MDL-21668 backup - New capabilities creation
[moodle.git] / lib / db / access.php
1 <?php
2 //
3 // Capability definitions for Moodle core.
4 //
5 // The capabilities are loaded into the database table when the module is
6 // installed or updated. Whenever the capability definitions are updated,
7 // the module version number should be bumped up.
8 //
9 // The system has four possible values for a capability:
10 // CAP_ALLOW, CAP_PREVENT, CAP_PROHIBIT, and inherit (not set).
11 //
12 //
13 // CAPABILITY NAMING CONVENTION
14 //
15 // It is important that capability names are unique. The naming convention
16 // for capabilities that are specific to modules and blocks is as follows:
17 //   [mod/block]/<plugin_name>:<capabilityname>
18 //
19 // component_name should be the same as the directory name of the mod or block.
20 //
21 // Core moodle capabilities are defined thus:
22 //    moodle/<capabilityclass>:<capabilityname>
23 //
24 // Examples: mod/forum:viewpost
25 //           block/recent_activity:view
26 //           moodle/site:deleteuser
27 //
28 // The variable name for the capability definitions array is $capabilities
31 $capabilities = array(
32     'moodle/site:config' => array(
34         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS | RISK_CONFIG | RISK_DATALOSS,
36         'captype' => 'write',
37         'contextlevel' => CONTEXT_SYSTEM,
38         'legacy' => array(
39         )
40     ),
42     'moodle/site:readallmessages' => array(
44         'riskbitmask' => RISK_PERSONAL,
46         'captype' => 'read',
47         'contextlevel' => CONTEXT_SYSTEM,
48         'legacy' => array(
49             'manager' => CAP_ALLOW,
50             'editingteacher' => CAP_ALLOW
51         )
52     ),
54     'moodle/site:sendmessage' => array(
56         'riskbitmask' => RISK_SPAM,
58         'captype' => 'write',
59         'contextlevel' => CONTEXT_SYSTEM,
60         'legacy' => array(
61             'manager' => CAP_ALLOW,
62             'user' => CAP_ALLOW
63         )
64     ),
66     'moodle/site:approvecourse' => array(
68         'riskbitmask' => RISK_XSS,
70         'captype' => 'write',
71         'contextlevel' => CONTEXT_SYSTEM,
72         'legacy' => array(
73             'manager' => CAP_ALLOW
74         )
75     ),
77     'moodle/backup:backupcourse' => array(
79         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
81         'captype' => 'write',
82         'contextlevel' => CONTEXT_COURSE,
83         'legacy' => array(
84             'editingteacher' => CAP_ALLOW,
85             'manager' => CAP_ALLOW
86         ),
88         'clonepermissionsfrom' =>  'moodle/site:backup'
89     ),
91     'moodle/backup:backupsection' => array(
93         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
95         'captype' => 'write',
96         'contextlevel' => CONTEXT_COURSE,
97         'legacy' => array(
98             'editingteacher' => CAP_ALLOW,
99             'manager' => CAP_ALLOW
100         ),
102         'clonepermissionsfrom' =>  'moodle/backup:backupcourse'
103     ),
105     'moodle/backup:backupactivity' => array(
107         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
109         'captype' => 'write',
110         'contextlevel' => CONTEXT_MODULE,
111         'legacy' => array(
112             'editingteacher' => CAP_ALLOW,
113             'manager' => CAP_ALLOW
114         ),
116         'clonepermissionsfrom' =>  'moodle/backup:backupcourse'
117     ),
119     'moodle/backup:backuptargethub' => array(
121         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
123         'captype' => 'write',
124         'contextlevel' => CONTEXT_COURSE,
125         'legacy' => array(
126             'editingteacher' => CAP_ALLOW,
127             'manager' => CAP_ALLOW
128         ),
130         'clonepermissionsfrom' =>  'moodle/backup:backupcourse'
131     ),
133     'moodle/backup:backuptargetimport' => array(
135         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
137         'captype' => 'write',
138         'contextlevel' => CONTEXT_COURSE,
139         'legacy' => array(
140             'editingteacher' => CAP_ALLOW,
141             'manager' => CAP_ALLOW
142         ),
144         'clonepermissionsfrom' =>  'moodle/backup:backupcourse'
145     ),
147     'moodle/backup:downloadfile' => array(
149         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
151         'captype' => 'write',
152         'contextlevel' => CONTEXT_COURSE,
153         'legacy' => array(
154             'editingteacher' => CAP_ALLOW,
155             'manager' => CAP_ALLOW
156         ),
158         'clonepermissionsfrom' =>  'moodle/site:backupdownload'
159     ),
161     'moodle/backup:configure' => array(
163         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
165         'captype' => 'write',
166         'contextlevel' => CONTEXT_COURSE,
167         'legacy' => array(
168             'editingteacher' => CAP_ALLOW,
169             'manager' => CAP_ALLOW
170         )
171     ),
173     'moodle/backup:userinfo' => array(
175         'riskbitmask' => RISK_PERSONAL,
177         'captype' => 'read',
178         'contextlevel' => CONTEXT_COURSE,
179         'legacy' => array(
180             'manager' => CAP_ALLOW
181         )
182     ),
184     'moodle/backup:anonymise' => array(
186         'riskbitmask' => RISK_PERSONAL,
188         'captype' => 'read',
189         'contextlevel' => CONTEXT_COURSE,
190         'legacy' => array(
191             'manager' => CAP_ALLOW
192         )
193     ),
195     'moodle/restore:restorecourse' => array(
197         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
199         'captype' => 'write',
200         'contextlevel' => CONTEXT_COURSE,
201         'legacy' => array(
202             'editingteacher' => CAP_ALLOW,
203             'manager' => CAP_ALLOW
204         ),
206         'clonepermissionsfrom' =>  'moodle/site:restore'
207     ),
209     'moodle/restore:restoresection' => array(
211         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
213         'captype' => 'write',
214         'contextlevel' => CONTEXT_COURSE,
215         'legacy' => array(
216             'editingteacher' => CAP_ALLOW,
217             'manager' => CAP_ALLOW
218         ),
220         'clonepermissionsfrom' =>  'moodle/restore:restorecourse'
221     ),
223     'moodle/restore:restoreactivity' => array(
225         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
227         'captype' => 'write',
228         'contextlevel' => CONTEXT_MODULE,
229         'legacy' => array(
230             'editingteacher' => CAP_ALLOW,
231             'manager' => CAP_ALLOW
232         ),
234         'clonepermissionsfrom' =>  'moodle/restore:restorecourse'
235     ),
237     'moodle/restore:restoretargethub' => array(
239         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
241         'captype' => 'write',
242         'contextlevel' => CONTEXT_COURSE,
243         'legacy' => array(
244             'editingteacher' => CAP_ALLOW,
245             'manager' => CAP_ALLOW
246         ),
248         'clonepermissionsfrom' =>  'moodle/restore:restorecourse'
249     ),
251     'moodle/restore:restoretargetimport' => array(
253         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
255         'captype' => 'write',
256         'contextlevel' => CONTEXT_COURSE,
257         'legacy' => array(
258             'editingteacher' => CAP_ALLOW,
259             'manager' => CAP_ALLOW
260         ),
262         'clonepermissionsfrom' =>  'moodle/site:import'
263     ),
265     'moodle/restore:uploadfile' => array(
267         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
269         'captype' => 'write',
270         'contextlevel' => CONTEXT_COURSE,
271         'legacy' => array(
272             'editingteacher' => CAP_ALLOW,
273             'manager' => CAP_ALLOW
274         ),
276         'clonepermissionsfrom' =>  'moodle/site:backupupload'
277     ),
279     'moodle/restore:configure' => array(
281         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
283         'captype' => 'write',
284         'contextlevel' => CONTEXT_COURSE,
285         'legacy' => array(
286             'editingteacher' => CAP_ALLOW,
287             'manager' => CAP_ALLOW
288         )
289     ),
291     'moodle/restore:rolldates' => array(
293         'captype' => 'write',
294         'contextlevel' => CONTEXT_COURSE,
295         'legacy' => array(
296             'coursecreator' => CAP_ALLOW,
297             'manager' => CAP_ALLOW
298         )
299     ),
301     'moodle/restore:userinfo' => array(
303         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS | RISK_CONFIG,
305         'captype' => 'write',
306         'contextlevel' => CONTEXT_COURSE,
307         'legacy' => array(
308             'manager' => CAP_ALLOW
309         )
310     ),
312     'moodle/restore:createuser' => array(
314         'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
316         'captype' => 'write',
317         'contextlevel' => CONTEXT_SYSTEM,
318         'legacy' => array(
319             'manager' => CAP_ALLOW
320         )
321     ),
323     'moodle/site:manageblocks' => array(
325         'riskbitmask' => RISK_SPAM | RISK_XSS,
327         'captype' => 'write',
328         'contextlevel' => CONTEXT_BLOCK,
329         'legacy' => array(
330             'editingteacher' => CAP_ALLOW,
331             'manager' => CAP_ALLOW
332         )
333     ),
335     'moodle/site:accessallgroups' => array(
337         'captype' => 'read',
338         'contextlevel' => CONTEXT_COURSE,
339         'legacy' => array(
340             'teacher' => CAP_ALLOW,
341             'editingteacher' => CAP_ALLOW,
342             'manager' => CAP_ALLOW
343         )
344     ),
346     'moodle/site:viewfullnames' => array(
348         'captype' => 'read',
349         'contextlevel' => CONTEXT_COURSE,
350         'legacy' => array(
351             'teacher' => CAP_ALLOW,
352             'editingteacher' => CAP_ALLOW,
353             'manager' => CAP_ALLOW
354         )
355     ),
357     'moodle/site:viewreports' => array(
359         'riskbitmask' => RISK_PERSONAL,
361         'captype' => 'read',
362         'contextlevel' => CONTEXT_COURSE,
363         'legacy' => array(
364             'teacher' => CAP_ALLOW,
365             'editingteacher' => CAP_ALLOW,
366             'manager' => CAP_ALLOW
367         )
368     ),
370     'moodle/site:trustcontent' => array(
372         'riskbitmask' => RISK_XSS,
374         'captype' => 'write',
375         'contextlevel' => CONTEXT_COURSE,
376         'legacy' => array(
377             'editingteacher' => CAP_ALLOW,
378             'manager' => CAP_ALLOW
379         )
380     ),
382     'moodle/site:uploadusers' => array(
384         'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
386         'captype' => 'write',
387         'contextlevel' => CONTEXT_SYSTEM,
388         'legacy' => array(
389             'manager' => CAP_ALLOW
390         )
391     ),
393     'moodle/site:langeditmaster' => array(
395         'riskbitmask' => RISK_CONFIG | RISK_XSS,
397         'captype' => 'write',
398         'contextlevel' => CONTEXT_SYSTEM,
399         'legacy' => array(
400         )
401     ),
403     'moodle/site:langeditlocal' => array(
405         'riskbitmask' => RISK_CONFIG | RISK_XSS,
407         'captype' => 'write',
408         'contextlevel' => CONTEXT_SYSTEM,
409         'legacy' => array(
410             'manager' => CAP_ALLOW
411         )
412     ),
414     // Permission to manage filter setting overrides in subcontexts.
415     'moodle/filter:manage' => array(
417         'captype' => 'write',
418         'contextlevel' => CONTEXT_COURSE,
419         'legacy' => array(
420             'editingteacher' => CAP_ALLOW,
421             'coursecreator' => CAP_ALLOW,
422             'manager' => CAP_ALLOW,
423         )
424     ),
426     'moodle/user:create' => array(
428         'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
430         'captype' => 'write',
431         'contextlevel' => CONTEXT_SYSTEM,
432         'legacy' => array(
433             'manager' => CAP_ALLOW
434         )
435     ),
437     'moodle/user:delete' => array(
439         'riskbitmask' => RISK_PERSONAL, RISK_DATALOSS,
441         'captype' => 'write',
442         'contextlevel' => CONTEXT_SYSTEM,
443         'legacy' => array(
444             'manager' => CAP_ALLOW
445         )
446     ),
448     'moodle/user:update' => array(
450         'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
452         'captype' => 'write',
453         'contextlevel' => CONTEXT_SYSTEM,
454         'legacy' => array(
455             'manager' => CAP_ALLOW
456         )
457     ),
459     'moodle/user:viewdetails' => array(
461         'captype' => 'read',
462         'contextlevel' => CONTEXT_COURSE,
463         'legacy' => array(
464             'guest' => CAP_ALLOW,
465             'student' => CAP_ALLOW,
466             'teacher' => CAP_ALLOW,
467             'editingteacher' => CAP_ALLOW,
468             'manager' => CAP_ALLOW
469         )
470     ),
472     'moodle/user:viewhiddendetails' => array(
474         'riskbitmask' => RISK_PERSONAL,
476         'captype' => 'read',
477         'contextlevel' => CONTEXT_COURSE,
478         'legacy' => array(
479             'teacher' => CAP_ALLOW,
480             'editingteacher' => CAP_ALLOW,
481             'manager' => CAP_ALLOW
482         )
483     ),
485     'moodle/user:loginas' => array(
487         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS | RISK_CONFIG,
489         'captype' => 'write',
490         'contextlevel' => CONTEXT_COURSE,
491         'legacy' => array(
492             'manager' => CAP_ALLOW
493         )
494     ),
496     'moodle/role:assign' => array(
498         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
500         'captype' => 'write',
501         'contextlevel' => CONTEXT_COURSE,
502         'legacy' => array(
503             'editingteacher' => CAP_ALLOW,
504             'manager' => CAP_ALLOW
505         )
506     ),
508     'moodle/role:review' => array(
510         'riskbitmask' => RISK_PERSONAL,
512         'captype' => 'read',
513         'contextlevel' => CONTEXT_COURSE,
514         'legacy' => array(
515             'teacher' => CAP_ALLOW,
516             'editingteacher' => CAP_ALLOW,
517             'manager' => CAP_ALLOW
518         )
519     ),
521     'moodle/role:override' => array(
523         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
525         'captype' => 'write',
526         'contextlevel' => CONTEXT_COURSE,
527         'legacy' => array(
528             'manager' => CAP_ALLOW
529         )
530     ),
532     'moodle/role:safeoverride' => array(
534         'riskbitmask' => RISK_SPAM,
536         'captype' => 'write',
537         'contextlevel' => CONTEXT_COURSE,
538         'legacy' => array(
539             'editingteacher' => CAP_ALLOW
540         )
541     ),
543     'moodle/role:manage' => array(
545         'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
547         'captype' => 'write',
548         'contextlevel' => CONTEXT_SYSTEM,
549         'legacy' => array(
550             'manager' => CAP_ALLOW
551         )
552     ),
554     'moodle/role:unassignself' => array(
556         'captype' => 'write',
557         'contextlevel' => CONTEXT_COURSE,
558         'legacy' => array(
559             'student' => (empty($CFG->allowunenrol)) ? CAP_INHERIT : CAP_ALLOW,
560             'teacher' => CAP_ALLOW,
561             'editingteacher' => CAP_ALLOW,
562             'coursecreator' => CAP_ALLOW,
563             'manager' => CAP_ALLOW
564         )
565     ),
567     'moodle/role:switchroles' => array(
569         'riskbitmask' => RISK_XSS | RISK_PERSONAL,
571         'captype' => 'read',
572         'contextlevel' => CONTEXT_COURSE,
573         'legacy' => array(
574             'editingteacher' => CAP_ALLOW,
575             'manager' => CAP_ALLOW
576         )
577     ),
579     // Create, update and delete course categories. (Deleting a course category
580     // does not let you delete the courses it contains, unless you also have
581     // moodle/course: delete.) Creating and deleting requires this permission in
582     // the parent category.
583     'moodle/category:manage' => array(
585         'riskbitmask' => RISK_XSS,
587         'captype' => 'write',
588         'contextlevel' => CONTEXT_COURSECAT,
589         'legacy' => array(
590             'manager' => CAP_ALLOW
591         ),
592         'clonepermissionsfrom' => 'moodle/category:update'
593     ),
595     'moodle/category:viewhiddencategories' => array(
597         'captype' => 'read',
598         'contextlevel' => CONTEXT_COURSECAT,
599         'legacy' => array(
600             'coursecreator' => CAP_ALLOW,
601             'manager' => CAP_ALLOW
602         ),
603         'clonepermissionsfrom' => 'moodle/category:visibility'
604     ),
606     // create, delete, move cohorts in system and course categories,
607     // (cohorts with component !== null can be only moved)
608     'moodle/cohort:manage' => array(
610         'captype' => 'write',
611         'contextlevel' => CONTEXT_COURSECAT,
612         'legacy' => array(
613             'manager' => CAP_ALLOW
614         )
615     ),
617     // add and remove cohort members (only for cohorts where component !== null)
618     'moodle/cohort:assign' => array(
620         'captype' => 'write',
621         'contextlevel' => CONTEXT_COURSECAT,
622         'legacy' => array(
623             'manager' => CAP_ALLOW
624         )
625     ),
627     // view members of a cohort, this can be used in course context too,
628     // this also controls the ability to actually use cohort
629     'moodle/cohort:view' => array(
631         'captype' => 'read',
632         'contextlevel' => CONTEXT_COURSE,
633         'legacy' => array(
634             'editingteacher' => CAP_ALLOW,
635             'manager' => CAP_ALLOW
636         )
637     ),
639     'moodle/course:create' => array(
641         'riskbitmask' => RISK_XSS,
643         'captype' => 'write',
644         'contextlevel' => CONTEXT_COURSECAT,
645         'legacy' => array(
646             'coursecreator' => CAP_ALLOW,
647             'manager' => CAP_ALLOW
648         )
649     ),
651     'moodle/course:request' => array(
652         'captype' => 'write',
653         'contextlevel' => CONTEXT_SYSTEM,
654         'legacy' => array(
655             'user' => CAP_ALLOW,
656         )
657     ),
659     'moodle/course:delete' => array(
661         'riskbitmask' => RISK_DATALOSS,
663         'captype' => 'write',
664         'contextlevel' => CONTEXT_COURSE,
665         'legacy' => array(
666             'editingteacher' => CAP_ALLOW,
667             'manager' => CAP_ALLOW
668         )
669     ),
671     'moodle/course:update' => array(
673         'riskbitmask' => RISK_XSS,
675         'captype' => 'write',
676         'contextlevel' => CONTEXT_COURSE,
677         'legacy' => array(
678             'editingteacher' => CAP_ALLOW,
679             'manager' => CAP_ALLOW
680         )
681     ),
683     /* originally this capability was called moodle/course:view,
684      * but since 2.0 it is used for access to course without the enrolment
685      */
686     'moodle/course:participate' => array(
688         'captype' => 'read',
689         'contextlevel' => CONTEXT_COURSE,
690         'legacy' => array(
691             'student' => CAP_ALLOW,
692             'teacher' => CAP_ALLOW,
693             'editingteacher' => CAP_ALLOW
694         )
695     ),
697     'moodle/course:view' => array(
699         'captype' => 'read',
700         'contextlevel' => CONTEXT_COURSE,
701         'legacy' => array(
702             'manager' => CAP_ALLOW,
703         )
704     ),
706     'moodle/course:bulkmessaging' => array(
708         'riskbitmask' => RISK_SPAM,
710         'captype' => 'write',
711         'contextlevel' => CONTEXT_COURSE,
712         'legacy' => array(
713             'teacher' => CAP_ALLOW,
714             'editingteacher' => CAP_ALLOW,
715             'manager' => CAP_ALLOW
716         )
717     ),
719     'moodle/course:viewhiddenuserfields' => array(
721         'riskbitmask' => RISK_PERSONAL,
723         'captype' => 'read',
724         'contextlevel' => CONTEXT_COURSE,
725         'legacy' => array(
726             'teacher' => CAP_ALLOW,
727             'editingteacher' => CAP_ALLOW,
728             'manager' => CAP_ALLOW
729         )
730     ),
732     'moodle/course:viewhiddencourses' => array(
734         'captype' => 'read',
735         'contextlevel' => CONTEXT_COURSE,
736         'legacy' => array(
737             'coursecreator' => CAP_ALLOW,
738             'teacher' => CAP_ALLOW,
739             'editingteacher' => CAP_ALLOW,
740             'manager' => CAP_ALLOW
741         )
742     ),
744     'moodle/course:visibility' => array(
746         'captype' => 'write',
747         'contextlevel' => CONTEXT_COURSE,
748         'legacy' => array(
749             'manager' => CAP_ALLOW
750         )
751     ),
753     'moodle/course:managefiles' => array(
755         'riskbitmask' => RISK_XSS,
757         'captype' => 'write',
758         'contextlevel' => CONTEXT_COURSE,
759         'legacy' => array(
760             'editingteacher' => CAP_ALLOW,
761             'manager' => CAP_ALLOW
762         )
763     ),
765     'moodle/course:manageactivities' => array(
767         'riskbitmask' => RISK_XSS,
769         'captype' => 'write',
770         'contextlevel' => CONTEXT_COURSE,
771         'legacy' => array(
772             'editingteacher' => CAP_ALLOW,
773             'manager' => CAP_ALLOW
774         )
775     ),
777     'moodle/course:managemetacourse' => array(
779         'riskbitmask' => RISK_XSS | RISK_PERSONAL,
781         'captype' => 'write',
782         'contextlevel' => CONTEXT_COURSE,
783         'legacy' => array(
784             'editingteacher' => CAP_ALLOW,
785             'manager' => CAP_ALLOW
786         )
787     ),
789     'moodle/course:activityvisibility' => array(
791         'captype' => 'write',
792         'contextlevel' => CONTEXT_COURSE,
793         'legacy' => array(
794             'editingteacher' => CAP_ALLOW,
795             'manager' => CAP_ALLOW
796         )
797     ),
799     'moodle/course:viewhiddenactivities' => array(
801         'captype' => 'write',
802         'contextlevel' => CONTEXT_COURSE,
803         'legacy' => array(
804             'teacher' => CAP_ALLOW,
805             'editingteacher' => CAP_ALLOW,
806             'manager' => CAP_ALLOW
807         )
808     ),
810     'moodle/course:viewparticipants' => array(
812         'captype' => 'read',
813         'contextlevel' => CONTEXT_COURSE,
814         'legacy' => array(
815             'student' => CAP_ALLOW,
816             'teacher' => CAP_ALLOW,
817             'editingteacher' => CAP_ALLOW,
818             'manager' => CAP_ALLOW
819         )
820     ),
822     'moodle/course:changefullname' => array(
824         'riskbitmask' => RISK_XSS,
826         'captype' => 'write',
827         'contextlevel' => CONTEXT_COURSE,
828         'legacy' => array(
829             'editingteacher' => CAP_ALLOW,
830             'manager' => CAP_ALLOW
831         ),
832         'clonepermissionsfrom' => 'moodle/course:update'
833     ),
835     'moodle/course:changeshortname' => array(
837         'riskbitmask' => RISK_XSS,
839         'captype' => 'write',
840         'contextlevel' => CONTEXT_COURSE,
841         'legacy' => array(
842             'editingteacher' => CAP_ALLOW,
843             'manager' => CAP_ALLOW
844         ),
845         'clonepermissionsfrom' => 'moodle/course:update'
846     ),
848     'moodle/course:changeidnumber' => array(
850         'riskbitmask' => RISK_XSS,
852         'captype' => 'write',
853         'contextlevel' => CONTEXT_COURSE,
854         'legacy' => array(
855             'editingteacher' => CAP_ALLOW,
856             'manager' => CAP_ALLOW
857         ),
858         'clonepermissionsfrom' => 'moodle/course:update'
859     ),
860     'moodle/course:changecategory' => array(
861         'riskbitmask' => RISK_XSS,
863         'captype' => 'write',
864         'contextlevel' => CONTEXT_COURSE,
865         'legacy' => array(
866             'editingteacher' => CAP_ALLOW,
867             'manager' => CAP_ALLOW
868         ),
869         'clonepermissionsfrom' => 'moodle/course:update'
870     ),
872     'moodle/course:changesummary' => array(
873         'riskbitmask' => RISK_XSS,
875         'captype' => 'write',
876         'contextlevel' => CONTEXT_COURSE,
877         'legacy' => array(
878             'editingteacher' => CAP_ALLOW,
879             'manager' => CAP_ALLOW
880         ),
881         'clonepermissionsfrom' => 'moodle/course:update'
882     ),
885     'moodle/site:viewparticipants' => array(
887         'captype' => 'read',
888         'contextlevel' => CONTEXT_SYSTEM,
889         'legacy' => array(
890             'manager' => CAP_ALLOW
891         )
892     ),
894     'moodle/course:viewscales' => array(
896         'captype' => 'read',
897         'contextlevel' => CONTEXT_COURSE,
898         'legacy' => array(
899             'student' => CAP_ALLOW,
900             'teacher' => CAP_ALLOW,
901             'editingteacher' => CAP_ALLOW,
902             'manager' => CAP_ALLOW
903         )
904     ),
906     'moodle/course:managescales' => array(
908         'captype' => 'write',
909         'contextlevel' => CONTEXT_COURSE,
910         'legacy' => array(
911             'editingteacher' => CAP_ALLOW,
912             'manager' => CAP_ALLOW
913         )
914     ),
916     'moodle/course:managegroups' => array(
918         'captype' => 'write',
919         'contextlevel' => CONTEXT_COURSE,
920         'legacy' => array(
921             'editingteacher' => CAP_ALLOW,
922             'manager' => CAP_ALLOW
923         )
924     ),
926     'moodle/course:reset' => array(
928         'riskbitmask' => RISK_DATALOSS,
930         'captype' => 'write',
931         'contextlevel' => CONTEXT_COURSE,
932         'legacy' => array(
933             'editingteacher' => CAP_ALLOW,
934             'manager' => CAP_ALLOW
935         )
936     ),
938     'moodle/blog:view' => array(
940         'captype' => 'read',
941         'contextlevel' => CONTEXT_SYSTEM,
942         'legacy' => array(
943             'guest' => CAP_ALLOW,
944             'user' => CAP_ALLOW,
945             'student' => CAP_ALLOW,
946             'teacher' => CAP_ALLOW,
947             'editingteacher' => CAP_ALLOW,
948             'manager' => CAP_ALLOW
949         )
950     ),
952     'moodle/blog:search' => array(
953         'captype' => 'read',
954         'contextlevel' => CONTEXT_SYSTEM,
955         'legacy' => array(
956             'guest' => CAP_ALLOW,
957             'user' => CAP_ALLOW,
958             'student' => CAP_ALLOW,
959             'teacher' => CAP_ALLOW,
960             'editingteacher' => CAP_ALLOW,
961             'manager' => CAP_ALLOW
962         )
963     ),
965     'moodle/blog:viewdrafts' => array(
967         'riskbitmask' => RISK_PERSONAL,
968         'captype' => 'read',
969         'contextlevel' => CONTEXT_SYSTEM,
970         'legacy' => array(
971             'manager' => CAP_ALLOW
972         )
973     ),
975     'moodle/blog:create' => array( // works in CONTEXT_SYSTEM only
977         'riskbitmask' => RISK_SPAM,
979         'captype' => 'write',
980         'contextlevel' => CONTEXT_SYSTEM,
981         'legacy' => array(
982             'user' => CAP_ALLOW,
983             'manager' => CAP_ALLOW
984         )
985     ),
987     'moodle/blog:manageentries' => array(
989         'riskbitmask' => RISK_SPAM,
991         'captype' => 'write',
992         'contextlevel' => CONTEXT_SYSTEM,
993         'legacy' => array(
994             'teacher' => CAP_ALLOW,
995             'editingteacher' => CAP_ALLOW,
996             'manager' => CAP_ALLOW
997         )
998     ),
1000     'moodle/blog:manageexternal' => array(
1002         'riskbitmask' => RISK_SPAM,
1004         'captype' => 'write',
1005         'contextlevel' => CONTEXT_USER,
1006         'legacy' => array(
1007             'student' => CAP_ALLOW,
1008             'user' => CAP_ALLOW,
1009             'teacher' => CAP_ALLOW,
1010             'editingteacher' => CAP_ALLOW,
1011             'manager' => CAP_ALLOW
1012         )
1013     ),
1015     'moodle/blog:associatecourse' => array(
1017         'captype' => 'write',
1018         'contextlevel' => CONTEXT_COURSE,
1019         'legacy' => array(
1020             'student' => CAP_ALLOW,
1021             'user' => CAP_ALLOW,
1022             'teacher' => CAP_ALLOW,
1023             'editingteacher' => CAP_ALLOW,
1024             'manager' => CAP_ALLOW
1025         )
1026     ),
1028     'moodle/blog:associatemodule' => array(
1030         'captype' => 'write',
1031         'contextlevel' => CONTEXT_MODULE,
1032         'legacy' => array(
1033             'student' => CAP_ALLOW,
1034             'user' => CAP_ALLOW,
1035             'teacher' => CAP_ALLOW,
1036             'editingteacher' => CAP_ALLOW,
1037             'manager' => CAP_ALLOW
1038         )
1039     ),
1041     'moodle/calendar:manageownentries' => array( // works in CONTEXT_SYSTEM only
1043         'riskbitmask' => RISK_SPAM,
1045         'captype' => 'write',
1046         'contextlevel' => CONTEXT_COURSE,
1047         'legacy' => array(
1048             'user' => CAP_ALLOW,
1049             'manager' => CAP_ALLOW
1050         )
1051     ),
1053     'moodle/calendar:managegroupentries' => array(
1055         'riskbitmask' => RISK_SPAM,
1057         'captype' => 'write',
1058         'contextlevel' => CONTEXT_COURSE,
1059         'legacy' => array(
1060             'teacher' => CAP_ALLOW,
1061             'editingteacher' => CAP_ALLOW,
1062             'manager' => CAP_ALLOW
1063         )
1064     ),
1066     'moodle/calendar:manageentries' => array(
1068         'riskbitmask' => RISK_SPAM,
1070         'captype' => 'write',
1071         'contextlevel' => CONTEXT_COURSE,
1072         'legacy' => array(
1073             'teacher' => CAP_ALLOW,
1074             'editingteacher' => CAP_ALLOW,
1075             'manager' => CAP_ALLOW
1076         )
1077     ),
1079     'moodle/user:editprofile' => array(
1081         'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
1083         'captype' => 'write',
1084         'contextlevel' => CONTEXT_USER,
1085         'legacy' => array(
1086             'manager' => CAP_ALLOW
1087         )
1088     ),
1090     'moodle/user:editownprofile' => array(
1092         'riskbitmask' => RISK_SPAM,
1094         'captype' => 'write',
1095         'contextlevel' => CONTEXT_SYSTEM,
1096         'legacy' => array(
1097             'guest' => CAP_PROHIBIT,
1098             'user' => CAP_ALLOW,
1099             'manager' => CAP_ALLOW
1100         )
1101     ),
1103     'moodle/user:changeownpassword' => array(
1105         'captype' => 'write',
1106         'contextlevel' => CONTEXT_SYSTEM,
1107         'legacy' => array(
1108             'guest' => CAP_PROHIBIT,
1109             'user' => CAP_ALLOW,
1110             'manager' => CAP_ALLOW
1111         )
1112     ),
1114     // The next 3 might make no sense for some roles, e.g teacher, etc.
1115     // since the next level up is site. These are more for the parent role
1116     'moodle/user:readuserposts' => array(
1118         'captype' => 'read',
1119         'contextlevel' => CONTEXT_USER,
1120         'legacy' => array(
1121             'student' => CAP_ALLOW,
1122             'teacher' => CAP_ALLOW,
1123             'editingteacher' => CAP_ALLOW,
1124             'manager' => CAP_ALLOW
1125         )
1126     ),
1128     'moodle/user:readuserblogs' => array(
1130         'captype' => 'read',
1131         'contextlevel' => CONTEXT_USER,
1132         'legacy' => array(
1133             'student' => CAP_ALLOW,
1134             'teacher' => CAP_ALLOW,
1135             'editingteacher' => CAP_ALLOW,
1136             'manager' => CAP_ALLOW
1137         )
1138     ),
1140     // designed for parent role - not used in legacy roles
1141     'moodle/user:viewuseractivitiesreport' => array(
1142         'riskbitmask' => RISK_PERSONAL,
1144         'captype' => 'read',
1145         'contextlevel' => CONTEXT_USER,
1146         'legacy' => array(
1147         )
1148     ),
1150     //capabilities designed for the new message system configuration
1151     'moodle/user:editmessageprofile' => array(
1153          'riskbitmask' => RISK_SPAM,
1155          'captype' => 'write',
1156          'contextlevel' => CONTEXT_USER,
1157          'legacy' => array(
1158              'manager' => CAP_ALLOW
1159          )
1160      ),
1162      'moodle/user:editownmessageprofile' => array(
1164          'captype' => 'write',
1165          'contextlevel' => CONTEXT_SYSTEM,
1166          'legacy' => array(
1167              'guest' => CAP_PROHIBIT,
1168              'user' => CAP_ALLOW,
1169              'manager' => CAP_ALLOW
1170          )
1171      ),
1173     'moodle/question:managecategory' => array(
1174         'riskbitmask' => RISK_SPAM | RISK_XSS,
1175         'captype' => 'write',
1176         'contextlevel' => CONTEXT_COURSE,
1177         'legacy' => array(
1178             'editingteacher' => CAP_ALLOW,
1179             'manager' => CAP_ALLOW
1180         )
1181     ),
1183     //new in moodle 1.9
1184     'moodle/question:add' => array(
1185         'riskbitmask' => RISK_SPAM | RISK_XSS,
1186         'captype' => 'write',
1187         'contextlevel' => CONTEXT_COURSE,
1188         'legacy' => array(
1189             'editingteacher' => CAP_ALLOW,
1190             'manager' => CAP_ALLOW
1191         ),
1192         'clonepermissionsfrom' =>  'moodle/question:manage'
1193     ),
1194     'moodle/question:editmine' => array(
1195         'riskbitmask' => RISK_SPAM | RISK_XSS,
1196         'captype' => 'write',
1197         'contextlevel' => CONTEXT_COURSE,
1198         'legacy' => array(
1199             'editingteacher' => CAP_ALLOW,
1200             'manager' => CAP_ALLOW
1201         ),
1202         'clonepermissionsfrom' =>  'moodle/question:manage'
1203     ),
1204     'moodle/question:editall' => array(
1205         'riskbitmask' => RISK_SPAM | RISK_XSS,
1206         'captype' => 'write',
1207         'contextlevel' => CONTEXT_COURSE,
1208         'legacy' => array(
1209             'editingteacher' => CAP_ALLOW,
1210             'manager' => CAP_ALLOW
1211         ),
1212         'clonepermissionsfrom' =>  'moodle/question:manage'
1213     ),
1214     'moodle/question:viewmine' => array(
1215         'captype' => 'read',
1216         'contextlevel' => CONTEXT_COURSE,
1217         'legacy' => array(
1218             'editingteacher' => CAP_ALLOW,
1219             'manager' => CAP_ALLOW
1220         ),
1221         'clonepermissionsfrom' =>  'moodle/question:manage'
1222     ),
1223     'moodle/question:viewall' => array(
1224         'captype' => 'read',
1225         'contextlevel' => CONTEXT_COURSE,
1226         'legacy' => array(
1227             'editingteacher' => CAP_ALLOW,
1228             'manager' => CAP_ALLOW
1229         ),
1230         'clonepermissionsfrom' =>  'moodle/question:manage'
1231     ),
1232     'moodle/question:usemine' => array(
1233         'captype' => 'read',
1234         'contextlevel' => CONTEXT_COURSE,
1235         'legacy' => array(
1236             'editingteacher' => CAP_ALLOW,
1237             'manager' => CAP_ALLOW
1238         ),
1239         'clonepermissionsfrom' =>  'moodle/question:manage'
1240     ),
1241     'moodle/question:useall' => array(
1242         'captype' => 'read',
1243         'contextlevel' => CONTEXT_COURSE,
1244         'legacy' => array(
1245             'editingteacher' => CAP_ALLOW,
1246             'manager' => CAP_ALLOW
1247         ),
1248         'clonepermissionsfrom' =>  'moodle/question:manage'
1249     ),
1250     'moodle/question:movemine' => array(
1251         'captype' => 'write',
1252         'contextlevel' => CONTEXT_COURSE,
1253         'legacy' => array(
1254             'editingteacher' => CAP_ALLOW,
1255             'manager' => CAP_ALLOW
1256         ),
1257         'clonepermissionsfrom' =>  'moodle/question:manage'
1258     ),
1259     'moodle/question:moveall' => array(
1260         'captype' => 'write',
1261         'contextlevel' => CONTEXT_COURSE,
1262         'legacy' => array(
1263             'editingteacher' => CAP_ALLOW,
1264             'manager' => CAP_ALLOW
1265         ),
1266         'clonepermissionsfrom' =>  'moodle/question:manage'
1267     ),
1268     //END new in moodle 1.9
1270     // Configure the installed question types.
1271     'moodle/question:config' => array(
1272         'riskbitmask' => RISK_CONFIG,
1273         'captype' => 'write',
1274         'contextlevel' => CONTEXT_SYSTEM,
1275         'legacy' => array(
1276             'manager' => CAP_ALLOW
1277         )
1278     ),
1280     // While attempting questions, the ability to flag particular questions for later reference.
1281     'moodle/question:flag' => array(
1282         'captype' => 'write',
1283         'contextlevel' => CONTEXT_COURSE,
1284         'legacy' => array(
1285             'student' => CAP_ALLOW,
1286             'teacher' => CAP_ALLOW,
1287             'editingteacher' => CAP_ALLOW,
1288             'coursecreator' => CAP_ALLOW,
1289             'manager' => CAP_ALLOW
1290         )
1291     ),
1293     'moodle/site:doclinks' => array(
1294         'captype' => 'read',
1295         'contextlevel' => CONTEXT_SYSTEM,
1296         'legacy' => array(
1297             'teacher' => CAP_ALLOW,
1298             'editingteacher' => CAP_ALLOW,
1299             'manager' => CAP_ALLOW
1300         )
1301     ),
1303     'moodle/course:sectionvisibility' => array(
1305         'captype' => 'write',
1306         'contextlevel' => CONTEXT_COURSE,
1307         'legacy' => array(
1308             'editingteacher' => CAP_ALLOW,
1309             'manager' => CAP_ALLOW
1310         )
1311     ),
1313     'moodle/course:useremail' => array(
1315         'captype' => 'write',
1316         'contextlevel' => CONTEXT_COURSE,
1317         'legacy' => array(
1318             'editingteacher' => CAP_ALLOW,
1319             'manager' => CAP_ALLOW
1320         )
1321     ),
1323     'moodle/course:viewhiddensections' => array(
1325         'captype' => 'write',
1326         'contextlevel' => CONTEXT_COURSE,
1327         'legacy' => array(
1328             'editingteacher' => CAP_ALLOW,
1329             'manager' => CAP_ALLOW
1330         )
1331     ),
1333     'moodle/course:setcurrentsection' => array(
1335         'captype' => 'write',
1336         'contextlevel' => CONTEXT_COURSE,
1337         'legacy' => array(
1338             'editingteacher' => CAP_ALLOW,
1339             'manager' => CAP_ALLOW
1340         )
1341     ),
1343     'moodle/site:mnetlogintoremote' => array(
1345         'captype' => 'read',
1346         'contextlevel' => CONTEXT_SYSTEM,
1347         'legacy' => array(
1348             'manager' => CAP_ALLOW
1349         )
1350     ),
1352     'moodle/grade:viewall' => array(
1353         'riskbitmask' => RISK_PERSONAL,
1354         'captype' => 'read',
1355         'contextlevel' => CONTEXT_COURSE, // and CONTEXT_USER
1356         'legacy' => array(
1357             'teacher' => CAP_ALLOW,
1358             'editingteacher' => CAP_ALLOW,
1359             'manager' => CAP_ALLOW
1360         ),
1361         'clonepermissionsfrom' => 'moodle/course:viewcoursegrades'
1362     ),
1364     'moodle/grade:view' => array(
1365         'captype' => 'read',
1366         'contextlevel' => CONTEXT_COURSE,
1367         'legacy' => array(
1368             'student' => CAP_ALLOW
1369         )
1370     ),
1372     'moodle/grade:viewhidden' => array(
1373         'riskbitmask' => RISK_PERSONAL,
1374         'captype' => 'read',
1375         'contextlevel' => CONTEXT_COURSE,
1376         'legacy' => array(
1377             'teacher' => CAP_ALLOW,
1378             'editingteacher' => CAP_ALLOW,
1379             'manager' => CAP_ALLOW
1380         ),
1381         'clonepermissionsfrom' => 'moodle/course:viewcoursegrades'
1382     ),
1384     'moodle/grade:import' => array(
1385         'riskbitmask' => RISK_PERSONAL | RISK_XSS,
1386         'captype' => 'write',
1387         'contextlevel' => CONTEXT_COURSE,
1388         'legacy' => array(
1389             'editingteacher' => CAP_ALLOW,
1390             'manager' => CAP_ALLOW
1391         ),
1392         'clonepermissionsfrom' => 'moodle/course:managegrades'
1393     ),
1395     'moodle/grade:export' => array(
1396         'riskbitmask' => RISK_PERSONAL,
1397         'captype' => 'read',
1398         'contextlevel' => CONTEXT_COURSE,
1399         'legacy' => array(
1400             'teacher' => CAP_ALLOW,
1401             'editingteacher' => CAP_ALLOW,
1402             'manager' => CAP_ALLOW
1403         ),
1404         'clonepermissionsfrom' => 'moodle/course:managegrades'
1405     ),
1407     'moodle/grade:manage' => array(
1408         'riskbitmask' => RISK_PERSONAL | RISK_XSS,
1409         'captype' => 'write',
1410         'contextlevel' => CONTEXT_COURSE,
1411         'legacy' => array(
1412             'editingteacher' => CAP_ALLOW,
1413             'manager' => CAP_ALLOW
1414         ),
1415         'clonepermissionsfrom' => 'moodle/course:managegrades'
1416     ),
1418     'moodle/grade:edit' => array(
1419         'riskbitmask' => RISK_PERSONAL | RISK_XSS,
1420         'captype' => 'write',
1421         'contextlevel' => CONTEXT_COURSE,
1422         'legacy' => array(
1423             'editingteacher' => CAP_ALLOW,
1424             'manager' => CAP_ALLOW
1425         ),
1426         'clonepermissionsfrom' => 'moodle/course:managegrades'
1427     ),
1429     'moodle/grade:manageoutcomes' => array(
1430         'captype' => 'write',
1431         'contextlevel' => CONTEXT_COURSE,
1432         'legacy' => array(
1433             'editingteacher' => CAP_ALLOW,
1434             'manager' => CAP_ALLOW
1435         ),
1436         'clonepermissionsfrom' => 'moodle/course:managegrades'
1437     ),
1439     'moodle/grade:manageletters' => array(
1440         'captype' => 'write',
1441         'contextlevel' => CONTEXT_COURSE,
1442         'legacy' => array(
1443             'editingteacher' => CAP_ALLOW,
1444             'manager' => CAP_ALLOW
1445         ),
1446         'clonepermissionsfrom' => 'moodle/course:managegrades'
1447     ),
1449     'moodle/grade:hide' => array(
1450         'captype' => 'write',
1451         'contextlevel' => CONTEXT_COURSE,
1452         'legacy' => array(
1453             'editingteacher' => CAP_ALLOW,
1454             'manager' => CAP_ALLOW
1455         )
1456     ),
1458     'moodle/grade:lock' => array(
1459         'captype' => 'write',
1460         'contextlevel' => CONTEXT_COURSE,
1461         'legacy' => array(
1462             'editingteacher' => CAP_ALLOW,
1463             'manager' => CAP_ALLOW
1464         )
1465     ),
1467     'moodle/grade:unlock' => array(
1468         'captype' => 'write',
1469         'contextlevel' => CONTEXT_COURSE,
1470         'legacy' => array(
1471             'editingteacher' => CAP_ALLOW,
1472             'manager' => CAP_ALLOW
1473         )
1474     ),
1476     'moodle/my:manageblocks' => array(
1477         'captype' => 'write',
1478         'contextlevel' => CONTEXT_SYSTEM,
1479         'legacy' => array(
1480             'user' => CAP_ALLOW
1481         )
1482     ),
1484     'moodle/notes:view' => array(
1485         'captype' => 'read',
1486         'contextlevel' => CONTEXT_COURSE,
1487         'legacy' => array(
1488             'teacher' => CAP_ALLOW,
1489             'editingteacher' => CAP_ALLOW,
1490             'manager' => CAP_ALLOW
1491         )
1492     ),
1494     'moodle/notes:manage' => array(
1495         'riskbitmask' => RISK_SPAM,
1497         'captype' => 'write',
1498         'contextlevel' => CONTEXT_COURSE,
1499         'legacy' => array(
1500             'teacher' => CAP_ALLOW,
1501             'editingteacher' => CAP_ALLOW,
1502             'manager' => CAP_ALLOW
1503         )
1504     ),
1506     'moodle/tag:manage' => array(
1507         'riskbitmask' => RISK_SPAM,
1509         'captype' => 'write',
1510         'contextlevel' => CONTEXT_SYSTEM,
1511         'legacy' => array(
1512             'teacher' => CAP_ALLOW,
1513             'editingteacher' => CAP_ALLOW,
1514             'manager' => CAP_ALLOW
1515         )
1516     ),
1518     'moodle/tag:create' => array(
1519         'riskbitmask' => RISK_SPAM,
1521         'captype' => 'write',
1522         'contextlevel' => CONTEXT_SYSTEM,
1523         'legacy' => array(
1524             'manager' => CAP_ALLOW,
1525             'user' => CAP_ALLOW
1526         )
1527     ),
1529     'moodle/tag:edit' => array(
1530         'riskbitmask' => RISK_SPAM,
1532         'captype' => 'write',
1533         'contextlevel' => CONTEXT_SYSTEM,
1534         'legacy' => array(
1535             'manager' => CAP_ALLOW,
1536             'user' => CAP_ALLOW
1537         )
1538     ),
1540     'moodle/tag:editblocks' => array(
1541         'captype' => 'write',
1542         'contextlevel' => CONTEXT_SYSTEM,
1543         'legacy' => array(
1544             'teacher' => CAP_ALLOW,
1545             'editingteacher' => CAP_ALLOW,
1546             'manager' => CAP_ALLOW
1547         )
1548     ),
1550     'moodle/block:view' => array(
1551         'captype' => 'read',
1552         'contextlevel' => CONTEXT_BLOCK,
1553         'legacy' => array(
1554             'guest' => CAP_ALLOW,
1555             'user' => CAP_ALLOW,
1556             'student' => CAP_ALLOW,
1557             'teacher' => CAP_ALLOW,
1558             'editingteacher' => CAP_ALLOW,
1559             'coursecreator' => CAP_ALLOW
1560         )
1561     ),
1563     'moodle/block:edit' => array(
1564         'riskbitmask' => RISK_SPAM | RISK_XSS,
1566         'captype' => 'write',
1567         'contextlevel' => CONTEXT_BLOCK,
1568         'legacy' => array(
1569             'editingteacher' => CAP_ALLOW,
1570             'coursecreator' => CAP_ALLOW
1571         )
1572     ),
1574     'moodle/portfolio:export' => array(
1575         'captype' => 'read',
1576         'contextlevel' => CONTEXT_SYSTEM,
1577         'legacy' => array(
1578             'user' => CAP_ALLOW,
1579             'student' => CAP_ALLOW,
1580             'teacher' => CAP_ALLOW,
1581             'editingteacher' => CAP_ALLOW,
1582             'coursecreator' => CAP_ALLOW
1583         )
1584     ),
1585     'moodle/comment:view' => array(
1587         'captype' => 'read',
1588         'contextlevel' => CONTEXT_SYSTEM,
1589         'legacy' => array(
1590             'user' => CAP_ALLOW,
1591             'student' => CAP_ALLOW,
1592             'teacher' => CAP_ALLOW,
1593             'editingteacher' => CAP_ALLOW,
1594             'coursecreator' => CAP_ALLOW,
1595             'manager' => CAP_ALLOW
1596         )
1597     ),
1598     'moodle/comment:post' => array(
1600         'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
1601         'captype' => 'write',
1602         'contextlevel' => CONTEXT_SYSTEM,
1603         'legacy' => array(
1604             'user' => CAP_ALLOW,
1605             'student' => CAP_ALLOW,
1606             'teacher' => CAP_ALLOW,
1607             'editingteacher' => CAP_ALLOW,
1608             'coursecreator' => CAP_ALLOW,
1609             'manager' => CAP_ALLOW
1610         )
1611     ),
1612     'moodle/comment:delete' => array(
1614         'riskbitmask' => RISK_DATALOSS,
1615         'captype' => 'write',
1616         'contextlevel' => CONTEXT_SYSTEM,
1617         'legacy' => array(
1618             'editingteacher' => CAP_ALLOW,
1619             'coursecreator' => CAP_ALLOW,
1620             'manager' => CAP_ALLOW
1621         )
1622     ),
1623     'moodle/webservice:createtoken' => array(
1625         'riskbitmask' => RISK_CONFIG | RISK_DATALOSS | RISK_SPAM | RISK_PERSONAL | RISK_XSS,
1626         'captype' => 'write',
1627         'contextlevel' => CONTEXT_SYSTEM,
1628         'legacy' => array(
1629             'manager' => CAP_ALLOW
1630         )
1631     ),
1632     'moodle/rating:view' => array(
1633         'captype' => 'read',
1634         'contextlevel' => CONTEXT_SYSTEM,
1635         'legacy' => array(
1636             'student' => CAP_ALLOW,
1637             'teacher' => CAP_ALLOW,
1638             'editingteacher' => CAP_ALLOW,
1639             'manager' => CAP_ALLOW
1640         )
1641     ),
1642     'moodle/rating:viewany' => array(
1643         'riskbitmask' => RISK_PERSONAL,
1644         'captype' => 'read',
1645         'contextlevel' => CONTEXT_SYSTEM,
1646         'legacy' => array(
1647             'student' => CAP_ALLOW,
1648             'teacher' => CAP_ALLOW,
1649             'editingteacher' => CAP_ALLOW,
1650             'manager' => CAP_ALLOW
1651         )
1652     ),
1653     'moodle/rating:viewall' => array(
1654         'riskbitmask' => RISK_PERSONAL,
1655         'captype' => 'read',
1656         'contextlevel' => CONTEXT_SYSTEM,
1657         'legacy' => array(
1658             'student' => CAP_ALLOW,
1659             'teacher' => CAP_ALLOW,
1660             'editingteacher' => CAP_ALLOW,
1661             'manager' => CAP_ALLOW
1662         )
1663     ),
1664     'moodle/rating:rate' => array(
1665         'captype' => 'write',
1666         'contextlevel' => CONTEXT_SYSTEM,
1667         'legacy' => array(
1668             'student' => CAP_ALLOW,
1669             'teacher' => CAP_ALLOW,
1670             'editingteacher' => CAP_ALLOW,
1671             'manager' => CAP_ALLOW
1672         )
1673     ),
1674      'moodle/course:publish' => array(
1676         'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
1678         'captype' => 'write',
1679         'contextlevel' => CONTEXT_SYSTEM,
1680         'legacy' => array(
1681             'manager' => CAP_ALLOW
1682         )
1683     ),
1684     'moodle/course:markcomplete' => array(
1685         'captype' => 'write',
1686         'contextlevel' => CONTEXT_COURSE,
1687         'legacy' => array(
1688             'teacher' => CAP_ALLOW,
1689             'editingteacher' => CAP_ALLOW,
1690             'coursecreator' => CAP_ALLOW,
1691             'manager' => CAP_ALLOW
1692         )
1693     )
1694 );