Roles FAQ: Difference between revisions

From MoodleDocs
Main pageManaging a Moodle siteRoles and permissionsRoles FAQ
Roles and permissions
(adding this back - not sure why it was removed)
 
(104 intermediate revisions by 16 users not shown)
Line 3: Line 3:


;Capability
;Capability
:A configurable aspect of behavior, for example [[Capabilities/mod/forum:rate|mod/forum:rate]]
:A configurable aspect of program behavior. Moodle has 100s of capabilities.  Each capability has a computer friendly name like [[Capabilities/mod/forum:rate|mod/forum:rate]] and a human-friendly name like "Rate posts."
;Permission
;Permission
:A capability and its value considered as a pair.  There are four possible values: ''Not set'' (known as ''Inherit'' in 1.7), ''Allow'', ''Prevent'', and ''Prohibit''
:Permissions are paired with each  capability.  There are four possible permission values: ''Allow'', ''Prevent'', ''Prohibit'' and ''Not set''/''Inherit''. (It is called not-set when defining roles and inherit when overriding permissions.)
;Role
;Role
:A named set of permissions, for example Teacher, Student and Forum moderator
:A named set of permissions that are associated with each capability. For example. the "Teacher" and "Student" roles come with the standard Moodle install.
;Context
;Context
:A functional area of Moodle, such as a course, module or block
:A functional area of Moodle. Contexts have a hierarchy.  Examples of contexts include a course, activity module, or resource.


==Why isn't my role change taking effect?==
==Why isn't my role change taking effect?==


In Moodle 1.7.x and 1.8.x, role assignments and overrides do not take effect immediately.  They are delayed until the next time the user logs in.  Starting with Moodle 1.9, explicit role assignments and overrides take effect immediately. However role assignments resulting from changes to certain user policies (for example, changing the default front page role) may be delayed until the next login.
Certain capabilities e.g. [[Capabilities/moodle/user:changeownpassword|moodle/user:changeownpassword]] may only be applied in the system context, so giving such permissions by assigning a role in the course context will have no effect.


If you are testing a new role, [[Manage_roles#Testing_a_new_role | here are some suggestions]].
==Why do some users I know are in my course not appear in ''Participants''?==


Also, please check the context in which the role is assigned. Certain capabilities e.g. [[Capabilities/moodle/user:update|moodle/user:update]] may only be applied in the system context, so assigning a role in the course context will result in the role change not taking effect.
Users assigned roles in a higher context, for example users assigned the role of teacher in the course category are technically not enrolled in the course and so will not appear in the Participants link in the [[Navigation block]] but can be found via ''Course administration > Users > Other users''.


==Why are all my teacher accounts automatically added as "Teachers" in all my courses?==
==How can I prevent a user from changing their own password?==


If a user is assigned a role in the System context (Site administration -> Users -> Permissions -> Assign system roles) or in a Course category context, then the user will have this role in ALL courses within the context. For example, a user who is assigned the Teacher role in the System context will appear as a Teacher in all courses on the site, including the Front page course.
==== Using roles ====


Except in very special cases, teachers and students should be assigned their respective roles in a Course context. When these roles are assigned in a System context, it is almost always an error on the part of the administrator.
To prevent a user from changing their own password, you must make sure they do not have [[Capabilities/moodle/user:changeownpassword|moodle/user:changeownpassword]] = Allow in the System context. The Authenticated user role (which is assigned to users in the System context) has moodle/user:changeownpassword = Allow by default, so you have two choices:
# Edit Authenticated user, setting moodle/user:changeownpassword = Not set
# Create a new role CannotChangeOwnPassword with moodle/user:changeownpassword = Prevent and all other permissions Not set. Choose "system" for the context type  and assign the role to selected users in the System context  via ''Administration>Site administration -> Users -> Permissions -> Assign system roles).''


If you have accidentally assigned a System role, go to ''Administration > Users > Permissions > Assign system roles'' unassign users using the right-facing arrow buttonThen re-assign the roles in the appropriate Course context.
Choice (1) will prevent ''all'' users from changing their passwords (except for the administrator, who can do anything)To selectively allow selected users (say teachers) to change their passwords, you could create a new role CanChangeOwnPassword with moodle/user:changeownpassword = Allow and all other permissions not set and assign the role to selected users in the System context (Site administration -> Users -> Permissions -> Assign system roles).


==Why are all students enrolled in all courses?==
Choice (2) allows you to be selective, but if you have a lot of users that you want to prevent (say, all students), you will have to make a lot of role assignments in the System context.  There is currently no convenient way to do this, so you might consider choice (1).


Either
Note that you MUST deal with this permission in the System context.
*Users are assigned the role of student in the site/system context rather than the course context (see FAQ above)
Or
*The default role for all users in ''Administration > Users > Permissions > User policies'' is set to Student rather than Authenticated user (Moodle 1.8 onwards).


==Why are there differences in the users listed as course participants and users assigned roles in a course?==
==== Alternative solution ====


Users assigned roles in a higher context, for example users assigned the role of teacher in a course category context, may appear as course participants. The discussion [http://moodle.org/mod/forum/discuss.php?d=59900 Discrepancies between Assign Roles lists and Participants list] contains a longer explanation.  
Go to Site administration > Plugins > Manage authentication plugins. Find the 'forgottenpasswordurl' setting and point it to a static HTML page on your server (or even a Moodle Page resource on the front page). Explain your password policy on that page. This stops users changing passwords. This applies to ALL users, however, so admins will need to fix any lost passwords for the whole site.


==How can I prevent administrators being listed as course participants?==
==How can I prevent a user from editing their own profile?==


Ensure that administrators are not assigned another role in addition to their admin role.
See [[Roles_FAQ#How can I prevent a user from changing their own password? | How can I prevent a user from changing their own password?]]  The answer to this question is the same if you substitute ''edit their own profile'' for ''change their own password'' and ''[[Capabilities/moodle/user:editownprofile|moodle/user:editownprofile]]'' for ''moodle/user:changeownpassword.''


==Why are hidden assignments still visible?==
== How can I allow a "test" Student user to see courses that are hidden?==


Hidden assignments are not hidden from admins or teachers i.e. users with the [[Capabilities/moodle/role:viewhiddenassigns|viewhiddenassigns capability]].
Having a test user to try out courses before you open them to regular students is useful. But if the course is hidden, then the enroled test student will not be able to see it. The solution to this problem, if you do not wish to make the hidden course visible yet, is to create a ''Student tester rol'', a clone of the default Student role and then set the ability to see hidden courses to Allow.


==What is the difference between Prevent and Not set?==
* Create a new role in ''Site administration > Users > Permissions > Define roles > Add a new role'', then for ''Use role or archtype'' choose ''ARCHETYPE: Student'' (or Student if you have customized the default Student role already)
* Give the role a new shortname and fullname as appropriate, e.g. studenttester, Student Tester
* Change the 'View hidden courses' [[Capabilities/moodle/course:viewhiddencourses|course:viewhiddencourses]] capability from Not Set to Allow
* Click the 'Create this role button'


If a role has capability ''X = Not set'', then the role is saying "I don't care about X."  If a role has ''X = Prevent,'' then the role is saying "I don't want you be able to do X."  Now you typically have multiple roles in a given context, and those roles may have different opinions about ''X''. If ALL of your roles have ''X = Not set'' then you will be effectively prevented from doing ''X'' because you need positive permission to do something.  It's just like an election.  If you are a candidate but no one votes, you don't win the election. If all of your roles except for one has ''X = Not set'' and the remaining role has ''X = Allow'', then you will be allowed to do X.  Again, it's like an election where only one person votes, and they vote for you!  For more complicated cases (e.g., roles assigned and overridden in different contexts) you need to understand [[How permissions are calculated]], but the principle is the same: By not voting, a role can allow other roles to determine the outcome of the election.  Roles with lots of permissions Not set tend to mix well with other roles.  
Now enrol your test student in the course using this new role instead of the Student role, and they will be able to see and work in the course as a normal student even when the course is hidden. They will not be able to see other hidden courses in which they are not enroled.


==What is my role here?==
==How do I change the name for "teacher" in the course description?==


This is a frequently asked question, but an improper one. The correct question is "What are my ''permissions'' here?"  In any given context, you often have two or more roles. In addition, one or more role overrides may be in effect. Your permissions in a given context are a result of "adding" the individual permissions from these roles and overrides according to certain rulesAs Tim Hunt writes in [http://moodle.org/mod/forum/discuss.php?d=90140 this discussion], the rules "normally do what you expect." However when permissions conflict, the results can be surprising, and it pays to understand [[How permissions are calculated]].
Either
* Edit the role of Teacher via ''Site administration > Users > Permissions > Define roles'' and rename it. The new name will apply site-wide.
Or
* Create a duplicate teacher role with an alternative name and assign users the duplicate teacher role as appropriate in the course context. In ''Site administration > Appearance > Course contact'' select the alternative name for teacher that you wish to be displayed in the course description when courses are listed. For example, copy the standard teacher role and call it Instructor and only show that role as the course contact.
Or
* Create a new "dummy" role (no capabilities) with those names and assign them to teachers along with the real roles. select the alternative name for teacher that you wish to be displayed in the course description when courses are listed.  For example, copy the guest role, call it Lead Teacher and make this the course contactYou may have 5 teachers in the course but only one name will appear as Lead Teacher.   If nobody is assigned the role Lead Teacher, no course contact will show.
Or
*Names for different roles in a course may be changed in the [[Course settings|Course administration > edit settings]] "Role renaming" fieldsFor example, some courses the teacher wants the title "Professor", or "Chief" or "Mentor". 
Or
*[[Language customization|Edit the language files]] and change any word you want.


==How do I debug a roles-related problem?==
==How do I enable teachers to set role overrides?==


If you're having a problem that you suspect is related to roles, consider using [[The rolesdebug.php roles debugging script | the rolesdebug.php roles debugging script]].  You can download it from the [http://moodle.org/mod/data/view.php?d=13&rid=1204 Modules and plugins database]. The script gives you a spatial view of your role assignments and overrides in a given context, and analyzes your permissions there. To interpret the output requires a basic understanding of roles and capabilities. If you are a complete roles novice, run the script and post the output to the [http://moodle.org/mod/forum/view.php?id=6826 Roles and Capabilities Forum].
#Access ''Site administration > Users > Permissions > Define roles''.
#Edit the teacher role and change the capability [[Capabilities/moodle/role:safeoverride|moodle/role:safeoverride]] to allow.
#Click the button "Save changes".
#Click the tab "Allow role overrides" (in ''Site administration > Users > Permissions > Define roles'').
#Check the appropriate box(s) in the teacher row to set which role(s) teachers can override. Most likely it will just be the student role (you don't want teachers to be able to override admins!), so check the box where the teacher row intersects with the student column.
#Click the button "Save changes".


==How can I prevent a user from changing their own password?==
==How do I enable teachers to assign other teachers in a course?==


To prevent a user from changing their own password, you must make sure they do not have moodle/user:changeownpassword ("Change own password") = Allow in the System context. The Authenticated user role (which is assigned to users in the System context) has moodle/user:changeownpassword = Allow by default, so you have two choices:
This is disabled by default but it can be switched on by modifying the teacher's role. In ''Site administration > Users > Permissions > Define roles'' select the "Allow role assignments" tab and tick the checkbox where Teacher and Teacher intersect.
# edit Authenticated user, setting moodle/user:changeownpassword = Not set
# create a new role CannotChangeOwnPassword with moodle/user:changeownpassword = Prevent and all other permissions Not set and assign the role to selected users in the System context (Site administration -> Users -> Permissions -> Assign system roles).  


Choice (1) will prevent ''all'' users from changing their passwords (except for the administrator, who can do anything). To selectively allow selected users (say teachers) to change their passwords, you could create a new role CanChangeOwnPassword with moodle/user:changeownpassword = Allow and all other permissions not set and assign the role to selected users in the System context (Site administration -> Users -> Permissions -> Assign system roles).
==Why doesn't "Switch role to.." within a course seem to work properly?==


Choice (2) allows you to be selective, but if you have a lot of users that you want to prevent (say, all students), you will have to make a lot of role assignments in the System contextThere is currently no convenient way to do this, so you might consider choice (1).
This feature is intended for teachers so that they can see how their course appears for students. It isn't a reliable view however, as some features do not display correctly when viewed by a teacher who has switched their role to a student. Certain actions (specifically submitting assignments) are excluded from working with 'switch roles' (as the submitted work would not be visible on the grading pages, due to the user not having the 'submit' permission when they have not switched roles).For that reason it is always preferable where possible to have a "test" student log in to use.


Note that you MUST deal with this permission in the System context.
==How can I allow a non-editing teacher to "switch role to " a student?==


==How can I prevent a user from editing their own profile?==
# In ''Site administration > Users > Permissions > Define roles'', edit the non-editing teacher role and set the capability "moodle/role:switchroles" to "allow". This will then allow them to switch their role to a student or a guest (as defined on the ''Allow role switches'' screen.)


See [[Roles_FAQ#How can I prevent a user from changing their own password? | How can I prevent a user from changing their own password?]]  The answer to this question is the same if you substitute ''edit their own profile'' for ''change their own password'' and ''moodle/user:editownprofile'' for ''moodle/user:changeownpassword.''
==I accidentally deleted a default role. How do I get it back?==


==Are there any differences in Roles in Moodle 1.7 and 1.8?==
# Go to ''Site administration > Users > Permissions > Define roles'' and click the 'Add a new role' button
# Select the role e.g. Teacher to use
# Click continue
# Fill in the short name and custom full name
# Click the 'Create this role' button


In addition to many Roles fixes and refinements (see the list of [http://tracker.moodle.org/secure/IssueNavigator.jspa?mode=hide&requestId=10221 Roles improvements] in the Tracker), in Moodle 1.8 the ''system'' context is separated from the ''front page'' context. Roles may be assigned in the front page context via ''Administration > Front Page > Front Page roles''.
==Are there any example roles?==


A "Duplicate role" button has been added in Moodle 1.8, which makes creating new roles based on predefined roles much quicker.
Yes. See [[Creating_custom_roles#Example_custom_roles| the current list]].


==How do I change the name for "teacher" in the course description?==
==How do I enable logged-in users to participate in front page activities?==


Either
Either:
* Edit the role of Teacher via ''Administration > Users > Permissions > Define roles'' and rename it. The new name will apply site-wide.
Or
* Create a duplicate teacher role with an alternative name and assign users the duplicate teacher role as appropriate in the course context. In ''Administration > Appearance > Course manager'' select the alternative name for teacher that you wish to be displayed in the course description.
Or
* One more way to do it in 1.8 is to create new "dummy" roles (no capabilities) with those names and assign them to teachers along with the real roles. In the course manager settings you can choose which roles display on the front page under each course. (The feature request [http://tracker.moodle.org/browse/MDL-9182 Ability to assign or display custom title for role of person in course] contains this further method.)


{{Moodle 1.9}}From Moodle 1.9 onwards, names for different roles in a course may be changed in the [[Course settings|course settings]].
# Go to ''Administration > Site administration > Users > Permissions > Define roles'' and edit the 'Authenticated user on frontpage' role
# Allow capabilities for the front page activities
# Click the 'Save changes' button


==How do I enable teachers to set role overrides?==
Or:
 
#Access ''Administration > Users > Permissions > Define roles''.
#Edit the teacher role and change the capability [[Capabilities/moodle/role:override|moodle/role:override]] to allow.
#Click the button "Save changes".
#Click the tab "Allow role overrides" (in ''Administration > Users > Permissions > Define roles'').
#Check the appropriate box to allow a teacher to override the student role.
#Click the button "Save changes".
 
==How do I enable teachers to assign other teachers in a course?==


This is disabled by default but it can be switched on by modifying the teacher's role. In ''Administration > Users > Permissions > Define roles'' select the "Allow role assignments" tab and tick the checkbox where Teacher and Teacher intersect.
# Go to ''Administration > Site administration > Front Page > Front Page settings''
# Set the default front page role to student
# Click the 'Save changes' button


==Why doesn't "Switch role to.." within a course seem to work properly for a course creator?==
==How can I prevent students from editing their profile?==


This feature is intended for teachers so that they can see how their course appears for students. It doesn't work reliably outside the course.
If you only want students to be prevented from editing their profile, and not all users, you can create a new role, such as Restricted user as described in the [[Demo teacher role]], with moodle/user:editownprofile set to prevent, and assign it to all students in the system context.


Further information about this feature can be found in [[Switch roles]] and the paragraph on testing a new role in [[Manage roles]].
Alternatively, you could change moodle/user:editownprofile to not set for the [[Authenticated user role]], then create a new role for teachers with moodle/user:editownprofile set to allow.


==Are there any example roles?==
==Why can't I add teachers or students site wide in Moodle?==


Yes, as follows:
You can, however teachers and students typically work in one or more individual courses. It is unusual for a student to be studying every single course on your Moodle and unusual for a teacher to be teaching every single course. Therefore, the default Moodle does not use these as system wide roles.  The Manager role might be one that makes sense to assign on a system or category context.


*[[Inspector role|Inspector]] - for providing external inspectors with permission to view all courses (without being required to enrol)
To assign a teacher or student site-wide
*[[Parent role|Parent]] - for providing parents/mentors/tutors with permission to view certain information about their children/mentees/tutees
*[[Demo teacher role|Demo teacher]] - for providing a demonstration teacher account with a password which can't be changed
*[[Forum moderator role|Forum moderator]] - for providing a user with permission in a particular forum to edit or delete forum posts, split discussions and move discussions to other forums
*[[Calendar editor role|Calendar editor]] - for providing a user with permission to add site events to the calendar
*[[Blogger role|Blogger]] - for limiting blogging to specific users only
*[[Quiz user with unlimited time role|Quiz user with unlimited time]] - for allowing a user unlimited time to attempt a quiz which has a time limit set
*[[Question creator role|Question creator]] - for enabling students to create questions for use in quizzes


==Logged-in users can't read the site news. What can I do?==
# Go to ''Site administration > Users > Permissions > Define roles'' and edit the role to include the ''system'' context.  
#Then search for and allow the capability [[Capabilities/moodle/course:view|moodle/course:view]]
#Then assign users to this role via ''Administration>Site administration>Users>Permissions>Assign system roles''


Either:
It might be preferable to create a new role based on the teacher or student and assign this in the System context.  Then assign individuals to that role.
#Access ''Site Administration > Front Page > Front Page roles''
#Follow the "Override permissions" link
#Click on "Authenticated User"
#Scroll down to '''Forum'''
#Change the capability [[Capabilities/mod/forum:viewdiscussion|mod/forum:viewdiscussion]] to ''allow''
#Click the "Save changes" button at the bottom of the page


Or, in Moodle 1.9 onwards:
==Why isn't my custom role listed as an available role for assigning?==
#Access ''Site Administration > Front Page > Front Page settings''
#Set the default front page role to student.


==How do I enable logged-in users to participate in front page activities?==
When adding/editing a custom role, be sure to tick one or more context types where the role may be assigned.


Either:
[[File:context types where role may be assigned.png]]
#Access ''Site Administration > Front Page > Front Page roles''
#Follow the "Override roles" link
#Click on "Authenticated User"
#Change capabilities to ''allow'' for all required activities e.g. record a choice, reply to posts
#Click the "Save changes" button at the bottom of the page


Note that for this to work, you need to make the default role for all users "authenticated user". This is the default for new versions of Moodle. In older versions, the default setting is guest, so if you have recently upgraded, you may have to change this setting. You can change the setting via ''Site Administration > Permissions > User Policies''.
==How can I set a role back to default?==


Or:
# Go to ''Site administration > Users > Permissions > Define roles'' and click on the name of the role
#Access ''Site Administration > Front Page > Front Page roles''
# Click the Reset button
#Click on Student
# Select items for reset as desired
#Select all users in the potential users list, and use the left-facing arrow button to add them to the existing users list
# Click the continue button.


{{Moodle 1.9}}Or, in Moodle 1.9 onwards:
==Permissions don't seem to be working correctly. What can I do?==
#Access ''Site Administration > Front Page > Front Page settings''
#Set the default front page role to student.


==How do I copy a custom role from one Moodle site to another==
[[File:reviewing badge permissions.png|thumb|Reviewing role permissions]]It is recommended that permissions for each role are reviewed and set according to the role archetype.


There is no import and export facility for roles, but it can be achieved nearly as easily using backup and restore.
# Go to ''Administration > Site administration > Users > Permissions > Define roles'' and click the edit icon opposite a role
# Click the 'Show advanced' button to reveal the different permission settings
# Review permissions (filtering for particular permissions as appropriate) and, unless there is a good reason to do otherwise, change permissions so that all are set to the highlighted value
# Click the 'Save changes' button
# Repeat steps 1 to 4 for each role


# Create an empty course with all the default settings
==Is there a role that can be safely used for a government inspector/supervisor ?==
# Assign anybody to your custom role (or roles) within the course
The  [https://github.com/3-bits/moodle-role_sepe SEPE] role is used for a (Spanish) government supervisor who can access all Moodle courses without being able to change anything. It can be used in any other country/ language.
# Backup the course (all defaults are fine)
# Download the backup file
# Upload the backup file to the site files of the target Moodle
# Restore the course (all defaults are fine)
# Delete the course.


You will find that the custom roles have been recreated in the target site.
==What is the "none" role?==
It is possible to enrol users into a course so they appear as participants, but since they do not have a standard role such as student, they do not have any particular permissions. They cannot for example, engage in course activities. For discussion about the "none" role, see MDL-29599


==See also==
==Any further questions?==


*Using Moodle [http://moodle.org/mod/forum/view.php?id=6826 Roles and Capabilities forum]
Please visit the [http://moodle.org/mod/forum/view.php?id=6826 Roles and Capabilities forum] on moodle.org.


[[Category:FAQ]]
[[Category:FAQ]]
Line 182: Line 169:
[[fr:FAQ des rôles]]
[[fr:FAQ des rôles]]
[[ja:ロールFAQ]]
[[ja:ロールFAQ]]
[[ru:FAQ по ролям]]

Latest revision as of 16:40, 27 August 2018

What is the definition of a...

Capability
A configurable aspect of program behavior. Moodle has 100s of capabilities. Each capability has a computer friendly name like mod/forum:rate and a human-friendly name like "Rate posts."
Permission
Permissions are paired with each capability. There are four possible permission values: Allow, Prevent, Prohibit and Not set/Inherit. (It is called not-set when defining roles and inherit when overriding permissions.)
Role
A named set of permissions that are associated with each capability. For example. the "Teacher" and "Student" roles come with the standard Moodle install.
Context
A functional area of Moodle. Contexts have a hierarchy. Examples of contexts include a course, activity module, or resource.

Why isn't my role change taking effect?

Certain capabilities e.g. moodle/user:changeownpassword may only be applied in the system context, so giving such permissions by assigning a role in the course context will have no effect.

Why do some users I know are in my course not appear in Participants?

Users assigned roles in a higher context, for example users assigned the role of teacher in the course category are technically not enrolled in the course and so will not appear in the Participants link in the Navigation block but can be found via Course administration > Users > Other users.

How can I prevent a user from changing their own password?

Using roles

To prevent a user from changing their own password, you must make sure they do not have moodle/user:changeownpassword = Allow in the System context. The Authenticated user role (which is assigned to users in the System context) has moodle/user:changeownpassword = Allow by default, so you have two choices:

  1. Edit Authenticated user, setting moodle/user:changeownpassword = Not set
  2. Create a new role CannotChangeOwnPassword with moodle/user:changeownpassword = Prevent and all other permissions Not set. Choose "system" for the context type and assign the role to selected users in the System context via Administration>Site administration -> Users -> Permissions -> Assign system roles).

Choice (1) will prevent all users from changing their passwords (except for the administrator, who can do anything). To selectively allow selected users (say teachers) to change their passwords, you could create a new role CanChangeOwnPassword with moodle/user:changeownpassword = Allow and all other permissions not set and assign the role to selected users in the System context (Site administration -> Users -> Permissions -> Assign system roles).

Choice (2) allows you to be selective, but if you have a lot of users that you want to prevent (say, all students), you will have to make a lot of role assignments in the System context. There is currently no convenient way to do this, so you might consider choice (1).

Note that you MUST deal with this permission in the System context.

Alternative solution

Go to Site administration > Plugins > Manage authentication plugins. Find the 'forgottenpasswordurl' setting and point it to a static HTML page on your server (or even a Moodle Page resource on the front page). Explain your password policy on that page. This stops users changing passwords. This applies to ALL users, however, so admins will need to fix any lost passwords for the whole site.

How can I prevent a user from editing their own profile?

See How can I prevent a user from changing their own password? The answer to this question is the same if you substitute edit their own profile for change their own password and moodle/user:editownprofile for moodle/user:changeownpassword.

How can I allow a "test" Student user to see courses that are hidden?

Having a test user to try out courses before you open them to regular students is useful. But if the course is hidden, then the enroled test student will not be able to see it. The solution to this problem, if you do not wish to make the hidden course visible yet, is to create a Student tester rol, a clone of the default Student role and then set the ability to see hidden courses to Allow.

  • Create a new role in Site administration > Users > Permissions > Define roles > Add a new role, then for Use role or archtype choose ARCHETYPE: Student (or Student if you have customized the default Student role already)
  • Give the role a new shortname and fullname as appropriate, e.g. studenttester, Student Tester
  • Change the 'View hidden courses' course:viewhiddencourses capability from Not Set to Allow
  • Click the 'Create this role button'

Now enrol your test student in the course using this new role instead of the Student role, and they will be able to see and work in the course as a normal student even when the course is hidden. They will not be able to see other hidden courses in which they are not enroled.

How do I change the name for "teacher" in the course description?

Either

  • Edit the role of Teacher via Site administration > Users > Permissions > Define roles and rename it. The new name will apply site-wide.

Or

  • Create a duplicate teacher role with an alternative name and assign users the duplicate teacher role as appropriate in the course context. In Site administration > Appearance > Course contact select the alternative name for teacher that you wish to be displayed in the course description when courses are listed. For example, copy the standard teacher role and call it Instructor and only show that role as the course contact.

Or

  • Create a new "dummy" role (no capabilities) with those names and assign them to teachers along with the real roles. select the alternative name for teacher that you wish to be displayed in the course description when courses are listed. For example, copy the guest role, call it Lead Teacher and make this the course contact. You may have 5 teachers in the course but only one name will appear as Lead Teacher. If nobody is assigned the role Lead Teacher, no course contact will show.

Or

  • Names for different roles in a course may be changed in the Course administration > edit settings "Role renaming" fields. For example, some courses the teacher wants the title "Professor", or "Chief" or "Mentor".

Or

How do I enable teachers to set role overrides?

  1. Access Site administration > Users > Permissions > Define roles.
  2. Edit the teacher role and change the capability moodle/role:safeoverride to allow.
  3. Click the button "Save changes".
  4. Click the tab "Allow role overrides" (in Site administration > Users > Permissions > Define roles).
  5. Check the appropriate box(s) in the teacher row to set which role(s) teachers can override. Most likely it will just be the student role (you don't want teachers to be able to override admins!), so check the box where the teacher row intersects with the student column.
  6. Click the button "Save changes".

How do I enable teachers to assign other teachers in a course?

This is disabled by default but it can be switched on by modifying the teacher's role. In Site administration > Users > Permissions > Define roles select the "Allow role assignments" tab and tick the checkbox where Teacher and Teacher intersect.

Why doesn't "Switch role to.." within a course seem to work properly?

This feature is intended for teachers so that they can see how their course appears for students. It isn't a reliable view however, as some features do not display correctly when viewed by a teacher who has switched their role to a student. Certain actions (specifically submitting assignments) are excluded from working with 'switch roles' (as the submitted work would not be visible on the grading pages, due to the user not having the 'submit' permission when they have not switched roles).For that reason it is always preferable where possible to have a "test" student log in to use.

How can I allow a non-editing teacher to "switch role to " a student?

  1. In Site administration > Users > Permissions > Define roles, edit the non-editing teacher role and set the capability "moodle/role:switchroles" to "allow". This will then allow them to switch their role to a student or a guest (as defined on the Allow role switches screen.)

I accidentally deleted a default role. How do I get it back?

  1. Go to Site administration > Users > Permissions > Define roles and click the 'Add a new role' button
  2. Select the role e.g. Teacher to use
  3. Click continue
  4. Fill in the short name and custom full name
  5. Click the 'Create this role' button

Are there any example roles?

Yes. See the current list.

How do I enable logged-in users to participate in front page activities?

Either:

  1. Go to Administration > Site administration > Users > Permissions > Define roles and edit the 'Authenticated user on frontpage' role
  2. Allow capabilities for the front page activities
  3. Click the 'Save changes' button

Or:

  1. Go to Administration > Site administration > Front Page > Front Page settings
  2. Set the default front page role to student
  3. Click the 'Save changes' button

How can I prevent students from editing their profile?

If you only want students to be prevented from editing their profile, and not all users, you can create a new role, such as Restricted user as described in the Demo teacher role, with moodle/user:editownprofile set to prevent, and assign it to all students in the system context.

Alternatively, you could change moodle/user:editownprofile to not set for the Authenticated user role, then create a new role for teachers with moodle/user:editownprofile set to allow.

Why can't I add teachers or students site wide in Moodle?

You can, however teachers and students typically work in one or more individual courses. It is unusual for a student to be studying every single course on your Moodle and unusual for a teacher to be teaching every single course. Therefore, the default Moodle does not use these as system wide roles. The Manager role might be one that makes sense to assign on a system or category context.

To assign a teacher or student site-wide

  1. Go to Site administration > Users > Permissions > Define roles and edit the role to include the system context.
  2. Then search for and allow the capability moodle/course:view
  3. Then assign users to this role via Administration>Site administration>Users>Permissions>Assign system roles

It might be preferable to create a new role based on the teacher or student and assign this in the System context. Then assign individuals to that role.

Why isn't my custom role listed as an available role for assigning?

When adding/editing a custom role, be sure to tick one or more context types where the role may be assigned.

context types where role may be assigned.png

How can I set a role back to default?

  1. Go to Site administration > Users > Permissions > Define roles and click on the name of the role
  2. Click the Reset button
  3. Select items for reset as desired
  4. Click the continue button.

Permissions don't seem to be working correctly. What can I do?

Reviewing role permissions

It is recommended that permissions for each role are reviewed and set according to the role archetype.

  1. Go to Administration > Site administration > Users > Permissions > Define roles and click the edit icon opposite a role
  2. Click the 'Show advanced' button to reveal the different permission settings
  3. Review permissions (filtering for particular permissions as appropriate) and, unless there is a good reason to do otherwise, change permissions so that all are set to the highlighted value
  4. Click the 'Save changes' button
  5. Repeat steps 1 to 4 for each role

Is there a role that can be safely used for a government inspector/supervisor ?

The SEPE role is used for a (Spanish) government supervisor who can access all Moodle courses without being able to change anything. It can be used in any other country/ language.

What is the "none" role?

It is possible to enrol users into a course so they appear as participants, but since they do not have a standard role such as student, they do not have any particular permissions. They cannot for example, engage in course activities. For discussion about the "none" role, see MDL-29599

Any further questions?

Please visit the Roles and Capabilities forum on moodle.org.

Retrieved from "https://docs.moodle.org/35/en/index.php?title=Roles_FAQ&oldid=131769"
Powered by MediaWiki