' => CAP_ALLOW
923         )
924     ),
926     'moodle/course:activityvisibility' => array(
928         'captype' => 'write',
929         'contextlevel' => CONTEXT_MODULE,
930         'archetypes' => array(
931             'editingteacher' => CAP_ALLOW,
932             'manager' => CAP_ALLOW
933         )
934     ),
936     'moodle/course:viewhiddenactivities' => array(
938         'captype' => 'write',
939         'contextlevel' => CONTEXT_MODULE,
940         'archetypes' => array(
941             'teacher' => CAP_ALLOW,
942             'editingteacher' => CAP_ALLOW,
943             'manager' => CAP_ALLOW
944         )
945     ),
947     'moodle/course:viewparticipants' => array(
949         'captype' => 'read',
950         'contextlevel' => CONTEXT_COURSE,
951         'archetypes' => array(
952             'student' => CAP_ALLOW,
953             'teacher' => CAP_ALLOW,
954             'editingteacher' => CAP_ALLOW,
955             'manager' => CAP_ALLOW
956         )
957     ),
959     'moodle/course:changefullname' => array(
961         'riskbitmask' => RISK_XSS,
963         'captype' => 'write',
964         'contextlevel' => CONTEXT_COURSE,
965         'archetypes' => array(
966             'editingteacher' => CAP_ALLOW,
967             'manager' => CAP_ALLOW
968         ),
969         'clonepermissionsfrom' => 'moodle/course:update'
970     ),
972     'moodle/course:changeshortname' => array(
974         'riskbitmask' => RISK_XSS,
976         'captype' => 'write',
977         'contextlevel' => CONTEXT_COURSE,
978         'archetypes' => array(
979             'editingteacher' => CAP_ALLOW,
980             'manager' => CAP_ALLOW
981         ),
982         'clonepermissionsfrom' => 'moodle/course:update'
983     ),
985     'moodle/course:renameroles' => array(
986         'captype' => 'write',
987         'contextlevel' => CONTEXT_COURSE,
988         'archetypes' => array(
989             'editingteacher' => CAP_ALLOW,
990             'manager' => CAP_ALLOW
991         ),
992         'clonepermissionsfrom' => 'moodle/course:update'
993     ),
995     'moodle/course:changeidnumber' => array(
997         'riskbitmask' => RISK_XSS,
999         'captype' => 'write',
1000         'contextlevel' => CONTEXT_COURSE,
1001         'archetypes' => array(
1002             'editingteacher' => CAP_ALLOW,
1003             'manager' => CAP_ALLOW
1004         ),
1005         'clonepermissionsfrom' => 'moodle/course:update'
1006     ),
1007     'moodle/course:changecategory' => array(
1008         'riskbitmask' => RISK_XSS,
1010         'captype' => 'write',
1011         'contextlevel' => CONTEXT_COURSE,
1012         'archetypes' => array(
1013             'editingteacher' => CAP_ALLOW,
1014             'manager' => CAP_ALLOW
1015         ),
1016         'clonepermissionsfrom' => 'moodle/course:update'
1017     ),
1019     'moodle/course:changesummary' => array(
1020         'riskbitmask' => RISK_XSS,
1022         'captype' => 'write',
1023         'contextlevel' => CONTEXT_COURSE,
1024         'archetypes' => array(
1025             'editingteacher' => CAP_ALLOW,
1026             'manager' => CAP_ALLOW
1027         ),
1028         'clonepermissionsfrom' => 'moodle/course:update'
1029     ),
1032     'moodle/site:viewparticipants' => array(
1034         'captype' => 'read',
1035         'contextlevel' => CONTEXT_SYSTEM,
1036         'archetypes' => array(
1037             'manager' => CAP_ALLOW
1038         )
1039     ),
1041     'moodle/course:isincompletionreports' => array(
1042         'captype' => 'read',
1043         'contextlevel' => CONTEXT_COURSE,
1044         'archetypes' => array(
1045             'student' => CAP_ALLOW,
1046         ),
1047     ),
1049     'moodle/course:viewscales' => array(
1051         'captype' => 'read',
1052         'contextlevel' => CONTEXT_COURSE,
1053         'archetypes' => array(
1054             'student' => CAP_ALLOW,
1055             'teacher' => CAP_ALLOW,
1056             'editingteacher' => CAP_ALLOW,
1057             'manager' => CAP_ALLOW
1058         )
1059     ),
1061     'moodle/course:managescales' => array(
1063         'captype' => 'write',
1064         'contextlevel' => CONTEXT_COURSE,
1065         'archetypes' => array(
1066             'editingteacher' => CAP_ALLOW,
1067             'manager' => CAP_ALLOW
1068         )
1069     ),
1071     'moodle/course:managegroups' => array(
1073         'captype' => 'write',
1074         'contextlevel' => CONTEXT_COURSE,
1075         'archetypes' => array(
1076             'editingteacher' => CAP_ALLOW,
1077             'manager' => CAP_ALLOW
1078         )
1079     ),
1081     'moodle/course:reset' => array(
1083         'riskbitmask' => RISK_DATALOSS,
1085         'captype' => 'write',
1086         'contextlevel' => CONTEXT_COURSE,
1087         'archetypes' => array(
1088             'editingteacher' => CAP_ALLOW,
1089             'manager' => CAP_ALLOW
1090         )
1091     ),
1093     'moodle/course:viewsuspendedusers' => array(
1095         'captype' => 'read',
1096         'contextlevel' => CONTEXT_SYSTEM,
1097         'archetypes' => array(
1098             'editingteacher' => CAP_ALLOW,
1099             'manager' => CAP_ALLOW
1100         )
1101     ),
1103     'moodle/course:tag' => array(
1104         'riskbitmask' => RISK_SPAM,
1105         'captype' => 'write',
1106         'contextlevel' => CONTEXT_COURSE,
1107         'archetypes' => array(
1108             'manager' => CAP_ALLOW,
1109             'editingteacher' => CAP_ALLOW,
1110         ),
1111         'clonepermissionsfrom' => 'moodle/course:update'
1112     ),
1114     'moodle/blog:view' => array(
1116         'captype' => 'read',
1117         'contextlevel' => CONTEXT_SYSTEM,
1118         'archetypes' => array(
1119             'guest' => CAP_ALLOW,
1120             'user' => CAP_ALLOW,
1121             'student' => CAP_ALLOW,
1122             'teacher' => CAP_ALLOW,
1123             'editingteacher' => CAP_ALLOW,
1124             'manager' => CAP_ALLOW
1125         )
1126     ),
1128     'moodle/blog:search' => array(
1129         'captype' => 'read',
1130         'contextlevel' => CONTEXT_SYSTEM,
1131         'archetypes' => array(
1132             'guest' => CAP_ALLOW,
1133             'user' => CAP_ALLOW,
1134             'student' => CAP_ALLOW,
1135             'teacher' => CAP_ALLOW,
1136             'editingteacher' => CAP_ALLOW,
1137             'manager' => CAP_ALLOW
1138         )
1139     ),
1141     'moodle/blog:viewdrafts' => array(
1143         'riskbitmask' => RISK_PERSONAL,
1144         'captype' => 'read',
1145         'contextlevel' => CONTEXT_SYSTEM,
1146         'archetypes' => array(
1147             'manager' => CAP_ALLOW
1148         )
1149     ),
1151     'moodle/blog:create' => array( // works in CONTEXT_SYSTEM only
1153         'riskbitmask' => RISK_SPAM,
1155         'captype' => 'write',
1156         'contextlevel' => CONTEXT_SYSTEM,
1157         'archetypes' => array(
1158             'user' => CAP_ALLOW,
1159             'manager' => CAP_ALLOW
1160         )
1161     ),
1163     'moodle/blog:manageentries' => array(
1165         'riskbitmask' => RISK_SPAM,
1167         'captype' => 'write',
1168         'contextlevel' => CONTEXT_SYSTEM,
1169         'archetypes' => array(
1170             'teacher' => CAP_ALLOW,
1171             'editingteacher' => CAP_ALLOW,
1172             'manager' => CAP_ALLOW
1173         )
1174     ),
1176     'moodle/blog:manageexternal' => array(
1178         'riskbitmask' => RISK_SPAM,
1180         'captype' => 'write',
1181         'contextlevel' => CONTEXT_SYSTEM,
1182         'archetypes' => array(
1183             'student' => CAP_ALLOW,
1184             'user' => CAP_ALLOW,
1185             'teacher' => CAP_ALLOW,
1186             'editingteacher' => CAP_ALLOW,
1187             'manager' => CAP_ALLOW
1188         )
1189     ),
1191     'moodle/calendar:manageownentries' => array( // works in CONTEXT_SYSTEM only
1193         'riskbitmask' => RISK_SPAM,
1195         'captype' => 'write',
1196         'contextlevel' => CONTEXT_COURSE,
1197         'archetypes' => array(
1198             'user' => CAP_ALLOW,
1199             'manager' => CAP_ALLOW
1200         )
1201     ),
1203     'moodle/calendar:managegroupentries' => array(
1205         'riskbitmask' => RISK_SPAM,
1207         'captype' => 'write',
1208         'contextlevel' => CONTEXT_COURSE,
1209         'archetypes' => array(
1210             'teacher' => CAP_ALLOW,
1211             'editingteacher' => CAP_ALLOW,
1212             'manager' => CAP_ALLOW
1213         )
1214     ),
1216     'moodle/calendar:manageentries' => array(
1218         'riskbitmask' => RISK_SPAM,
1220         'captype' => 'write',
1221         'contextlevel' => CONTEXT_COURSE,
1222         'archetypes' => array(
1223             'teacher' => CAP_ALLOW,
1224             'editingteacher' => CAP_ALLOW,
1225             'manager' => CAP_ALLOW
1226         )
1227     ),
1229     'moodle/user:editprofile' => array(
1231         'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
1233         'captype' => 'write',
1234         'contextlevel' => CONTEXT_USER,
1235         'archetypes' => array(
1236             'manager' => CAP_ALLOW
1237         )
1238     ),
1240     'moodle/user:editownprofile' => array(
1242         'riskbitmask' => RISK_SPAM,
1244         'captype' => 'write',
1245         'contextlevel' => CONTEXT_SYSTEM,
1246         'archetypes' => array(
1247             'guest' => CAP_PROHIBIT,
1248             'user' => CAP_ALLOW,
1249             'manager' => CAP_ALLOW
1250         )
1251     ),
1253     'moodle/user:changeownpassword' => array(
1255         'captype' => 'write',
1256         'contextlevel' => CONTEXT_SYSTEM,
1257         'archetypes' => array(
1258             'guest' => CAP_PROHIBIT,
1259             'user' => CAP_ALLOW,
1260             'manager' => CAP_ALLOW
1261         )
1262     ),
1264     // The next 3 might make no sense for some roles, e.g teacher, etc.
1265     // since the next level up is site. These are more for the parent role
1266     'moodle/user:readuserposts' => array(
1268         'captype' => 'read',
1269         'contextlevel' => CONTEXT_USER,
1270         'archetypes' => array(
1271             'student' => CAP_ALLOW,
1272             'teacher' => CAP_ALLOW,
1273             'editingteacher' => CAP_ALLOW,
1274             'manager' => CAP_ALLOW
1275         )
1276     ),
1278     'moodle/user:readuserblogs' => array(
1280         'captype' => 'read',
1281         'contextlevel' => CONTEXT_USER,
1282         'archetypes' => array(
1283             'student' => CAP_ALLOW,
1284             'teacher' => CAP_ALLOW,
1285             'editingteacher' => CAP_ALLOW,
1286             'manager' => CAP_ALLOW
1287         )
1288     ),
1290     // designed for parent role - not used in legacy roles
1291     'moodle/user:viewuseractivitiesreport' => array(
1292         'riskbitmask' => RISK_PERSONAL,
1294         'captype' => 'read',
1295         'contextlevel' => CONTEXT_USER,
1296         'archetypes' => array(
1297         )
1298     ),
1300     //capabilities designed for the new message system configuration
1301     'moodle/user:editmessageprofile' => array(
1303          'riskbitmask' => RISK_SPAM,
1305          'captype' => 'write',
1306          'contextlevel' => CONTEXT_USER,
1307          'archetypes' => array(
1308              'manager' => CAP_ALLOW
1309          )
1310      ),
1312      'moodle/user:editownmessageprofile' => array(
1314          'captype' => 'write',
1315          'contextlevel' => CONTEXT_SYSTEM,
1316          'archetypes' => array(
1317              'guest' => CAP_PROHIBIT,
1318              'user' => CAP_ALLOW,
1319              'manager' => CAP_ALLOW
1320          )
1321      ),
1323     'moodle/question:managecategory' => array(
1324         'riskbitmask' => RISK_SPAM | RISK_XSS,
1325         'captype' => 'write',
1326         'contextlevel' => CONTEXT_COURSE,
1327         'archetypes' => array(
1328             'editingteacher' => CAP_ALLOW,
1329             'manager' => CAP_ALLOW
1330         )
1331     ),
1333     //new in moodle 1.9
1334     'moodle/question:add' => array(
1335         'riskbitmask' => RISK_SPAM | RISK_XSS,
1336         'captype' => 'write',
1337         'contextlevel' => CONTEXT_COURSE,
1338         'archetypes' => array(
1339             'editingteacher' => CAP_ALLOW,
1340             'manager' => CAP_ALLOW
1341         ),
1342         'clonepermissionsfrom' =>  'moodle/question:manage'
1343     ),
1344     'moodle/question:editmine' => array(
1345         'riskbitmask' => RISK_SPAM | RISK_XSS,
1346         'captype' => 'write',
1347         'contextlevel' => CONTEXT_COURSE,
1348         'archetypes' => array(
1349             'editingteacher' => CAP_ALLOW,
1350             'manager' => CAP_ALLOW
1351         ),
1352         'clonepermissionsfrom' =>  'moodle/question:manage'
1353     ),
1354     'moodle/question:editall' => array(
1355         'riskbitmask' => RISK_SPAM | RISK_XSS,
1356         'captype' => 'write',
1357         'contextlevel' => CONTEXT_COURSE,
1358         'archetypes' => array(
1359             'editingteacher' => CAP_ALLOW,
1360             'manager' => CAP_ALLOW
1361         ),
1362         'clonepermissionsfrom' =>  'moodle/question:manage'
1363     ),
1364     'moodle/question:viewmine' => array(
1365         'captype' => 'read',
1366         'contextlevel' => CONTEXT_COURSE,
1367         'archetypes' => array(
1368             'editingteacher' => CAP_ALLOW,
1369             'manager' => CAP_ALLOW
1370         ),
1371         'clonepermissionsfrom' =>  'moodle/question:manage'
1372     ),
1373     'moodle/question:viewall' => array(
1374         'captype' => 'read',
1375         'contextlevel' => CONTEXT_COURSE,
1376         'archetypes' => array(
1377             'editingteacher' => CAP_ALLOW,
1378             'manager' => CAP_ALLOW
1379         ),
1380         'clonepermissionsfrom' =>  'moodle/question:manage'
1381     ),
1382     'moodle/question:usemine' => array(
1383         'captype' => 'read',
1384         'contextlevel' => CONTEXT_COURSE,
1385         'archetypes' => array(
1386             'editingteacher' => CAP_ALLOW,
1387             'manager' => CAP_ALLOW
1388         ),
1389         'clonepermissionsfrom' =>  'moodle/question:manage'
1390     ),
1391     'moodle/question:useall' => array(
1392         'captype' => 'read',
1393         'contextlevel' => CONTEXT_COURSE,
1394         'archetypes' => array(
1395             'editingteacher' => CAP_ALLOW,
1396             'manager' => CAP_ALLOW
1397         ),
1398         'clonepermissionsfrom' =>  'moodle/question:manage'
1399     ),
1400     'moodle/question:movemine' => array(
1401         'captype' => 'write',
1402         'contextlevel' => CONTEXT_COURSE,
1403         'archetypes' => array(
1404             'editingteacher' => CAP_ALLOW,
1405             'manager' => CAP_ALLOW
1406         ),
1407         'clonepermissionsfrom' =>  'moodle/question:manage'
1408     ),
1409     'moodle/question:moveall' => array(
1410         'captype' => 'write',
1411         'contextlevel' => CONTEXT_COURSE,
1412         'archetypes' => array(
1413             'editingteacher' => CAP_ALLOW,
1414             'manager' => CAP_ALLOW
1415         ),
1416         'clonepermissionsfrom' =>  'moodle/question:manage'
1417     ),
1418     //END new in moodle 1.9
1420     // Configure the installed question types.
1421     'moodle/question:config' => array(
1422         'riskbitmask' => RISK_CONFIG,
1423         'captype' => 'write',
1424         'contextlevel' => CONTEXT_SYSTEM,
1425         'archetypes' => array(
1426             'manager' => CAP_ALLOW
1427         )
1428     ),
1430     // While attempting questions, the ability to flag particular questions for later reference.
1431     'moodle/question:flag' => array(
1432         'captype' => 'write',
1433         'contextlevel' => CONTEXT_COURSE,
1434         'archetypes' => array(
1435             'student' => CAP_ALLOW,
1436             'teacher' => CAP_ALLOW,
1437             'editingteacher' => CAP_ALLOW,
1438             'manager' => CAP_ALLOW
1439         )
1440     ),
1442     'moodle/site:doclinks' => array(
1443         'captype' => 'read',
1444         'contextlevel' => CONTEXT_SYSTEM,
1445         'archetypes' => array(
1446             'teacher' => CAP_ALLOW,
1447             'editingteacher' => CAP_ALLOW,
1448             'manager' => CAP_ALLOW
1449         )
1450     ),
1452     'moodle/course:sectionvisibility' => array(
1454         'captype' => 'write',
1455         'contextlevel' => CONTEXT_COURSE,
1456         'archetypes' => array(
1457             'editingteacher' => CAP_ALLOW,
1458             'manager' => CAP_ALLOW
1459         )
1460     ),
1462     'moodle/course:useremail' => array(
1464         'captype' => 'write',
1465         'contextlevel' => CONTEXT_COURSE,
1466         'archetypes' => array(
1467             'editingteacher' => CAP_ALLOW,
1468             'manager' => CAP_ALLOW
1469         )
1470     ),
1472     'moodle/course:viewhiddensections' => array(
1474         'captype' => 'write',
1475         'contextlevel' => CONTEXT_COURSE,
1476         'archetypes' => array(
1477             'editingteacher' => CAP_ALLOW,
1478             'manager' => CAP_ALLOW
1479         )
1480     ),
1482     'moodle/course:setcurrentsection' => array(
1484         'captype' => 'write',
1485         'contextlevel' => CONTEXT_COURSE,
1486         'archetypes' => array(
1487             'editingteacher' => CAP_ALLOW,
1488             'manager' => CAP_ALLOW
1489         )
1490     ),
1492     'moodle/course:movesections' => array(
1494         'captype' => 'write',
1495         'contextlevel' => CONTEXT_COURSE,
1496         'archetypes' => array(
1497             'editingteacher' => CAP_ALLOW,
1498             'manager' => CAP_ALLOW
1499         ),
1500         'clonepermissionsfrom' => 'moodle/course:update'
1501     ),
1503     'moodle/site:mnetlogintoremote' => array(
1505         'captype' => 'read',
1506         'contextlevel' => CONTEXT_SYSTEM,
1507         'archetypes' => array(
1508         )
1509     ),
1511     'moodle/grade:viewall' => array(
1512         'riskbitmask' => RISK_PERSONAL,
1513         'captype' => 'read',
1514         'contextlevel' => CONTEXT_COURSE, // and CONTEXT_USER
1515         'archetypes' => array(
1516             'teacher' => CAP_ALLOW,
1517             'editingteacher' => CAP_ALLOW,
1518             'manager' => CAP_ALLOW
1519         ),
1520         'clonepermissionsfrom' => 'moodle/course:viewcoursegrades'
1521     ),
1523     'moodle/grade:view' => array(
1524         'captype' => 'read',
1525         'contextlevel' => CONTEXT_COURSE,
1526         'archetypes' => array(
1527             'student' => CAP_ALLOW
1528         )
1529     ),
1531     'moodle/grade:viewhidden' => array(
1532         'riskbitmask' => RISK_PERSONAL,
1533         'captype' => 'read',
1534         'contextlevel' => CONTEXT_COURSE,
1535         'archetypes' => array(
1536             'teacher' => CAP_ALLOW,
1537             'editingteacher' => CAP_ALLOW,
1538             'manager' => CAP_ALLOW
1539         ),
1540         'clonepermissionsfrom' => 'moodle/course:viewcoursegrades'
1541     ),
1543     'moodle/grade:import' => array(
1544         'riskbitmask' => RISK_PERSONAL | RISK_XSS,
1545         'captype' => 'write',
1546         'contextlevel' => CONTEXT_COURSE,
1547         'archetypes' => array(
1548             'editingteacher' => CAP_ALLOW,
1549             'manager' => CAP_ALLOW
1550         ),
1551         'clonepermissionsfrom' => 'moodle/course:managegrades'
1552     ),
1554     'moodle/grade:export' => array(
1555         'riskbitmask' => RISK_PERSONAL,
1556         'captype' => 'read',
1557         'contextlevel' => CONTEXT_COURSE,
1558         'archetypes' => array(
1559             'teacher' => CAP_ALLOW,
1560             'editingteacher' => CAP_ALLOW,
1561             'manager' => CAP_ALLOW
1562         ),
1563         'clonepermissionsfrom' => 'moodle/course:managegrades'
1564     ),
1566     'moodle/grade:manage' => array(
1567         'riskbitmask' => RISK_PERSONAL | RISK_XSS,
1568         'captype' => 'write',
1569         'contextlevel' => CONTEXT_COURSE,
1570         'archetypes' => array(
1571             'editingteacher' => CAP_ALLOW,
1572             'manager' => CAP_ALLOW
1573         ),
1574         'clonepermissionsfrom' => 'moodle/course:managegrades'
1575     ),
1577     'moodle/grade:edit' => array(
1578         'riskbitmask' => RISK_PERSONAL | RISK_XSS,
1579         'captype' => 'write',
1580         'contextlevel' => CONTEXT_COURSE,
1581         'archetypes' => array(
1582             'editingteacher' => CAP_ALLOW,
1583             'manager' => CAP_ALLOW
1584         ),
1585         'clonepermissionsfrom' => 'moodle/course:managegrades'
1586     ),
1588     // ability to define advanced grading forms in activities either from scratch
1589     // or from a shared template
1590     'moodle/grade:managegradingforms' => array(
1591         'riskbitmask' => RISK_PERSONAL | RISK_XSS,
1592         'captype' => 'write',
1593         'contextlevel' => CONTEXT_COURSE,
1594         'archetypes' => array(
1595             'editingteacher' => CAP_ALLOW,
1596             'manager' => CAP_ALLOW
1597         ),
1598         'clonepermissionsfrom' => 'moodle/course:managegrades'
1599     ),
1601     // ability to save a grading form as a new shared template and eventually edit
1602     // and remove own templates (templates originally shared by that user)
1603     'moodle/grade:sharegradingforms' => array(
1604         'riskbitmask' => RISK_XSS,
1605         'captype' => 'write',
1606         'contextlevel' => CONTEXT_SYSTEM,
1607         'archetypes' => array(
1608             'manager' => CAP_ALLOW
1609         ),
1610     ),
1612     // ability to edit and remove any shared template, even those originally shared
1613     // by other users
1614     'moodle/grade:managesharedforms' => array(
1615         'riskbitmask' => RISK_XSS,
1616         'captype' => 'write',
1617         'contextlevel' => CONTEXT_SYSTEM,
1618         'archetypes' => array(
1619             'manager' => CAP_ALLOW
1620         ),
1621     ),
1623     'moodle/grade:manageoutcomes' => array(
1624         'captype' => 'write',
1625         'contextlevel' => CONTEXT_COURSE,
1626         'archetypes' => array(
1627             'editingteacher' => CAP_ALLOW,
1628             'manager' => CAP_ALLOW
1629         ),
1630         'clonepermissionsfrom' => 'moodle/course:managegrades'
1631     ),
1633     'moodle/grade:manageletters' => array(
1634         'captype' => 'write',
1635         'contextlevel' => CONTEXT_COURSE,
1636         'archetypes' => array(
1637             'editingteacher' => CAP_ALLOW,
1638             'manager' => CAP_ALLOW
1639         ),
1640         'clonepermissionsfrom' => 'moodle/course:managegrades'
1641     ),
1643     'moodle/grade:hide' => array(
1644         'captype' => 'write',
1645         'contextlevel' => CONTEXT_COURSE,
1646         'archetypes' => array(
1647             'editingteacher' => CAP_ALLOW,
1648             'manager' => CAP_ALLOW
1649         )
1650     ),
1652     'moodle/grade:lock' => array(
1653         'captype' => 'write',
1654         'contextlevel' => CONTEXT_COURSE,
1655         'archetypes' => array(
1656             'editingteacher' => CAP_ALLOW,
1657             'manager' => CAP_ALLOW
1658         )
1659     ),
1661     'moodle/grade:unlock' => array(
1662         'captype' => 'write',
1663         'contextlevel' => CONTEXT_COURSE,
1664         'archetypes' => array(
1665             'editingteacher' => CAP_ALLOW,
1666             'manager' => CAP_ALLOW
1667         )
1668     ),
1670     'moodle/my:manageblocks' => array(
1671         'captype' => 'write',
1672         'contextlevel' => CONTEXT_SYSTEM,
1673         'archetypes' => array(
1674             'user' => CAP_ALLOW
1675         )
1676     ),
1678     'moodle/notes:view' => array(
1679         'captype' => 'read',
1680         'contextlevel' => CONTEXT_COURSE,
1681         'archetypes' => array(
1682             'teacher' => CAP_ALLOW,
1683             'editingteacher' => CAP_ALLOW,
1684             'manager' => CAP_ALLOW
1685         )
1686     ),
1688     'moodle/notes:manage' => array(
1689         'riskbitmask' => RISK_SPAM,
1691         'captype' => 'write',
1692         'contextlevel' => CONTEXT_COURSE,
1693         'archetypes' => array(
1694             'teacher' => CAP_ALLOW,
1695             'editingteacher' => CAP_ALLOW,
1696             'manager' => CAP_ALLOW
1697         )
1698     ),
1700     'moodle/tag:manage' => array(
1701         'riskbitmask' => RISK_SPAM,
1703         'captype' => 'write',
1704         'contextlevel' => CONTEXT_SYSTEM,
1705         'archetypes' => array(
1706             'manager' => CAP_ALLOW
1707         )
1708     ),
1710     'moodle/tag:edit' => array(
1711         'riskbitmask' => RISK_SPAM,
1713         'captype' => 'write',
1714         'contextlevel' => CONTEXT_SYSTEM,
1715         'archetypes' => array(
1716             'manager' => CAP_ALLOW
1717         )
1718     ),
1720     'moodle/tag:flag' => array(
1721         'riskbitmask' => RISK_SPAM,
1723         'captype' => 'write',
1724         'contextlevel' => CONTEXT_SYSTEM,
1725         'archetypes' => array(
1726             'user' => CAP_ALLOW
1727         )
1728     ),
1730     'moodle/tag:editblocks' => array(
1731         'captype' => 'write',
1732         'contextlevel' => CONTEXT_SYSTEM,
1733         'archetypes' => array(
1734             'teacher' => CAP_ALLOW,
1735             'editingteacher' => CAP_ALLOW,
1736             'manager' => CAP_ALLOW
1737         )
1738     ),
1740     'moodle/block:view' => array(
1741         'captype' => 'read',
1742         'contextlevel' => CONTEXT_BLOCK,
1743         'archetypes' => array(
1744             'guest' => CAP_ALLOW,
1745             'user' => CAP_ALLOW,
1746             'student' => CAP_ALLOW,
1747             'teacher' => CAP_ALLOW,
1748             'editingteacher' => CAP_ALLOW,
1749         )
1750     ),
1752     'moodle/block:edit' => array(
1753         'riskbitmask' => RISK_SPAM | RISK_XSS,
1755         'captype' => 'write',
1756         'contextlevel' => CONTEXT_BLOCK,
1757         'archetypes' => array(
1758             'editingteacher' => CAP_ALLOW,
1759             'manager' => CAP_ALLOW
1760         )
1761     ),
1763     'moodle/portfolio:export' => array(
1764         'captype' => 'read',
1765         'contextlevel' => CONTEXT_SYSTEM,
1766         'archetypes' => array(
1767             'user' => CAP_ALLOW,
1768             'student' => CAP_ALLOW,
1769             'teacher' => CAP_ALLOW,
1770             'editingteacher' => CAP_ALLOW,
1771         )
1772     ),
1773     'moodle/comment:view' => array(
1774         'captype' => 'read',
1775         'contextlevel' => CONTEXT_COURSE,
1776         'archetypes' => array(
1777             'frontpage' => CAP_ALLOW,
1778             'guest' => CAP_ALLOW,
1779             'user' => CAP_ALLOW,
1780             'student' => CAP_ALLOW,
1781             'teacher' => CAP_ALLOW,
1782             'editingteacher' => CAP_ALLOW,
1783             'manager' => CAP_ALLOW
1784         )
1785     ),
1786     'moodle/comment:post' => array(
1788         'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
1789         'captype' => 'write',
1790         'contextlevel' => CONTEXT_COURSE,
1791         'archetypes' => array(
1792             'user' => CAP_ALLOW,
1793             'student' => CAP_ALLOW,
1794             'teacher' => CAP_ALLOW,
1795             'editingteacher' => CAP_ALLOW,
1796             'manager' => CAP_ALLOW
1797         )
1798     ),
1799     'moodle/comment:delete' => array(
1801         'riskbitmask' => RISK_DATALOSS,
1802         'captype' => 'write',
1803         'contextlevel' => CONTEXT_COURSE,
1804         'archetypes' => array(
1805             'editingteacher' => CAP_ALLOW,
1806             'manager' => CAP_ALLOW
1807         )
1808     ),
1809     'moodle/webservice:createtoken' => array(
1811         'riskbitmask' => RISK_CONFIG | RISK_DATALOSS | RISK_SPAM | RISK_PERSONAL | RISK_XSS,
1812         'captype' => 'write',
1813         'contextlevel' => CONTEXT_SYSTEM,
1814         'archetypes' => array(
1815             'manager' => CAP_ALLOW
1816         )
1817     ),
1818     'moodle/webservice:createmobiletoken' => array(
1820         'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
1821         'captype' => 'write',
1822         'contextlevel' => CONTEXT_SYSTEM,
1823         'archetypes' => array(
1824             'user' => CAP_ALLOW
1825         )
1826     ),
1827     'moodle/rating:view' => array(
1829         'captype' => 'read',
1830         'contextlevel' => CONTEXT_COURSE,
1831         'archetypes' => array(
1832             'user' => CAP_ALLOW,
1833             'student' => CAP_ALLOW,
1834             'teacher' => CAP_ALLOW,
1835             'editingteacher' => CAP_ALLOW,
1836             'manager' => CAP_ALLOW
1837         )
1838     ),
1839     'moodle/rating:viewany' => array(
1841         'riskbitmask' => RISK_PERSONAL,
1842         'captype' => 'read',
1843         'contextlevel' => CONTEXT_COURSE,
1844         'archetypes' => array(
1845             'user' => CAP_ALLOW,
1846             'student' => CAP_ALLOW,
1847             'teacher' => CAP_ALLOW,
1848             'editingteacher' => CAP_ALLOW,
1849             'manager' => CAP_ALLOW
1850         )
1851     ),
1852     'moodle/rating:viewall' => array(
1854         'riskbitmask' => RISK_PERSONAL,
1855         'captype' => 'read',
1856         'contextlevel' => CONTEXT_COURSE,
1857         'archetypes' => array(
1858             'user' => CAP_ALLOW,
1859             'student' => CAP_ALLOW,
1860             'teacher' => CAP_ALLOW,
1861             'editingteacher' => CAP_ALLOW,
1862             'manager' => CAP_ALLOW
1863         )
1864     ),
1865     'moodle/rating:rate' => array(
1867         'captype' => 'write',
1868         'contextlevel' => CONTEXT_COURSE,
1869         'archetypes' => array(
1870             'user' => CAP_ALLOW,
1871             'student' => CAP_ALLOW,
1872             'teacher' => CAP_ALLOW,
1873             'editingteacher' => CAP_ALLOW,
1874             'manager' => CAP_ALLOW
1875         )
1876     ),
1877      'moodle/course:publish' => array(
1879         'captype' => 'write',
1880         'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
1881         'contextlevel' => CONTEXT_SYSTEM,
1882         'archetypes' => array(
1883             'manager' => CAP_ALLOW
1884         )
1885     ),
1886     'moodle/course:markcomplete' => array(
1887         'captype' => 'write',
1888         'contextlevel' => CONTEXT_COURSE,
1889         'archetypes' => array(
1890             'teacher' => CAP_ALLOW,
1891             'editingteacher' => CAP_ALLOW,
1892             'manager' => CAP_ALLOW
1893         )
1894     ),
1895     'moodle/community:add' => array(
1896         'captype' => 'write',
1897         'contextlevel' => CONTEXT_SYSTEM,
1898         'archetypes' => array(
1899             'manager' => CAP_ALLOW,
1900             'teacher' => CAP_ALLOW,
1901             'editingteacher' => CAP_ALLOW,
1902         )
1903     ),
1904     'moodle/community:download' => array(
1905         'captype' => 'write',
1906         'contextlevel' => CONTEXT_SYSTEM,
1907         'archetypes' => array(
1908             'manager' => CAP_ALLOW,
1909             'editingteacher' => CAP_ALLOW,
1910         )
1911     ),
1913     // Badges.
1914     'moodle/badges:manageglobalsettings' => array(
1915         'riskbitmask'  => RISK_DATALOSS | RISK_CONFIG,
1916         'captype'      => 'write',
1917         'contextlevel' => CONTEXT_SYSTEM,
1918         'archetypes'   => array(
1919             'manager'       => CAP_ALLOW,
1920         )
1921     ),
1923     // View available badges without earning them.
1924     'moodle/badges:viewbadges' => array(
1925         'captype'       => 'read',
1926         'contextlevel'  => CONTEXT_COURSE,
1927         'archetypes'    => array(
1928             'user'          => CAP_ALLOW,
1929         )
1930     ),
1932     // Manage badges on own private badges page.
1933     'moodle/badges:manageownbadges' => array(
1934         'riskbitmap'    => RISK_SPAM,
1935         'captype'       => 'write',
1936         'contextlevel'  => CONTEXT_USER,
1937         'archetypes'    => array(
1938             'user'    => CAP_ALLOW
1939         )
1940     ),
1942     // View public badges in other users' profiles.
1943     'moodle/badges:viewotherbadges' => array(
1944         'riskbitmap'    => RISK_PERSONAL,
1945         'captype'       => 'read',
1946         'contextlevel'  => CONTEXT_USER,
1947         'archetypes'    => array(
1948             'user'    => CAP_ALLOW
1949         )
1950     ),
1952     // Earn badge.
1953     'moodle/badges:earnbadge' => array(
1954         'captype'       => 'write',
1955         'contextlevel'  => CONTEXT_COURSE,
1956         'archetypes'    => array(
1957             'user'           => CAP_ALLOW,
1958         )
1959     ),
1961     // Create/duplicate badges.
1962     'moodle/badges:createbadge' => array(
1963         'riskbitmask'  => RISK_SPAM,
1964         'captype'      => 'write',
1965         'contextlevel' => CONTEXT_COURSE,
1966         'archetypes'   => array(
1967             'manager'        => CAP_ALLOW,
1968             'editingteacher' => CAP_ALLOW,
1969         )
1970     ),
1972     // Delete badges.
1973     'moodle/badges:deletebadge' => array(
1974         'riskbitmask'  => RISK_DATALOSS,
1975         'captype'      => 'write',
1976         'contextlevel' => CONTEXT_COURSE,
1977         'archetypes'   => array(
1978             'manager'        => CAP_ALLOW,
1979             'editingteacher' => CAP_ALLOW,
1980         )
1981     ),
1983     // Set up/edit badge details.
1984     'moodle/badges:configuredetails' => array(
1985         'riskbitmask'  => RISK_SPAM,
1986         'captype'      => 'write',
1987         'contextlevel' => CONTEXT_COURSE,
1988         'archetypes'   => array(
1989             'manager'        => CAP_ALLOW,
1990             'editingteacher' => CAP_ALLOW,
1991         )
1992     ),
1994     // Set up/edit criteria of earning a badge.
1995     'moodle/badges:configurecriteria' => array(
1996         'riskbitmask'  => RISK_XSS,
1997         'captype'      => 'write',
1998         'contextlevel' => CONTEXT_COURSE,
1999         'archetypes'   => array(
2000             'manager'        => CAP_ALLOW,
2001             'editingteacher' => CAP_ALLOW,
2002         )
2003     ),
2005     // Configure badge messages.
2006     'moodle/badges:configuremessages' => array(
2007         'riskbitmask'  => RISK_SPAM,
2008         'captype'      => 'write',
2009         'contextlevel' => CONTEXT_COURSE,
2010         'archetypes'   => array(
2011             'manager'        => CAP_ALLOW,
2012             'editingteacher' => CAP_ALLOW,
2013         )
2014     ),
2016     // Award badge to a user.
2017     'moodle/badges:awardbadge' => array(
2018         'riskbitmask'  => RISK_SPAM,
2019         'captype'      => 'write',
2020         'contextlevel' => CONTEXT_COURSE,
2021         'archetypes'   => array(
2022             'manager'        => CAP_ALLOW,
2023             'teacher'        => CAP_ALLOW,
2024             'editingteacher' => CAP_ALLOW,
2025         )
2026     ),
2028     // View users who earned a specific badge without being able to award a badge.
2029     'moodle/badges:viewawarded' => array(
2030         'riskbitmask'  => RISK_PERSONAL,
2031         'captype'      => 'read',
2032         'contextlevel' => CONTEXT_COURSE,
2033         'archetypes'   => array(
2034                 'manager'        => CAP_ALLOW,
2035                 'teacher'        => CAP_ALLOW,
2036                 'editingteacher' => CAP_ALLOW,
2037         )
2038     ),
2040     'moodle/site:forcelanguage' => array(
2041         'captype' => 'read',
2042         'contextlevel' => CONTEXT_SYSTEM,
2043         'archetypes' => array(
2044         )
2045     ),
2047     // Perform site-wide search queries through the search API.
2048     'moodle/search:query' => array(
2049         'captype' => 'read',
2050         'contextlevel' => CONTEXT_SYSTEM,
2051         'archetypes' => array(
2052             'guest' => CAP_ALLOW,
2053             'user' => CAP_ALLOW,
2054             'student' => CAP_ALLOW,
2055             'teacher' => CAP_ALLOW,
2056             'editingteacher' => CAP_ALLOW,
2057             'manager' => CAP_ALLOW
2058         )
2059     ),
2061     // Competencies.
2062     'moodle/competency:competencymanage' => array(
2063         'captype' => 'write',
2064         'contextlevel' => CONTEXT_COURSECAT,
2065         'archetypes' => array(
2066             'manager' => CAP_ALLOW
2067         )
2068     ),
2069     'moodle/competency:competencyview' => array(
2070         'captype' => 'read',
2071         'contextlevel' => CONTEXT_COURSECAT,
2072         'archetypes' => array(
2073             'user' => CAP_ALLOW
2074         ),
2075     ),
2076     'moodle/competency:competencygrade' => array(
2077         'captype' => 'write',
2078         'contextlevel' => CONTEXT_COURSE, // And CONTEXT_USER.
2079         'archetypes' => array(
2080             'editingteacher' => CAP_ALLOW,
2081             'teacher' => CAP_ALLOW,
2082             'manager' => CAP_ALLOW
2083         ),
2084     ),
2085     // Course competencies.
2086     'moodle/competency:coursecompetencymanage' => array(
2087         'captype' => 'write',
2088         'contextlevel' => CONTEXT_COURSE,
2089         'archetypes' => array(
2090             'editingteacher' => CAP_ALLOW,
2091             'manager' => CAP_ALLOW
2092         ),
2093     ),
2094     'moodle/competency:coursecompetencyconfigure' => array(
2095         'captype' => 'write',
2096         'contextlevel' => CONTEXT_MODULE,
2097         'archetypes' => array(
2098             'manager' => CAP_ALLOW
2099         ),
2100     ),
2101     'moodle/competency:coursecompetencygradable' => array(
2102         'captype' => 'read',
2103         'contextlevel' => CONTEXT_COURSE,
2104         'archetypes' => array(
2105             'student' => CAP_ALLOW
2106         ),
2107         'clonepermissionsfrom' => 'moodle/course:isincompletionreports'
2108     ),
2109     'moodle/competency:coursecompetencyview' => array(
2110         'captype' => 'read',
2111         'contextlevel' => CONTEXT_COURSE,
2112         'archetypes' => array(
2113             'user' => CAP_ALLOW
2114         ),
2115     ),
2116     // Evidence.
2117     'moodle/competency:evidencedelete' => array(
2118         'captype' => 'write',
2119         'contextlevel' => CONTEXT_USER,
2120         'archetypes' => array(
2121         ),
2122         'clonepermissionsfrom' => 'moodle/site:config'
2123     ),
2124     // User plans.
2125     'moodle/competency:planmanage' => array(
2126         'captype' => 'write',
2127         'contextlevel' => CONTEXT_USER,
2128         'archetypes' => array(
2129             'manager' => CAP_ALLOW
2130         ),
2131     ),
2132     'moodle/competency:planmanagedraft' => array(
2133         'captype' => 'write',
2134         'contextlevel' => CONTEXT_USER,
2135         'archetypes' => array(
2136             'manager' => CAP_ALLOW
2137         ),
2138     ),
2139     'moodle/competency:planmanageown' => array(
2140         'captype' => 'write',
2141         'contextlevel' => CONTEXT_USER,
2142         'archetypes' => array(
2143         ),
2144     ),
2145     'moodle/competency:planmanageowndraft' => array(
2146         'captype' => 'write',
2147         'contextlevel' => CONTEXT_USER,
2148         'archetypes' => array(
2149         ),
2150     ),
2151     'moodle/competency:planview' => array(
2152         'captype' => 'read',
2153         'contextlevel' => CONTEXT_USER,
2154         'archetypes' => array(
2155             'manager' => CAP_ALLOW
2156         ),
2157     ),
2158     'moodle/competency:planviewdraft' => array(
2159         'captype' => 'read',
2160         'contextlevel' => CONTEXT_USER,
2161         'archetypes' => array(
2162             'manager' => CAP_ALLOW
2163         ),
2164     ),
2165     'moodle/competency:planviewown' => array(
2166         'captype' => 'read',
2167         'contextlevel' => CONTEXT_USER,
2168         'archetypes' => array(
2169             'user' => CAP_ALLOW
2170         ),
2171     ),
2172     'moodle/competency:planviewowndraft' => array(
2173         'captype' => 'read',
2174         'contextlevel' => CONTEXT_USER,
2175         'archetypes' => array(
2176         ),
2177     ),
2178     'moodle/competency:planrequestreview' => array(
2179         'captype' => 'write',
2180         'contextlevel' => CONTEXT_USER,
2181         'archetypes' => array(
2182             'manager' => CAP_ALLOW
2183         )
2184     ),
2185     'moodle/competency:planrequestreviewown' => array(
2186         'captype' => 'write',
2187         'contextlevel' => CONTEXT_USER,
2188         'archetypes' => array(
2189             'user' => CAP_ALLOW
2190         )
2191     ),
2192     'moodle/competency:planreview' => array(
2193         'captype' => 'write',
2194         'contextlevel' => CONTEXT_USER,
2195         'archetypes' => array(
2196             'manager' => CAP_ALLOW
2197         ),
2198     ),
2199     'moodle/competency:plancomment' => array(
2200         'captype' => 'write',
2201         'contextlevel' => CONTEXT_USER,
2202         'archetypes' => array(
2203             'manager' => CAP_ALLOW
2204         ),
2205     ),
2206     'moodle/competency:plancommentown' => array(
2207         'captype' => 'write',
2208         'contextlevel' => CONTEXT_USER,
2209         'archetypes' => array(
2210             'user' => CAP_ALLOW
2211         ),
2212     ),
2213     // User competencies.
2214     'moodle/competency:usercompetencyview' => array(
2215         'captype' => 'read',
2216         'contextlevel' => CONTEXT_USER,     // And CONTEXT_COURSE.
2217         'archetypes' => array(
2218             'manager' => CAP_ALLOW,
2219             'editingteacher' => CAP_ALLOW,
2220             'teacher' => CAP_ALLOW
2221         )
2222     ),
2223     'moodle/competency:usercompetencyrequestreview' => array(
2224         'captype' => 'write',
2225         'contextlevel' => CONTEXT_USER,
2226         'archetypes' => array(
2227             'manager' => CAP_ALLOW
2228         )
2229     ),
2230     'moodle/competency:usercompetencyrequestreviewown' => array(
2231         'captype' => 'write',
2232         'contextlevel' => CONTEXT_USER,
2233         'archetypes' => array(
2234             'user' => CAP_ALLOW
2235         )
2236     ),
2237     'moodle/competency:usercompetencyreview' => array(
2238         'captype' => 'write',
2239         'contextlevel' => CONTEXT_USER,
2240         'archetypes' => array(
2241             'manager' => CAP_ALLOW
2242         ),
2243     ),
2244     'moodle/competency:usercompetencycomment' => array(
2245         'captype' => 'write',
2246         'contextlevel' => CONTEXT_USER,
2247         'archetypes' => array(
2248             'manager' => CAP_ALLOW
2249         ),
2250     ),
2251     'moodle/competency:usercompetencycommentown' => array(
2252         'captype' => 'write',
2253         'contextlevel' => CONTEXT_USER,
2254         'archetypes' => array(
2255             'user' => CAP_ALLOW
2256         ),
2257     ),
2258     // Template.
2259     'moodle/competency:templatemanage' => array(
2260         'captype' => 'write',
2261         'contextlevel' => CONTEXT_COURSECAT,
2262         'archetypes' => array(
2263             'manager' => CAP_ALLOW
2264         ),
2265     ),
2266     'moodle/competency:templateview' => array(
2267         'captype' => 'read',
2268         'contextlevel' => CONTEXT_COURSECAT,
2269         'archetypes' => array(
2270             'manager' => CAP_ALLOW
2271         ),
2272     ),
2273     // User evidence.
2274     'moodle/competency:userevidencemanage' => array(
2275         'captype' => 'write',
2276         'contextlevel' => CONTEXT_USER,
2277         'archetypes' => array(
2278             'manager' => CAP_ALLOW
2279         ),
2280     ),
2281     'moodle/competency:userevidencemanageown' => array(
2282         'captype' => 'write',
2283         'contextlevel' => CONTEXT_USER,
2284         'archetypes' => array(
2285             'user' => CAP_ALLOW
2286         ),
2287     ),
2288     'moodle/competency:userevidenceview' => array(
2289         'captype' => 'read',
2290         'contextlevel' => CONTEXT_USER,
2291         'archetypes' => array(
2292             'manager' => CAP_ALLOW
2293         ),
2294     ),
2295     'moodle/site:maintenanceaccess' => array(
2296         'captype' => 'write',
2297         'contextlevel' => CONTEXT_SYSTEM,
2298         'archetypes' => array(
2299         )
2300     ),
2302 );