3 // Capability definitions for Moodle core.
5 // The capabilities are loaded into the database table when the module is
6 // installed or updated. Whenever the capability definitions are updated,
7 // the module version number should be bumped up.
9 // The system has four possible values for a capability:
10 // CAP_ALLOW, CAP_PREVENT, CAP_PROHIBIT, and inherit (not set).
13 // CAPABILITY NAMING CONVENTION
15 // It is important that capability names are unique. The naming convention
16 // for capabilities that are specific to modules and blocks is as follows:
17 // [mod/block]/<plugin_name>:<capabilityname>
19 // component_name should be the same as the directory name of the mod or block.
21 // Core moodle capabilities are defined thus:
22 // moodle/<capabilityclass>:<capabilityname>
24 // Examples: mod/forum:viewpost
25 // block/recent_activity:view
26 // moodle/site:deleteuser
28 // The variable name for the capability definitions array is $capabilities
31 $capabilities = array(
32 'moodle/site:config' => array(
34 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS | RISK_CONFIG | RISK_DATALOSS,
37 'contextlevel' => CONTEXT_SYSTEM,
42 'moodle/site:readallmessages' => array(
44 'riskbitmask' => RISK_PERSONAL,
47 'contextlevel' => CONTEXT_SYSTEM,
49 'manager' => CAP_ALLOW,
50 'editingteacher' => CAP_ALLOW
54 'moodle/site:sendmessage' => array(
56 'riskbitmask' => RISK_SPAM,
59 'contextlevel' => CONTEXT_SYSTEM,
61 'manager' => CAP_ALLOW,
66 'moodle/site:approvecourse' => array(
68 'riskbitmask' => RISK_XSS,
71 'contextlevel' => CONTEXT_SYSTEM,
73 'manager' => CAP_ALLOW
77 'moodle/backup:backupcourse' => array(
79 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
82 'contextlevel' => CONTEXT_COURSE,
84 'editingteacher' => CAP_ALLOW,
85 'manager' => CAP_ALLOW
88 'clonepermissionsfrom' => 'moodle/site:backup'
91 'moodle/backup:downloadfile' => array(
93 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
96 'contextlevel' => CONTEXT_COURSE,
98 'editingteacher' => CAP_ALLOW,
99 'manager' => CAP_ALLOW
102 'clonepermissionsfrom' => 'moodle/site:backupdownload'
105 'moodle/backup:userinfo' => array(
107 'riskbitmask' => RISK_PERSONAL,
110 'contextlevel' => CONTEXT_COURSE,
112 'manager' => CAP_ALLOW
116 'moodle/restore:restorecourse' => array(
118 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
120 'captype' => 'write',
121 'contextlevel' => CONTEXT_COURSE,
123 'editingteacher' => CAP_ALLOW,
124 'manager' => CAP_ALLOW
127 'clonepermissionsfrom' => 'moodle/site:restore'
130 'moodle/restore:restoretargetimport' => array(
132 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
134 'captype' => 'write',
135 'contextlevel' => CONTEXT_COURSE,
137 'editingteacher' => CAP_ALLOW,
138 'manager' => CAP_ALLOW
141 'clonepermissionsfrom' => 'moodle/site:import'
144 'moodle/restore:uploadfile' => array(
146 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
148 'captype' => 'write',
149 'contextlevel' => CONTEXT_COURSE,
151 'editingteacher' => CAP_ALLOW,
152 'manager' => CAP_ALLOW
155 'clonepermissionsfrom' => 'moodle/site:backupupload'
158 'moodle/restore:userinfo' => array(
160 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS | RISK_CONFIG,
162 'captype' => 'write',
163 'contextlevel' => CONTEXT_COURSE,
165 'manager' => CAP_ALLOW
169 'moodle/restore:createuser' => array(
171 'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
173 'captype' => 'write',
174 'contextlevel' => CONTEXT_SYSTEM,
176 'manager' => CAP_ALLOW
180 'moodle/restore:rolldates' => array(
182 'captype' => 'write',
183 'contextlevel' => CONTEXT_COURSE,
185 'coursecreator' => CAP_ALLOW,
186 'manager' => CAP_ALLOW
190 'moodle/site:manageblocks' => array(
192 'riskbitmask' => RISK_SPAM | RISK_XSS,
194 'captype' => 'write',
195 'contextlevel' => CONTEXT_BLOCK,
197 'editingteacher' => CAP_ALLOW,
198 'manager' => CAP_ALLOW
202 'moodle/site:accessallgroups' => array(
205 'contextlevel' => CONTEXT_COURSE,
207 'teacher' => CAP_ALLOW,
208 'editingteacher' => CAP_ALLOW,
209 'manager' => CAP_ALLOW
213 'moodle/site:viewfullnames' => array(
216 'contextlevel' => CONTEXT_COURSE,
218 'teacher' => CAP_ALLOW,
219 'editingteacher' => CAP_ALLOW,
220 'manager' => CAP_ALLOW
224 'moodle/site:viewreports' => array(
226 'riskbitmask' => RISK_PERSONAL,
229 'contextlevel' => CONTEXT_COURSE,
231 'teacher' => CAP_ALLOW,
232 'editingteacher' => CAP_ALLOW,
233 'manager' => CAP_ALLOW
237 'moodle/site:trustcontent' => array(
239 'riskbitmask' => RISK_XSS,
241 'captype' => 'write',
242 'contextlevel' => CONTEXT_COURSE,
244 'editingteacher' => CAP_ALLOW,
245 'manager' => CAP_ALLOW
249 'moodle/site:uploadusers' => array(
251 'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
253 'captype' => 'write',
254 'contextlevel' => CONTEXT_SYSTEM,
256 'manager' => CAP_ALLOW
260 'moodle/site:langeditmaster' => array(
262 'riskbitmask' => RISK_CONFIG | RISK_XSS,
264 'captype' => 'write',
265 'contextlevel' => CONTEXT_SYSTEM,
270 'moodle/site:langeditlocal' => array(
272 'riskbitmask' => RISK_CONFIG | RISK_XSS,
274 'captype' => 'write',
275 'contextlevel' => CONTEXT_SYSTEM,
277 'manager' => CAP_ALLOW
281 // Permission to manage filter setting overrides in subcontexts.
282 'moodle/filter:manage' => array(
284 'captype' => 'write',
285 'contextlevel' => CONTEXT_COURSE,
287 'editingteacher' => CAP_ALLOW,
288 'coursecreator' => CAP_ALLOW,
289 'manager' => CAP_ALLOW,
293 'moodle/user:create' => array(
295 'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
297 'captype' => 'write',
298 'contextlevel' => CONTEXT_SYSTEM,
300 'manager' => CAP_ALLOW
304 'moodle/user:delete' => array(
306 'riskbitmask' => RISK_PERSONAL, RISK_DATALOSS,
308 'captype' => 'write',
309 'contextlevel' => CONTEXT_SYSTEM,
311 'manager' => CAP_ALLOW
315 'moodle/user:update' => array(
317 'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
319 'captype' => 'write',
320 'contextlevel' => CONTEXT_SYSTEM,
322 'manager' => CAP_ALLOW
326 'moodle/user:viewdetails' => array(
329 'contextlevel' => CONTEXT_COURSE,
331 'guest' => CAP_ALLOW,
332 'student' => CAP_ALLOW,
333 'teacher' => CAP_ALLOW,
334 'editingteacher' => CAP_ALLOW,
335 'manager' => CAP_ALLOW
339 'moodle/user:viewhiddendetails' => array(
341 'riskbitmask' => RISK_PERSONAL,
344 'contextlevel' => CONTEXT_COURSE,
346 'teacher' => CAP_ALLOW,
347 'editingteacher' => CAP_ALLOW,
348 'manager' => CAP_ALLOW
352 'moodle/user:loginas' => array(
354 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS | RISK_CONFIG,
356 'captype' => 'write',
357 'contextlevel' => CONTEXT_COURSE,
359 'manager' => CAP_ALLOW
363 'moodle/role:assign' => array(
365 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
367 'captype' => 'write',
368 'contextlevel' => CONTEXT_COURSE,
370 'editingteacher' => CAP_ALLOW,
371 'manager' => CAP_ALLOW
375 'moodle/role:review' => array(
377 'riskbitmask' => RISK_PERSONAL,
380 'contextlevel' => CONTEXT_COURSE,
382 'teacher' => CAP_ALLOW,
383 'editingteacher' => CAP_ALLOW,
384 'manager' => CAP_ALLOW
388 'moodle/role:override' => array(
390 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
392 'captype' => 'write',
393 'contextlevel' => CONTEXT_COURSE,
395 'manager' => CAP_ALLOW
399 'moodle/role:safeoverride' => array(
401 'riskbitmask' => RISK_SPAM,
403 'captype' => 'write',
404 'contextlevel' => CONTEXT_COURSE,
406 'editingteacher' => CAP_ALLOW
410 'moodle/role:manage' => array(
412 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
414 'captype' => 'write',
415 'contextlevel' => CONTEXT_SYSTEM,
417 'manager' => CAP_ALLOW
421 'moodle/role:unassignself' => array(
423 'captype' => 'write',
424 'contextlevel' => CONTEXT_COURSE,
426 'student' => (empty($CFG->allowunenrol)) ? CAP_INHERIT : CAP_ALLOW,
427 'teacher' => CAP_ALLOW,
428 'editingteacher' => CAP_ALLOW,
429 'coursecreator' => CAP_ALLOW,
430 'manager' => CAP_ALLOW
434 'moodle/role:switchroles' => array(
436 'riskbitmask' => RISK_XSS | RISK_PERSONAL,
439 'contextlevel' => CONTEXT_COURSE,
441 'editingteacher' => CAP_ALLOW,
442 'manager' => CAP_ALLOW
446 // Create, update and delete course categories. (Deleting a course category
447 // does not let you delete the courses it contains, unless you also have
448 // moodle/course: delete.) Creating and deleting requires this permission in
449 // the parent category.
450 'moodle/category:manage' => array(
452 'riskbitmask' => RISK_XSS,
454 'captype' => 'write',
455 'contextlevel' => CONTEXT_COURSECAT,
457 'manager' => CAP_ALLOW
459 'clonepermissionsfrom' => 'moodle/category:update'
462 'moodle/category:viewhiddencategories' => array(
465 'contextlevel' => CONTEXT_COURSECAT,
467 'coursecreator' => CAP_ALLOW,
468 'manager' => CAP_ALLOW
470 'clonepermissionsfrom' => 'moodle/category:visibility'
473 'moodle/course:create' => array(
475 'riskbitmask' => RISK_XSS,
477 'captype' => 'write',
478 'contextlevel' => CONTEXT_COURSECAT,
480 'coursecreator' => CAP_ALLOW,
481 'manager' => CAP_ALLOW
485 'moodle/course:request' => array(
486 'captype' => 'write',
487 'contextlevel' => CONTEXT_SYSTEM,
493 'moodle/course:delete' => array(
495 'riskbitmask' => RISK_DATALOSS,
497 'captype' => 'write',
498 'contextlevel' => CONTEXT_COURSE,
500 'editingteacher' => CAP_ALLOW,
501 'manager' => CAP_ALLOW
505 'moodle/course:update' => array(
507 'riskbitmask' => RISK_XSS,
509 'captype' => 'write',
510 'contextlevel' => CONTEXT_COURSE,
512 'editingteacher' => CAP_ALLOW,
513 'manager' => CAP_ALLOW
517 /* originally this capability was called moodle/course:view,
518 * but since 2.0 it is used for access to course without the enrolment
520 'moodle/course:participate' => array(
523 'contextlevel' => CONTEXT_COURSE,
525 'student' => CAP_ALLOW,
526 'teacher' => CAP_ALLOW,
527 'editingteacher' => CAP_ALLOW
531 'moodle/course:view' => array(
534 'contextlevel' => CONTEXT_COURSE,
536 'manager' => CAP_ALLOW,
540 'moodle/course:bulkmessaging' => array(
542 'riskbitmask' => RISK_SPAM,
544 'captype' => 'write',
545 'contextlevel' => CONTEXT_COURSE,
547 'teacher' => CAP_ALLOW,
548 'editingteacher' => CAP_ALLOW,
549 'manager' => CAP_ALLOW
553 'moodle/course:viewhiddenuserfields' => array(
555 'riskbitmask' => RISK_PERSONAL,
558 'contextlevel' => CONTEXT_COURSE,
560 'teacher' => CAP_ALLOW,
561 'editingteacher' => CAP_ALLOW,
562 'manager' => CAP_ALLOW
566 'moodle/course:viewhiddencourses' => array(
569 'contextlevel' => CONTEXT_COURSE,
571 'coursecreator' => CAP_ALLOW,
572 'teacher' => CAP_ALLOW,
573 'editingteacher' => CAP_ALLOW,
574 'manager' => CAP_ALLOW
578 'moodle/course:visibility' => array(
580 'captype' => 'write',
581 'contextlevel' => CONTEXT_COURSE,
583 'manager' => CAP_ALLOW
587 'moodle/course:managefiles' => array(
589 'riskbitmask' => RISK_XSS,
591 'captype' => 'write',
592 'contextlevel' => CONTEXT_COURSE,
594 'editingteacher' => CAP_ALLOW,
595 'manager' => CAP_ALLOW
599 'moodle/course:manageactivities' => array(
601 'riskbitmask' => RISK_XSS,
603 'captype' => 'write',
604 'contextlevel' => CONTEXT_COURSE,
606 'editingteacher' => CAP_ALLOW,
607 'manager' => CAP_ALLOW
611 'moodle/course:managemetacourse' => array(
613 'riskbitmask' => RISK_XSS | RISK_PERSONAL,
615 'captype' => 'write',
616 'contextlevel' => CONTEXT_COURSE,
618 'editingteacher' => CAP_ALLOW,
619 'manager' => CAP_ALLOW
623 'moodle/course:activityvisibility' => array(
625 'captype' => 'write',
626 'contextlevel' => CONTEXT_COURSE,
628 'editingteacher' => CAP_ALLOW,
629 'manager' => CAP_ALLOW
633 'moodle/course:viewhiddenactivities' => array(
635 'captype' => 'write',
636 'contextlevel' => CONTEXT_COURSE,
638 'teacher' => CAP_ALLOW,
639 'editingteacher' => CAP_ALLOW,
640 'manager' => CAP_ALLOW
644 'moodle/course:viewparticipants' => array(
647 'contextlevel' => CONTEXT_COURSE,
649 'student' => CAP_ALLOW,
650 'teacher' => CAP_ALLOW,
651 'editingteacher' => CAP_ALLOW,
652 'manager' => CAP_ALLOW
656 'moodle/course:changefullname' => array(
658 'riskbitmask' => RISK_XSS,
660 'captype' => 'write',
661 'contextlevel' => CONTEXT_COURSE,
663 'editingteacher' => CAP_ALLOW,
664 'manager' => CAP_ALLOW
666 'clonepermissionsfrom' => 'moodle/course:update'
669 'moodle/course:changeshortname' => array(
671 'riskbitmask' => RISK_XSS,
673 'captype' => 'write',
674 'contextlevel' => CONTEXT_COURSE,
676 'editingteacher' => CAP_ALLOW,
677 'manager' => CAP_ALLOW
679 'clonepermissionsfrom' => 'moodle/course:update'
682 'moodle/course:changeidnumber' => array(
684 'riskbitmask' => RISK_XSS,
686 'captype' => 'write',
687 'contextlevel' => CONTEXT_COURSE,
689 'editingteacher' => CAP_ALLOW,
690 'manager' => CAP_ALLOW
692 'clonepermissionsfrom' => 'moodle/course:update'
694 'moodle/course:changecategory' => array(
695 'riskbitmask' => RISK_XSS,
697 'captype' => 'write',
698 'contextlevel' => CONTEXT_COURSE,
700 'editingteacher' => CAP_ALLOW,
701 'manager' => CAP_ALLOW
703 'clonepermissionsfrom' => 'moodle/course:update'
706 'moodle/course:changesummary' => array(
707 'riskbitmask' => RISK_XSS,
709 'captype' => 'write',
710 'contextlevel' => CONTEXT_COURSE,
712 'editingteacher' => CAP_ALLOW,
713 'manager' => CAP_ALLOW
715 'clonepermissionsfrom' => 'moodle/course:update'
719 'moodle/site:viewparticipants' => array(
722 'contextlevel' => CONTEXT_SYSTEM,
724 'manager' => CAP_ALLOW
728 'moodle/course:viewscales' => array(
731 'contextlevel' => CONTEXT_COURSE,
733 'student' => CAP_ALLOW,
734 'teacher' => CAP_ALLOW,
735 'editingteacher' => CAP_ALLOW,
736 'manager' => CAP_ALLOW
740 'moodle/course:managescales' => array(
742 'captype' => 'write',
743 'contextlevel' => CONTEXT_COURSE,
745 'editingteacher' => CAP_ALLOW,
746 'manager' => CAP_ALLOW
750 'moodle/course:managegroups' => array(
752 'captype' => 'write',
753 'contextlevel' => CONTEXT_COURSE,
755 'editingteacher' => CAP_ALLOW,
756 'manager' => CAP_ALLOW
760 'moodle/course:reset' => array(
762 'riskbitmask' => RISK_DATALOSS,
764 'captype' => 'write',
765 'contextlevel' => CONTEXT_COURSE,
767 'editingteacher' => CAP_ALLOW,
768 'manager' => CAP_ALLOW
772 'moodle/blog:view' => array(
775 'contextlevel' => CONTEXT_SYSTEM,
777 'guest' => CAP_ALLOW,
779 'student' => CAP_ALLOW,
780 'teacher' => CAP_ALLOW,
781 'editingteacher' => CAP_ALLOW,
782 'manager' => CAP_ALLOW
786 'moodle/blog:search' => array(
788 'contextlevel' => CONTEXT_SYSTEM,
790 'guest' => CAP_ALLOW,
792 'student' => CAP_ALLOW,
793 'teacher' => CAP_ALLOW,
794 'editingteacher' => CAP_ALLOW,
795 'manager' => CAP_ALLOW
799 'moodle/blog:viewdrafts' => array(
801 'riskbitmask' => RISK_PERSONAL,
803 'contextlevel' => CONTEXT_SYSTEM,
805 'manager' => CAP_ALLOW
809 'moodle/blog:create' => array( // works in CONTEXT_SYSTEM only
811 'riskbitmask' => RISK_SPAM,
813 'captype' => 'write',
814 'contextlevel' => CONTEXT_SYSTEM,
817 'manager' => CAP_ALLOW
821 'moodle/blog:manageentries' => array(
823 'riskbitmask' => RISK_SPAM,
825 'captype' => 'write',
826 'contextlevel' => CONTEXT_SYSTEM,
828 'teacher' => CAP_ALLOW,
829 'editingteacher' => CAP_ALLOW,
830 'manager' => CAP_ALLOW
834 'moodle/blog:manageexternal' => array(
836 'riskbitmask' => RISK_SPAM,
838 'captype' => 'write',
839 'contextlevel' => CONTEXT_USER,
841 'student' => CAP_ALLOW,
843 'teacher' => CAP_ALLOW,
844 'editingteacher' => CAP_ALLOW,
845 'manager' => CAP_ALLOW
849 'moodle/blog:associatecourse' => array(
851 'captype' => 'write',
852 'contextlevel' => CONTEXT_COURSE,
854 'student' => CAP_ALLOW,
856 'teacher' => CAP_ALLOW,
857 'editingteacher' => CAP_ALLOW,
858 'manager' => CAP_ALLOW
862 'moodle/blog:associatemodule' => array(
864 'captype' => 'write',
865 'contextlevel' => CONTEXT_MODULE,
867 'student' => CAP_ALLOW,
869 'teacher' => CAP_ALLOW,
870 'editingteacher' => CAP_ALLOW,
871 'manager' => CAP_ALLOW
875 'moodle/calendar:manageownentries' => array( // works in CONTEXT_SYSTEM only
877 'riskbitmask' => RISK_SPAM,
879 'captype' => 'write',
880 'contextlevel' => CONTEXT_COURSE,
883 'manager' => CAP_ALLOW
887 'moodle/calendar:managegroupentries' => array(
889 'riskbitmask' => RISK_SPAM,
891 'captype' => 'write',
892 'contextlevel' => CONTEXT_COURSE,
894 'teacher' => CAP_ALLOW,
895 'editingteacher' => CAP_ALLOW,
896 'manager' => CAP_ALLOW
900 'moodle/calendar:manageentries' => array(
902 'riskbitmask' => RISK_SPAM,
904 'captype' => 'write',
905 'contextlevel' => CONTEXT_COURSE,
907 'teacher' => CAP_ALLOW,
908 'editingteacher' => CAP_ALLOW,
909 'manager' => CAP_ALLOW
913 'moodle/user:editprofile' => array(
915 'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
917 'captype' => 'write',
918 'contextlevel' => CONTEXT_USER,
920 'manager' => CAP_ALLOW
924 'moodle/user:editownprofile' => array(
926 'riskbitmask' => RISK_SPAM,
928 'captype' => 'write',
929 'contextlevel' => CONTEXT_SYSTEM,
931 'guest' => CAP_PROHIBIT,
933 'manager' => CAP_ALLOW
937 'moodle/user:changeownpassword' => array(
939 'captype' => 'write',
940 'contextlevel' => CONTEXT_SYSTEM,
942 'guest' => CAP_PROHIBIT,
944 'manager' => CAP_ALLOW
948 // The next 3 might make no sense for some roles, e.g teacher, etc.
949 // since the next level up is site. These are more for the parent role
950 'moodle/user:readuserposts' => array(
953 'contextlevel' => CONTEXT_USER,
955 'student' => CAP_ALLOW,
956 'teacher' => CAP_ALLOW,
957 'editingteacher' => CAP_ALLOW,
958 'manager' => CAP_ALLOW
962 'moodle/user:readuserblogs' => array(
965 'contextlevel' => CONTEXT_USER,
967 'student' => CAP_ALLOW,
968 'teacher' => CAP_ALLOW,
969 'editingteacher' => CAP_ALLOW,
970 'manager' => CAP_ALLOW
974 // designed for parent role - not used in legacy roles
975 'moodle/user:viewuseractivitiesreport' => array(
976 'riskbitmask' => RISK_PERSONAL,
979 'contextlevel' => CONTEXT_USER,
984 //capabilities designed for the new message system configuration
985 'moodle/user:editmessageprofile' => array(
987 'riskbitmask' => RISK_SPAM,
989 'captype' => 'write',
990 'contextlevel' => CONTEXT_USER,
992 'manager' => CAP_ALLOW
996 'moodle/user:editownmessageprofile' => array(
998 'captype' => 'write',
999 'contextlevel' => CONTEXT_SYSTEM,
1001 'guest' => CAP_PROHIBIT,
1002 'user' => CAP_ALLOW,
1003 'manager' => CAP_ALLOW
1007 'moodle/question:managecategory' => array(
1008 'riskbitmask' => RISK_SPAM | RISK_XSS,
1009 'captype' => 'write',
1010 'contextlevel' => CONTEXT_COURSE,
1012 'editingteacher' => CAP_ALLOW,
1013 'manager' => CAP_ALLOW
1018 'moodle/question:add' => array(
1019 'riskbitmask' => RISK_SPAM | RISK_XSS,
1020 'captype' => 'write',
1021 'contextlevel' => CONTEXT_COURSE,
1023 'editingteacher' => CAP_ALLOW,
1024 'manager' => CAP_ALLOW
1026 'clonepermissionsfrom' => 'moodle/question:manage'
1028 'moodle/question:editmine' => array(
1029 'riskbitmask' => RISK_SPAM | RISK_XSS,
1030 'captype' => 'write',
1031 'contextlevel' => CONTEXT_COURSE,
1033 'editingteacher' => CAP_ALLOW,
1034 'manager' => CAP_ALLOW
1036 'clonepermissionsfrom' => 'moodle/question:manage'
1038 'moodle/question:editall' => array(
1039 'riskbitmask' => RISK_SPAM | RISK_XSS,
1040 'captype' => 'write',
1041 'contextlevel' => CONTEXT_COURSE,
1043 'editingteacher' => CAP_ALLOW,
1044 'manager' => CAP_ALLOW
1046 'clonepermissionsfrom' => 'moodle/question:manage'
1048 'moodle/question:viewmine' => array(
1049 'captype' => 'read',
1050 'contextlevel' => CONTEXT_COURSE,
1052 'editingteacher' => CAP_ALLOW,
1053 'manager' => CAP_ALLOW
1055 'clonepermissionsfrom' => 'moodle/question:manage'
1057 'moodle/question:viewall' => array(
1058 'captype' => 'read',
1059 'contextlevel' => CONTEXT_COURSE,
1061 'editingteacher' => CAP_ALLOW,
1062 'manager' => CAP_ALLOW
1064 'clonepermissionsfrom' => 'moodle/question:manage'
1066 'moodle/question:usemine' => array(
1067 'captype' => 'read',
1068 'contextlevel' => CONTEXT_COURSE,
1070 'editingteacher' => CAP_ALLOW,
1071 'manager' => CAP_ALLOW
1073 'clonepermissionsfrom' => 'moodle/question:manage'
1075 'moodle/question:useall' => array(
1076 'captype' => 'read',
1077 'contextlevel' => CONTEXT_COURSE,
1079 'editingteacher' => CAP_ALLOW,
1080 'manager' => CAP_ALLOW
1082 'clonepermissionsfrom' => 'moodle/question:manage'
1084 'moodle/question:movemine' => array(
1085 'captype' => 'write',
1086 'contextlevel' => CONTEXT_COURSE,
1088 'editingteacher' => CAP_ALLOW,
1089 'manager' => CAP_ALLOW
1091 'clonepermissionsfrom' => 'moodle/question:manage'
1093 'moodle/question:moveall' => array(
1094 'captype' => 'write',
1095 'contextlevel' => CONTEXT_COURSE,
1097 'editingteacher' => CAP_ALLOW,
1098 'manager' => CAP_ALLOW
1100 'clonepermissionsfrom' => 'moodle/question:manage'
1102 //END new in moodle 1.9
1104 // Configure the installed question types.
1105 'moodle/question:config' => array(
1106 'riskbitmask' => RISK_CONFIG,
1107 'captype' => 'write',
1108 'contextlevel' => CONTEXT_SYSTEM,
1110 'manager' => CAP_ALLOW
1114 // While attempting questions, the ability to flag particular questions for later reference.
1115 'moodle/question:flag' => array(
1116 'captype' => 'write',
1117 'contextlevel' => CONTEXT_COURSE,
1119 'student' => CAP_ALLOW,
1120 'teacher' => CAP_ALLOW,
1121 'editingteacher' => CAP_ALLOW,
1122 'coursecreator' => CAP_ALLOW,
1123 'manager' => CAP_ALLOW
1127 'moodle/site:doclinks' => array(
1128 'captype' => 'read',
1129 'contextlevel' => CONTEXT_SYSTEM,
1131 'teacher' => CAP_ALLOW,
1132 'editingteacher' => CAP_ALLOW,
1133 'manager' => CAP_ALLOW
1137 'moodle/course:sectionvisibility' => array(
1139 'captype' => 'write',
1140 'contextlevel' => CONTEXT_COURSE,
1142 'editingteacher' => CAP_ALLOW,
1143 'manager' => CAP_ALLOW
1147 'moodle/course:useremail' => array(
1149 'captype' => 'write',
1150 'contextlevel' => CONTEXT_COURSE,
1152 'editingteacher' => CAP_ALLOW,
1153 'manager' => CAP_ALLOW
1157 'moodle/course:viewhiddensections' => array(
1159 'captype' => 'write',
1160 'contextlevel' => CONTEXT_COURSE,
1162 'editingteacher' => CAP_ALLOW,
1163 'manager' => CAP_ALLOW
1167 'moodle/course:setcurrentsection' => array(
1169 'captype' => 'write',
1170 'contextlevel' => CONTEXT_COURSE,
1172 'editingteacher' => CAP_ALLOW,
1173 'manager' => CAP_ALLOW
1177 'moodle/site:mnetlogintoremote' => array(
1179 'captype' => 'read',
1180 'contextlevel' => CONTEXT_SYSTEM,
1182 'manager' => CAP_ALLOW
1186 'moodle/grade:viewall' => array(
1187 'riskbitmask' => RISK_PERSONAL,
1188 'captype' => 'read',
1189 'contextlevel' => CONTEXT_COURSE, // and CONTEXT_USER
1191 'teacher' => CAP_ALLOW,
1192 'editingteacher' => CAP_ALLOW,
1193 'manager' => CAP_ALLOW
1195 'clonepermissionsfrom' => 'moodle/course:viewcoursegrades'
1198 'moodle/grade:view' => array(
1199 'captype' => 'read',
1200 'contextlevel' => CONTEXT_COURSE,
1202 'student' => CAP_ALLOW
1206 'moodle/grade:viewhidden' => array(
1207 'riskbitmask' => RISK_PERSONAL,
1208 'captype' => 'read',
1209 'contextlevel' => CONTEXT_COURSE,
1211 'teacher' => CAP_ALLOW,
1212 'editingteacher' => CAP_ALLOW,
1213 'manager' => CAP_ALLOW
1215 'clonepermissionsfrom' => 'moodle/course:viewcoursegrades'
1218 'moodle/grade:import' => array(
1219 'riskbitmask' => RISK_PERSONAL | RISK_XSS,
1220 'captype' => 'write',
1221 'contextlevel' => CONTEXT_COURSE,
1223 'editingteacher' => CAP_ALLOW,
1224 'manager' => CAP_ALLOW
1226 'clonepermissionsfrom' => 'moodle/course:managegrades'
1229 'moodle/grade:export' => array(
1230 'riskbitmask' => RISK_PERSONAL,
1231 'captype' => 'read',
1232 'contextlevel' => CONTEXT_COURSE,
1234 'teacher' => CAP_ALLOW,
1235 'editingteacher' => CAP_ALLOW,
1236 'manager' => CAP_ALLOW
1238 'clonepermissionsfrom' => 'moodle/course:managegrades'
1241 'moodle/grade:manage' => array(
1242 'riskbitmask' => RISK_PERSONAL | RISK_XSS,
1243 'captype' => 'write',
1244 'contextlevel' => CONTEXT_COURSE,
1246 'editingteacher' => CAP_ALLOW,
1247 'manager' => CAP_ALLOW
1249 'clonepermissionsfrom' => 'moodle/course:managegrades'
1252 'moodle/grade:edit' => array(
1253 'riskbitmask' => RISK_PERSONAL | RISK_XSS,
1254 'captype' => 'write',
1255 'contextlevel' => CONTEXT_COURSE,
1257 'editingteacher' => CAP_ALLOW,
1258 'manager' => CAP_ALLOW
1260 'clonepermissionsfrom' => 'moodle/course:managegrades'
1263 'moodle/grade:manageoutcomes' => array(
1264 'captype' => 'write',
1265 'contextlevel' => CONTEXT_COURSE,
1267 'editingteacher' => CAP_ALLOW,
1268 'manager' => CAP_ALLOW
1270 'clonepermissionsfrom' => 'moodle/course:managegrades'
1273 'moodle/grade:manageletters' => array(
1274 'captype' => 'write',
1275 'contextlevel' => CONTEXT_COURSE,
1277 'editingteacher' => CAP_ALLOW,
1278 'manager' => CAP_ALLOW
1280 'clonepermissionsfrom' => 'moodle/course:managegrades'
1283 'moodle/grade:hide' => array(
1284 'captype' => 'write',
1285 'contextlevel' => CONTEXT_COURSE,
1287 'editingteacher' => CAP_ALLOW,
1288 'manager' => CAP_ALLOW
1292 'moodle/grade:lock' => array(
1293 'captype' => 'write',
1294 'contextlevel' => CONTEXT_COURSE,
1296 'editingteacher' => CAP_ALLOW,
1297 'manager' => CAP_ALLOW
1301 'moodle/grade:unlock' => array(
1302 'captype' => 'write',
1303 'contextlevel' => CONTEXT_COURSE,
1305 'editingteacher' => CAP_ALLOW,
1306 'manager' => CAP_ALLOW
1310 'moodle/my:manageblocks' => array(
1311 'captype' => 'write',
1312 'contextlevel' => CONTEXT_SYSTEM,
1318 'moodle/notes:view' => array(
1319 'captype' => 'read',
1320 'contextlevel' => CONTEXT_COURSE,
1322 'teacher' => CAP_ALLOW,
1323 'editingteacher' => CAP_ALLOW,
1324 'manager' => CAP_ALLOW
1328 'moodle/notes:manage' => array(
1329 'riskbitmask' => RISK_SPAM,
1331 'captype' => 'write',
1332 'contextlevel' => CONTEXT_COURSE,
1334 'teacher' => CAP_ALLOW,
1335 'editingteacher' => CAP_ALLOW,
1336 'manager' => CAP_ALLOW
1340 'moodle/tag:manage' => array(
1341 'riskbitmask' => RISK_SPAM,
1343 'captype' => 'write',
1344 'contextlevel' => CONTEXT_SYSTEM,
1346 'teacher' => CAP_ALLOW,
1347 'editingteacher' => CAP_ALLOW,
1348 'manager' => CAP_ALLOW
1352 'moodle/tag:create' => array(
1353 'riskbitmask' => RISK_SPAM,
1355 'captype' => 'write',
1356 'contextlevel' => CONTEXT_SYSTEM,
1358 'manager' => CAP_ALLOW,
1363 'moodle/tag:edit' => array(
1364 'riskbitmask' => RISK_SPAM,
1366 'captype' => 'write',
1367 'contextlevel' => CONTEXT_SYSTEM,
1369 'manager' => CAP_ALLOW,
1374 'moodle/tag:editblocks' => array(
1375 'captype' => 'write',
1376 'contextlevel' => CONTEXT_SYSTEM,
1378 'teacher' => CAP_ALLOW,
1379 'editingteacher' => CAP_ALLOW,
1380 'manager' => CAP_ALLOW
1384 'moodle/block:view' => array(
1385 'captype' => 'read',
1386 'contextlevel' => CONTEXT_BLOCK,
1388 'guest' => CAP_ALLOW,
1389 'user' => CAP_ALLOW,
1390 'student' => CAP_ALLOW,
1391 'teacher' => CAP_ALLOW,
1392 'editingteacher' => CAP_ALLOW,
1393 'coursecreator' => CAP_ALLOW
1397 'moodle/block:edit' => array(
1398 'riskbitmask' => RISK_SPAM | RISK_XSS,
1400 'captype' => 'write',
1401 'contextlevel' => CONTEXT_BLOCK,
1403 'editingteacher' => CAP_ALLOW,
1404 'coursecreator' => CAP_ALLOW
1408 'moodle/portfolio:export' => array(
1409 'captype' => 'read',
1410 'contextlevel' => CONTEXT_SYSTEM,
1412 'user' => CAP_ALLOW,
1413 'student' => CAP_ALLOW,
1414 'teacher' => CAP_ALLOW,
1415 'editingteacher' => CAP_ALLOW,
1416 'coursecreator' => CAP_ALLOW
1419 'moodle/comment:view' => array(
1421 'captype' => 'read',
1422 'contextlevel' => CONTEXT_SYSTEM,
1424 'user' => CAP_ALLOW,
1425 'student' => CAP_ALLOW,
1426 'teacher' => CAP_ALLOW,
1427 'editingteacher' => CAP_ALLOW,
1428 'coursecreator' => CAP_ALLOW,
1429 'manager' => CAP_ALLOW
1432 'moodle/comment:post' => array(
1434 'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
1435 'captype' => 'write',
1436 'contextlevel' => CONTEXT_SYSTEM,
1438 'user' => CAP_ALLOW,
1439 'student' => CAP_ALLOW,
1440 'teacher' => CAP_ALLOW,
1441 'editingteacher' => CAP_ALLOW,
1442 'coursecreator' => CAP_ALLOW,
1443 'manager' => CAP_ALLOW
1446 'moodle/comment:delete' => array(
1448 'riskbitmask' => RISK_DATALOSS,
1449 'captype' => 'write',
1450 'contextlevel' => CONTEXT_SYSTEM,
1452 'editingteacher' => CAP_ALLOW,
1453 'coursecreator' => CAP_ALLOW,
1454 'manager' => CAP_ALLOW
1457 'moodle/webservice:createtoken' => array(
1459 'riskbitmask' => RISK_CONFIG | RISK_DATALOSS | RISK_SPAM | RISK_PERSONAL | RISK_XSS,
1460 'captype' => 'write',
1461 'contextlevel' => CONTEXT_SYSTEM,
1463 'manager' => CAP_ALLOW
1466 'moodle/rating:view' => array(
1467 'captype' => 'read',
1468 'contextlevel' => CONTEXT_SYSTEM,
1470 'student' => CAP_ALLOW,
1471 'teacher' => CAP_ALLOW,
1472 'editingteacher' => CAP_ALLOW,
1473 'manager' => CAP_ALLOW
1476 'moodle/rating:viewany' => array(
1477 'riskbitmask' => RISK_PERSONAL,
1478 'captype' => 'read',
1479 'contextlevel' => CONTEXT_SYSTEM,
1481 'student' => CAP_ALLOW,
1482 'teacher' => CAP_ALLOW,
1483 'editingteacher' => CAP_ALLOW,
1484 'manager' => CAP_ALLOW
1487 'moodle/rating:viewall' => array(
1488 'riskbitmask' => RISK_PERSONAL,
1489 'captype' => 'read',
1490 'contextlevel' => CONTEXT_SYSTEM,
1492 'student' => CAP_ALLOW,
1493 'teacher' => CAP_ALLOW,
1494 'editingteacher' => CAP_ALLOW,
1495 'manager' => CAP_ALLOW
1498 'moodle/rating:rate' => array(
1499 'captype' => 'write',
1500 'contextlevel' => CONTEXT_SYSTEM,
1502 'student' => CAP_ALLOW,
1503 'teacher' => CAP_ALLOW,
1504 'editingteacher' => CAP_ALLOW,
1505 'manager' => CAP_ALLOW
