Difference between revisions of "Roles and permissions"

Jump to: navigation, search
(permissions (moved from Manage roles)
(Italian link)
 
(47 intermediate revisions by 17 users not shown)
Line 1: Line 1:
{{Roles}}
+
{{Managing a Moodle site}}
{{Moodle 1.7}}Roles and capabilities in Moodle 1.7 onwards provides great flexibility in managing how users interact. Prior to Moodle 1.7, there were only six roles possible: guest, student, non-editing teacher, editing teacher, course creator, and administrator. Whilst these roles may still be used, it's now possible to create additional roles, and to change what a given role can do in a particular activity.
+
A role is a collection of permissions defined for the whole system that you can assign to specific users in specific contexts. The combination of roles and context define a specific user's ability to do something on any page.  The most common examples are the roles of student and teacher in the context of a course.  
  
==Definitions==
+
*[[Managing roles]]
;Role
+
*[[Assign roles]]
:An identifier of the user's status in some context, for example Teacher, Student and Forum moderator
+
*[[User policies]]
;Capability
+
*[[Using roles]]
:A description of a particular Moodle feature, for example [[Capabilities/moodle/blog:create|moodle/blog:create]]
+
*[[Standard roles]]
;Permission
+
*[[Creating custom roles]]
:A setting for a capability
+
*[[Role export and import]]
;Context
+
*[[Permissions]]
:A "space" in Moodle, such as courses, activity modules or blocks
+
*[[Override permissions]]
  
==Permissions==
+
==See also==
 
 
Permissions are settings for specific capabilities. There are four values:
 
 
 
;Not Set (formerly Inherit)
 
:This is the default value for all permissions when a new role is created. It means "use whatever setting the user already has". To determine what permission the user already has, Moodle searches upward through the nested contexts, looking for an explicit value (Allow, Prevent, Prohibit) for this capability.  For example, if a role is assigned to a user in a course context, and some capability has a value of 'Not set,' then the actual permission will be whatever the user has at the category level, or (failing to find an explicit permission at the category level) at the site level.  Note that the search terminates when an explicit permission is found.  If no explicit permission is found, then the value in the current context becomes Prevent.
 
  
;Allow
+
*[[Roles FAQ]]
:By choosing this you are granting permission for this capability to people who are assigned this role. This permission applies for the context that this role gets assigned plus all "lower" contexts. For example, if this role is a student role assigned to a course, then students will be able to "start new discussions" in all forums in that course, unless some forum contains an override or a new assignment with a Prevent or Prohibit value for this capability.
 
 
 
;Prevent
 
:By choosing this you are removing permission for this capability, even if the users with this role were allowed that permission in a higher context.
 
 
 
;Prohibit
 
:This is rarely needed, but occasionally you might want to completely deny permissions to a role in a way that can NOT be overridden at any lower context. An example of when you might need this is when an admin wants to prohibit one person from starting new discussions in any forum on the whole site. In this case they can create a role with that capability set to "Prohibit" and then assign it to that user in the site context.
 
 
 
==See also==
 
*[[Development:Roles]]
 
*[[:Category:Capabilities]]
 
*Using Moodle [http://moodle.org/mod/forum/view.php?id=6826 Roles and Capabilities forum]
 
*[[Upgrading to Moodle 1.7]]
 
*[[Upgrading to Moodle 1.8]]
 
  
 
[[Category:Roles]]
 
[[Category:Roles]]
  
[[es:Roles y capacidades]]
+
[[de:Rollen und Rechte]]
 +
[[es:Roles y permisos]]
 
[[eu:Rolak]]
 
[[eu:Rolak]]
[[fr:Rôles et capacités]]
+
[[fr:Rôles et permissions]]
[[ja:ロールおよびケイパビリティ]]
+
[[it:Ruoli e autorizzazioni]]
[[ru:Роли и возможности]]
+
[[ja:ロールおよびパーミッション]]

Latest revision as of 14:26, 5 December 2018

A role is a collection of permissions defined for the whole system that you can assign to specific users in specific contexts. The combination of roles and context define a specific user's ability to do something on any page. The most common examples are the roles of student and teacher in the context of a course.

See also