Note: You are currently viewing documentation for Moodle 2.0. Up-to-date documentation for the latest stable version is available here: Managing roles.

Managing roles: Difference between revisions

From MoodleDocs
(→‎Example roles: link added)
(Dodgy english)
Line 70: Line 70:
===Consider Assignments and Overrides===
===Consider Assignments and Overrides===


A newly created or copied role will have not have the ability to override or assign any other roles. You should consider if you need to allow the role such rights
A newly created or copied role does not have the ability to override or assign any other roles. You should consider if you need to allow the role such rights


==Testing a new role==
==Testing a new role==

Revision as of 10:29, 27 July 2007


Location: Administration > Users > Permissions > Define roles

Moodle comes with 7 predefined roles:

Each role may be edited via the link next to its name.


Permissions

Permissions are settings for specific capabilities. There are four values: Administration Block Site Roles detail.JPG

Not Set (formerly Inherit)
This is the default value for all permissions when a new role is created. It means "use whatever setting the user already has". To determine what permission the user already has, Moodle searches upward through the nested contexts, looking for an explicit value (Allow, Prevent, Prohibit) for this capability. For example, if a role is assigned to a user in a course context, and some capability has a value of 'Not set,' then the actual permission will be whatever the user has at the category level, or (failing to find an explicit permission at the category level) at the site level. Note that the search terminates when an explicit permission is found. If no explicit permission is found, then the value in the current context becomes Prevent.
Allow
By choosing this you are granting permission for this capability to people who are assigned this role. This permission applies for the context that this role gets assigned plus all "lower" contexts. For example, if this role is a student role assigned to a course, then students will be able to "start new discussions" in all forums in that course, unless some forum contains an override or a new assignment with a Prevent or Prohibit value for this capability.
Prevent
By choosing this you are removing permission for this capability, even if the users with this role were allowed that permission in a higher context.
Prohibit
This is rarely needed, but occasionally you might want to completely deny permissions to a role in a way that can NOT be overridden at any lower context. An example of when you might need this is when an admin wants to prohibit one person from starting new discussions in any forum on the whole site. In this case they can create a role with that capability set to "Prohibit" and then assign it to that user in the site context.

Permissions at a "lower" context will generally override anything at a "higher" context (this applies to overrides and assigned roles). The exception is Prohibit which can not be overridden at lower levels.

If two roles are assigned to a person in the same context, one with Allow and one with Prevent, which one wins? In this case, Moodle will look up the context tree for a "decider".

For example, a student has two roles in a course, one that allows them to start new discussions, one that prevents them. In this case, we check the categories and the site contexts, looking for another defined permission to help us decide. If we don't find one, then permission is Prevent by default (because the two settings cancelled each other out, and thus they have no permission).

Legacy role types

  • Legacy role types were implemented for backward compatibility.
  • Selecting a legacy role type in 1.8 (or allowing a legacy capability in 1.7) does NOT provide a new role with all capabilities of a pre-Moodle 1.7 role.
  • It is recommended that a legacy role type is selected only for roles that are similar to pre-Moodle 1.7 student/teacher/admin/creator roles.
  • It is not necessary to select a legacy role type unless using old 3rd party code that was not designed for Moodle 1.7 and doesn't yet support roles.

Adding a new role

  1. Give the role an appropriate name. If you need to name the role for multiple languages you can use multi-lang syntax if you wish, such as <span lang="en" class="multilang">Teacher</span> <span lang="es_es" class="multilang">Profesor</span>. If multi-lang syntax is used then Filter all strings should be set in Filter settings.
  2. Give the role a meaningful short name. The short name is necessary for other plugins in Moodle that may need to refer to the role (e.g. when uploading users from a file or setting enrolments via an enrolment plugin).
  3. Optional: Give the role a description so that everyone has a common understanding of it.

Edit Options

The final column on the roles page is the Edit column. This provides icons to directly edit the role, delete the role and up and down arrows to change the order of your roles (affecting the way that roles are listed around Moodle).

Creating a duplicate role

Template:Moodle 1.8 In Moodle 1.8 onwards, a new role may be quickly created my making a copy of an existing role. An administrator will find this in the Admin block, under Users, Permissions and Defined roles.

  1. Click on the role to be duplicated. For example "Guest".
  2. Click the "Duplicate role" button near the top of the "View role details" page.
  3. Answer Yes to the question "Are you sure you want to duplicate the role ...?"
  4. The list of roles will now show the "... copy 1" at the bottom. For example "Guest copy 1".
  5. Edit the duplicated role to meet your needs.

Displaying the role in course listings

New roles will not by default be displayed in course listings (even if copied from a role that already is). This is controlled from the Course managers administration page.

Consider Assignments and Overrides

A newly created or copied role does not have the ability to override or assign any other roles. You should consider if you need to allow the role such rights

Testing a new role

  1. Create test user and assign new role to them.
  2. Either logout as admin and then login as test user or use a different browser to login as test user.

Note: New roles may not be tested using the "Switch role to..." feature.

Example roles

  • Inspector - for providing external inspectors with permission to view all courses (without being required to enrol)
  • Parent - for providing parents/mentors/tutors with permission to view certain information about their children/mentees/tutees
  • Demo teacher - for providing a demonstration teacher account with a password which can't be changed
  • Forum moderator role - for providing a user with permission in a particular forum to edit or delete forum posts, split discussions and move discussions to other forums
  • Keyholder role - for setting the person named as holding a course enrolment key

See also