Pasting in a new version of one of the FAQ to see if it is correct before adding to main page:

Can you give me some examples about permissions?

When you logged into the site you were given the system role of Authenticated User. You are also enrolled in a course and given the student role. Let's look at a single capability called X to see how permissions work.

In the example below we are just talking about the permissions for a single capability in the course role of a Student and the system role of Authenticated user for 1 user.

• If Student (at course level) is Prevent, and Student (at site level) is Allow then you are NOT allowed to do X
• If Student (at course level) is Prevent , and Authenticated user (at site level) is Allow, then you are NOT allowed to do X.
• If Student (at course level) is Allow, and Authenticated user (at site level) is Prevent, then you ARE allowed to do X.
• If Student (at course level) is Prohibit, and Authenticated user is Allow, then you are NOT allowed to do X.
• If Student (at course level) is Allow, and Authenticated user is Prohibit, then you are NOT allowed to do X.

--Mary Cooch

This is wrong. (It would have been right in 1.9.) My best effort to explain this is in the "Permission Aggregation" section of http://www.aosabook.org/en/moodle.html. You probably need to start reading at the "13.2. Moodle's Roles and Permissions System" heading.--Tim Hunt 23:04, 9 January 2013 (WST)

Thanks for the link -I am going to read it now --Mary Cooch 00:51, 10 January 2013 (WST)