Note: You are currently viewing documentation for Moodle 2.4. Up-to-date documentation for the latest stable version of Moodle may be available here: Roles and permissions.

Roles and permissions

From MoodleDocs
Revision as of 03:51, 29 November 2006 by Yu Zhang (talk | contribs) (→‎Roles)


Template:Moodle 1.7

Roles

Previous Moodle versions had predefined, fixed roles. There was no easy way to change what a teacher, or student, for instance, could do. While fixed roles are adequate for many users, others require greater flexibility in regulating how users see and interact with the system.

With Roles, authorised users can create any number of customised roles and assign them to users. From 1.7, an organisation can create multiple roles so that, for instance, students assigned Role A could post to forums, while students assigned Role B are prevented from posting.

Definitions

  • A role is an identifier of the user's status in some context. For example, teacher, student and forum moderator are examples of roles.
  • A capability is a description of some particular Moodle feature. Capabilities are associated with roles. For example, mod/forum:replypost is a capability.
  • A permission is a value that is assigned for a capability for a particular role. For example, allow or prevent.
  • A context is a "space" in the Moodle, such as courses, activity modules, blocks etc. Roles will only work if the role assignment is made at the correct context level. For example, a "teacher" role should be assigned at course context level, a "forum moderator" for a particular forum should be assigned at the activity level, an "administrator" should be assigned at the system level and so on.

The list of contexts in hierarchical order:

    • The System context is accessible via the administrator's block. (no parent)
    • The Course category context is accessbile in the course category page. (parent = site)
    • The Course context is accessible via the course administration block (old admin block). (parent = course category or site)
    • The Module context is accessible during updating the module. (parent = course)
    • The Block context is accessible when editting mode is on. (parent = site or course)
    • The User context is accessbile by viewing the user profile and click on "Roles" tab (parent = site)

Inheritance will kick in if a role is assigned at a higher level. For example, assigning a "teacher" to a course category will make this user the teacher for ALL courses within the category.

Capabilities

Capabilities are aggregated and controlled via roles. Stated another way, a role consists of a list of capabilities for different possible actions within Moodle (eg delete discussions, add activities etc). With 1.7 it's now possible to have sophisticated yet flexible levels of control over participants and what they can or can't do.

Upgrading to 1.7

The upgrade to 1.7 is as smooth as we could make it. The existing roles (admin, teacher, student, etc), and the existing capabilities will be automatically retained. This is done by creating default roles at site/course levels, and assigning the current users to these roles accordingly. The default roles will have default capabilities associated with them, mirroring what we have in 1.6. With no modifications, Moodle will operate almost exactly the same before and after the upgrade.

See also