search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
MDL-33399 files: Fixed up handling of empty sort in File API methods.
[moodle.git] / lib / db / access.php
blob76ebc66882467ee24d0e2109c9a5fe1a8f5baed4
1 <?php
2 // This file is part of Moodle - http://moodle.org/
3 //
4 // Moodle is free software: you can redistribute it and/or modify
5 // it under the terms of the GNU General Public License as published by
6 // the Free Software Foundation, either version 3 of the License, or
7 // (at your option) any later version.
8 //
9 // Moodle is distributed in the hope that it will be useful,
10 // but WITHOUT ANY WARRANTY; without even the implied warranty of
11 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 // GNU General Public License for more details.
13 //
14 // You should have received a copy of the GNU General Public License
15 // along with Moodle. If not, see <http://www.gnu.org/licenses/>.
16
17 /**
18 * Capability definitions for Moodle core.
19 *
20 * The capabilities are loaded into the database table when the module is
21 * installed or updated. Whenever the capability definitions are updated,
22 * the module version number should be bumped up.
23 *
24 * The system has four possible values for a capability:
25 * CAP_ALLOW, CAP_PREVENT, CAP_PROHIBIT, and inherit (not set).
26 *
27 *
28 * CAPABILITY NAMING CONVENTION
29 *
30 * It is important that capability names are unique. The naming convention
31 * for capabilities that are specific to modules and blocks is as follows:
32 * [mod/block]/<plugin_name>:<capabilityname>
33 *
34 * component_name should be the same as the directory name of the mod or block.
35 *
36 * Core moodle capabilities are defined thus:
37 * moodle/<capabilityclass>:<capabilityname>
38 *
39 * Examples: mod/forum:viewpost
40 * block/recent_activity:view
41 * moodle/site:deleteuser
42 *
43 * The variable name for the capability definitions array is $capabilities
44 *
45 * For more information, take a look to the documentation available:
46 * - Access API: {@link http://docs.moodle.org/dev/Access_API}
47 * - Upgrade API: {@link http://docs.moodle.org/dev/Upgrade_API}
48 *
49 * @package core_access
50 * @category access
51 * @copyright 2006 onwards Martin Dougiamas http://dougiamas.com
52 * @license http://www.gnu.org/copyleft/gpl.html GNU GPL v3 or later
53 */
54
55 defined('MOODLE_INTERNAL') || die();
56
57 $capabilities = array(
58 'moodle/site:config' => array(
59
60 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS | RISK_CONFIG | RISK_DATALOSS,
61
62 'captype' => 'write',
63 'contextlevel' => CONTEXT_SYSTEM,
64 'archetypes' => array(
65 )
66 ),
67
68 'moodle/site:readallmessages' => array(
69
70 'riskbitmask' => RISK_PERSONAL,
71
72 'captype' => 'read',
73 'contextlevel' => CONTEXT_SYSTEM,
74 'archetypes' => array(
75 'manager' => CAP_ALLOW,
76 'editingteacher' => CAP_ALLOW
77 )
78 ),
79
80 'moodle/site:sendmessage' => array(
81
82 'riskbitmask' => RISK_SPAM,
83
84 'captype' => 'write',
85 'contextlevel' => CONTEXT_SYSTEM,
86 'archetypes' => array(
87 'manager' => CAP_ALLOW,
88 'user' => CAP_ALLOW
89 )
90 ),
91
92 'moodle/site:approvecourse' => array(
93
94 'riskbitmask' => RISK_XSS,
95
96 'captype' => 'write',
97 'contextlevel' => CONTEXT_SYSTEM,
98 'archetypes' => array(
99 'manager' => CAP_ALLOW
100 )
101 ),
102
103 'moodle/backup:backupcourse' => array(
104
105 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
106
107 'captype' => 'write',
108 'contextlevel' => CONTEXT_COURSE,
109 'archetypes' => array(
110 'editingteacher' => CAP_ALLOW,
111 'manager' => CAP_ALLOW
112 ),
113
114 'clonepermissionsfrom' => 'moodle/site:backup'
115 ),
116
117 'moodle/backup:backupsection' => array(
118
119 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
120
121 'captype' => 'write',
122 'contextlevel' => CONTEXT_COURSE,
123 'archetypes' => array(
124 'editingteacher' => CAP_ALLOW,
125 'manager' => CAP_ALLOW
126 ),
127
128 'clonepermissionsfrom' => 'moodle/backup:backupcourse'
129 ),
130
131 'moodle/backup:backupactivity' => array(
132
133 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
134
135 'captype' => 'write',
136 'contextlevel' => CONTEXT_MODULE,
137 'archetypes' => array(
138 'editingteacher' => CAP_ALLOW,
139 'manager' => CAP_ALLOW
140 ),
141
142 'clonepermissionsfrom' => 'moodle/backup:backupcourse'
143 ),
144
145 'moodle/backup:backuptargethub' => array(
146
147 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
148
149 'captype' => 'write',
150 'contextlevel' => CONTEXT_COURSE,
151 'archetypes' => array(
152 'editingteacher' => CAP_ALLOW,
153 'manager' => CAP_ALLOW
154 ),
155
156 'clonepermissionsfrom' => 'moodle/backup:backupcourse'
157 ),
158
159 'moodle/backup:backuptargetimport' => array(
160
161 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
162
163 'captype' => 'write',
164 'contextlevel' => CONTEXT_COURSE,
165 'archetypes' => array(
166 'editingteacher' => CAP_ALLOW,
167 'manager' => CAP_ALLOW
168 ),
169
170 'clonepermissionsfrom' => 'moodle/backup:backupcourse'
171 ),
172
173 'moodle/backup:downloadfile' => array(
174
175 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
176
177 'captype' => 'write',
178 'contextlevel' => CONTEXT_COURSE,
179 'archetypes' => array(
180 'editingteacher' => CAP_ALLOW,
181 'manager' => CAP_ALLOW
182 ),
183
184 'clonepermissionsfrom' => 'moodle/site:backupdownload'
185 ),
186
187 'moodle/backup:configure' => array(
188
189 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
190
191 'captype' => 'write',
192 'contextlevel' => CONTEXT_COURSE,
193 'archetypes' => array(
194 'editingteacher' => CAP_ALLOW,
195 'manager' => CAP_ALLOW
196 )
197 ),
198
199 'moodle/backup:userinfo' => array(
200
201 'riskbitmask' => RISK_PERSONAL,
202
203 'captype' => 'read',
204 'contextlevel' => CONTEXT_COURSE,
205 'archetypes' => array(
206 'manager' => CAP_ALLOW
207 )
208 ),
209
210 'moodle/backup:anonymise' => array(
211
212 'riskbitmask' => RISK_PERSONAL,
213
214 'captype' => 'read',
215 'contextlevel' => CONTEXT_COURSE,
216 'archetypes' => array(
217 'manager' => CAP_ALLOW
218 )
219 ),
220
221 'moodle/restore:restorecourse' => array(
222
223 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
224
225 'captype' => 'write',
226 'contextlevel' => CONTEXT_COURSE,
227 'archetypes' => array(
228 'editingteacher' => CAP_ALLOW,
229 'manager' => CAP_ALLOW
230 ),
231
232 'clonepermissionsfrom' => 'moodle/site:restore'
233 ),
234
235 'moodle/restore:restoresection' => array(
236
237 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
238
239 'captype' => 'write',
240 'contextlevel' => CONTEXT_COURSE,
241 'archetypes' => array(
242 'editingteacher' => CAP_ALLOW,
243 'manager' => CAP_ALLOW
244 ),
245
246 'clonepermissionsfrom' => 'moodle/restore:restorecourse'
247 ),
248
249 'moodle/restore:restoreactivity' => array(
250
251 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
252
253 'captype' => 'write',
254 'contextlevel' => CONTEXT_COURSE,
255 'archetypes' => array(
256 'editingteacher' => CAP_ALLOW,
257 'manager' => CAP_ALLOW
258 ),
259
260 'clonepermissionsfrom' => 'moodle/restore:restorecourse'
261 ),
262
263 'moodle/restore:viewautomatedfilearea' => array(
264
265 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
266
267 'captype' => 'write',
268 'contextlevel' => CONTEXT_COURSE,
269 ),
270
271 'moodle/restore:restoretargethub' => array(
272
273 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
274
275 'captype' => 'write',
276 'contextlevel' => CONTEXT_COURSE,
277 'archetypes' => array(
278 'editingteacher' => CAP_ALLOW,
279 'manager' => CAP_ALLOW
280 ),
281
282 'clonepermissionsfrom' => 'moodle/restore:restorecourse'
283 ),
284
285 'moodle/restore:restoretargetimport' => array(
286
287 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
288
289 'captype' => 'write',
290 'contextlevel' => CONTEXT_COURSE,
291 'archetypes' => array(
292 'editingteacher' => CAP_ALLOW,
293 'manager' => CAP_ALLOW
294 ),
295
296 'clonepermissionsfrom' => 'moodle/site:import'
297 ),
298
299 'moodle/restore:uploadfile' => array(
300
301 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
302
303 'captype' => 'write',
304 'contextlevel' => CONTEXT_COURSE,
305 'archetypes' => array(
306 'editingteacher' => CAP_ALLOW,
307 'manager' => CAP_ALLOW
308 ),
309
310 'clonepermissionsfrom' => 'moodle/site:backupupload'
311 ),
312
313 'moodle/restore:configure' => array(
314
315 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
316
317 'captype' => 'write',
318 'contextlevel' => CONTEXT_COURSE,
319 'archetypes' => array(
320 'editingteacher' => CAP_ALLOW,
321 'manager' => CAP_ALLOW
322 )
323 ),
324
325 'moodle/restore:rolldates' => array(
326
327 'captype' => 'write',
328 'contextlevel' => CONTEXT_COURSE,
329 'archetypes' => array(
330 'coursecreator' => CAP_ALLOW,
331 'manager' => CAP_ALLOW
332 )
333 ),
334
335 'moodle/restore:userinfo' => array(
336
337 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS | RISK_CONFIG,
338
339 'captype' => 'write',
340 'contextlevel' => CONTEXT_COURSE,
341 'archetypes' => array(
342 'manager' => CAP_ALLOW
343 )
344 ),
345
346 'moodle/restore:createuser' => array(
347
348 'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
349
350 'captype' => 'write',
351 'contextlevel' => CONTEXT_SYSTEM,
352 'archetypes' => array(
353 'manager' => CAP_ALLOW
354 )
355 ),
356
357 'moodle/site:manageblocks' => array(
358
359 'riskbitmask' => RISK_SPAM | RISK_XSS,
360
361 'captype' => 'write',
362 'contextlevel' => CONTEXT_BLOCK,
363 'archetypes' => array(
364 'editingteacher' => CAP_ALLOW,
365 'manager' => CAP_ALLOW
366 )
367 ),
368
369 'moodle/site:accessallgroups' => array(
370
371 'captype' => 'read',
372 'contextlevel' => CONTEXT_COURSE,
373 'archetypes' => array(
374 'teacher' => CAP_ALLOW,
375 'editingteacher' => CAP_ALLOW,
376 'manager' => CAP_ALLOW
377 )
378 ),
379
380 'moodle/site:viewfullnames' => array(
381
382 'captype' => 'read',
383 'contextlevel' => CONTEXT_COURSE,
384 'archetypes' => array(
385 'teacher' => CAP_ALLOW,
386 'editingteacher' => CAP_ALLOW,
387 'manager' => CAP_ALLOW
388 )
389 ),
390
391 // In reports that give lists of users, extra information about each user's
392 // identity (the fields configured in site option showuseridentity) will be
393 // displayed to users who have this capability.
394 'moodle/site:viewuseridentity' => array(
395
396 'captype' => 'read',
397 'contextlevel' => CONTEXT_COURSE,
398 'archetypes' => array(
399 'teacher' => CAP_ALLOW,
400 'editingteacher' => CAP_ALLOW,
401 'manager' => CAP_ALLOW
402 )
403 ),
404
405 'moodle/site:viewreports' => array(
406
407 'riskbitmask' => RISK_PERSONAL,
408
409 'captype' => 'read',
410 'contextlevel' => CONTEXT_COURSE,
411 'archetypes' => array(
412 'teacher' => CAP_ALLOW,
413 'editingteacher' => CAP_ALLOW,
414 'manager' => CAP_ALLOW
415 )
416 ),
417
418 'moodle/site:trustcontent' => array(
419
420 'riskbitmask' => RISK_XSS,
421
422 'captype' => 'write',
423 'contextlevel' => CONTEXT_COURSE,
424 'archetypes' => array(
425 'editingteacher' => CAP_ALLOW,
426 'manager' => CAP_ALLOW
427 )
428 ),
429
430 'moodle/site:uploadusers' => array(
431
432 'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
433
434 'captype' => 'write',
435 'contextlevel' => CONTEXT_SYSTEM,
436 'archetypes' => array(
437 'manager' => CAP_ALLOW
438 )
439 ),
440
441 // Permission to manage filter setting overrides in subcontexts.
442 'moodle/filter:manage' => array(
443
444 'captype' => 'write',
445 'contextlevel' => CONTEXT_COURSE,
446 'archetypes' => array(
447 'editingteacher' => CAP_ALLOW,
448 'manager' => CAP_ALLOW,
449 )
450 ),
451
452 'moodle/user:create' => array(
453
454 'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
455
456 'captype' => 'write',
457 'contextlevel' => CONTEXT_SYSTEM,
458 'archetypes' => array(
459 'manager' => CAP_ALLOW
460 )
461 ),
462
463 'moodle/user:delete' => array(
464
465 'riskbitmask' => RISK_PERSONAL, RISK_DATALOSS,
466
467 'captype' => 'write',
468 'contextlevel' => CONTEXT_SYSTEM,
469 'archetypes' => array(
470 'manager' => CAP_ALLOW
471 )
472 ),
473
474 'moodle/user:update' => array(
475
476 'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
477
478 'captype' => 'write',
479 'contextlevel' => CONTEXT_SYSTEM,
480 'archetypes' => array(
481 'manager' => CAP_ALLOW
482 )
483 ),
484
485 'moodle/user:viewdetails' => array(
486
487 'captype' => 'read',
488 'contextlevel' => CONTEXT_COURSE,
489 'archetypes' => array(
490 'guest' => CAP_ALLOW,
491 'student' => CAP_ALLOW,
492 'teacher' => CAP_ALLOW,
493 'editingteacher' => CAP_ALLOW,
494 'manager' => CAP_ALLOW
495 )
496 ),
497
498 'moodle/user:viewalldetails' => array(
499 'riskbitmask' => RISK_PERSONAL,
500 'captype' => 'read',
501 'contextlevel' => CONTEXT_USER,
502 'archetypes' => array(
503 'manager' => CAP_ALLOW
504 ),
505 'clonepermissionsfrom' => 'moodle/user:update'
506 ),
507
508 'moodle/user:viewhiddendetails' => array(
509
510 'riskbitmask' => RISK_PERSONAL,
511
512 'captype' => 'read',
513 'contextlevel' => CONTEXT_COURSE,
514 'archetypes' => array(
515 'teacher' => CAP_ALLOW,
516 'editingteacher' => CAP_ALLOW,
517 'manager' => CAP_ALLOW
518 )
519 ),
520
521 'moodle/user:loginas' => array(
522
523 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS | RISK_CONFIG,
524
525 'captype' => 'write',
526 'contextlevel' => CONTEXT_COURSE,
527 'archetypes' => array(
528 'manager' => CAP_ALLOW
529 )
530 ),
531
532 // can the user manage the system default profile page?
533 'moodle/user:managesyspages' => array(
534
535 'riskbitmap' => RISK_SPAM | RISK_PERSONAL | RISK_CONFIG,
536
537 'captype' => 'write',
538 'contextlevel' => CONTEXT_SYSTEM,
539 'archetypes' => array(
540 'manager' => CAP_ALLOW
541 )
542 ),
543
544 // can the user manage another user's profile page?
545 'moodle/user:manageblocks' => array(
546
547 'riskbitmap' => RISK_SPAM | RISK_PERSONAL,
548
549 'captype' => 'write',
550 'contextlevel' => CONTEXT_USER
551 ),
552
553 // can the user manage their own profile page?
554 'moodle/user:manageownblocks' => array(
555
556 'riskbitmap' => RISK_SPAM | RISK_PERSONAL,
557
558 'captype' => 'write',
559 'contextlevel' => CONTEXT_SYSTEM,
560 'archetypes' => array(
561 'user' => CAP_ALLOW
562 )
563 ),
564
565 // can the user manage their own files?
566 'moodle/user:manageownfiles' => array(
567
568 'riskbitmap' => RISK_SPAM | RISK_PERSONAL,
569
570 'captype' => 'write',
571 'contextlevel' => CONTEXT_SYSTEM,
572 'archetypes' => array(
573 'user' => CAP_ALLOW
574 )
575 ),
576
577 // can the user manage the system default dashboard page?
578 'moodle/my:configsyspages' => array(
579
580 'riskbitmap' => RISK_SPAM | RISK_PERSONAL | RISK_CONFIG,
581
582 'captype' => 'write',
583 'contextlevel' => CONTEXT_SYSTEM,
584 'archetypes' => array(
585 'manager' => CAP_ALLOW
586 )
587 ),
588
589 'moodle/role:assign' => array(
590
591 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
592
593 'captype' => 'write',
594 'contextlevel' => CONTEXT_COURSE,
595 'archetypes' => array(
596 'editingteacher' => CAP_ALLOW,
597 'manager' => CAP_ALLOW
598 )
599 ),
600
601 'moodle/role:review' => array(
602
603 'riskbitmask' => RISK_PERSONAL,
604
605 'captype' => 'read',
606 'contextlevel' => CONTEXT_COURSE,
607 'archetypes' => array(
608 'teacher' => CAP_ALLOW,
609 'editingteacher' => CAP_ALLOW,
610 'manager' => CAP_ALLOW
611 )
612 ),
613
614 'moodle/role:override' => array(
615
616 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
617
618 'captype' => 'write',
619 'contextlevel' => CONTEXT_COURSE,
620 'archetypes' => array(
621 'manager' => CAP_ALLOW
622 )
623 ),
624
625 'moodle/role:safeoverride' => array(
626
627 'riskbitmask' => RISK_SPAM,
628
629 'captype' => 'write',
630 'contextlevel' => CONTEXT_COURSE,
631 'archetypes' => array(
632 'editingteacher' => CAP_ALLOW
633 )
634 ),
635
636 'moodle/role:manage' => array(
637
638 'riskbitmask' => RISK_SPAM | RISK_PERSONAL | RISK_XSS,
639
640 'captype' => 'write',
641 'contextlevel' => CONTEXT_SYSTEM,
642 'archetypes' => array(
643 'manager' => CAP_ALLOW
644 )
645 ),
646
647 'moodle/role:switchroles' => array(
648
649 'riskbitmask' => RISK_XSS | RISK_PERSONAL,
650
651 'captype' => 'read',
652 'contextlevel' => CONTEXT_COURSE,
653 'archetypes' => array(
654 'editingteacher' => CAP_ALLOW,
655 'manager' => CAP_ALLOW
656 )
657 ),
658
659 // Create, update and delete course categories. (Deleting a course category
660 // does not let you delete the courses it contains, unless you also have
661 // moodle/course: delete.) Creating and deleting requires this permission in
662 // the parent category.
663 'moodle/category:manage' => array(
664
665 'riskbitmask' => RISK_XSS,
666
667 'captype' => 'write',
668 'contextlevel' => CONTEXT_COURSECAT,
669 'archetypes' => array(
670 'manager' => CAP_ALLOW
671 ),
672 'clonepermissionsfrom' => 'moodle/category:update'
673 ),
674
675 'moodle/category:viewhiddencategories' => array(
676
677 'captype' => 'read',
678 'contextlevel' => CONTEXT_COURSECAT,
679 'archetypes' => array(
680 'coursecreator' => CAP_ALLOW,
681 'manager' => CAP_ALLOW
682 ),
683 'clonepermissionsfrom' => 'moodle/category:visibility'
684 ),
685
686 // create, delete, move cohorts in system and course categories,
687 // (cohorts with component !== null can be only moved)
688 'moodle/cohort:manage' => array(
689
690 'captype' => 'write',
691 'contextlevel' => CONTEXT_COURSECAT,
692 'archetypes' => array(
693 'manager' => CAP_ALLOW
694 )
695 ),
696
697 // add and remove cohort members (only for cohorts where component !== null)
698 'moodle/cohort:assign' => array(
699
700 'captype' => 'write',
701 'contextlevel' => CONTEXT_COURSECAT,
702 'archetypes' => array(
703 'manager' => CAP_ALLOW
704 )
705 ),
706
707 // view members of a cohort, this can be used in course context too,
708 // this also controls the ability to actually use cohort
709 'moodle/cohort:view' => array(
710
711 'captype' => 'read',
712 'contextlevel' => CONTEXT_COURSE,
713 'archetypes' => array(
714 'editingteacher' => CAP_ALLOW,
715 'manager' => CAP_ALLOW
716 )
717 ),
718
719 'moodle/course:create' => array(
720
721 'riskbitmask' => RISK_XSS,
722
723 'captype' => 'write',
724 'contextlevel' => CONTEXT_COURSECAT,
725 'archetypes' => array(
726 'coursecreator' => CAP_ALLOW,
727 'manager' => CAP_ALLOW
728 )
729 ),
730
731 'moodle/course:request' => array(
732 'captype' => 'write',
733 'contextlevel' => CONTEXT_SYSTEM,
734 'archetypes' => array(
735 'user' => CAP_ALLOW,
736 )
737 ),
738
739 'moodle/course:delete' => array(
740
741 'riskbitmask' => RISK_DATALOSS,
742
743 'captype' => 'write',
744 'contextlevel' => CONTEXT_COURSE,
745 'archetypes' => array(
746 'manager' => CAP_ALLOW
747 )
748 ),
749
750 'moodle/course:update' => array(
751
752 'riskbitmask' => RISK_XSS,
753
754 'captype' => 'write',
755 'contextlevel' => CONTEXT_COURSE,
756 'archetypes' => array(
757 'editingteacher' => CAP_ALLOW,
758 'manager' => CAP_ALLOW
759 )
760 ),
761
762 'moodle/course:view' => array(
763
764 'captype' => 'read',
765 'contextlevel' => CONTEXT_COURSE,
766 'archetypes' => array(
767 'manager' => CAP_ALLOW,
768 )
769 ),
770
771 /* review course enrolments - no group restrictions, it is really full access to all participants info*/
772 'moodle/course:enrolreview' => array(
773
774 'riskbitmask' => RISK_PERSONAL,
775
776 'captype' => 'read',
777 'contextlevel' => CONTEXT_COURSE,
778 'archetypes' => array(
779 'editingteacher' => CAP_ALLOW,
780 'manager' => CAP_ALLOW,
781 )
782 ),
783
784 /* add, remove, hide enrol instances in courses */
785 'moodle/course:enrolconfig' => array(
786
787 'riskbitmask' => RISK_PERSONAL,
788
789 'captype' => 'write',
790 'contextlevel' => CONTEXT_COURSE,
791 'archetypes' => array(
792 'editingteacher' => CAP_ALLOW,
793 'manager' => CAP_ALLOW,
794 )
795 ),
796
797 'moodle/course:bulkmessaging' => array(
798
799 'riskbitmask' => RISK_SPAM,
800
801 'captype' => 'write',
802 'contextlevel' => CONTEXT_COURSE,
803 'archetypes' => array(
804 'teacher' => CAP_ALLOW,
805 'editingteacher' => CAP_ALLOW,
806 'manager' => CAP_ALLOW
807 )
808 ),
809
810 'moodle/course:viewhiddenuserfields' => array(
811
812 'riskbitmask' => RISK_PERSONAL,
813
814 'captype' => 'read',
815 'contextlevel' => CONTEXT_COURSE,
816 'archetypes' => array(
817 'teacher' => CAP_ALLOW,
818 'editingteacher' => CAP_ALLOW,
819 'manager' => CAP_ALLOW
820 )
821 ),
822
823 'moodle/course:viewhiddencourses' => array(
824
825 'captype' => 'read',
826 'contextlevel' => CONTEXT_COURSE,
827 'archetypes' => array(
828 'coursecreator' => CAP_ALLOW,
829 'teacher' => CAP_ALLOW,
830 'editingteacher' => CAP_ALLOW,
831 'manager' => CAP_ALLOW
832 )
833 ),
834
835 'moodle/course:visibility' => array(
836
837 'captype' => 'write',
838 'contextlevel' => CONTEXT_COURSE,
839 'archetypes' => array(
840 'editingteacher' => CAP_ALLOW,
841 'manager' => CAP_ALLOW
842 )
843 ),
844
845 'moodle/course:managefiles' => array(
846
847 'riskbitmask' => RISK_XSS,
848
849 'captype' => 'write',
850 'contextlevel' => CONTEXT_COURSE,
851 'archetypes' => array(
852 'editingteacher' => CAP_ALLOW,
853 'manager' => CAP_ALLOW
854 )
855 ),
856
857 'moodle/course:manageactivities' => array(
858
859 'riskbitmask' => RISK_XSS,
860
861 'captype' => 'write',
862 'contextlevel' => CONTEXT_MODULE,
863 'archetypes' => array(
864 'editingteacher' => CAP_ALLOW,
865 'manager' => CAP_ALLOW
866 )
867 ),
868
869 'moodle/course:activityvisibility' => array(
870
871 'captype' => 'write',
872 'contextlevel' => CONTEXT_MODULE,
873 'archetypes' => array(
874 'editingteacher' => CAP_ALLOW,
875 'manager' => CAP_ALLOW
876 )
877 ),
878
879 'moodle/course:viewhiddenactivities' => array(
880
881 'captype' => 'write',
882 'contextlevel' => CONTEXT_MODULE,
883 'archetypes' => array(
884 'teacher' => CAP_ALLOW,
885 'editingteacher' => CAP_ALLOW,
886 'manager' => CAP_ALLOW
887 )
888 ),
889
890 'moodle/course:viewparticipants' => array(
891
892 'captype' => 'read',
893 'contextlevel' => CONTEXT_COURSE,
894 'archetypes' => array(
895 'student' => CAP_ALLOW,
896 'teacher' => CAP_ALLOW,
897 'editingteacher' => CAP_ALLOW,
898 'manager' => CAP_ALLOW
899 )
900 ),
901
902 'moodle/course:changefullname' => array(
903
904 'riskbitmask' => RISK_XSS,
905
906 'captype' => 'write',
907 'contextlevel' => CONTEXT_COURSE,
908 'archetypes' => array(
909 'editingteacher' => CAP_ALLOW,
910 'manager' => CAP_ALLOW
911 ),
912 'clonepermissionsfrom' => 'moodle/course:update'
913 ),
914
915 'moodle/course:changeshortname' => array(
916
917 'riskbitmask' => RISK_XSS,
918
919 'captype' => 'write',
920 'contextlevel' => CONTEXT_COURSE,
921 'archetypes' => array(
922 'editingteacher' => CAP_ALLOW,
923 'manager' => CAP_ALLOW
924 ),
925 'clonepermissionsfrom' => 'moodle/course:update'
926 ),
927
928 'moodle/course:changeidnumber' => array(
929
930 'riskbitmask' => RISK_XSS,
931
932 'captype' => 'write',
933 'contextlevel' => CONTEXT_COURSE,
934 'archetypes' => array(
935 'editingteacher' => CAP_ALLOW,
936 'manager' => CAP_ALLOW
937 ),
938 'clonepermissionsfrom' => 'moodle/course:update'
939 ),
940 'moodle/course:changecategory' => array(
941 'riskbitmask' => RISK_XSS,
942
943 'captype' => 'write',
944 'contextlevel' => CONTEXT_COURSE,
945 'archetypes' => array(
946 'editingteacher' => CAP_ALLOW,
947 'manager' => CAP_ALLOW
948 ),
949 'clonepermissionsfrom' => 'moodle/course:update'
950 ),
951
952 'moodle/course:changesummary' => array(
953 'riskbitmask' => RISK_XSS,
954
955 'captype' => 'write',
956 'contextlevel' => CONTEXT_COURSE,
957 'archetypes' => array(
958 'editingteacher' => CAP_ALLOW,
959 'manager' => CAP_ALLOW
960 ),
961 'clonepermissionsfrom' => 'moodle/course:update'
962 ),
963
964
965 'moodle/site:viewparticipants' => array(
966
967 'captype' => 'read',
968 'contextlevel' => CONTEXT_SYSTEM,
969 'archetypes' => array(
970 'manager' => CAP_ALLOW
971 )
972 ),
973
974 'moodle/course:viewscales' => array(
975
976 'captype' => 'read',
977 'contextlevel' => CONTEXT_COURSE,
978 'archetypes' => array(
979 'student' => CAP_ALLOW,
980 'teacher' => CAP_ALLOW,
981 'editingteacher' => CAP_ALLOW,
982 'manager' => CAP_ALLOW
983 )
984 ),
985
986 'moodle/course:managescales' => array(
987
988 'captype' => 'write',
989 'contextlevel' => CONTEXT_COURSE,
990 'archetypes' => array(
991 'editingteacher' => CAP_ALLOW,
992 'manager' => CAP_ALLOW
993 )
994 ),
995
996 'moodle/course:managegroups' => array(
997
998 'captype' => 'write',
999 'contextlevel' => CONTEXT_COURSE,
1000 'archetypes' => array(
1001 'editingteacher' => CAP_ALLOW,
1002 'manager' => CAP_ALLOW
1003 )
1004 ),
1005
1006 'moodle/course:reset' => array(
1007
1008 'riskbitmask' => RISK_DATALOSS,
1009
1010 'captype' => 'write',
1011 'contextlevel' => CONTEXT_COURSE,
1012 'archetypes' => array(
1013 'editingteacher' => CAP_ALLOW,
1014 'manager' => CAP_ALLOW
1015 )
1016 ),
1017
1018 'moodle/blog:view' => array(
1019
1020 'captype' => 'read',
1021 'contextlevel' => CONTEXT_SYSTEM,
1022 'archetypes' => array(
1023 'guest' => CAP_ALLOW,
1024 'user' => CAP_ALLOW,
1025 'student' => CAP_ALLOW,
1026 'teacher' => CAP_ALLOW,
1027 'editingteacher' => CAP_ALLOW,
1028 'manager' => CAP_ALLOW
1029 )
1030 ),
1031
1032 'moodle/blog:search' => array(
1033 'captype' => 'read',
1034 'contextlevel' => CONTEXT_SYSTEM,
1035 'archetypes' => array(
1036 'guest' => CAP_ALLOW,
1037 'user' => CAP_ALLOW,
1038 'student' => CAP_ALLOW,
1039 'teacher' => CAP_ALLOW,
1040 'editingteacher' => CAP_ALLOW,
1041 'manager' => CAP_ALLOW
1042 )
1043 ),
1044
1045 'moodle/blog:viewdrafts' => array(
1046
1047 'riskbitmask' => RISK_PERSONAL,
1048 'captype' => 'read',
1049 'contextlevel' => CONTEXT_SYSTEM,
1050 'archetypes' => array(
1051 'manager' => CAP_ALLOW
1052 )
1053 ),
1054
1055 'moodle/blog:create' => array( // works in CONTEXT_SYSTEM only
1056
1057 'riskbitmask' => RISK_SPAM,
1058
1059 'captype' => 'write',
1060 'contextlevel' => CONTEXT_SYSTEM,
1061 'archetypes' => array(
1062 'user' => CAP_ALLOW,
1063 'manager' => CAP_ALLOW
1064 )
1065 ),
1066
1067 'moodle/blog:manageentries' => array(
1068
1069 'riskbitmask' => RISK_SPAM,
1070
1071 'captype' => 'write',
1072 'contextlevel' => CONTEXT_SYSTEM,
1073 'archetypes' => array(
1074 'teacher' => CAP_ALLOW,
1075 'editingteacher' => CAP_ALLOW,
1076 'manager' => CAP_ALLOW
1077 )
1078 ),
1079
1080 'moodle/blog:manageexternal' => array(
1081
1082 'riskbitmask' => RISK_SPAM,
1083
1084 'captype' => 'write',
1085 'contextlevel' => CONTEXT_SYSTEM,
1086 'archetypes' => array(
1087 'student' => CAP_ALLOW,
1088 'user' => CAP_ALLOW,
1089 'teacher' => CAP_ALLOW,
1090 'editingteacher' => CAP_ALLOW,
1091 'manager' => CAP_ALLOW
1092 )
1093 ),
1094
1095 'moodle/blog:associatecourse' => array(
1096
1097 'captype' => 'write',
1098 'contextlevel' => CONTEXT_COURSE,
1099 'archetypes' => array(
1100 'student' => CAP_ALLOW,
1101 'user' => CAP_ALLOW,
1102 'teacher' => CAP_ALLOW,
1103 'editingteacher' => CAP_ALLOW,
1104 'manager' => CAP_ALLOW
1105 )
1106 ),
1107
1108 'moodle/blog:associatemodule' => array(
1109
1110 'captype' => 'write',
1111 'contextlevel' => CONTEXT_MODULE,
1112 'archetypes' => array(
1113 'student' => CAP_ALLOW,
1114 'user' => CAP_ALLOW,
1115 'teacher' => CAP_ALLOW,
1116 'editingteacher' => CAP_ALLOW,
1117 'manager' => CAP_ALLOW
1118 )
1119 ),
1120
1121 'moodle/calendar:manageownentries' => array( // works in CONTEXT_SYSTEM only
1122
1123 'riskbitmask' => RISK_SPAM,
1124
1125 'captype' => 'write',
1126 'contextlevel' => CONTEXT_COURSE,
1127 'archetypes' => array(
1128 'user' => CAP_ALLOW,
1129 'manager' => CAP_ALLOW
1130 )
1131 ),
1132
1133 'moodle/calendar:managegroupentries' => array(
1134
1135 'riskbitmask' => RISK_SPAM,
1136
1137 'captype' => 'write',
1138 'contextlevel' => CONTEXT_COURSE,
1139 'archetypes' => array(
1140 'teacher' => CAP_ALLOW,
1141 'editingteacher' => CAP_ALLOW,
1142 'manager' => CAP_ALLOW
1143 )
1144 ),
1145
1146 'moodle/calendar:manageentries' => array(
1147
1148 'riskbitmask' => RISK_SPAM,
1149
1150 'captype' => 'write',
1151 'contextlevel' => CONTEXT_COURSE,
1152 'archetypes' => array(
1153 'teacher' => CAP_ALLOW,
1154 'editingteacher' => CAP_ALLOW,
1155 'manager' => CAP_ALLOW
1156 )
1157 ),
1158
1159 'moodle/user:editprofile' => array(
1160
1161 'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
1162
1163 'captype' => 'write',
1164 'contextlevel' => CONTEXT_USER,
1165 'archetypes' => array(
1166 'manager' => CAP_ALLOW
1167 )
1168 ),
1169
1170 'moodle/user:editownprofile' => array(
1171
1172 'riskbitmask' => RISK_SPAM,
1173
1174 'captype' => 'write',
1175 'contextlevel' => CONTEXT_SYSTEM,
1176 'archetypes' => array(
1177 'guest' => CAP_PROHIBIT,
1178 'user' => CAP_ALLOW,
1179 'manager' => CAP_ALLOW
1180 )
1181 ),
1182
1183 'moodle/user:changeownpassword' => array(
1184
1185 'captype' => 'write',
1186 'contextlevel' => CONTEXT_SYSTEM,
1187 'archetypes' => array(
1188 'guest' => CAP_PROHIBIT,
1189 'user' => CAP_ALLOW,
1190 'manager' => CAP_ALLOW
1191 )
1192 ),
1193
1194 // The next 3 might make no sense for some roles, e.g teacher, etc.
1195 // since the next level up is site. These are more for the parent role
1196 'moodle/user:readuserposts' => array(
1197
1198 'captype' => 'read',
1199 'contextlevel' => CONTEXT_USER,
1200 'archetypes' => array(
1201 'student' => CAP_ALLOW,
1202 'teacher' => CAP_ALLOW,
1203 'editingteacher' => CAP_ALLOW,
1204 'manager' => CAP_ALLOW
1205 )
1206 ),
1207
1208 'moodle/user:readuserblogs' => array(
1209
1210 'captype' => 'read',
1211 'contextlevel' => CONTEXT_USER,
1212 'archetypes' => array(
1213 'student' => CAP_ALLOW,
1214 'teacher' => CAP_ALLOW,
1215 'editingteacher' => CAP_ALLOW,
1216 'manager' => CAP_ALLOW
1217 )
1218 ),
1219
1220 // designed for parent role - not used in legacy roles
1221 'moodle/user:viewuseractivitiesreport' => array(
1222 'riskbitmask' => RISK_PERSONAL,
1223
1224 'captype' => 'read',
1225 'contextlevel' => CONTEXT_USER,
1226 'archetypes' => array(
1227 )
1228 ),
1229
1230 //capabilities designed for the new message system configuration
1231 'moodle/user:editmessageprofile' => array(
1232
1233 'riskbitmask' => RISK_SPAM,
1234
1235 'captype' => 'write',
1236 'contextlevel' => CONTEXT_USER,
1237 'archetypes' => array(
1238 'manager' => CAP_ALLOW
1239 )
1240 ),
1241
1242 'moodle/user:editownmessageprofile' => array(
1243
1244 'captype' => 'write',
1245 'contextlevel' => CONTEXT_SYSTEM,
1246 'archetypes' => array(
1247 'guest' => CAP_PROHIBIT,
1248 'user' => CAP_ALLOW,
1249 'manager' => CAP_ALLOW
1250 )
1251 ),
1252
1253 'moodle/question:managecategory' => array(
1254 'riskbitmask' => RISK_SPAM | RISK_XSS,
1255 'captype' => 'write',
1256 'contextlevel' => CONTEXT_COURSE,
1257 'archetypes' => array(
1258 'editingteacher' => CAP_ALLOW,
1259 'manager' => CAP_ALLOW
1260 )
1261 ),
1262
1263 //new in moodle 1.9
1264 'moodle/question:add' => array(
1265 'riskbitmask' => RISK_SPAM | RISK_XSS,
1266 'captype' => 'write',
1267 'contextlevel' => CONTEXT_COURSE,
1268 'archetypes' => array(
1269 'editingteacher' => CAP_ALLOW,
1270 'manager' => CAP_ALLOW
1271 ),
1272 'clonepermissionsfrom' => 'moodle/question:manage'
1273 ),
1274 'moodle/question:editmine' => array(
1275 'riskbitmask' => RISK_SPAM | RISK_XSS,
1276 'captype' => 'write',
1277 'contextlevel' => CONTEXT_COURSE,
1278 'archetypes' => array(
1279 'editingteacher' => CAP_ALLOW,
1280 'manager' => CAP_ALLOW
1281 ),
1282 'clonepermissionsfrom' => 'moodle/question:manage'
1283 ),
1284 'moodle/question:editall' => array(
1285 'riskbitmask' => RISK_SPAM | RISK_XSS,
1286 'captype' => 'write',
1287 'contextlevel' => CONTEXT_COURSE,
1288 'archetypes' => array(
1289 'editingteacher' => CAP_ALLOW,
1290 'manager' => CAP_ALLOW
1291 ),
1292 'clonepermissionsfrom' => 'moodle/question:manage'
1293 ),
1294 'moodle/question:viewmine' => array(
1295 'captype' => 'read',
1296 'contextlevel' => CONTEXT_COURSE,
1297 'archetypes' => array(
1298 'editingteacher' => CAP_ALLOW,
1299 'manager' => CAP_ALLOW
1300 ),
1301 'clonepermissionsfrom' => 'moodle/question:manage'
1302 ),
1303 'moodle/question:viewall' => array(
1304 'captype' => 'read',
1305 'contextlevel' => CONTEXT_COURSE,
1306 'archetypes' => array(
1307 'editingteacher' => CAP_ALLOW,
1308 'manager' => CAP_ALLOW
1309 ),
1310 'clonepermissionsfrom' => 'moodle/question:manage'
1311 ),
1312 'moodle/question:usemine' => array(
1313 'captype' => 'read',
1314 'contextlevel' => CONTEXT_COURSE,
1315 'archetypes' => array(
1316 'editingteacher' => CAP_ALLOW,
1317 'manager' => CAP_ALLOW
1318 ),
1319 'clonepermissionsfrom' => 'moodle/question:manage'
1320 ),
1321 'moodle/question:useall' => array(
1322 'captype' => 'read',
1323 'contextlevel' => CONTEXT_COURSE,
1324 'archetypes' => array(
1325 'editingteacher' => CAP_ALLOW,
1326 'manager' => CAP_ALLOW
1327 ),
1328 'clonepermissionsfrom' => 'moodle/question:manage'
1329 ),
1330 'moodle/question:movemine' => array(
1331 'captype' => 'write',
1332 'contextlevel' => CONTEXT_COURSE,
1333 'archetypes' => array(
1334 'editingteacher' => CAP_ALLOW,
1335 'manager' => CAP_ALLOW
1336 ),
1337 'clonepermissionsfrom' => 'moodle/question:manage'
1338 ),
1339 'moodle/question:moveall' => array(
1340 'captype' => 'write',
1341 'contextlevel' => CONTEXT_COURSE,
1342 'archetypes' => array(
1343 'editingteacher' => CAP_ALLOW,
1344 'manager' => CAP_ALLOW
1345 ),
1346 'clonepermissionsfrom' => 'moodle/question:manage'
1347 ),
1348 //END new in moodle 1.9
1349
1350 // Configure the installed question types.
1351 'moodle/question:config' => array(
1352 'riskbitmask' => RISK_CONFIG,
1353 'captype' => 'write',
1354 'contextlevel' => CONTEXT_SYSTEM,
1355 'archetypes' => array(
1356 'manager' => CAP_ALLOW
1357 )
1358 ),
1359
1360 // While attempting questions, the ability to flag particular questions for later reference.
1361 'moodle/question:flag' => array(
1362 'captype' => 'write',
1363 'contextlevel' => CONTEXT_COURSE,
1364 'archetypes' => array(
1365 'student' => CAP_ALLOW,
1366 'teacher' => CAP_ALLOW,
1367 'editingteacher' => CAP_ALLOW,
1368 'manager' => CAP_ALLOW
1369 )
1370 ),
1371
1372 'moodle/site:doclinks' => array(
1373 'captype' => 'read',
1374 'contextlevel' => CONTEXT_SYSTEM,
1375 'archetypes' => array(
1376 'teacher' => CAP_ALLOW,
1377 'editingteacher' => CAP_ALLOW,
1378 'manager' => CAP_ALLOW
1379 )
1380 ),
1381
1382 'moodle/course:sectionvisibility' => array(
1383
1384 'captype' => 'write',
1385 'contextlevel' => CONTEXT_COURSE,
1386 'archetypes' => array(
1387 'editingteacher' => CAP_ALLOW,
1388 'manager' => CAP_ALLOW
1389 )
1390 ),
1391
1392 'moodle/course:useremail' => array(
1393
1394 'captype' => 'write',
1395 'contextlevel' => CONTEXT_COURSE,
1396 'archetypes' => array(
1397 'editingteacher' => CAP_ALLOW,
1398 'manager' => CAP_ALLOW
1399 )
1400 ),
1401
1402 'moodle/course:viewhiddensections' => array(
1403
1404 'captype' => 'write',
1405 'contextlevel' => CONTEXT_COURSE,
1406 'archetypes' => array(
1407 'editingteacher' => CAP_ALLOW,
1408 'manager' => CAP_ALLOW
1409 )
1410 ),
1411
1412 'moodle/course:setcurrentsection' => array(
1413
1414 'captype' => 'write',
1415 'contextlevel' => CONTEXT_COURSE,
1416 'archetypes' => array(
1417 'editingteacher' => CAP_ALLOW,
1418 'manager' => CAP_ALLOW
1419 )
1420 ),
1421
1422 'moodle/site:mnetlogintoremote' => array(
1423
1424 'captype' => 'read',
1425 'contextlevel' => CONTEXT_SYSTEM,
1426 'archetypes' => array(
1427 )
1428 ),
1429
1430 'moodle/grade:viewall' => array(
1431 'riskbitmask' => RISK_PERSONAL,
1432 'captype' => 'read',
1433 'contextlevel' => CONTEXT_COURSE, // and CONTEXT_USER
1434 'archetypes' => array(
1435 'teacher' => CAP_ALLOW,
1436 'editingteacher' => CAP_ALLOW,
1437 'manager' => CAP_ALLOW
1438 ),
1439 'clonepermissionsfrom' => 'moodle/course:viewcoursegrades'
1440 ),
1441
1442 'moodle/grade:view' => array(
1443 'captype' => 'read',
1444 'contextlevel' => CONTEXT_COURSE,
1445 'archetypes' => array(
1446 'student' => CAP_ALLOW
1447 )
1448 ),
1449
1450 'moodle/grade:viewhidden' => array(
1451 'riskbitmask' => RISK_PERSONAL,
1452 'captype' => 'read',
1453 'contextlevel' => CONTEXT_COURSE,
1454 'archetypes' => array(
1455 'teacher' => CAP_ALLOW,
1456 'editingteacher' => CAP_ALLOW,
1457 'manager' => CAP_ALLOW
1458 ),
1459 'clonepermissionsfrom' => 'moodle/course:viewcoursegrades'
1460 ),
1461
1462 'moodle/grade:import' => array(
1463 'riskbitmask' => RISK_PERSONAL | RISK_XSS,
1464 'captype' => 'write',
1465 'contextlevel' => CONTEXT_COURSE,
1466 'archetypes' => array(
1467 'editingteacher' => CAP_ALLOW,
1468 'manager' => CAP_ALLOW
1469 ),
1470 'clonepermissionsfrom' => 'moodle/course:managegrades'
1471 ),
1472
1473 'moodle/grade:export' => array(
1474 'riskbitmask' => RISK_PERSONAL,
1475 'captype' => 'read',
1476 'contextlevel' => CONTEXT_COURSE,
1477 'archetypes' => array(
1478 'teacher' => CAP_ALLOW,
1479 'editingteacher' => CAP_ALLOW,
1480 'manager' => CAP_ALLOW
1481 ),
1482 'clonepermissionsfrom' => 'moodle/course:managegrades'
1483 ),
1484
1485 'moodle/grade:manage' => array(
1486 'riskbitmask' => RISK_PERSONAL | RISK_XSS,
1487 'captype' => 'write',
1488 'contextlevel' => CONTEXT_COURSE,
1489 'archetypes' => array(
1490 'editingteacher' => CAP_ALLOW,
1491 'manager' => CAP_ALLOW
1492 ),
1493 'clonepermissionsfrom' => 'moodle/course:managegrades'
1494 ),
1495
1496 'moodle/grade:edit' => array(
1497 'riskbitmask' => RISK_PERSONAL | RISK_XSS,
1498 'captype' => 'write',
1499 'contextlevel' => CONTEXT_COURSE,
1500 'archetypes' => array(
1501 'editingteacher' => CAP_ALLOW,
1502 'manager' => CAP_ALLOW
1503 ),
1504 'clonepermissionsfrom' => 'moodle/course:managegrades'
1505 ),
1506
1507 // ability to define advanced grading forms in activities either from scratch
1508 // or from a shared template
1509 'moodle/grade:managegradingforms' => array(
1510 'riskbitmask' => RISK_PERSONAL | RISK_XSS,
1511 'captype' => 'write',
1512 'contextlevel' => CONTEXT_COURSE,
1513 'archetypes' => array(
1514 'editingteacher' => CAP_ALLOW,
1515 'manager' => CAP_ALLOW
1516 ),
1517 'clonepermissionsfrom' => 'moodle/course:managegrades'
1518 ),
1519
1520 // ability to save a grading form as a new shared template and eventually edit
1521 // and remove own templates (templates originally shared by that user)
1522 'moodle/grade:sharegradingforms' => array(
1523 'riskbitmask' => RISK_XSS,
1524 'captype' => 'write',
1525 'contextlevel' => CONTEXT_SYSTEM,
1526 'archetypes' => array(
1527 'manager' => CAP_ALLOW
1528 ),
1529 ),
1530
1531 // ability to edit and remove any shared template, even those originally shared
1532 // by other users
1533 'moodle/grade:managesharedforms' => array(
1534 'riskbitmask' => RISK_XSS,
1535 'captype' => 'write',
1536 'contextlevel' => CONTEXT_SYSTEM,
1537 'archetypes' => array(
1538 'manager' => CAP_ALLOW
1539 ),
1540 ),
1541
1542 'moodle/grade:manageoutcomes' => array(
1543 'captype' => 'write',
1544 'contextlevel' => CONTEXT_COURSE,
1545 'archetypes' => array(
1546 'editingteacher' => CAP_ALLOW,
1547 'manager' => CAP_ALLOW
1548 ),
1549 'clonepermissionsfrom' => 'moodle/course:managegrades'
1550 ),
1551
1552 'moodle/grade:manageletters' => array(
1553 'captype' => 'write',
1554 'contextlevel' => CONTEXT_COURSE,
1555 'archetypes' => array(
1556 'editingteacher' => CAP_ALLOW,
1557 'manager' => CAP_ALLOW
1558 ),
1559 'clonepermissionsfrom' => 'moodle/course:managegrades'
1560 ),
1561
1562 'moodle/grade:hide' => array(
1563 'captype' => 'write',
1564 'contextlevel' => CONTEXT_COURSE,
1565 'archetypes' => array(
1566 'editingteacher' => CAP_ALLOW,
1567 'manager' => CAP_ALLOW
1568 )
1569 ),
1570
1571 'moodle/grade:lock' => array(
1572 'captype' => 'write',
1573 'contextlevel' => CONTEXT_COURSE,
1574 'archetypes' => array(
1575 'editingteacher' => CAP_ALLOW,
1576 'manager' => CAP_ALLOW
1577 )
1578 ),
1579
1580 'moodle/grade:unlock' => array(
1581 'captype' => 'write',
1582 'contextlevel' => CONTEXT_COURSE,
1583 'archetypes' => array(
1584 'editingteacher' => CAP_ALLOW,
1585 'manager' => CAP_ALLOW
1586 )
1587 ),
1588
1589 'moodle/my:manageblocks' => array(
1590 'captype' => 'write',
1591 'contextlevel' => CONTEXT_SYSTEM,
1592 'archetypes' => array(
1593 'user' => CAP_ALLOW
1594 )
1595 ),
1596
1597 'moodle/notes:view' => array(
1598 'captype' => 'read',
1599 'contextlevel' => CONTEXT_COURSE,
1600 'archetypes' => array(
1601 'teacher' => CAP_ALLOW,
1602 'editingteacher' => CAP_ALLOW,
1603 'manager' => CAP_ALLOW
1604 )
1605 ),
1606
1607 'moodle/notes:manage' => array(
1608 'riskbitmask' => RISK_SPAM,
1609
1610 'captype' => 'write',
1611 'contextlevel' => CONTEXT_COURSE,
1612 'archetypes' => array(
1613 'teacher' => CAP_ALLOW,
1614 'editingteacher' => CAP_ALLOW,
1615 'manager' => CAP_ALLOW
1616 )
1617 ),
1618
1619 'moodle/tag:manage' => array(
1620 'riskbitmask' => RISK_SPAM,
1621
1622 'captype' => 'write',
1623 'contextlevel' => CONTEXT_SYSTEM,
1624 'archetypes' => array(
1625 'teacher' => CAP_ALLOW,
1626 'editingteacher' => CAP_ALLOW,
1627 'manager' => CAP_ALLOW
1628 )
1629 ),
1630
1631 'moodle/tag:create' => array(
1632 'riskbitmask' => RISK_SPAM,
1633
1634 'captype' => 'write',
1635 'contextlevel' => CONTEXT_SYSTEM,
1636 'archetypes' => array(
1637 'manager' => CAP_ALLOW,
1638 'user' => CAP_ALLOW
1639 )
1640 ),
1641
1642 'moodle/tag:edit' => array(
1643 'riskbitmask' => RISK_SPAM,
1644
1645 'captype' => 'write',
1646 'contextlevel' => CONTEXT_SYSTEM,
1647 'archetypes' => array(
1648 'manager' => CAP_ALLOW,
1649 'user' => CAP_ALLOW
1650 )
1651 ),
1652
1653 'moodle/tag:editblocks' => array(
1654 'captype' => 'write',
1655 'contextlevel' => CONTEXT_SYSTEM,
1656 'archetypes' => array(
1657 'teacher' => CAP_ALLOW,
1658 'editingteacher' => CAP_ALLOW,
1659 'manager' => CAP_ALLOW
1660 )
1661 ),
1662
1663 'moodle/block:view' => array(
1664 'captype' => 'read',
1665 'contextlevel' => CONTEXT_BLOCK,
1666 'archetypes' => array(
1667 'guest' => CAP_ALLOW,
1668 'user' => CAP_ALLOW,
1669 'student' => CAP_ALLOW,
1670 'teacher' => CAP_ALLOW,
1671 'editingteacher' => CAP_ALLOW,
1672 )
1673 ),
1674
1675 'moodle/block:edit' => array(
1676 'riskbitmask' => RISK_SPAM | RISK_XSS,
1677
1678 'captype' => 'write',
1679 'contextlevel' => CONTEXT_BLOCK,
1680 'archetypes' => array(
1681 'editingteacher' => CAP_ALLOW,
1682 )
1683 ),
1684
1685 'moodle/portfolio:export' => array(
1686 'captype' => 'read',
1687 'contextlevel' => CONTEXT_SYSTEM,
1688 'archetypes' => array(
1689 'user' => CAP_ALLOW,
1690 'student' => CAP_ALLOW,
1691 'teacher' => CAP_ALLOW,
1692 'editingteacher' => CAP_ALLOW,
1693 )
1694 ),
1695 'moodle/comment:view' => array(
1696 'captype' => 'read',
1697 'contextlevel' => CONTEXT_COURSE,
1698 'archetypes' => array(
1699 'frontpage' => CAP_ALLOW,
1700 'guest' => CAP_ALLOW,
1701 'user' => CAP_ALLOW,
1702 'student' => CAP_ALLOW,
1703 'teacher' => CAP_ALLOW,
1704 'editingteacher' => CAP_ALLOW,
1705 'manager' => CAP_ALLOW
1706 )
1707 ),
1708 'moodle/comment:post' => array(
1709
1710 'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
1711 'captype' => 'write',
1712 'contextlevel' => CONTEXT_COURSE,
1713 'archetypes' => array(
1714 'user' => CAP_ALLOW,
1715 'student' => CAP_ALLOW,
1716 'teacher' => CAP_ALLOW,
1717 'editingteacher' => CAP_ALLOW,
1718 'manager' => CAP_ALLOW
1719 )
1720 ),
1721 'moodle/comment:delete' => array(
1722
1723 'riskbitmask' => RISK_DATALOSS,
1724 'captype' => 'write',
1725 'contextlevel' => CONTEXT_COURSE,
1726 'archetypes' => array(
1727 'editingteacher' => CAP_ALLOW,
1728 'manager' => CAP_ALLOW
1729 )
1730 ),
1731 'moodle/webservice:createtoken' => array(
1732
1733 'riskbitmask' => RISK_CONFIG | RISK_DATALOSS | RISK_SPAM | RISK_PERSONAL | RISK_XSS,
1734 'captype' => 'write',
1735 'contextlevel' => CONTEXT_SYSTEM,
1736 'archetypes' => array(
1737 'manager' => CAP_ALLOW
1738 )
1739 ),
1740 'moodle/webservice:createmobiletoken' => array(
1741
1742 'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
1743 'captype' => 'write',
1744 'contextlevel' => CONTEXT_SYSTEM,
1745 'archetypes' => array(
1746 'user' => CAP_ALLOW
1747 )
1748 ),
1749 'moodle/rating:view' => array(
1750
1751 'captype' => 'read',
1752 'contextlevel' => CONTEXT_COURSE,
1753 'archetypes' => array(
1754 'user' => CAP_ALLOW,
1755 'student' => CAP_ALLOW,
1756 'teacher' => CAP_ALLOW,
1757 'editingteacher' => CAP_ALLOW,
1758 'manager' => CAP_ALLOW
1759 )
1760 ),
1761 'moodle/rating:viewany' => array(
1762
1763 'riskbitmask' => RISK_PERSONAL,
1764 'captype' => 'read',
1765 'contextlevel' => CONTEXT_COURSE,
1766 'archetypes' => array(
1767 'user' => CAP_ALLOW,
1768 'student' => CAP_ALLOW,
1769 'teacher' => CAP_ALLOW,
1770 'editingteacher' => CAP_ALLOW,
1771 'manager' => CAP_ALLOW
1772 )
1773 ),
1774 'moodle/rating:viewall' => array(
1775
1776 'riskbitmask' => RISK_PERSONAL,
1777 'captype' => 'read',
1778 'contextlevel' => CONTEXT_COURSE,
1779 'archetypes' => array(
1780 'user' => CAP_ALLOW,
1781 'student' => CAP_ALLOW,
1782 'teacher' => CAP_ALLOW,
1783 'editingteacher' => CAP_ALLOW,
1784 'manager' => CAP_ALLOW
1785 )
1786 ),
1787 'moodle/rating:rate' => array(
1788
1789 'captype' => 'write',
1790 'contextlevel' => CONTEXT_COURSE,
1791 'archetypes' => array(
1792 'user' => CAP_ALLOW,
1793 'student' => CAP_ALLOW,
1794 'teacher' => CAP_ALLOW,
1795 'editingteacher' => CAP_ALLOW,
1796 'manager' => CAP_ALLOW
1797 )
1798 ),
1799 'moodle/course:publish' => array(
1800
1801 'captype' => 'write',
1802 'riskbitmask' => RISK_SPAM | RISK_PERSONAL,
1803 'contextlevel' => CONTEXT_SYSTEM,
1804 'archetypes' => array(
1805 'manager' => CAP_ALLOW
1806 )
1807 ),
1808 'moodle/course:markcomplete' => array(
1809 'captype' => 'write',
1810 'contextlevel' => CONTEXT_COURSE,
1811 'archetypes' => array(
1812 'teacher' => CAP_ALLOW,
1813 'editingteacher' => CAP_ALLOW,
1814 'manager' => CAP_ALLOW
1815 )
1816 ),
1817 'moodle/community:add' => array(
1818 'captype' => 'write',
1819 'contextlevel' => CONTEXT_SYSTEM,
1820 'archetypes' => array(
1821 'manager' => CAP_ALLOW,
1822 'teacher' => CAP_ALLOW,
1823 'editingteacher' => CAP_ALLOW,
1824 )
1825 ),
1826 'moodle/community:download' => array(
1827 'captype' => 'write',
1828 'contextlevel' => CONTEXT_SYSTEM,
1829 'archetypes' => array(
1830 'manager' => CAP_ALLOW,
1831 'editingteacher' => CAP_ALLOW,
1832 )
1833 )
1834 );
Read-only mirror of the Moodle CVS