Manage roles

Jump to: navigation, search

Note: You are currently viewing documentation for Moodle 1.9. Up-to-date documentation for the latest stable version is available here: Manage roles.

Location: Administration > Users > Permissions > Define roles

The define roles page has three tabs, for managing roles, allowing role assignments and allowing role overrides.

The manage roles tab contains a list of roles on your site. The edit column contains icons for editing and deleting roles, and for moving them up or down in the list (affecting the way that roles are listed around Moodle).

Predefined roles

Moodle comes with 7 predefined roles:

Editing a role

Managing roles

To edit a role:

  1. Click on Permissions in the Site Administration block, then Define roles.
  2. Click the edit icon opposite the role you want to edit e.g. student.
  3. On the edit role page, change permissions as required.
  4. Scroll to the bottom of the page and click the "Save changes" button.

Adding a new role

To add a new role:

  1. Click on Permissions in the Site Administration block, then Define roles.
  2. Click the "Add a new role" button.
  3. On the add a new role page, give the role a name. If you need to name the role for multiple languages you can use multi-lang syntax if you wish, such as
    <span lang="en" class="multilang">Teacher</span> <span lang="es_es" class="multilang">Profesor</span>
    . If multi-lang syntax is used then Filter all strings should be set in Filter settings.
  4. Give the role a meaningful short name. The short name is necessary for other plugins in Moodle that may need to refer to the role (e.g. when uploading users from a file or setting enrolments via an enrolment plugin).
  5. Give the role a description (optional).
  6. Set permissions as required.
  7. Scroll to the bottom of the page and click the "Add a new role" button.

Creating a duplicate role

In Moodle 1.8 onwards, a new role may be quickly created by making a copy of an existing role.

To create a duplicate role:

  1. Click on Permissions in the Site Administration block, then Define roles.
  2. Click on the role to be duplicated, for example "Guest".
  3. Click the "Duplicate role" button near the top of the "View role details" page.
  4. Answer Yes to the question "Are you sure you want to duplicate the role ...?"
  5. The list of roles will now show the "... copy 1" at the bottom, for example "Guest copy 1".
  6. Edit the duplicated role to meet your needs.


There are four settings for each capability:

Not Set
This is the default value for all permissions when a new role is created.
Note that if a capability is left as "Not Set," the resulting behavior is that of Prevent, unless otherwise allowed by another role at a higher context. For example, if you mark Not Set for the permission of a Student to Add New Discussions in a forum, they will not be allowed to do so unless they also hold the role of Teacher, Course Creator, or another higher role for which that capability is allowed.
By choosing this you are granting permission for this capability to people who are assigned this role. This permission applies for the context that this role gets assigned plus all "lower" contexts. For example, if this role is a student role assigned to a course, then students will be able to "start new discussions" in all forums in that course, unless some forum contains an override or a new assignment with a Prevent or Prohibit value for this capability.
By choosing this you are removing permission for this capability, even if the users with this role were allowed that permission in a higher context.
This is rarely needed, but occasionally you might want to completely deny permissions to a role in a way that can NOT be overridden at any lower context. An example of when you might need this is when an admin wants to prohibit one person from starting new discussions in any forum on the whole site. In this case they can create a role with that capability set to "Prohibit" and then assign it to that user in the system context.

Legacy role types

Legacy role types in Moodle 1.7 to 1.9 were implemented for backward compatibility. Selecting a legacy role type in 1.8 (or allowing a legacy capability in 1.7) does NOT provide a new role with all capabilities of a pre-Moodle 1.7 role.

It is recommended that a legacy role type is selected only for roles that are similar to pre-Moodle 1.7 student/teacher/admin/creator roles.

It is not necessary to select a legacy role type unless using old 3rd party code that was not designed for Moodle 1.7 and doesn't yet support roles.

Role archetypes

Moodle 2.0

In Moodle 2.0 onwards, a role archetype may be set. If the role is then reset to default, appropriate permissions are set. Thus it provides an alternative method to creating a duplicate of a default role.

If new capabilities are added in future versions of Moodle, the role archetype setting determines any new permissions for the role when the site is upgraded.

New role considerations

A newly-created role does not have the ability to assign or override any other roles. This is true even when the new role is a copy of a role that had such abilities. If such ability is needed, the administrator must grant it explicitly (Site administration -> Users -> Permissions -> Define roles -> Allow role assignments and Allow role overrides tab).

A new role is not automatically listed in course descriptions even if was created by copying a role that is listed, such as Teacher. If you want the new role to appear in the course listing, you must set it explicitly via Administration > Appearance > Course managers.

Testing a new role

In Moodle 1.9 and later, you can use the "Switch roles to..." menu in the upper right corner of each course page to test the new role. Since switching roles confines you to those roles you can assign in a course context, this method is only useful for testing course-scoped capabilities (i.e., it will not be useful for testing permissions that apply outside the course context, like moodle/user:edit).

In Moodle 1.7.x and 1.8.x role changes take effect only after the next login from that user, so new roles may not be tested using the "Switch role to..." feature.

In any version of Moodle with roles, you can always create test user and assign the new role to them. Then logout as admin and login as the test user.

Example roles

  • Inspector - for providing external inspectors with permission to view all courses (without being required to enrol)
  • Parent - for providing parents/mentors/tutors with permission to view certain information about their children/mentees/tutees
  • Demo teacher - for providing a demonstration teacher account with a password which can't be changed
  • Forum moderator - for providing a user with permission in a particular forum to edit or delete forum posts, split discussions and move discussions to other forums
  • Calendar editor - for enabling a user to add site or course events to the calendar
  • Blogger - for limiting blogging to specific users only
  • Quiz user with unlimited time - for allowing a user unlimited time to attempt a quiz which has a time limit set
  • Question creator - for enabling students to create questions for use in quizzes
  • Keyholder role - someone who manages the Enrolment key in courses
  • Course requester role - for restricting users who can make course requests

See also

Using Moodle forum discussions: