<?xml version="1.0"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
	<id>https://docs.moodle.org/dev/api.php?action=feedcontributions&amp;feedformat=atom&amp;user=Lazyfish</id>
	<title>MoodleDocs - User contributions [en]</title>
	<link rel="self" type="application/atom+xml" href="https://docs.moodle.org/dev/api.php?action=feedcontributions&amp;feedformat=atom&amp;user=Lazyfish"/>
	<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/Special:Contributions/Lazyfish"/>
	<updated>2026-07-14T19:58:48Z</updated>
	<subtitle>User contributions</subtitle>
	<generator>MediaWiki 1.43.5</generator>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Latest_release_notes&amp;diff=25245</id>
		<title>Latest release notes</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Latest_release_notes&amp;diff=25245"/>
		<updated>2007-10-03T09:00:49Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* Headline features */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;{{About Moodle}}&lt;br /&gt;
&lt;br /&gt;
==Moodle 1.9 Beta==&lt;br /&gt;
&lt;br /&gt;
Released: 14th August 2007&lt;br /&gt;
&lt;br /&gt;
This is a DEVELOPMENT RELEASE made available for wider testing by the community in preparation for a polished release of 1.9 in the coming weeks. It should not be used for production sites unless you are prepared to report the bugs you find in the [http://tracker.moodle.org Moodle Tracker], hopefully with your patches attached. :-)&lt;br /&gt;
&lt;br /&gt;
Here is [http://tracker.moodle.org/secure/ReleaseNote.jspa?projectId=10011&amp;amp;styleName=Html&amp;amp;version=10190 the full list of fixed issues in 1.9 so far].&lt;br /&gt;
&lt;br /&gt;
===Headline features===&lt;br /&gt;
&lt;br /&gt;
* [[Development:Grades|Gradebook]] - Moodle.com  (funded by Open University)&lt;br /&gt;
:: Completely rewritten from scratch for speed and flexibility. The new gradebook consists of plugins for reports, imports and exports. There are a number of standard reports which are useful for graders, students etc. The grader report allows you to treat the gradebook much more like a spreadsheet with manual editing, calculations, aggregations, weighting, locking, hiding, textual notes and so on.&lt;br /&gt;
* [[Development:Outcomes|Outcomes]] - Moodle.com&lt;br /&gt;
:: You can also now develop a list of expected outcomes (competencies) and connect these to courses and activities. You can even grade against multiple outcomes at once (ie Rubrics).&lt;br /&gt;
* [[Development:Events|Events API]] - Moodle.com&lt;br /&gt;
::The new Events API provides a way for any code to &amp;quot;hook&amp;quot; into events in a clean, loosely coupled way.  It&#039;s the foundation of the new gradebook. A lot of events in Moodle (such as adding a user or a course) now trigger events that developers can hook into.&lt;br /&gt;
* [[Tags]] - Luiz Cruz ([[Student_projects/Social_Networking_features|GSOC Social Networking project]])&lt;br /&gt;
:: Allows users to describe their own interests in terms of tags, which creates interest pages around those tags, bringing information together from a variety of sources.&lt;br /&gt;
* [[Question_Engine_Changes_in_Moodle_1.9|Improved question bank]] - Jamie Pratt funded by [http://www.fun.ac.jp/en/ Future University Hakodate].&lt;br /&gt;
::Allows questions to be shared by the whole site, a course category, a singe course, or be kept private to a single module. More control over who can do what to each question. Improved file management for files linked to by questions.&lt;br /&gt;
* [[Notes]] - Andrei Bautu ([[Student projects/User Management Improvements|GSOC User Management Improvements project]])&lt;br /&gt;
:: Detailed notes can be kept about individual users (for example teachers might want to keep and share notes about students in their class).&lt;br /&gt;
* [[Bulk user actions]] - Andrei Bautu ([[Student projects/User Management Improvements|GSOC User Management Improvements project]])&lt;br /&gt;
::Administrators can perform bulk user actions, such as the mass deletion of user accounts. Extended features in the bulk user upload script to allow generation of user fields based on templates. &lt;br /&gt;
* New Custom Corners theme - Urs Hunkler&lt;br /&gt;
:: Beautiful and curvy (in all browsers).&lt;br /&gt;
&lt;br /&gt;
===Other major improvements===&lt;br /&gt;
&lt;br /&gt;
* Groups and Groupings&lt;br /&gt;
:: New support for groupings (groups of groups) which was added briefly and then removed from 1.8.x.&lt;br /&gt;
* New theme settings&lt;br /&gt;
** Category themes - can now set the theme for a category which will apply to all sub-categories and courses&lt;br /&gt;
** Theme order - new setting &#039;&#039;$CFG-&amp;gt;themeorder&#039;&#039; which sets the priority of the themes from highest to lowest.&lt;br /&gt;
&lt;br /&gt;
===Module improvements===&lt;br /&gt;
&lt;br /&gt;
* Quiz/Question improvements:&lt;br /&gt;
** Improved question bank, as above.&lt;br /&gt;
** Quizzes now listed on the MyMoodle page. (Implemented by Stephen Bourget and Tim Hunt.)&lt;br /&gt;
** A quiz can now [[Quiz submission email notification|send emails when an attempt is finished]] - a confirmation to the student, a notification to all teachers, or both. (Implemented by Graham Miller of [http://www.webenhanced.com.au/ Web Enhanced Solutions] and Tim Hunt.)&lt;br /&gt;
** Third party question types can now implement Moodle XML and other import and export format. (Implemented by Howard Miller.)&lt;br /&gt;
** Gift Import/Export format can now handle Essay and Description question types.&lt;br /&gt;
** Some slight improvements to quiz layout. See [http://tracker.moodle.org/browse/MDL-10374 MDL-10374] for details. Theme designers please note.&lt;br /&gt;
** Multiple choice questions now show the feedback for all the options to students on the review page after the attempt is over.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;Developers please add news here!&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Notes===&lt;br /&gt;
&lt;br /&gt;
* In the new accesslib there is a subtle difference in how we resolve conflicts between &#039;allow&#039; and &#039;prevent&#039; capabilities. See [[Development:Roles#Capability-locality_changes_in_v1.9|Capability-locality changes in 1.9]].&lt;br /&gt;
&lt;br /&gt;
==Moodle 1.8.2==&lt;br /&gt;
&lt;br /&gt;
Released: 8th July 2007&lt;br /&gt;
&lt;br /&gt;
Here is [http://tracker.moodle.org/secure/ReleaseNote.jspa?version=10220&amp;amp;styleName=Html&amp;amp;projectId=10011 the full list of fixed issues in 1.8.2].&lt;br /&gt;
&lt;br /&gt;
===Highlights===&lt;br /&gt;
* Two XSS security vulnerabilities (one reported in the wild) were fixed.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Moodle 1.8.1==&lt;br /&gt;
&lt;br /&gt;
Released: 14th June 2007&lt;br /&gt;
&lt;br /&gt;
Here is [http://tracker.moodle.org/secure/ReleaseNote.jspa?version=10213&amp;amp;styleName=Html&amp;amp;projectId=10011 the full list of fixed issues in 1.8.1].&lt;br /&gt;
&lt;br /&gt;
===Highlights===&lt;br /&gt;
* The groups implementation has been cleaned up somewhat from the 1.8 release.  The &#039;&#039;&#039;groupings&#039;&#039;&#039; GUI that appeared in 1.8 has been removed, because groupings are not complete and should not be used yet.  Moodle 1.8 sites that have created groupings should upgrade to 1.8.1 to have groupings reset ... otherwise there could be problem when upgrading to the real groupings in 1.9 or later.&lt;br /&gt;
&lt;br /&gt;
==Moodle 1.8==&lt;br /&gt;
&lt;br /&gt;
Released: 31st March 2007&lt;br /&gt;
&lt;br /&gt;
Here is [http://tracker.moodle.org/secure/ReleaseNote.jspa?projectId=10011&amp;amp;styleName=Html&amp;amp;version=10130 the full list of fixed issues in 1.8].&lt;br /&gt;
&lt;br /&gt;
===Headline features===&lt;br /&gt;
&lt;br /&gt;
* [[Accessibility]] - Moodle.com &lt;br /&gt;
:: The Moodle interface is now compliant with XHTML Strict 1.0 and major accessibility standards.&lt;br /&gt;
* [[Moodle Network]] - Catalyst, Richard Wyles&lt;br /&gt;
:: We can now set up peer Moodle installations allowing users to roam from one site to another, using comprehensive SSO and transparent remote enrolments.  Administrators at the originating Moodle install can see logs of remote activity. You can also run your Moodle in &amp;quot;Hub&amp;quot; mode where any Moodle install can connect and users roam across.&lt;br /&gt;
* [[Web Services API]] - Catalyst, Richard Wyles&lt;br /&gt;
:: The Moodle Network code includes an XML-RPC call dispatcher that can expose the WHOLE Moodle API to trusted hosts.  We will building on this in further versions but you can start using it now if you need to.&lt;br /&gt;
* [[Development:lib/formslib.php|Moodle forms library]] - Moodle.com &lt;br /&gt;
:: Majority of forms now use a single API for defining forms consistently and collecting data safely without using any HTML at all.&lt;br /&gt;
* [[Multi Authentication]] - Iñaki Arenaza / Catalyst / Moodle.com&lt;br /&gt;
:: It is now easier to configure multiple sources of authentication at once.  WARNING: the format for authentication plugins has changed, so custom plugins may be broken, however it&#039;s very easy to convert old code to the new format. More details can be found in /auth/README.txt.&lt;br /&gt;
* [[Development:Customisable user profiles|Customisable User Profiles]] - Pukunui Technology&lt;br /&gt;
::Allow new arbitrary fields to be added to the user profile, with more control over what fields appear on what signup and profile editing screens.&lt;br /&gt;
* Groups refactor - OU / Moodle.com&lt;br /&gt;
::Groups code has been reorganised to make it more flexible for the future (see 1.9).  &lt;br /&gt;
* [http://tracker.moodle.org/secure/IssueNavigator.jspa?mode=hide&amp;amp;requestId=10221 Roles improvements] - Moodle.com&lt;br /&gt;
:: In addition to many Roles fixes and refinements, Moodle 1.8 has separated the SYSTEM context from the SITE context (which makes it more like 1.6 used to work).  The SITE context is the &amp;quot;front page course&amp;quot; and its activities.  This should make it easier for admins to set up permissions. Login as and switching of roles was rewritten. Administrators can view recommended permission settings of legacy roles and may reset legacy roles to defaults.&lt;br /&gt;
* [http://tracker.moodle.org/browse/MDL-7993 Support for ODS export] - Moodle.com&lt;br /&gt;
::Open Document Format should solve majority of current problems with exports into proprietary Excel format. You may need to install special import plugin if you are using MS Office.&lt;br /&gt;
&lt;br /&gt;
===Known problems===&lt;br /&gt;
* CAS auth not working&lt;br /&gt;
&lt;br /&gt;
===Module improvements===&lt;br /&gt;
* [[Authorize.net Payment Gateway]] enrolment plugin &lt;br /&gt;
:: Payment managers can obtain an authorization code over phone from customer&#039;s bank if the credit card of the user cannot be captured on the internet directly.&lt;br /&gt;
&lt;br /&gt;
&#039;&#039;Developers please add news here!&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===See also===&lt;br /&gt;
*[[Upgrading to Moodle 1.8]]&lt;br /&gt;
&lt;br /&gt;
==Moodle 1.7.2==&lt;br /&gt;
&lt;br /&gt;
30th March, 2007&lt;br /&gt;
&lt;br /&gt;
[http://tracker.moodle.org/secure/ReleaseNote.jspa?projectId=10011&amp;amp;styleName=Html&amp;amp;version=10174 This page shows issues resolved in this version]&lt;br /&gt;
&lt;br /&gt;
===Security===&lt;br /&gt;
&lt;br /&gt;
* Unintended logouts are now prevented - sesskey added to logout.php script&lt;br /&gt;
* Fixed problem with visible posts in user profile when &amp;quot;forceloginforprofiles&amp;quot; disabled&lt;br /&gt;
* Fixed visibility of site blog entries&lt;br /&gt;
* Corrected wrong includes in lams&lt;br /&gt;
* XSS injection in SCORM 1.2 reports&lt;br /&gt;
* Fixed old problem with approvals in Data module, edited entries were approved automatically&lt;br /&gt;
* Fixed escaping in shell commands (Win32 platform only)&lt;br /&gt;
* Fixed visibility of blog drafts&lt;br /&gt;
* Rewritten parameter handling in repository plugin&lt;br /&gt;
* Fixed XSS in login block&lt;br /&gt;
&lt;br /&gt;
==Moodle 1.7.1==&lt;br /&gt;
&lt;br /&gt;
17th January, 2007&lt;br /&gt;
&lt;br /&gt;
[http://tracker.moodle.org/secure/ReleaseNote.jspa?projectId=10011&amp;amp;styleName=Html&amp;amp;version=10151 This page shows details about issues resolved in this version]&lt;br /&gt;
&lt;br /&gt;
==Moodle 1.7==&lt;br /&gt;
&lt;br /&gt;
7th November, 2006&lt;br /&gt;
&lt;br /&gt;
[http://tracker.moodle.org/secure/ReleaseNote.jspa?version=10120&amp;amp;styleName=Html&amp;amp;projectId=10011&amp;amp;Create=Create This page shows details about issues resolved in this version]	 &lt;br /&gt;
 &lt;br /&gt;
===Headline features===	 &lt;br /&gt;
 &lt;br /&gt;
* [[Roles]]	 &lt;br /&gt;
:: Permissions based on fine-grained capabilities allow all kinds of roles to be created and assigned in all contexts around Moodle. This creates a great deal more flexibility in the permissions that you can grant to people.	 &lt;br /&gt;
* [[Development:XMLDB Documentation|XML Database Schema]]	 &lt;br /&gt;
:: added support for MS-SQL and Oracle with more databases to come. Developers now have just one XML file to edit when changing the database structure, and there is even a very funky editor for this file built-in to Moodle	 &lt;br /&gt;
* New Admin interface	 &lt;br /&gt;
:: Completely new admin interface, with accessible design and cool features to make access to settings fast and easy.	 &lt;br /&gt;
* [[Unit tests|Unit testing framework]]	 &lt;br /&gt;
:: Making it easier for developers to write test code, which should ultimately lead to a more reliable Moodle.	 &lt;br /&gt;
* [[AJAX]] Course editing (STILL UNSTABLE IN 1.7 RELEASE AND OFF BY DEFAULT, USE WITH CAUTION!)	 &lt;br /&gt;
:: The Topics and Weekly course formats now feature AJAX editing which means you can drag drop blocks, activities and sections (weeks/topics) and it all happens instantly. No more page reloading!&lt;br /&gt;
&lt;br /&gt;
===Module improvements===	 &lt;br /&gt;
 &lt;br /&gt;
* Improvements to the [[Assignment module]]	 &lt;br /&gt;
**New type Advanced uploading of files	 &lt;br /&gt;
 &lt;br /&gt;
* Improvements to the [[Database module]]	 &lt;br /&gt;
**Template/Field settings can now be saved as Presets and shared across a site.	 &lt;br /&gt;
**Presets are just zip files, and can also be shared between sites.	 &lt;br /&gt;
**Moodle 1.7 comes with one sample preset (an Image Gallery) with more to come.	 &lt;br /&gt;
**New latitude/longitude data type	 &lt;br /&gt;
 &lt;br /&gt;
* Improvements to the [[Lesson module]]	 &lt;br /&gt;
**Now has a more unified view of lesson screens.	 &lt;br /&gt;
**Teacher editing:	 &lt;br /&gt;
***Collapsed view has a nicer format, displays more information regarding each page and allows the creation of new pages.	 &lt;br /&gt;
***Editing is now speedier by replacing 3 second redirect delays with a notification system.	 &lt;br /&gt;
**New feature: display default feedback.	 &lt;br /&gt;
***Default is &#039;&#039;&#039;On&#039;&#039;&#039; so previous lessons behave as before.	 &lt;br /&gt;
***Description: if no &#039;&#039;response&#039;&#039; is entered for a question answer and this setting is turned &#039;&#039;&#039;Off&#039;&#039;&#039;, then the user skips the feedback page.	 &lt;br /&gt;
**Graceful degrade of JavaScript.	 &lt;br /&gt;
**Several bug fixes.	 &lt;br /&gt;
 &lt;br /&gt;
* Improvements to the [[Quiz module]]	 &lt;br /&gt;
:* The teacher can configure comments that are displayed to the student at the end of their attempt, with the comment displayed depending on the student&#039;s score.	 &lt;br /&gt;
 &lt;br /&gt;
* Improvements to some core question types	 &lt;br /&gt;
:* All question types can now have some general feedback. This is displayed to all students after they have finished the question (depending on the quiz settings) and does not depend on what response the student gave. Use this to tell the student what the question was about, or link them to more information about the topic it covers.	 &lt;br /&gt;
:* [[Matching question type|Matching]] questions can have extra wrong answers, and work when two questions have the same answer.	 &lt;br /&gt;
:* [[Multiple Choice question type|Multiple Choice]] questions can have feedback for the whole question, as well as specific answers. This is particularly useful for multiple-response questions.	 &lt;br /&gt;
:* [[Numerical question type|Numerical]] questions can have different answers with different precisions and scores. (Previously this was only supported via GIFT import. Now you can edit questions like this.)	 &lt;br /&gt;
 &lt;br /&gt;
* Improvements to the [[Wiki module]]	 &lt;br /&gt;
:* While editing a wiki page it is now locked so that others cannot try to change it at the same time. Teachers can override the lock.	 &lt;br /&gt;
:* Minor bugfixes (mostly to fix problems that occured when using Postgres database).	 &lt;br /&gt;
 &lt;br /&gt;
===Enrolment plugin improvements===	 &lt;br /&gt;
 &lt;br /&gt;
* [[Authorize.net Payment Gateway]] enrolment plugin 	 &lt;br /&gt;
:*Accepts &#039;Electronic Checks (ACH)&#039;. After a user approving echeck, an admin who has upload csv capacity must import a CSV file to get the user enrolled in the Payment Management page.	 &lt;br /&gt;
:*Autoconfigures credit card and echeck types if the merchant does not accept some types of them.&lt;br /&gt;
&lt;br /&gt;
== See also ==&lt;br /&gt;
*[[Old releases|Old release notes]]&lt;br /&gt;
&lt;br /&gt;
[[es:Notas de versiones]]&lt;br /&gt;
[[fr:Notes de mise à jour]]&lt;br /&gt;
[[pt:Versões do Moodle]]&lt;br /&gt;
[[ru:Примечания к версиям]]&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Grades&amp;diff=4577</id>
		<title>Grades</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Grades&amp;diff=4577"/>
		<updated>2007-08-17T06:02:27Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* Default participant interface */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;[http://moodle.org/mod/forum/discuss.php?d=69223 There is an ongoing discussion about this spec here]&lt;br /&gt;
&lt;br /&gt;
== Executive Summary ==&lt;br /&gt;
&lt;br /&gt;
The gradebook mechanisms must be rebuilt to:&lt;br /&gt;
&lt;br /&gt;
# &#039;&#039;&#039;Improve performance and scalability&#039;&#039;&#039; - All grades from throughout the system will be pushed to a central system of tables. This means reports based on grades can be generated much faster, and the gradebook has ultimate control over the content.&lt;br /&gt;
# &#039;&#039;&#039;Improve flexibility&#039;&#039;&#039; - All aspects of the new gradebook will use simple plugin structures, namely: exports, imports and displays/reports. It is expected that the community will be very active in producing [[Gradebook Report Tutorial |special-purpose reports]] analysing the basic grade data in new ways, for example, or writing plugins to transfer grades to student information systems.&lt;br /&gt;
# &#039;&#039;&#039;Allow rubrics for outcomes (aka standards,competencies,goals)&#039;&#039;&#039; - As well as numerical grades, each grading item can consist of a number of scores made on a rubric against a standard outcome statement. These can be automatically converted to a numerical grade if desired or just shown as is.&lt;br /&gt;
# &#039;&#039;&#039;Implement an event-oriented architecture&#039;&#039;&#039; - Such an architecture allows all parts of Moodle to interact with the gradebook, but particularly gradebook plugins can react instantly to grading events throughout the system.&lt;br /&gt;
# &#039;&#039;&#039;Allow arbitrary columns and derived columns&#039;&#039;&#039; - Arbitrary columns of data can be added (either manually or via import). Columns can also be automatically filled based on formulas.&lt;br /&gt;
&lt;br /&gt;
== Glossary ==&lt;br /&gt;
&lt;br /&gt;
Here are some terms used in the gradebook, both in the development and the user interface.  Using these terms in discussions about the gradebook will help to reduce confusion.&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Term&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Definition&#039;&#039;&#039;&lt;br /&gt;
|-&lt;br /&gt;
|Activity&lt;br /&gt;
|An instance of an activity module [[Category:Modules|Module]] (e.g. a single quiz, assignment etc...)&lt;br /&gt;
|-&lt;br /&gt;
|Calculation&lt;br /&gt;
|A formula used to calculate grades, based (optionally) on other grade items. Not the same as [[Calculated_question_type|Calculated question types]].&lt;br /&gt;
|-&lt;br /&gt;
|Category&lt;br /&gt;
|A set of Grade Items.  A Category also has its own aggregated Grade which is calculated from its Grade Items.  There is no limit to the level of nesting of Categories (a Category may belong to another Category). However, each Grade Item may belong to only one Category. &lt;br /&gt;
|-&lt;br /&gt;
|Course completion&lt;br /&gt;
|The concept of meeting certain criteria for completing a course. In the context of the gradebook, this means a set of grades that must be reached, or a number of outcomes/competencies to complete/master.&lt;br /&gt;
|-&lt;br /&gt;
|[[Events|Event]]&lt;br /&gt;
|Events are a new feature of Moodle 1.9, of which the [[Grades#Overview_of_module_communication|Gradebook will take full advantage]]. Modules that have grades to publish will define Events for which the Gradebook will listen. When an Event matches an Event Handler set up in the Gradebook, an Event Reaction will be triggered, performing any steps required (such as aggregating multiple grades, storing the grades etc...). Modules can also have their Event Handlers set up to respond to Events sent by the Gradebook (such as updating their internal grades).&lt;br /&gt;
|-&lt;br /&gt;
|Grade&lt;br /&gt;
|A Grade is a single assessment. It may be a number or an item on a scale (possibly tied to an Outcome).&lt;br /&gt;
|-&lt;br /&gt;
|[[Gradebook|Gradebook]]&lt;br /&gt;
|A central location in Moodle where students&#039; Grades are stored and displayed. Teachers can keep track of their students&#039; progress and organise which set of Grades their students will be able to see. Students see their own Grades.&lt;br /&gt;
|-&lt;br /&gt;
|Grade Item&lt;br /&gt;
|A &amp;quot;column&amp;quot; of Grades.  It can be created from a specific Activity or other module, calculated from other Grade Items, or entered manually.&lt;br /&gt;
|-&lt;br /&gt;
|[[Grades#Locked_grades|Grade Locks]]&lt;br /&gt;
|See linked section of this page&lt;br /&gt;
|-&lt;br /&gt;
|History&lt;br /&gt;
|The gradebook has its own type of log, which keeps a History of all changes made to grades.&lt;br /&gt;
|-&lt;br /&gt;
|[[Outcomes|Outcome]]&lt;br /&gt;
|[[Outcomes|Outcomes]] are specific descriptions of what a person is expected to be able to do or understand at the completion of an activity or course. An activity might have more than one outcome, and each may have a grade against it (usually on a scale).  Other terms for Outcomes are &#039;&#039;Competencies&#039;&#039; and &#039;&#039;Goals&#039;&#039;. See some [[Outcomes_examples|Examples]].&lt;br /&gt;
|-&lt;br /&gt;
|[[Scales|Scale]]&lt;br /&gt;
|A scale is a set of responses from which the teacher can choose one.   eg   A,B,C,D,E,F&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
== Database structures ==&lt;br /&gt;
=== grade_items ===&lt;br /&gt;
&lt;br /&gt;
This table keeps information about gradeable items (ie columns). If an activity (eg an assignment or quiz) has multiple grade_items associated with it (eg several outcomes or numerical grades), then there will be a corresponding multiple number of rows in this table.&lt;br /&gt;
&lt;br /&gt;
idnumber is a unique tag identifying the grade_item, useful for identifying data in exports and for referring to the grade_item in calculations.  Usually it will be the same as the idnumber in course_modules but if one is not specified then it&#039;s automatically set as itemmodule.iteminstance-itemnumber (eg forum3).&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Default&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039; &lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;id&#039;&#039;&#039; &lt;br /&gt;
|int(10)  &lt;br /&gt;
|&lt;br /&gt;
 &lt;br /&gt;
|autoincrementing &lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;courseid&#039;&#039;&#039; &lt;br /&gt;
|int(10)  &lt;br /&gt;
|&lt;br /&gt;
 &lt;br /&gt;
|The course this item is part of &lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;categoryid&#039;&#039;&#039; &lt;br /&gt;
|int(10)  &lt;br /&gt;
|&amp;lt;center&amp;gt;NULL&amp;lt;/center&amp;gt; &lt;br /&gt;
|(optional) the category group this item belongs to &lt;br /&gt;
|-&lt;br /&gt;
|itemname &lt;br /&gt;
|varchar(255) &lt;br /&gt;
|&amp;lt;center&amp;gt;NULL&amp;lt;/center&amp;gt; &lt;br /&gt;
 &lt;br /&gt;
|The name of this item (pushed in by the module) &lt;br /&gt;
|-&lt;br /&gt;
|itemtype &lt;br /&gt;
|varchar(30) &lt;br /&gt;
|&lt;br /&gt;
 &lt;br /&gt;
|&#039;mod&#039;, &#039;blocks&#039;, &#039;import&#039;, &#039;calculated&#039;, &#039;category&#039; etc &lt;br /&gt;
|-&lt;br /&gt;
|itemmodule  &lt;br /&gt;
|varchar(30)  &lt;br /&gt;
|&amp;lt;center&amp;gt;NULL&amp;lt;/center&amp;gt; &lt;br /&gt;
 &lt;br /&gt;
|&#039;forum&#039;, &#039;quiz&#039;, &#039;csv&#039;, etc &lt;br /&gt;
|-&lt;br /&gt;
|iteminstance &lt;br /&gt;
|int(10) &lt;br /&gt;
|&amp;lt;center&amp;gt;NULL&amp;lt;/center&amp;gt; &lt;br /&gt;
 &lt;br /&gt;
|id of the item module &lt;br /&gt;
|-&lt;br /&gt;
|itemnumber &lt;br /&gt;
|int(10) &lt;br /&gt;
|&amp;lt;center&amp;gt;NULL&amp;lt;/center&amp;gt; &lt;br /&gt;
|Can be used to distinguish multiple grades for an activity &lt;br /&gt;
|-&lt;br /&gt;
|iteminfo &lt;br /&gt;
|text &lt;br /&gt;
|&amp;lt;center&amp;gt;NULL&amp;lt;/center&amp;gt; &lt;br /&gt;
 &lt;br /&gt;
|Info and notes about this item XXX &lt;br /&gt;
|-&lt;br /&gt;
|idnumber &lt;br /&gt;
|varchar(255) &lt;br /&gt;
|&amp;lt;center&amp;gt;NULL&amp;lt;/center&amp;gt; &lt;br /&gt;
|Arbitrary idnumber provided by the module responsible  (must be defined and unique)&lt;br /&gt;
|-&lt;br /&gt;
|calculation &lt;br /&gt;
|text&lt;br /&gt;
|&amp;lt;center&amp;gt;NULL&amp;lt;/center&amp;gt; &lt;br /&gt;
|Spreadsheet-type formula used to process the raw grades into final grades&lt;br /&gt;
|-&lt;br /&gt;
|gradetype &lt;br /&gt;
|int(4) &lt;br /&gt;
|&amp;lt;center&amp;gt;1&amp;lt;/center&amp;gt; &lt;br /&gt;
|0 = none, 1 = value, 2 = scale, 3 = text &lt;br /&gt;
|-&lt;br /&gt;
|grademax &lt;br /&gt;
|float(10,5) &lt;br /&gt;
|&amp;lt;center&amp;gt;100&amp;lt;/center&amp;gt; &lt;br /&gt;
|What is the maximum allowable grade? &lt;br /&gt;
|-&lt;br /&gt;
|grademin &lt;br /&gt;
|float(10,5) &lt;br /&gt;
|&amp;lt;center&amp;gt;0&amp;lt;/center&amp;gt; &lt;br /&gt;
|What is the minimum allowable grade? &lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;scaleid&#039;&#039;&#039; &lt;br /&gt;
|int(10) &lt;br /&gt;
|&amp;lt;center&amp;gt;NULL&amp;lt;/center&amp;gt; &lt;br /&gt;
|If this grade is based on a scale, which one is it? &lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;outcomeid&#039;&#039;&#039; &lt;br /&gt;
|int(10) &lt;br /&gt;
|&amp;lt;center&amp;gt;NULL&amp;lt;/center&amp;gt; &lt;br /&gt;
|If this grade is related to an outcome, which one is it? &lt;br /&gt;
|-&lt;br /&gt;
|gradepass&lt;br /&gt;
|float(10,5) &lt;br /&gt;
|&amp;lt;center&amp;gt;0&amp;lt;/center&amp;gt; &lt;br /&gt;
|What grade is needed to pass?  grademin &amp;lt;= gradepass &amp;lt;= grademax&lt;br /&gt;
|-&lt;br /&gt;
|multfactor &lt;br /&gt;
|float(10,5) &lt;br /&gt;
|&amp;lt;center&amp;gt;1.0&amp;lt;/center&amp;gt; &lt;br /&gt;
|Multiply all grades by this &lt;br /&gt;
|-&lt;br /&gt;
|plusfactor  &lt;br /&gt;
|float(10,5) &lt;br /&gt;
|&amp;lt;center&amp;gt;0.0&amp;lt;/center&amp;gt; &lt;br /&gt;
|Add this to all grades &lt;br /&gt;
|-&lt;br /&gt;
|aggregationcoef  &lt;br /&gt;
|float(10,5) &lt;br /&gt;
|&amp;lt;center&amp;gt;0.0&amp;lt;/center&amp;gt; &lt;br /&gt;
|Weight applied to all grades in this grade item during aggregation with other grade items.&lt;br /&gt;
|-&lt;br /&gt;
|sortorder &lt;br /&gt;
|int(10)  &lt;br /&gt;
|&amp;lt;center&amp;gt;0&amp;lt;/center&amp;gt; &lt;br /&gt;
|Sorting order of the columns &lt;br /&gt;
|-&lt;br /&gt;
|hidden &lt;br /&gt;
|int(10) &lt;br /&gt;
|&amp;lt;center&amp;gt;0&amp;lt;/center&amp;gt; &lt;br /&gt;
|1 is hidden, 1 is hide always, &amp;gt; 1 is a date to hide until (prevents viewing of all user grades) &lt;br /&gt;
|-&lt;br /&gt;
|locked &lt;br /&gt;
|int(10) &lt;br /&gt;
|&amp;lt;center&amp;gt;0&amp;lt;/center&amp;gt; &lt;br /&gt;
|0 is not locked, &amp;gt; 0 is a date when was item locked (no final grade or grade_item updates possible)&lt;br /&gt;
|-&lt;br /&gt;
|locktime &lt;br /&gt;
|int(10) &lt;br /&gt;
|&amp;lt;center&amp;gt;0&amp;lt;/center&amp;gt; &lt;br /&gt;
|0 no auto locking, &amp;gt; 0 is a date to lock grade item and final grades after automatically &lt;br /&gt;
|-&lt;br /&gt;
|deleted &lt;br /&gt;
|int(10) &lt;br /&gt;
|&amp;lt;center&amp;gt;0&amp;lt;/center&amp;gt; &lt;br /&gt;
|1 means the associated module instance has been deleted&lt;br /&gt;
|-&lt;br /&gt;
|needsupdate &lt;br /&gt;
|int(10) &lt;br /&gt;
|&amp;lt;center&amp;gt;0&amp;lt;/center&amp;gt; &lt;br /&gt;
|If this flag is set, then the whole column will be recalculated  &lt;br /&gt;
&lt;br /&gt;
|-&lt;br /&gt;
|timecreated &lt;br /&gt;
|int(10)&lt;br /&gt;
|&lt;br /&gt;
|The first time this grade_item was created&lt;br /&gt;
&lt;br /&gt;
|-&lt;br /&gt;
|timemodified &lt;br /&gt;
|int(10)&lt;br /&gt;
|&lt;br /&gt;
|The last time this grade_item was modified&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
=== grade_categories ===&lt;br /&gt;
&lt;br /&gt;
This table keeps information about categories, used for grouping items.  An associated grade_item will be maintained for each category to store the aggregate data.&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Default&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039; &lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;id&#039;&#039;&#039; &lt;br /&gt;
|int(10)  &lt;br /&gt;
|&lt;br /&gt;
|autoincrementing &lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;courseid&#039;&#039;&#039; &lt;br /&gt;
|int(10)  &lt;br /&gt;
|&lt;br /&gt;
|The course this grade category is part of &lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;parent&#039;&#039;&#039; &lt;br /&gt;
|int(10) &lt;br /&gt;
|&amp;lt;center&amp;gt;NULL&amp;lt;/center&amp;gt; &lt;br /&gt;
|Parent grade_category (hierarchical)&lt;br /&gt;
|-&lt;br /&gt;
|depth&lt;br /&gt;
|int(10) &lt;br /&gt;
|&amp;lt;center&amp;gt;0&amp;lt;/center&amp;gt; &lt;br /&gt;
|How deep is this category from the highest level (0,1,2)?  Used for table display purposes.&lt;br /&gt;
|-&lt;br /&gt;
|path&lt;br /&gt;
|varchar(255) &lt;br /&gt;
| &lt;br /&gt;
|Shows the path as /1/2/3 (like course_categories) &lt;br /&gt;
|-&lt;br /&gt;
|fullname &lt;br /&gt;
|varchar(255) &lt;br /&gt;
|&lt;br /&gt;
|The name of this grade category &lt;br /&gt;
|-&lt;br /&gt;
|aggregation &lt;br /&gt;
|int(10) &lt;br /&gt;
|&amp;lt;center&amp;gt;0&amp;lt;/center&amp;gt; &lt;br /&gt;
|A constant pointing to one of the predefined aggregation strategies (none, mean,median,sum, etc) &lt;br /&gt;
|-&lt;br /&gt;
|keephigh &lt;br /&gt;
|int(10) &lt;br /&gt;
|&amp;lt;center&amp;gt;0&amp;lt;/center&amp;gt; &lt;br /&gt;
|Keep only the X highest items &lt;br /&gt;
|-&lt;br /&gt;
|droplow &lt;br /&gt;
|int(10) &lt;br /&gt;
|&amp;lt;center&amp;gt;0&amp;lt;/center&amp;gt; &lt;br /&gt;
|Drop the X lowest items &lt;br /&gt;
|-&lt;br /&gt;
|timecreated&lt;br /&gt;
|int(10) &lt;br /&gt;
|&lt;br /&gt;
|The first time this grade_category was created&lt;br /&gt;
|-&lt;br /&gt;
|timemodified &lt;br /&gt;
|int(10) &lt;br /&gt;
|&lt;br /&gt;
|The last time this grade_category was modified&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
=== grade_grades ===&lt;br /&gt;
&lt;br /&gt;
This table keeps individual grades for each user and each item.  The raw grade is exactly as imported or submitted by modules. The rawgrademax/min and rawscaleid are stored here to record the values at the time the grade was stored, because teachers might change this for an activity!   All the results are normalised/resampled/calculated for the finalgrade, which is relative to the max/min/scaleid values stored in the grade_item.  The finalgrade field is effectively a cache and values are rebuilt whenever raw values or the grade_item changes.  &lt;br /&gt;
&lt;br /&gt;
Note that the finalgrade for a scale-based item may be non-integer!  It needs to be rounded on display.&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Default&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039; &lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;id&#039;&#039;&#039; &lt;br /&gt;
|int(10)  &lt;br /&gt;
|&lt;br /&gt;
|autoincrementing &lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;itemid&#039;&#039;&#039; &lt;br /&gt;
|int(10)  &lt;br /&gt;
|&lt;br /&gt;
|The item this grade belongs to &lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;userid&#039;&#039;&#039; &lt;br /&gt;
|int(10) &lt;br /&gt;
|&lt;br /&gt;
|The user who this grade is for &lt;br /&gt;
|-&lt;br /&gt;
|rawgrade&lt;br /&gt;
|float(11,10) &lt;br /&gt;
|&amp;lt;center&amp;gt;NULL&amp;lt;/center&amp;gt; &lt;br /&gt;
|The raw grade that came into the system&lt;br /&gt;
|-&lt;br /&gt;
|rawgrademax &lt;br /&gt;
|float(11,10) &lt;br /&gt;
|&amp;lt;center&amp;gt;100&amp;lt;/center&amp;gt; &lt;br /&gt;
|The maximum allowable grade when this was created &lt;br /&gt;
|-&lt;br /&gt;
|rawgrademin &lt;br /&gt;
|float(11,10) &lt;br /&gt;
|&amp;lt;center&amp;gt;0&amp;lt;/center&amp;gt; &lt;br /&gt;
|The minimum allowable grade when this was created &lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;rawscaleid&#039;&#039;&#039; &lt;br /&gt;
|int(10) &lt;br /&gt;
|&amp;lt;center&amp;gt;NULL&amp;lt;/center&amp;gt; &lt;br /&gt;
|If this grade is based on a scale, which one was it? &lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;usermodified&#039;&#039;&#039;&lt;br /&gt;
|int(10) &lt;br /&gt;
|&amp;lt;center&amp;gt;NULL&amp;lt;/center&amp;gt; &lt;br /&gt;
|the userid of the person who last modified the raw grade value&lt;br /&gt;
|-&lt;br /&gt;
|finalgrade&lt;br /&gt;
|float(11,10) &lt;br /&gt;
|&amp;lt;center&amp;gt;NULL&amp;lt;/center&amp;gt; &lt;br /&gt;
|The final grade (cached) after all calculations are made&lt;br /&gt;
|-	 &lt;br /&gt;
|hidden &lt;br /&gt;
|int(10) &lt;br /&gt;
|&amp;lt;center&amp;gt;0&amp;lt;/center&amp;gt; &lt;br /&gt;
|0 is not hidden, 1 is hide always, &amp;gt; 1 is a date to hide until &lt;br /&gt;
|-&lt;br /&gt;
|locked&lt;br /&gt;
|int(10) &lt;br /&gt;
|&amp;lt;center&amp;gt;0&amp;lt;/center&amp;gt; &lt;br /&gt;
|0 is not locked, &amp;gt; 0 when was the grade locked&lt;br /&gt;
|-&lt;br /&gt;
|locktime&lt;br /&gt;
|int(10) &lt;br /&gt;
|&amp;lt;center&amp;gt;0&amp;lt;/center&amp;gt; &lt;br /&gt;
|0 is never, &amp;gt; 0 is a date to lock the final grade after automatically&lt;br /&gt;
|-&lt;br /&gt;
|exported &lt;br /&gt;
|int(10) &lt;br /&gt;
|&amp;lt;center&amp;gt;0&amp;lt;/center&amp;gt; &lt;br /&gt;
|0 is not exported, &amp;gt; 0 is the last exported date &lt;br /&gt;
|-&lt;br /&gt;
|timecreated&lt;br /&gt;
|int(10) &lt;br /&gt;
|&lt;br /&gt;
|the time this grade was first created &lt;br /&gt;
|-&lt;br /&gt;
|timemodified&lt;br /&gt;
|int(10) &lt;br /&gt;
|&lt;br /&gt;
|the time this grade was last modified &lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
=== grade_grades_text ===&lt;br /&gt;
&lt;br /&gt;
This table keeps additional textual information about each individual grade, whether it be automatically generated from the module or entered manually by the teacher. It&#039;s here separate from the all-numeric grade_grades for database efficiency reasons.&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Default&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039; &lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;id&#039;&#039;&#039; &lt;br /&gt;
|int(10)  &lt;br /&gt;
|&lt;br /&gt;
 &lt;br /&gt;
|autoincrementing &lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;gradesid&#039;&#039;&#039; &lt;br /&gt;
|int(10)  &lt;br /&gt;
|&lt;br /&gt;
 &lt;br /&gt;
|The exact grade in grade_grades this corresponds to &lt;br /&gt;
|-&lt;br /&gt;
|information &lt;br /&gt;
|text &lt;br /&gt;
|&amp;lt;center&amp;gt;NULL&amp;lt;/center&amp;gt; &lt;br /&gt;
|Further information like forum rating distribution 4/5/7/0/1 &lt;br /&gt;
|-&lt;br /&gt;
|informationformat&lt;br /&gt;
|int(10)&lt;br /&gt;
|&amp;lt;center&amp;gt;0&amp;lt;/center&amp;gt; &lt;br /&gt;
|Text format for information&lt;br /&gt;
|-&lt;br /&gt;
|feedback &lt;br /&gt;
|text &lt;br /&gt;
|&amp;lt;center&amp;gt;NULL&amp;lt;/center&amp;gt; &lt;br /&gt;
|Manual feedback from the teacher. Could be a code like &#039;mi&#039;. &lt;br /&gt;
|-&lt;br /&gt;
|feedbackformat&lt;br /&gt;
|int(10)&lt;br /&gt;
|&amp;lt;center&amp;gt;0&amp;lt;/center&amp;gt; &lt;br /&gt;
|Text format for feedback&lt;br /&gt;
|-&lt;br /&gt;
|timecreated&lt;br /&gt;
|int(10) &lt;br /&gt;
|&lt;br /&gt;
 &lt;br /&gt;
|the time these entry was first created &lt;br /&gt;
|-&lt;br /&gt;
|timemodified&lt;br /&gt;
|int(10) &lt;br /&gt;
|&lt;br /&gt;
 &lt;br /&gt;
|the time this entry was last updated &lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;usermodified&#039;&#039;&#039;&lt;br /&gt;
|int(10) &lt;br /&gt;
|&amp;lt;center&amp;gt;NULL&amp;lt;/center&amp;gt; &lt;br /&gt;
|the userid of the person who last modified this entry&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
=== grade_outcomes ===&lt;br /&gt;
&lt;br /&gt;
This table describes the outcomes used in the system. An outcome is a statement tied to a rubric scale from low to high, such as “Not met, Borderline, Met” (stored as 0,1 or 2).  For more info about these see [[Outcomes]].&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Default&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039; &lt;br /&gt;
&lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;id&#039;&#039;&#039; &lt;br /&gt;
|int(10)  &lt;br /&gt;
|&lt;br /&gt;
|autoincrementing &lt;br /&gt;
&lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;courseid&#039;&#039;&#039; &lt;br /&gt;
|int(10)  &lt;br /&gt;
|&amp;lt;center&amp;gt;NULL&amp;lt;/center&amp;gt; &lt;br /&gt;
|Mostly these are defined site wide ie NULL &lt;br /&gt;
&lt;br /&gt;
|-&lt;br /&gt;
|shortname &lt;br /&gt;
|varchar(255) &lt;br /&gt;
|&lt;br /&gt;
|The short name or code for this outcome statement &lt;br /&gt;
&lt;br /&gt;
|-&lt;br /&gt;
|fullname &lt;br /&gt;
|text &lt;br /&gt;
|&lt;br /&gt;
|The full description of the outcome (usually 1 sentence) &lt;br /&gt;
&lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;scaleid&#039;&#039;&#039; &lt;br /&gt;
|int(10) &lt;br /&gt;
|&lt;br /&gt;
|The recommended scale for this outcome.  &lt;br /&gt;
&lt;br /&gt;
|-&lt;br /&gt;
|timecreated&lt;br /&gt;
|int(10) &lt;br /&gt;
|&lt;br /&gt;
|the time this outcome was first created &lt;br /&gt;
&lt;br /&gt;
|-&lt;br /&gt;
|timemodified&lt;br /&gt;
|int(10) &lt;br /&gt;
|&lt;br /&gt;
|the time this outcome was last updated &lt;br /&gt;
&lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;usermodified&#039;&#039;&#039;&lt;br /&gt;
|int(10) &lt;br /&gt;
|&amp;lt;center&amp;gt;NULL&amp;lt;/center&amp;gt; &lt;br /&gt;
|the userid of the person who last modified this outcome&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
=== grade_outcomes_courses ===&lt;br /&gt;
An intersection table used to make standard outcomes available to courses.&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Default&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039; &lt;br /&gt;
&lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;id&#039;&#039;&#039; &lt;br /&gt;
|int(10)  &lt;br /&gt;
|&lt;br /&gt;
|autoincrementing &lt;br /&gt;
&lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;courseid&#039;&#039;&#039;&lt;br /&gt;
|int(10)&lt;br /&gt;
|&lt;br /&gt;
|The id of the course being assigned the outcome&lt;br /&gt;
&lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;outcomeid&#039;&#039;&#039; &lt;br /&gt;
|int(10)  &lt;br /&gt;
|&lt;br /&gt;
|The id of the outcome being assigned to the course&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
=== grade_import_newitem ===&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Default&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039; &lt;br /&gt;
&lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;id&#039;&#039;&#039; &lt;br /&gt;
|int(10)  &lt;br /&gt;
|&lt;br /&gt;
|autoincrementing &lt;br /&gt;
&lt;br /&gt;
|-&lt;br /&gt;
|itemname&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|&lt;br /&gt;
|*TODO* Document&lt;br /&gt;
&lt;br /&gt;
|-&lt;br /&gt;
|importcode&lt;br /&gt;
|int(12)  &lt;br /&gt;
|&lt;br /&gt;
|*TODO* Document &lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
=== grade_import_values ===&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Default&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039; &lt;br /&gt;
&lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;id&#039;&#039;&#039; &lt;br /&gt;
|int(10)  &lt;br /&gt;
|&lt;br /&gt;
|autoincrementing &lt;br /&gt;
&lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;itemid&#039;&#039;&#039; &lt;br /&gt;
|int(10)  &lt;br /&gt;
|NULL&lt;br /&gt;
|*TODO* Document &lt;br /&gt;
&lt;br /&gt;
|-&lt;br /&gt;
|newgradeitem&lt;br /&gt;
|int(10)&lt;br /&gt;
|NULL&lt;br /&gt;
|*TODO* Document&lt;br /&gt;
&lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;userid&#039;&#039;&#039; &lt;br /&gt;
|int(10)  &lt;br /&gt;
|&lt;br /&gt;
|*TODO* Document &lt;br /&gt;
&lt;br /&gt;
|-&lt;br /&gt;
|finalgrade&lt;br /&gt;
|float(10,5)  &lt;br /&gt;
|0&lt;br /&gt;
|*TODO* Document &lt;br /&gt;
&lt;br /&gt;
|-&lt;br /&gt;
|feedback&lt;br /&gt;
|text&lt;br /&gt;
|NULL&lt;br /&gt;
|*TODO* Document &lt;br /&gt;
&lt;br /&gt;
|-&lt;br /&gt;
|importcode&lt;br /&gt;
|int(12)  &lt;br /&gt;
|&lt;br /&gt;
|*TODO* Document &lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
=== History tables ===&lt;br /&gt;
&lt;br /&gt;
These table keep track of changes to most of the grade tables. Using these it should be possible to reconstruct the grades at any point in time in the past, or to audit grade changes over time.  It should be quicker to use these tables for that, rather than storing this information in the main Moodle log. The following tables are set up for that purpose:&lt;br /&gt;
&lt;br /&gt;
#grade_categories_history&lt;br /&gt;
#grade_grades_history&lt;br /&gt;
#grade_items_history&lt;br /&gt;
#grade_outcomes_history&lt;br /&gt;
&lt;br /&gt;
Each of them has exactly the same DB structure as their matching table (e.g. grade_categories), with 3 extra fields:&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Default&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039; &lt;br /&gt;
&lt;br /&gt;
|-&lt;br /&gt;
|action&lt;br /&gt;
|int(10)  &lt;br /&gt;
|0&lt;br /&gt;
|The action that lead to the change being recorded (insert, update, delete)&lt;br /&gt;
&lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;oldid&#039;&#039;&#039; &lt;br /&gt;
|int(10)  &lt;br /&gt;
|&lt;br /&gt;
|The id of the record being changed or inserted (PK of the main table, not the history table) &lt;br /&gt;
&lt;br /&gt;
|-&lt;br /&gt;
|source&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|NULL&lt;br /&gt;
|The URL from which the action originated &lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
== Overview of module communication ==&lt;br /&gt;
&lt;br /&gt;
Modules will often store internal copies of grades for calculations or for showing grades to students etc, but these are &#039;&#039;purely&#039;&#039; internal. The gradebook system will never access these directly.&lt;br /&gt;
&lt;br /&gt;
A new feature in Moodle 1.9 is a simple [[Events|event handler]]. The new gradebook will be the first feature in Moodle to take advantage of events, and all communication between the gradebook and the modules will take place via event messages.  See [[Events]] for full details.&lt;br /&gt;
&lt;br /&gt;
There are two ways that data are transferred between the module and the gradebook:&lt;br /&gt;
&lt;br /&gt;
;&#039;&#039;&#039;1. Modules post grade events&#039;&#039;&#039; : Whenever a new grade is created, the module should post a &#039;&#039;grade_updated&#039;&#039; event so that the gradebook can pick it up. As long as that column in the gradebook is not “locked” then the new grades will be entered (overwriting any existing ones).&lt;br /&gt;
;&#039;&#039;&#039;2. Gradebook posts grade events&#039;&#039;&#039; :Whenever a grade is altered in the gradebook (for example, a teacher may want to change an assignment grade), then a &#039;&#039;grade_updated_external&#039;&#039; event is posted so that the module can pick it up. If the module implements this “reverse” function then the internal grade in the module can be changed.&lt;br /&gt;
&lt;br /&gt;
=== Backward compatibility with Moodle 1.8 and earlier ===&lt;br /&gt;
&lt;br /&gt;
:For backward compatibility with old third-party modules, we will add a new function called grade_grab_legacy_grades() to admin/cron.php to search all mod/xxx/lib.php files for functions named xxx_grades(). &lt;br /&gt;
&lt;br /&gt;
:These legacy functions will be called to extract all the grades for all the activities in each course. Once the data is extracted, the &#039;&#039;grade_updated&#039;&#039; event is triggered as usual and copy/upgrade the data in the gradebook tables.&lt;br /&gt;
&lt;br /&gt;
:A similar function will be added to upgraded modules to trigger a “mass copy” of all the existing grades into the new gradebook. This will be useful during the upgrade from 1.8 as well as being available in the normal gradebook interface to “refresh” a column from primary data.&lt;br /&gt;
&lt;br /&gt;
== Core API functions ==&lt;br /&gt;
&lt;br /&gt;
Even though most of the communication will take place via events, there are a few core functions in lib/gradelib.php that will be useful for modules:&lt;br /&gt;
&lt;br /&gt;
===grade_is_locked()===&lt;br /&gt;
&lt;br /&gt;
eg grade_is_locked($courseid, $itemtype, $itemmodule, $iteminstance, $itemnumber, $userid=NULL)&lt;br /&gt;
&lt;br /&gt;
This function will tell a module whether a grade (or grade_item if $userid is not given) is currently locked or not. If it&#039;s locked to the current user then the module can print a nice message or prevent editing in the module. If no $userid is given, the method will always return the grade_item&#039;s locked state. If a $userid is given, the method will first check the grade_item&#039;s locked state (the column). If it is locked, the method will return true no matter the locked state of the specific grade being checked. If unlocked, it will return the locked state of the specific grade.&lt;br /&gt;
([http://moodle.org/mod/forum/discuss.php?d=69223#p311329 info])&lt;br /&gt;
&lt;br /&gt;
===grade_regrade_final_grades()===&lt;br /&gt;
&lt;br /&gt;
grade_regrade_final_grades($courseid=NULL, $userid=NULL, $updated_item=NULL)&lt;br /&gt;
&lt;br /&gt;
Updates all grade_grades-&amp;gt;finalgrade records for each grade_item matching the given attributes. The search is further restricted, so that only grade_items that have needs_update == true or that use calculation are retrieved and used for the update. The function returns the number of grade_items updated (NOT the same as the number of grades_grades updated!).&lt;br /&gt;
&lt;br /&gt;
===grade_update()===&lt;br /&gt;
&lt;br /&gt;
grade_update($source, $courseid, $itemtype, $itemmodule, $iteminstance, $itemnumber, $grades=NULL, $itemdetails=NULL)&lt;br /&gt;
&lt;br /&gt;
Submit new or update grade; update/create grade_item definition. Grade must have userid specified, rawgrade and feedback with format are optional. rawgrade NULL means &#039;Not graded&#039;, missing property or key means do not change existing. Only following grade item properties can be changed &#039;itemname&#039;, &#039;idnumber&#039;, &#039;gradetype&#039;, &#039;grademax&#039;, &#039;grademin&#039;, &#039;scaleid&#039;, &#039;multfactor&#039;, &#039;plusfactor&#039;, &#039;deleted&#039;.&lt;br /&gt;
&lt;br /&gt;
===grade_verify_idnumber()===&lt;br /&gt;
&lt;br /&gt;
grade_verify_idnumber($idnumber, $grade_item = null, $cm = null, $gradeitem)&lt;br /&gt;
&lt;br /&gt;
Verify new value of idnumber - checks for uniqueness of new idnubmers, old are kept intact.&lt;br /&gt;
&lt;br /&gt;
===remove_course_grades()===&lt;br /&gt;
&lt;br /&gt;
remove_course_grades($courseid, $showfeedback)&lt;br /&gt;
&lt;br /&gt;
Remove all grade related course data - history is kept&lt;br /&gt;
&lt;br /&gt;
===grade_get_outcomes()===&lt;br /&gt;
&lt;br /&gt;
grade_get_outcomes($courseid, $itemtype, $itemmodule, $iteminstance,$userid=0)&lt;br /&gt;
&lt;br /&gt;
Returns list of outcomes used in course together with current outcomes for this user.&lt;br /&gt;
&lt;br /&gt;
===build_percentages_array()===&lt;br /&gt;
&lt;br /&gt;
build_percentages_array($steps = 1, $order = &#039;desc&#039;, $lowest = 0, $highest = 100)&lt;br /&gt;
&lt;br /&gt;
Builds an array of percentages indexed by integers for the purpose of building a select drop-down element.&lt;br /&gt;
&lt;br /&gt;
== Dealing with multiple grades  ==&lt;br /&gt;
&lt;br /&gt;
Modules will often produce several grade items. This may be several attempts, say, like the quiz module, or more commonly, ratings based on several outcomes. It is &#039;&#039;&#039;up to the module&#039;&#039;&#039; whether these grades are aggregated BEFORE sending to the gradebook as a single number, or are sent in raw form to the gradebook. &lt;br /&gt;
&lt;br /&gt;
Pre-aggregration makes the most sense for a quiz, say, which already implements algorithms to calculate a single number for each student. In such a case there will only be one grade item from a particular quiz.&lt;br /&gt;
&lt;br /&gt;
For anything that uses outcomes with grades against multiple rubrics (such as an assignment), it would make the most sense to just pass all the results through to the gradebook as individual grade items.&lt;br /&gt;
&lt;br /&gt;
If the gradebook receives multiple grade items from a module, then they are automatically grouped together in a unique grade category (with the same name as the module instance). This is simply done by checking/creating the category whenever a second item from the same instance is being added. All the grading items will by default appear separate in the gradebook GUI, but can be easily “combined” by choosing an aggregation algorithm from a list (such as “Sum, Mean, Median, etc ...), plus “Keep X high, Drop X Low” together with scaling/shifting via the Multiplication and Plus factors etc.&lt;br /&gt;
&lt;br /&gt;
For more info about multiple grade items see [[Outcomes]].&lt;br /&gt;
&lt;br /&gt;
== Calculated grade items  ==&lt;br /&gt;
&lt;br /&gt;
A calculated grade item can operate on any arbitrary other items. It is not connected to any particular module. &lt;br /&gt;
&lt;br /&gt;
The final calculated values are re-calculated and stored in the grade_grades table whenever any of the values in the source items is changed. To avoid doing this for every grade_post event, we just set the &#039;&#039;needsupdate&#039;&#039; field on grade_items every time grades are added or changed.&lt;br /&gt;
&lt;br /&gt;
At the next display time or export time (ie whenever grades_grades-&amp;gt;finalgrade is accessed) we do this:&lt;br /&gt;
&lt;br /&gt;
 If any current grade_items are flagged as &#039;&#039;needsupdate&#039;&#039; then &lt;br /&gt;
 # for each grade_item with the flag, update all grade_grades-&amp;gt;final for them and remove the grade_item flag&lt;br /&gt;
 # for each grade_item with a calculation, update their grade_grades-&amp;gt;finalgrade&lt;br /&gt;
&lt;br /&gt;
The format for the calculations may as well use the same format as Excel and Openoffice, as that is what most people are probably used to.&lt;br /&gt;
&lt;br /&gt;
 eg:  MEAN(quizstart1, quizend1) + assignment1 + 20.0&lt;br /&gt;
&lt;br /&gt;
== Adjustment of grades ==&lt;br /&gt;
Grade_item contains optional rules for adjusting the raw grade before it is cached into a final grade. These rules are processed BEFORE the calculation discussed above, because they may include reprocessing the grade&#039;s place within a different scale or grade range. &lt;br /&gt;
&lt;br /&gt;
=== Adjustment to a new range ===&lt;br /&gt;
A raw grade may have been initially calculated within a module inside a range of 0 to 100 (grademin - grademax). However, the grade_item may be given a different grademin and grademax. For example, it could be 30 to 70. If you take a raw value of 30 on the original range (i.e. 30%), after adjusting this score for the new range, you should obtain 42, not 30 (30 being the equivalent of 0 on the previous range). This calculation takes place before the multfactor and plusfactor are applied, and before the calculation formula is applied.&lt;br /&gt;
&lt;br /&gt;
=== Adjustment to a new scale ===&lt;br /&gt;
A raw grade may also have a scale value, which always starts at 0 (for the first item in the scale), and has a maximum set by the number of items in the scale. Because this value is always an integer, the above calculation is performed in addition to a rounding up to the nearest integer. Also, multfactor and plusfactor are both ignored, because using them makes no sense in the context of a scale value.&lt;br /&gt;
&lt;br /&gt;
== Displaying the grades to ordinary participants  ==&lt;br /&gt;
&lt;br /&gt;
The module takes responsibility for displaying grades within the module (to a student, say). Normally they would use internal tables to do so. However, there is a grade_get_grades() function available for modules to query the core gradebook for grades (if required).&lt;br /&gt;
&lt;br /&gt;
For full display of grades in a whole course say, the student uses the same link as teachers use to access the gradebook. However, due to their different permissions they will only have access to specific reports. By default this is the “singleuser” report which only shows their own grades and has very few configuration options.&lt;br /&gt;
&lt;br /&gt;
== Locked grades  ==&lt;br /&gt;
&lt;br /&gt;
Both whole columns and individual grades can be locked in the gradebook, via the &amp;quot;locked&amp;quot; field.  Teachers may want to do this to prevent further changes from the modules, or from other teachers.  When a grade is locked, any grading events that might affect that grade are ignored.  When the graded is unlocked, an &amp;quot;unlock&amp;quot; event is triggered, which allows a module to handle it by sending the latest new grades back.&lt;br /&gt;
&lt;br /&gt;
In the main GUIs the lock toggling will be achieved by clicking on a little padlock icon beside each entry or column.&lt;br /&gt;
&lt;br /&gt;
== Manually modified grades ==&lt;br /&gt;
&lt;br /&gt;
Grades can be manually modified (overriden) in the gradebook.  When this is done to grade_items derived from a module&#039;s grades, and the new value is different from the original one, then the field will automatically be given a locked status (it can of course be unlocked immediately if one wishes).   This is to prevent new grading events from changing the manually entered values unexpectedly.&lt;br /&gt;
&lt;br /&gt;
== Clean up after old activities == &lt;br /&gt;
&lt;br /&gt;
By default columns (grade items) will remain in the gradebook even when activities are deleted.  A manual &#039;clean-up&#039; button can delete old columns if required.  &lt;br /&gt;
&lt;br /&gt;
When you click the &#039;Clean up&#039; button, it shows you a list of columns that should be deleted, with a checkbox next to each one (on by default, but you can turn it off if you want to keep that column still) and then another button click to really delete the marked columns.&lt;br /&gt;
&lt;br /&gt;
Otherwise there will be a site option to do this automatically whenever activities are deleted.&lt;br /&gt;
&lt;br /&gt;
== Logging ==&lt;br /&gt;
&lt;br /&gt;
As well as datestamps and userids in the tables, all grading events will be logged in case an audit needs to be made.&lt;br /&gt;
&lt;br /&gt;
== Security Issues ==&lt;br /&gt;
&lt;br /&gt;
For security an option to force SSL for the gradebook might be good.&lt;br /&gt;
&lt;br /&gt;
==Overall grade==&lt;br /&gt;
&lt;br /&gt;
Having an overall grade handy allows us to know exactly when a course is &amp;quot;finished&amp;quot;.  Exactly how do we specify the &amp;quot;overall&amp;quot; grade?  It&#039;s a special case, and might not always be just the sum.&lt;br /&gt;
&lt;br /&gt;
The best solution is probably to have a special calculated column (grade_item) for every course that can not be deleted.  It&#039;s made special because the itemtype is &#039;total&#039; (one per course).  The calculation formula should be updated automatically whenever grade_items are changed in that course to be the &amp;quot;sum&amp;quot; of all the grade_items in the course.&lt;br /&gt;
&lt;br /&gt;
However, if the calculation is edited manually then we should lock the calculation formula.   We could do this by setting the iteminfo field to something.  Clearing the calculation to an empty string could force it back to an automatic calculation formula.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
== Report plugins ==&lt;br /&gt;
All the main interface of the gradebook will be implemented as report plugins. Each plugin is fully responsible for defining the interface between the header and footer. They can even define their own capabilities and extra tables if the core tables are not enough, as they&#039;ll have a full /grade/report/xxxx/db directory.&lt;br /&gt;
&lt;br /&gt;
Each report will need to define one capability to allow people to see that report, so that admins have control over who can see what reports. For example, the participant interface can be a totally separate report plugin.&lt;br /&gt;
&lt;br /&gt;
This allows for the widest flexibility and safety in how grades are presented.&lt;br /&gt;
&lt;br /&gt;
=== Default teacher interface ===&lt;br /&gt;
This interface will be what teachers see by default, and will subsume everything the current interface (in Moodle 1.8) does.&lt;br /&gt;
&lt;br /&gt;
Some snippets of functionality:&lt;br /&gt;
{{Moodle 1.9}}&lt;br /&gt;
Overall it&#039;s a grid, with participant names down one side and grade items along the top. &lt;br /&gt;
&lt;br /&gt;
Columns will be able to be collapsed together by grouping them into categories. Grades for categories can be calculated via various means. &lt;br /&gt;
&lt;br /&gt;
“Eye-cons” on the columns and checkboxes by every grade (this bit possibly controlled with a switch) allow hiding by category, by column, by individual grade.&lt;br /&gt;
&lt;br /&gt;
Textual notes can be added to each grade for more info. These show up to participants as well.&lt;br /&gt;
&lt;br /&gt;
A groups menu allows the teacher to switch between showing EACH of the groups they have access to, or ALL the groups they have access to.&lt;br /&gt;
&lt;br /&gt;
All grade items will link to modulepath/grade.php?id=44 which will work out what the current person should be allowed to see and either redirect them to the correct page or just show them immediately.   This copes with situations like the quiz, say, where we want editing teachers to go to the detailed reports there while participants just see their own grade or whatever the quiz is set to show.&lt;br /&gt;
&lt;br /&gt;
User preference to SWITCH between showing raw grades, percentage grades, or both, or grade letters (A/B/C etc).  &lt;br /&gt;
&lt;br /&gt;
Settings for grade letters not only define the transformation from percentage to grades, but also the transformation from letters to grades (in case the teacher edits some of the letter grades).&lt;br /&gt;
&lt;br /&gt;
Categories are shown above the headings for each column.  Clicking for more info on a category will just show the category with a summary column showing total/average for just that category (PLUS the summary column for the whole course).&lt;br /&gt;
&lt;br /&gt;
All columns should be sortable up/down.&lt;br /&gt;
&lt;br /&gt;
At the bottom of each column is a row with the mean course score.  If in groups mode, then add ANOTHER row with just the group mean. Add the number of grades used in brackets.  eg 56% (11).   When the report is paged, these means are still for the whole course/group (not the page!)&lt;br /&gt;
&lt;br /&gt;
{{Moodle 2.0}}&lt;br /&gt;
&lt;br /&gt;
Teachers can type “straight into” the grid using AJAX or fallback to forms. No popup menus for values.&lt;br /&gt;
&lt;br /&gt;
Later on we can support customisable shorthand codes to make data entry quick (eg type &#039;ab&#039; for absent, or &#039;nge&#039; for not good enough).&lt;br /&gt;
&lt;br /&gt;
See [http://test.moodle.com/grade/report/grader/index.php?id=2 the test site] for a live demo of this report.&lt;br /&gt;
&lt;br /&gt;
=== Default participant interface ===&lt;br /&gt;
This interface will be what participants see by default:&lt;br /&gt;
&lt;br /&gt;
Some snippets of functionality:&lt;br /&gt;
&lt;br /&gt;
*Invert the grid to show one item per row, with the total/average at the bottom.&lt;br /&gt;
*Use second/third columns to show categories.&lt;br /&gt;
*Include ranking score in another column.&lt;br /&gt;
*Show feedback&lt;br /&gt;
*Show percentage&lt;br /&gt;
*No editing functionality.&lt;br /&gt;
&lt;br /&gt;
See [http://test.moodle.com/grade/report/user/index.php?id=2 the test site] for a live demo of this report.&lt;br /&gt;
&lt;br /&gt;
=== Outcomes report ===&lt;br /&gt;
This simple informational report displays all the outcomes used by the course, with the following information:&lt;br /&gt;
&lt;br /&gt;
*Outcome name&lt;br /&gt;
*Overall average: If the outcome is used by more than one activity, this shows you the mean across all these activities in the current course&lt;br /&gt;
*Site-wide: Yes or No: A site-wide outcome is automatically made available to all courses.&lt;br /&gt;
*Activities: A list of links to the activities in the current course that use each outcome. One row per activity (table splits here)&lt;br /&gt;
*Average: For each activity using the outcome, the average score is shown.&lt;br /&gt;
*Number of grades: For each activity using the outcome, the number of grades is shown (non-graded participants are ignored)&lt;br /&gt;
&lt;br /&gt;
See [http://test.moodle.com/grade/report/outcomes/index.php?id=2 the test site] for a live demo of this report.&lt;br /&gt;
&lt;br /&gt;
=== Overview report ===&lt;br /&gt;
Another basic report, showing a participant&#039;s course averages in each of the courses in which s/he has received grades.&lt;br /&gt;
&lt;br /&gt;
See [http://test.moodle.com/grade/report/overview/index.php the test site] for a live demo of this report.&lt;br /&gt;
&lt;br /&gt;
== Export plugins ==&lt;br /&gt;
&lt;br /&gt;
The API for these is extremely simple.  Each export plugin should occupy a directory under /grade/export/xyz and needs to provide only an index.php file as a the primary interface.  This file can accept parameters that produce a subset of the grades:&lt;br /&gt;
&lt;br /&gt;
* courseid&lt;br /&gt;
* groupid&lt;br /&gt;
* categoryid&lt;br /&gt;
* itemid&lt;br /&gt;
* userid&lt;br /&gt;
&lt;br /&gt;
The index.php can choose to simply dump something (eg an Excel spreadsheet) and return, or it can show an interface for further options and selections.  Ideally even if it dumps something it should also show some feedback about what was exported to make it easier to double check what was sent, but this is up to the plugin to implement.&lt;br /&gt;
&lt;br /&gt;
Further if the plugin contains a lib.php and an xyz_visible() function then the gradebook can check this function to make sure the current user can see/use the plugin (eg by checking access permissions).   If this function returns false then the export method won&#039;t appear in the main gradebook interfaces.&lt;br /&gt;
&lt;br /&gt;
The export plugins are a &amp;quot;full&amp;quot; Moodle plugin, so it can have tables, cron functions, event handlers, capabilities etc.  For example, an export plugin might not even have a GUI (ie xyz_visible() is always false and/or index.php doesn&#039;t exist) - it might operate solely off cron or event triggers.&lt;br /&gt;
&lt;br /&gt;
== Import plugins ==&lt;br /&gt;
&lt;br /&gt;
Each import plugin should occupy a directory under /grade/import/xyz and needs to provide only an index.php file as a the primary interface.  This file just accepts a &#039;courseid&#039; parameter.&lt;br /&gt;
&lt;br /&gt;
The index.php will show an interface for further options and selections.&lt;br /&gt;
&lt;br /&gt;
Further if the plugin contains a lib.php and an xyz_visible() function then the gradebook can check this function to make sure the current user can see/use the plugin.   If this function returns false then the import method won&#039;t appear in the main gradebook interfaces.&lt;br /&gt;
&lt;br /&gt;
The import plugins are a &amp;quot;full&amp;quot; Moodle plugin, so it can have tables, cron functions, event handlers, capabilities etc.  For example, an import plugin might not even have a GUI (ie xyz_visible() is always false and/or index.php doesn&#039;t exist) - it might operate solely off cron or event triggers.&lt;br /&gt;
&lt;br /&gt;
The entire import must be treated as one operation.  If it fails, then no records should be imported and the database is unchanged.&lt;br /&gt;
&lt;br /&gt;
Some sample import plugins are:&lt;br /&gt;
&lt;br /&gt;
===Import from CSV===&lt;br /&gt;
&lt;br /&gt;
Accepts an upload of (or URL to) a CSV file.  Multiple options describe how to process the file, which columns to add etc.  These should be sticky, and retained via user preferences to make future imports easier.&lt;br /&gt;
&lt;br /&gt;
===Import from XML===&lt;br /&gt;
&lt;br /&gt;
Accepts an upload of (or URL to) an XML file with this kind of format (from OU). &lt;br /&gt;
&lt;br /&gt;
 &amp;lt;results batch=&amp;quot;[someuniqueimportnumber]&amp;quot;&amp;gt;&lt;br /&gt;
     &amp;lt;result&amp;gt;&lt;br /&gt;
         &amp;lt;state&amp;gt;[&#039;new&#039; or &#039;regrade&#039;]&amp;lt;/state&amp;gt;&lt;br /&gt;
             &amp;lt;assignment&amp;gt;[idnumber]&amp;lt;/assignmentid&amp;gt;&lt;br /&gt;
             &amp;lt;student&amp;gt;[studentid]&amp;lt;/student&amp;gt;&lt;br /&gt;
             &amp;lt;score&amp;gt;[score]&amp;lt;/score&amp;gt;&lt;br /&gt;
         &amp;lt;/result&amp;gt;&lt;br /&gt;
         &amp;lt;result&amp;gt;&lt;br /&gt;
             &amp;lt;state&amp;gt;[&#039;new&#039; or &#039;regrade&#039;]&amp;lt;/state&amp;gt;&lt;br /&gt;
             &amp;lt;assignment&amp;gt;[idnumber]&amp;lt;/assignmentid&amp;gt;&lt;br /&gt;
             &amp;lt;student&amp;gt;[studentid]&amp;lt;/student&amp;gt;&lt;br /&gt;
             &amp;lt;score&amp;gt;[score]&amp;lt;/score&amp;gt;&lt;br /&gt;
         &amp;lt;/result&amp;gt;&lt;br /&gt;
         [...]&lt;br /&gt;
 &amp;lt;/results&amp;gt;&lt;br /&gt;
&lt;br /&gt;
== Capabilities and Permissions ==&lt;br /&gt;
&lt;br /&gt;
* moodle/grade:view  -  view your own grades&lt;br /&gt;
&lt;br /&gt;
* moodle/grade:viewall - view grades of other users&lt;br /&gt;
&lt;br /&gt;
* moodle/grade:viewhidden - see grades that are marked as hidden for the owner&lt;br /&gt;
&lt;br /&gt;
* moodle/grade:hide - be able to hide/unhide cells, items or categories&lt;br /&gt;
&lt;br /&gt;
* moodle/grade:lock - be able to lock cells, items or categories&lt;br /&gt;
&lt;br /&gt;
* moodle/grade:unlock - be able to unlock cells, items or categories&lt;br /&gt;
&lt;br /&gt;
* moodle/grade:manage - manage grade items and categories in gradebook (create, edit, lock, hide, delete, etc.)&lt;br /&gt;
&lt;br /&gt;
* moodle/grade:import - import grades&lt;br /&gt;
&lt;br /&gt;
* moodle/grade:export - export grades&lt;br /&gt;
&lt;br /&gt;
* moodle/grade:override - edit or override individual grades&lt;br /&gt;
&lt;br /&gt;
* gradereport/grader:view - can view the grader report&lt;br /&gt;
&lt;br /&gt;
* gradeimport/csv:view - can view/use the csv import plugin&lt;br /&gt;
&lt;br /&gt;
* gradeexport/csv:view - can view/use the csv export plugin&lt;br /&gt;
&lt;br /&gt;
* moodle:site/accessallgroups&lt;br /&gt;
&lt;br /&gt;
== Interface Demo ==&lt;br /&gt;
&lt;br /&gt;
The mockup is no longer applicable. Instead you can play with the live demo at the following site:&lt;br /&gt;
&lt;br /&gt;
    [http://test.moodle.com/grade/report/grader/index.php?id=2 Gradebook live demo]&lt;br /&gt;
&lt;br /&gt;
Please base your future feedback on that interface.&lt;br /&gt;
&lt;br /&gt;
== Development Tasks and Tracking ==&lt;br /&gt;
&lt;br /&gt;
See [http://tracker.moodle.org/browse/MDL-9137 MDL-9137] for the full details.&lt;br /&gt;
&lt;br /&gt;
== See also ==&lt;br /&gt;
&lt;br /&gt;
* [http://moodle.org/mod/forum/discuss.php?d=69223&amp;amp;mode=3 Gradebook Development ideas] forum discussion&lt;br /&gt;
* Using Moodle [http://moodle.org/mod/forum/discuss.php?d=51107 New gradebook for Moodle] forum discussion&lt;br /&gt;
* [[Events]]&lt;br /&gt;
* [[Gradebook Report Tutorial]]&lt;br /&gt;
&lt;br /&gt;
[[Category:Grades]]&lt;br /&gt;
[[Category:Grades]]&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Grades&amp;diff=4484</id>
		<title>Grades</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Grades&amp;diff=4484"/>
		<updated>2007-04-27T06:58:32Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* grade_items */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&amp;gt;&amp;gt;Still under construction&amp;lt;&amp;lt;&lt;br /&gt;
&lt;br /&gt;
[http://moodle.org/mod/forum/discuss.php?d=69223 There is an ongoing discussion about this spec here]&lt;br /&gt;
&lt;br /&gt;
== Executive Summary ==&lt;br /&gt;
&lt;br /&gt;
The gradebook mechanisms must be rebuilt to:&lt;br /&gt;
&lt;br /&gt;
# &#039;&#039;&#039;Improve performance and scalability&#039;&#039;&#039; - All grades from throughout the system will be pushed to a central system of tables. This means reports based on grades can be generated much faster, and the gradebook has ultimate control over the content.&lt;br /&gt;
# &#039;&#039;&#039;Improve flexibility&#039;&#039;&#039; - All aspects of the new gradebook will use simple plugin structures, namely: exports, imports and displays/reports. It is expected that the community will be very active in producing special-purpose reports analysing the basic grade data in new ways, for example, or writing plugins to transfer grades to student information systems.&lt;br /&gt;
# &#039;&#039;&#039;Allow rubrics for outcomes (aka standards,competencies,goals)&#039;&#039;&#039; - As well as numerical grades, each grading item can consist of a number of scores made on a rubric against a standard outcome statement. These can be automatically converted to a numerical grade if desired or just shown as is.&lt;br /&gt;
# &#039;&#039;&#039;Implement an event-oriented architecture&#039;&#039;&#039; - Such an architecture allows all parts of Moodle to interact with the gradebook, but particularly gradebook plugins can react instantly to grading events throughout the system.&lt;br /&gt;
# &#039;&#039;&#039;Allow arbitrary columns and derived columns&#039;&#039;&#039; - Arbitrary columns of data can be added (either manually or via import). Columns can also be automatically filled based on formulas.&lt;br /&gt;
&lt;br /&gt;
== Glossary ==&lt;br /&gt;
&lt;br /&gt;
Here are some terms used in the gradebook, both in the development and the user interface.  Using these terms in discussions about the gradebook will help to reduce confusion.&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Term&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Definition&#039;&#039;&#039;&lt;br /&gt;
|-&lt;br /&gt;
|Activity&lt;br /&gt;
|An instance of an activity module [[Category:Modules|Module]] (e.g. a single quiz, assignment etc...)&lt;br /&gt;
|-&lt;br /&gt;
|Calculation&lt;br /&gt;
|A formula used to calculate grades, based (optionally) on other grade items. Not the same as [[Calculated_question_type|Calculated question types]].&lt;br /&gt;
|-&lt;br /&gt;
|Category&lt;br /&gt;
|A set of Grade Items.  A Category also has its own aggregated Grade which is calculated from its Grade Items.  There is no limit to the level of nesting of Categories (a Category may belong to another Category). However, each Grade Item may belong to only one Category.&lt;br /&gt;
|-&lt;br /&gt;
|Course completion&lt;br /&gt;
|The concept &lt;br /&gt;
|-&lt;br /&gt;
|[[Events|Event]]&lt;br /&gt;
|Events are a new feature of Moodle 1.9, of which the [[Grades#Overview_of_module_communication|Gradebook will take full advantage]]. Modules that have grades to publish will define Events for which the Gradebook will listen. When an Event matches an Event Handler set up in the Gradebook, an Event Reaction will be triggered, performing any steps required (such as aggregating multiple grades, storing the grades etc...). Modules can also have their Event Handlers set up to respond to Events sent by the Gradebook (such as updating their internal grades).&lt;br /&gt;
|-&lt;br /&gt;
|Grade&lt;br /&gt;
|A Grade is a single assessment. It may be a number or an item on a scale (possibly tied to an Outcome).&lt;br /&gt;
|-&lt;br /&gt;
|[[Gradebook|Gradebook]]&lt;br /&gt;
|A central location in Moodle where students&#039; Grades are stored and displayed. Teachers can keep track of their students&#039; progress and organise which set of Grades their students will be able to see. Students see their own Grades.&lt;br /&gt;
|-&lt;br /&gt;
|Grade Item&lt;br /&gt;
|A &amp;quot;column&amp;quot; of Grades.  It can be created from a specific Activity or other module, calculated from other Grade Items, or entered manually.&lt;br /&gt;
|-&lt;br /&gt;
|[[Grades#Locked_grades|Grade Locks]]&lt;br /&gt;
|See linked section of this page&lt;br /&gt;
|-&lt;br /&gt;
|History&lt;br /&gt;
|The gradebook has its own type of log, which keeps a History of all changes made to grades.&lt;br /&gt;
|-&lt;br /&gt;
|[[Outcomes|Outcome]]&lt;br /&gt;
|[[Outcomes|Outcomes]] are specific descriptions of what a person is expected to be able to do or understand at the completion of an activity or course. An activity might have more than one outcome, and each may have a grade against it (usually on a scale).  Other terms for Outcomes are &#039;&#039;Competencies&#039;&#039; and &#039;&#039;Goals&#039;&#039;. See some [[Outcomes_examples|Examples]].&lt;br /&gt;
|-&lt;br /&gt;
|[[Scales|Scale]]&lt;br /&gt;
|A scale is a set of responses from which the teacher can choose one.   eg   A,B,C,D,E,F&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
== Database structures ==&lt;br /&gt;
=== grade_items ===&lt;br /&gt;
&lt;br /&gt;
This table keeps information about gradeable items (ie columns). If an activity (eg an assignment or quiz) has multiple grade_items associated with it (eg several outcomes or numerical grades), then there will be a corresponding multiple number of rows in this table.&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Default&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039; &lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;id&#039;&#039;&#039; &lt;br /&gt;
|int(10)  &lt;br /&gt;
|&lt;br /&gt;
 &lt;br /&gt;
|autoincrementing &lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;courseid&#039;&#039;&#039; &lt;br /&gt;
|int(10)  &lt;br /&gt;
|&lt;br /&gt;
 &lt;br /&gt;
|The course this item is part of &lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;categoryid&#039;&#039;&#039; &lt;br /&gt;
|int(10)  &lt;br /&gt;
|&amp;lt;center&amp;gt;NULL&amp;lt;/center&amp;gt; &lt;br /&gt;
|(optional) the category group this item belongs to &lt;br /&gt;
|-&lt;br /&gt;
|itemname &lt;br /&gt;
|varchar(255) &lt;br /&gt;
|&lt;br /&gt;
 &lt;br /&gt;
|The name of this item (pushed in by the module) &lt;br /&gt;
|-&lt;br /&gt;
|itemtype &lt;br /&gt;
|varchar(30) &lt;br /&gt;
|&lt;br /&gt;
 &lt;br /&gt;
|&#039;mod&#039;, &#039;blocks&#039;, &#039;import&#039;, &#039;calculated&#039;, &#039;category&#039; etc &lt;br /&gt;
|-&lt;br /&gt;
|itemmodule  &lt;br /&gt;
|varchar(30)  &lt;br /&gt;
|&lt;br /&gt;
 &lt;br /&gt;
|&#039;forum&#039;, &#039;quiz&#039;, &#039;csv&#039;, etc &lt;br /&gt;
|-&lt;br /&gt;
|iteminstance &lt;br /&gt;
|int(10) &lt;br /&gt;
|&lt;br /&gt;
 &lt;br /&gt;
|id of the item module &lt;br /&gt;
|-&lt;br /&gt;
|itemnumber &lt;br /&gt;
|int(10) &lt;br /&gt;
|&amp;lt;center&amp;gt;NULL&amp;lt;/center&amp;gt; &lt;br /&gt;
|Can be used to distinguish multiple grades for an activity &lt;br /&gt;
|-&lt;br /&gt;
|iteminfo &lt;br /&gt;
|text &lt;br /&gt;
|&lt;br /&gt;
 &lt;br /&gt;
|Info and notes about this item XXX &lt;br /&gt;
|-&lt;br /&gt;
|idnumber &lt;br /&gt;
|varchar(255) &lt;br /&gt;
|&amp;lt;center&amp;gt;NULL&amp;lt;/center&amp;gt; &lt;br /&gt;
|Arbitrary idnumber provided by the module responsible &lt;br /&gt;
|-&lt;br /&gt;
|gradetype &lt;br /&gt;
|int(4) &lt;br /&gt;
|&amp;lt;center&amp;gt;0&amp;lt;/center&amp;gt; &lt;br /&gt;
|0 = value, 1 = scale, 2 = text &lt;br /&gt;
|-&lt;br /&gt;
|grademax &lt;br /&gt;
|float(11,10) &lt;br /&gt;
|&amp;lt;center&amp;gt;100&amp;lt;/center&amp;gt; &lt;br /&gt;
|What is the maximum allowable grade? &lt;br /&gt;
|-&lt;br /&gt;
|grademin &lt;br /&gt;
|float(11,10) &lt;br /&gt;
|&amp;lt;center&amp;gt;0&amp;lt;/center&amp;gt; &lt;br /&gt;
|What is the minimum allowable grade? &lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;scaleid&#039;&#039;&#039; &lt;br /&gt;
|int(10) &lt;br /&gt;
|&amp;lt;center&amp;gt;NULL&amp;lt;/center&amp;gt; &lt;br /&gt;
|If this grade is based on a scale, which one is it? &lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;outcomeid&#039;&#039;&#039; &lt;br /&gt;
|int(10) &lt;br /&gt;
|&amp;lt;center&amp;gt;NULL&amp;lt;/center&amp;gt; &lt;br /&gt;
|If this grade is related to an outcome, which one is it? &lt;br /&gt;
|-&lt;br /&gt;
|gradepass&lt;br /&gt;
|float(11,10) &lt;br /&gt;
|&amp;lt;center&amp;gt;0&amp;lt;/center&amp;gt; &lt;br /&gt;
|What grade is needed to pass?  grademin &amp;lt;= gradepass &amp;lt;= grademax&lt;br /&gt;
|-&lt;br /&gt;
|multfactor &lt;br /&gt;
|float(11,10) &lt;br /&gt;
|&amp;lt;center&amp;gt;1.0&amp;lt;/center&amp;gt; &lt;br /&gt;
|Multiply all grades by this &lt;br /&gt;
|-&lt;br /&gt;
|plusfactor  &lt;br /&gt;
|float(11,10) &lt;br /&gt;
|&amp;lt;center&amp;gt;0.0&amp;lt;/center&amp;gt; &lt;br /&gt;
|Add this to all grades &lt;br /&gt;
|-&lt;br /&gt;
|sortorder &lt;br /&gt;
|int(10)  &lt;br /&gt;
|&amp;lt;center&amp;gt;0&amp;lt;/center&amp;gt; &lt;br /&gt;
|Sorting order of the columns &lt;br /&gt;
|-&lt;br /&gt;
|hidden &lt;br /&gt;
|int(10) &lt;br /&gt;
|&amp;lt;center&amp;gt;0&amp;lt;/center&amp;gt; &lt;br /&gt;
|1 is hidden, &amp;gt; 1 is a date to hide until (prevents viewing) &lt;br /&gt;
|-&lt;br /&gt;
|locked &lt;br /&gt;
|int(10) &lt;br /&gt;
|&amp;lt;center&amp;gt;0&amp;lt;/center&amp;gt; &lt;br /&gt;
|1 is locked, &amp;gt; 1 is a date to lock after (prevents update) &lt;br /&gt;
&lt;br /&gt;
|-&lt;br /&gt;
|needsupdate &lt;br /&gt;
|int(10) &lt;br /&gt;
|&amp;lt;center&amp;gt;0&amp;lt;/center&amp;gt; &lt;br /&gt;
|If this flag is set, then the whole column will be recalculated  &lt;br /&gt;
&lt;br /&gt;
|-&lt;br /&gt;
|timecreated &lt;br /&gt;
|int(10)&lt;br /&gt;
|&lt;br /&gt;
|The first time this grade_item was created&lt;br /&gt;
&lt;br /&gt;
|-&lt;br /&gt;
|timemodified &lt;br /&gt;
|int(10)&lt;br /&gt;
|&lt;br /&gt;
|The last time this grade_item was modified&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
=== grade_categories ===&lt;br /&gt;
&lt;br /&gt;
This table keeps information about categories, used for grouping items.  An associated grade_item will be maintained for each category to store the aggregate data.&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Default&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039; &lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;id&#039;&#039;&#039; &lt;br /&gt;
|int(10)  &lt;br /&gt;
|&lt;br /&gt;
|autoincrementing &lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;courseid&#039;&#039;&#039; &lt;br /&gt;
|int(10)  &lt;br /&gt;
|&lt;br /&gt;
|The course this grade category is part of &lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;parent&#039;&#039;&#039; &lt;br /&gt;
|int(10) &lt;br /&gt;
|&amp;lt;center&amp;gt;NULL&amp;lt;/center&amp;gt; &lt;br /&gt;
|Parent grade_category (hierarchical)&lt;br /&gt;
|-&lt;br /&gt;
|depth&lt;br /&gt;
|int(10) &lt;br /&gt;
|&amp;lt;center&amp;gt;0&amp;lt;/center&amp;gt; &lt;br /&gt;
|How many parents does this category have?&lt;br /&gt;
|-&lt;br /&gt;
|path&lt;br /&gt;
|varchar(255) &lt;br /&gt;
| &lt;br /&gt;
|Shows the path as /1/2/3 (like course_categories) &lt;br /&gt;
|-&lt;br /&gt;
|fullname &lt;br /&gt;
|varchar(255) &lt;br /&gt;
|&lt;br /&gt;
|The name of this grade category &lt;br /&gt;
|-&lt;br /&gt;
|aggregation &lt;br /&gt;
|int(10) &lt;br /&gt;
|&amp;lt;center&amp;gt;0&amp;lt;/center&amp;gt; &lt;br /&gt;
|A constant pointing to one of the predefined aggregation strategies (none, mean,median,sum, etc) &lt;br /&gt;
|-&lt;br /&gt;
|keephigh &lt;br /&gt;
|int(10) &lt;br /&gt;
|&amp;lt;center&amp;gt;0&amp;lt;/center&amp;gt; &lt;br /&gt;
|Keep only the X highest items &lt;br /&gt;
|-&lt;br /&gt;
|droplow &lt;br /&gt;
|int(10) &lt;br /&gt;
|&amp;lt;center&amp;gt;0&amp;lt;/center&amp;gt; &lt;br /&gt;
|Drop the X lowest items &lt;br /&gt;
|-&lt;br /&gt;
|hidden &lt;br /&gt;
|int(10) &lt;br /&gt;
|&amp;lt;center&amp;gt;0&amp;lt;/center&amp;gt; &lt;br /&gt;
|1 is hidden, &amp;gt; 1 is a date to hide until &lt;br /&gt;
|-&lt;br /&gt;
|timecreated&lt;br /&gt;
|int(10) &lt;br /&gt;
|&lt;br /&gt;
|The first time this grade_category was created&lt;br /&gt;
|-&lt;br /&gt;
|timemodified &lt;br /&gt;
|int(10) &lt;br /&gt;
|&lt;br /&gt;
|The last time this grade_category was modified&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
=== grade_calculations ===&lt;br /&gt;
&lt;br /&gt;
This table describes the calculated grade_items in more details.&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Default&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039; &lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;id&#039;&#039;&#039; &lt;br /&gt;
|int(10)  &lt;br /&gt;
|&lt;br /&gt;
|autoincrementing &lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;itemid&#039;&#039;&#039; &lt;br /&gt;
|int(10)  &lt;br /&gt;
|&lt;br /&gt;
|The grade_item this relates to &lt;br /&gt;
|-&lt;br /&gt;
|calculation&lt;br /&gt;
|text &lt;br /&gt;
|&amp;lt;center&amp;gt;NULL&amp;lt;/center&amp;gt; &lt;br /&gt;
|Formula describing how to derive this grade from other items, referring to them using [idnumber] ... eg something like:sin(square([XXXXX])) + [YYYY] &lt;br /&gt;
|-&lt;br /&gt;
|timecreated&lt;br /&gt;
|int(10) &lt;br /&gt;
|&lt;br /&gt;
|the time this calculation was first created &lt;br /&gt;
|-&lt;br /&gt;
|timemodified&lt;br /&gt;
|int(10) &lt;br /&gt;
|&lt;br /&gt;
|the time this calculation was last modified &lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;usermodified&#039;&#039;&#039;&lt;br /&gt;
|int(10) &lt;br /&gt;
|&amp;lt;center&amp;gt;NULL&amp;lt;/center&amp;gt; &lt;br /&gt;
|the userid of the person who last modified this calculation&lt;br /&gt;
&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
=== grade_grades_raw ===&lt;br /&gt;
&lt;br /&gt;
This table keeps individual grades for each user and each item, exactly as imported or submitted by modules. The grademax/min and scaleid are stored here to record the values at the time the grade was stored, because teachers might change this for an activity! All the results are normalised/resampled for the grade_grades_final table.&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Default&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039; &lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;id&#039;&#039;&#039; &lt;br /&gt;
|int(10)  &lt;br /&gt;
|&lt;br /&gt;
|autoincrementing &lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;itemid&#039;&#039;&#039; &lt;br /&gt;
|int(10)  &lt;br /&gt;
|&lt;br /&gt;
|The item this grade belongs to &lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;userid&#039;&#039;&#039; &lt;br /&gt;
|int(10) &lt;br /&gt;
|&lt;br /&gt;
|The user who this grade is for &lt;br /&gt;
|-&lt;br /&gt;
|gradevalue  &lt;br /&gt;
|float(11,10) &lt;br /&gt;
|&amp;lt;center&amp;gt;NULL&amp;lt;/center&amp;gt; &lt;br /&gt;
|If the grade is a float value (or has been converted to one) &lt;br /&gt;
|-&lt;br /&gt;
|gradescale &lt;br /&gt;
|int(10) &lt;br /&gt;
|&amp;lt;center&amp;gt;NULL&amp;lt;/center&amp;gt; &lt;br /&gt;
|If the grade is a scale value &lt;br /&gt;
|-&lt;br /&gt;
|grademax &lt;br /&gt;
|float(11,10) &lt;br /&gt;
|&amp;lt;center&amp;gt;100&amp;lt;/center&amp;gt; &lt;br /&gt;
|The maximum allowable grade when this was created &lt;br /&gt;
|-&lt;br /&gt;
|grademin &lt;br /&gt;
|float(11,10) &lt;br /&gt;
|&amp;lt;center&amp;gt;0&amp;lt;/center&amp;gt; &lt;br /&gt;
|The maximum allowable grade when this was created &lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;scaleid&#039;&#039;&#039; &lt;br /&gt;
|int(10) &lt;br /&gt;
|&amp;lt;center&amp;gt;NULL&amp;lt;/center&amp;gt; &lt;br /&gt;
|If this grade is based on a scale, which one was it? &lt;br /&gt;
|-&lt;br /&gt;
|timecreated&lt;br /&gt;
|int(10) &lt;br /&gt;
|&lt;br /&gt;
|the time this grade was first created &lt;br /&gt;
|-&lt;br /&gt;
|timemodified&lt;br /&gt;
|int(10) &lt;br /&gt;
|&lt;br /&gt;
|the time this grade was last modified &lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;usermodified&#039;&#039;&#039;&lt;br /&gt;
|int(10) &lt;br /&gt;
|NULL&lt;br /&gt;
|the userid of the person who last modified this grade&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
=== grade_grades_final ===&lt;br /&gt;
&lt;br /&gt;
This table keeps individual grades for each user and each item/category– they have undergone all scaling and other calculations, and are ready for display. This table is effectively a cache and values are rebuilt whenever source values change. The gradevalue or gradescale values are all normalised to the max/min or scaleid as defined in the grade_item table.&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Default&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039; &lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;id&#039;&#039;&#039; &lt;br /&gt;
|int(10)  &lt;br /&gt;
|&lt;br /&gt;
|autoincrementing &lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;itemid&#039;&#039;&#039; &lt;br /&gt;
|int(10)  &lt;br /&gt;
|&lt;br /&gt;
|The associated grade_item these grades belong to&lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;userid&#039;&#039;&#039; &lt;br /&gt;
|int(10) &lt;br /&gt;
|&lt;br /&gt;
|The user who this grade is for &lt;br /&gt;
|-&lt;br /&gt;
|hidden &lt;br /&gt;
|int(10) &lt;br /&gt;
|&amp;lt;center&amp;gt;0&amp;lt;/center&amp;gt; &lt;br /&gt;
|1 is hidden, &amp;gt; 1 is a date to hide until &lt;br /&gt;
|-&lt;br /&gt;
|locked&lt;br /&gt;
|int(10) &lt;br /&gt;
|&amp;lt;center&amp;gt;0&amp;lt;/center&amp;gt; &lt;br /&gt;
|1 is locked, &amp;gt; 1 is a date to lock after&lt;br /&gt;
|-&lt;br /&gt;
|exported &lt;br /&gt;
|int(10) &lt;br /&gt;
|&amp;lt;center&amp;gt;0&amp;lt;/center&amp;gt; &lt;br /&gt;
|0 is not exported, &amp;gt; 1 is the last exported date &lt;br /&gt;
|-&lt;br /&gt;
|timecreated &lt;br /&gt;
|int(10) &lt;br /&gt;
|&lt;br /&gt;
|the time this grade was first created &lt;br /&gt;
|-&lt;br /&gt;
|timemodified&lt;br /&gt;
|int(10) &lt;br /&gt;
|&lt;br /&gt;
|the time this grade was last modified &lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;usermodified&#039;&#039;&#039;&lt;br /&gt;
|int(10) &lt;br /&gt;
|NULL&lt;br /&gt;
|the userid of the person who last modified this grade&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
=== grade_grades_text ===&lt;br /&gt;
&lt;br /&gt;
This table keeps additional textual information about each individual grade, whether it be automatically generated from the module or entered manually by the teacher. It&#039;s here separate from the all-numeric grade_grades for database efficiency reasons.&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Default&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039; &lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;id&#039;&#039;&#039; &lt;br /&gt;
|int(10)  &lt;br /&gt;
|&lt;br /&gt;
 &lt;br /&gt;
|autoincrementing &lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;gradesid&#039;&#039;&#039; &lt;br /&gt;
|int(10)  &lt;br /&gt;
|&lt;br /&gt;
 &lt;br /&gt;
|The exact grade in grade_grades_raw this corresponds to &lt;br /&gt;
|-&lt;br /&gt;
|information &lt;br /&gt;
|text &lt;br /&gt;
|&amp;lt;center&amp;gt;NULL&amp;lt;/center&amp;gt; &lt;br /&gt;
|Further information like forum rating distribution 4/5/7/0/1 &lt;br /&gt;
|-&lt;br /&gt;
|feedback &lt;br /&gt;
|text &lt;br /&gt;
|&amp;lt;center&amp;gt;NULL&amp;lt;/center&amp;gt; &lt;br /&gt;
|Manual feedback from the teacher. Could be a code like &#039;mi&#039;. &lt;br /&gt;
|-&lt;br /&gt;
|timecreated&lt;br /&gt;
|int(10) &lt;br /&gt;
|&lt;br /&gt;
 &lt;br /&gt;
|the time these entry was first created &lt;br /&gt;
|-&lt;br /&gt;
|timemodified&lt;br /&gt;
|int(10) &lt;br /&gt;
|&lt;br /&gt;
 &lt;br /&gt;
|the time this entry was last updated &lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;usermodified&#039;&#039;&#039;&lt;br /&gt;
|int(10) &lt;br /&gt;
|&amp;lt;center&amp;gt;NULL&amp;lt;/center&amp;gt; &lt;br /&gt;
|the userid of the person who last modified this entry&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
=== grade_outcomes ===&lt;br /&gt;
&lt;br /&gt;
This table describes the outcomes used in the system. An outcome is a statement tied to a rubric scale from low to high, such as “Not met, Borderline, Met” (stored as 0,1 or 2)&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Default&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039; &lt;br /&gt;
&lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;id&#039;&#039;&#039; &lt;br /&gt;
|int(10)  &lt;br /&gt;
|&lt;br /&gt;
|autoincrementing &lt;br /&gt;
&lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;courseid&#039;&#039;&#039; &lt;br /&gt;
|int(10)  &lt;br /&gt;
|&amp;lt;center&amp;gt;NULL&amp;lt;/center&amp;gt; &lt;br /&gt;
|Mostly these are defined site wide ie NULL &lt;br /&gt;
&lt;br /&gt;
|-&lt;br /&gt;
|shortname &lt;br /&gt;
|varchar(255) &lt;br /&gt;
|&lt;br /&gt;
|The short name or code for this outcome statement &lt;br /&gt;
&lt;br /&gt;
|-&lt;br /&gt;
|fullname &lt;br /&gt;
|text &lt;br /&gt;
|&lt;br /&gt;
|The full description of the outcome (usually 1 sentence) &lt;br /&gt;
&lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;scaleid&#039;&#039;&#039; &lt;br /&gt;
|int(10) &lt;br /&gt;
|&lt;br /&gt;
|The recommended scale for this outcome.  &lt;br /&gt;
&lt;br /&gt;
|-&lt;br /&gt;
|timecreated&lt;br /&gt;
|int(10) &lt;br /&gt;
|&lt;br /&gt;
|the time this outcome was first created &lt;br /&gt;
&lt;br /&gt;
|-&lt;br /&gt;
|timemodified&lt;br /&gt;
|int(10) &lt;br /&gt;
|&lt;br /&gt;
|the time this outcome was last updated &lt;br /&gt;
&lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;usermodified&#039;&#039;&#039;&lt;br /&gt;
|int(10) &lt;br /&gt;
|&amp;lt;center&amp;gt;NULL&amp;lt;/center&amp;gt; &lt;br /&gt;
|the userid of the person who last modified this outcome&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
=== grade_history ===&lt;br /&gt;
&lt;br /&gt;
This table keeps track of grade changes.  Using this it should be possible to reconstruct the grades at any point in time in the past, or to audit grade changes over time.  It should be quicker to use this table for that, rather than storing this information in the main Moodle log.&lt;br /&gt;
&lt;br /&gt;
Note we use itemid and userid as a key rather than grade_grade id, just in case one of the things we want to log here is the deletion of a grade entirely.&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Default&#039;&#039;&#039; &lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039; &lt;br /&gt;
&lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;id&#039;&#039;&#039; &lt;br /&gt;
|int(10)  &lt;br /&gt;
|&lt;br /&gt;
|autoincrementing &lt;br /&gt;
&lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;itemid&#039;&#039;&#039; &lt;br /&gt;
|int(10)  &lt;br /&gt;
|&lt;br /&gt;
|The grade_item the grade is from &lt;br /&gt;
&lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;userid&#039;&#039;&#039;&lt;br /&gt;
|int(10)&lt;br /&gt;
|&lt;br /&gt;
|The user that the grade belongs to &lt;br /&gt;
&lt;br /&gt;
|-&lt;br /&gt;
|oldgrade &lt;br /&gt;
|float&lt;br /&gt;
|NULL&lt;br /&gt;
|The original grade before the change&lt;br /&gt;
&lt;br /&gt;
|-&lt;br /&gt;
|newgrade&lt;br /&gt;
|float&lt;br /&gt;
|NULL&lt;br /&gt;
|The new grade after the change&lt;br /&gt;
&lt;br /&gt;
|-&lt;br /&gt;
|note&lt;br /&gt;
|text&lt;br /&gt;
|NULL&lt;br /&gt;
|An optional note about why this change was made&lt;br /&gt;
&lt;br /&gt;
|-&lt;br /&gt;
|howmodified&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|manual&lt;br /&gt;
|What caused the modification? manual/module/import/...&lt;br /&gt;
&lt;br /&gt;
|-&lt;br /&gt;
|&#039;&#039;&#039;usermodified&#039;&#039;&#039;&lt;br /&gt;
|int(10)&lt;br /&gt;
|&amp;lt;center&amp;gt;NULL&amp;lt;/center&amp;gt; &lt;br /&gt;
|The user id of the person who made the change &lt;br /&gt;
&lt;br /&gt;
|-&lt;br /&gt;
|timemodified&lt;br /&gt;
|int(10) &lt;br /&gt;
|&lt;br /&gt;
|The exact time this change was made&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
== Overview of module communication ==&lt;br /&gt;
&lt;br /&gt;
Modules will often store internal copies of grades for calculations or for showing grades to students etc, but these are &#039;&#039;purely&#039;&#039; internal. The gradebook system will never access these directly.&lt;br /&gt;
&lt;br /&gt;
A new feature in Moodle 1.9 is a simple [[Events|event handler]]. The new gradebook will be the first feature in Moodle to take advantage of events, and all communication between the gradebook and the modules will take place via event messages.  See [[Events]] for full details.&lt;br /&gt;
&lt;br /&gt;
There are two ways that data is transferred between the module and the gradebook:&lt;br /&gt;
&lt;br /&gt;
;&#039;&#039;&#039;1. Modules post grade events&#039;&#039;&#039; : Whenever a new grade is created, the module should post a grading event so that the gradebook can pick it up. As long as that column in the gradebook is not “locked” then the new grades will be entered (overwriting any existing ones).&lt;br /&gt;
;&#039;&#039;&#039;2. Gradebook posts grade events&#039;&#039;&#039; :Whenever a grade is altered in the gradebook (for example, a teacher may want to change an assignment grade), then an event is posted so that the module can pick it up. If the module implements this “reverse” function then the internal grade in the module can be changed.&lt;br /&gt;
&lt;br /&gt;
=== Backward compatibility with Moodle 1.8 and earlier ===&lt;br /&gt;
&lt;br /&gt;
:For backward compatibility with old third-party modules, we will add a new function called grades_grab_grades() to admin/cron.php to search all mod/xxx/lib.php files for functions named xxx_grades(). &lt;br /&gt;
&lt;br /&gt;
:These legacy functions will be called to extract all the grades for all the activities in each course. Once the data is extracted, the moodle_event_post() function can be called to initiate an event as usual and copy/upgrade the data in the gradebook tables.&lt;br /&gt;
&lt;br /&gt;
:A similar function will be added to new modules to trigger a “mass copy” of all the existing grades into the new gradebook. This will be useful during the upgrade from 1.8 as well as being available in the normal gradebook interface to “refresh” a column from primary data.&lt;br /&gt;
&lt;br /&gt;
== Core API functions ==&lt;br /&gt;
&lt;br /&gt;
Even though most of the communication will take place via events, there are a few core functions in lib/gradelib.php that will be useful for modules:&lt;br /&gt;
&lt;br /&gt;
===grade_get_items()===&lt;br /&gt;
&lt;br /&gt;
eg grade_get_items($courseid, $itemname=NULL, $itemtype=NULL, $itemmodule=NULL, $iteminstance=NULL, $itemnumber=NULL, $idnumber=NULL)&lt;br /&gt;
&lt;br /&gt;
For extracting all the information about what grading items are attached to something.  For example, an assignment may want to retrieve all the grade_items for itself, and get three outcome scales in return.  This will affect the grading interface.&lt;br /&gt;
&lt;br /&gt;
===grade_create_item()===&lt;br /&gt;
&lt;br /&gt;
To create a new grade_item in case it doesn&#039;t exist.  This function would be called when a module is created or updated, for example, to ensure grade_item entries exist.   It&#039;s not essential though - if grades are being added later and a matching grade_item doesn&#039;t exist yet, the gradebook will create them on the fly.&lt;br /&gt;
&lt;br /&gt;
===grade_create_category()===&lt;br /&gt;
&lt;br /&gt;
eg grade_create_category(fullname, array of items, aggregation, etc ...)&lt;br /&gt;
For a given set of items, create a category to group them together (if one doesn&#039;t exist yet).  Modules may want to do this when they are created.  However, the ultimate control is in the gradebook interface itself.&lt;br /&gt;
&lt;br /&gt;
===grade_is_locked()===&lt;br /&gt;
&lt;br /&gt;
eg grade_is_locked($itemtype, $itemmodule, $iteminstance, $userid=NULL)&lt;br /&gt;
&lt;br /&gt;
This function will tell a module whether a grade (or grade_item if $userid is not given) is currently locked or not.  This is a combination of the actual settings in the grade tables and a check on moodle/course:editgradeswhenlocked.  If it&#039;s locked to the current use then the module can print a nice message or prevent editing in the module. ([http://moodle.org/mod/forum/discuss.php?d=69223#p311329 info])&lt;br /&gt;
&lt;br /&gt;
== Dealing with multiple grades  ==&lt;br /&gt;
&lt;br /&gt;
Modules will often produce several grade items. This may be several attempts, say, like the quiz module, or more commonly, ratings based on several outcomes. It is &#039;&#039;&#039;up to the module&#039;&#039;&#039; whether these grades are aggregated BEFORE sending to the gradebook as a single number, or are sent in raw form to the gradebook. &lt;br /&gt;
&lt;br /&gt;
Pre-aggregration makes the most sense for a quiz, say, which already implements algorithms to calculate a single number for each student. In such a case there will only be one grade item from a particular quiz.&lt;br /&gt;
&lt;br /&gt;
For anything that uses outcomes with grades against multiple rubrics (such as an assignment), it would make the most sense to just pass all the results through to the gradebook as individual grade items.&lt;br /&gt;
&lt;br /&gt;
If the gradebook receives multiple grade items from a module, then they are automatically grouped together in a unique grade category (with the same name as the module instance). This is simply done by checking/creating the category whenever a second item from the same instance is being added. All the grading items will by default appear separate in the gradebook GUI, but can be easily “combined” by choosing an aggregation algorithm from a list (such as “Sum, Mean, Median, etc ...), plus “Keep X high, Drop X Low” together with scaling/shifting via the Multiplication and Plus factors etc.&lt;br /&gt;
&lt;br /&gt;
== Calculated grade items  ==&lt;br /&gt;
&lt;br /&gt;
A calculated grade item can operate on any arbitrary other items. It is not connected to any particular module. &lt;br /&gt;
&lt;br /&gt;
The calculated values are re-calculated and stored in the grade_grades_final table whenever any of the values in the source items is changed. To avoid doing this for every grade_post event, we just set the “needsupdate” field on the relevant calculated grade item columns, then recalculate those columns at the next display time and reset the flag.&lt;br /&gt;
&lt;br /&gt;
== Displaying the grades to ordinary participants  ==&lt;br /&gt;
&lt;br /&gt;
The module takes responsibility for displaying grades within the module (to a student, say). Normally they would use internal tables to do so. However, there is a grade_get_grades() function available for modules to query the core gradebook for grades (if required).&lt;br /&gt;
&lt;br /&gt;
For full display of grades in a whole course say, the student uses the same link as teachers use to access the gradebook. However, due to their different permissions they will only have access to specific reports. By default this is the “singleuser” report which only shows their own grades and has very few configuration options.&lt;br /&gt;
&lt;br /&gt;
== Locked grades  ==&lt;br /&gt;
&lt;br /&gt;
Both whole columns and individual grades can be locked in the gradebook, via the &amp;quot;locked&amp;quot; field.  Teachers may want to do this to prevent further changes from the modules, or from other teachers.  When a grade is locked, any grading events that might affect that grade are ignored.  When the graded is unlocked, an &amp;quot;unlock&amp;quot; event is triggered, which allows a module to handle it by sending the latest new grades back.&lt;br /&gt;
&lt;br /&gt;
In the main GUIs the lock toggling will be achieved by clicking on a little padlock icon beside each entry or column.&lt;br /&gt;
&lt;br /&gt;
== Manually modified grades ==&lt;br /&gt;
&lt;br /&gt;
Grades can be manually modified (overriden) in the gradebook.  When this is done to grade_items derived from a module&#039;s grades, and the new value is different from the original one, then the field will automatically be given a locked status (it can of course be unlocked immediately if one wishes).   This is to prevent new grading events from changing the manually entered values unexpectedly.&lt;br /&gt;
&lt;br /&gt;
== Clean up after old activities == &lt;br /&gt;
&lt;br /&gt;
By default columns (grade items) will remain in the gradebook even when activities are deleted.  A manual &#039;clean-up&#039; button can delete old columns if required.  &lt;br /&gt;
&lt;br /&gt;
When you click the &#039;Clean up&#039; button, it shows you a list of columns that should be deleted, with a checkbox next to each one (on by default, but you can turn it off if you want to keep that column still) and then another button click to really delete the marked columns.&lt;br /&gt;
&lt;br /&gt;
Otherwise there will be a site option to do this automatically whenever activities are deleted.&lt;br /&gt;
&lt;br /&gt;
== Logging ==&lt;br /&gt;
&lt;br /&gt;
As well as datestamps and userids in the tables, all grading events will be logged in case an audit needs to be made.&lt;br /&gt;
&lt;br /&gt;
== Security Issues ==&lt;br /&gt;
&lt;br /&gt;
For security an option to force SSL for the gradebook might be good.&lt;br /&gt;
&lt;br /&gt;
==Overall grade==&lt;br /&gt;
&lt;br /&gt;
Having an overall grade handy allows us to know exactly when a course is &amp;quot;finished&amp;quot;.  Exactly how do we specify the &amp;quot;overall&amp;quot; grade?  It&#039;s a special case, and might not always be just the sum.&lt;br /&gt;
&lt;br /&gt;
The best solution is probably to have a special calculated column (grade_item) for every course that can not be deleted.  It&#039;s made special because the itemtype is &#039;total&#039; (one per course).  The calculation formula should be updated automatically whenever grade_items are changed in that course to be the &amp;quot;sum&amp;quot; of all the grade_items in the course.&lt;br /&gt;
&lt;br /&gt;
However, if the calculation is edited manually then we should lock the calculation formula.   We could do this by setting the iteminfo field to something.  Clearing the calculation to an empty string could force it back to an automatic calculation formula.&lt;br /&gt;
&lt;br /&gt;
== Metacourses ==&lt;br /&gt;
&lt;br /&gt;
All grades in sub-courses should also be viewable from a metacourse.&lt;br /&gt;
&lt;br /&gt;
== Report plugins ==&lt;br /&gt;
All the main interface of the gradebook will be implemented as report plugins. Each plugin is fully responsible for defining the interface between the header and footer. They can even define their own capabilities and extra tables if the core tables are not enough, as they&#039;ll have a full /grade/report/xxxx/db directory.&lt;br /&gt;
&lt;br /&gt;
Each report will need to define one capability to allow people to see that report, so that admins have control over who can see what reports. For example, the student interface can be a totally separate report plugin.&lt;br /&gt;
&lt;br /&gt;
This allows for the widest flexibility and safety in how grades are presented.&lt;br /&gt;
&lt;br /&gt;
=== Default teacher interface ===&lt;br /&gt;
This interface will be what teachers see by default, and will subsume everything the current interface (in Moodle 1.8) does.&lt;br /&gt;
&lt;br /&gt;
Some snippets of functionality:&lt;br /&gt;
&lt;br /&gt;
Overall it&#039;s a grid, with student names down one side and grade items along the top. &lt;br /&gt;
&lt;br /&gt;
Teachers can type “straight into” the grid using AJAX or fallback to forms. No popup menus for values.&lt;br /&gt;
&lt;br /&gt;
Columns will be able to be collapsed together by grouping them into categories. Grades for categories can be calculated via various means.&lt;br /&gt;
&lt;br /&gt;
“Eye-cons” on the columns and checkboxes by every grade (this bit possibly controlled with a switch) allow hiding by category, by column, by individual grade.&lt;br /&gt;
&lt;br /&gt;
Textual notes can be added to each grade for more info. These show up to students as well. Later on we can support customisable shorthand codes to make data entry quick (eg type &#039;ab&#039; for absent, or &#039;nge&#039; for not good enough).&lt;br /&gt;
&lt;br /&gt;
A groups menu allows the teacher to switch between showing EACH of the groups they have access to, or ALL the groups they have access to.&lt;br /&gt;
&lt;br /&gt;
All grade items will link to modulepath/grade.php?id=44 which will work out what the current person should be allowed to see and either redirect them to the correct page or just show them immediately.   This copes with situations like the quiz, say, where we want editing teachers to go to the detailed reports there while students just see their own grade or whatever the quiz is set to show.&lt;br /&gt;
&lt;br /&gt;
User preference to SWITCH between showing raw grades, percentage grades, or both, or grade letters (A/B/C etc).  &lt;br /&gt;
&lt;br /&gt;
Settings for grade letters not only define the transformation from percentage to grades, but also the transformation from letters to grades (in case the teacher edits some of the letter grades).&lt;br /&gt;
&lt;br /&gt;
Categories are shown above the headings for each column.  Clicking for more info on a category will just show the category with a summary column showing total/average for just that category (PLUS the summary column for the whole course).&lt;br /&gt;
&lt;br /&gt;
All columns should be sortable up/down.&lt;br /&gt;
&lt;br /&gt;
At the bottom of each column is a row with the mean course score.  If in groups mode, then add ANOTHER row with just the group mean. Add the number of grades used in brackets.  eg 56% (11).   When the report is paged, these means are still for the whole course/group (not the page!)&lt;br /&gt;
&lt;br /&gt;
=== Default student interface ===&lt;br /&gt;
This interface will be what students see by default:&lt;br /&gt;
&lt;br /&gt;
Some snippets of functionality:&lt;br /&gt;
&lt;br /&gt;
Invert the grid to show one item per row, with the total/average at the bottom.&lt;br /&gt;
&lt;br /&gt;
Use second/third columns to show categories.&lt;br /&gt;
&lt;br /&gt;
Include ranking score in another column.&lt;br /&gt;
&lt;br /&gt;
Include class mean scores in a final column for comparison.&lt;br /&gt;
&lt;br /&gt;
No editing functionality.&lt;br /&gt;
&lt;br /&gt;
== Export plugins ==&lt;br /&gt;
&lt;br /&gt;
The API for these is extremely simple.  Each export plugin should occupy a directory under /grade/export/xyz and needs to provide only an index.php file as a the primary interface.  This file can accept parameters that produce a subset of the grades:&lt;br /&gt;
&lt;br /&gt;
* courseid&lt;br /&gt;
* groupid&lt;br /&gt;
* categoryid&lt;br /&gt;
* itemid&lt;br /&gt;
* userid&lt;br /&gt;
&lt;br /&gt;
The index.php can choose to simply dump something (eg an Excel spreadsheet) and return, or it can show an interface for further options and selections.  Ideally even if it dumps something it should also show some feedback about what was exported to make it easier to double check what was sent, but this is up to the plugin to implement.&lt;br /&gt;
&lt;br /&gt;
Further if the plugin contains a lib.php and an xyz_visible() function then the gradebook can check this function to make sure the current user can see/use the plugin (eg by checking access permissions).   If this function returns false then the export method won&#039;t appear in the main gradebook interfaces.&lt;br /&gt;
&lt;br /&gt;
The export plugins are a &amp;quot;full&amp;quot; Moodle plugin, so it can have tables, cron functions, event handlers, capabilities etc.  For example, an export plugin might not even have a GUI (ie xyz_visible() is always false and/or index.php doesn&#039;t exist) - it might operate solely off cron or event triggers.&lt;br /&gt;
&lt;br /&gt;
== Import plugins ==&lt;br /&gt;
&lt;br /&gt;
Each import plugin should occupy a directory under /grade/import/xyz and needs to provide only an index.php file as a the primary interface.  This file just accepts a &#039;courseid&#039; parameter.&lt;br /&gt;
&lt;br /&gt;
The index.php will show an interface for further options and selections.&lt;br /&gt;
&lt;br /&gt;
Further if the plugin contains a lib.php and an xyz_visible() function then the gradebook can check this function to make sure the current user can see/use the plugin.   If this function returns false then the import method won&#039;t appear in the main gradebook interfaces.&lt;br /&gt;
&lt;br /&gt;
The import plugins are a &amp;quot;full&amp;quot; Moodle plugin, so it can have tables, cron functions, event handlers, capabilities etc.  For example, an import plugin might not even have a GUI (ie xyz_visible() is always false and/or index.php doesn&#039;t exist) - it might operate solely off cron or event triggers.&lt;br /&gt;
&lt;br /&gt;
The entire import must be treated as one operation.  If it fails, then no records should be imported and the database is unchanged.&lt;br /&gt;
&lt;br /&gt;
Some sample import plugins are:&lt;br /&gt;
&lt;br /&gt;
===Import from CSV===&lt;br /&gt;
&lt;br /&gt;
Accepts an upload of (or URL to) a CSV file.  Multiple options describe how to process the file, which columns to add etc.  These should be sticky, and retained via user preferences to make future imports easier.&lt;br /&gt;
&lt;br /&gt;
===Import from XML===&lt;br /&gt;
&lt;br /&gt;
Accepts an upload of (or URL to) an XML file with this kind of format (from OU). &lt;br /&gt;
&lt;br /&gt;
 &amp;lt;results batch=&amp;quot;[someuniqueimportnumber]&amp;quot;&amp;gt;&lt;br /&gt;
     &amp;lt;result&amp;gt;&lt;br /&gt;
         &amp;lt;state&amp;gt;[&#039;new&#039; or &#039;regrade&#039;]&amp;lt;/state&amp;gt;&lt;br /&gt;
             &amp;lt;assignment&amp;gt;[idnumber]&amp;lt;/assignmentid&amp;gt;&lt;br /&gt;
             &amp;lt;student&amp;gt;[studentid]&amp;lt;/student&amp;gt;&lt;br /&gt;
             &amp;lt;score&amp;gt;[score]&amp;lt;/score&amp;gt;&lt;br /&gt;
         &amp;lt;/result&amp;gt;&lt;br /&gt;
         &amp;lt;result&amp;gt;&lt;br /&gt;
             &amp;lt;state&amp;gt;[&#039;new&#039; or &#039;regrade&#039;]&amp;lt;/state&amp;gt;&lt;br /&gt;
             &amp;lt;assignment&amp;gt;[idnumber]&amp;lt;/assignmentid&amp;gt;&lt;br /&gt;
             &amp;lt;student&amp;gt;[studentid]&amp;lt;/student&amp;gt;&lt;br /&gt;
             &amp;lt;score&amp;gt;[score]&amp;lt;/score&amp;gt;&lt;br /&gt;
         &amp;lt;/result&amp;gt;&lt;br /&gt;
         [...]&lt;br /&gt;
 &amp;lt;/results&amp;gt;&lt;br /&gt;
&lt;br /&gt;
== Capabilities and Permissions ==&lt;br /&gt;
&lt;br /&gt;
* moodle/course:viewcoursegrades&lt;br /&gt;
&lt;br /&gt;
* moodle/course:downloadcoursegrades&lt;br /&gt;
&lt;br /&gt;
* moodle/user:viewusergrades&lt;br /&gt;
&lt;br /&gt;
* moodle/grade:viewhidden&lt;br /&gt;
&lt;br /&gt;
* moodle/grade:editlocked&lt;br /&gt;
&lt;br /&gt;
* moodle:site/accessallgroups&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
== Interface Mockups ==&lt;br /&gt;
&lt;br /&gt;
Nicolas is working on a mock-up interface that you can play with:&lt;br /&gt;
&lt;br /&gt;
    [http://test.moodle.com/gradebook/ Mock Gradebook]&lt;br /&gt;
&lt;br /&gt;
It&#039;s changing rapidly in response to your feedback.&lt;br /&gt;
&lt;br /&gt;
== Rough Development Timeline ==&lt;br /&gt;
&lt;br /&gt;
# Develop Event API&lt;br /&gt;
## Core tables&lt;br /&gt;
## events.php to load/maintain handlers&lt;br /&gt;
## Core API functions lib/eventslib.php and unit tests&lt;br /&gt;
# Develop Core Gradebook&lt;br /&gt;
## Core tables&lt;br /&gt;
## Core API functions lib/gradelib.php and unit tests&lt;br /&gt;
## Core handler for grade changes&lt;br /&gt;
## Define plugin directory structure&lt;br /&gt;
## Cron job for support of legacy grade functions in modules&lt;br /&gt;
# Core Moodle improvements&lt;br /&gt;
## Support for all grades-based plugins for db, cron, access.php, events.php etc&lt;br /&gt;
# Develop Core activity modules&lt;br /&gt;
## Triggers for all major activity modules&lt;br /&gt;
## Handlers for all major activity modules&lt;br /&gt;
# Reports&lt;br /&gt;
## Standard report for teachers&lt;br /&gt;
## Standard report for students&lt;br /&gt;
# Exports&lt;br /&gt;
## Standard exports (like 1.8)&lt;br /&gt;
## XML export (OU format)&lt;br /&gt;
# Imports&lt;br /&gt;
## CSV format&lt;br /&gt;
&lt;br /&gt;
== See also ==&lt;br /&gt;
&lt;br /&gt;
* [http://moodle.org/mod/forum/discuss.php?d=69223&amp;amp;mode=3 Gradebook Development ideas] forum discussion&lt;br /&gt;
* Using Moodle [http://moodle.org/mod/forum/discuss.php?d=51107 New gradebook for Moodle] forum discussion&lt;br /&gt;
* [[Events]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[Category:Grades]]&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6519</id>
		<title>Old Events API</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6519"/>
		<updated>2007-04-18T06:54:41Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* events_queue_handlers */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;The Events API is a new core system in Moodle to allow better communication between modules.  It&#039;s based on modules triggering new events with attached data, and the other modules handling those events with custom functions.&lt;br /&gt;
&lt;br /&gt;
==Overview==&lt;br /&gt;
&lt;br /&gt;
We&#039;ll be using the example of a grade being posted from a module into the [[Grades|new gradebook in Moodle 1.9]], but there are obviously all kinds of events possible.&lt;br /&gt;
&lt;br /&gt;
===Triggering an event===&lt;br /&gt;
&lt;br /&gt;
Whenever a grade is created or changed by a module, it should “tell” the system about it (in addition to any local working storage it uses).   So, using the quiz as an example, we first define an object as follows:&lt;br /&gt;
&lt;br /&gt;
 $eventdata = new object;&lt;br /&gt;
 $eventdata-&amp;gt;courseid = $course-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemname = $quiz-&amp;gt;name;&lt;br /&gt;
 $eventdata-&amp;gt;itemtype = &#039;mod&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;itemmodule = &#039;quiz&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;iteminstance = $quiz-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemnumber = 1;&lt;br /&gt;
 $eventdata-&amp;gt;iteminfo = $quiz-&amp;gt;info;&lt;br /&gt;
 $eventdata-&amp;gt;idnumber = $cm-&amp;gt;idnumber;   // new field in 1.9&lt;br /&gt;
 $eventdata-&amp;gt;grademax = $quiz-&amp;gt;grade;&lt;br /&gt;
 $eventdata-&amp;gt;grademin = 0;&lt;br /&gt;
 $eventdata-&amp;gt;userid = $USER-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;gradevalue = $currentvalue;&lt;br /&gt;
&lt;br /&gt;
Then we post the object as an event and forget about it:&lt;br /&gt;
&lt;br /&gt;
 trigger_event(&#039;grade_added&#039;, $eventdata);&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
===Handling an event===&lt;br /&gt;
&lt;br /&gt;
Modules can define an events.php in their db directory which defines events they want to be notified about, and describes which of their functions or class methods should be notified.   For example, an export  plugin could register something like:&lt;br /&gt;
&lt;br /&gt;
 $events = array (&lt;br /&gt;
    &#039;grade_added&#039; =&amp;gt; array (&lt;br /&gt;
         &#039;file&#039;        =&amp;gt; &#039;/grade/export/banner/lib.php&#039;,&lt;br /&gt;
         &#039;function&#039;  =&amp;gt; &#039;banner_handle_grade&#039;,    // argument to call_user_func(), could be an array&lt;br /&gt;
         &#039;timing&#039;    =&amp;gt; &#039;cron&#039;&lt;br /&gt;
     );&lt;br /&gt;
 );&lt;br /&gt;
&lt;br /&gt;
These are parsed during install / upgrade and stored in a simple database table.&lt;br /&gt;
&lt;br /&gt;
Then, when a grade_added event happens, all the registered functions for that event will be called something like this (but with more error handling):&lt;br /&gt;
&lt;br /&gt;
          include_once($CFG-&amp;gt;dirroot.$events[&#039;grade_added&#039;][&#039;file&#039;];&lt;br /&gt;
          call_user_func($events[&#039;grade_added&#039;][&#039;function&#039;], $eventdata);&lt;br /&gt;
&lt;br /&gt;
All plugins in Moodle have access to this and can this easily “hook in” to &#039;grade_added&#039; events (and of course any other events).&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Database structure==&lt;br /&gt;
&lt;br /&gt;
There are 3 core tables for events. Note that if a handler is queued, and yet to be processed or processing failed, then all subsequent calls on that handler must be queued.&lt;br /&gt;
&lt;br /&gt;
===events_handlers===&lt;br /&gt;
&lt;br /&gt;
This table is for storing which components requests what type of event, and the location of the responsible handlers. For example, the grade book can register &#039;grade_added&#039; event with a function add_grade() that should be called event time an &#039;grade_added&#039; event is triggered by a module.&lt;br /&gt;
&lt;br /&gt;
These entries are created by parsing events.php files in all the modules, and can be rebuilt any time (during an upgrade, say).&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|-&lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|-&lt;br /&gt;
|eventname&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|name of the event, e.g. &#039;grade_added&#039;&lt;br /&gt;
|-&lt;br /&gt;
|handlermodule&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|e.g. moodle, mod/forum, block/rss_client&lt;br /&gt;
|-&lt;br /&gt;
|handlerfile&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|path to the file of the function, eg /grade/export/lib.php&lt;br /&gt;
|-&lt;br /&gt;
|handlerfunction&lt;br /&gt;
|text&lt;br /&gt;
|serialized string or array describing function, suitable to be passed to &#039;&#039;&#039;call_user_func()&#039;&#039;&#039;&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
===events_queues===&lt;br /&gt;
&lt;br /&gt;
This table is for storing queued events. It stores only one copy of the eventdata here, and entries from this table are being references by the event_queue_handlers_todo table.&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|-&lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|-&lt;br /&gt;
|eventdata 	&lt;br /&gt;
|longtext 	&lt;br /&gt;
|serialized version of the data object passed to the event handler.&lt;br /&gt;
|-&lt;br /&gt;
|schedule 	&lt;br /&gt;
|varchar(255) 	&lt;br /&gt;
|&#039;cron&#039; or &#039;instant&#039;.&lt;br /&gt;
|-&lt;br /&gt;
|stackdump&lt;br /&gt;
|text&lt;br /&gt;
|serialized debug_backtrace showing where the event was fired from&lt;br /&gt;
|-&lt;br /&gt;
|userid&lt;br /&gt;
|int(10)&lt;br /&gt;
|$USER-&amp;gt;id when the event was fired&lt;br /&gt;
|-&lt;br /&gt;
|timecreated&lt;br /&gt;
|int(10) 	&lt;br /&gt;
|time stamp of the first time this was added&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
===events_queue_handlers===&lt;br /&gt;
&lt;br /&gt;
This is the list of queued handlers for processing. The event object is retrieved from the event_queues table. When no further reference is made to the event_queues table, the corresponding entry in the event_queues table should be deleted. Entry should get deleted (?) after a successful event processing by the specified handler.&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|- &lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|-&lt;br /&gt;
|queuedeventid&lt;br /&gt;
|int(10)&lt;br /&gt;
|foreign key id corresponding to the id of the event_queues table&lt;br /&gt;
|-&lt;br /&gt;
|handlerid&lt;br /&gt;
|int(10)&lt;br /&gt;
|foreign key id corresponding to the id of the event_handlers table&lt;br /&gt;
|-&lt;br /&gt;
|status&lt;br /&gt;
|int(10)&lt;br /&gt;
|number of failed attempts to process this handler&lt;br /&gt;
|-&lt;br /&gt;
|errormessage&lt;br /&gt;
|text&lt;br /&gt;
|if an error happened last time we tried to process this event, record it here.&lt;br /&gt;
|-&lt;br /&gt;
|timemodified&lt;br /&gt;
|int(10)&lt;br /&gt;
|time stamp of the last attempt to run this from the queue&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
==Standards for naming events==&lt;br /&gt;
&lt;br /&gt;
All event names should follow a consistent naming pattern, such as modulename_noun_verb&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
== See also ==&lt;br /&gt;
&lt;br /&gt;
* [http://moodle.org/mod/forum/discuss.php?d=69103 General Developer Forum thread for discussing this proposal]. &lt;br /&gt;
* [[Grades]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[Category:Grades]]&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6518</id>
		<title>Old Events API</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6518"/>
		<updated>2007-04-18T06:54:01Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* events_queued_events */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;The Events API is a new core system in Moodle to allow better communication between modules.  It&#039;s based on modules triggering new events with attached data, and the other modules handling those events with custom functions.&lt;br /&gt;
&lt;br /&gt;
==Overview==&lt;br /&gt;
&lt;br /&gt;
We&#039;ll be using the example of a grade being posted from a module into the [[Grades|new gradebook in Moodle 1.9]], but there are obviously all kinds of events possible.&lt;br /&gt;
&lt;br /&gt;
===Triggering an event===&lt;br /&gt;
&lt;br /&gt;
Whenever a grade is created or changed by a module, it should “tell” the system about it (in addition to any local working storage it uses).   So, using the quiz as an example, we first define an object as follows:&lt;br /&gt;
&lt;br /&gt;
 $eventdata = new object;&lt;br /&gt;
 $eventdata-&amp;gt;courseid = $course-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemname = $quiz-&amp;gt;name;&lt;br /&gt;
 $eventdata-&amp;gt;itemtype = &#039;mod&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;itemmodule = &#039;quiz&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;iteminstance = $quiz-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemnumber = 1;&lt;br /&gt;
 $eventdata-&amp;gt;iteminfo = $quiz-&amp;gt;info;&lt;br /&gt;
 $eventdata-&amp;gt;idnumber = $cm-&amp;gt;idnumber;   // new field in 1.9&lt;br /&gt;
 $eventdata-&amp;gt;grademax = $quiz-&amp;gt;grade;&lt;br /&gt;
 $eventdata-&amp;gt;grademin = 0;&lt;br /&gt;
 $eventdata-&amp;gt;userid = $USER-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;gradevalue = $currentvalue;&lt;br /&gt;
&lt;br /&gt;
Then we post the object as an event and forget about it:&lt;br /&gt;
&lt;br /&gt;
 trigger_event(&#039;grade_added&#039;, $eventdata);&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
===Handling an event===&lt;br /&gt;
&lt;br /&gt;
Modules can define an events.php in their db directory which defines events they want to be notified about, and describes which of their functions or class methods should be notified.   For example, an export  plugin could register something like:&lt;br /&gt;
&lt;br /&gt;
 $events = array (&lt;br /&gt;
    &#039;grade_added&#039; =&amp;gt; array (&lt;br /&gt;
         &#039;file&#039;        =&amp;gt; &#039;/grade/export/banner/lib.php&#039;,&lt;br /&gt;
         &#039;function&#039;  =&amp;gt; &#039;banner_handle_grade&#039;,    // argument to call_user_func(), could be an array&lt;br /&gt;
         &#039;timing&#039;    =&amp;gt; &#039;cron&#039;&lt;br /&gt;
     );&lt;br /&gt;
 );&lt;br /&gt;
&lt;br /&gt;
These are parsed during install / upgrade and stored in a simple database table.&lt;br /&gt;
&lt;br /&gt;
Then, when a grade_added event happens, all the registered functions for that event will be called something like this (but with more error handling):&lt;br /&gt;
&lt;br /&gt;
          include_once($CFG-&amp;gt;dirroot.$events[&#039;grade_added&#039;][&#039;file&#039;];&lt;br /&gt;
          call_user_func($events[&#039;grade_added&#039;][&#039;function&#039;], $eventdata);&lt;br /&gt;
&lt;br /&gt;
All plugins in Moodle have access to this and can this easily “hook in” to &#039;grade_added&#039; events (and of course any other events).&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Database structure==&lt;br /&gt;
&lt;br /&gt;
There are 3 core tables for events. Note that if a handler is queued, and yet to be processed or processing failed, then all subsequent calls on that handler must be queued.&lt;br /&gt;
&lt;br /&gt;
===events_handlers===&lt;br /&gt;
&lt;br /&gt;
This table is for storing which components requests what type of event, and the location of the responsible handlers. For example, the grade book can register &#039;grade_added&#039; event with a function add_grade() that should be called event time an &#039;grade_added&#039; event is triggered by a module.&lt;br /&gt;
&lt;br /&gt;
These entries are created by parsing events.php files in all the modules, and can be rebuilt any time (during an upgrade, say).&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|-&lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|-&lt;br /&gt;
|eventname&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|name of the event, e.g. &#039;grade_added&#039;&lt;br /&gt;
|-&lt;br /&gt;
|handlermodule&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|e.g. moodle, mod/forum, block/rss_client&lt;br /&gt;
|-&lt;br /&gt;
|handlerfile&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|path to the file of the function, eg /grade/export/lib.php&lt;br /&gt;
|-&lt;br /&gt;
|handlerfunction&lt;br /&gt;
|text&lt;br /&gt;
|serialized string or array describing function, suitable to be passed to &#039;&#039;&#039;call_user_func()&#039;&#039;&#039;&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
===events_queues===&lt;br /&gt;
&lt;br /&gt;
This table is for storing queued events. It stores only one copy of the eventdata here, and entries from this table are being references by the event_queue_handlers_todo table.&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|-&lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|-&lt;br /&gt;
|eventdata 	&lt;br /&gt;
|longtext 	&lt;br /&gt;
|serialized version of the data object passed to the event handler.&lt;br /&gt;
|-&lt;br /&gt;
|schedule 	&lt;br /&gt;
|varchar(255) 	&lt;br /&gt;
|&#039;cron&#039; or &#039;instant&#039;.&lt;br /&gt;
|-&lt;br /&gt;
|stackdump&lt;br /&gt;
|text&lt;br /&gt;
|serialized debug_backtrace showing where the event was fired from&lt;br /&gt;
|-&lt;br /&gt;
|userid&lt;br /&gt;
|int(10)&lt;br /&gt;
|$USER-&amp;gt;id when the event was fired&lt;br /&gt;
|-&lt;br /&gt;
|timecreated&lt;br /&gt;
|int(10) 	&lt;br /&gt;
|time stamp of the first time this was added&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
===events_queue_handlers===&lt;br /&gt;
&lt;br /&gt;
This is the list of queued handlers for processing. The event object is retrieved from the event_queued_events table. When no further reference is made to the event_queued_events table, the corresponding entry in the event_queued_events table should be deleted. Entry should get deleted (?) after a successful event processing by the specified handler.&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|- &lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|-&lt;br /&gt;
|queuedeventid&lt;br /&gt;
|int(10)&lt;br /&gt;
|foreign key id corresponding to the id of the event_queued_events table&lt;br /&gt;
|-&lt;br /&gt;
|handlerid&lt;br /&gt;
|int(10)&lt;br /&gt;
|foreign key id corresponding to the id of the event_handlers table&lt;br /&gt;
|-&lt;br /&gt;
|status&lt;br /&gt;
|int(10)&lt;br /&gt;
|number of failed attempts to process this handler&lt;br /&gt;
|-&lt;br /&gt;
|errormessage&lt;br /&gt;
|text&lt;br /&gt;
|if an error happened last time we tried to process this event, record it here.&lt;br /&gt;
|-&lt;br /&gt;
|timemodified&lt;br /&gt;
|int(10)&lt;br /&gt;
|time stamp of the last attempt to run this from the queue&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
==Standards for naming events==&lt;br /&gt;
&lt;br /&gt;
All event names should follow a consistent naming pattern, such as modulename_noun_verb&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
== See also ==&lt;br /&gt;
&lt;br /&gt;
* [http://moodle.org/mod/forum/discuss.php?d=69103 General Developer Forum thread for discussing this proposal]. &lt;br /&gt;
* [[Grades]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[Category:Grades]]&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6517</id>
		<title>Old Events API</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6517"/>
		<updated>2007-04-18T06:33:52Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* Database structure */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;The Events API is a new core system in Moodle to allow better communication between modules.  It&#039;s based on modules triggering new events with attached data, and the other modules handling those events with custom functions.&lt;br /&gt;
&lt;br /&gt;
==Overview==&lt;br /&gt;
&lt;br /&gt;
We&#039;ll be using the example of a grade being posted from a module into the [[Grades|new gradebook in Moodle 1.9]], but there are obviously all kinds of events possible.&lt;br /&gt;
&lt;br /&gt;
===Triggering an event===&lt;br /&gt;
&lt;br /&gt;
Whenever a grade is created or changed by a module, it should “tell” the system about it (in addition to any local working storage it uses).   So, using the quiz as an example, we first define an object as follows:&lt;br /&gt;
&lt;br /&gt;
 $eventdata = new object;&lt;br /&gt;
 $eventdata-&amp;gt;courseid = $course-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemname = $quiz-&amp;gt;name;&lt;br /&gt;
 $eventdata-&amp;gt;itemtype = &#039;mod&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;itemmodule = &#039;quiz&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;iteminstance = $quiz-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemnumber = 1;&lt;br /&gt;
 $eventdata-&amp;gt;iteminfo = $quiz-&amp;gt;info;&lt;br /&gt;
 $eventdata-&amp;gt;idnumber = $cm-&amp;gt;idnumber;   // new field in 1.9&lt;br /&gt;
 $eventdata-&amp;gt;grademax = $quiz-&amp;gt;grade;&lt;br /&gt;
 $eventdata-&amp;gt;grademin = 0;&lt;br /&gt;
 $eventdata-&amp;gt;userid = $USER-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;gradevalue = $currentvalue;&lt;br /&gt;
&lt;br /&gt;
Then we post the object as an event and forget about it:&lt;br /&gt;
&lt;br /&gt;
 trigger_event(&#039;grade_added&#039;, $eventdata);&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
===Handling an event===&lt;br /&gt;
&lt;br /&gt;
Modules can define an events.php in their db directory which defines events they want to be notified about, and describes which of their functions or class methods should be notified.   For example, an export  plugin could register something like:&lt;br /&gt;
&lt;br /&gt;
 $events = array (&lt;br /&gt;
    &#039;grade_added&#039; =&amp;gt; array (&lt;br /&gt;
         &#039;file&#039;        =&amp;gt; &#039;/grade/export/banner/lib.php&#039;,&lt;br /&gt;
         &#039;function&#039;  =&amp;gt; &#039;banner_handle_grade&#039;,    // argument to call_user_func(), could be an array&lt;br /&gt;
         &#039;timing&#039;    =&amp;gt; &#039;cron&#039;&lt;br /&gt;
     );&lt;br /&gt;
 );&lt;br /&gt;
&lt;br /&gt;
These are parsed during install / upgrade and stored in a simple database table.&lt;br /&gt;
&lt;br /&gt;
Then, when a grade_added event happens, all the registered functions for that event will be called something like this (but with more error handling):&lt;br /&gt;
&lt;br /&gt;
          include_once($CFG-&amp;gt;dirroot.$events[&#039;grade_added&#039;][&#039;file&#039;];&lt;br /&gt;
          call_user_func($events[&#039;grade_added&#039;][&#039;function&#039;], $eventdata);&lt;br /&gt;
&lt;br /&gt;
All plugins in Moodle have access to this and can this easily “hook in” to &#039;grade_added&#039; events (and of course any other events).&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Database structure==&lt;br /&gt;
&lt;br /&gt;
There are 3 core tables for events. Note that if a handler is queued, and yet to be processed or processing failed, then all subsequent calls on that handler must be queued.&lt;br /&gt;
&lt;br /&gt;
===events_handlers===&lt;br /&gt;
&lt;br /&gt;
This table is for storing which components requests what type of event, and the location of the responsible handlers. For example, the grade book can register &#039;grade_added&#039; event with a function add_grade() that should be called event time an &#039;grade_added&#039; event is triggered by a module.&lt;br /&gt;
&lt;br /&gt;
These entries are created by parsing events.php files in all the modules, and can be rebuilt any time (during an upgrade, say).&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|-&lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|-&lt;br /&gt;
|eventname&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|name of the event, e.g. &#039;grade_added&#039;&lt;br /&gt;
|-&lt;br /&gt;
|handlermodule&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|e.g. moodle, mod/forum, block/rss_client&lt;br /&gt;
|-&lt;br /&gt;
|handlerfile&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|path to the file of the function, eg /grade/export/lib.php&lt;br /&gt;
|-&lt;br /&gt;
|handlerfunction&lt;br /&gt;
|text&lt;br /&gt;
|serialized string or array describing function, suitable to be passed to &#039;&#039;&#039;call_user_func()&#039;&#039;&#039;&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
===events_queued_events ===&lt;br /&gt;
&lt;br /&gt;
This table is for storing queued events. It stores only one copy of the eventdata here, and entries from this table are being references by the event_queue_handlers_todo table.&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|-&lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|-&lt;br /&gt;
|eventdata 	&lt;br /&gt;
|longtext 	&lt;br /&gt;
|serialized version of the data object passed to the event handler.&lt;br /&gt;
|-&lt;br /&gt;
|schedule 	&lt;br /&gt;
|varchar(255) 	&lt;br /&gt;
|&#039;cron&#039; or &#039;instant&#039;.&lt;br /&gt;
|-&lt;br /&gt;
|stackdump&lt;br /&gt;
|text&lt;br /&gt;
|serialized debug_backtrace showing where the event was fired from&lt;br /&gt;
|-&lt;br /&gt;
|userid&lt;br /&gt;
|int(10)&lt;br /&gt;
|$USER-&amp;gt;id when the event was fired&lt;br /&gt;
|-&lt;br /&gt;
|timecreated&lt;br /&gt;
|int(10) 	&lt;br /&gt;
|time stamp of the first time this was added&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
===events_queue_handlers===&lt;br /&gt;
&lt;br /&gt;
This is the list of queued handlers for processing. The event object is retrieved from the event_queued_events table. When no further reference is made to the event_queued_events table, the corresponding entry in the event_queued_events table should be deleted. Entry should get deleted (?) after a successful event processing by the specified handler.&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|- &lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|-&lt;br /&gt;
|queuedeventid&lt;br /&gt;
|int(10)&lt;br /&gt;
|foreign key id corresponding to the id of the event_queued_events table&lt;br /&gt;
|-&lt;br /&gt;
|handlerid&lt;br /&gt;
|int(10)&lt;br /&gt;
|foreign key id corresponding to the id of the event_handlers table&lt;br /&gt;
|-&lt;br /&gt;
|status&lt;br /&gt;
|int(10)&lt;br /&gt;
|number of failed attempts to process this handler&lt;br /&gt;
|-&lt;br /&gt;
|errormessage&lt;br /&gt;
|text&lt;br /&gt;
|if an error happened last time we tried to process this event, record it here.&lt;br /&gt;
|-&lt;br /&gt;
|timemodified&lt;br /&gt;
|int(10)&lt;br /&gt;
|time stamp of the last attempt to run this from the queue&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
==Standards for naming events==&lt;br /&gt;
&lt;br /&gt;
All event names should follow a consistent naming pattern, such as modulename_noun_verb&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
== See also ==&lt;br /&gt;
&lt;br /&gt;
* [http://moodle.org/mod/forum/discuss.php?d=69103 General Developer Forum thread for discussing this proposal]. &lt;br /&gt;
* [[Grades]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[Category:Grades]]&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6516</id>
		<title>Old Events API</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6516"/>
		<updated>2007-04-18T06:28:09Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* events_queue_handlers */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;The Events API is a new core system in Moodle to allow better communication between modules.  It&#039;s based on modules triggering new events with attached data, and the other modules handling those events with custom functions.&lt;br /&gt;
&lt;br /&gt;
==Overview==&lt;br /&gt;
&lt;br /&gt;
We&#039;ll be using the example of a grade being posted from a module into the [[Grades|new gradebook in Moodle 1.9]], but there are obviously all kinds of events possible.&lt;br /&gt;
&lt;br /&gt;
===Triggering an event===&lt;br /&gt;
&lt;br /&gt;
Whenever a grade is created or changed by a module, it should “tell” the system about it (in addition to any local working storage it uses).   So, using the quiz as an example, we first define an object as follows:&lt;br /&gt;
&lt;br /&gt;
 $eventdata = new object;&lt;br /&gt;
 $eventdata-&amp;gt;courseid = $course-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemname = $quiz-&amp;gt;name;&lt;br /&gt;
 $eventdata-&amp;gt;itemtype = &#039;mod&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;itemmodule = &#039;quiz&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;iteminstance = $quiz-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemnumber = 1;&lt;br /&gt;
 $eventdata-&amp;gt;iteminfo = $quiz-&amp;gt;info;&lt;br /&gt;
 $eventdata-&amp;gt;idnumber = $cm-&amp;gt;idnumber;   // new field in 1.9&lt;br /&gt;
 $eventdata-&amp;gt;grademax = $quiz-&amp;gt;grade;&lt;br /&gt;
 $eventdata-&amp;gt;grademin = 0;&lt;br /&gt;
 $eventdata-&amp;gt;userid = $USER-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;gradevalue = $currentvalue;&lt;br /&gt;
&lt;br /&gt;
Then we post the object as an event and forget about it:&lt;br /&gt;
&lt;br /&gt;
 trigger_event(&#039;grade_added&#039;, $eventdata);&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
===Handling an event===&lt;br /&gt;
&lt;br /&gt;
Modules can define an events.php in their db directory which defines events they want to be notified about, and describes which of their functions or class methods should be notified.   For example, an export  plugin could register something like:&lt;br /&gt;
&lt;br /&gt;
 $events = array (&lt;br /&gt;
    &#039;grade_added&#039; =&amp;gt; array (&lt;br /&gt;
         &#039;file&#039;        =&amp;gt; &#039;/grade/export/banner/lib.php&#039;,&lt;br /&gt;
         &#039;function&#039;  =&amp;gt; &#039;banner_handle_grade&#039;,    // argument to call_user_func(), could be an array&lt;br /&gt;
         &#039;timing&#039;    =&amp;gt; &#039;cron&#039;&lt;br /&gt;
     );&lt;br /&gt;
 );&lt;br /&gt;
&lt;br /&gt;
These are parsed during install / upgrade and stored in a simple database table.&lt;br /&gt;
&lt;br /&gt;
Then, when a grade_added event happens, all the registered functions for that event will be called something like this (but with more error handling):&lt;br /&gt;
&lt;br /&gt;
          include_once($CFG-&amp;gt;dirroot.$events[&#039;grade_added&#039;][&#039;file&#039;];&lt;br /&gt;
          call_user_func($events[&#039;grade_added&#039;][&#039;function&#039;], $eventdata);&lt;br /&gt;
&lt;br /&gt;
All plugins in Moodle have access to this and can this easily “hook in” to &#039;grade_added&#039; events (and of course any other events).&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Database structure==&lt;br /&gt;
&lt;br /&gt;
There are 2 core tables for events.&lt;br /&gt;
&lt;br /&gt;
- do we need a separate events_log table too?&lt;br /&gt;
&lt;br /&gt;
===events_handlers===&lt;br /&gt;
&lt;br /&gt;
This table is for storing which components requests what type of event, and the location of the responsible handlers. For example, the grade book can register &#039;grade_added&#039; event with a function add_grade() that should be called event time an &#039;grade_added&#039; event is triggered by a module.&lt;br /&gt;
&lt;br /&gt;
These entries are created by parsing events.php files in all the modules, and can be rebuilt any time (during an upgrade, say).&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|-&lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|-&lt;br /&gt;
|eventname&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|name of the event, e.g. &#039;grade_added&#039;&lt;br /&gt;
|-&lt;br /&gt;
|handlermodule&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|e.g. moodle, mod/forum, block/rss_client&lt;br /&gt;
|-&lt;br /&gt;
|handlerfile&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|path to the file of the function, eg /grade/export/lib.php&lt;br /&gt;
|-&lt;br /&gt;
|handlerfunction&lt;br /&gt;
|text&lt;br /&gt;
|serialized string or array describing function, suitable to be passed to &#039;&#039;&#039;call_user_func()&#039;&#039;&#039;&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
===events_queued_events ===&lt;br /&gt;
&lt;br /&gt;
This table is for storing queued events. It stores only one copy of the eventdata here, and entries from this table are being references by the event_queue_handlers_todo table.&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|-&lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|-&lt;br /&gt;
|eventdata 	&lt;br /&gt;
|longtext 	&lt;br /&gt;
|serialized version of the data object passed to the event handler.&lt;br /&gt;
|-&lt;br /&gt;
|schedule 	&lt;br /&gt;
|varchar(255) 	&lt;br /&gt;
|&#039;cron&#039; or &#039;instant&#039;.&lt;br /&gt;
|-&lt;br /&gt;
|stackdump&lt;br /&gt;
|text&lt;br /&gt;
|serialized debug_backtrace showing where the event was fired from&lt;br /&gt;
|-&lt;br /&gt;
|userid&lt;br /&gt;
|int(10)&lt;br /&gt;
|$USER-&amp;gt;id when the event was fired&lt;br /&gt;
|-&lt;br /&gt;
|timecreated&lt;br /&gt;
|int(10) 	&lt;br /&gt;
|time stamp of the first time this was added&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
===events_queue_handlers===&lt;br /&gt;
&lt;br /&gt;
This is the list of queued handlers for processing. The event object is retrieved from the event_queued_events table. When no further reference is made to the event_queued_events table, the corresponding entry in the event_queued_events table should be deleted. Entry should get deleted (?) after a successful event processing by the specified handler.&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|- &lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|-&lt;br /&gt;
|queuedeventid&lt;br /&gt;
|int(10)&lt;br /&gt;
|foreign key id corresponding to the id of the event_queued_events table&lt;br /&gt;
|-&lt;br /&gt;
|handlerid&lt;br /&gt;
|int(10)&lt;br /&gt;
|foreign key id corresponding to the id of the event_handlers table&lt;br /&gt;
|-&lt;br /&gt;
|status&lt;br /&gt;
|int(10)&lt;br /&gt;
|number of failed attempts to process this handler&lt;br /&gt;
|-&lt;br /&gt;
|errormessage&lt;br /&gt;
|text&lt;br /&gt;
|if an error happened last time we tried to process this event, record it here.&lt;br /&gt;
|-&lt;br /&gt;
|timemodified&lt;br /&gt;
|int(10)&lt;br /&gt;
|time stamp of the last attempt to run this from the queue&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
==Standards for naming events==&lt;br /&gt;
&lt;br /&gt;
All event names should follow a consistent naming pattern, such as modulename_noun_verb&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
== See also ==&lt;br /&gt;
&lt;br /&gt;
* [http://moodle.org/mod/forum/discuss.php?d=69103 General Developer Forum thread for discussing this proposal]. &lt;br /&gt;
* [[Grades]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[Category:Grades]]&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6515</id>
		<title>Old Events API</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6515"/>
		<updated>2007-04-18T06:10:22Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* events_queue_handlers */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;The Events API is a new core system in Moodle to allow better communication between modules.  It&#039;s based on modules triggering new events with attached data, and the other modules handling those events with custom functions.&lt;br /&gt;
&lt;br /&gt;
==Overview==&lt;br /&gt;
&lt;br /&gt;
We&#039;ll be using the example of a grade being posted from a module into the [[Grades|new gradebook in Moodle 1.9]], but there are obviously all kinds of events possible.&lt;br /&gt;
&lt;br /&gt;
===Triggering an event===&lt;br /&gt;
&lt;br /&gt;
Whenever a grade is created or changed by a module, it should “tell” the system about it (in addition to any local working storage it uses).   So, using the quiz as an example, we first define an object as follows:&lt;br /&gt;
&lt;br /&gt;
 $eventdata = new object;&lt;br /&gt;
 $eventdata-&amp;gt;courseid = $course-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemname = $quiz-&amp;gt;name;&lt;br /&gt;
 $eventdata-&amp;gt;itemtype = &#039;mod&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;itemmodule = &#039;quiz&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;iteminstance = $quiz-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemnumber = 1;&lt;br /&gt;
 $eventdata-&amp;gt;iteminfo = $quiz-&amp;gt;info;&lt;br /&gt;
 $eventdata-&amp;gt;idnumber = $cm-&amp;gt;idnumber;   // new field in 1.9&lt;br /&gt;
 $eventdata-&amp;gt;grademax = $quiz-&amp;gt;grade;&lt;br /&gt;
 $eventdata-&amp;gt;grademin = 0;&lt;br /&gt;
 $eventdata-&amp;gt;userid = $USER-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;gradevalue = $currentvalue;&lt;br /&gt;
&lt;br /&gt;
Then we post the object as an event and forget about it:&lt;br /&gt;
&lt;br /&gt;
 trigger_event(&#039;grade_added&#039;, $eventdata);&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
===Handling an event===&lt;br /&gt;
&lt;br /&gt;
Modules can define an events.php in their db directory which defines events they want to be notified about, and describes which of their functions or class methods should be notified.   For example, an export  plugin could register something like:&lt;br /&gt;
&lt;br /&gt;
 $events = array (&lt;br /&gt;
    &#039;grade_added&#039; =&amp;gt; array (&lt;br /&gt;
         &#039;file&#039;        =&amp;gt; &#039;/grade/export/banner/lib.php&#039;,&lt;br /&gt;
         &#039;function&#039;  =&amp;gt; &#039;banner_handle_grade&#039;,    // argument to call_user_func(), could be an array&lt;br /&gt;
         &#039;timing&#039;    =&amp;gt; &#039;cron&#039;&lt;br /&gt;
     );&lt;br /&gt;
 );&lt;br /&gt;
&lt;br /&gt;
These are parsed during install / upgrade and stored in a simple database table.&lt;br /&gt;
&lt;br /&gt;
Then, when a grade_added event happens, all the registered functions for that event will be called something like this (but with more error handling):&lt;br /&gt;
&lt;br /&gt;
          include_once($CFG-&amp;gt;dirroot.$events[&#039;grade_added&#039;][&#039;file&#039;];&lt;br /&gt;
          call_user_func($events[&#039;grade_added&#039;][&#039;function&#039;], $eventdata);&lt;br /&gt;
&lt;br /&gt;
All plugins in Moodle have access to this and can this easily “hook in” to &#039;grade_added&#039; events (and of course any other events).&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Database structure==&lt;br /&gt;
&lt;br /&gt;
There are 2 core tables for events.&lt;br /&gt;
&lt;br /&gt;
- do we need a separate events_log table too?&lt;br /&gt;
&lt;br /&gt;
===events_handlers===&lt;br /&gt;
&lt;br /&gt;
This table is for storing which components requests what type of event, and the location of the responsible handlers. For example, the grade book can register &#039;grade_added&#039; event with a function add_grade() that should be called event time an &#039;grade_added&#039; event is triggered by a module.&lt;br /&gt;
&lt;br /&gt;
These entries are created by parsing events.php files in all the modules, and can be rebuilt any time (during an upgrade, say).&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|-&lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|-&lt;br /&gt;
|eventname&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|name of the event, e.g. &#039;grade_added&#039;&lt;br /&gt;
|-&lt;br /&gt;
|handlermodule&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|e.g. moodle, mod/forum, block/rss_client&lt;br /&gt;
|-&lt;br /&gt;
|handlerfile&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|path to the file of the function, eg /grade/export/lib.php&lt;br /&gt;
|-&lt;br /&gt;
|handlerfunction&lt;br /&gt;
|text&lt;br /&gt;
|serialized string or array describing function, suitable to be passed to &#039;&#039;&#039;call_user_func()&#039;&#039;&#039;&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
===events_queued_events ===&lt;br /&gt;
&lt;br /&gt;
This table is for storing queued events. It stores only one copy of the eventdata here, and entries from this table are being references by the event_queue_handlers_todo table.&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|-&lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|-&lt;br /&gt;
|eventdata 	&lt;br /&gt;
|longtext 	&lt;br /&gt;
|serialized version of the data object passed to the event handler.&lt;br /&gt;
|-&lt;br /&gt;
|schedule 	&lt;br /&gt;
|varchar(255) 	&lt;br /&gt;
|&#039;cron&#039; or &#039;instant&#039;.&lt;br /&gt;
|-&lt;br /&gt;
|stackdump&lt;br /&gt;
|text&lt;br /&gt;
|serialized debug_backtrace showing where the event was fired from&lt;br /&gt;
|-&lt;br /&gt;
|userid&lt;br /&gt;
|int(10)&lt;br /&gt;
|$USER-&amp;gt;id when the event was fired&lt;br /&gt;
|-&lt;br /&gt;
|timecreated&lt;br /&gt;
|int(10) 	&lt;br /&gt;
|time stamp of the first time this was added&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
===events_queue_handlers===&lt;br /&gt;
&lt;br /&gt;
This is the list of queued handlers for processing. The event object is retrieved from the event_queued_events table. When no further reference is made to the event_queued_events table, the corresponding entry in the event_queued_events table should be deleted.&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|- &lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|-&lt;br /&gt;
|queuedeventid&lt;br /&gt;
|int(10)&lt;br /&gt;
|foreign key id corresponding to the id of the event_queued_events table&lt;br /&gt;
|-&lt;br /&gt;
|handlerid&lt;br /&gt;
|int(10)&lt;br /&gt;
|foreign key id corresponding to the id of the event_handlers table&lt;br /&gt;
|-&lt;br /&gt;
|status&lt;br /&gt;
|int(10)&lt;br /&gt;
|number of failed attempts to process this handler&lt;br /&gt;
|-&lt;br /&gt;
|errormessage&lt;br /&gt;
|text&lt;br /&gt;
|if an error happened last time we tried to process this event, record it here.&lt;br /&gt;
|-&lt;br /&gt;
|timemodified&lt;br /&gt;
|int(10)&lt;br /&gt;
|time stamp of the last attempt to run this from the queue&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
==Standards for naming events==&lt;br /&gt;
&lt;br /&gt;
All event names should follow a consistent naming pattern, such as modulename_noun_verb&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
== See also ==&lt;br /&gt;
&lt;br /&gt;
* [http://moodle.org/mod/forum/discuss.php?d=69103 General Developer Forum thread for discussing this proposal]. &lt;br /&gt;
* [[Grades]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[Category:Grades]]&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6514</id>
		<title>Old Events API</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6514"/>
		<updated>2007-04-18T06:09:48Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* events_queued_events */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;The Events API is a new core system in Moodle to allow better communication between modules.  It&#039;s based on modules triggering new events with attached data, and the other modules handling those events with custom functions.&lt;br /&gt;
&lt;br /&gt;
==Overview==&lt;br /&gt;
&lt;br /&gt;
We&#039;ll be using the example of a grade being posted from a module into the [[Grades|new gradebook in Moodle 1.9]], but there are obviously all kinds of events possible.&lt;br /&gt;
&lt;br /&gt;
===Triggering an event===&lt;br /&gt;
&lt;br /&gt;
Whenever a grade is created or changed by a module, it should “tell” the system about it (in addition to any local working storage it uses).   So, using the quiz as an example, we first define an object as follows:&lt;br /&gt;
&lt;br /&gt;
 $eventdata = new object;&lt;br /&gt;
 $eventdata-&amp;gt;courseid = $course-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemname = $quiz-&amp;gt;name;&lt;br /&gt;
 $eventdata-&amp;gt;itemtype = &#039;mod&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;itemmodule = &#039;quiz&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;iteminstance = $quiz-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemnumber = 1;&lt;br /&gt;
 $eventdata-&amp;gt;iteminfo = $quiz-&amp;gt;info;&lt;br /&gt;
 $eventdata-&amp;gt;idnumber = $cm-&amp;gt;idnumber;   // new field in 1.9&lt;br /&gt;
 $eventdata-&amp;gt;grademax = $quiz-&amp;gt;grade;&lt;br /&gt;
 $eventdata-&amp;gt;grademin = 0;&lt;br /&gt;
 $eventdata-&amp;gt;userid = $USER-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;gradevalue = $currentvalue;&lt;br /&gt;
&lt;br /&gt;
Then we post the object as an event and forget about it:&lt;br /&gt;
&lt;br /&gt;
 trigger_event(&#039;grade_added&#039;, $eventdata);&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
===Handling an event===&lt;br /&gt;
&lt;br /&gt;
Modules can define an events.php in their db directory which defines events they want to be notified about, and describes which of their functions or class methods should be notified.   For example, an export  plugin could register something like:&lt;br /&gt;
&lt;br /&gt;
 $events = array (&lt;br /&gt;
    &#039;grade_added&#039; =&amp;gt; array (&lt;br /&gt;
         &#039;file&#039;        =&amp;gt; &#039;/grade/export/banner/lib.php&#039;,&lt;br /&gt;
         &#039;function&#039;  =&amp;gt; &#039;banner_handle_grade&#039;,    // argument to call_user_func(), could be an array&lt;br /&gt;
         &#039;timing&#039;    =&amp;gt; &#039;cron&#039;&lt;br /&gt;
     );&lt;br /&gt;
 );&lt;br /&gt;
&lt;br /&gt;
These are parsed during install / upgrade and stored in a simple database table.&lt;br /&gt;
&lt;br /&gt;
Then, when a grade_added event happens, all the registered functions for that event will be called something like this (but with more error handling):&lt;br /&gt;
&lt;br /&gt;
          include_once($CFG-&amp;gt;dirroot.$events[&#039;grade_added&#039;][&#039;file&#039;];&lt;br /&gt;
          call_user_func($events[&#039;grade_added&#039;][&#039;function&#039;], $eventdata);&lt;br /&gt;
&lt;br /&gt;
All plugins in Moodle have access to this and can this easily “hook in” to &#039;grade_added&#039; events (and of course any other events).&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Database structure==&lt;br /&gt;
&lt;br /&gt;
There are 2 core tables for events.&lt;br /&gt;
&lt;br /&gt;
- do we need a separate events_log table too?&lt;br /&gt;
&lt;br /&gt;
===events_handlers===&lt;br /&gt;
&lt;br /&gt;
This table is for storing which components requests what type of event, and the location of the responsible handlers. For example, the grade book can register &#039;grade_added&#039; event with a function add_grade() that should be called event time an &#039;grade_added&#039; event is triggered by a module.&lt;br /&gt;
&lt;br /&gt;
These entries are created by parsing events.php files in all the modules, and can be rebuilt any time (during an upgrade, say).&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|-&lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|-&lt;br /&gt;
|eventname&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|name of the event, e.g. &#039;grade_added&#039;&lt;br /&gt;
|-&lt;br /&gt;
|handlermodule&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|e.g. moodle, mod/forum, block/rss_client&lt;br /&gt;
|-&lt;br /&gt;
|handlerfile&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|path to the file of the function, eg /grade/export/lib.php&lt;br /&gt;
|-&lt;br /&gt;
|handlerfunction&lt;br /&gt;
|text&lt;br /&gt;
|serialized string or array describing function, suitable to be passed to &#039;&#039;&#039;call_user_func()&#039;&#039;&#039;&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
===events_queued_events ===&lt;br /&gt;
&lt;br /&gt;
This table is for storing queued events. It stores only one copy of the eventdata here, and entries from this table are being references by the event_queue_handlers_todo table.&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|-&lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|-&lt;br /&gt;
|eventdata 	&lt;br /&gt;
|longtext 	&lt;br /&gt;
|serialized version of the data object passed to the event handler.&lt;br /&gt;
|-&lt;br /&gt;
|schedule 	&lt;br /&gt;
|varchar(255) 	&lt;br /&gt;
|&#039;cron&#039; or &#039;instant&#039;.&lt;br /&gt;
|-&lt;br /&gt;
|stackdump&lt;br /&gt;
|text&lt;br /&gt;
|serialized debug_backtrace showing where the event was fired from&lt;br /&gt;
|-&lt;br /&gt;
|userid&lt;br /&gt;
|int(10)&lt;br /&gt;
|$USER-&amp;gt;id when the event was fired&lt;br /&gt;
|-&lt;br /&gt;
|timecreated&lt;br /&gt;
|int(10) 	&lt;br /&gt;
|time stamp of the first time this was added&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
===events_queue_handlers===&lt;br /&gt;
&lt;br /&gt;
This is the list of queued handlers for processing. The event object is retrieved from the event_queued_events table. When no further reference is made to the event_queued_events table, the corresponding entry in the event_queued_events table should be deleted.&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|- &lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|-&lt;br /&gt;
|queuedeventid&lt;br /&gt;
|int(10)&lt;br /&gt;
|foreign key id corresponding to the id of the event_queued_events table&lt;br /&gt;
|-&lt;br /&gt;
|handlerid&lt;br /&gt;
|int(10)&lt;br /&gt;
|foreign key id corresponding to the id of the event_handlers table&lt;br /&gt;
|-&lt;br /&gt;
|status&lt;br /&gt;
|int(10)&lt;br /&gt;
|number of failed attempts to process this handler&lt;br /&gt;
|-&lt;br /&gt;
|timemodified&lt;br /&gt;
|int(10)&lt;br /&gt;
|time stamp of the last attempt to run this from the queue&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
==Standards for naming events==&lt;br /&gt;
&lt;br /&gt;
All event names should follow a consistent naming pattern, such as modulename_noun_verb&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
== See also ==&lt;br /&gt;
&lt;br /&gt;
* [http://moodle.org/mod/forum/discuss.php?d=69103 General Developer Forum thread for discussing this proposal]. &lt;br /&gt;
* [[Grades]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[Category:Grades]]&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6513</id>
		<title>Old Events API</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6513"/>
		<updated>2007-04-18T06:07:38Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* event_queue_handlers_todo */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;The Events API is a new core system in Moodle to allow better communication between modules.  It&#039;s based on modules triggering new events with attached data, and the other modules handling those events with custom functions.&lt;br /&gt;
&lt;br /&gt;
==Overview==&lt;br /&gt;
&lt;br /&gt;
We&#039;ll be using the example of a grade being posted from a module into the [[Grades|new gradebook in Moodle 1.9]], but there are obviously all kinds of events possible.&lt;br /&gt;
&lt;br /&gt;
===Triggering an event===&lt;br /&gt;
&lt;br /&gt;
Whenever a grade is created or changed by a module, it should “tell” the system about it (in addition to any local working storage it uses).   So, using the quiz as an example, we first define an object as follows:&lt;br /&gt;
&lt;br /&gt;
 $eventdata = new object;&lt;br /&gt;
 $eventdata-&amp;gt;courseid = $course-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemname = $quiz-&amp;gt;name;&lt;br /&gt;
 $eventdata-&amp;gt;itemtype = &#039;mod&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;itemmodule = &#039;quiz&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;iteminstance = $quiz-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemnumber = 1;&lt;br /&gt;
 $eventdata-&amp;gt;iteminfo = $quiz-&amp;gt;info;&lt;br /&gt;
 $eventdata-&amp;gt;idnumber = $cm-&amp;gt;idnumber;   // new field in 1.9&lt;br /&gt;
 $eventdata-&amp;gt;grademax = $quiz-&amp;gt;grade;&lt;br /&gt;
 $eventdata-&amp;gt;grademin = 0;&lt;br /&gt;
 $eventdata-&amp;gt;userid = $USER-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;gradevalue = $currentvalue;&lt;br /&gt;
&lt;br /&gt;
Then we post the object as an event and forget about it:&lt;br /&gt;
&lt;br /&gt;
 trigger_event(&#039;grade_added&#039;, $eventdata);&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
===Handling an event===&lt;br /&gt;
&lt;br /&gt;
Modules can define an events.php in their db directory which defines events they want to be notified about, and describes which of their functions or class methods should be notified.   For example, an export  plugin could register something like:&lt;br /&gt;
&lt;br /&gt;
 $events = array (&lt;br /&gt;
    &#039;grade_added&#039; =&amp;gt; array (&lt;br /&gt;
         &#039;file&#039;        =&amp;gt; &#039;/grade/export/banner/lib.php&#039;,&lt;br /&gt;
         &#039;function&#039;  =&amp;gt; &#039;banner_handle_grade&#039;,    // argument to call_user_func(), could be an array&lt;br /&gt;
         &#039;timing&#039;    =&amp;gt; &#039;cron&#039;&lt;br /&gt;
     );&lt;br /&gt;
 );&lt;br /&gt;
&lt;br /&gt;
These are parsed during install / upgrade and stored in a simple database table.&lt;br /&gt;
&lt;br /&gt;
Then, when a grade_added event happens, all the registered functions for that event will be called something like this (but with more error handling):&lt;br /&gt;
&lt;br /&gt;
          include_once($CFG-&amp;gt;dirroot.$events[&#039;grade_added&#039;][&#039;file&#039;];&lt;br /&gt;
          call_user_func($events[&#039;grade_added&#039;][&#039;function&#039;], $eventdata);&lt;br /&gt;
&lt;br /&gt;
All plugins in Moodle have access to this and can this easily “hook in” to &#039;grade_added&#039; events (and of course any other events).&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Database structure==&lt;br /&gt;
&lt;br /&gt;
There are 2 core tables for events.&lt;br /&gt;
&lt;br /&gt;
- do we need a separate events_log table too?&lt;br /&gt;
&lt;br /&gt;
===events_handlers===&lt;br /&gt;
&lt;br /&gt;
This table is for storing which components requests what type of event, and the location of the responsible handlers. For example, the grade book can register &#039;grade_added&#039; event with a function add_grade() that should be called event time an &#039;grade_added&#039; event is triggered by a module.&lt;br /&gt;
&lt;br /&gt;
These entries are created by parsing events.php files in all the modules, and can be rebuilt any time (during an upgrade, say).&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|-&lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|-&lt;br /&gt;
|eventname&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|name of the event, e.g. &#039;grade_added&#039;&lt;br /&gt;
|-&lt;br /&gt;
|handlermodule&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|e.g. moodle, mod/forum, block/rss_client&lt;br /&gt;
|-&lt;br /&gt;
|handlerfile&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|path to the file of the function, eg /grade/export/lib.php&lt;br /&gt;
|-&lt;br /&gt;
|handlerfunction&lt;br /&gt;
|text&lt;br /&gt;
|serialized string or array describing function, suitable to be passed to &#039;&#039;&#039;call_user_func()&#039;&#039;&#039;&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
===events_queued_events ===&lt;br /&gt;
&lt;br /&gt;
This table is for storing queued events. It stores only one copy of the eventdata here, and entries from this table are being references by the event_queue_handlers_todo table.&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|-&lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|-&lt;br /&gt;
|eventdata 	&lt;br /&gt;
|longtext 	&lt;br /&gt;
|serialized version of the data object passed to the event handler.&lt;br /&gt;
|-&lt;br /&gt;
|schedule 	&lt;br /&gt;
|varchar(255) 	&lt;br /&gt;
|&#039;cron&#039; or &#039;instant&#039;.&lt;br /&gt;
|-&lt;br /&gt;
|timecreated&lt;br /&gt;
|int(10) 	&lt;br /&gt;
|time stamp of the first time this was added&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
===events_queue_handlers===&lt;br /&gt;
&lt;br /&gt;
This is the list of queued handlers for processing. The event object is retrieved from the event_queued_events table. When no further reference is made to the event_queued_events table, the corresponding entry in the event_queued_events table should be deleted.&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|- &lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|-&lt;br /&gt;
|queuedeventid&lt;br /&gt;
|int(10)&lt;br /&gt;
|foreign key id corresponding to the id of the event_queued_events table&lt;br /&gt;
|-&lt;br /&gt;
|handlerid&lt;br /&gt;
|int(10)&lt;br /&gt;
|foreign key id corresponding to the id of the event_handlers table&lt;br /&gt;
|-&lt;br /&gt;
|status&lt;br /&gt;
|int(10)&lt;br /&gt;
|number of failed attempts to process this handler&lt;br /&gt;
|-&lt;br /&gt;
|timemodified&lt;br /&gt;
|int(10)&lt;br /&gt;
|time stamp of the last attempt to run this from the queue&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
==Standards for naming events==&lt;br /&gt;
&lt;br /&gt;
All event names should follow a consistent naming pattern, such as modulename_noun_verb&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
== See also ==&lt;br /&gt;
&lt;br /&gt;
* [http://moodle.org/mod/forum/discuss.php?d=69103 General Developer Forum thread for discussing this proposal]. &lt;br /&gt;
* [[Grades]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[Category:Grades]]&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6512</id>
		<title>Old Events API</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6512"/>
		<updated>2007-04-18T06:06:53Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* event_queued_events */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;The Events API is a new core system in Moodle to allow better communication between modules.  It&#039;s based on modules triggering new events with attached data, and the other modules handling those events with custom functions.&lt;br /&gt;
&lt;br /&gt;
==Overview==&lt;br /&gt;
&lt;br /&gt;
We&#039;ll be using the example of a grade being posted from a module into the [[Grades|new gradebook in Moodle 1.9]], but there are obviously all kinds of events possible.&lt;br /&gt;
&lt;br /&gt;
===Triggering an event===&lt;br /&gt;
&lt;br /&gt;
Whenever a grade is created or changed by a module, it should “tell” the system about it (in addition to any local working storage it uses).   So, using the quiz as an example, we first define an object as follows:&lt;br /&gt;
&lt;br /&gt;
 $eventdata = new object;&lt;br /&gt;
 $eventdata-&amp;gt;courseid = $course-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemname = $quiz-&amp;gt;name;&lt;br /&gt;
 $eventdata-&amp;gt;itemtype = &#039;mod&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;itemmodule = &#039;quiz&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;iteminstance = $quiz-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemnumber = 1;&lt;br /&gt;
 $eventdata-&amp;gt;iteminfo = $quiz-&amp;gt;info;&lt;br /&gt;
 $eventdata-&amp;gt;idnumber = $cm-&amp;gt;idnumber;   // new field in 1.9&lt;br /&gt;
 $eventdata-&amp;gt;grademax = $quiz-&amp;gt;grade;&lt;br /&gt;
 $eventdata-&amp;gt;grademin = 0;&lt;br /&gt;
 $eventdata-&amp;gt;userid = $USER-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;gradevalue = $currentvalue;&lt;br /&gt;
&lt;br /&gt;
Then we post the object as an event and forget about it:&lt;br /&gt;
&lt;br /&gt;
 trigger_event(&#039;grade_added&#039;, $eventdata);&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
===Handling an event===&lt;br /&gt;
&lt;br /&gt;
Modules can define an events.php in their db directory which defines events they want to be notified about, and describes which of their functions or class methods should be notified.   For example, an export  plugin could register something like:&lt;br /&gt;
&lt;br /&gt;
 $events = array (&lt;br /&gt;
    &#039;grade_added&#039; =&amp;gt; array (&lt;br /&gt;
         &#039;file&#039;        =&amp;gt; &#039;/grade/export/banner/lib.php&#039;,&lt;br /&gt;
         &#039;function&#039;  =&amp;gt; &#039;banner_handle_grade&#039;,    // argument to call_user_func(), could be an array&lt;br /&gt;
         &#039;timing&#039;    =&amp;gt; &#039;cron&#039;&lt;br /&gt;
     );&lt;br /&gt;
 );&lt;br /&gt;
&lt;br /&gt;
These are parsed during install / upgrade and stored in a simple database table.&lt;br /&gt;
&lt;br /&gt;
Then, when a grade_added event happens, all the registered functions for that event will be called something like this (but with more error handling):&lt;br /&gt;
&lt;br /&gt;
          include_once($CFG-&amp;gt;dirroot.$events[&#039;grade_added&#039;][&#039;file&#039;];&lt;br /&gt;
          call_user_func($events[&#039;grade_added&#039;][&#039;function&#039;], $eventdata);&lt;br /&gt;
&lt;br /&gt;
All plugins in Moodle have access to this and can this easily “hook in” to &#039;grade_added&#039; events (and of course any other events).&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Database structure==&lt;br /&gt;
&lt;br /&gt;
There are 2 core tables for events.&lt;br /&gt;
&lt;br /&gt;
- do we need a separate events_log table too?&lt;br /&gt;
&lt;br /&gt;
===events_handlers===&lt;br /&gt;
&lt;br /&gt;
This table is for storing which components requests what type of event, and the location of the responsible handlers. For example, the grade book can register &#039;grade_added&#039; event with a function add_grade() that should be called event time an &#039;grade_added&#039; event is triggered by a module.&lt;br /&gt;
&lt;br /&gt;
These entries are created by parsing events.php files in all the modules, and can be rebuilt any time (during an upgrade, say).&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|-&lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|-&lt;br /&gt;
|eventname&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|name of the event, e.g. &#039;grade_added&#039;&lt;br /&gt;
|-&lt;br /&gt;
|handlermodule&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|e.g. moodle, mod/forum, block/rss_client&lt;br /&gt;
|-&lt;br /&gt;
|handlerfile&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|path to the file of the function, eg /grade/export/lib.php&lt;br /&gt;
|-&lt;br /&gt;
|handlerfunction&lt;br /&gt;
|text&lt;br /&gt;
|serialized string or array describing function, suitable to be passed to &#039;&#039;&#039;call_user_func()&#039;&#039;&#039;&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
===events_queued_events ===&lt;br /&gt;
&lt;br /&gt;
This table is for storing queued events. It stores only one copy of the eventdata here, and entries from this table are being references by the event_queue_handlers_todo table.&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|-&lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|-&lt;br /&gt;
|eventdata 	&lt;br /&gt;
|longtext 	&lt;br /&gt;
|serialized version of the data object passed to the event handler.&lt;br /&gt;
|-&lt;br /&gt;
|schedule 	&lt;br /&gt;
|varchar(255) 	&lt;br /&gt;
|&#039;cron&#039; or &#039;instant&#039;.&lt;br /&gt;
|-&lt;br /&gt;
|timecreated&lt;br /&gt;
|int(10) 	&lt;br /&gt;
|time stamp of the first time this was added&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
===event_queue_handlers_todo===&lt;br /&gt;
&lt;br /&gt;
This is the list of queued handlers for processing. The event object is retrieved from the event_queued_events table. When no further reference is made to the event_queued_events table, the corresponding entry in the event_queued_events table should be deleted.&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|- &lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|-&lt;br /&gt;
|queuedeventid&lt;br /&gt;
|int(10)&lt;br /&gt;
|foreign key id corresponding to the id of the event_queued_events table&lt;br /&gt;
|-&lt;br /&gt;
|handlerid&lt;br /&gt;
|int(10)&lt;br /&gt;
|foreign key id corresponding to the id of the event_handlers table&lt;br /&gt;
|-&lt;br /&gt;
|status&lt;br /&gt;
|int(10)&lt;br /&gt;
|number of failed attempts to process this handler&lt;br /&gt;
|-&lt;br /&gt;
|timemodified&lt;br /&gt;
|int(10)&lt;br /&gt;
|time stamp of the last attempt to run this from the queue&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
==Standards for naming events==&lt;br /&gt;
&lt;br /&gt;
All event names should follow a consistent naming pattern, such as modulename_noun_verb&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
== See also ==&lt;br /&gt;
&lt;br /&gt;
* [http://moodle.org/mod/forum/discuss.php?d=69103 General Developer Forum thread for discussing this proposal]. &lt;br /&gt;
* [[Grades]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[Category:Grades]]&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6511</id>
		<title>Old Events API</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6511"/>
		<updated>2007-04-18T05:56:36Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* event_queue_handlers_todo */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;The Events API is a new core system in Moodle to allow better communication between modules.  It&#039;s based on modules triggering new events with attached data, and the other modules handling those events with custom functions.&lt;br /&gt;
&lt;br /&gt;
==Overview==&lt;br /&gt;
&lt;br /&gt;
We&#039;ll be using the example of a grade being posted from a module into the [[Grades|new gradebook in Moodle 1.9]], but there are obviously all kinds of events possible.&lt;br /&gt;
&lt;br /&gt;
===Triggering an event===&lt;br /&gt;
&lt;br /&gt;
Whenever a grade is created or changed by a module, it should “tell” the system about it (in addition to any local working storage it uses).   So, using the quiz as an example, we first define an object as follows:&lt;br /&gt;
&lt;br /&gt;
 $eventdata = new object;&lt;br /&gt;
 $eventdata-&amp;gt;courseid = $course-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemname = $quiz-&amp;gt;name;&lt;br /&gt;
 $eventdata-&amp;gt;itemtype = &#039;mod&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;itemmodule = &#039;quiz&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;iteminstance = $quiz-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemnumber = 1;&lt;br /&gt;
 $eventdata-&amp;gt;iteminfo = $quiz-&amp;gt;info;&lt;br /&gt;
 $eventdata-&amp;gt;idnumber = $cm-&amp;gt;idnumber;   // new field in 1.9&lt;br /&gt;
 $eventdata-&amp;gt;grademax = $quiz-&amp;gt;grade;&lt;br /&gt;
 $eventdata-&amp;gt;grademin = 0;&lt;br /&gt;
 $eventdata-&amp;gt;userid = $USER-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;gradevalue = $currentvalue;&lt;br /&gt;
&lt;br /&gt;
Then we post the object as an event and forget about it:&lt;br /&gt;
&lt;br /&gt;
 trigger_event(&#039;grade_added&#039;, $eventdata);&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
===Handling an event===&lt;br /&gt;
&lt;br /&gt;
Modules can define an events.php in their db directory which defines events they want to be notified about, and describes which of their functions or class methods should be notified.   For example, an export  plugin could register something like:&lt;br /&gt;
&lt;br /&gt;
 $events = array (&lt;br /&gt;
    &#039;grade_added&#039; =&amp;gt; array (&lt;br /&gt;
         &#039;file&#039;        =&amp;gt; &#039;/grade/export/banner/lib.php&#039;,&lt;br /&gt;
         &#039;function&#039;  =&amp;gt; &#039;banner_handle_grade&#039;,    // argument to call_user_func(), could be an array&lt;br /&gt;
         &#039;timing&#039;    =&amp;gt; &#039;cron&#039;&lt;br /&gt;
     );&lt;br /&gt;
 );&lt;br /&gt;
&lt;br /&gt;
These are parsed during install / upgrade and stored in a simple database table.&lt;br /&gt;
&lt;br /&gt;
Then, when a grade_added event happens, all the registered functions for that event will be called something like this (but with more error handling):&lt;br /&gt;
&lt;br /&gt;
          include_once($CFG-&amp;gt;dirroot.$events[&#039;grade_added&#039;][&#039;file&#039;];&lt;br /&gt;
          call_user_func($events[&#039;grade_added&#039;][&#039;function&#039;], $eventdata);&lt;br /&gt;
&lt;br /&gt;
All plugins in Moodle have access to this and can this easily “hook in” to &#039;grade_added&#039; events (and of course any other events).&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Database structure==&lt;br /&gt;
&lt;br /&gt;
There are 2 core tables for events.&lt;br /&gt;
&lt;br /&gt;
- do we need a separate events_log table too?&lt;br /&gt;
&lt;br /&gt;
===events_handlers===&lt;br /&gt;
&lt;br /&gt;
This table is for storing which components requests what type of event, and the location of the responsible handlers. For example, the grade book can register &#039;grade_added&#039; event with a function add_grade() that should be called event time an &#039;grade_added&#039; event is triggered by a module.&lt;br /&gt;
&lt;br /&gt;
These entries are created by parsing events.php files in all the modules, and can be rebuilt any time (during an upgrade, say).&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|-&lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|-&lt;br /&gt;
|eventname&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|name of the event, e.g. &#039;grade_added&#039;&lt;br /&gt;
|-&lt;br /&gt;
|handlermodule&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|e.g. moodle, mod/forum, block/rss_client&lt;br /&gt;
|-&lt;br /&gt;
|handlerfile&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|path to the file of the function, eg /grade/export/lib.php&lt;br /&gt;
|-&lt;br /&gt;
|handlerfunction&lt;br /&gt;
|text&lt;br /&gt;
|serialized string or array describing function, suitable to be passed to &#039;&#039;&#039;call_user_func()&#039;&#039;&#039;&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
===event_queued_events ===&lt;br /&gt;
&lt;br /&gt;
This table is for storing queued events. It stores only one copy of the eventdata here, and entries from this table are being references by the event_queue_handlers_todo table.&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|-&lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|-&lt;br /&gt;
|eventdata 	&lt;br /&gt;
|longtext 	&lt;br /&gt;
|serialized version of the data object passed to the event handler.&lt;br /&gt;
|-&lt;br /&gt;
|schedule 	&lt;br /&gt;
|varchar(255) 	&lt;br /&gt;
|&#039;cron&#039; or &#039;instant&#039;.&lt;br /&gt;
|-&lt;br /&gt;
|timecreated&lt;br /&gt;
|int(10) 	&lt;br /&gt;
|time stamp of the first time this was added&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
===event_queue_handlers_todo===&lt;br /&gt;
&lt;br /&gt;
This is the list of queued handlers for processing. The event object is retrieved from the event_queued_events table. When no further reference is made to the event_queued_events table, the corresponding entry in the event_queued_events table should be deleted.&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|- &lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|-&lt;br /&gt;
|queuedeventid&lt;br /&gt;
|int(10)&lt;br /&gt;
|foreign key id corresponding to the id of the event_queued_events table&lt;br /&gt;
|-&lt;br /&gt;
|handlerid&lt;br /&gt;
|int(10)&lt;br /&gt;
|foreign key id corresponding to the id of the event_handlers table&lt;br /&gt;
|-&lt;br /&gt;
|status&lt;br /&gt;
|int(10)&lt;br /&gt;
|number of failed attempts to process this handler&lt;br /&gt;
|-&lt;br /&gt;
|timemodified&lt;br /&gt;
|int(10)&lt;br /&gt;
|time stamp of the last attempt to run this from the queue&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
==Standards for naming events==&lt;br /&gt;
&lt;br /&gt;
All event names should follow a consistent naming pattern, such as modulename_noun_verb&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
== See also ==&lt;br /&gt;
&lt;br /&gt;
* [http://moodle.org/mod/forum/discuss.php?d=69103 General Developer Forum thread for discussing this proposal]. &lt;br /&gt;
* [[Grades]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[Category:Grades]]&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6510</id>
		<title>Old Events API</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6510"/>
		<updated>2007-04-18T05:55:04Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* event_queued_events */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;The Events API is a new core system in Moodle to allow better communication between modules.  It&#039;s based on modules triggering new events with attached data, and the other modules handling those events with custom functions.&lt;br /&gt;
&lt;br /&gt;
==Overview==&lt;br /&gt;
&lt;br /&gt;
We&#039;ll be using the example of a grade being posted from a module into the [[Grades|new gradebook in Moodle 1.9]], but there are obviously all kinds of events possible.&lt;br /&gt;
&lt;br /&gt;
===Triggering an event===&lt;br /&gt;
&lt;br /&gt;
Whenever a grade is created or changed by a module, it should “tell” the system about it (in addition to any local working storage it uses).   So, using the quiz as an example, we first define an object as follows:&lt;br /&gt;
&lt;br /&gt;
 $eventdata = new object;&lt;br /&gt;
 $eventdata-&amp;gt;courseid = $course-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemname = $quiz-&amp;gt;name;&lt;br /&gt;
 $eventdata-&amp;gt;itemtype = &#039;mod&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;itemmodule = &#039;quiz&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;iteminstance = $quiz-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemnumber = 1;&lt;br /&gt;
 $eventdata-&amp;gt;iteminfo = $quiz-&amp;gt;info;&lt;br /&gt;
 $eventdata-&amp;gt;idnumber = $cm-&amp;gt;idnumber;   // new field in 1.9&lt;br /&gt;
 $eventdata-&amp;gt;grademax = $quiz-&amp;gt;grade;&lt;br /&gt;
 $eventdata-&amp;gt;grademin = 0;&lt;br /&gt;
 $eventdata-&amp;gt;userid = $USER-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;gradevalue = $currentvalue;&lt;br /&gt;
&lt;br /&gt;
Then we post the object as an event and forget about it:&lt;br /&gt;
&lt;br /&gt;
 trigger_event(&#039;grade_added&#039;, $eventdata);&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
===Handling an event===&lt;br /&gt;
&lt;br /&gt;
Modules can define an events.php in their db directory which defines events they want to be notified about, and describes which of their functions or class methods should be notified.   For example, an export  plugin could register something like:&lt;br /&gt;
&lt;br /&gt;
 $events = array (&lt;br /&gt;
    &#039;grade_added&#039; =&amp;gt; array (&lt;br /&gt;
         &#039;file&#039;        =&amp;gt; &#039;/grade/export/banner/lib.php&#039;,&lt;br /&gt;
         &#039;function&#039;  =&amp;gt; &#039;banner_handle_grade&#039;,    // argument to call_user_func(), could be an array&lt;br /&gt;
         &#039;timing&#039;    =&amp;gt; &#039;cron&#039;&lt;br /&gt;
     );&lt;br /&gt;
 );&lt;br /&gt;
&lt;br /&gt;
These are parsed during install / upgrade and stored in a simple database table.&lt;br /&gt;
&lt;br /&gt;
Then, when a grade_added event happens, all the registered functions for that event will be called something like this (but with more error handling):&lt;br /&gt;
&lt;br /&gt;
          include_once($CFG-&amp;gt;dirroot.$events[&#039;grade_added&#039;][&#039;file&#039;];&lt;br /&gt;
          call_user_func($events[&#039;grade_added&#039;][&#039;function&#039;], $eventdata);&lt;br /&gt;
&lt;br /&gt;
All plugins in Moodle have access to this and can this easily “hook in” to &#039;grade_added&#039; events (and of course any other events).&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Database structure==&lt;br /&gt;
&lt;br /&gt;
There are 2 core tables for events.&lt;br /&gt;
&lt;br /&gt;
- do we need a separate events_log table too?&lt;br /&gt;
&lt;br /&gt;
===events_handlers===&lt;br /&gt;
&lt;br /&gt;
This table is for storing which components requests what type of event, and the location of the responsible handlers. For example, the grade book can register &#039;grade_added&#039; event with a function add_grade() that should be called event time an &#039;grade_added&#039; event is triggered by a module.&lt;br /&gt;
&lt;br /&gt;
These entries are created by parsing events.php files in all the modules, and can be rebuilt any time (during an upgrade, say).&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|-&lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|-&lt;br /&gt;
|eventname&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|name of the event, e.g. &#039;grade_added&#039;&lt;br /&gt;
|-&lt;br /&gt;
|handlermodule&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|e.g. moodle, mod/forum, block/rss_client&lt;br /&gt;
|-&lt;br /&gt;
|handlerfile&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|path to the file of the function, eg /grade/export/lib.php&lt;br /&gt;
|-&lt;br /&gt;
|handlerfunction&lt;br /&gt;
|text&lt;br /&gt;
|serialized string or array describing function, suitable to be passed to &#039;&#039;&#039;call_user_func()&#039;&#039;&#039;&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
===event_queued_events ===&lt;br /&gt;
&lt;br /&gt;
This table is for storing queued events. It stores only one copy of the eventdata here, and entries from this table are being references by the event_queue_handlers_todo table.&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|-&lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|-&lt;br /&gt;
|eventdata 	&lt;br /&gt;
|longtext 	&lt;br /&gt;
|serialized version of the data object passed to the event handler.&lt;br /&gt;
|-&lt;br /&gt;
|schedule 	&lt;br /&gt;
|varchar(255) 	&lt;br /&gt;
|&#039;cron&#039; or &#039;instant&#039;.&lt;br /&gt;
|-&lt;br /&gt;
|timecreated&lt;br /&gt;
|int(10) 	&lt;br /&gt;
|time stamp of the first time this was added&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
===event_queue_handlers_todo===&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|- &lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|-&lt;br /&gt;
|queuedeventid&lt;br /&gt;
|int(10)&lt;br /&gt;
|foreign key id corresponding to the id of the event_queued_events table&lt;br /&gt;
|-&lt;br /&gt;
|handlerid&lt;br /&gt;
|int(10)&lt;br /&gt;
|foreign key id corresponding to the id of the event_handlers table&lt;br /&gt;
|-&lt;br /&gt;
|status&lt;br /&gt;
|int(10)&lt;br /&gt;
|number of failed attempts to process this handler&lt;br /&gt;
|-&lt;br /&gt;
|timemodified&lt;br /&gt;
|int(10)&lt;br /&gt;
|time stamp of the last attempt to run this from the queue&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Standards for naming events==&lt;br /&gt;
&lt;br /&gt;
All event names should follow a consistent naming pattern, such as modulename_noun_verb&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
== See also ==&lt;br /&gt;
&lt;br /&gt;
* [http://moodle.org/mod/forum/discuss.php?d=69103 General Developer Forum thread for discussing this proposal]. &lt;br /&gt;
* [[Grades]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[Category:Grades]]&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6509</id>
		<title>Old Events API</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6509"/>
		<updated>2007-04-18T05:53:36Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* events_queue */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;The Events API is a new core system in Moodle to allow better communication between modules.  It&#039;s based on modules triggering new events with attached data, and the other modules handling those events with custom functions.&lt;br /&gt;
&lt;br /&gt;
==Overview==&lt;br /&gt;
&lt;br /&gt;
We&#039;ll be using the example of a grade being posted from a module into the [[Grades|new gradebook in Moodle 1.9]], but there are obviously all kinds of events possible.&lt;br /&gt;
&lt;br /&gt;
===Triggering an event===&lt;br /&gt;
&lt;br /&gt;
Whenever a grade is created or changed by a module, it should “tell” the system about it (in addition to any local working storage it uses).   So, using the quiz as an example, we first define an object as follows:&lt;br /&gt;
&lt;br /&gt;
 $eventdata = new object;&lt;br /&gt;
 $eventdata-&amp;gt;courseid = $course-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemname = $quiz-&amp;gt;name;&lt;br /&gt;
 $eventdata-&amp;gt;itemtype = &#039;mod&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;itemmodule = &#039;quiz&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;iteminstance = $quiz-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemnumber = 1;&lt;br /&gt;
 $eventdata-&amp;gt;iteminfo = $quiz-&amp;gt;info;&lt;br /&gt;
 $eventdata-&amp;gt;idnumber = $cm-&amp;gt;idnumber;   // new field in 1.9&lt;br /&gt;
 $eventdata-&amp;gt;grademax = $quiz-&amp;gt;grade;&lt;br /&gt;
 $eventdata-&amp;gt;grademin = 0;&lt;br /&gt;
 $eventdata-&amp;gt;userid = $USER-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;gradevalue = $currentvalue;&lt;br /&gt;
&lt;br /&gt;
Then we post the object as an event and forget about it:&lt;br /&gt;
&lt;br /&gt;
 trigger_event(&#039;grade_added&#039;, $eventdata);&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
===Handling an event===&lt;br /&gt;
&lt;br /&gt;
Modules can define an events.php in their db directory which defines events they want to be notified about, and describes which of their functions or class methods should be notified.   For example, an export  plugin could register something like:&lt;br /&gt;
&lt;br /&gt;
 $events = array (&lt;br /&gt;
    &#039;grade_added&#039; =&amp;gt; array (&lt;br /&gt;
         &#039;file&#039;        =&amp;gt; &#039;/grade/export/banner/lib.php&#039;,&lt;br /&gt;
         &#039;function&#039;  =&amp;gt; &#039;banner_handle_grade&#039;,    // argument to call_user_func(), could be an array&lt;br /&gt;
         &#039;timing&#039;    =&amp;gt; &#039;cron&#039;&lt;br /&gt;
     );&lt;br /&gt;
 );&lt;br /&gt;
&lt;br /&gt;
These are parsed during install / upgrade and stored in a simple database table.&lt;br /&gt;
&lt;br /&gt;
Then, when a grade_added event happens, all the registered functions for that event will be called something like this (but with more error handling):&lt;br /&gt;
&lt;br /&gt;
          include_once($CFG-&amp;gt;dirroot.$events[&#039;grade_added&#039;][&#039;file&#039;];&lt;br /&gt;
          call_user_func($events[&#039;grade_added&#039;][&#039;function&#039;], $eventdata);&lt;br /&gt;
&lt;br /&gt;
All plugins in Moodle have access to this and can this easily “hook in” to &#039;grade_added&#039; events (and of course any other events).&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Database structure==&lt;br /&gt;
&lt;br /&gt;
There are 2 core tables for events.&lt;br /&gt;
&lt;br /&gt;
- do we need a separate events_log table too?&lt;br /&gt;
&lt;br /&gt;
===events_handlers===&lt;br /&gt;
&lt;br /&gt;
This table is for storing which components requests what type of event, and the location of the responsible handlers. For example, the grade book can register &#039;grade_added&#039; event with a function add_grade() that should be called event time an &#039;grade_added&#039; event is triggered by a module.&lt;br /&gt;
&lt;br /&gt;
These entries are created by parsing events.php files in all the modules, and can be rebuilt any time (during an upgrade, say).&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|-&lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|-&lt;br /&gt;
|eventname&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|name of the event, e.g. &#039;grade_added&#039;&lt;br /&gt;
|-&lt;br /&gt;
|handlermodule&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|e.g. moodle, mod/forum, block/rss_client&lt;br /&gt;
|-&lt;br /&gt;
|handlerfile&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|path to the file of the function, eg /grade/export/lib.php&lt;br /&gt;
|-&lt;br /&gt;
|handlerfunction&lt;br /&gt;
|text&lt;br /&gt;
|serialized string or array describing function, suitable to be passed to &#039;&#039;&#039;call_user_func()&#039;&#039;&#039;&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
===event_queued_events ===&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|-&lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|-&lt;br /&gt;
|eventdata 	&lt;br /&gt;
|longtext 	&lt;br /&gt;
|serialized version of the data object passed to the event handler.&lt;br /&gt;
|-&lt;br /&gt;
|schedule 	&lt;br /&gt;
|varchar(255) 	&lt;br /&gt;
|&#039;cron&#039; or &#039;instant&#039;.&lt;br /&gt;
|-&lt;br /&gt;
|timecreated&lt;br /&gt;
|int(10) 	&lt;br /&gt;
|time stamp of the first time this was added&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
===event_queue_handlers_todo===&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|- &lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|-&lt;br /&gt;
|queuedeventid&lt;br /&gt;
|int(10)&lt;br /&gt;
|foreign key id corresponding to the id of the event_queued_events table&lt;br /&gt;
|-&lt;br /&gt;
|handlerid&lt;br /&gt;
|int(10)&lt;br /&gt;
|foreign key id corresponding to the id of the event_handlers table&lt;br /&gt;
|-&lt;br /&gt;
|status&lt;br /&gt;
|int(10)&lt;br /&gt;
|number of failed attempts to process this handler&lt;br /&gt;
|-&lt;br /&gt;
|timemodified&lt;br /&gt;
|int(10)&lt;br /&gt;
|time stamp of the last attempt to run this from the queue&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Standards for naming events==&lt;br /&gt;
&lt;br /&gt;
All event names should follow a consistent naming pattern, such as modulename_noun_verb&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
== See also ==&lt;br /&gt;
&lt;br /&gt;
* [http://moodle.org/mod/forum/discuss.php?d=69103 General Developer Forum thread for discussing this proposal]. &lt;br /&gt;
* [[Grades]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[Category:Grades]]&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6508</id>
		<title>Old Events API</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6508"/>
		<updated>2007-04-18T05:52:45Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* event_queue_handlers_todo */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;The Events API is a new core system in Moodle to allow better communication between modules.  It&#039;s based on modules triggering new events with attached data, and the other modules handling those events with custom functions.&lt;br /&gt;
&lt;br /&gt;
==Overview==&lt;br /&gt;
&lt;br /&gt;
We&#039;ll be using the example of a grade being posted from a module into the [[Grades|new gradebook in Moodle 1.9]], but there are obviously all kinds of events possible.&lt;br /&gt;
&lt;br /&gt;
===Triggering an event===&lt;br /&gt;
&lt;br /&gt;
Whenever a grade is created or changed by a module, it should “tell” the system about it (in addition to any local working storage it uses).   So, using the quiz as an example, we first define an object as follows:&lt;br /&gt;
&lt;br /&gt;
 $eventdata = new object;&lt;br /&gt;
 $eventdata-&amp;gt;courseid = $course-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemname = $quiz-&amp;gt;name;&lt;br /&gt;
 $eventdata-&amp;gt;itemtype = &#039;mod&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;itemmodule = &#039;quiz&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;iteminstance = $quiz-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemnumber = 1;&lt;br /&gt;
 $eventdata-&amp;gt;iteminfo = $quiz-&amp;gt;info;&lt;br /&gt;
 $eventdata-&amp;gt;idnumber = $cm-&amp;gt;idnumber;   // new field in 1.9&lt;br /&gt;
 $eventdata-&amp;gt;grademax = $quiz-&amp;gt;grade;&lt;br /&gt;
 $eventdata-&amp;gt;grademin = 0;&lt;br /&gt;
 $eventdata-&amp;gt;userid = $USER-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;gradevalue = $currentvalue;&lt;br /&gt;
&lt;br /&gt;
Then we post the object as an event and forget about it:&lt;br /&gt;
&lt;br /&gt;
 trigger_event(&#039;grade_added&#039;, $eventdata);&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
===Handling an event===&lt;br /&gt;
&lt;br /&gt;
Modules can define an events.php in their db directory which defines events they want to be notified about, and describes which of their functions or class methods should be notified.   For example, an export  plugin could register something like:&lt;br /&gt;
&lt;br /&gt;
 $events = array (&lt;br /&gt;
    &#039;grade_added&#039; =&amp;gt; array (&lt;br /&gt;
         &#039;file&#039;        =&amp;gt; &#039;/grade/export/banner/lib.php&#039;,&lt;br /&gt;
         &#039;function&#039;  =&amp;gt; &#039;banner_handle_grade&#039;,    // argument to call_user_func(), could be an array&lt;br /&gt;
         &#039;timing&#039;    =&amp;gt; &#039;cron&#039;&lt;br /&gt;
     );&lt;br /&gt;
 );&lt;br /&gt;
&lt;br /&gt;
These are parsed during install / upgrade and stored in a simple database table.&lt;br /&gt;
&lt;br /&gt;
Then, when a grade_added event happens, all the registered functions for that event will be called something like this (but with more error handling):&lt;br /&gt;
&lt;br /&gt;
          include_once($CFG-&amp;gt;dirroot.$events[&#039;grade_added&#039;][&#039;file&#039;];&lt;br /&gt;
          call_user_func($events[&#039;grade_added&#039;][&#039;function&#039;], $eventdata);&lt;br /&gt;
&lt;br /&gt;
All plugins in Moodle have access to this and can this easily “hook in” to &#039;grade_added&#039; events (and of course any other events).&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Database structure==&lt;br /&gt;
&lt;br /&gt;
There are 2 core tables for events.&lt;br /&gt;
&lt;br /&gt;
- do we need a separate events_log table too?&lt;br /&gt;
&lt;br /&gt;
===events_handlers===&lt;br /&gt;
&lt;br /&gt;
This table is for storing which components requests what type of event, and the location of the responsible handlers. For example, the grade book can register &#039;grade_added&#039; event with a function add_grade() that should be called event time an &#039;grade_added&#039; event is triggered by a module.&lt;br /&gt;
&lt;br /&gt;
These entries are created by parsing events.php files in all the modules, and can be rebuilt any time (during an upgrade, say).&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|-&lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|-&lt;br /&gt;
|eventname&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|name of the event, e.g. &#039;grade_added&#039;&lt;br /&gt;
|-&lt;br /&gt;
|handlermodule&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|e.g. moodle, mod/forum, block/rss_client&lt;br /&gt;
|-&lt;br /&gt;
|handlerfile&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|path to the file of the function, eg /grade/export/lib.php&lt;br /&gt;
|-&lt;br /&gt;
|handlerfunction&lt;br /&gt;
|text&lt;br /&gt;
|serialized string or array describing function, suitable to be passed to &#039;&#039;&#039;call_user_func()&#039;&#039;&#039;&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
===event_queued_events ===&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|-&lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|-&lt;br /&gt;
|eventdata 	&lt;br /&gt;
|longtext 	&lt;br /&gt;
|serialized version of the data object passed to the event handler.&lt;br /&gt;
|-&lt;br /&gt;
|schedule 	&lt;br /&gt;
|varchar(255) 	&lt;br /&gt;
|&#039;cron&#039; or &#039;instant&#039;.&lt;br /&gt;
|-&lt;br /&gt;
|timecreated&lt;br /&gt;
|int(10) 	&lt;br /&gt;
|time stamp of the first time this was added&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
===event_queue_handlers_todo===&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|- &lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|-&lt;br /&gt;
|queuedeventid&lt;br /&gt;
|int(10)&lt;br /&gt;
|foreign key id corresponding to the id of the event_queued_events table&lt;br /&gt;
|-&lt;br /&gt;
|handlerid&lt;br /&gt;
|int(10)&lt;br /&gt;
|foreign key id corresponding to the id of the event_handlers table&lt;br /&gt;
|-&lt;br /&gt;
|status&lt;br /&gt;
|int(10)&lt;br /&gt;
|number of failed attempts to process this handler&lt;br /&gt;
|-&lt;br /&gt;
|timemodified&lt;br /&gt;
|int(10)&lt;br /&gt;
|time stamp of the last attempt to run this from the queue&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
===events_queue===&lt;br /&gt;
&lt;br /&gt;
The event queue table should put all responding events into the queue. For example, an event triggered by grade book &#039;grade_updated&#039; can result in the response of all modules. Each response should be either queued or processed instantly. If an &amp;quot;instant&amp;quot; event is not processed successfully it is then queued. So a &#039;grade_updated&#039; event could insert multiple records into the event_queue table.  The status field counts failures - if the failures reach some high number then some action should be taken (alert the admin etc).&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|- &lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|- &lt;br /&gt;
|handlerid&lt;br /&gt;
|int(10)&lt;br /&gt;
|foreign key id corresponding to the id of the event_handlers table&lt;br /&gt;
|- &lt;br /&gt;
|eventdata&lt;br /&gt;
|longtext&lt;br /&gt;
|serialized version of the data object passed to the event handler.&lt;br /&gt;
|- &lt;br /&gt;
|schedule&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|&#039;cron&#039; or &#039;instant&#039;. &lt;br /&gt;
|- &lt;br /&gt;
|status&lt;br /&gt;
|int(10)&lt;br /&gt;
|number of failed attempts to process this handler&lt;br /&gt;
|- &lt;br /&gt;
|timecreated&lt;br /&gt;
|int(10)&lt;br /&gt;
|time stamp of the first time this was added&lt;br /&gt;
|- &lt;br /&gt;
|timemodified&lt;br /&gt;
|int(10)&lt;br /&gt;
|time stamp of the last attempt to run this from the queue&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
==Standards for naming events==&lt;br /&gt;
&lt;br /&gt;
All event names should follow a consistent naming pattern, such as modulename_noun_verb&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
== See also ==&lt;br /&gt;
&lt;br /&gt;
* [http://moodle.org/mod/forum/discuss.php?d=69103 General Developer Forum thread for discussing this proposal]. &lt;br /&gt;
* [[Grades]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[Category:Grades]]&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6507</id>
		<title>Old Events API</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6507"/>
		<updated>2007-04-18T05:52:25Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* event_queue_handlers_todo */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;The Events API is a new core system in Moodle to allow better communication between modules.  It&#039;s based on modules triggering new events with attached data, and the other modules handling those events with custom functions.&lt;br /&gt;
&lt;br /&gt;
==Overview==&lt;br /&gt;
&lt;br /&gt;
We&#039;ll be using the example of a grade being posted from a module into the [[Grades|new gradebook in Moodle 1.9]], but there are obviously all kinds of events possible.&lt;br /&gt;
&lt;br /&gt;
===Triggering an event===&lt;br /&gt;
&lt;br /&gt;
Whenever a grade is created or changed by a module, it should “tell” the system about it (in addition to any local working storage it uses).   So, using the quiz as an example, we first define an object as follows:&lt;br /&gt;
&lt;br /&gt;
 $eventdata = new object;&lt;br /&gt;
 $eventdata-&amp;gt;courseid = $course-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemname = $quiz-&amp;gt;name;&lt;br /&gt;
 $eventdata-&amp;gt;itemtype = &#039;mod&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;itemmodule = &#039;quiz&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;iteminstance = $quiz-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemnumber = 1;&lt;br /&gt;
 $eventdata-&amp;gt;iteminfo = $quiz-&amp;gt;info;&lt;br /&gt;
 $eventdata-&amp;gt;idnumber = $cm-&amp;gt;idnumber;   // new field in 1.9&lt;br /&gt;
 $eventdata-&amp;gt;grademax = $quiz-&amp;gt;grade;&lt;br /&gt;
 $eventdata-&amp;gt;grademin = 0;&lt;br /&gt;
 $eventdata-&amp;gt;userid = $USER-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;gradevalue = $currentvalue;&lt;br /&gt;
&lt;br /&gt;
Then we post the object as an event and forget about it:&lt;br /&gt;
&lt;br /&gt;
 trigger_event(&#039;grade_added&#039;, $eventdata);&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
===Handling an event===&lt;br /&gt;
&lt;br /&gt;
Modules can define an events.php in their db directory which defines events they want to be notified about, and describes which of their functions or class methods should be notified.   For example, an export  plugin could register something like:&lt;br /&gt;
&lt;br /&gt;
 $events = array (&lt;br /&gt;
    &#039;grade_added&#039; =&amp;gt; array (&lt;br /&gt;
         &#039;file&#039;        =&amp;gt; &#039;/grade/export/banner/lib.php&#039;,&lt;br /&gt;
         &#039;function&#039;  =&amp;gt; &#039;banner_handle_grade&#039;,    // argument to call_user_func(), could be an array&lt;br /&gt;
         &#039;timing&#039;    =&amp;gt; &#039;cron&#039;&lt;br /&gt;
     );&lt;br /&gt;
 );&lt;br /&gt;
&lt;br /&gt;
These are parsed during install / upgrade and stored in a simple database table.&lt;br /&gt;
&lt;br /&gt;
Then, when a grade_added event happens, all the registered functions for that event will be called something like this (but with more error handling):&lt;br /&gt;
&lt;br /&gt;
          include_once($CFG-&amp;gt;dirroot.$events[&#039;grade_added&#039;][&#039;file&#039;];&lt;br /&gt;
          call_user_func($events[&#039;grade_added&#039;][&#039;function&#039;], $eventdata);&lt;br /&gt;
&lt;br /&gt;
All plugins in Moodle have access to this and can this easily “hook in” to &#039;grade_added&#039; events (and of course any other events).&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Database structure==&lt;br /&gt;
&lt;br /&gt;
There are 2 core tables for events.&lt;br /&gt;
&lt;br /&gt;
- do we need a separate events_log table too?&lt;br /&gt;
&lt;br /&gt;
===events_handlers===&lt;br /&gt;
&lt;br /&gt;
This table is for storing which components requests what type of event, and the location of the responsible handlers. For example, the grade book can register &#039;grade_added&#039; event with a function add_grade() that should be called event time an &#039;grade_added&#039; event is triggered by a module.&lt;br /&gt;
&lt;br /&gt;
These entries are created by parsing events.php files in all the modules, and can be rebuilt any time (during an upgrade, say).&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|-&lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|-&lt;br /&gt;
|eventname&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|name of the event, e.g. &#039;grade_added&#039;&lt;br /&gt;
|-&lt;br /&gt;
|handlermodule&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|e.g. moodle, mod/forum, block/rss_client&lt;br /&gt;
|-&lt;br /&gt;
|handlerfile&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|path to the file of the function, eg /grade/export/lib.php&lt;br /&gt;
|-&lt;br /&gt;
|handlerfunction&lt;br /&gt;
|text&lt;br /&gt;
|serialized string or array describing function, suitable to be passed to &#039;&#039;&#039;call_user_func()&#039;&#039;&#039;&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
===event_queued_events ===&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|-&lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|-&lt;br /&gt;
|eventdata 	&lt;br /&gt;
|longtext 	&lt;br /&gt;
|serialized version of the data object passed to the event handler.&lt;br /&gt;
|-&lt;br /&gt;
|schedule 	&lt;br /&gt;
|varchar(255) 	&lt;br /&gt;
|&#039;cron&#039; or &#039;instant&#039;.&lt;br /&gt;
|-&lt;br /&gt;
|timecreated&lt;br /&gt;
|int(10) 	&lt;br /&gt;
|time stamp of the first time this was added&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
===event_queue_handlers_todo===&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|- &lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|-&lt;br /&gt;
|queuedeventid&lt;br /&gt;
|int(10)&lt;br /&gt;
|foreign key id corresponding to the id of the event_queue table&lt;br /&gt;
|-&lt;br /&gt;
|handlerid&lt;br /&gt;
|int(10)&lt;br /&gt;
|foreign key id corresponding to the id of the event_handlers table&lt;br /&gt;
|-&lt;br /&gt;
|status&lt;br /&gt;
|int(10)&lt;br /&gt;
|number of failed attempts to process this handler&lt;br /&gt;
|-&lt;br /&gt;
|timemodified&lt;br /&gt;
|int(10)&lt;br /&gt;
|time stamp of the last attempt to run this from the queue&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
===events_queue===&lt;br /&gt;
&lt;br /&gt;
The event queue table should put all responding events into the queue. For example, an event triggered by grade book &#039;grade_updated&#039; can result in the response of all modules. Each response should be either queued or processed instantly. If an &amp;quot;instant&amp;quot; event is not processed successfully it is then queued. So a &#039;grade_updated&#039; event could insert multiple records into the event_queue table.  The status field counts failures - if the failures reach some high number then some action should be taken (alert the admin etc).&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|- &lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|- &lt;br /&gt;
|handlerid&lt;br /&gt;
|int(10)&lt;br /&gt;
|foreign key id corresponding to the id of the event_handlers table&lt;br /&gt;
|- &lt;br /&gt;
|eventdata&lt;br /&gt;
|longtext&lt;br /&gt;
|serialized version of the data object passed to the event handler.&lt;br /&gt;
|- &lt;br /&gt;
|schedule&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|&#039;cron&#039; or &#039;instant&#039;. &lt;br /&gt;
|- &lt;br /&gt;
|status&lt;br /&gt;
|int(10)&lt;br /&gt;
|number of failed attempts to process this handler&lt;br /&gt;
|- &lt;br /&gt;
|timecreated&lt;br /&gt;
|int(10)&lt;br /&gt;
|time stamp of the first time this was added&lt;br /&gt;
|- &lt;br /&gt;
|timemodified&lt;br /&gt;
|int(10)&lt;br /&gt;
|time stamp of the last attempt to run this from the queue&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
==Standards for naming events==&lt;br /&gt;
&lt;br /&gt;
All event names should follow a consistent naming pattern, such as modulename_noun_verb&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
== See also ==&lt;br /&gt;
&lt;br /&gt;
* [http://moodle.org/mod/forum/discuss.php?d=69103 General Developer Forum thread for discussing this proposal]. &lt;br /&gt;
* [[Grades]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[Category:Grades]]&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6506</id>
		<title>Old Events API</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6506"/>
		<updated>2007-04-18T05:49:55Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* event_queue_handlers_todo */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;The Events API is a new core system in Moodle to allow better communication between modules.  It&#039;s based on modules triggering new events with attached data, and the other modules handling those events with custom functions.&lt;br /&gt;
&lt;br /&gt;
==Overview==&lt;br /&gt;
&lt;br /&gt;
We&#039;ll be using the example of a grade being posted from a module into the [[Grades|new gradebook in Moodle 1.9]], but there are obviously all kinds of events possible.&lt;br /&gt;
&lt;br /&gt;
===Triggering an event===&lt;br /&gt;
&lt;br /&gt;
Whenever a grade is created or changed by a module, it should “tell” the system about it (in addition to any local working storage it uses).   So, using the quiz as an example, we first define an object as follows:&lt;br /&gt;
&lt;br /&gt;
 $eventdata = new object;&lt;br /&gt;
 $eventdata-&amp;gt;courseid = $course-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemname = $quiz-&amp;gt;name;&lt;br /&gt;
 $eventdata-&amp;gt;itemtype = &#039;mod&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;itemmodule = &#039;quiz&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;iteminstance = $quiz-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemnumber = 1;&lt;br /&gt;
 $eventdata-&amp;gt;iteminfo = $quiz-&amp;gt;info;&lt;br /&gt;
 $eventdata-&amp;gt;idnumber = $cm-&amp;gt;idnumber;   // new field in 1.9&lt;br /&gt;
 $eventdata-&amp;gt;grademax = $quiz-&amp;gt;grade;&lt;br /&gt;
 $eventdata-&amp;gt;grademin = 0;&lt;br /&gt;
 $eventdata-&amp;gt;userid = $USER-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;gradevalue = $currentvalue;&lt;br /&gt;
&lt;br /&gt;
Then we post the object as an event and forget about it:&lt;br /&gt;
&lt;br /&gt;
 trigger_event(&#039;grade_added&#039;, $eventdata);&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
===Handling an event===&lt;br /&gt;
&lt;br /&gt;
Modules can define an events.php in their db directory which defines events they want to be notified about, and describes which of their functions or class methods should be notified.   For example, an export  plugin could register something like:&lt;br /&gt;
&lt;br /&gt;
 $events = array (&lt;br /&gt;
    &#039;grade_added&#039; =&amp;gt; array (&lt;br /&gt;
         &#039;file&#039;        =&amp;gt; &#039;/grade/export/banner/lib.php&#039;,&lt;br /&gt;
         &#039;function&#039;  =&amp;gt; &#039;banner_handle_grade&#039;,    // argument to call_user_func(), could be an array&lt;br /&gt;
         &#039;timing&#039;    =&amp;gt; &#039;cron&#039;&lt;br /&gt;
     );&lt;br /&gt;
 );&lt;br /&gt;
&lt;br /&gt;
These are parsed during install / upgrade and stored in a simple database table.&lt;br /&gt;
&lt;br /&gt;
Then, when a grade_added event happens, all the registered functions for that event will be called something like this (but with more error handling):&lt;br /&gt;
&lt;br /&gt;
          include_once($CFG-&amp;gt;dirroot.$events[&#039;grade_added&#039;][&#039;file&#039;];&lt;br /&gt;
          call_user_func($events[&#039;grade_added&#039;][&#039;function&#039;], $eventdata);&lt;br /&gt;
&lt;br /&gt;
All plugins in Moodle have access to this and can this easily “hook in” to &#039;grade_added&#039; events (and of course any other events).&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Database structure==&lt;br /&gt;
&lt;br /&gt;
There are 2 core tables for events.&lt;br /&gt;
&lt;br /&gt;
- do we need a separate events_log table too?&lt;br /&gt;
&lt;br /&gt;
===events_handlers===&lt;br /&gt;
&lt;br /&gt;
This table is for storing which components requests what type of event, and the location of the responsible handlers. For example, the grade book can register &#039;grade_added&#039; event with a function add_grade() that should be called event time an &#039;grade_added&#039; event is triggered by a module.&lt;br /&gt;
&lt;br /&gt;
These entries are created by parsing events.php files in all the modules, and can be rebuilt any time (during an upgrade, say).&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|-&lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|-&lt;br /&gt;
|eventname&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|name of the event, e.g. &#039;grade_added&#039;&lt;br /&gt;
|-&lt;br /&gt;
|handlermodule&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|e.g. moodle, mod/forum, block/rss_client&lt;br /&gt;
|-&lt;br /&gt;
|handlerfile&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|path to the file of the function, eg /grade/export/lib.php&lt;br /&gt;
|-&lt;br /&gt;
|handlerfunction&lt;br /&gt;
|text&lt;br /&gt;
|serialized string or array describing function, suitable to be passed to &#039;&#039;&#039;call_user_func()&#039;&#039;&#039;&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
===event_queued_events ===&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|-&lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|-&lt;br /&gt;
|eventdata 	&lt;br /&gt;
|longtext 	&lt;br /&gt;
|serialized version of the data object passed to the event handler.&lt;br /&gt;
|-&lt;br /&gt;
|schedule 	&lt;br /&gt;
|varchar(255) 	&lt;br /&gt;
|&#039;cron&#039; or &#039;instant&#039;.&lt;br /&gt;
|-&lt;br /&gt;
|timecreated&lt;br /&gt;
|int(10) 	&lt;br /&gt;
|time stamp of the first time this was added&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
===event_queue_handlers_todo===&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|- &lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|-&lt;br /&gt;
|queuedeventid&lt;br /&gt;
|int(10)&lt;br /&gt;
|id referencing queued event&lt;br /&gt;
|-&lt;br /&gt;
|handlerid&lt;br /&gt;
|int(10)&lt;br /&gt;
|id referencing event handler&lt;br /&gt;
|-&lt;br /&gt;
|status&lt;br /&gt;
|int(10)&lt;br /&gt;
|number of failed attempts to process this handler&lt;br /&gt;
|-&lt;br /&gt;
|timemodified&lt;br /&gt;
|int(10)&lt;br /&gt;
|time stamp of the last attempt to run this from the queue&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
===events_queue===&lt;br /&gt;
&lt;br /&gt;
The event queue table should put all responding events into the queue. For example, an event triggered by grade book &#039;grade_updated&#039; can result in the response of all modules. Each response should be either queued or processed instantly. If an &amp;quot;instant&amp;quot; event is not processed successfully it is then queued. So a &#039;grade_updated&#039; event could insert multiple records into the event_queue table.  The status field counts failures - if the failures reach some high number then some action should be taken (alert the admin etc).&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|- &lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|- &lt;br /&gt;
|handlerid&lt;br /&gt;
|int(10)&lt;br /&gt;
|foreign key id corresponding to the id of the event_handlers table&lt;br /&gt;
|- &lt;br /&gt;
|eventdata&lt;br /&gt;
|longtext&lt;br /&gt;
|serialized version of the data object passed to the event handler.&lt;br /&gt;
|- &lt;br /&gt;
|schedule&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|&#039;cron&#039; or &#039;instant&#039;. &lt;br /&gt;
|- &lt;br /&gt;
|status&lt;br /&gt;
|int(10)&lt;br /&gt;
|number of failed attempts to process this handler&lt;br /&gt;
|- &lt;br /&gt;
|timecreated&lt;br /&gt;
|int(10)&lt;br /&gt;
|time stamp of the first time this was added&lt;br /&gt;
|- &lt;br /&gt;
|timemodified&lt;br /&gt;
|int(10)&lt;br /&gt;
|time stamp of the last attempt to run this from the queue&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
==Standards for naming events==&lt;br /&gt;
&lt;br /&gt;
All event names should follow a consistent naming pattern, such as modulename_noun_verb&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
== See also ==&lt;br /&gt;
&lt;br /&gt;
* [http://moodle.org/mod/forum/discuss.php?d=69103 General Developer Forum thread for discussing this proposal]. &lt;br /&gt;
* [[Grades]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[Category:Grades]]&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6505</id>
		<title>Old Events API</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6505"/>
		<updated>2007-04-18T05:47:55Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* event_queued_events */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;The Events API is a new core system in Moodle to allow better communication between modules.  It&#039;s based on modules triggering new events with attached data, and the other modules handling those events with custom functions.&lt;br /&gt;
&lt;br /&gt;
==Overview==&lt;br /&gt;
&lt;br /&gt;
We&#039;ll be using the example of a grade being posted from a module into the [[Grades|new gradebook in Moodle 1.9]], but there are obviously all kinds of events possible.&lt;br /&gt;
&lt;br /&gt;
===Triggering an event===&lt;br /&gt;
&lt;br /&gt;
Whenever a grade is created or changed by a module, it should “tell” the system about it (in addition to any local working storage it uses).   So, using the quiz as an example, we first define an object as follows:&lt;br /&gt;
&lt;br /&gt;
 $eventdata = new object;&lt;br /&gt;
 $eventdata-&amp;gt;courseid = $course-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemname = $quiz-&amp;gt;name;&lt;br /&gt;
 $eventdata-&amp;gt;itemtype = &#039;mod&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;itemmodule = &#039;quiz&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;iteminstance = $quiz-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemnumber = 1;&lt;br /&gt;
 $eventdata-&amp;gt;iteminfo = $quiz-&amp;gt;info;&lt;br /&gt;
 $eventdata-&amp;gt;idnumber = $cm-&amp;gt;idnumber;   // new field in 1.9&lt;br /&gt;
 $eventdata-&amp;gt;grademax = $quiz-&amp;gt;grade;&lt;br /&gt;
 $eventdata-&amp;gt;grademin = 0;&lt;br /&gt;
 $eventdata-&amp;gt;userid = $USER-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;gradevalue = $currentvalue;&lt;br /&gt;
&lt;br /&gt;
Then we post the object as an event and forget about it:&lt;br /&gt;
&lt;br /&gt;
 trigger_event(&#039;grade_added&#039;, $eventdata);&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
===Handling an event===&lt;br /&gt;
&lt;br /&gt;
Modules can define an events.php in their db directory which defines events they want to be notified about, and describes which of their functions or class methods should be notified.   For example, an export  plugin could register something like:&lt;br /&gt;
&lt;br /&gt;
 $events = array (&lt;br /&gt;
    &#039;grade_added&#039; =&amp;gt; array (&lt;br /&gt;
         &#039;file&#039;        =&amp;gt; &#039;/grade/export/banner/lib.php&#039;,&lt;br /&gt;
         &#039;function&#039;  =&amp;gt; &#039;banner_handle_grade&#039;,    // argument to call_user_func(), could be an array&lt;br /&gt;
         &#039;timing&#039;    =&amp;gt; &#039;cron&#039;&lt;br /&gt;
     );&lt;br /&gt;
 );&lt;br /&gt;
&lt;br /&gt;
These are parsed during install / upgrade and stored in a simple database table.&lt;br /&gt;
&lt;br /&gt;
Then, when a grade_added event happens, all the registered functions for that event will be called something like this (but with more error handling):&lt;br /&gt;
&lt;br /&gt;
          include_once($CFG-&amp;gt;dirroot.$events[&#039;grade_added&#039;][&#039;file&#039;];&lt;br /&gt;
          call_user_func($events[&#039;grade_added&#039;][&#039;function&#039;], $eventdata);&lt;br /&gt;
&lt;br /&gt;
All plugins in Moodle have access to this and can this easily “hook in” to &#039;grade_added&#039; events (and of course any other events).&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Database structure==&lt;br /&gt;
&lt;br /&gt;
There are 2 core tables for events.&lt;br /&gt;
&lt;br /&gt;
- do we need a separate events_log table too?&lt;br /&gt;
&lt;br /&gt;
===events_handlers===&lt;br /&gt;
&lt;br /&gt;
This table is for storing which components requests what type of event, and the location of the responsible handlers. For example, the grade book can register &#039;grade_added&#039; event with a function add_grade() that should be called event time an &#039;grade_added&#039; event is triggered by a module.&lt;br /&gt;
&lt;br /&gt;
These entries are created by parsing events.php files in all the modules, and can be rebuilt any time (during an upgrade, say).&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|-&lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|-&lt;br /&gt;
|eventname&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|name of the event, e.g. &#039;grade_added&#039;&lt;br /&gt;
|-&lt;br /&gt;
|handlermodule&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|e.g. moodle, mod/forum, block/rss_client&lt;br /&gt;
|-&lt;br /&gt;
|handlerfile&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|path to the file of the function, eg /grade/export/lib.php&lt;br /&gt;
|-&lt;br /&gt;
|handlerfunction&lt;br /&gt;
|text&lt;br /&gt;
|serialized string or array describing function, suitable to be passed to &#039;&#039;&#039;call_user_func()&#039;&#039;&#039;&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
===event_queued_events ===&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|-&lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|-&lt;br /&gt;
|eventdata 	&lt;br /&gt;
|longtext 	&lt;br /&gt;
|serialized version of the data object passed to the event handler.&lt;br /&gt;
|-&lt;br /&gt;
|schedule 	&lt;br /&gt;
|varchar(255) 	&lt;br /&gt;
|&#039;cron&#039; or &#039;instant&#039;.&lt;br /&gt;
|-&lt;br /&gt;
|timecreated&lt;br /&gt;
|int(10) 	&lt;br /&gt;
|time stamp of the first time this was added&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
===event_queue_handlers_todo===&lt;br /&gt;
&lt;br /&gt;
===events_queue===&lt;br /&gt;
&lt;br /&gt;
The event queue table should put all responding events into the queue. For example, an event triggered by grade book &#039;grade_updated&#039; can result in the response of all modules. Each response should be either queued or processed instantly. If an &amp;quot;instant&amp;quot; event is not processed successfully it is then queued. So a &#039;grade_updated&#039; event could insert multiple records into the event_queue table.  The status field counts failures - if the failures reach some high number then some action should be taken (alert the admin etc).&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|- &lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|- &lt;br /&gt;
|handlerid&lt;br /&gt;
|int(10)&lt;br /&gt;
|foreign key id corresponding to the id of the event_handlers table&lt;br /&gt;
|- &lt;br /&gt;
|eventdata&lt;br /&gt;
|longtext&lt;br /&gt;
|serialized version of the data object passed to the event handler.&lt;br /&gt;
|- &lt;br /&gt;
|schedule&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|&#039;cron&#039; or &#039;instant&#039;. &lt;br /&gt;
|- &lt;br /&gt;
|status&lt;br /&gt;
|int(10)&lt;br /&gt;
|number of failed attempts to process this handler&lt;br /&gt;
|- &lt;br /&gt;
|timecreated&lt;br /&gt;
|int(10)&lt;br /&gt;
|time stamp of the first time this was added&lt;br /&gt;
|- &lt;br /&gt;
|timemodified&lt;br /&gt;
|int(10)&lt;br /&gt;
|time stamp of the last attempt to run this from the queue&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
==Standards for naming events==&lt;br /&gt;
&lt;br /&gt;
All event names should follow a consistent naming pattern, such as modulename_noun_verb&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
== See also ==&lt;br /&gt;
&lt;br /&gt;
* [http://moodle.org/mod/forum/discuss.php?d=69103 General Developer Forum thread for discussing this proposal]. &lt;br /&gt;
* [[Grades]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[Category:Grades]]&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6504</id>
		<title>Old Events API</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6504"/>
		<updated>2007-04-18T05:44:37Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* Database structure */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;The Events API is a new core system in Moodle to allow better communication between modules.  It&#039;s based on modules triggering new events with attached data, and the other modules handling those events with custom functions.&lt;br /&gt;
&lt;br /&gt;
==Overview==&lt;br /&gt;
&lt;br /&gt;
We&#039;ll be using the example of a grade being posted from a module into the [[Grades|new gradebook in Moodle 1.9]], but there are obviously all kinds of events possible.&lt;br /&gt;
&lt;br /&gt;
===Triggering an event===&lt;br /&gt;
&lt;br /&gt;
Whenever a grade is created or changed by a module, it should “tell” the system about it (in addition to any local working storage it uses).   So, using the quiz as an example, we first define an object as follows:&lt;br /&gt;
&lt;br /&gt;
 $eventdata = new object;&lt;br /&gt;
 $eventdata-&amp;gt;courseid = $course-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemname = $quiz-&amp;gt;name;&lt;br /&gt;
 $eventdata-&amp;gt;itemtype = &#039;mod&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;itemmodule = &#039;quiz&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;iteminstance = $quiz-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemnumber = 1;&lt;br /&gt;
 $eventdata-&amp;gt;iteminfo = $quiz-&amp;gt;info;&lt;br /&gt;
 $eventdata-&amp;gt;idnumber = $cm-&amp;gt;idnumber;   // new field in 1.9&lt;br /&gt;
 $eventdata-&amp;gt;grademax = $quiz-&amp;gt;grade;&lt;br /&gt;
 $eventdata-&amp;gt;grademin = 0;&lt;br /&gt;
 $eventdata-&amp;gt;userid = $USER-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;gradevalue = $currentvalue;&lt;br /&gt;
&lt;br /&gt;
Then we post the object as an event and forget about it:&lt;br /&gt;
&lt;br /&gt;
 trigger_event(&#039;grade_added&#039;, $eventdata);&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
===Handling an event===&lt;br /&gt;
&lt;br /&gt;
Modules can define an events.php in their db directory which defines events they want to be notified about, and describes which of their functions or class methods should be notified.   For example, an export  plugin could register something like:&lt;br /&gt;
&lt;br /&gt;
 $events = array (&lt;br /&gt;
    &#039;grade_added&#039; =&amp;gt; array (&lt;br /&gt;
         &#039;file&#039;        =&amp;gt; &#039;/grade/export/banner/lib.php&#039;,&lt;br /&gt;
         &#039;function&#039;  =&amp;gt; &#039;banner_handle_grade&#039;,    // argument to call_user_func(), could be an array&lt;br /&gt;
         &#039;timing&#039;    =&amp;gt; &#039;cron&#039;&lt;br /&gt;
     );&lt;br /&gt;
 );&lt;br /&gt;
&lt;br /&gt;
These are parsed during install / upgrade and stored in a simple database table.&lt;br /&gt;
&lt;br /&gt;
Then, when a grade_added event happens, all the registered functions for that event will be called something like this (but with more error handling):&lt;br /&gt;
&lt;br /&gt;
          include_once($CFG-&amp;gt;dirroot.$events[&#039;grade_added&#039;][&#039;file&#039;];&lt;br /&gt;
          call_user_func($events[&#039;grade_added&#039;][&#039;function&#039;], $eventdata);&lt;br /&gt;
&lt;br /&gt;
All plugins in Moodle have access to this and can this easily “hook in” to &#039;grade_added&#039; events (and of course any other events).&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Database structure==&lt;br /&gt;
&lt;br /&gt;
There are 2 core tables for events.&lt;br /&gt;
&lt;br /&gt;
- do we need a separate events_log table too?&lt;br /&gt;
&lt;br /&gt;
===events_handlers===&lt;br /&gt;
&lt;br /&gt;
This table is for storing which components requests what type of event, and the location of the responsible handlers. For example, the grade book can register &#039;grade_added&#039; event with a function add_grade() that should be called event time an &#039;grade_added&#039; event is triggered by a module.&lt;br /&gt;
&lt;br /&gt;
These entries are created by parsing events.php files in all the modules, and can be rebuilt any time (during an upgrade, say).&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|-&lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|-&lt;br /&gt;
|eventname&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|name of the event, e.g. &#039;grade_added&#039;&lt;br /&gt;
|-&lt;br /&gt;
|handlermodule&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|e.g. moodle, mod/forum, block/rss_client&lt;br /&gt;
|-&lt;br /&gt;
|handlerfile&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|path to the file of the function, eg /grade/export/lib.php&lt;br /&gt;
|-&lt;br /&gt;
|handlerfunction&lt;br /&gt;
|text&lt;br /&gt;
|serialized string or array describing function, suitable to be passed to &#039;&#039;&#039;call_user_func()&#039;&#039;&#039;&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
===event_queued_events ===&lt;br /&gt;
&lt;br /&gt;
===event_queue_handlers_todo===&lt;br /&gt;
&lt;br /&gt;
===events_queue===&lt;br /&gt;
&lt;br /&gt;
The event queue table should put all responding events into the queue. For example, an event triggered by grade book &#039;grade_updated&#039; can result in the response of all modules. Each response should be either queued or processed instantly. If an &amp;quot;instant&amp;quot; event is not processed successfully it is then queued. So a &#039;grade_updated&#039; event could insert multiple records into the event_queue table.  The status field counts failures - if the failures reach some high number then some action should be taken (alert the admin etc).&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|- &lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|- &lt;br /&gt;
|handlerid&lt;br /&gt;
|int(10)&lt;br /&gt;
|foreign key id corresponding to the id of the event_handlers table&lt;br /&gt;
|- &lt;br /&gt;
|eventdata&lt;br /&gt;
|longtext&lt;br /&gt;
|serialized version of the data object passed to the event handler.&lt;br /&gt;
|- &lt;br /&gt;
|schedule&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|&#039;cron&#039; or &#039;instant&#039;. &lt;br /&gt;
|- &lt;br /&gt;
|status&lt;br /&gt;
|int(10)&lt;br /&gt;
|number of failed attempts to process this handler&lt;br /&gt;
|- &lt;br /&gt;
|timecreated&lt;br /&gt;
|int(10)&lt;br /&gt;
|time stamp of the first time this was added&lt;br /&gt;
|- &lt;br /&gt;
|timemodified&lt;br /&gt;
|int(10)&lt;br /&gt;
|time stamp of the last attempt to run this from the queue&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
==Standards for naming events==&lt;br /&gt;
&lt;br /&gt;
All event names should follow a consistent naming pattern, such as modulename_noun_verb&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
== See also ==&lt;br /&gt;
&lt;br /&gt;
* [http://moodle.org/mod/forum/discuss.php?d=69103 General Developer Forum thread for discussing this proposal]. &lt;br /&gt;
* [[Grades]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[Category:Grades]]&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6502</id>
		<title>Old Events API</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6502"/>
		<updated>2007-04-13T07:25:42Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* Database structure */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;The Events API is a new core system in Moodle to allow better communication between modules.  It&#039;s based on modules triggering new events with attached data, and the other modules handling those events with custom functions.&lt;br /&gt;
&lt;br /&gt;
==Overview==&lt;br /&gt;
&lt;br /&gt;
We&#039;ll be using the example of a grade being posted from a module into the [[Grades|new gradebook in Moodle 1.9]], but there are obviously all kinds of events possible.&lt;br /&gt;
&lt;br /&gt;
===Triggering an event===&lt;br /&gt;
&lt;br /&gt;
Whenever a grade is created or changed by a module, it should “tell” the system about it (in addition to any local working storage it uses).   So, using the quiz as an example, we first define an object as follows:&lt;br /&gt;
&lt;br /&gt;
 $eventdata = new object;&lt;br /&gt;
 $eventdata-&amp;gt;courseid = $course-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemname = $quiz-&amp;gt;name;&lt;br /&gt;
 $eventdata-&amp;gt;itemtype = &#039;mod&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;itemmodule = &#039;quiz&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;iteminstance = $quiz-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemnumber = 1;&lt;br /&gt;
 $eventdata-&amp;gt;iteminfo = $quiz-&amp;gt;info;&lt;br /&gt;
 $eventdata-&amp;gt;idnumber = $cm-&amp;gt;idnumber;   // new field in 1.9&lt;br /&gt;
 $eventdata-&amp;gt;grademax = $quiz-&amp;gt;grade;&lt;br /&gt;
 $eventdata-&amp;gt;grademin = 0;&lt;br /&gt;
 $eventdata-&amp;gt;userid = $USER-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;gradevalue = $currentvalue;&lt;br /&gt;
&lt;br /&gt;
Then we post the object as an event and forget about it:&lt;br /&gt;
&lt;br /&gt;
 trigger_event(&#039;grade_added&#039;, $eventdata);&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
===Handling an event===&lt;br /&gt;
&lt;br /&gt;
Modules can define an events.php in their db directory which defines events they want to be notified about, and describes which of their functions or class methods should be notified.   For example, an export  plugin could register something like:&lt;br /&gt;
&lt;br /&gt;
 $events = array (&lt;br /&gt;
    &#039;grade_added&#039; =&amp;gt; array (&lt;br /&gt;
         &#039;file&#039;        =&amp;gt; &#039;/grade/export/banner/lib.php&#039;,&lt;br /&gt;
         &#039;function&#039;  =&amp;gt; &#039;banner_handle_grade&#039;,    // argument to call_user_func(), could be an array&lt;br /&gt;
         &#039;timing&#039;    =&amp;gt; &#039;cron&#039;&lt;br /&gt;
     );&lt;br /&gt;
 );&lt;br /&gt;
&lt;br /&gt;
These are parsed during install / upgrade and stored in a simple database table.&lt;br /&gt;
&lt;br /&gt;
Then, when a grade_added event happens, all the registered functions for that event will be called something like this (but with more error handling):&lt;br /&gt;
&lt;br /&gt;
          include_once($CFG-&amp;gt;dirroot.$events[&#039;grade_added&#039;][&#039;file&#039;];&lt;br /&gt;
          call_user_func($events[&#039;grade_added&#039;][&#039;function&#039;], $eventdata);&lt;br /&gt;
&lt;br /&gt;
All plugins in Moodle have access to this and can this easily “hook in” to &#039;grade_added&#039; events (and of course any other events).&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Database structure==&lt;br /&gt;
&lt;br /&gt;
There are 2 core tables for events.&lt;br /&gt;
&lt;br /&gt;
- do we need a separate events_log table too?&lt;br /&gt;
&lt;br /&gt;
===events_handlers===&lt;br /&gt;
&lt;br /&gt;
This table is for storing which components requests what type of event, and the location of the responsible handlers. For example, the grade book can register &#039;grade_added&#039; event with a function add_grade() that should be called event time an &#039;grade_added&#039; event is triggered by a module.&lt;br /&gt;
&lt;br /&gt;
These entries are created by parsing events.php files in all the modules, and can be rebuilt any time (during an upgrade, say).&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|-&lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|-&lt;br /&gt;
|eventname&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|name of the event, e.g. &#039;grade_added&#039;&lt;br /&gt;
|-&lt;br /&gt;
|handlermodule&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|e.g. moodle, mod/forum, block/rss_client&lt;br /&gt;
|-&lt;br /&gt;
|handlerfile&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|path to the file of the function, eg /grade/export/lib.php&lt;br /&gt;
|-&lt;br /&gt;
|handlerfunction&lt;br /&gt;
|text&lt;br /&gt;
|serialized string or array describing function, suitable to be passed to &#039;&#039;&#039;call_user_func()&#039;&#039;&#039;&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
===events_queue===&lt;br /&gt;
&lt;br /&gt;
The event queue table should put all responding events into the queue. For example, an event triggered by grade book &#039;grade_updated&#039; can result in the response of all modules. Each response should be either queued or processed instantly. If an &amp;quot;instant&amp;quot; event is not processed successfully it is then queued. So a &#039;grade_updated&#039; event could insert multiple records into the event_queue table.  The status field counts failures - if the failures reach some high number then some action should be taken (alert the admin etc).&lt;br /&gt;
&lt;br /&gt;
{| border=&amp;quot;1&amp;quot; cellpadding=&amp;quot;2&amp;quot; cellspacing=&amp;quot;0&amp;quot;&lt;br /&gt;
|&#039;&#039;&#039;Field&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Type&#039;&#039;&#039;&lt;br /&gt;
|&#039;&#039;&#039;Info&#039;&#039;&#039;&lt;br /&gt;
|- &lt;br /&gt;
|id&lt;br /&gt;
|int(10)&lt;br /&gt;
|auto increment identifier&lt;br /&gt;
|- &lt;br /&gt;
|handlerid&lt;br /&gt;
|int(10)&lt;br /&gt;
|foreign key id corresponding to the id of the event_handlers table&lt;br /&gt;
|- &lt;br /&gt;
|eventdata&lt;br /&gt;
|longtext&lt;br /&gt;
|serialized version of the data object passed to the event handler.&lt;br /&gt;
|- &lt;br /&gt;
|schedule&lt;br /&gt;
|varchar(255)&lt;br /&gt;
|&#039;cron&#039; or &#039;instant&#039;. &lt;br /&gt;
|- &lt;br /&gt;
|status&lt;br /&gt;
|int(10)&lt;br /&gt;
|number of failed attempts to process this handler&lt;br /&gt;
|- &lt;br /&gt;
|timecreated&lt;br /&gt;
|int(10)&lt;br /&gt;
|time stamp of the first time this was added&lt;br /&gt;
|- &lt;br /&gt;
|timemodified&lt;br /&gt;
|int(10)&lt;br /&gt;
|time stamp of the last attempt to run this from the queue&lt;br /&gt;
|}&lt;br /&gt;
&lt;br /&gt;
==Standards for naming events==&lt;br /&gt;
&lt;br /&gt;
All event names should follow a consistent naming pattern, such as modulename_noun_verb&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
== See also ==&lt;br /&gt;
&lt;br /&gt;
* [[Grades]]&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[Category:Grades]]&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6486</id>
		<title>Old Events API</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6486"/>
		<updated>2007-04-12T07:17:53Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* event queue */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;The Events API is a new core system in Moodle to allow better communication between modules.  It&#039;s based on modules triggering new events with attached data, and the other modules handling those events with custom functions.&lt;br /&gt;
&lt;br /&gt;
==Overview==&lt;br /&gt;
&lt;br /&gt;
We&#039;ll be using the example of a grade being posted from a module into the gradebook, but there are obviously all kinds of events possible.&lt;br /&gt;
&lt;br /&gt;
===Triggering an event===&lt;br /&gt;
&lt;br /&gt;
Whenever a grade is created or changed by a module, it should “tell” the system about it (in addition to any local working storage it uses).   So, using the quiz as an example, we first define an object as follows:&lt;br /&gt;
&lt;br /&gt;
 $eventdata = new object;&lt;br /&gt;
 $eventdata-&amp;gt;courseid = $course-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemname = $quiz-&amp;gt;name;&lt;br /&gt;
 $eventdata-&amp;gt;itemtype = &#039;mod&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;itemmodule = &#039;quiz&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;iteminstance = $quiz-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemnumber = 1;&lt;br /&gt;
 $eventdata-&amp;gt;iteminfo = $quiz-&amp;gt;info;&lt;br /&gt;
 $eventdata-&amp;gt;idnumber = $cm-&amp;gt;idnumber;   // new field in 1.9&lt;br /&gt;
 $eventdata-&amp;gt;grademax = $quiz-&amp;gt;grade;&lt;br /&gt;
 $eventdata-&amp;gt;grademin = 0;&lt;br /&gt;
 $eventdata-&amp;gt;userid = $USER-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;gradevalue = $currentvalue;&lt;br /&gt;
&lt;br /&gt;
Then we post the object as an event and forget about it:&lt;br /&gt;
&lt;br /&gt;
 trigger_event(&#039;grade_added&#039;, $eventdata);&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
===Handling an event===&lt;br /&gt;
&lt;br /&gt;
Modules can define an events.php in their db directory which defines events they want to be notified about, and describes which of their functions or class methods should be notified.   For example, an export  plugin could register something like:&lt;br /&gt;
&lt;br /&gt;
 $events = array (&lt;br /&gt;
    &#039;grade_added&#039; =&amp;gt; array (&lt;br /&gt;
         &#039;file&#039;        =&amp;gt; &#039;/grade/export/banner/lib.php&#039;,&lt;br /&gt;
         &#039;function&#039;  =&amp;gt; &#039;banner_handle_grade&#039;,    // argument to call_user_func(), could be an array&lt;br /&gt;
         &#039;timing&#039;    =&amp;gt; &#039;cron&#039;&lt;br /&gt;
     );&lt;br /&gt;
 );&lt;br /&gt;
&lt;br /&gt;
These are parsed during install / upgrade and stored in a simple database table.&lt;br /&gt;
&lt;br /&gt;
Then, when a grade_added event happens, all the registered functions for that event will be called something like this (but with more error handling):&lt;br /&gt;
&lt;br /&gt;
          include_once($CFG-&amp;gt;dirroot.$events[&#039;grade_added&#039;][&#039;file&#039;];&lt;br /&gt;
          call_user_func($events[&#039;grade_added&#039;][&#039;function&#039;], $eventdata);&lt;br /&gt;
&lt;br /&gt;
All plugins in Moodle have access to this and can this easily “hook in” to &#039;grade_added&#039; events (and of course any other events).&lt;br /&gt;
&lt;br /&gt;
==Standards for naming events==&lt;br /&gt;
&lt;br /&gt;
All event names should follow a consistent naming pattern, such as ...&lt;br /&gt;
&lt;br /&gt;
==Database structure==&lt;br /&gt;
&lt;br /&gt;
There are 2 core tables for events&lt;br /&gt;
&lt;br /&gt;
===event table===&lt;br /&gt;
This table is for storing which components requests what type of event, and the location of the responsible handlers. For example, the grade book can register &#039;grade_added&#039; event with a function add_grade() that should be called event time an &#039;grade_added&#039; event is triggered by a module.&lt;br /&gt;
&lt;br /&gt;
 id - auto increment identifier&lt;br /&gt;
 event - name of the event, e.g. &#039;grade_added&#039;&lt;br /&gt;
 component - e.g. moodle, mod/forum, block/rss_client&lt;br /&gt;
 file - path to the file of the function, eg /grade/export/lib.php&lt;br /&gt;
 function - serialized object of the function name, could be a string or an array&lt;br /&gt;
&lt;br /&gt;
===event queue===&lt;br /&gt;
&lt;br /&gt;
The event queue table should put all responding events into the queue. For example, an event triggered by grade book &#039;grade_updated&#039; can result in the response of all modules. Each response should be either queued or processed instantly. If an &amp;quot;instant&amp;quot; event is not processed successfully it is then queued. So a &#039;grade_updated&#039; event would insert multiple records into the event_queue table.&lt;br /&gt;
&lt;br /&gt;
 id - auto increment identifier&lt;br /&gt;
 updated - time stamp of thelast attempt to run this from the queue&lt;br /&gt;
 event - foreign key id corresponding to the id of the event table&lt;br /&gt;
 eventdata - serialized object of the data passed into the event handlers.&lt;br /&gt;
 type - &#039;cron&#039; or &#039;instant&#039;. &lt;br /&gt;
 status - number of failed attempts&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6485</id>
		<title>Old Events API</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6485"/>
		<updated>2007-04-12T07:16:37Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* event queue */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;The Events API is a new core system in Moodle to allow better communication between modules.  It&#039;s based on modules triggering new events with attached data, and the other modules handling those events with custom functions.&lt;br /&gt;
&lt;br /&gt;
==Overview==&lt;br /&gt;
&lt;br /&gt;
We&#039;ll be using the example of a grade being posted from a module into the gradebook, but there are obviously all kinds of events possible.&lt;br /&gt;
&lt;br /&gt;
===Triggering an event===&lt;br /&gt;
&lt;br /&gt;
Whenever a grade is created or changed by a module, it should “tell” the system about it (in addition to any local working storage it uses).   So, using the quiz as an example, we first define an object as follows:&lt;br /&gt;
&lt;br /&gt;
 $eventdata = new object;&lt;br /&gt;
 $eventdata-&amp;gt;courseid = $course-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemname = $quiz-&amp;gt;name;&lt;br /&gt;
 $eventdata-&amp;gt;itemtype = &#039;mod&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;itemmodule = &#039;quiz&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;iteminstance = $quiz-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemnumber = 1;&lt;br /&gt;
 $eventdata-&amp;gt;iteminfo = $quiz-&amp;gt;info;&lt;br /&gt;
 $eventdata-&amp;gt;idnumber = $cm-&amp;gt;idnumber;   // new field in 1.9&lt;br /&gt;
 $eventdata-&amp;gt;grademax = $quiz-&amp;gt;grade;&lt;br /&gt;
 $eventdata-&amp;gt;grademin = 0;&lt;br /&gt;
 $eventdata-&amp;gt;userid = $USER-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;gradevalue = $currentvalue;&lt;br /&gt;
&lt;br /&gt;
Then we post the object as an event and forget about it:&lt;br /&gt;
&lt;br /&gt;
 trigger_event(&#039;grade_added&#039;, $eventdata);&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
===Handling an event===&lt;br /&gt;
&lt;br /&gt;
Modules can define an events.php in their db directory which defines events they want to be notified about, and describes which of their functions or class methods should be notified.   For example, an export  plugin could register something like:&lt;br /&gt;
&lt;br /&gt;
 $events = array (&lt;br /&gt;
    &#039;grade_added&#039; =&amp;gt; array (&lt;br /&gt;
         &#039;file&#039;        =&amp;gt; &#039;/grade/export/banner/lib.php&#039;,&lt;br /&gt;
         &#039;function&#039;  =&amp;gt; &#039;banner_handle_grade&#039;,    // argument to call_user_func(), could be an array&lt;br /&gt;
         &#039;timing&#039;    =&amp;gt; &#039;cron&#039;&lt;br /&gt;
     );&lt;br /&gt;
 );&lt;br /&gt;
&lt;br /&gt;
These are parsed during install / upgrade and stored in a simple database table.&lt;br /&gt;
&lt;br /&gt;
Then, when a grade_added event happens, all the registered functions for that event will be called something like this (but with more error handling):&lt;br /&gt;
&lt;br /&gt;
          include_once($CFG-&amp;gt;dirroot.$events[&#039;grade_added&#039;][&#039;file&#039;];&lt;br /&gt;
          call_user_func($events[&#039;grade_added&#039;][&#039;function&#039;], $eventdata);&lt;br /&gt;
&lt;br /&gt;
All plugins in Moodle have access to this and can this easily “hook in” to &#039;grade_added&#039; events (and of course any other events).&lt;br /&gt;
&lt;br /&gt;
==Standards for naming events==&lt;br /&gt;
&lt;br /&gt;
All event names should follow a consistent naming pattern, such as ...&lt;br /&gt;
&lt;br /&gt;
==Database structure==&lt;br /&gt;
&lt;br /&gt;
There are 2 core tables for events&lt;br /&gt;
&lt;br /&gt;
===event table===&lt;br /&gt;
This table is for storing which components requests what type of event, and the location of the responsible handlers. For example, the grade book can register &#039;grade_added&#039; event with a function add_grade() that should be called event time an &#039;grade_added&#039; event is triggered by a module.&lt;br /&gt;
&lt;br /&gt;
 id - auto increment identifier&lt;br /&gt;
 event - name of the event, e.g. &#039;grade_added&#039;&lt;br /&gt;
 component - e.g. moodle, mod/forum, block/rss_client&lt;br /&gt;
 file - path to the file of the function, eg /grade/export/lib.php&lt;br /&gt;
 function - serialized object of the function name, could be a string or an array&lt;br /&gt;
&lt;br /&gt;
===event queue===&lt;br /&gt;
&lt;br /&gt;
The event queue table should put all responding events into the queue. For example, an event triggered by grade book &#039;grade_updated&#039; can result in the response of all modules. And each response should be queued or processed instantly. If an &amp;quot;instant&amp;quot; event is not processed successfully it is then queued.&lt;br /&gt;
&lt;br /&gt;
 id - auto increment identifier&lt;br /&gt;
 updated - time stamp of thelast attempt to run this from the queue&lt;br /&gt;
 event - foreign key id corresponding to the id of the event table&lt;br /&gt;
 eventdata - serialized object of the data passed into the event handlers.&lt;br /&gt;
 type - &#039;cron&#039; or &#039;instant&#039;. &lt;br /&gt;
 status - number of failed attempts&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6484</id>
		<title>Old Events API</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6484"/>
		<updated>2007-04-12T07:15:08Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* event table */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;The Events API is a new core system in Moodle to allow better communication between modules.  It&#039;s based on modules triggering new events with attached data, and the other modules handling those events with custom functions.&lt;br /&gt;
&lt;br /&gt;
==Overview==&lt;br /&gt;
&lt;br /&gt;
We&#039;ll be using the example of a grade being posted from a module into the gradebook, but there are obviously all kinds of events possible.&lt;br /&gt;
&lt;br /&gt;
===Triggering an event===&lt;br /&gt;
&lt;br /&gt;
Whenever a grade is created or changed by a module, it should “tell” the system about it (in addition to any local working storage it uses).   So, using the quiz as an example, we first define an object as follows:&lt;br /&gt;
&lt;br /&gt;
 $eventdata = new object;&lt;br /&gt;
 $eventdata-&amp;gt;courseid = $course-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemname = $quiz-&amp;gt;name;&lt;br /&gt;
 $eventdata-&amp;gt;itemtype = &#039;mod&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;itemmodule = &#039;quiz&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;iteminstance = $quiz-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemnumber = 1;&lt;br /&gt;
 $eventdata-&amp;gt;iteminfo = $quiz-&amp;gt;info;&lt;br /&gt;
 $eventdata-&amp;gt;idnumber = $cm-&amp;gt;idnumber;   // new field in 1.9&lt;br /&gt;
 $eventdata-&amp;gt;grademax = $quiz-&amp;gt;grade;&lt;br /&gt;
 $eventdata-&amp;gt;grademin = 0;&lt;br /&gt;
 $eventdata-&amp;gt;userid = $USER-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;gradevalue = $currentvalue;&lt;br /&gt;
&lt;br /&gt;
Then we post the object as an event and forget about it:&lt;br /&gt;
&lt;br /&gt;
 trigger_event(&#039;grade_added&#039;, $eventdata);&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
===Handling an event===&lt;br /&gt;
&lt;br /&gt;
Modules can define an events.php in their db directory which defines events they want to be notified about, and describes which of their functions or class methods should be notified.   For example, an export  plugin could register something like:&lt;br /&gt;
&lt;br /&gt;
 $events = array (&lt;br /&gt;
    &#039;grade_added&#039; =&amp;gt; array (&lt;br /&gt;
         &#039;file&#039;        =&amp;gt; &#039;/grade/export/banner/lib.php&#039;,&lt;br /&gt;
         &#039;function&#039;  =&amp;gt; &#039;banner_handle_grade&#039;,    // argument to call_user_func(), could be an array&lt;br /&gt;
         &#039;timing&#039;    =&amp;gt; &#039;cron&#039;&lt;br /&gt;
     );&lt;br /&gt;
 );&lt;br /&gt;
&lt;br /&gt;
These are parsed during install / upgrade and stored in a simple database table.&lt;br /&gt;
&lt;br /&gt;
Then, when a grade_added event happens, all the registered functions for that event will be called something like this (but with more error handling):&lt;br /&gt;
&lt;br /&gt;
          include_once($CFG-&amp;gt;dirroot.$events[&#039;grade_added&#039;][&#039;file&#039;];&lt;br /&gt;
          call_user_func($events[&#039;grade_added&#039;][&#039;function&#039;], $eventdata);&lt;br /&gt;
&lt;br /&gt;
All plugins in Moodle have access to this and can this easily “hook in” to &#039;grade_added&#039; events (and of course any other events).&lt;br /&gt;
&lt;br /&gt;
==Standards for naming events==&lt;br /&gt;
&lt;br /&gt;
All event names should follow a consistent naming pattern, such as ...&lt;br /&gt;
&lt;br /&gt;
==Database structure==&lt;br /&gt;
&lt;br /&gt;
There are 2 core tables for events&lt;br /&gt;
&lt;br /&gt;
===event table===&lt;br /&gt;
This table is for storing which components requests what type of event, and the location of the responsible handlers. For example, the grade book can register &#039;grade_added&#039; event with a function add_grade() that should be called event time an &#039;grade_added&#039; event is triggered by a module.&lt;br /&gt;
&lt;br /&gt;
 id - auto increment identifier&lt;br /&gt;
 event - name of the event, e.g. &#039;grade_added&#039;&lt;br /&gt;
 component - e.g. moodle, mod/forum, block/rss_client&lt;br /&gt;
 file - path to the file of the function, eg /grade/export/lib.php&lt;br /&gt;
 function - serialized object of the function name, could be a string or an array&lt;br /&gt;
&lt;br /&gt;
===event queue===&lt;br /&gt;
&lt;br /&gt;
The event queue table should put all responding events into the queue. For example, an event triggered by grade book &#039;grade_added&#039; can result in the response of all modules. And each response should be queued or processed instantly. If an &amp;quot;instant&amp;quot; event is not processed successfully it is then queued.&lt;br /&gt;
&lt;br /&gt;
 id - auto increment identifier&lt;br /&gt;
 updated - time stamp of thelast attempt to run this from the queue&lt;br /&gt;
 event - foreign key id corresponding to the id of the event table&lt;br /&gt;
 eventdata - serialized object of the data passed into the event handlers.&lt;br /&gt;
 type - &#039;cron&#039; or &#039;instant&#039;. &lt;br /&gt;
 status - number of failed attempts&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6483</id>
		<title>Old Events API</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6483"/>
		<updated>2007-04-12T07:12:58Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* event queue */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;The Events API is a new core system in Moodle to allow better communication between modules.  It&#039;s based on modules triggering new events with attached data, and the other modules handling those events with custom functions.&lt;br /&gt;
&lt;br /&gt;
==Overview==&lt;br /&gt;
&lt;br /&gt;
We&#039;ll be using the example of a grade being posted from a module into the gradebook, but there are obviously all kinds of events possible.&lt;br /&gt;
&lt;br /&gt;
===Triggering an event===&lt;br /&gt;
&lt;br /&gt;
Whenever a grade is created or changed by a module, it should “tell” the system about it (in addition to any local working storage it uses).   So, using the quiz as an example, we first define an object as follows:&lt;br /&gt;
&lt;br /&gt;
 $eventdata = new object;&lt;br /&gt;
 $eventdata-&amp;gt;courseid = $course-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemname = $quiz-&amp;gt;name;&lt;br /&gt;
 $eventdata-&amp;gt;itemtype = &#039;mod&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;itemmodule = &#039;quiz&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;iteminstance = $quiz-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemnumber = 1;&lt;br /&gt;
 $eventdata-&amp;gt;iteminfo = $quiz-&amp;gt;info;&lt;br /&gt;
 $eventdata-&amp;gt;idnumber = $cm-&amp;gt;idnumber;   // new field in 1.9&lt;br /&gt;
 $eventdata-&amp;gt;grademax = $quiz-&amp;gt;grade;&lt;br /&gt;
 $eventdata-&amp;gt;grademin = 0;&lt;br /&gt;
 $eventdata-&amp;gt;userid = $USER-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;gradevalue = $currentvalue;&lt;br /&gt;
&lt;br /&gt;
Then we post the object as an event and forget about it:&lt;br /&gt;
&lt;br /&gt;
 trigger_event(&#039;grade_added&#039;, $eventdata);&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
===Handling an event===&lt;br /&gt;
&lt;br /&gt;
Modules can define an events.php in their db directory which defines events they want to be notified about, and describes which of their functions or class methods should be notified.   For example, an export  plugin could register something like:&lt;br /&gt;
&lt;br /&gt;
 $events = array (&lt;br /&gt;
    &#039;grade_added&#039; =&amp;gt; array (&lt;br /&gt;
         &#039;file&#039;        =&amp;gt; &#039;/grade/export/banner/lib.php&#039;,&lt;br /&gt;
         &#039;function&#039;  =&amp;gt; &#039;banner_handle_grade&#039;,    // argument to call_user_func(), could be an array&lt;br /&gt;
         &#039;timing&#039;    =&amp;gt; &#039;cron&#039;&lt;br /&gt;
     );&lt;br /&gt;
 );&lt;br /&gt;
&lt;br /&gt;
These are parsed during install / upgrade and stored in a simple database table.&lt;br /&gt;
&lt;br /&gt;
Then, when a grade_added event happens, all the registered functions for that event will be called something like this (but with more error handling):&lt;br /&gt;
&lt;br /&gt;
          include_once($CFG-&amp;gt;dirroot.$events[&#039;grade_added&#039;][&#039;file&#039;];&lt;br /&gt;
          call_user_func($events[&#039;grade_added&#039;][&#039;function&#039;], $eventdata);&lt;br /&gt;
&lt;br /&gt;
All plugins in Moodle have access to this and can this easily “hook in” to &#039;grade_added&#039; events (and of course any other events).&lt;br /&gt;
&lt;br /&gt;
==Standards for naming events==&lt;br /&gt;
&lt;br /&gt;
All event names should follow a consistent naming pattern, such as ...&lt;br /&gt;
&lt;br /&gt;
==Database structure==&lt;br /&gt;
&lt;br /&gt;
There are 2 core tables for events&lt;br /&gt;
&lt;br /&gt;
===event table===&lt;br /&gt;
&lt;br /&gt;
 id - auto increment identifier&lt;br /&gt;
 event - name of the event, e.g. &#039;grade_added&#039;&lt;br /&gt;
 component - e.g. moodle, mod/forum, block/rss_client&lt;br /&gt;
 file - path to the file of the function, eg /grade/export/lib.php&lt;br /&gt;
 function - serialized object of the function name, could be a string or an array&lt;br /&gt;
&lt;br /&gt;
===event queue===&lt;br /&gt;
&lt;br /&gt;
The event queue table should put all responding events into the queue. For example, an event triggered by grade book &#039;grade_added&#039; can result in the response of all modules. And each response should be queued or processed instantly. If an &amp;quot;instant&amp;quot; event is not processed successfully it is then queued.&lt;br /&gt;
&lt;br /&gt;
 id - auto increment identifier&lt;br /&gt;
 updated - time stamp of thelast attempt to run this from the queue&lt;br /&gt;
 event - foreign key id corresponding to the id of the event table&lt;br /&gt;
 eventdata - serialized object of the data passed into the event handlers.&lt;br /&gt;
 type - &#039;cron&#039; or &#039;instant&#039;. &lt;br /&gt;
 status - number of failed attempts&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6482</id>
		<title>Old Events API</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6482"/>
		<updated>2007-04-12T07:12:43Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* event table */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;The Events API is a new core system in Moodle to allow better communication between modules.  It&#039;s based on modules triggering new events with attached data, and the other modules handling those events with custom functions.&lt;br /&gt;
&lt;br /&gt;
==Overview==&lt;br /&gt;
&lt;br /&gt;
We&#039;ll be using the example of a grade being posted from a module into the gradebook, but there are obviously all kinds of events possible.&lt;br /&gt;
&lt;br /&gt;
===Triggering an event===&lt;br /&gt;
&lt;br /&gt;
Whenever a grade is created or changed by a module, it should “tell” the system about it (in addition to any local working storage it uses).   So, using the quiz as an example, we first define an object as follows:&lt;br /&gt;
&lt;br /&gt;
 $eventdata = new object;&lt;br /&gt;
 $eventdata-&amp;gt;courseid = $course-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemname = $quiz-&amp;gt;name;&lt;br /&gt;
 $eventdata-&amp;gt;itemtype = &#039;mod&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;itemmodule = &#039;quiz&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;iteminstance = $quiz-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemnumber = 1;&lt;br /&gt;
 $eventdata-&amp;gt;iteminfo = $quiz-&amp;gt;info;&lt;br /&gt;
 $eventdata-&amp;gt;idnumber = $cm-&amp;gt;idnumber;   // new field in 1.9&lt;br /&gt;
 $eventdata-&amp;gt;grademax = $quiz-&amp;gt;grade;&lt;br /&gt;
 $eventdata-&amp;gt;grademin = 0;&lt;br /&gt;
 $eventdata-&amp;gt;userid = $USER-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;gradevalue = $currentvalue;&lt;br /&gt;
&lt;br /&gt;
Then we post the object as an event and forget about it:&lt;br /&gt;
&lt;br /&gt;
 trigger_event(&#039;grade_added&#039;, $eventdata);&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
===Handling an event===&lt;br /&gt;
&lt;br /&gt;
Modules can define an events.php in their db directory which defines events they want to be notified about, and describes which of their functions or class methods should be notified.   For example, an export  plugin could register something like:&lt;br /&gt;
&lt;br /&gt;
 $events = array (&lt;br /&gt;
    &#039;grade_added&#039; =&amp;gt; array (&lt;br /&gt;
         &#039;file&#039;        =&amp;gt; &#039;/grade/export/banner/lib.php&#039;,&lt;br /&gt;
         &#039;function&#039;  =&amp;gt; &#039;banner_handle_grade&#039;,    // argument to call_user_func(), could be an array&lt;br /&gt;
         &#039;timing&#039;    =&amp;gt; &#039;cron&#039;&lt;br /&gt;
     );&lt;br /&gt;
 );&lt;br /&gt;
&lt;br /&gt;
These are parsed during install / upgrade and stored in a simple database table.&lt;br /&gt;
&lt;br /&gt;
Then, when a grade_added event happens, all the registered functions for that event will be called something like this (but with more error handling):&lt;br /&gt;
&lt;br /&gt;
          include_once($CFG-&amp;gt;dirroot.$events[&#039;grade_added&#039;][&#039;file&#039;];&lt;br /&gt;
          call_user_func($events[&#039;grade_added&#039;][&#039;function&#039;], $eventdata);&lt;br /&gt;
&lt;br /&gt;
All plugins in Moodle have access to this and can this easily “hook in” to &#039;grade_added&#039; events (and of course any other events).&lt;br /&gt;
&lt;br /&gt;
==Standards for naming events==&lt;br /&gt;
&lt;br /&gt;
All event names should follow a consistent naming pattern, such as ...&lt;br /&gt;
&lt;br /&gt;
==Database structure==&lt;br /&gt;
&lt;br /&gt;
There are 2 core tables for events&lt;br /&gt;
&lt;br /&gt;
===event table===&lt;br /&gt;
&lt;br /&gt;
 id - auto increment identifier&lt;br /&gt;
 event - name of the event, e.g. &#039;grade_added&#039;&lt;br /&gt;
 component - e.g. moodle, mod/forum, block/rss_client&lt;br /&gt;
 file - path to the file of the function, eg /grade/export/lib.php&lt;br /&gt;
 function - serialized object of the function name, could be a string or an array&lt;br /&gt;
&lt;br /&gt;
===event queue===&lt;br /&gt;
&lt;br /&gt;
The event queue table should put all responding events into the queue. For example, an event triggered by grade book &#039;grade_added&#039; can result in the response of all modules. And each response should be queued or processed instantly. If an &amp;quot;instant&amp;quot; event is not processed successfully it is then queued.&lt;br /&gt;
&lt;br /&gt;
id - auto increment identifier&lt;br /&gt;
updated - time stamp of thelast attempt to run this from the queue&lt;br /&gt;
event - foreign key id corresponding to the id of the event table&lt;br /&gt;
eventdata - serialized object of the data passed into the event handlers.&lt;br /&gt;
type - &#039;cron&#039; or &#039;instant&#039;. &lt;br /&gt;
status - number of failed attempts&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6481</id>
		<title>Old Events API</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6481"/>
		<updated>2007-04-12T07:12:20Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* event table */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;The Events API is a new core system in Moodle to allow better communication between modules.  It&#039;s based on modules triggering new events with attached data, and the other modules handling those events with custom functions.&lt;br /&gt;
&lt;br /&gt;
==Overview==&lt;br /&gt;
&lt;br /&gt;
We&#039;ll be using the example of a grade being posted from a module into the gradebook, but there are obviously all kinds of events possible.&lt;br /&gt;
&lt;br /&gt;
===Triggering an event===&lt;br /&gt;
&lt;br /&gt;
Whenever a grade is created or changed by a module, it should “tell” the system about it (in addition to any local working storage it uses).   So, using the quiz as an example, we first define an object as follows:&lt;br /&gt;
&lt;br /&gt;
 $eventdata = new object;&lt;br /&gt;
 $eventdata-&amp;gt;courseid = $course-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemname = $quiz-&amp;gt;name;&lt;br /&gt;
 $eventdata-&amp;gt;itemtype = &#039;mod&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;itemmodule = &#039;quiz&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;iteminstance = $quiz-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemnumber = 1;&lt;br /&gt;
 $eventdata-&amp;gt;iteminfo = $quiz-&amp;gt;info;&lt;br /&gt;
 $eventdata-&amp;gt;idnumber = $cm-&amp;gt;idnumber;   // new field in 1.9&lt;br /&gt;
 $eventdata-&amp;gt;grademax = $quiz-&amp;gt;grade;&lt;br /&gt;
 $eventdata-&amp;gt;grademin = 0;&lt;br /&gt;
 $eventdata-&amp;gt;userid = $USER-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;gradevalue = $currentvalue;&lt;br /&gt;
&lt;br /&gt;
Then we post the object as an event and forget about it:&lt;br /&gt;
&lt;br /&gt;
 trigger_event(&#039;grade_added&#039;, $eventdata);&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
===Handling an event===&lt;br /&gt;
&lt;br /&gt;
Modules can define an events.php in their db directory which defines events they want to be notified about, and describes which of their functions or class methods should be notified.   For example, an export  plugin could register something like:&lt;br /&gt;
&lt;br /&gt;
 $events = array (&lt;br /&gt;
    &#039;grade_added&#039; =&amp;gt; array (&lt;br /&gt;
         &#039;file&#039;        =&amp;gt; &#039;/grade/export/banner/lib.php&#039;,&lt;br /&gt;
         &#039;function&#039;  =&amp;gt; &#039;banner_handle_grade&#039;,    // argument to call_user_func(), could be an array&lt;br /&gt;
         &#039;timing&#039;    =&amp;gt; &#039;cron&#039;&lt;br /&gt;
     );&lt;br /&gt;
 );&lt;br /&gt;
&lt;br /&gt;
These are parsed during install / upgrade and stored in a simple database table.&lt;br /&gt;
&lt;br /&gt;
Then, when a grade_added event happens, all the registered functions for that event will be called something like this (but with more error handling):&lt;br /&gt;
&lt;br /&gt;
          include_once($CFG-&amp;gt;dirroot.$events[&#039;grade_added&#039;][&#039;file&#039;];&lt;br /&gt;
          call_user_func($events[&#039;grade_added&#039;][&#039;function&#039;], $eventdata);&lt;br /&gt;
&lt;br /&gt;
All plugins in Moodle have access to this and can this easily “hook in” to &#039;grade_added&#039; events (and of course any other events).&lt;br /&gt;
&lt;br /&gt;
==Standards for naming events==&lt;br /&gt;
&lt;br /&gt;
All event names should follow a consistent naming pattern, such as ...&lt;br /&gt;
&lt;br /&gt;
==Database structure==&lt;br /&gt;
&lt;br /&gt;
There are 2 core tables for events&lt;br /&gt;
&lt;br /&gt;
===event table===&lt;br /&gt;
&lt;br /&gt;
id - auto increment identifier&lt;br /&gt;
event - name of the event, e.g. &#039;grade_added&#039;&lt;br /&gt;
component - e.g. moodle, mod/forum, block/rss_client&lt;br /&gt;
file - path to the file of the function, eg /grade/export/lib.php&lt;br /&gt;
function - serialized object of the function name, could be a string or an array&lt;br /&gt;
&lt;br /&gt;
===event queue===&lt;br /&gt;
&lt;br /&gt;
The event queue table should put all responding events into the queue. For example, an event triggered by grade book &#039;grade_added&#039; can result in the response of all modules. And each response should be queued or processed instantly. If an &amp;quot;instant&amp;quot; event is not processed successfully it is then queued.&lt;br /&gt;
&lt;br /&gt;
id - auto increment identifier&lt;br /&gt;
updated - time stamp of thelast attempt to run this from the queue&lt;br /&gt;
event - foreign key id corresponding to the id of the event table&lt;br /&gt;
eventdata - serialized object of the data passed into the event handlers.&lt;br /&gt;
type - &#039;cron&#039; or &#039;instant&#039;. &lt;br /&gt;
status - number of failed attempts&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6480</id>
		<title>Old Events API</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Old_Events_API&amp;diff=6480"/>
		<updated>2007-04-12T07:11:44Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* Database structure */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;The Events API is a new core system in Moodle to allow better communication between modules.  It&#039;s based on modules triggering new events with attached data, and the other modules handling those events with custom functions.&lt;br /&gt;
&lt;br /&gt;
==Overview==&lt;br /&gt;
&lt;br /&gt;
We&#039;ll be using the example of a grade being posted from a module into the gradebook, but there are obviously all kinds of events possible.&lt;br /&gt;
&lt;br /&gt;
===Triggering an event===&lt;br /&gt;
&lt;br /&gt;
Whenever a grade is created or changed by a module, it should “tell” the system about it (in addition to any local working storage it uses).   So, using the quiz as an example, we first define an object as follows:&lt;br /&gt;
&lt;br /&gt;
 $eventdata = new object;&lt;br /&gt;
 $eventdata-&amp;gt;courseid = $course-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemname = $quiz-&amp;gt;name;&lt;br /&gt;
 $eventdata-&amp;gt;itemtype = &#039;mod&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;itemmodule = &#039;quiz&#039;;&lt;br /&gt;
 $eventdata-&amp;gt;iteminstance = $quiz-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;itemnumber = 1;&lt;br /&gt;
 $eventdata-&amp;gt;iteminfo = $quiz-&amp;gt;info;&lt;br /&gt;
 $eventdata-&amp;gt;idnumber = $cm-&amp;gt;idnumber;   // new field in 1.9&lt;br /&gt;
 $eventdata-&amp;gt;grademax = $quiz-&amp;gt;grade;&lt;br /&gt;
 $eventdata-&amp;gt;grademin = 0;&lt;br /&gt;
 $eventdata-&amp;gt;userid = $USER-&amp;gt;id;&lt;br /&gt;
 $eventdata-&amp;gt;gradevalue = $currentvalue;&lt;br /&gt;
&lt;br /&gt;
Then we post the object as an event and forget about it:&lt;br /&gt;
&lt;br /&gt;
 trigger_event(&#039;grade_added&#039;, $eventdata);&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
===Handling an event===&lt;br /&gt;
&lt;br /&gt;
Modules can define an events.php in their db directory which defines events they want to be notified about, and describes which of their functions or class methods should be notified.   For example, an export  plugin could register something like:&lt;br /&gt;
&lt;br /&gt;
 $events = array (&lt;br /&gt;
    &#039;grade_added&#039; =&amp;gt; array (&lt;br /&gt;
         &#039;file&#039;        =&amp;gt; &#039;/grade/export/banner/lib.php&#039;,&lt;br /&gt;
         &#039;function&#039;  =&amp;gt; &#039;banner_handle_grade&#039;,    // argument to call_user_func(), could be an array&lt;br /&gt;
         &#039;timing&#039;    =&amp;gt; &#039;cron&#039;&lt;br /&gt;
     );&lt;br /&gt;
 );&lt;br /&gt;
&lt;br /&gt;
These are parsed during install / upgrade and stored in a simple database table.&lt;br /&gt;
&lt;br /&gt;
Then, when a grade_added event happens, all the registered functions for that event will be called something like this (but with more error handling):&lt;br /&gt;
&lt;br /&gt;
          include_once($CFG-&amp;gt;dirroot.$events[&#039;grade_added&#039;][&#039;file&#039;];&lt;br /&gt;
          call_user_func($events[&#039;grade_added&#039;][&#039;function&#039;], $eventdata);&lt;br /&gt;
&lt;br /&gt;
All plugins in Moodle have access to this and can this easily “hook in” to &#039;grade_added&#039; events (and of course any other events).&lt;br /&gt;
&lt;br /&gt;
==Standards for naming events==&lt;br /&gt;
&lt;br /&gt;
All event names should follow a consistent naming pattern, such as ...&lt;br /&gt;
&lt;br /&gt;
==Database structure==&lt;br /&gt;
&lt;br /&gt;
There are 2 core tables for events&lt;br /&gt;
&lt;br /&gt;
===event table===&lt;br /&gt;
id - auto increment identifier&lt;br /&gt;
event - name of the event, e.g. &#039;grade_added&#039;&lt;br /&gt;
component - e.g. moodle, mod/forum, block/rss_client&lt;br /&gt;
file - path to the file of the function, eg /grade/export/lib.php&lt;br /&gt;
function - serialized object of the function name, could be a string or an array&lt;br /&gt;
&lt;br /&gt;
===event queue===&lt;br /&gt;
&lt;br /&gt;
The event queue table should put all responding events into the queue. For example, an event triggered by grade book &#039;grade_added&#039; can result in the response of all modules. And each response should be queued or processed instantly. If an &amp;quot;instant&amp;quot; event is not processed successfully it is then queued.&lt;br /&gt;
&lt;br /&gt;
id - auto increment identifier&lt;br /&gt;
updated - time stamp of thelast attempt to run this from the queue&lt;br /&gt;
event - foreign key id corresponding to the id of the event table&lt;br /&gt;
eventdata - serialized object of the data passed into the event handlers.&lt;br /&gt;
type - &#039;cron&#039; or &#039;instant&#039;. &lt;br /&gt;
status - number of failed attempts&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Roles&amp;diff=3147</id>
		<title>Roles</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Roles&amp;diff=3147"/>
		<updated>2006-11-16T02:52:02Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* Core-level Capabilities */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&#039;&#039;&#039;Roles and permissions&#039;&#039;&#039; will be in Moodle 1.7 and are available in the developer version of Moodle.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Definitions==&lt;br /&gt;
&lt;br /&gt;
A role is an identifier of the user&#039;s status in some context. For example, teacher, student and fourm moderator are examples of roles.&lt;br /&gt;
&lt;br /&gt;
A capability is a description of some particular Moodle feature. Capabilities are associated with roles. For example, &#039;&#039;mod/forum:replypost&#039;&#039; is a capability.&lt;br /&gt;
&lt;br /&gt;
A permission is some value that is assigned for a capability for a particular role.  For example, allow or prevent.&lt;br /&gt;
&lt;br /&gt;
A context is a &amp;quot;space&amp;quot; in the Moodle, such as courses, activity modules, blocks etc.&lt;br /&gt;
&lt;br /&gt;
==The existing system==&lt;br /&gt;
&lt;br /&gt;
Currently in Moodle, we have a fixed set of roles i.e. primary admin, admins, course creators, editing teachers, non-editing teachers, students, and guests. For each role, the capability or actions that they can perform are fixed. For example, the role student allows the user to submit an assignment, but doesn&#039;t allow the user to browse/edit other users&#039; work. By using this setup we limit ourselves to a rather rigid set of capabilities for each role. If we want, say a particular student or group to be able to mark assignments in a particular course, we can&#039;t do that without giving these users teacher privileges.&lt;br /&gt;
&lt;br /&gt;
==The new roles and capability system==&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{{Moodle 1.7}}Role has two primary functions:&lt;br /&gt;
# define list of permissions - role definition is global for all contexts, but can be changed by local context overrides&lt;br /&gt;
# replace old course erolments - role assignment in course context is simitar to the old enrolment process&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
The new system will allow authorized users to define an arbitrary number of roles (eg a teacher) &lt;br /&gt;
&lt;br /&gt;
A role consists of a list of permissions for different possible actions within Moodle (eg delete discussions, add activities etc)&lt;br /&gt;
&lt;br /&gt;
Roles can be applied to users in a context (eg assign Fred as a teacher in a particular course)&lt;br /&gt;
&lt;br /&gt;
Here are the possible contexts, listed from the most general to the most specific. &lt;br /&gt;
&lt;br /&gt;
#CONTEXT_SYSTEM       -- the whole site&lt;br /&gt;
#CONTEXT_PERSONAL     -- yourself&lt;br /&gt;
#CONTEXT_USER         -- another user&lt;br /&gt;
#CONTEXT_COURSECAT    -- a course category&lt;br /&gt;
#CONTEXT_COURSE       -- a course&lt;br /&gt;
#CONTEXT_GROUP        -- a group&lt;br /&gt;
#CONTEXT_MODULE       -- an activity module&lt;br /&gt;
#CONTEXT_BLOCK        -- a block&lt;br /&gt;
&lt;br /&gt;
An authorized user will be able to assign an arbitrary number of roles to each user in any context.&lt;br /&gt;
&lt;br /&gt;
Capabilities can have the following permissions:&lt;br /&gt;
&lt;br /&gt;
#CAP_INHERIT&lt;br /&gt;
#CAP_ALLOW&lt;br /&gt;
#CAP_PREVENT&lt;br /&gt;
#CAP_PROHIBIT&lt;br /&gt;
&lt;br /&gt;
If no permission is defined, then the capability permission is inherited from a context that is more general than the current context. If we define different permission values for the same capability in different contexts, we say that we are overriding the capability in the more specific context.&lt;br /&gt;
&lt;br /&gt;
Since the capabilities in each role could be different, there could be conflict in capabilities. This is resolved by enforcing the rule that the capability defined for a more specific context will win, unless a prohibit is encountered in a less specific context.&lt;br /&gt;
&lt;br /&gt;
For example, Mark has a student role at course level, which allows him to write into a wiki. But Mark also got assigned a Visitor role at a module context level (for a particular wiki) which prevents him from writing to the wiki (read only). Therefore, for this particular wiki, Mark will not be able to write to the wiki since the more specific context wins.&lt;br /&gt;
&lt;br /&gt;
If we set a PROHIBIT on a capability, it means that the capability cannot be overridden and will ALWAYS  have a permission of prevent (deny). Prohibit always wins.   For example, Jeff has a naughty student role that prohibits him from postings in any forums (for the whole site), but he&#039;s also assigned a facilitator role in &amp;quot;Science forum&amp;quot; in the course Science and Math 101. Since prohibit always wins, Jeff is unable to post in &amp;quot;Science forum&amp;quot;.&lt;br /&gt;
&lt;br /&gt;
Allow and prevent will cancel each other out if set for the same capability at the same context level. If this happens, we refer to the previous context level to determine the permission for the capability.&lt;br /&gt;
&lt;br /&gt;
This may sound more complex than it really is in practice.  The upshot is that the system can be flexible enough to allow pretty much any combination of permissions.&lt;br /&gt;
&lt;br /&gt;
==Upgrading from 1.6==&lt;br /&gt;
&lt;br /&gt;
A smooth upgrade will be provided with 1.7. The existing roles (admin, teacher, student, etc), and the existing capabilities will be automatically retained.  This is done by creating default roles at site/course levels, and assigning the current users to these roles accordingly. The default roles will have default capabilities associated with them, mirroring what we have  in 1.6.   With no modifications, Moodle will operate exactly the same before and after the upgrade.&lt;br /&gt;
&lt;br /&gt;
===Admins===&lt;br /&gt;
&lt;br /&gt;
Admin users will be assigned the default legacy admin role in the system (site) context&lt;br /&gt;
&lt;br /&gt;
===Course Creators===&lt;br /&gt;
&lt;br /&gt;
Admin users will be assigned the default legacy course creator role in the system (site) context&lt;br /&gt;
&lt;br /&gt;
===Teachers===&lt;br /&gt;
&lt;br /&gt;
Users who were teachers will be assigned the default legacy teacher role (or non-editing teacher role) in all courses they were teacher.&lt;br /&gt;
&lt;br /&gt;
===Students===&lt;br /&gt;
&lt;br /&gt;
Users who were students will be assigned the default student role in all courses they were student.&lt;br /&gt;
&lt;br /&gt;
===Guests===&lt;br /&gt;
&lt;br /&gt;
There will still be a single guest user with no default role at site level.   For each course that allows guest access, the guest role will be assigned to the guest user for that course context.   The guest control for the course will be modified from three to two options (guests always need to enter enrolment key - on/off).  This setting is checked as now to force guests to enter key.&lt;br /&gt;
&lt;br /&gt;
==Capabilities==&lt;br /&gt;
&lt;br /&gt;
This will be a comprehensive list of capabilities (it&#039;s not complete yet). It is important that capability names are unique.&lt;br /&gt;
&lt;br /&gt;
===Core-level Capabilities===&lt;br /&gt;
&lt;br /&gt;
Moodle core capability names start with &#039;moodle/&#039;.  The next word indicates what type of core capability it is, and the last word is the actual capability itself.  The capabilities for the Moodle core are defined in lib/db/access.php&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
#moodle/legacy:guest - legacy capabilities are used to transition existing users to the new roles system during the upgrade to Moodle 1.7&lt;br /&gt;
#moodle/legacy:student&lt;br /&gt;
#moodle/legacy:teacher&lt;br /&gt;
#moodle/legacy:editingteacher&lt;br /&gt;
#moodle/legacy:coursecreator&lt;br /&gt;
#moodle/legacy:admin&lt;br /&gt;
#moodle/site:doanything - special capability, meant for admins, if is set, overrides all other capability settings&lt;br /&gt;
#moodle/site:config - applicable in admin/index.php and config.php (might break down later) : 1)admin/config.php 2)admin/configure.php 3)blocks/admin/block_admin.php load_content_for_site()&lt;br /&gt;
#moodle/site:readallmessages - reads all messages and history&lt;br /&gt;
#moodle/site:approvecourse - approves a pending course&lt;br /&gt;
#moodle/site:manageblocks - adding/removing/editing blocks (site, course contexts only for now) : 1)_add_edit_controls moodleblock.class.php &lt;br /&gt;
#moodle/site:backup - can create a course backup : 1)course/category.php 2)block_admin.php&lt;br /&gt;
#moodle/site:restore - can restore into this context : 1)course/category.php 2)block_admin.php&lt;br /&gt;
#moodle/site:import - can import other courses into this context : 1)block_admin.php&lt;br /&gt;
#moodle/site:accessallgroups - able to access all groups irrespective of what group the user is in&lt;br /&gt;
#moodle/site:accessdb - directly accessing db (phpmyadmin)&lt;br /&gt;
#moodle/site:viewfullnames - able to see fullnames of other users&lt;br /&gt;
#moodle/site:viewparticipants - able to view participants&lt;br /&gt;
#moodle/site:viewreports - able to view site/course reports&lt;br /&gt;
#moodle/site:trustcontent - ability to use trusttext feature and bypass cleaning in specific areas&lt;br /&gt;
#moodle/site:uploadusers - ability to upload/update users from text file; moodle/role:assign capability is needed for course enrolling&lt;br /&gt;
#moodle/blog:view - read blogs (usable in system or course context)&lt;br /&gt;
#moodle/blog:create - write new blog posts (usable in system context only)&lt;br /&gt;
#moodle/blog:manageofficialtags - create/delete official blog tags that others can use (usable in system context only)&lt;br /&gt;
#moodle/blog:managepersonaltags - delete personal blog tags that others can use (usable in system context only) Note: users can always add own personal tags. This setting should be off for students by default.&lt;br /&gt;
#moodle/blog:manageentries - edit/delete all blog entries (usable in system context only)&lt;br /&gt;
#moodle/course:setcurrentsection - mark course section&lt;br /&gt;
#moodle/course:create - create courses : 1)course/edit.php 2)course/category.php 3)course/index.php&lt;br /&gt;
#moodle/course:delete - create courses : 1)course/category.php&lt;br /&gt;
#moodle/course:update - update course settings&lt;br /&gt;
#moodle/course:view - can use this to find participants&lt;br /&gt;
#moodle/course:viewparticipants - allows a user to view participant list&lt;br /&gt;
#moodle/course:viewscales - view scales (i.e. in a help window?) : 1)course/scales.php&lt;br /&gt;
#moodle/course:manageactivities - adding/removing/editing activities and resources (don&#039;t think it makes any sense to split these)&lt;br /&gt;
#moodle/course:managescales - add, delete, edit scales, move scales up and down : 1)blocks/block_admin.php 2)course/scales.php&lt;br /&gt;
#moodle/course:managegroups - managing groups, add, edit, delete : 1)course/groups.php 2)course/group.php&lt;br /&gt;
#moodle/course:managefiles - manage course files and folders&lt;br /&gt;
#moodle/course:managequestions - manage course questions&lt;br /&gt;
#moodle/course:managemetacourse - manage child courses in metacourse&lt;br /&gt;
#moodle/course:reset - able to reset the course&lt;br /&gt;
#moodle/course:useremail - Can use the enable/disable email stuff&lt;br /&gt;
#moodle/course:visibility - hide/show courses : 1)course/category.php&lt;br /&gt;
#moodle/course:viewhiddencourses - see hidden courses&lt;br /&gt;
#moodle/course:activityvisibility - hide/show activities within a course&lt;br /&gt;
#moodle/course:viewhiddenactivities - able to see activities that have been hidden&lt;br /&gt;
#moodle/course:sectionvisibility - hide/show sections&lt;br /&gt;
#moodle/course:viewhiddensections - view hidden sections&lt;br /&gt;
#moodle/course:viewcoursegrades - views all grades in course&lt;br /&gt;
#moodle/course:viewhiddenuserfields - view all hidden user fields&lt;br /&gt;
#moodle/course:managegrades - manages grades settings in course&lt;br /&gt;
#moodle/category:create - create category : 1)course/index.php&lt;br /&gt;
#moodle/category:delete - delete category : 1)course/index.php&lt;br /&gt;
#moodle/category:update - update category settings (sort and rename) this is currently an admin capability : 1)course/category.php&lt;br /&gt;
#moodle/category:visibility - hide/show categories : 1)course/index.php&lt;br /&gt;
#moodle/user:viewusergrades - view your own, or other user&#039;s grades (with specified context)&lt;br /&gt;
#moodle/user:create - create user : 1) user/edit.php&lt;br /&gt;
#moodle/user:delete - delete user : 1) admin/user.php&lt;br /&gt;
moodle/user:readuserblogs - read blog entries&lt;br /&gt;
#moodle/user:update - update user settings : 1) user/edit.php&lt;br /&gt;
#moodle/user:viewdetails - view personally-identifying user details (e.g. name, photo).&lt;br /&gt;
#moodle/user:viewhiddendetails - view user details marked as &amp;quot;hidden&amp;quot;&lt;br /&gt;
#moodle/calendar:manageownentries - create/edit/delete &lt;br /&gt;
#moodle/calendar:manageentries - create/edit/delete&lt;br /&gt;
#moodle/role:assign - assign roles to users&lt;br /&gt;
#moodle/role:override - can override role capabilities (depending on context)&lt;br /&gt;
#moodle/role:manage - create/edit/delete roles, set capability permissions for each role&lt;br /&gt;
#moodle/role:unassignself - unassign yourself from your own roles&lt;br /&gt;
#moodle/role:viewhiddenassigns - view role assignments that have been marked as hidden&lt;br /&gt;
#moodle/question:import - imports questions (course level?) - Yes, question permissions currently need to be course-level.--[[User:Tim Hunt|Tim Hunt]]&lt;br /&gt;
#moodle/question:export - exports questions (course level?)&lt;br /&gt;
#moodle/question:managecateory - add/delete/edit question categories (course level?)&lt;br /&gt;
#moodle/question:manage - add/edit/delete a question (course level)&lt;br /&gt;
&lt;br /&gt;
===User-level Capabilities===&lt;br /&gt;
# moodle/user:readuserposts -read individual user posts on profile page (parent?)&lt;br /&gt;
# moodle/user:readuserblogs -read individual user blogs on profile page (parent?)&lt;br /&gt;
# moodle/user:viewuseractivitiesreport-read individual activity report on profile page (parent?)&lt;br /&gt;
# moodle/user:editprofile - edit profile (normally used in CONTEXT_USERID and CONTEXT_SYSTEM)&lt;br /&gt;
&lt;br /&gt;
===Module-level Capabilities===&lt;br /&gt;
The capabilities are cached into a database table when a module is installed or updated. Whenever the capability definitions are updated, the module version number should be bumped up so that the database table can be updated.&lt;br /&gt;
&lt;br /&gt;
The naming convention for capabilities that are specific to modules and blocks is &#039;mod/mod_name:capability&#039;.  The part before the colon is the full path to the module in the Moodle code.  The module capabilities are defined in mod/mod_name/db/access.php.&lt;br /&gt;
&lt;br /&gt;
#Assignment&lt;br /&gt;
##mod/assignment:view- reading the assignment description&lt;br /&gt;
##mod/assignment:submit - turn assignment in&lt;br /&gt;
##mod/assignment:grade - grading, viewing of list of submitted assignments&lt;br /&gt;
#Chat&lt;br /&gt;
##mod/chat:chat - allows a user to participate in this chat&lt;br /&gt;
##mod/chat:readlog - allows a user to read past chat session logs&lt;br /&gt;
##mod/chat:deletelog - allows a user to delete past chat logs&lt;br /&gt;
#Choice&lt;br /&gt;
##mod/choice:choose - make a choice&lt;br /&gt;
##mod/choice:readresponses - read all responses&lt;br /&gt;
##mod/choice:deleteresponses - deletes all responses&lt;br /&gt;
##mod/choice:downloadresponses - download responses&lt;br /&gt;
#Database&lt;br /&gt;
##mod/data:viewentry - reads other people&#039;s entry&lt;br /&gt;
##mod/data:writeentry - add / edit and delete (own) entries&lt;br /&gt;
##mod/data:managetemplates - add, delete, edit fields and templates&lt;br /&gt;
##mod/data:manageentries - edit/delete all entries&lt;br /&gt;
##mod/data:comment - comment&lt;br /&gt;
##mod/data:managecomments - edit/delete all comments&lt;br /&gt;
##mod/data:rate - rate an entry&lt;br /&gt;
##mod/data:viewrating&lt;br /&gt;
##mod/data:approve - approves an entry&lt;br /&gt;
##mod/data:uploadentries - batch upload of entries&lt;br /&gt;
#Exercise&lt;br /&gt;
##mod/exercise:assess&lt;br /&gt;
#Forum&lt;br /&gt;
##mod/forum:viewdiscussion&lt;br /&gt;
##mod/forum:viewdiscussionsfromallgroups&lt;br /&gt;
##mod/forum:viewhiddentimedposts&lt;br /&gt;
##mod/forum:startdiscussion&lt;br /&gt;
##mod/forum:replypost&lt;br /&gt;
##mod/forum:viewrating&lt;br /&gt;
##mod/forum:viewanyrating&lt;br /&gt;
##mod/forum:rate&lt;br /&gt;
##mod/forum:createattachment&lt;br /&gt;
##mod/forum:deleteownpost&lt;br /&gt;
##mod/forum:deleteanypost&lt;br /&gt;
##mod/forum:splitdiscussions&lt;br /&gt;
##mod/forum:movediscussions&lt;br /&gt;
##mod/forum:editanypost&lt;br /&gt;
##mod/forum:viewqandawithoutposting&lt;br /&gt;
##mod/forum:viewsubscribers&lt;br /&gt;
##mod/forum:managesubscriptions&lt;br /&gt;
##mod/forum:throttlingapplies&lt;br /&gt;
#Glossary&lt;br /&gt;
##mod/glossary:write - add entries&lt;br /&gt;
##mod/glossary:manageentries - add, edit, delete entries&lt;br /&gt;
##mod/glossary:managecategories - create, delete, edit categories&lt;br /&gt;
##mod/glossary:comment - comment on an entry&lt;br /&gt;
##mod/glossary:managecomments - edit, delete comments&lt;br /&gt;
##mod/glossary:import - import glossaries&lt;br /&gt;
##mod/glossary:export - export glossaries&lt;br /&gt;
##mod/glossary:approve - approve glossaries&lt;br /&gt;
##mod/glossary:rate - rates glossary&lt;br /&gt;
##mod/glossary:viewrating - view ratings&lt;br /&gt;
#Hotpot&lt;br /&gt;
##mod/hotpot:attempt - attempt a hotpot&lt;br /&gt;
##mod/hotpot:viewreport - review and view reports&lt;br /&gt;
##mod/hotpot:grade - (grade? and) regrade&lt;br /&gt;
##mod/hotpot:deleteattempt - deletes attempts&lt;br /&gt;
#Label&lt;br /&gt;
##none&lt;br /&gt;
#Lams&lt;br /&gt;
##mod/lams:participate - original student&lt;br /&gt;
##mod/lams:manage - original teacher&lt;br /&gt;
#Lesson&lt;br /&gt;
##mod/lesson:edit - add and edit pages&lt;br /&gt;
##mod/lesson:manage - view student attempts&lt;br /&gt;
#Quiz&lt;br /&gt;
##mod/quiz:grade - comment, override grade, manual grade&lt;br /&gt;
##mod/quiz:preview - previews the quiz&lt;br /&gt;
##mod/quiz:viewreports - view quiz result reports&lt;br /&gt;
##mod/quiz:manage - add/delete/move (up or down) questions for a quiz&lt;br /&gt;
##mod/quiz:attempt - attempt the quiz--[[User:Tim Hunt|Tim Hunt]]&lt;br /&gt;
#Resource&lt;br /&gt;
#Scorm&lt;br /&gt;
##mod/scorm:viewgrades&lt;br /&gt;
#Survey&lt;br /&gt;
##mod/survey:download - downloads survery result&lt;br /&gt;
##mod/survey:participate - participate/ do survey&lt;br /&gt;
##mod/survey:readresponses - read all user&#039;s responese&lt;br /&gt;
#Wiki&lt;br /&gt;
##mod/wiki:participate - original student, meaning depends of type and course setting&lt;br /&gt;
##mod/wiki:manage - original teacher, manages assigned group; moodle/site:accessallgroups is needed to manage all groups &lt;br /&gt;
##(Waiting on new wiki)&lt;br /&gt;
#Workshop&lt;br /&gt;
##mod/workshop:participate - original student, allows user to submit and assess&lt;br /&gt;
##mod/workshop:manage - original teacher, user can manage others&lt;br /&gt;
##(Waiting on new Workshop)&lt;br /&gt;
&lt;br /&gt;
===Enrolment-level Capabilities===&lt;br /&gt;
&lt;br /&gt;
The naming convention for capabilities that are specific to enrolment is &#039;enrol/enrol_name:capability&#039;. The enrolment capabilities are defined in enrol/enrol_name/db/access.php.&lt;br /&gt;
&lt;br /&gt;
#Authorize.net Payment Gateway &lt;br /&gt;
##enrol/authorize:managepayments - manage user payments, capture, void, refund, delete etc.&lt;br /&gt;
&lt;br /&gt;
===Blocks===&lt;br /&gt;
#activity_modules&lt;br /&gt;
##None&lt;br /&gt;
#admin&lt;br /&gt;
#admin_2&lt;br /&gt;
#admin_bookmarks&lt;br /&gt;
#blog_menu&lt;br /&gt;
#blog_tags&lt;br /&gt;
#calendar_month&lt;br /&gt;
#calendar_upcoming&lt;br /&gt;
#course_list&lt;br /&gt;
#course_summary&lt;br /&gt;
#glossary_random&lt;br /&gt;
#html&lt;br /&gt;
#loancalc&lt;br /&gt;
#login&lt;br /&gt;
#messages&lt;br /&gt;
#news_items&lt;br /&gt;
#online_users&lt;br /&gt;
#participants&lt;br /&gt;
#quiz_results&lt;br /&gt;
#recent_activity&lt;br /&gt;
#rss_client&lt;br /&gt;
##block/rss_client:createprivatefeeds&lt;br /&gt;
##block/rss_client:createsharedfeeds&lt;br /&gt;
##block/rss_client:manageownfeeds&lt;br /&gt;
##block/rss_client:manageanyfeeds&lt;br /&gt;
#search&lt;br /&gt;
#search_forums&lt;br /&gt;
#section_links&lt;br /&gt;
#site_main_menu&lt;br /&gt;
#social_activities&lt;br /&gt;
&lt;br /&gt;
===Questions===&lt;br /&gt;
I am adding question categories here because they seem to have been forgotten in the whole scheme of things since having been removed from the quiz module itself. I&#039;ve made a suggestion on how these could be handled in [http://www.moodle.org/bugs/bug.php?op=show&amp;amp;bugid=6118&amp;amp;pos= bug 6118].&lt;br /&gt;
&lt;br /&gt;
See [http://moodle.org/mod/forum/discuss.php?d=51143 this forum thread] for a discussion about the current problems wth publishing question categories.[[User:Tim Hunt|Tim Hunt]] 18:50, 8 August 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Programming Interface==&lt;br /&gt;
&lt;br /&gt;
Although the Roles system may look complicated at first glance, implementing it in Moodle code is fairly simple.&lt;br /&gt;
&lt;br /&gt;
* You need to define each capability once, so that Moodle can upgrade existing roles to take advantage of it.  You do this in an access.php inside the db folder of any module (eg see mod/forum/db/access.php).  The array contains entries like this (note the descriptions for the legacy roles which provides forward compatibility):&lt;br /&gt;
    &#039;mod/forum:viewforum&#039; =&amp;gt; array(&lt;br /&gt;
        &#039;captype&#039; =&amp;gt; &#039;read&#039;,&lt;br /&gt;
        &#039;contextlevel&#039; =&amp;gt; CONTEXT_MODULE,&lt;br /&gt;
        &#039;legacy&#039; =&amp;gt; array(&lt;br /&gt;
            &#039;guest&#039; =&amp;gt; CAP_PREVENT,&lt;br /&gt;
            &#039;student&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;teacher&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;editingteacher&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;coursecreator&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;admin&#039; =&amp;gt; CAP_ALLOW&lt;br /&gt;
        )&lt;br /&gt;
    ),&lt;br /&gt;
* To load/change these capabilities you need to bump the module version.   There&#039;s no need to provide changes or differences as Moodle will scan the whole array and sort it out.&lt;br /&gt;
* On each page you need to find the context the user is working in, using the get_context_instance() function.  For example, in the forum module:&lt;br /&gt;
&lt;br /&gt;
  $context = get_context_instance(CONTEXT_MODULE, $cm-&amp;gt;id);&lt;br /&gt;
* Then, whenever you want to check that the current user has rights to do something, call has_capability() like this:&lt;br /&gt;
    if (!has_capability(&#039;mod/forum:viewforum&#039;, $context)) {&lt;br /&gt;
        print_error(&#039;nopermissiontoviewforum&#039;);&lt;br /&gt;
    }&lt;br /&gt;
* If you just want to assert a capability and then finish with an error message if it&#039;s not met (as we did above), then a shorter way it to use require_capability() like this:&lt;br /&gt;
&lt;br /&gt;
    require_capability(&#039;mod/forum:viewforum&#039;, $context);&lt;br /&gt;
&lt;br /&gt;
* Note that there are extra parameters you can specify to get a custom error message, otherwise users get an automated &amp;quot;No permissions&amp;quot; message that lists the permission they were missing.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
As a result of the new Roles System, all calls to isadmin(), iscoursecreator, isteacheredit(), isteacher(), isstudent(), and isguest() will have to be replaced with calls to has_capability() or require_capability().   However, these functions will be retained for some backward compatibility with old code, using the legacy capabilities to try and work out what to do.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Metacourses==&lt;br /&gt;
&lt;br /&gt;
The behaviour of metacourses in Moodle 1.7 changed slightly, in that where it used to just synch students from child courses to the parent course, it will now synch ALL roles. Teachers etc of the child courses will have the same role in the meta course. Technically metacourse synchronises all role assignments in CONTEXT_COURSE with its child courses; the only exception are users with moodle/course:managemetacourse capability, these users are synchronized only upwards, they are not unenrolled from metacourse when unenroling from child course or when removing the child from metacourse.&lt;br /&gt;
&lt;br /&gt;
In order to import/enrol other courses into metacoure you need to have moodle/course:managemetacourse capability. You can add manually only participants with moodle/course:managemetacourse, all other participants are automatically synced with child courses - if you try to manually enrol user without this capability error is displayed. Similar error is shown also when you try to manually unenrol participant from meta course while still being enrolled in child course.&lt;br /&gt;
&lt;br /&gt;
Sample setup:&lt;br /&gt;
* metacourse manager has been assigned role with moodle/course:managemetacourse capability in system or course category context&lt;br /&gt;
* students are enrolled in several child courses&lt;br /&gt;
* teachers are enrolled in separate child course(s)&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Problem areas we are working on ==&lt;br /&gt;
&lt;br /&gt;
===Student view===&lt;br /&gt;
&lt;br /&gt;
The &amp;quot;Student view&amp;quot; button has been removed completely.&lt;br /&gt;
&lt;br /&gt;
If there is time and a secure way can be found, it will be replaced by a menu to let the user assume a temporary role in the context of that course.&lt;br /&gt;
&lt;br /&gt;
===Teacher forum===&lt;br /&gt;
&lt;br /&gt;
Teacher forums were always a curious exception to normal forums, as they were not part of a course as such, and were not backed up.&lt;br /&gt;
&lt;br /&gt;
We&#039;re taking the opportunity to rectify this.   The upgrade converts teacher forums with content to normal forums in section 0 of the course, and ensures that only teachers can access them.  If the teacher forum had not been used in the course then it&#039;s not converted and will just dissappear.&lt;br /&gt;
&lt;br /&gt;
===Enrolment plugins===&lt;br /&gt;
&lt;br /&gt;
====Process of logging in====&lt;br /&gt;
&lt;br /&gt;
# load_user_capability() is called to load all the capabilities&lt;br /&gt;
# check_enrolment_plugins() is called at the top of load_user_capability() to check all the enrolment plugins.&lt;br /&gt;
# For each active plugin:&lt;br /&gt;
##Check for setup_enrolments($user) and run it.  This function will do all the processing needed to assign or unassign roles from the current user.&lt;br /&gt;
# load_user_capability() continues and loads up all the roles&lt;br /&gt;
# load_defaultuser_role() is called to add default site permissions (all users)&lt;br /&gt;
&lt;br /&gt;
====Process of checking access to a course====&lt;br /&gt;
&lt;br /&gt;
require_login($course-&amp;gt;id) is called by the script and has logic like this:&lt;br /&gt;
&lt;br /&gt;
# Is the user a guest at site level?&lt;br /&gt;
## Yes: Does the course allow guests?&lt;br /&gt;
### Yes: return true (and further capabilities are checked by the script)&lt;br /&gt;
### No:  send the user to course/enrol.php for enrolment&lt;br /&gt;
## No: continue below&lt;br /&gt;
&lt;br /&gt;
# Does the user have moodle/course:view in that (course) context?&lt;br /&gt;
## Yes: then they can enter (and further capabilities are checked by the script)&lt;br /&gt;
##  No: is guest access allowed on the course?&lt;br /&gt;
### Yes: assign temporary guest role to that user for that context (in session cache).&lt;br /&gt;
### No: send the user to course/enrol.php for enrolment.&lt;br /&gt;
&lt;br /&gt;
====Process of enrolling====&lt;br /&gt;
&lt;br /&gt;
(more soon)&lt;br /&gt;
&lt;br /&gt;
==Scenario brainstorming==&lt;br /&gt;
&lt;br /&gt;
This section is for brainstorming some example roles that we would like to support.  Note some of these *may* not be possible in 1.7.&lt;br /&gt;
&lt;br /&gt;
===Student===&lt;br /&gt;
Obviously.&lt;br /&gt;
&lt;br /&gt;
===Site Designers===&lt;br /&gt;
Is there a role for people involved in how the site looks but not full administrators? Thinking here of online control of themes rather than FTP theme uploading. But in either case they caneditlogos, caneditcss, candeditlevelatwhichthemeapplies.&lt;br /&gt;
&lt;br /&gt;
===Educational Authority Adviser===&lt;br /&gt;
Someone who would want to browse the site and may be asked to comment or contribute to particular discussions or developments in school. Access for this role would be controlled by the school in the case of school level moodles but may be different if there were to be a Local Authority wide Moodle.&lt;br /&gt;
&lt;br /&gt;
===Educational Inspector===&lt;br /&gt;
Someone who will visit the site to verify the school&#039;s self review that comments on home school relationships, extending the classroom etc. They may want to see summaries of usage and reports from surveys garnering parent and pupil views.&lt;br /&gt;
&lt;br /&gt;
===Second Marker / Moderator===&lt;br /&gt;
A teacher within ths site that has access to assignments and quizzes from another teacher&#039;s course for second marking purposes. This may need additional functionality adding to the assignment module so that two sets of grades/feedback can be given to one set of assignments.&lt;br /&gt;
&lt;br /&gt;
===Peer observer of teaching===&lt;br /&gt;
Many institutions encourage peer observation of teaching, to encourage reflection on practice. In online environments this will be similar to moderation or inspection. The peer observer would need to be able to experience the course &amp;quot;as a student&amp;quot;, but also to be able to view summaries of usage, transcripts of interactions (forums/surveys/polls etc), grades assigned (e.g. in assignments).&lt;br /&gt;
&lt;br /&gt;
===External Examiner===&lt;br /&gt;
Has all the rights of inspectors, but would also need to be able to review assignments and feedback, view forums, glossaries etc. However, would not want to post, feedback onto the site at all.&lt;br /&gt;
&lt;br /&gt;
===Parent===&lt;br /&gt;
A parent will have one or more children in one or more institutions which could be using one or more moodle instances or a mixture of Learning Platforms. A parent&#039;s role will vary depending on the age of their children and whether they are contributing as a parent or a school supporter.&lt;br /&gt;
&lt;br /&gt;
In Early Years (EY=3+4 yr olds) and Key Stage 1 (KS1=5+6 yr olds) they may play/learn on an activity or write for the child. Parents often interpret homework tasks and read to their children perhaps filling in a joint reading diary. In Key Stage 2 (KS2=7-11 yr olds) parents would be more monitoring but may join in as well.&lt;br /&gt;
&lt;br /&gt;
In Key stages 3 (KS3=12-14 yr olds) and 4 (KS4=15+16 yr olds) this changes to more of a monitoring/awareness role where a parent would expect to have a summary report of attendance, attainment and general achievement on a weekly/monthly/termly or annual basis. Parents will often be asked to sign and write back comments about this review report.&lt;br /&gt;
&lt;br /&gt;
In all Key Stages there is a great need for parents to receive communication from the school which they can confirm they have received by signing a form. In some cases this may also involve making choices from a list. It may also involve payment for a trip or disco being returned so there could be the possibility of electronic payments. Also in all Key Satges there may be a home-school agreement which may be signed up to. Could this form part of a site policy system that incorporates a tickable list of activities the parent agrees to the child using (blogs/wikis/forums etc.)?&lt;br /&gt;
&lt;br /&gt;
Parent&#039;s evenings often involve complex booking systems that attempt to get parent&#039;s and teachers together. Easy for EY/KS1/KS2 very difficult for KS3/KS4. Wow would this help if it was built into the Learning Platform.&lt;br /&gt;
&lt;br /&gt;
In some cases there needs to be confidential communication between the parent and the teacher without the child being party to this. It may involve teaching and learning but could also involve a behaviour or medical issue. Often this may be done via a sealed letter or face to face. &lt;br /&gt;
&lt;br /&gt;
The latest incarnation of OfSTED with the Self Review Framework (SEF) there is a greater emphasis on schools gathering parent voice via surveys and discussion. There is a clear match here with parents have access to parental votes, questionnaires and discussions and for schools to be able to publish news, results and reports back to parents.&lt;br /&gt;
&lt;br /&gt;
In the UK the LP framework and agenda as being pushed by the DfES via Becta emphasises that within the mandatory groups and roles functionality the parent role is likely to be required to meet the LP Framework procurement standard.&lt;br /&gt;
&lt;br /&gt;
Again in the UK, parents have their own independent right of access to a child&#039;s educational records. Obviously, children&#039;s records must not be made available to other parties, including the parents of other children in the same class. Thus it would be necessary to associate parent accounts with their own child&#039;s accounts in such a way that they could, if so desired, have read access to their child&#039;s grades, answers and contributions, but generally not those of other children - this may be problematic in the case of wiki activities or forum posts.&lt;br /&gt;
&lt;br /&gt;
There is some concern that children&#039;s forum contributions etc may be constrained if their parents are able to read all that they write; this may be particularly problematic in areas such as Personal, Social and Health Education (PSHE), where some schools may choose to use obfuscated usernames.&lt;br /&gt;
&lt;br /&gt;
===Manager===&lt;br /&gt;
&#039;&#039;Please add text here...&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Weekly Seminar Leader===&lt;br /&gt;
&#039;&#039;In a university seminar, typically 8-15 students in their 3rd/4th year, each student is responsible for leading one topic in a study series.  I ask each student to research 5-10 resources, then give a powerpoint presentation to the other students.  This is followed by an in-class discussion and then online homework.  The homework involves some fun quiz questions and then some reflective journal questions.  I ask each seminar leader to prepare the quiz questions and journal questions as well as their presentation.  To do that, I would like to assign activity-making/authoring roles to the student--either for a short period, or for duration of the whole course.  Thus &amp;quot;Allow Quiz Authoring Role&amp;quot; or &amp;quot;Allow Assignment Authoring Role&amp;quot; at the course level or, if possible, even the Topic level (in a topic or week format course) would be important.&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Mentor/Mentee===&lt;br /&gt;
&#039;&#039;Please add text here...&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Community-Designed Rating Criteria===&lt;br /&gt;
&#039;&#039;The gradebook tends to be the domain of the teacher.  What if community/peer ratings/marks could also be entered there? What if peer assessment criteria could be designed by the students, not just the teacher?&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Visitor===&lt;br /&gt;
&lt;br /&gt;
This would be a role whereby one could allow a visitor to visit one&#039;s classroom. This might be a colleague interested in seeing your course, or a journalist who might be writing an article about one&#039;s site. They should not be able to see the names of any students anywhere (eg recent activity, forum posts) for privacy reasons. They should be able to try out things like quizzes, and lessons but no grades would be recorded (like in teacher preview mode). They would not be able to participate in choices and forums but could view them. It would be read only in a way like former-student role below but without access to a particular student&#039;s records that former student role would grant.&lt;br /&gt;
&lt;br /&gt;
===Guest Speaker===&lt;br /&gt;
&lt;br /&gt;
This role would be similar to the Visitor role above, but would allow seeing student names, and also allow both reading and posting to a specific forum or forums. We often have &amp;quot;guest speakers&amp;quot; who read and respond to student forum posts. Right now we have to add them as students, which isn&#039;t ideal.&lt;br /&gt;
&lt;br /&gt;
===Former Student===&lt;br /&gt;
This role would be of particular use for courses with rolling enrollments. This role would be one where a student had completed all of the requirements of a course (ie assignments, quizzes etc.) but wished to have continued access to the course material for review or consultation. The key factor is that one would give access to the completed student to the notes he read, his work and the teacher&#039;s comments on it, but he would not be allowed to do anything that would take up the teacher&#039;s time. In other words, a sort-of read-only access to the course. How forums, which might contain pertinent information and would continue to grow, would be handled is a question. Perhaps the student would be shown only what was in the forums at the time he completed the course. He would not be allowed to see any new posts or add any himself. Same thing for database and glossary entries. In other words, a snapshot of the course at the time his regular enrollment ended. He shouldn&#039;t be able to see the names or profiles of any newly enrolled students for privacy reasons-hence the restrictions on forum access. One issue that would have to be dealt with would be changes to existing modules-such as resources. Does the student get access to the module as it was or as it is? We have no versioning of resources in Moodle so this would be a problem. What about a teacher changing a quiz question so that the answer is different? What would a former student see?&lt;br /&gt;
&lt;br /&gt;
===Alumnus=== An ALUMNUS should be able to search for all other ALUMNI of the school, interact with them and be enrolled in a seperate course - which is like a META course with all the content of his learning and interaction - as well as capabilities to be a part of this ALUMNI only course.  All the teachers of courses during school years should automatically be a part of the ALUMNI course .. which means when an ALUMNUS is enrolled in a course, the original teachers of all his courses get enrolled ?  --[[User:Anil Sharma|Anil Sharma]] 20:54, 15 July 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Librarian===&lt;br /&gt;
&lt;br /&gt;
Reference Librarians have an active role in most of the courses taught at some schools such as Earlham College (with Bibliographic Instruction). The Librarian role within Moodle could encompass default read access to all courses (unless prohibited by course teacher) and read access to all components of the course unless access is barred (again by teacher). The Librarians would also perhaps have a block called perhaps Reference Services or Reference Desk with write access where they could deposit resources. Also this block might have a chat applet whereby enrolled students could chat to the Reference Librarian on duty about their bibliographic research needs.&lt;br /&gt;
&lt;br /&gt;
In schools there is often a book review system. This may be covered by the lending system database but may not in which case a librarian may neeed to have a course area they can create a database template to handle the reviews in which case they may have a normal teacher style role? Off topic but course an integration with common schools database systems would be great.&lt;br /&gt;
&lt;br /&gt;
===Teacher===&lt;br /&gt;
&lt;br /&gt;
Teachers should have read access to other Teacher&#039;s courses unless explictly prohibited. They should be able to set parts of their own course to be totally private (perhaps even to admin?). Just as each activity can currently be set to have group access, each activity could have a permissions field. Teachers could set default permissions for all activities on their course (eg they might disallow Librarian access for example) and then change the access permission for an individual activity. &lt;br /&gt;
&lt;br /&gt;
I think that what is needed is a simple heirarchy of permissions and levels of granularity.&lt;br /&gt;
&lt;br /&gt;
I would take issue with &amp;quot;teachers should have read access to other teacher&#039;s courses unless explicitly prohibited.&amp;quot; This is a violation of the students&#039; privacy as how they perform and what they do in one class isn&#039;t the business of another teacher. Moreover, in the real world a teacher wouldn&#039;t suddenly go sit in on a colleague&#039;s class without asking permission first. I would not have appreciated such an invasion of privacy as either a teacher or a student. It could be an option, but shouldn&#039;t be default.--[[User:N Hansen|N Hansen]] 19:54, 12 June 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Community Education Tutors/Trainers===&lt;br /&gt;
Teachers may be community adult education trainers making use of a school moodle so must only have access to their courses unless given access elsewhere. They would not necessarily get the default teacher privileges.&lt;br /&gt;
&lt;br /&gt;
===Secretary/Student Worker===&lt;br /&gt;
&lt;br /&gt;
We often have faculty who want their departmental secretary or student worker to scan and upload files and perhaps create resources. Currently they have to be given teacher access to the course. This is dangerous from a FERPA standpoint since they could easily get access to grades.&lt;br /&gt;
&lt;br /&gt;
===Teaching Assistant===&lt;br /&gt;
&lt;br /&gt;
Our Faculty frequently have undergraduate students acting as Teaching Assistants. These students need to be able to add resources, create assignments, and possibly grade assignments. However, due to FERPA they cannot have access to other students&#039; overall grade information. I think the requirements here are slightly different than those of Secretary/Student Worker&lt;br /&gt;
&lt;br /&gt;
===Student - FERPA rights===&lt;br /&gt;
&lt;br /&gt;
A student that has asserted their FERPA rights to non-disclosure.  Typically includes not publishing their name&lt;br /&gt;
in any public place.  Could include this student only being seen with an &amp;quot;alias&amp;quot; within course spaces.  Is this an attribute rather&lt;br /&gt;
than a role?&lt;br /&gt;
&lt;br /&gt;
===Help Desk===&lt;br /&gt;
&lt;br /&gt;
Help desk agents that have read access for the purposes of trouble shooting.  Some care in placing this role within a hierarchy&lt;br /&gt;
of inheritance is needed, full access will be problematic with FERPA.&lt;br /&gt;
&lt;br /&gt;
===Admin - Catgory based===&lt;br /&gt;
&lt;br /&gt;
Basically a person in between full Admin and Creator that has the permissions of an Admin but only with respect to courses and students. Currently a Creator has permissions site-wide which does not always meet the requirements of a given organisation (e.g. Department A may not be happy that a person from Department B can create/modify courses within Department A&#039;s area). The ability to designate a Creator within a specific category would allow areas to be set up for a faculty/department/organisation and allow the Admin for that area to create/delete courses, upload users, add site-wide entries to the calendar etc.&lt;br /&gt;
&lt;br /&gt;
===Process Roles===&lt;br /&gt;
&lt;br /&gt;
organising the learning process for a group you wish to have the choice to place students in differnt roles: examples of this are:&lt;br /&gt;
* Give a student the role of forum-moderator with edit and chunk-rights&lt;br /&gt;
* Give students different roles &amp;amp; rights in a Webquest design (and change these roles next week&lt;br /&gt;
* Give students different resources, depending of their roles in a rolegame/simulation&lt;br /&gt;
* Give a student the rights to create the section content of next week (and only that week..)&lt;br /&gt;
&lt;br /&gt;
==Things to finish for 1.7 Beta==&lt;br /&gt;
&#039;&#039;&#039;18 Sept 2006&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
#Remove core references to user_student, user_teacher, user_admin, user_coursecreator tables.  [Yu]&lt;br /&gt;
#Address function: isteacher, isadmin, isstudent [Yu]&lt;br /&gt;
#Remove &amp;quot;view&amp;quot; capabilities from all modules unless required [Vy]&lt;br /&gt;
#Remove all old references from remaining Blocks [Vy]&lt;br /&gt;
#Metacourses [Skodak]&lt;br /&gt;
#Add risks to GUI[Skodak]&lt;br /&gt;
#Enrolment plugins  [Martin and Alastair]&lt;br /&gt;
#[[Stats_roles_1.7|Statistics]] [Penny]&lt;br /&gt;
#Fix Loginas&lt;br /&gt;
#Add category-level assigns [Yu]&lt;br /&gt;
#[[Backup_roles_1.7|Backups]] [Eloy?]&lt;br /&gt;
&lt;br /&gt;
===Proposal for interface enhancement===&lt;br /&gt;
Martin asked some questions, here are my answers. The sketches below are not worked out proposals. Their task is to visualize the idea. The exact colours and functionality may be defined after possible agreement about the proposals. The Green, orange and red columns support the meaning of the options from &amp;quot;allow&amp;quot; to &amp;quot;prohibit&amp;quot; (If you may want to see larger images please click onto the image or the &amp;quot;Enlarge&amp;quot; icon below the image.)&lt;br /&gt;
&lt;br /&gt;
The list of possible settings is very long and &#039;&#039; &amp;quot;... the problem is not to overwhelm people with information&amp;quot; &#039;&#039;. &lt;br /&gt;
&lt;br /&gt;
[[Image:01_moodle_define_roles_structured.png|thumb=01_moodle_define_roles_structured_pre.png]]&lt;br /&gt;
&lt;br /&gt;
1) One proposal is to use colour to structure the sections and the columns. Picture 1 shows that the user can keep a much better overview when the list is divided into meaningful different coloured columns and clear sections.&lt;br /&gt;
&amp;lt;br style=&amp;quot;clear:both;&amp;quot; /&amp;gt;&lt;br /&gt;
&lt;br /&gt;
[[Image:02_moodle_define_roles_collapsed.png|thumb=02_moodle_define_roles_collapsed_pre.png]]&lt;br /&gt;
&lt;br /&gt;
2) A second proposal is to reduce the amount of information the user is shown at the same time. The YUI interface library offers great support to show/hide sections of the page by clicking on specific elements. &lt;br /&gt;
&lt;br /&gt;
For example click on an icon beside the sub heading &amp;quot;Course categories&amp;quot; and show/hide all table rows with the CLASS &amp;quot;course-category&amp;quot;.&lt;br /&gt;
&amp;lt;br style=&amp;quot;clear:both;&amp;quot; /&amp;gt;&lt;br /&gt;
&lt;br /&gt;
[[Image:03_moodle_define_roles_tooltip.png|thumb=03_moodle_define_roles_tooltip_pre.png]]&lt;br /&gt;
&lt;br /&gt;
3) &#039;&#039; &amp;quot;The main problem is the last column for risk ... we were thinking of putting little icons in there ...&amp;quot; &#039;&#039;&lt;br /&gt;
Icons are good when they tell the user more about possible actions/meanings then the letters. I am not sure if this is the case here. For both - icons or letters - the YUI tool-tip function would be able to give the user valuable information about the meaning.&lt;br /&gt;
&amp;lt;br style=&amp;quot;clear:both;&amp;quot; /&amp;gt;&lt;br /&gt;
&lt;br /&gt;
==See also==&lt;br /&gt;
&lt;br /&gt;
*Using Moodle forum discussion&lt;br /&gt;
**[http://moodle.org/mod/forum/discuss.php?d=38788 Roles and Permissions architecture]&lt;br /&gt;
**[http://moodle.org/mod/forum/discuss.php?d=56302#256313 An example of admin roles as set in the database]&lt;br /&gt;
&lt;br /&gt;
[[Category:Future]]&lt;br /&gt;
[[Category:Roles]]&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Roles&amp;diff=3143</id>
		<title>Roles</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Roles&amp;diff=3143"/>
		<updated>2006-10-13T04:37:42Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* Upgrading from 1.6 */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&#039;&#039;&#039;Roles and permissions&#039;&#039;&#039; will be in Moodle 1.7 and are available in the developer version of Moodle.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Definitions==&lt;br /&gt;
&lt;br /&gt;
A role is an identifier of the user&#039;s status in some context, for example, teacher, student and forum moderator are examples of roles.&lt;br /&gt;
&lt;br /&gt;
A capability is a description of some particular Moodle feature. Capabilities are associated with roles. For example, &#039;&#039;mod/forum:replypost&#039;&#039; is a capability.&lt;br /&gt;
&lt;br /&gt;
A permission is some value that is assigned for a capability for a particular role.  For example, allow or prevent.&lt;br /&gt;
&lt;br /&gt;
A context is a &amp;quot;space&amp;quot; in the Moodle, such as courses, activity modules, blocks etc.&lt;br /&gt;
&lt;br /&gt;
==The existing system==&lt;br /&gt;
&lt;br /&gt;
Currently in Moodle, we have a fixed set of roles i.e. primary admin, admins, course creators, editing teachers, non-editing teachers, students, and guests. For each role, the capability or actions that they can perform are fixed. For example, the role student allows the user to submit an assignment, but doesn&#039;t allow the user to browse/edit other users&#039; work. By using this setup we limit ourselves to a rather rigid set of capabilities for each role. If we want, say a particular student or group to be able to mark assignments in a particular course, we can&#039;t do that without giving these users teacher privileges.&lt;br /&gt;
&lt;br /&gt;
==The new roles and capability system==&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{{Moodle 1.7}}Role has two primary functions:&lt;br /&gt;
# define list of permissions - role definition is global for all contexts, but can be changed by local context overrides&lt;br /&gt;
# replace old course erolments - role assignment in course context is simitar to the old enrolment process&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
The new system will allow authorized users to define an arbitrary number of roles (eg a teacher) &lt;br /&gt;
&lt;br /&gt;
A role consists of a list of permissions for different possible actions within Moodle (eg delete discussions, add activities etc)&lt;br /&gt;
&lt;br /&gt;
Roles can be applied to users in a context (eg assign Fred as a teacher in a particular course)&lt;br /&gt;
&lt;br /&gt;
Here are the possible contexts, listed from the most general to the most specific. &lt;br /&gt;
&lt;br /&gt;
#CONTEXT_SYSTEM       -- the whole site&lt;br /&gt;
#CONTEXT_PERSONAL     -- yourself&lt;br /&gt;
#CONTEXT_USER         -- another user&lt;br /&gt;
#CONTEXT_COURSECAT    -- a course category&lt;br /&gt;
#CONTEXT_COURSE       -- a course&lt;br /&gt;
#CONTEXT_GROUP        -- a group&lt;br /&gt;
#CONTEXT_MODULE       -- an activity module&lt;br /&gt;
#CONTEXT_BLOCK        -- a block&lt;br /&gt;
&lt;br /&gt;
An authorized user will be able to assign an arbitrary number of roles to each user in any context.&lt;br /&gt;
&lt;br /&gt;
Capabilities can have the following permissions:&lt;br /&gt;
&lt;br /&gt;
#CAP_INHERIT&lt;br /&gt;
#CAP_ALLOW&lt;br /&gt;
#CAP_PREVENT&lt;br /&gt;
#CAP_PROHIBIT&lt;br /&gt;
&lt;br /&gt;
If no permission is defined, then the capability permission is inherited from a context that is more general than the current context. If we define different permission values for the same capability in different contexts, we say that we are overriding the capability in the more specific context.&lt;br /&gt;
&lt;br /&gt;
Since the capabilities in each role could be different, there could be conflict in capabilities. This is resolved by enforcing the rule that the capability defined for a more specific context will win, unless a prohibit is encountered in a less specific context.&lt;br /&gt;
&lt;br /&gt;
For example, Mark has a student role at course level, which allows him to write into a wiki. But Mark also got assigned a Visitor role at a module context level (for a particular wiki) which prevents him from writing to the wiki (read only). Therefore, for this particular wiki, Mark will not be able to write to the wiki since the more specific context wins.&lt;br /&gt;
&lt;br /&gt;
If we set a PROHIBIT on a capability, it means that the capability cannot be overridden and will ALWAYS  have a permission of prevent (deny). Prohibit always wins.   For example, Jeff has a naughty student role that prohibits him from postings in any forums (for the whole site), but he&#039;s also assigned a facilitator role in &amp;quot;Science forum&amp;quot; in the course Science and Math 101. Since prohibit always wins, Jeff is unable to post in &amp;quot;Science forum&amp;quot;.&lt;br /&gt;
&lt;br /&gt;
Allow and prevent will cancel each other out if set for the same capability at the same context level. If this happens, we refer to the previous context level to determine the permission for the capability.&lt;br /&gt;
&lt;br /&gt;
This may sound more complex than it really is in practice.  The upshot is that the system can be flexible enough to allow pretty much any combination of permissions.&lt;br /&gt;
&lt;br /&gt;
==Upgrading from 1.6==&lt;br /&gt;
&lt;br /&gt;
A smooth upgrade will be provided with 1.7. The existing roles (admin, teacher, student, etc), and the existing capabilities will be automatically retained.  This is done by creating default roles at site/course levels, and assigning the current users to these roles accordingly. The default roles will have default capabilities associated with them, mirroring what we have  in 1.6.   With no modifications, Moodle will operate exactly the same before and after the upgrade.&lt;br /&gt;
&lt;br /&gt;
===Admins===&lt;br /&gt;
&lt;br /&gt;
Admin users will be assigned the default legacy admin role in the system (site) context&lt;br /&gt;
&lt;br /&gt;
===Course Creators===&lt;br /&gt;
&lt;br /&gt;
Admin users will be assigned the default legacy course creator role in the system (site) context&lt;br /&gt;
&lt;br /&gt;
===Teachers===&lt;br /&gt;
&lt;br /&gt;
Users who were teachers will be assigned the default legacy teacher role (or non-editing teacher role) in all courses they were teacher.&lt;br /&gt;
&lt;br /&gt;
===Students===&lt;br /&gt;
&lt;br /&gt;
Users who were students will be assigned the default student role in all courses they were student.&lt;br /&gt;
&lt;br /&gt;
===Guests===&lt;br /&gt;
&lt;br /&gt;
There will still be a single guest user with no default role at site level.   For each course that allows guest access, the guest role will be assigned to the guest user for that course context.   The guest control for the course will be modified from three to two options (guests always need to enter enrolment key - on/off).  This setting is checked as now to force guests to enter key.&lt;br /&gt;
&lt;br /&gt;
==Capabilities==&lt;br /&gt;
&lt;br /&gt;
This will be a comprehensive list of capabilities (it&#039;s not complete yet). It is important that capability names are unique.&lt;br /&gt;
&lt;br /&gt;
===Core-level Capabilities===&lt;br /&gt;
&lt;br /&gt;
Moodle core capability names start with &#039;moodle/&#039;.  The next word indicates what type of core capability it is, and the last word is the actual capability itself.  The capabilities for the Moodle core are defined in lib/db/access.php&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
#moodle/legacy:guest - legacy capabilities are used to transition existing users to the new roles system during the upgrade to Moodle 1.7&lt;br /&gt;
#moodle/legacy:student&lt;br /&gt;
#moodle/legacy:teacher&lt;br /&gt;
#moodle/legacy:editingteacher&lt;br /&gt;
#moodle/legacy:coursecreator&lt;br /&gt;
#moodle/legacy:admin&lt;br /&gt;
#moodle/site:doanything - special capability, meant for admins, if is set, overrides all other capability settings&lt;br /&gt;
#moodle/site:config - applicable in admin/index.php and config.php (might break down later) : 1)admin/config.php 2)admin/configure.php 3)blocks/admin/block_admin.php load_content_for_site()&lt;br /&gt;
#moodle/site:readallmessages - reads all messages and history&lt;br /&gt;
#moodle/site:approvecourse - approves a pending course&lt;br /&gt;
#moodle/site:manageblocks - adding/removing/editing blocks (site, course contexts only for now) : 1)_add_edit_controls moodleblock.class.php &lt;br /&gt;
#moodle/site:backup - can create a course backup : 1)course/category.php 2)block_admin.php&lt;br /&gt;
#moodle/site:restore - can restore into this context : 1)course/category.php 2)block_admin.php&lt;br /&gt;
#moodle/site:import - can import other courses into this context : 1)block_admin.php&lt;br /&gt;
#moodle/site:accessallgroups - able to access all groups irrespective of what group the user is in&lt;br /&gt;
#moodle/site:accessdb - directly accessing db (phpmyadmin)&lt;br /&gt;
#moodle/site:viewfullnames - able to see fullnames of other users&lt;br /&gt;
#moodle/site:viewparticipants - able to view participants&lt;br /&gt;
#moodle/site:viewreports - able to view site/course reports&lt;br /&gt;
#moodle/site:trustcontent - ability to use trusttext feature and bypass cleaning in specific areas&lt;br /&gt;
#moodle/site:uploadusers - ability to upload/update users from text file; moodle/role:assign capability is needed for course enrolling&lt;br /&gt;
#moodle/blog:view - read blogs (usable in system or course context)&lt;br /&gt;
#moodle/blog:create - write new blog posts (usable in system context only)&lt;br /&gt;
#moodle/blog:manageofficialtags - create/delete official blog tags that others can use (usable in system context only)&lt;br /&gt;
#moodle/blog:managepersonaltags - create/delete official blog tags that others can use (usable in system context only)&lt;br /&gt;
#moodle/blog:manageentries - edit/delete all blog entries (usable in system context only)&lt;br /&gt;
#moodle/course:setcurrentsection - mark course section&lt;br /&gt;
#moodle/course:create - create courses : 1)course/edit.php 2)course/category.php 3)course/index.php&lt;br /&gt;
#moodle/course:delete - create courses : 1)course/category.php&lt;br /&gt;
#moodle/course:update - update course settings&lt;br /&gt;
#moodle/course:view - can use this to find participants&lt;br /&gt;
#moodle/course:viewparticipants - allows a user to view participant list&lt;br /&gt;
#moodle/course:viewscales - view scales (i.e. in a help window?) : 1)course/scales.php&lt;br /&gt;
#moodle/course:manageactivities - adding/removing/editing activities and resources (don&#039;t think it makes any sense to split these)&lt;br /&gt;
#moodle/course:managescales - add, delete, edit scales, move scales up and down : 1)blocks/block_admin.php 2)course/scales.php&lt;br /&gt;
#moodle/course:managegroups - managing groups, add, edit, delete : 1)course/groups.php 2)course/group.php&lt;br /&gt;
#moodle/course:managefiles - manage course files and folders&lt;br /&gt;
#moodle/course:managequestions - manage course questions&lt;br /&gt;
#moodle/course:managemetacourse - manage child courses in metacourse&lt;br /&gt;
#moodle/course:reset - able to reset the course&lt;br /&gt;
#moodle/course:useremail - Can use the enable/disable email stuff&lt;br /&gt;
#moodle/course:visibility - hide/show courses : 1)course/category.php&lt;br /&gt;
#moodle/course:viewhiddencourses - see hidden courses&lt;br /&gt;
#moodle/course:activityvisibility - hide/show activities within a course&lt;br /&gt;
#moodle/course:viewhiddenactivities - able to see activities that have been hidden&lt;br /&gt;
#moodle/course:sectionvisibility - hide/show sections&lt;br /&gt;
#moodle/course:viewhiddensections - view hidden sections&lt;br /&gt;
#moodle/course:viewcoursegrades - views all grades in course&lt;br /&gt;
#moodle/course:viewhiddenuserfields - view all hidden user fields&lt;br /&gt;
#moodle/course:managegrades - manages grades settings in course&lt;br /&gt;
#moodle/category:create - create category : 1)course/index.php&lt;br /&gt;
#moodle/category:delete - delete category : 1)course/index.php&lt;br /&gt;
#moodle/category:update - update category settings (sort and rename) this is currently an admin capability : 1)course/category.php&lt;br /&gt;
#moodle/category:visibility - hide/show categories : 1)course/index.php&lt;br /&gt;
#moodle/user:viewusergrades - view your own, or other user&#039;s grades (with specified context)&lt;br /&gt;
#moodle/user:create - create user : 1) user/edit.php&lt;br /&gt;
#moodle/user:delete - delete user : 1) admin/user.php&lt;br /&gt;
moodle/user:readuserblogs - read blog entries&lt;br /&gt;
#moodle/user:update - update user settings : 1) user/edit.php&lt;br /&gt;
#moodle/user:viewdetails - view personally-identifying user details (e.g. name, photo).&lt;br /&gt;
#moodle/user:viewhiddendetails - view user details marked as &amp;quot;hidden&amp;quot;&lt;br /&gt;
#moodle/calendar:manageownentries - create/edit/delete &lt;br /&gt;
#moodle/calendar:manageentries - create/edit/delete&lt;br /&gt;
#moodle/role:assign - assign roles to users&lt;br /&gt;
#moodle/role:override - can override role capabilities (depending on context)&lt;br /&gt;
#moodle/role:manage - create/edit/delete roles, set capability permissions for each role&lt;br /&gt;
#moodle/role:unassignself - unassign yourself from your own roles&lt;br /&gt;
#moodle/role:viewhiddenassigns - view role assignments that have been marked as hidden&lt;br /&gt;
#moodle/question:import - imports questions (course level?) - Yes, question permissions currently need to be course-level.--[[User:Tim Hunt|Tim Hunt]]&lt;br /&gt;
#moodle/question:export - exports questions (course level?)&lt;br /&gt;
#moodle/question:managecateory - add/delete/edit question categories (course level?)&lt;br /&gt;
#moodle/question:manage - add/edit/delete a question (course level)&lt;br /&gt;
&lt;br /&gt;
===User-level Capabilities===&lt;br /&gt;
# moodle/user:readuserposts -read individual user posts on profile page (parent?)&lt;br /&gt;
# moodle/user:readuserblogs -read individual user blogs on profile page (parent?)&lt;br /&gt;
# moodle/user:viewuseractivitiesreport-read individual activity report on profile page (parent?)&lt;br /&gt;
# moodle/user:editprofile - edit profile (normally used in CONTEXT_USERID and CONTEXT_SYSTEM)&lt;br /&gt;
&lt;br /&gt;
===Module-level Capabilities===&lt;br /&gt;
The capabilities are cached into a database table when a module is installed or updated. Whenever the capability definitions are updated, the module version number should be bumped up so that the database table can be updated.&lt;br /&gt;
&lt;br /&gt;
The naming convention for capabilities that are specific to modules and blocks is &#039;mod/mod_name:capability&#039;.  The part before the colon is the full path to the module in the Moodle code.  The module capabilities are defined in mod/mod_name/db/access.php.&lt;br /&gt;
&lt;br /&gt;
#Assignment&lt;br /&gt;
##mod/assignment:view- reading the assignment description&lt;br /&gt;
##mod/assignment:submit - turn assignment in&lt;br /&gt;
##mod/assignment:grade - grading, viewing of list of submitted assignments&lt;br /&gt;
#Chat&lt;br /&gt;
##mod/chat:chat - allows a user to participate in this chat&lt;br /&gt;
##mod/chat:readlog - allows a user to read past chat session logs&lt;br /&gt;
##mod/chat:deletelog - allows a user to delete past chat logs&lt;br /&gt;
#Choice&lt;br /&gt;
##mod/choice:choose - make a choice&lt;br /&gt;
##mod/choice:readresponses - read all responses&lt;br /&gt;
##mod/choice:deleteresponses - deletes all responses&lt;br /&gt;
##mod/choice:downloadresponses - download responses&lt;br /&gt;
#Database&lt;br /&gt;
##mod/data:viewentry - reads other people&#039;s entry&lt;br /&gt;
##mod/data:writeentry - add / edit and delete (own) entries&lt;br /&gt;
##mod/data:managetemplates - add, delete, edit fields and templates&lt;br /&gt;
##mod/data:manageentries - edit/delete all entries&lt;br /&gt;
##mod/data:comment - comment&lt;br /&gt;
##mod/data:managecomments - edit/delete all comments&lt;br /&gt;
##mod/data:rate - rate an entry&lt;br /&gt;
##mod/data:viewrating&lt;br /&gt;
##mod/data:approve - approves an entry&lt;br /&gt;
##mod/data:uploadentries - batch upload of entries&lt;br /&gt;
#Exercise&lt;br /&gt;
##mod/exercise:assess&lt;br /&gt;
#Forum&lt;br /&gt;
##mod/forum:viewdiscussion&lt;br /&gt;
##mod/forum:viewdiscussionsfromallgroups&lt;br /&gt;
##mod/forum:viewhiddentimedposts&lt;br /&gt;
##mod/forum:startdiscussion&lt;br /&gt;
##mod/forum:replypost&lt;br /&gt;
##mod/forum:viewrating&lt;br /&gt;
##mod/forum:viewanyrating&lt;br /&gt;
##mod/forum:rate&lt;br /&gt;
##mod/forum:createattachment&lt;br /&gt;
##mod/forum:deleteownpost&lt;br /&gt;
##mod/forum:deleteanypost&lt;br /&gt;
##mod/forum:splitdiscussions&lt;br /&gt;
##mod/forum:movediscussions&lt;br /&gt;
##mod/forum:editanypost&lt;br /&gt;
##mod/forum:viewqandawithoutposting&lt;br /&gt;
##mod/forum:viewsubscribers&lt;br /&gt;
##mod/forum:managesubscriptions&lt;br /&gt;
##mod/forum:throttlingapplies&lt;br /&gt;
#Glossary&lt;br /&gt;
##mod/glossary:write - add entries&lt;br /&gt;
##mod/glossary:manageentries - add, edit, delete entries&lt;br /&gt;
##mod/glossary:managecategories - create, delete, edit categories&lt;br /&gt;
##mod/glossary:comment - comment on an entry&lt;br /&gt;
##mod/glossary:managecomments - edit, delete comments&lt;br /&gt;
##mod/glossary:import - import glossaries&lt;br /&gt;
##mod/glossary:export - export glossaries&lt;br /&gt;
##mod/glossary:approve - approve glossaries&lt;br /&gt;
##mod/glossary:rate - rates glossary&lt;br /&gt;
##mod/glossary:viewrating - view ratings&lt;br /&gt;
#Hotpot&lt;br /&gt;
##mod/hotpot:attempt - attempt a hotpot&lt;br /&gt;
##mod/hotpot:viewreport - review and view reports&lt;br /&gt;
##mod/hotpot:grade - (grade? and) regrade&lt;br /&gt;
##mod/hotpot:deleteattempt - deletes attempts&lt;br /&gt;
#Label&lt;br /&gt;
##none&lt;br /&gt;
#Lams&lt;br /&gt;
##mod/lams:participate - original student&lt;br /&gt;
##mod/lams:manage - original teacher&lt;br /&gt;
#Lesson&lt;br /&gt;
##mod/lesson:edit - add and edit pages&lt;br /&gt;
##mod/lesson:manage - view student attempts&lt;br /&gt;
#Quiz&lt;br /&gt;
##mod/quiz:grade - comment, override grade, manual grade&lt;br /&gt;
##mod/quiz:preview - previews the quiz&lt;br /&gt;
##mod/quiz:viewreports - view quiz result reports&lt;br /&gt;
##mod/quiz:manage - add/delete/move (up or down) questions for a quiz&lt;br /&gt;
##mod/quiz:attempt - attempt the quiz--[[User:Tim Hunt|Tim Hunt]]&lt;br /&gt;
#Resource&lt;br /&gt;
#Scorm&lt;br /&gt;
##mod/scorm:viewgrades&lt;br /&gt;
#Survey&lt;br /&gt;
##mod/survey:download - downloads survery result&lt;br /&gt;
##mod/survey:participate - participate/ do survey&lt;br /&gt;
##mod/survey:readresponses - read all user&#039;s responese&lt;br /&gt;
#Wiki&lt;br /&gt;
##mod/wiki:participate - original student, meaning depends of type and course setting&lt;br /&gt;
##mod/wiki:manage - original teacher, manages assigned group; moodle/site:accessallgroups is needed to manage all groups &lt;br /&gt;
##(Waiting on new wiki)&lt;br /&gt;
#Workshop&lt;br /&gt;
##mod/workshop:participate - original student, allows user to submit and assess&lt;br /&gt;
##mod/workshop:manage - original teacher, user can manage others&lt;br /&gt;
##(Waiting on new Workshop)&lt;br /&gt;
&lt;br /&gt;
===Enrolment-level Capabilities===&lt;br /&gt;
&lt;br /&gt;
The naming convention for capabilities that are specific to enrolment is &#039;enrol/enrol_name:capability&#039;. The enrolment capabilities are defined in enrol/enrol_name/db/access.php.&lt;br /&gt;
&lt;br /&gt;
#Authorize.net Payment Gateway &lt;br /&gt;
##enrol/authorize:managepayments - manage user payments, capture, void, refund, delete etc.&lt;br /&gt;
&lt;br /&gt;
===Blocks===&lt;br /&gt;
#activity_modules&lt;br /&gt;
##None&lt;br /&gt;
#admin&lt;br /&gt;
#admin_2&lt;br /&gt;
#admin_bookmarks&lt;br /&gt;
#blog_menu&lt;br /&gt;
#blog_tags&lt;br /&gt;
#calendar_month&lt;br /&gt;
#calendar_upcoming&lt;br /&gt;
#course_list&lt;br /&gt;
#course_summary&lt;br /&gt;
#glossary_random&lt;br /&gt;
#html&lt;br /&gt;
#loancalc&lt;br /&gt;
#login&lt;br /&gt;
#messages&lt;br /&gt;
#news_items&lt;br /&gt;
#online_users&lt;br /&gt;
#participants&lt;br /&gt;
#quiz_results&lt;br /&gt;
#recent_activity&lt;br /&gt;
#rss_client&lt;br /&gt;
##block/rss_client:createprivatefeeds&lt;br /&gt;
##block/rss_client:createsharedfeeds&lt;br /&gt;
##block/rss_client:manageownfeeds&lt;br /&gt;
##block/rss_client:manageanyfeeds&lt;br /&gt;
#search&lt;br /&gt;
#search_forums&lt;br /&gt;
#section_links&lt;br /&gt;
#site_main_menu&lt;br /&gt;
#social_activities&lt;br /&gt;
&lt;br /&gt;
===Questions===&lt;br /&gt;
I am adding question categories here because they seem to have been forgotten in the whole scheme of things since having been removed from the quiz module itself. I&#039;ve made a suggestion on how these could be handled in [http://www.moodle.org/bugs/bug.php?op=show&amp;amp;bugid=6118&amp;amp;pos= bug 6118].&lt;br /&gt;
&lt;br /&gt;
See [http://moodle.org/mod/forum/discuss.php?d=51143 this forum thread] for a discussion about the current problems wth publishing question categories.[[User:Tim Hunt|Tim Hunt]] 18:50, 8 August 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Programming Interface==&lt;br /&gt;
&lt;br /&gt;
Although the Roles system may look complicated at first glance, implementing it in Moodle code is fairly simple.&lt;br /&gt;
&lt;br /&gt;
* You need to define each capability once, so that Moodle can upgrade existing roles to take advantage of it.  You do this in an access.php inside the db folder of any module (eg see mod/forum/db/access.php).  The array contains entries like this (note the descriptions for the legacy roles which provides forward compatibility):&lt;br /&gt;
    &#039;mod/forum:viewforum&#039; =&amp;gt; array(&lt;br /&gt;
        &#039;captype&#039; =&amp;gt; &#039;read&#039;,&lt;br /&gt;
        &#039;contextlevel&#039; =&amp;gt; CONTEXT_MODULE,&lt;br /&gt;
        &#039;legacy&#039; =&amp;gt; array(&lt;br /&gt;
            &#039;guest&#039; =&amp;gt; CAP_PREVENT,&lt;br /&gt;
            &#039;student&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;teacher&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;editingteacher&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;coursecreator&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;admin&#039; =&amp;gt; CAP_ALLOW&lt;br /&gt;
        )&lt;br /&gt;
    ),&lt;br /&gt;
* To load/change these capabilities you need to bump the module version.   There&#039;s no need to provide changes or differences as Moodle will scan the whole array and sort it out.&lt;br /&gt;
* On each page you need to find the context the user is working in, using the get_context_instance() function.  For example, in the forum module:&lt;br /&gt;
&lt;br /&gt;
  $context = get_context_instance(CONTEXT_MODULE, $cm-&amp;gt;id);&lt;br /&gt;
* Then, whenever you want to check that the current user has rights to do something, call has_capability() like this:&lt;br /&gt;
    if (!has_capability(&#039;mod/forum:viewforum&#039;, $context)) {&lt;br /&gt;
        print_error(&#039;nopermissiontoviewforum&#039;);&lt;br /&gt;
    }&lt;br /&gt;
* If you just want to assert a capability and then finish with an error message if it&#039;s not met (as we did above), then a shorter way it to use require_capability() like this:&lt;br /&gt;
&lt;br /&gt;
    require_capability(&#039;mod/forum:viewforum&#039;, $context);&lt;br /&gt;
&lt;br /&gt;
* Note that there are extra parameters you can specify to get a custom error message, otherwise users get an automated &amp;quot;No permissions&amp;quot; message that lists the permission they were missing.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
As a result of the new Roles System, all calls to isadmin(), iscoursecreator, isteacheredit(), isteacher(), isstudent(), and isguest() will have to be replaced with calls to has_capability() or require_capability().   However, these functions will be retained for some backward compatibility with old code, using the legacy capabilities to try and work out what to do.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Metacourses==&lt;br /&gt;
&lt;br /&gt;
The behaviour of metacourses in Moodle 1.7 changed slightly, in that where it used to just synch students from child courses to the parent course, it will now synch ALL roles. Teachers etc of the child courses will have the same role in the meta course. Technically metacourse synchronises all role assignments in CONTEXT_COURSE with its child courses; the only exception are users with moodle/course:managemetacourse capability, these users are synchronized only upwards, they are not unenrolled from metacourse when unenroling from child course or when removing the child from metacourse.&lt;br /&gt;
&lt;br /&gt;
In order to import/enrol other courses into metacoure you need to have moodle/course:managemetacourse capability. You can add manually only participants with moodle/course:managemetacourse, all other participants are automatically synced with child courses - if you try to manually enrol user without this capability error is displayed. Similar error is shown also when you try to manually unenrol participant from meta course while still being enrolled in child course.&lt;br /&gt;
&lt;br /&gt;
Sample setup:&lt;br /&gt;
* metacourse manager has been assigned role with moodle/course:managemetacourse capability in system or course category context&lt;br /&gt;
* students are enrolled in several child courses&lt;br /&gt;
* teachers are enrolled in separate child course(s)&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Problem areas we are working on ==&lt;br /&gt;
&lt;br /&gt;
===Student view===&lt;br /&gt;
&lt;br /&gt;
The &amp;quot;Student view&amp;quot; button has been removed completely.&lt;br /&gt;
&lt;br /&gt;
If there is time and a secure way can be found, it will be replaced by a menu to let the user assume a temporary role in the context of that course.&lt;br /&gt;
&lt;br /&gt;
===Teacher forum===&lt;br /&gt;
&lt;br /&gt;
Teacher forums were always a curious exception to normal forums, as they were not part of a course as such, and were not backed up.&lt;br /&gt;
&lt;br /&gt;
We&#039;re taking the opportunity to rectify this.   The upgrade converts teacher forums with content to normal forums in section 0 of the course, and ensures that only teachers can access them.  If the teacher forum had not been used in the course then it&#039;s not converted and will just dissappear.&lt;br /&gt;
&lt;br /&gt;
===Enrolment plugins===&lt;br /&gt;
&lt;br /&gt;
====Process of logging in====&lt;br /&gt;
&lt;br /&gt;
# load_user_capability() is called to load all the capabilities&lt;br /&gt;
# check_enrolment_plugins() is called at the top of load_user_capability() to check all the enrolment plugins.&lt;br /&gt;
# For each active plugin:&lt;br /&gt;
##Check for setup_enrolments($user) and run it.  This function will do all the processing needed to assign or unassign roles from the current user.&lt;br /&gt;
# load_user_capability() continues and loads up all the roles&lt;br /&gt;
# load_defaultuser_role() is called to add default site permissions (all users)&lt;br /&gt;
&lt;br /&gt;
====Process of checking access to a course====&lt;br /&gt;
&lt;br /&gt;
require_login($course-&amp;gt;id) is called by the script and has logic like this:&lt;br /&gt;
&lt;br /&gt;
# Is the user a guest at site level?&lt;br /&gt;
## Yes: Does the course allow guests?&lt;br /&gt;
### Yes: return true (and further capabilities are checked by the script)&lt;br /&gt;
### No:  send the user to course/enrol.php for enrolment&lt;br /&gt;
## No: continue below&lt;br /&gt;
&lt;br /&gt;
# Does the user have moodle/course:view in that (course) context?&lt;br /&gt;
## Yes: then they can enter (and further capabilities are checked by the script)&lt;br /&gt;
##  No: is guest access allowed on the course?&lt;br /&gt;
### Yes: assign temporary guest role to that user for that context (in session cache).&lt;br /&gt;
### No: send the user to course/enrol.php for enrolment.&lt;br /&gt;
&lt;br /&gt;
====Process of enrolling====&lt;br /&gt;
&lt;br /&gt;
(more soon)&lt;br /&gt;
&lt;br /&gt;
==Scenario brainstorming==&lt;br /&gt;
&lt;br /&gt;
This section is for brainstorming some example roles that we would like to support.  Note some of these *may* not be possible in 1.7.&lt;br /&gt;
&lt;br /&gt;
===Student===&lt;br /&gt;
Obviously.&lt;br /&gt;
&lt;br /&gt;
===Site Designers===&lt;br /&gt;
Is there a role for people involved in how the site looks but not full administrators? Thinking here of online control of themes rather than FTP theme uploading. But in either case they caneditlogos, caneditcss, candeditlevelatwhichthemeapplies.&lt;br /&gt;
&lt;br /&gt;
===Educational Authority Adviser===&lt;br /&gt;
Someone who would want to browse the site and may be asked to comment or contribute to particular discussions or developments in school. Access for this role would be controlled by the school in the case of school level moodles but may be different if there were to be a Local Authority wide Moodle.&lt;br /&gt;
&lt;br /&gt;
===Educational Inspector===&lt;br /&gt;
Someone who will visit the site to verify the school&#039;s self review that comments on home school relationships, extending the classroom etc. They may want to see summaries of usage and reports from surveys garnering parent and pupil views.&lt;br /&gt;
&lt;br /&gt;
===Second Marker / Moderator===&lt;br /&gt;
A teacher within ths site that has access to assignments and quizzes from another teacher&#039;s course for second marking purposes. This may need additional functionality adding to the assignment module so that two sets of grades/feedback can be given to one set of assignments.&lt;br /&gt;
&lt;br /&gt;
===Peer observer of teaching===&lt;br /&gt;
Many institutions encourage peer observation of teaching, to encourage reflection on practice. In online environments this will be similar to moderation or inspection. The peer observer would need to be able to experience the course &amp;quot;as a student&amp;quot;, but also to be able to view summaries of usage, transcripts of interactions (forums/surveys/polls etc), grades assigned (e.g. in assignments).&lt;br /&gt;
&lt;br /&gt;
===External Examiner===&lt;br /&gt;
Has all the rights of inspectors, but would also need to be able to review assignments and feedback, view forums, glossaries etc. However, would not want to post, feedback onto the site at all.&lt;br /&gt;
&lt;br /&gt;
===Parent===&lt;br /&gt;
A parent will have one or more children in one or more institutions which could be using one or more moodle instances or a mixture of Learning Platforms. A parent&#039;s role will vary depending on the age of their children and whether they are contributing as a parent or a school supporter.&lt;br /&gt;
&lt;br /&gt;
In Early Years (EY=3+4 yr olds) and Key Stage 1 (KS1=5+6 yr olds) they may play/learn on an activity or write for the child. Parents often interpret homework tasks and read to their children perhaps filling in a joint reading diary. In Key Stage 2 (KS2=7-11 yr olds) parents would be more monitoring but may join in as well.&lt;br /&gt;
&lt;br /&gt;
In Key stages 3 (KS3=12-14 yr olds) and 4 (KS4=15+16 yr olds) this changes to more of a monitoring/awareness role where a parent would expect to have a summary report of attendance, attainment and general achievement on a weekly/monthly/termly or annual basis. Parents will often be asked to sign and write back comments about this review report.&lt;br /&gt;
&lt;br /&gt;
In all Key Stages there is a great need for parents to receive communication from the school which they can confirm they have received by signing a form. In some cases this may also involve making choices from a list. It may also involve payment for a trip or disco being returned so there could be the possibility of electronic payments. Also in all Key Satges there may be a home-school agreement which may be signed up to. Could this form part of a site policy system that incorporates a tickable list of activities the parent agrees to the child using (blogs/wikis/forums etc.)?&lt;br /&gt;
&lt;br /&gt;
Parent&#039;s evenings often involve complex booking systems that attempt to get parent&#039;s and teachers together. Easy for EY/KS1/KS2 very difficult for KS3/KS4. Wow would this help if it was built into the Learning Platform.&lt;br /&gt;
&lt;br /&gt;
In some cases there needs to be confidential communication between the parent and the teacher without the child being party to this. It may involve teaching and learning but could also involve a behaviour or medical issue. Often this may be done via a sealed letter or face to face. &lt;br /&gt;
&lt;br /&gt;
The latest incarnation of OfSTED with the Self Review Framework (SEF) there is a greater emphasis on schools gathering parent voice via surveys and discussion. There is a clear match here with parents have access to parental votes, questionnaires and discussions and for schools to be able to publish news, results and reports back to parents.&lt;br /&gt;
&lt;br /&gt;
In the UK the LP framework and agenda as being pushed by the DfES via Becta emphasises that within the mandatory groups and roles functionality the parent role is likely to be required to meet the LP Framework procurement standard.&lt;br /&gt;
&lt;br /&gt;
Again in the UK, parents have their own independent right of access to a child&#039;s educational records. Obviously, children&#039;s records must not be made available to other parties, including the parents of other children in the same class. Thus it would be necessary to associate parent accounts with their own child&#039;s accounts in such a way that they could, if so desired, have read access to their child&#039;s grades, answers and contributions, but generally not those of other children - this may be problematic in the case of wiki activities or forum posts.&lt;br /&gt;
&lt;br /&gt;
There is some concern that children&#039;s forum contributions etc may be constrained if their parents are able to read all that they write; this may be particularly problematic in areas such as Personal, Social and Health Education (PSHE), where some schools may choose to use obfuscated usernames.&lt;br /&gt;
&lt;br /&gt;
===Manager===&lt;br /&gt;
&#039;&#039;Please add text here...&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Weekly Seminar Leader===&lt;br /&gt;
&#039;&#039;In a university seminar, typically 8-15 students in their 3rd/4th year, each student is responsible for leading one topic in a study series.  I ask each student to research 5-10 resources, then give a powerpoint presentation to the other students.  This is followed by an in-class discussion and then online homework.  The homework involves some fun quiz questions and then some reflective journal questions.  I ask each seminar leader to prepare the quiz questions and journal questions as well as their presentation.  To do that, I would like to assign activity-making/authoring roles to the student--either for a short period, or for duration of the whole course.  Thus &amp;quot;Allow Quiz Authoring Role&amp;quot; or &amp;quot;Allow Assignment Authoring Role&amp;quot; at the course level or, if possible, even the Topic level (in a topic or week format course) would be important.&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Mentor/Mentee===&lt;br /&gt;
&#039;&#039;Please add text here...&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Community-Designed Rating Criteria===&lt;br /&gt;
&#039;&#039;The gradebook tends to be the domain of the teacher.  What if community/peer ratings/marks could also be entered there? What if peer assessment criteria could be designed by the students, not just the teacher?&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Visitor===&lt;br /&gt;
&lt;br /&gt;
This would be a role whereby one could allow a visitor to visit one&#039;s classroom. This might be a colleague interested in seeing your course, or a journalist who might be writing an article about one&#039;s site. They should not be able to see the names of any students anywhere (eg recent activity, forum posts) for privacy reasons. They should be able to try out things like quizzes, and lessons but no grades would be recorded (like in teacher preview mode). They would not be able to participate in choices and forums but could view them. It would be read only in a way like former-student role below but without access to a particular student&#039;s records that former student role would grant.&lt;br /&gt;
&lt;br /&gt;
===Guest Speaker===&lt;br /&gt;
&lt;br /&gt;
This role would be similar to the Visitor role above, but would allow seeing student names, and also allow both reading and posting to a specific forum or forums. We often have &amp;quot;guest speakers&amp;quot; who read and respond to student forum posts. Right now we have to add them as students, which isn&#039;t ideal.&lt;br /&gt;
&lt;br /&gt;
===Former Student===&lt;br /&gt;
This role would be of particular use for courses with rolling enrollments. This role would be one where a student had completed all of the requirements of a course (ie assignments, quizzes etc.) but wished to have continued access to the course material for review or consultation. The key factor is that one would give access to the completed student to the notes he read, his work and the teacher&#039;s comments on it, but he would not be allowed to do anything that would take up the teacher&#039;s time. In other words, a sort-of read-only access to the course. How forums, which might contain pertinent information and would continue to grow, would be handled is a question. Perhaps the student would be shown only what was in the forums at the time he completed the course. He would not be allowed to see any new posts or add any himself. Same thing for database and glossary entries. In other words, a snapshot of the course at the time his regular enrollment ended. He shouldn&#039;t be able to see the names or profiles of any newly enrolled students for privacy reasons-hence the restrictions on forum access. One issue that would have to be dealt with would be changes to existing modules-such as resources. Does the student get access to the module as it was or as it is? We have no versioning of resources in Moodle so this would be a problem. What about a teacher changing a quiz question so that the answer is different? What would a former student see?&lt;br /&gt;
&lt;br /&gt;
===Alumnus=== An ALUMNUS should be able to search for all other ALUMNI of the school, interact with them and be enrolled in a seperate course - which is like a META course with all the content of his learning and interaction - as well as capabilities to be a part of this ALUMNI only course.  All the teachers of courses during school years should automatically be a part of the ALUMNI course .. which means when an ALUMNUS is enrolled in a course, the original teachers of all his courses get enrolled ?  --[[User:Anil Sharma|Anil Sharma]] 20:54, 15 July 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Librarian===&lt;br /&gt;
&lt;br /&gt;
Reference Librarians have an active role in most of the courses taught at some schools such as Earlham College (with Bibliographic Instruction). The Librarian role within Moodle could encompass default read access to all courses (unless prohibited by course teacher) and read access to all components of the course unless access is barred (again by teacher). The Librarians would also perhaps have a block called perhaps Reference Services or Reference Desk with write access where they could deposit resources. Also this block might have a chat applet whereby enrolled students could chat to the Reference Librarian on duty about their bibliographic research needs.&lt;br /&gt;
&lt;br /&gt;
In schools there is often a book review system. This may be covered by the lending system database but may not in which case a librarian may neeed to have a course area they can create a database template to handle the reviews in which case they may have a normal teacher style role? Off topic but course an integration with common schools database systems would be great.&lt;br /&gt;
&lt;br /&gt;
===Teacher===&lt;br /&gt;
&lt;br /&gt;
Teachers should have read access to other Teacher&#039;s courses unless explictly prohibited. They should be able to set parts of their own course to be totally private (perhaps even to admin?). Just as each activity can currently be set to have group access, each activity could have a permissions field. Teachers could set default permissions for all activities on their course (eg they might disallow Librarian access for example) and then change the access permission for an individual activity. &lt;br /&gt;
&lt;br /&gt;
I think that what is needed is a simple heirarchy of permissions and levels of granularity.&lt;br /&gt;
&lt;br /&gt;
I would take issue with &amp;quot;teachers should have read access to other teacher&#039;s courses unless explicitly prohibited.&amp;quot; This is a violation of the students&#039; privacy as how they perform and what they do in one class isn&#039;t the business of another teacher. Moreover, in the real world a teacher wouldn&#039;t suddenly go sit in on a colleague&#039;s class without asking permission first. I would not have appreciated such an invasion of privacy as either a teacher or a student. It could be an option, but shouldn&#039;t be default.--[[User:N Hansen|N Hansen]] 19:54, 12 June 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Community Education Tutors/Trainers===&lt;br /&gt;
Teachers may be community adult education trainers making use of a school moodle so must only have access to their courses unless given access elsewhere. They would not necessarily get the default teacher privileges.&lt;br /&gt;
&lt;br /&gt;
===Secretary/Student Worker===&lt;br /&gt;
&lt;br /&gt;
We often have faculty who want their departmental secretary or student worker to scan and upload files and perhaps create resources. Currently they have to be given teacher access to the course. This is dangerous from a FERPA standpoint since they could easily get access to grades.&lt;br /&gt;
&lt;br /&gt;
===Teaching Assistant===&lt;br /&gt;
&lt;br /&gt;
Our Faculty frequently have undergraduate students acting as Teaching Assistants. These students need to be able to add resources, create assignments, and possibly grade assignments. However, due to FERPA they cannot have access to other students&#039; overall grade information. I think the requirements here are slightly different than those of Secretary/Student Worker&lt;br /&gt;
&lt;br /&gt;
===Student - FERPA rights===&lt;br /&gt;
&lt;br /&gt;
A student that has asserted their FERPA rights to non-disclosure.  Typically includes not publishing their name&lt;br /&gt;
in any public place.  Could include this student only being seen with an &amp;quot;alias&amp;quot; within course spaces.  Is this an attribute rather&lt;br /&gt;
than a role?&lt;br /&gt;
&lt;br /&gt;
===Help Desk===&lt;br /&gt;
&lt;br /&gt;
Help desk agents that have read access for the purposes of trouble shooting.  Some care in placing this role within a hierarchy&lt;br /&gt;
of inheritance is needed, full access will be problematic with FERPA.&lt;br /&gt;
&lt;br /&gt;
===Admin - Catgory based===&lt;br /&gt;
&lt;br /&gt;
Basically a person in between full Admin and Creator that has the permissions of an Admin but only with respect to courses and students. Currently a Creator has permissions site-wide which does not always meet the requirements of a given organisation (e.g. Department A may not be happy that a person from Department B can create/modify courses within Department A&#039;s area). The ability to designate a Creator within a specific category would allow areas to be set up for a faculty/department/organisation and allow the Admin for that area to create/delete courses, upload users, add site-wide entries to the calendar etc.&lt;br /&gt;
&lt;br /&gt;
===Process Roles===&lt;br /&gt;
&lt;br /&gt;
organising the learning process for a group you wish to have the choice to place students in differnt roles: examples of this are:&lt;br /&gt;
* Give a student the role of forum-moderator with edit and chunk-rights&lt;br /&gt;
* Give students different roles &amp;amp; rights in a Webquest design (and change these roles next week&lt;br /&gt;
* Give students different resources, depending of their roles in a rolegame/simulation&lt;br /&gt;
* Give a student the rights to create the section content of next week (and only that week..)&lt;br /&gt;
&lt;br /&gt;
==Things to finish for 1.7 Beta==&lt;br /&gt;
&#039;&#039;&#039;18 Sept 2006&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
#Remove core references to user_student, user_teacher, user_admin, user_coursecreator tables.  [Yu]&lt;br /&gt;
#Address function: isteacher, isadmin, isstudent [Yu]&lt;br /&gt;
#Remove &amp;quot;view&amp;quot; capabilities from all modules unless required [Vy]&lt;br /&gt;
#Remove all old references from remaining Blocks [Vy]&lt;br /&gt;
#Metacourses [Skodak]&lt;br /&gt;
#Add risks to GUI[Skodak]&lt;br /&gt;
#Enrolment plugins  [Martin and Alastair]&lt;br /&gt;
#[[Stats_roles_1.7|Statistics]] [Penny]&lt;br /&gt;
#Fix Loginas&lt;br /&gt;
#Add category-level assigns [Yu]&lt;br /&gt;
#[[Backup_roles_1.7|Backups]] [Eloy?]&lt;br /&gt;
&lt;br /&gt;
===Proposal for interface enhancement===&lt;br /&gt;
Martin asked some questions, here are my answers. The sketches below are not worked out proposals. Their task is to visualize the idea. The exact colours and functionality may be defined after possible agreement about the proposals. The Green, orange and red columns support the meaning of the options from &amp;quot;allow&amp;quot; to &amp;quot;prohibit&amp;quot; (If you may want to see larger images please click onto the image or the &amp;quot;Enlarge&amp;quot; icon below the image.)&lt;br /&gt;
&lt;br /&gt;
The list of possible settings is very long and &#039;&#039; &amp;quot;... the problem is not to overwhelm people with information&amp;quot; &#039;&#039;. &lt;br /&gt;
&lt;br /&gt;
[[Image:01_moodle_define_roles_structured.png|thumb=01_moodle_define_roles_structured_pre.png]]&lt;br /&gt;
&lt;br /&gt;
1) One proposal is to use colour to structure the sections and the columns. Picture 1 shows that the user can keep a much better overview when the list is divided into meaningful different coloured columns and clear sections.&lt;br /&gt;
&amp;lt;br style=&amp;quot;clear:both;&amp;quot; /&amp;gt;&lt;br /&gt;
&lt;br /&gt;
[[Image:02_moodle_define_roles_collapsed.png|thumb=02_moodle_define_roles_collapsed_pre.png]]&lt;br /&gt;
&lt;br /&gt;
2) A second proposal is to reduce the amount of information the user is shown at the same time. The YUI interface library offers great support to show/hide sections of the page by clicking on specific elements. &lt;br /&gt;
&lt;br /&gt;
For example click on an icon beside the sub heading &amp;quot;Course categories&amp;quot; and show/hide all table rows with the CLASS &amp;quot;course-category&amp;quot;.&lt;br /&gt;
&amp;lt;br style=&amp;quot;clear:both;&amp;quot; /&amp;gt;&lt;br /&gt;
&lt;br /&gt;
[[Image:03_moodle_define_roles_tooltip.png|thumb=03_moodle_define_roles_tooltip_pre.png]]&lt;br /&gt;
&lt;br /&gt;
3) &#039;&#039; &amp;quot;The main problem is the last column for risk ... we were thinking of putting little icons in there ...&amp;quot; &#039;&#039;&lt;br /&gt;
Icons are good when they tell the user more about possible actions/meanings then the letters. I am not sure if this is the case here. For both - icons or letters - the YUI tool-tip function would be able to give the user valuable information about the meaning.&lt;br /&gt;
&amp;lt;br style=&amp;quot;clear:both;&amp;quot; /&amp;gt;&lt;br /&gt;
&lt;br /&gt;
==See also==&lt;br /&gt;
&lt;br /&gt;
*Using Moodle [http://moodle.org/mod/forum/discuss.php?d=38788 Roles and Permissions architecture] forum discussion&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[Category:Future]]&lt;br /&gt;
[[Category:Roles]]&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Roles&amp;diff=3130</id>
		<title>Roles</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Roles&amp;diff=3130"/>
		<updated>2006-09-20T03:29:15Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* Core-level Capabilities */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&#039;&#039;&#039;Roles and permissions&#039;&#039;&#039; will be in Moodle 1.7 and are available in the developer version of Moodle.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Definitions==&lt;br /&gt;
&lt;br /&gt;
A role is an identifier of the user&#039;s status in some context, for example, teacher, student and forum moderator are examples of roles.&lt;br /&gt;
&lt;br /&gt;
A capability is a description of some particular Moodle feature. Capabilities are associated with roles. For example, &#039;&#039;mod/forum:replypost&#039;&#039; is a capability.&lt;br /&gt;
&lt;br /&gt;
A permission is some value that is assigned for a capability for a particular role.  For example, allow or prevent.&lt;br /&gt;
&lt;br /&gt;
A context is a &amp;quot;space&amp;quot; in the Moodle, such as courses, activity modules, blocks etc.&lt;br /&gt;
&lt;br /&gt;
==The existing system==&lt;br /&gt;
&lt;br /&gt;
Currently in Moodle, we have a fixed set of roles i.e. primary admin, admins, course creators, editing teachers, non-editing teachers, students, and guests. For each role, the capability or actions that they can perform are fixed. For example, the role student allows the user to submit an assignment, but doesn&#039;t allow the user to browse/edit other users&#039; work. By using this setup we limit ourselves to a rather rigid set of capabilities for each role. If we want, say a particular student or group to be able to mark assignments in a particular course, we can&#039;t do that without giving these users teacher privileges.&lt;br /&gt;
&lt;br /&gt;
==The new roles and capability system==&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{{Moodle 1.7}}The new system will allow authorized users to define an arbitrary number of roles (eg a teacher) &lt;br /&gt;
&lt;br /&gt;
A role consists of a list of permissions for different possible actions within Moodle (eg delete discussions, add activities etc)&lt;br /&gt;
&lt;br /&gt;
Roles can be applied to users in a context (eg assign Fred as a teacher in a particular course)&lt;br /&gt;
&lt;br /&gt;
Here are the possible contexts, listed from the most general to the most specific. &lt;br /&gt;
&lt;br /&gt;
#CONTEXT_SYSTEM       -- the whole site&lt;br /&gt;
#CONTEXT_PERSONAL     -- yourself&lt;br /&gt;
#CONTEXT_USER         -- another user&lt;br /&gt;
#CONTEXT_COURSECAT    -- a course category&lt;br /&gt;
#CONTEXT_COURSE       -- a course&lt;br /&gt;
#CONTEXT_GROUP        -- a group&lt;br /&gt;
#CONTEXT_MODULE       -- an activity module&lt;br /&gt;
#CONTEXT_BLOCK        -- a block&lt;br /&gt;
&lt;br /&gt;
An authorized user will be able to assign an arbitrary number of roles to each user in any context.&lt;br /&gt;
&lt;br /&gt;
Capabilities can have the following permissions:&lt;br /&gt;
&lt;br /&gt;
#CAP_INHERIT&lt;br /&gt;
#CAP_ALLOW&lt;br /&gt;
#CAP_PREVENT&lt;br /&gt;
#CAP_PROHIBIT&lt;br /&gt;
&lt;br /&gt;
If no permission is defined, then the capability permission is inherited from a context that is more general than the current context. If we define different permission values for the same capability in different contexts, we say that we are overriding the capability in the more specific context.&lt;br /&gt;
&lt;br /&gt;
Since the capabilities in each role could be different, there could be conflict in capabilities. This is resolved by enforcing the rule that the capability defined for a more specific context will win, unless a prohibit is encountered in a less specific context.&lt;br /&gt;
&lt;br /&gt;
For example, Mark has a student role at course level, which allows him to write into a wiki. But Mark also got assigned a Visitor role at a module context level (for a particular wiki) which prevents him from writing to the wiki (read only). Therefore, for this particular wiki, Mark will not be able to write to the wiki since the more specific context wins.&lt;br /&gt;
&lt;br /&gt;
If we set a PROHIBIT on a capability, it means that the capability cannot be overridden and will ALWAYS  have a permission of prevent (deny). Prohibit always wins.   For example, Jeff has a naughty student role that prohibits him from postings in any forums (for the whole site), but he&#039;s also assigned a facilitator role in &amp;quot;Science forum&amp;quot; in the course Science and Math 101. Since prohibit always wins, Jeff is unable to post in &amp;quot;Science forum&amp;quot;.&lt;br /&gt;
&lt;br /&gt;
Allow and prevent will cancel each other out if set for the same capability at the same context level. If this happens, we refer to the previous context level to determine the permission for the capability.&lt;br /&gt;
&lt;br /&gt;
This may sound more complex than it really is in practice.  The upshot is that the system can be flexible enough to allow pretty much any combination of permissions.&lt;br /&gt;
&lt;br /&gt;
==Upgrading from 1.6==&lt;br /&gt;
&lt;br /&gt;
A smooth upgrade will be provided with 1.7. The existing roles (admin, teacher, student, etc), and the existing capabilities will be automatically retained.  This is done by creating default roles at site/course levels, and assigning the current users to these roles accordingly. The default roles will have default capabilities associated with them, mirroring what we have  in 1.6.   With no modifications, Moodle will operate exactly the same before and after the upgrade.&lt;br /&gt;
&lt;br /&gt;
===Teachers===&lt;br /&gt;
&lt;br /&gt;
Users who were teachers will be assigned the default legacy teacher role (or non-editing teacher role) in all courses they were teacher.&lt;br /&gt;
&lt;br /&gt;
===Students===&lt;br /&gt;
&lt;br /&gt;
Users who were students will be assigned the default student role in all courses they were student.&lt;br /&gt;
&lt;br /&gt;
===Guests===&lt;br /&gt;
&lt;br /&gt;
There will still be a single guest user with no default role at site level.   For each course that allows guest access, the guest role will be assigned to the guest user for that course context.   The guest control for the course will be modified from three to two options (guests always need to enter enrolment key - on/off).  This setting is checked as now to force guests to enter key.&lt;br /&gt;
&lt;br /&gt;
==Capabilities==&lt;br /&gt;
&lt;br /&gt;
This will be a comprehensive list of capabilities (it&#039;s not complete yet). It is important that capability names are unique.&lt;br /&gt;
&lt;br /&gt;
===Core-level Capabilities===&lt;br /&gt;
&lt;br /&gt;
Moodle core capability names start with &#039;moodle/&#039;.  The next word indicates what type of core capability it is, and the last word is the actual capability itself.  The capabilities for the Moodle core are defined in lib/db/access.php&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
#moodle/legacy:guest - legacy capabilities are used to transition existing users to the new roles system during the upgrade to Moodle 1.7&lt;br /&gt;
#moodle/legacy:student&lt;br /&gt;
#moodle/legacy:teacher&lt;br /&gt;
#moodle/legacy:editingteacher&lt;br /&gt;
#moodle/legacy:coursecreator&lt;br /&gt;
#moodle/legacy:admin&lt;br /&gt;
#moodle/site:doanything - special capability, meant for admins, if is set, overrides all other capability settings&lt;br /&gt;
#moodle/site:config - applicable in admin/index.php and config.php (might break down later) : 1)admin/config.php 2)admin/configure.php 3)blocks/admin/block_admin.php load_content_for_site()&lt;br /&gt;
#moodle/site:readallmessages - reads all messages and history&lt;br /&gt;
#moodle/site:approvecourse - approves a pending course&lt;br /&gt;
#moodle/site:manageblocks - adding/removing/editing blocks (site, course contexts only for now) : 1)_add_edit_controls moodleblock.class.php &lt;br /&gt;
#moodle/site:backup - can create a course backup : 1)course/category.php 2)block_admin.php&lt;br /&gt;
#moodle/site:restore - can restore into this context : 1)course/category.php 2)block_admin.php&lt;br /&gt;
#moodle/site:import - can import other courses into this context : 1)block_admin.php&lt;br /&gt;
#moodle/site:accessallgroups - able to access all groups irrespective of what group the user is in&lt;br /&gt;
#moodle/site:accessdb - directly accessing db (phpmyadmin)&lt;br /&gt;
#moodle/site:viewfullnames - able to see fullnames of other users&lt;br /&gt;
#moodle/site:viewparticipants - able to view participants&lt;br /&gt;
#moodle/site:viewreports - able to view site/course reports&lt;br /&gt;
#moodle/site:trustcontent - ability to use trusttext feature and bypass cleaning in specific areas&lt;br /&gt;
#moodle/blog:view - read blogs&lt;br /&gt;
#moodle/blog:create - write new blog posts&lt;br /&gt;
#moodle/blog:manageofficialtags - create/delete official blog tags that others can use&lt;br /&gt;
#moodle/blog:managepersonaltags - create/delete official blog tags that others can use&lt;br /&gt;
#moodle/blog:manageentries - edit/delete all blog entries&lt;br /&gt;
#moodle/course:setcurrentsection - mark course section&lt;br /&gt;
#moodle/course:create - create courses : 1)course/edit.php 2)course/category.php 3)course/index.php&lt;br /&gt;
#moodle/course:delete - create courses : 1)course/category.php&lt;br /&gt;
#moodle/course:update - update course settings&lt;br /&gt;
#moodle/course:view - can use this to find participants&lt;br /&gt;
#moodle/course:viewparticipants - allows a user to view participant list&lt;br /&gt;
#moodle/course:viewscales - view scales (i.e. in a help window?) : 1)course/scales.php&lt;br /&gt;
#moodle/course:manageactivities - adding/removing/editing activities and resources (don&#039;t think it makes any sense to split these)&lt;br /&gt;
#moodle/course:managescales - add, delete, edit scales, move scales up and down : 1)blocks/block_admin.php 2)course/scales.php&lt;br /&gt;
#moodle/course:managegroups - managing groups, add, edit, delete : 1)course/groups.php 2)course/group.php&lt;br /&gt;
#moodle/course:managefiles - manage course files and folders&lt;br /&gt;
#moodle/course:managequestions - manage course questions&lt;br /&gt;
#moodle/course:managemetacourse - manage child courses in metacourse&lt;br /&gt;
#moodle/course:reset - able to reset the course&lt;br /&gt;
#moodle/course:useremail - Can use the enable/disable email stuff&lt;br /&gt;
#moodle/course:visibility - hide/show courses : 1)course/category.php&lt;br /&gt;
#moodle/course:viewhiddencourses - see hidden courses&lt;br /&gt;
#moodle/course:activityvisibility - hide/show activities within a course&lt;br /&gt;
#moodle/course:viewhiddenactivities - able to see activities that have been hidden&lt;br /&gt;
#moodle/course:sectionvisibility - hide/show sections&lt;br /&gt;
#moodle/course:viewhiddensections - view hidden sections&lt;br /&gt;
#moodle/course:viewcoursegrades - views all grades in course&lt;br /&gt;
#moodle/course:viewhiddenuserfields - view all hidden user fields&lt;br /&gt;
#moodle/course:managegrades - manages grades settings in course&lt;br /&gt;
#moodle/category:create - create category : 1)course/index.php&lt;br /&gt;
#moodle/category:delete - delete category : 1)course/index.php&lt;br /&gt;
#moodle/category:update - update category settings (sort and rename) this is currently an admin capability : 1)course/category.php&lt;br /&gt;
#moodle/category:visibility - hide/show categories : 1)course/index.php&lt;br /&gt;
#moodle/user:viewusergrades - view your own, or other user&#039;s grades (with specified context)&lt;br /&gt;
#moodle/user:create - create user : 1) user/edit.php&lt;br /&gt;
#moodle/user:delete - delete user : 1) admin/user.php&lt;br /&gt;
#moodle/user:update - update user settings : 1) user/edit.php&lt;br /&gt;
#moodle/user:viewdetails - view personally-identifying user details (e.g. name, photo).&lt;br /&gt;
#moodle/user:viewhiddendetails - view user details marked as &amp;quot;hidden&amp;quot;&lt;br /&gt;
#moodle/calendar:manageownentries - create/edit/delete &lt;br /&gt;
#moodle/calendar:manageentries - create/edit/delete&lt;br /&gt;
#moodle/role:assign - assign roles to users&lt;br /&gt;
#moodle/role:override - can override role capabilities (depending on context)&lt;br /&gt;
#moodle/role:manage - create/edit/delete roles, set capability permissions for each role&lt;br /&gt;
#moodle/role:unassignself - unassign yourself from your own roles&lt;br /&gt;
#moodle/role:viewhiddenassigns - view role assignments that have been marked as hidden&lt;br /&gt;
#moodle/question:import - imports questions (course level?) - Yes, question permissions currently need to be course-level.--[[User:Tim Hunt|Tim Hunt]]&lt;br /&gt;
#moodle/question:export - exports questions (course level?)&lt;br /&gt;
#moodle/question:managecateory - add/delete/edit question categories (course level?)&lt;br /&gt;
#moodle/question:manage - add/edit/delete a question (course level)&lt;br /&gt;
&lt;br /&gt;
===User-level Capabilities===&lt;br /&gt;
# moodle/user:readuserposts -read individual user posts on profile page (parent?)&lt;br /&gt;
# moodle/user:readuserblogs -read individual user blogs on profile page (parent?)&lt;br /&gt;
# moodle/user:viewuseractivitiesreport-read individual activity report on profile page (parent?)&lt;br /&gt;
# moodle/user:editprofile - edit profile (normally used in CONTEXT_USERID and CONTEXT_SYSTEM)&lt;br /&gt;
&lt;br /&gt;
===Module-level Capabilities===&lt;br /&gt;
The capabilities are cached into a database table when a module is installed or updated. Whenever the capability definitions are updated, the module version number should be bumped up so that the database table can be updated.&lt;br /&gt;
&lt;br /&gt;
The naming convention for capabilities that are specific to modules and blocks is &#039;mod/mod_name:capability&#039;.  The part before the colon is the full path to the module in the Moodle code.  The module capabilities are defined in mod/mod_name/db/access.php.&lt;br /&gt;
&lt;br /&gt;
#Assignment&lt;br /&gt;
##mod/assignment:view- reading the assignment description&lt;br /&gt;
##mod/assignment:submit - turn assignment in&lt;br /&gt;
##mod/assignment:grade - grading, viewing of list of submitted assignments&lt;br /&gt;
#Chat&lt;br /&gt;
##mod/chat:chat - allows a user to participate in this chat&lt;br /&gt;
##mod/chat:readlog - allows a user to read past chat session logs&lt;br /&gt;
##mod/chat:deletelog - allows a user to delete past chat logs&lt;br /&gt;
#Choice&lt;br /&gt;
##mod/choice:choose - make a choice&lt;br /&gt;
##mod/choice:readresponses - read all responses&lt;br /&gt;
##mod/choice:deleteresponses - deletes all responses&lt;br /&gt;
##mod/choice:downloadresponses - download responses&lt;br /&gt;
#Database&lt;br /&gt;
##mod/data:viewentry - reads other people&#039;s entry&lt;br /&gt;
##mod/data:viewentriesfromallgroups&lt;br /&gt;
##mod/data:writeentry - add / edit and delete (own) entries&lt;br /&gt;
##mod/data:managetemplates - add, delete, edit fields and templates&lt;br /&gt;
##mod/data:manageentries - edit/delete all entries&lt;br /&gt;
##mod/data:comment - comment&lt;br /&gt;
##mod/data:managecomments - edit/delete all comments&lt;br /&gt;
##mod/data:rate - rate an entry&lt;br /&gt;
##mod/data:viewrating&lt;br /&gt;
##mod/data:approve - approves an entry&lt;br /&gt;
##mod/data:uploadentries - batch upload of entries&lt;br /&gt;
#Exercise&lt;br /&gt;
##mod/exercise:assess&lt;br /&gt;
#Forum&lt;br /&gt;
##mod/forum:viewforum&lt;br /&gt;
##mod/forum:viewdiscussion&lt;br /&gt;
##mod/forum:viewdiscussionsfromallgroups&lt;br /&gt;
##mod/forum:viewhiddentimedposts&lt;br /&gt;
##mod/forum:startdiscussion&lt;br /&gt;
##mod/forum:replypost&lt;br /&gt;
##mod/forum:viewrating&lt;br /&gt;
##mod/forum:viewanyrating&lt;br /&gt;
##mod/forum:rate&lt;br /&gt;
##mod/forum:createattachment&lt;br /&gt;
##mod/forum:deleteownpost&lt;br /&gt;
##mod/forum:deleteanypost&lt;br /&gt;
##mod/forum:splitdiscussions&lt;br /&gt;
##mod/forum:movediscussions&lt;br /&gt;
##mod/forum:editanypost&lt;br /&gt;
##mod/forum:viewqandawithoutposting&lt;br /&gt;
##mod/forum:viewsubscribers&lt;br /&gt;
##mod/forum:managesubscriptions&lt;br /&gt;
##mod/forum:throttlingapplies&lt;br /&gt;
#Glossary&lt;br /&gt;
##mod/glossary:view - read entries&lt;br /&gt;
##mod/glossary:write - add entries&lt;br /&gt;
##mod/glossary:manageentries - add, edit, delete entries&lt;br /&gt;
##mod/glossary:managecategories - create, delete, edit categories&lt;br /&gt;
##mod/glossary:comment - comment on an entry&lt;br /&gt;
##mod/glossary:managecomments - edit, delete comments&lt;br /&gt;
##mod/glossary:import - import glossaries&lt;br /&gt;
##mod/glossary:export - export glossaries&lt;br /&gt;
##mod/glossary:approve - approve glossaries&lt;br /&gt;
##mod/glossary:rate - rates glossary&lt;br /&gt;
##mod/glossary:viewrating - view ratings&lt;br /&gt;
#Hotpot&lt;br /&gt;
##mod/hotpot:attempt - attempt a hotpot&lt;br /&gt;
##mod/hotpot:viewreport - review and view reports&lt;br /&gt;
##mod/hotpot:grade - (grade? and) regrade&lt;br /&gt;
##mod/hotpot:deleteattempt - deletes attempts&lt;br /&gt;
#Label&lt;br /&gt;
##none&lt;br /&gt;
#Lams&lt;br /&gt;
##mod/lams:participate - original student&lt;br /&gt;
##mod/lams:manage - original teacher&lt;br /&gt;
#Lesson&lt;br /&gt;
##mod/lesson:view&lt;br /&gt;
##mod/lesson:edit - add and edit pages&lt;br /&gt;
##mod/lesson:manage - view student attempts&lt;br /&gt;
#Quiz&lt;br /&gt;
##mod/quiz:grade - comment, override grade, manual grade&lt;br /&gt;
##mod/quiz:preview - previews the quiz&lt;br /&gt;
##mod/quiz:viewreports - view quiz result reports&lt;br /&gt;
##mod/quiz:manage - add/delete/move (up or down) questions for a quiz&lt;br /&gt;
##mod/quiz:attempt - attempt the quiz--[[User:Tim Hunt|Tim Hunt]]&lt;br /&gt;
#Resource&lt;br /&gt;
##mod/resource:view&lt;br /&gt;
#Scorm&lt;br /&gt;
##mod/scorm:view&lt;br /&gt;
##mod/scorm:viewgrades&lt;br /&gt;
#Survey&lt;br /&gt;
##mod/survey:download - downloads survery result&lt;br /&gt;
##mod/survey:participate - participate/ do survey&lt;br /&gt;
##mod/survey:readresponses - read all user&#039;s responese&lt;br /&gt;
#Wiki&lt;br /&gt;
##mod/wiki:view - basic capability needed to view wiki content&lt;br /&gt;
##mod/wiki:participate - original student, meaning depends of type and course setting&lt;br /&gt;
##mod/wiki:manage - original teacher, manages assigned group; moodle/site:accessallgroups is needed to manage all groups &lt;br /&gt;
##(Waiting on new wiki)&lt;br /&gt;
#Workshop&lt;br /&gt;
##mod/workshop:view - basic capability needed to enter workshop&lt;br /&gt;
##mod/workshop:participate - original student, allows user to submit and assess&lt;br /&gt;
##mod/workshop:manage - original teacher, user can manage others&lt;br /&gt;
##(Waiting on new Workshop)&lt;br /&gt;
&lt;br /&gt;
===Enrolment-level Capabilities===&lt;br /&gt;
&lt;br /&gt;
The naming convention for capabilities that are specific to enrolment is &#039;enrol/enrol_name:capability&#039;. The enrolment capabilities are defined in enrol/enrol_name/db/access.php.&lt;br /&gt;
&lt;br /&gt;
#Authorize.net Payment Gateway &lt;br /&gt;
##enrol/authorize:managepayments - manage user payments, capture, void, refund, delete etc.&lt;br /&gt;
&lt;br /&gt;
===Blocks===&lt;br /&gt;
#activity_modules&lt;br /&gt;
##None&lt;br /&gt;
#admin&lt;br /&gt;
#admin_2&lt;br /&gt;
#admin_bookmarks&lt;br /&gt;
#blog_menu&lt;br /&gt;
#blog_tags&lt;br /&gt;
#calendar_month&lt;br /&gt;
#calendar_upcoming&lt;br /&gt;
#course_list&lt;br /&gt;
#course_summary&lt;br /&gt;
#glossary_random&lt;br /&gt;
#html&lt;br /&gt;
#loancalc&lt;br /&gt;
#login&lt;br /&gt;
#messages&lt;br /&gt;
#news_items&lt;br /&gt;
#online_users&lt;br /&gt;
#participants&lt;br /&gt;
#quiz_results&lt;br /&gt;
#recent_activity&lt;br /&gt;
#rss_client&lt;br /&gt;
##block/rss_client:createprivatefeeds&lt;br /&gt;
##block/rss_client:createsharedfeeds&lt;br /&gt;
##block/rss_client:manageownfeeds&lt;br /&gt;
##block/rss_client:manageanyfeeds&lt;br /&gt;
#search&lt;br /&gt;
#search_forums&lt;br /&gt;
#section_links&lt;br /&gt;
#site_main_menu&lt;br /&gt;
#social_activities&lt;br /&gt;
&lt;br /&gt;
===Questions===&lt;br /&gt;
I am adding question categories here because they seem to have been forgotten in the whole scheme of things since having been removed from the quiz module itself. I&#039;ve made a suggestion on how these could be handled in [http://www.moodle.org/bugs/bug.php?op=show&amp;amp;bugid=6118&amp;amp;pos= bug 6118].&lt;br /&gt;
&lt;br /&gt;
See [http://moodle.org/mod/forum/discuss.php?d=51143 this forum thread] for a discussion about the current problems wth publishing question categories.[[User:Tim Hunt|Tim Hunt]] 18:50, 8 August 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
==Programming Interface==&lt;br /&gt;
&lt;br /&gt;
Although the Roles system may look complicated at first glance, implementing it in Moodle code is fairly simple.&lt;br /&gt;
&lt;br /&gt;
* You need to define each capability once, so that Moodle can upgrade existing roles to take advantage of it.  You do this in an access.php inside the db folder of any module (eg see mod/forum/db/access.php).  The array contains entries like this (note the descriptions for the legacy roles which provides forward compatibility):&lt;br /&gt;
    &#039;mod/forum:viewforum&#039; =&amp;gt; array(&lt;br /&gt;
        &#039;captype&#039; =&amp;gt; &#039;read&#039;,&lt;br /&gt;
        &#039;contextlevel&#039; =&amp;gt; CONTEXT_MODULE,&lt;br /&gt;
        &#039;legacy&#039; =&amp;gt; array(&lt;br /&gt;
            &#039;guest&#039; =&amp;gt; CAP_PREVENT,&lt;br /&gt;
            &#039;student&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;teacher&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;editingteacher&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;coursecreator&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;admin&#039; =&amp;gt; CAP_ALLOW&lt;br /&gt;
        )&lt;br /&gt;
    ),&lt;br /&gt;
* To load/change these capabilities you need to bump the module version.   There&#039;s no need to provide changes or differences as Moodle will scan the whole array and sort it out.&lt;br /&gt;
* On each page you need to find the context the user is working in, using the get_context_instance() function.  For example, in the forum module:&lt;br /&gt;
&lt;br /&gt;
  $context = get_context_instance(CONTEXT_MODULE, $cm-&amp;gt;id);&lt;br /&gt;
* Then, whenever you want to check that the current user has rights to do something, call has_capability() like this:&lt;br /&gt;
    if (!has_capability(&#039;mod/forum:viewforum&#039;, $context)) {&lt;br /&gt;
        print_error(&#039;nopermissiontoviewforum&#039;);&lt;br /&gt;
    }&lt;br /&gt;
* If you just want to assert a capability and then finish with an error message if it&#039;s not met (as we did above), then a shorter way it to use require_capability() like this:&lt;br /&gt;
&lt;br /&gt;
    require_capability(&#039;mod/forum:viewforum&#039;, $context);&lt;br /&gt;
&lt;br /&gt;
* Note that there are extra parameters you can specify to get a custom error message, otherwise users get an automated &amp;quot;No permissions&amp;quot; message that lists the permission they were missing.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
As a result of the new Roles System, all calls to isadmin(), iscoursecreator, isteacheredit(), isteacher(), isstudent(), and isguest() will have to be replaced with calls to has_capability() or require_capability().   However, these functions will be retained for some backward compatibility with old code, using the legacy capabilities to try and work out what to do.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Problem areas we are working on ==&lt;br /&gt;
&lt;br /&gt;
===Student view===&lt;br /&gt;
&lt;br /&gt;
The &amp;quot;Student view&amp;quot; button has been removed completely.&lt;br /&gt;
&lt;br /&gt;
If there is time and a secure way can be found, it will be replaced by a menu to let the user assume a temporary role in the context of that course.&lt;br /&gt;
&lt;br /&gt;
===Teacher forum===&lt;br /&gt;
&lt;br /&gt;
Teacher forums were always a curious exception to normal forums, as they were not part of a course as such, and were not backed up.&lt;br /&gt;
&lt;br /&gt;
We&#039;re taking the opportunity to rectify this.   The upgrade converts teacher forums with content to normal forums in section 0 of the course, and ensures that only teachers can access them.  If the teacher forum had not been used in the course then it&#039;s not converted and will just dissappear.&lt;br /&gt;
&lt;br /&gt;
===Enrolment plugins===&lt;br /&gt;
&lt;br /&gt;
====Process of logging in====&lt;br /&gt;
&lt;br /&gt;
(more soon)&lt;br /&gt;
&lt;br /&gt;
====Process of checking access to a course====&lt;br /&gt;
&lt;br /&gt;
require_login($course-&amp;gt;id) is called by the script and has logic like this:&lt;br /&gt;
&lt;br /&gt;
# Is the user a guest at site level?&lt;br /&gt;
## Yes: Does the course allow guests?&lt;br /&gt;
### Yes: return true (and further capabilities are checked by the script)&lt;br /&gt;
### No:  send the user to course/enrol.php for enrolment&lt;br /&gt;
## No: continue below&lt;br /&gt;
&lt;br /&gt;
# Does the user have moodle/course:view in that (course) context?&lt;br /&gt;
## Yes: then they can enter (and further capabilities are checked by the script)&lt;br /&gt;
##  No: is guest access allowed on the course?&lt;br /&gt;
### Yes: assign temporary guest role to that user for that context (in session cache).&lt;br /&gt;
### No: send the user to course/enrol.php for enrolment.&lt;br /&gt;
&lt;br /&gt;
====Process of enrolling====&lt;br /&gt;
&lt;br /&gt;
(more soon)&lt;br /&gt;
&lt;br /&gt;
==Scenario brainstorming==&lt;br /&gt;
&lt;br /&gt;
This section is for brainstorming some example roles that we would like to support.  Note some of these *may* not be possible in 1.7.&lt;br /&gt;
&lt;br /&gt;
===Student===&lt;br /&gt;
Obviously.&lt;br /&gt;
&lt;br /&gt;
===Site Designers===&lt;br /&gt;
Is there a role for people involved in how the site looks but not full administrators? Thinking here of online control of themes rather than FTP theme uploading. But in either case they caneditlogos, caneditcss, candeditlevelatwhichthemeapplies.&lt;br /&gt;
&lt;br /&gt;
===Educational Authority Adviser===&lt;br /&gt;
Someone who would want to browse the site and may be asked to comment or contribute to particular discussions or developments in school. Access for this role would be controlled by the school in the case of school level moodles but may be different if there were to be a Local Authority wide Moodle.&lt;br /&gt;
&lt;br /&gt;
===Educational Inspector===&lt;br /&gt;
Someone who will visit the site to verify the school&#039;s self review that comments on home school relationships, extending the classroom etc. They may want to see summaries of usage and reports from surveys garnering parent and pupil views.&lt;br /&gt;
&lt;br /&gt;
===Second Marker / Moderator===&lt;br /&gt;
A teacher within ths site that has access to assignments and quizzes from another teacher&#039;s course for second marking purposes. This may need additional functionality adding to the assignment module so that two sets of grades/feedback can be given to one set of assignments.&lt;br /&gt;
&lt;br /&gt;
===Peer observer of teaching===&lt;br /&gt;
Many institutions encourage peer observation of teaching, to encourage reflection on practice. In online environments this will be similar to moderation or inspection. The peer observer would need to be able to experience the course &amp;quot;as a student&amp;quot;, but also to be able to view summaries of usage, transcripts of interactions (forums/surveys/polls etc), grades assigned (e.g. in assignments).&lt;br /&gt;
&lt;br /&gt;
===External Examiner===&lt;br /&gt;
Has all the rights of inspectors, but would also need to be able to review assignments and feedback, view forums, glossaries etc. However, would not want to post, feedback onto the site at all.&lt;br /&gt;
&lt;br /&gt;
===Parent===&lt;br /&gt;
A parent will have one or more children in one or more institutions which could be using one or more moodle instances or a mixture of Learning Platforms. A parent&#039;s role will vary depending on the age of their children and whether they are contributing as a parent or a school supporter.&lt;br /&gt;
&lt;br /&gt;
In Early Years (EY=3+4 yr olds) and Key Stage 1 (KS1=5+6 yr olds) they may play/learn on an activity or write for the child. Parents often interpret homework tasks and read to their children perhaps filling in a joint reading diary. In Key Stage 2 (KS2=7-11 yr olds) parents would be more monitoring but may join in as well.&lt;br /&gt;
&lt;br /&gt;
In Key stages 3 (KS3=12-14 yr olds) and 4 (KS4=15+16 yr olds) this changes to more of a monitoring/awareness role where a parent would expect to have a summary report of attendance, attainment and general achievement on a weekly/monthly/termly or annual basis. Parents will often be asked to sign and write back comments about this review report.&lt;br /&gt;
&lt;br /&gt;
In all Key Stages there is a great need for parents to receive communication from the school which they can confirm they have received by signing a form. In some cases this may also involve making choices from a list. It may also involve payment for a trip or disco being returned so there could be the possibility of electronic payments. Also in all Key Satges there may be a home-school agreement which may be signed up to. Could this form part of a site policy system that incorporates a tickable list of activities the parent agrees to the child using (blogs/wikis/forums etc.)?&lt;br /&gt;
&lt;br /&gt;
Parent&#039;s evenings often involve complex booking systems that attempt to get parent&#039;s and teachers together. Easy for EY/KS1/KS2 very difficult for KS3/KS4. Wow would this help if it was built into the Learning Platform.&lt;br /&gt;
&lt;br /&gt;
In some cases there needs to be confidential communication between the parent and the teacher without the child being party to this. It may involve teaching and learning but could also involve a behaviour or medical issue. Often this may be done via a sealed letter or face to face. &lt;br /&gt;
&lt;br /&gt;
The latest incarnation of OfSTED with the Self Review Framework (SEF) there is a greater emphasis on schools gathering parent voice via surveys and discussion. There is a clear match here with parents have access to parental votes, questionnaires and discussions and for schools to be able to publish news, results and reports back to parents.&lt;br /&gt;
&lt;br /&gt;
In the UK the LP framework and agenda as being pushed by the DfES via Becta emphasises that within the mandatory groups and roles functionality the parent role is likely to be required to meet the LP Framework procurement standard.&lt;br /&gt;
&lt;br /&gt;
Again in the UK, parents have their own independent right of access to a child&#039;s educational records. Obviously, children&#039;s records must not be made available to other parties, including the parents of other children in the same class. Thus it would be necessary to associate parent accounts with their own child&#039;s accounts in such a way that they could, if so desired, have read access to their child&#039;s grades, answers and contributions, but generally not those of other children - this may be problematic in the case of wiki activities or forum posts.&lt;br /&gt;
&lt;br /&gt;
There is some concern that children&#039;s forum contributions etc may be constrained if their parents are able to read all that they write; this may be particularly problematic in areas such as Personal, Social and Health Education (PSHE), where some schools may choose to use obfuscated usernames.&lt;br /&gt;
&lt;br /&gt;
===Manager===&lt;br /&gt;
&#039;&#039;Please add text here...&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Weekly Seminar Leader===&lt;br /&gt;
&#039;&#039;In a university seminar, typically 8-15 students in their 3rd/4th year, each student is responsible for leading one topic in a study series.  I ask each student to research 5-10 resources, then give a powerpoint presentation to the other students.  This is followed by an in-class discussion and then online homework.  The homework involves some fun quiz questions and then some reflective journal questions.  I ask each seminar leader to prepare the quiz questions and journal questions as well as their presentation.  To do that, I would like to assign activity-making/authoring roles to the student--either for a short period, or for duration of the whole course.  Thus &amp;quot;Allow Quiz Authoring Role&amp;quot; or &amp;quot;Allow Assignment Authoring Role&amp;quot; at the course level or, if possible, even the Topic level (in a topic or week format course) would be important.&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Mentor/Mentee===&lt;br /&gt;
&#039;&#039;Please add text here...&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Community-Designed Rating Criteria===&lt;br /&gt;
&#039;&#039;The gradebook tends to be the domain of the teacher.  What if community/peer ratings/marks could also be entered there? What if peer assessment criteria could be designed by the students, not just the teacher?&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Visitor===&lt;br /&gt;
&lt;br /&gt;
This would be a role whereby one could allow a visitor to visit one&#039;s classroom. This might be a colleague interested in seeing your course, or a journalist who might be writing an article about one&#039;s site. They should not be able to see the names of any students anywhere (eg recent activity, forum posts) for privacy reasons. They should be able to try out things like quizzes, and lessons but no grades would be recorded (like in teacher preview mode). They would not be able to participate in choices and forums but could view them. It would be read only in a way like former-student role below but without access to a particular student&#039;s records that former student role would grant.&lt;br /&gt;
&lt;br /&gt;
===Guest Speaker===&lt;br /&gt;
&lt;br /&gt;
This role would be similar to the Visitor role above, but would allow seeing student names, and also allow both reading and posting to a specific forum or forums. We often have &amp;quot;guest speakers&amp;quot; who read and respond to student forum posts. Right now we have to add them as students, which isn&#039;t ideal.&lt;br /&gt;
&lt;br /&gt;
===Former Student===&lt;br /&gt;
This role would be of particular use for courses with rolling enrollments. This role would be one where a student had completed all of the requirements of a course (ie assignments, quizzes etc.) but wished to have continued access to the course material for review or consultation. The key factor is that one would give access to the completed student to the notes he read, his work and the teacher&#039;s comments on it, but he would not be allowed to do anything that would take up the teacher&#039;s time. In other words, a sort-of read-only access to the course. How forums, which might contain pertinent information and would continue to grow, would be handled is a question. Perhaps the student would be shown only what was in the forums at the time he completed the course. He would not be allowed to see any new posts or add any himself. Same thing for database and glossary entries. In other words, a snapshot of the course at the time his regular enrollment ended. He shouldn&#039;t be able to see the names or profiles of any newly enrolled students for privacy reasons-hence the restrictions on forum access. One issue that would have to be dealt with would be changes to existing modules-such as resources. Does the student get access to the module as it was or as it is? We have no versioning of resources in Moodle so this would be a problem. What about a teacher changing a quiz question so that the answer is different? What would a former student see?&lt;br /&gt;
&lt;br /&gt;
===Alumnus=== An ALUMNUS should be able to search for all other ALUMNI of the school, interact with them and be enrolled in a seperate course - which is like a META course with all the content of his learning and interaction - as well as capabilities to be a part of this ALUMNI only course.  All the teachers of courses during school years should automatically be a part of the ALUMNI course .. which means when an ALUMNUS is enrolled in a course, the original teachers of all his courses get enrolled ?  --[[User:Anil Sharma|Anil Sharma]] 20:54, 15 July 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Librarian===&lt;br /&gt;
&lt;br /&gt;
Reference Librarians have an active role in most of the courses taught at some schools such as Earlham College (with Bibliographic Instruction). The Librarian role within Moodle could encompass default read access to all courses (unless prohibited by course teacher) and read access to all components of the course unless access is barred (again by teacher). The Librarians would also perhaps have a block called perhaps Reference Services or Reference Desk with write access where they could deposit resources. Also this block might have a chat applet whereby enrolled students could chat to the Reference Librarian on duty about their bibliographic research needs.&lt;br /&gt;
&lt;br /&gt;
In schools there is often a book review system. This may be covered by the lending system database but may not in which case a librarian may neeed to have a course area they can create a database template to handle the reviews in which case they may have a normal teacher style role? Off topic but course an integration with common schools database systems would be great.&lt;br /&gt;
&lt;br /&gt;
===Teacher===&lt;br /&gt;
&lt;br /&gt;
Teachers should have read access to other Teacher&#039;s courses unless explictly prohibited. They should be able to set parts of their own course to be totally private (perhaps even to admin?). Just as each activity can currently be set to have group access, each activity could have a permissions field. Teachers could set default permissions for all activities on their course (eg they might disallow Librarian access for example) and then change the access permission for an individual activity. &lt;br /&gt;
&lt;br /&gt;
I think that what is needed is a simple heirarchy of permissions and levels of granularity.&lt;br /&gt;
&lt;br /&gt;
I would take issue with &amp;quot;teachers should have read access to other teacher&#039;s courses unless explicitly prohibited.&amp;quot; This is a violation of the students&#039; privacy as how they perform and what they do in one class isn&#039;t the business of another teacher. Moreover, in the real world a teacher wouldn&#039;t suddenly go sit in on a colleague&#039;s class without asking permission first. I would not have appreciated such an invasion of privacy as either a teacher or a student. It could be an option, but shouldn&#039;t be default.--[[User:N Hansen|N Hansen]] 19:54, 12 June 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Community Education Tutors/Trainers===&lt;br /&gt;
Teachers may be community adult education trainers making use of a school moodle so must only have access to their courses unless given access elsewhere. They would not necessarily get the default teacher privileges.&lt;br /&gt;
&lt;br /&gt;
===Secretary/Student Worker===&lt;br /&gt;
&lt;br /&gt;
We often have faculty who want their departmental secretary or student worker to scan and upload files and perhaps create resources. Currently they have to be given teacher access to the course. This is dangerous from a FERPA standpoint since they could easily get access to grades.&lt;br /&gt;
&lt;br /&gt;
===Teaching Assistant===&lt;br /&gt;
&lt;br /&gt;
Our Faculty frequently have undergraduate students acting as Teaching Assistants. These students need to be able to add resources, create assignments, and possibly grade assignments. However, due to FERPA they cannot have access to other students&#039; overall grade information. I think the requirements here are slightly different than those of Secretary/Student Worker&lt;br /&gt;
&lt;br /&gt;
===Student - FERPA rights===&lt;br /&gt;
&lt;br /&gt;
A student that has asserted their FERPA rights to non-disclosure.  Typically includes not publishing their name&lt;br /&gt;
in any public place.  Could include this student only being seen with an &amp;quot;alias&amp;quot; within course spaces.  Is this an attribute rather&lt;br /&gt;
than a role?&lt;br /&gt;
&lt;br /&gt;
===Help Desk===&lt;br /&gt;
&lt;br /&gt;
Help desk agents that have read access for the purposes of trouble shooting.  Some care in placing this role within a hierarchy&lt;br /&gt;
of inheritance is needed, full access will be problematic with FERPA.&lt;br /&gt;
&lt;br /&gt;
===Admin - Catgory based===&lt;br /&gt;
&lt;br /&gt;
Basically a person in between full Admin and Creator that has the permissions of an Admin but only with respect to courses and students. Currently a Creator has permissions site-wide which does not always meet the requirements of a given organisation (e.g. Department A may not be happy that a person from Department B can create/modify courses within Department A&#039;s area). The ability to designate a Creator within a specific category would allow areas to be set up for a faculty/department/organisation and allow the Admin for that area to create/delete courses, upload users, add site-wide entries to the calendar etc.&lt;br /&gt;
&lt;br /&gt;
===Process Roles===&lt;br /&gt;
&lt;br /&gt;
organising the learning process for a group you wish to have the choice to place students in differnt roles: examples of this are:&lt;br /&gt;
* Give a student the role of forum-moderator with edit and chunk-rights&lt;br /&gt;
* Give students different roles &amp;amp; rights in a Webquest design (and change these roles next week&lt;br /&gt;
* Give students different resources, depending of their roles in a rolegame/simulation&lt;br /&gt;
* Give a student the rights to create the section content of next week (and only that week..)&lt;br /&gt;
&lt;br /&gt;
==Things to finish for 1.7 Beta==&lt;br /&gt;
&#039;&#039;&#039;18 Sept 2006&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
#Remove core references to user_student, user_teacher, user_admin, user_coursecreator tables.  [Yu]&lt;br /&gt;
#Address function: isteacher, isadmin, isstudent [Yu]&lt;br /&gt;
#Remove &amp;quot;view&amp;quot; capabilities from all modules unless required [Vy]&lt;br /&gt;
#Remove all old references from remaining Blocks [Vy]&lt;br /&gt;
#Metacourses [Skodak]&lt;br /&gt;
#Add risks to GUI[Skodak]&lt;br /&gt;
#Enrolment plugins  [Martin and Alastair]&lt;br /&gt;
#[[Stats_roles_1.7|Statistics]] [Penny]&lt;br /&gt;
#Fix Loginas&lt;br /&gt;
#Add category-level assigns [Yu]&lt;br /&gt;
#[[Backup_roles_1.7|Backups]] [Eloy?]&lt;br /&gt;
&lt;br /&gt;
===Proposal for interface enhancement===&lt;br /&gt;
Martin asked some questions, here are my answers. The scetches blow are not worked out proposals. Theier task is to visualize the idea. The exact colours and functionality may be defined after possible agreement about the proposals. The Green, orange and red columns support the meaning of the options from &amp;quot;allow&amp;quot; to &amp;quot;prohibit&amp;quot; (If you may want to see larger images please click onto the image or the &amp;quot;Enlarge&amp;quot; icon below the image.)&lt;br /&gt;
&lt;br /&gt;
The list of possible settings is very long and &#039;&#039; &amp;quot;... the problem is not to overwhelm people with information&amp;quot; &#039;&#039;. &lt;br /&gt;
&lt;br /&gt;
[[Image:01_moodle_define_roles_structured.png|thumb=01_moodle_define_roles_structured_pre.png]]&lt;br /&gt;
&lt;br /&gt;
1) One proposal is to use colour to structure the sections and the columns. Picture 1 shows that the user can keep a much better overview when the list is divided into meaningful differnt coloured coulmns and clear sections.&lt;br /&gt;
&amp;lt;br style=&amp;quot;clear:both;&amp;quot; /&amp;gt;&lt;br /&gt;
&lt;br /&gt;
[[Image:02_moodle_define_roles_collapsed.png|thumb=02_moodle_define_roles_collapsed_pre.png]]&lt;br /&gt;
&lt;br /&gt;
2) A second proposal is to reduce the amount of information the user is shown at the same time. The YUI interface library offers great support to show/hide sections of the page by clicking on specific elements. &lt;br /&gt;
&lt;br /&gt;
For example click on an icon beside the sub heading &amp;quot;Course categories&amp;quot; and show/hide all table rows with the CLASS &amp;quot;course-category&amp;quot;.&lt;br /&gt;
&amp;lt;br style=&amp;quot;clear:both;&amp;quot; /&amp;gt;&lt;br /&gt;
&lt;br /&gt;
[[Image:03_moodle_define_roles_tooltip.png|thumb=03_moodle_define_roles_tooltip_pre.png]]&lt;br /&gt;
&lt;br /&gt;
3) &#039;&#039; &amp;quot;The main problem is the last column for risk ... we were thinking of putting little icons in there ...&amp;quot; &#039;&#039;&lt;br /&gt;
Icons are good when they tell the user more about possible actions/meanings then the letters. I am not sure if this is the case here. For both - icons or letters - the YUI tooltip function would be able to give the user valuable information about the meaning.&lt;br /&gt;
&amp;lt;br style=&amp;quot;clear:both;&amp;quot; /&amp;gt;&lt;br /&gt;
&lt;br /&gt;
==See also==&lt;br /&gt;
&lt;br /&gt;
*Using Moodle [http://moodle.org/mod/forum/discuss.php?d=38788 Roles and Permissions architecture] forum discussion&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[Category:Future]]&lt;br /&gt;
[[Category:Roles]]&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Roles&amp;diff=3117</id>
		<title>Roles</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Roles&amp;diff=3117"/>
		<updated>2006-09-18T11:05:00Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* Things to finish for 1.7 Beta */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&#039;&#039;&#039;Roles and permissions&#039;&#039;&#039; will be in Moodle 1.7 and are available in the developer version of Moodle.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Definitions==&lt;br /&gt;
&lt;br /&gt;
A role is an identifier of the user&#039;s status in some context, for example, teacher, student and forum moderator are examples of roles.&lt;br /&gt;
&lt;br /&gt;
A capability is a description of some particular Moodle feature. Capabilities are associated with roles. For example, &#039;&#039;mod/forum:replypost&#039;&#039; is a capability.&lt;br /&gt;
&lt;br /&gt;
A permission is some value that is assigned for a capability for a particular role.  For example, allow or prevent.&lt;br /&gt;
&lt;br /&gt;
A context is a &amp;quot;space&amp;quot; in the Moodle, such as courses, activity modules, blocks etc.&lt;br /&gt;
&lt;br /&gt;
==The existing system==&lt;br /&gt;
&lt;br /&gt;
Currently in Moodle, we have a fixed set of roles i.e. primary admin, admins, course creators, editing teachers, non-editing teachers, students, and guests. For each role, the capability or actions that they can perform are fixed. For example, the role student allows the user to submit an assignment, but doesn&#039;t allow the user to browse/edit other users&#039; work. By using this setup we limit ourselves to a rather rigid set of capabilities for each role. If we want, say a particular student or group to be able to mark assignments in a particular course, we can&#039;t do that without giving these users teacher privileges.&lt;br /&gt;
&lt;br /&gt;
==The new roles and capability system==&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{{Moodle 1.7}}The new system will allow authorized users to define an arbitrary number of roles (eg a teacher) &lt;br /&gt;
&lt;br /&gt;
A role consists of a list of permissions for different possible actions within Moodle (eg delete discussions, add activities etc)&lt;br /&gt;
&lt;br /&gt;
Roles can be applied to users in a context (eg assign Fred as a teacher in a particular course)&lt;br /&gt;
&lt;br /&gt;
Here are the possible contexts, listed from the most general to the most specific. &lt;br /&gt;
&lt;br /&gt;
#CONTEXT_SYSTEM       -- the whole site&lt;br /&gt;
#CONTEXT_PERSONAL     -- yourself&lt;br /&gt;
#CONTEXT_USER         -- another user&lt;br /&gt;
#CONTEXT_COURSECAT    -- a course category&lt;br /&gt;
#CONTEXT_COURSE       -- a course&lt;br /&gt;
#CONTEXT_GROUP        -- a group&lt;br /&gt;
#CONTEXT_MODULE       -- an activity module&lt;br /&gt;
#CONTEXT_BLOCK        -- a block&lt;br /&gt;
&lt;br /&gt;
An authorized user will be able to assign an arbitrary number of roles to each user in any context.&lt;br /&gt;
&lt;br /&gt;
Capabilities can have the following permissions:&lt;br /&gt;
&lt;br /&gt;
#CAP_INHERIT&lt;br /&gt;
#CAP_ALLOW&lt;br /&gt;
#CAP_PREVENT&lt;br /&gt;
#CAP_PROHIBIT&lt;br /&gt;
&lt;br /&gt;
If no permission is defined, then the capability permission is inherited from a context that is more general than the current context. If we define different permission values for the same capability in different contexts, we say that we are overriding the capability in the more specific context.&lt;br /&gt;
&lt;br /&gt;
Since the capabilities in each role could be different, there could be conflict in capabilities. This is resolved by enforcing the rule that the capability defined for a more specific context will win, unless a prohibit is encountered in a less specific context.&lt;br /&gt;
&lt;br /&gt;
For example, Mark has a student role at course level, which allows him to write into a wiki. But Mark also got assigned a Visitor role at a module context level (for a particular wiki) which prevents him from writing to the wiki (read only). Therefore, for this particular wiki, Mark will not be able to write to the wiki since the more specific context wins.&lt;br /&gt;
&lt;br /&gt;
If we set a PROHIBIT on a capability, it means that the capability cannot be overridden and will ALWAYS  have a permission of prevent (deny). Prohibit always wins.   For example, Jeff has a naughty student role that prohibits him from postings in any forums (for the whole site), but he&#039;s also assigned a facilitator role in &amp;quot;Science forum&amp;quot; in the course Science and Math 101. Since prohibit always wins, Jeff is unable to post in &amp;quot;Science forum&amp;quot;.&lt;br /&gt;
&lt;br /&gt;
Allow and prevent will cancel each other out if set for the same capability at the same context level. If this happens, we refer to the previous context level to determine the permission for the capability.&lt;br /&gt;
&lt;br /&gt;
This may sound more complex than it really is in practice.  The upshot is that the system can be flexible enough to allow pretty much any combination of permissions.&lt;br /&gt;
&lt;br /&gt;
==Upgrading from 1.6==&lt;br /&gt;
&lt;br /&gt;
A smooth upgrade will be provided with 1.7. The existing roles (admin, teacher, student, etc), and the existing capabilities will be automatically retained.  This is done by creating default roles at site/course levels, and assigning the current users to these roles accordingly. The default roles will have default capabilities associated with them, mirroring what we have  in 1.6.   With no modifications, Moodle will operate exactly the same before and after the upgrade.&lt;br /&gt;
&lt;br /&gt;
===Teachers===&lt;br /&gt;
&lt;br /&gt;
Users who were teachers will be assigned the default legacy teacher role (or non-editing teacher role) in all courses they were teacher.&lt;br /&gt;
&lt;br /&gt;
===Students===&lt;br /&gt;
&lt;br /&gt;
Users who were students will be assigned the default student role in all courses they were student.&lt;br /&gt;
&lt;br /&gt;
===Guests===&lt;br /&gt;
&lt;br /&gt;
There will still be a single guest user with no default role at site level.   For each course that allows guest access, the guest role will be assigned to the guest user for that course context.   The guest control for the course will be modified from three to two options (guests always need to enter enrolment key - on/off).  This setting is checked as now to force guests to enter key.&lt;br /&gt;
&lt;br /&gt;
==Capabilities==&lt;br /&gt;
&lt;br /&gt;
This will be a comprehensive list of capabilities (it&#039;s not complete yet). It is important that capability names are unique.&lt;br /&gt;
&lt;br /&gt;
===Core-level Capabilities===&lt;br /&gt;
&lt;br /&gt;
Moodle core capability names start with &#039;moodle/&#039;.  The next word indicates what type of core capability it is, and the last word is the actual capability itself.  The capabilities for the Moodle core are defined in lib/db/access.php&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
#moodle/legacy:guest - legacy capabilities are used to transition existing users to the new roles system during the upgrade to Moodle 1.7&lt;br /&gt;
#moodle/legacy:student&lt;br /&gt;
#moodle/legacy:teacher&lt;br /&gt;
#moodle/legacy:editingteacher&lt;br /&gt;
#moodle/legacy:coursecreator&lt;br /&gt;
#moodle/legacy:admin&lt;br /&gt;
#moodle/site:doanything - special capability, meant for admins, if is set, overrides all other capability settings&lt;br /&gt;
#moodle/site:config - applicable in admin/index.php and config.php (might break down later) : 1)admin/config.php 2)admin/configure.php 3)blocks/admin/block_admin.php load_content_for_site()&lt;br /&gt;
#moodle/site:readallmessages - reads all messages and history&lt;br /&gt;
#moodle/site:approvecourse - approves a pending course&lt;br /&gt;
#moodle/site:manageblocks - adding/removing/editing blocks (site, course contexts only for now) : 1)_add_edit_controls moodleblock.class.php &lt;br /&gt;
#moodle/site:backup - can create a course backup : 1)course/category.php 2)block_admin.php&lt;br /&gt;
#moodle/site:restore - can restore into this context : 1)course/category.php 2)block_admin.php&lt;br /&gt;
#moodle/site:import - can import other courses into this context : 1)block_admin.php&lt;br /&gt;
#moodle/site:accessallgroups - able to access all groups irrespective of what group the user is in&lt;br /&gt;
#moodle/site:accessdb - directly accessing db (phpmyadmin)&lt;br /&gt;
#moodle/site:viewfullnames - able to see fullnames of other users&lt;br /&gt;
#moodle/site:viewparticipants - able to view participants&lt;br /&gt;
#moodle/site:viewreports - able to view site/course reports&lt;br /&gt;
#moodle/site:trustcontent - ability to use trusttext feature and bypass cleaning in specific areas&lt;br /&gt;
#moodle/blog:view - read blogs&lt;br /&gt;
#moodle/blog:create - write new blog posts&lt;br /&gt;
#moodle/blog:manageofficialtags - create/delete official blog tags that others can use&lt;br /&gt;
#moodle/blog:managepersonaltags - create/delete official blog tags that others can use&lt;br /&gt;
#moodle/blog:manageentries - edit/delete all blog entries&lt;br /&gt;
#moodle/course:setcurrentsection - mark course section&lt;br /&gt;
#moodle/course:create - create courses : 1)course/edit.php 2)course/category.php 3)course/index.php&lt;br /&gt;
#moodle/course:delete - create courses : 1)course/category.php&lt;br /&gt;
#moodle/course:update - update course settings&lt;br /&gt;
#moodle/course:view - can use this to find participants&lt;br /&gt;
#moodle/course:viewparticipants - allows a user to view participant list&lt;br /&gt;
#moodle/course:viewscales - view scales (i.e. in a help window?) : 1)course/scales.php&lt;br /&gt;
#moodle/course:manageactivities - adding/removing/editing activities and resources (don&#039;t think it makes any sense to split these)&lt;br /&gt;
#moodle/course:managescales - add, delete, edit scales, move scales up and down : 1)blocks/block_admin.php 2)course/scales.php&lt;br /&gt;
#moodle/course:managegroups - managing groups, add, edit, delete : 1)course/groups.php 2)course/group.php&lt;br /&gt;
#moodle/course:managefiles - manage course files and folders&lt;br /&gt;
#moodle/course:managequestions - manage course questions&lt;br /&gt;
#moodle/course:managemetacourses - manage child courses in metacourses&lt;br /&gt;
#moodle/course:reset - able to reset the course&lt;br /&gt;
#moodle/course:visibility - hide/show courses : 1)course/category.php&lt;br /&gt;
#moodle/course:viewhiddencourses - see hidden courses&lt;br /&gt;
#moodle/course:activityvisibility - hide/show activities within a course&lt;br /&gt;
#moodle/course:viewhiddenactivities - able to see activities that have been hidden&lt;br /&gt;
#moodle/course:sectionvisibility - hide/show sections&lt;br /&gt;
#moodle/course:viewhiddensections - view hidden sections&lt;br /&gt;
#moodle/course:viewcoursegrades - views all grades in course&lt;br /&gt;
#moodle/course:viewhiddenuserfields - view all hidden user fields&lt;br /&gt;
#moodle/course:managegrades - manages grades settings in course&lt;br /&gt;
#moodle/category:create - create category : 1)course/index.php&lt;br /&gt;
#moodle/category:delete - delete category : 1)course/index.php&lt;br /&gt;
#moodle/category:update - update category settings (sort and rename) this is currently an admin capability : 1)course/category.php&lt;br /&gt;
#moodle/category:visibility - hide/show categories : 1)course/index.php&lt;br /&gt;
#moodle/user:viewusergrades - view your own, or other user&#039;s grades (with specified context)&lt;br /&gt;
#moodle/user:create - create user : 1) user/edit.php&lt;br /&gt;
#moodle/user:delete - delete user : 1) admin/user.php&lt;br /&gt;
#moodle/user:update - update user settings : 1) user/edit.php&lt;br /&gt;
#moodle/user:viewdetails - view personally-identifying user details (e.g. name, photo).&lt;br /&gt;
#moodle/user:viewhiddendetails - view user details marked as &amp;quot;hidden&amp;quot;&lt;br /&gt;
#moodle/calendar:manageownentries - create/edit/delete &lt;br /&gt;
#moodle/calendar:manageentries - create/edit/delete&lt;br /&gt;
#moodle/role:assign - assign roles to users&lt;br /&gt;
#moodle/role:override - can override role capabilities (depending on context)&lt;br /&gt;
#moodle/role:manage - create/edit/delete roles, set capability permissions for each role&lt;br /&gt;
#moodle/role:unassignself - unassign yourself from your own roles&lt;br /&gt;
#moodle/role:viewhiddenassigns - view role assignments that have been marked as hidden&lt;br /&gt;
#moodle/question:import - imports questions (course level?) - Yes, question permissions currently need to be course-level.--[[User:Tim Hunt|Tim Hunt]]&lt;br /&gt;
#moodle/question:export - exports questions (course level?)&lt;br /&gt;
#moodle/question:managecateory - add/delete/edit question categories (course level?)&lt;br /&gt;
#moodle/question:manage - add/edit/delete a question (course level)&lt;br /&gt;
&lt;br /&gt;
===User-level Capabilities===&lt;br /&gt;
# moodle/user:readuserposts -read individual user posts on profile page (parent?)&lt;br /&gt;
# moodle/user:readuserblogs -read individual user blogs on profile page (parent?)&lt;br /&gt;
# moodle/user:viewuseractivitiesreport-read individual activity report on profile page (parent?)&lt;br /&gt;
# moodle/user:editprofile - edit profile (normally used in CONTEXT_USERID and CONTEXT_SYSTEM)&lt;br /&gt;
&lt;br /&gt;
===Module-level Capabilities===&lt;br /&gt;
The capabilities are cached into a database table when a module is installed or updated. Whenever the capability definitions are updated, the module version number should be bumped up so that the database table can be updated.&lt;br /&gt;
&lt;br /&gt;
The naming convention for capabilities that are specific to modules and blocks is &#039;mod/mod_name:capability&#039;.  The part before the colon is the full path to the module in the Moodle code.  The module capabilities are defined in mod/mod_name/db/access.php.&lt;br /&gt;
&lt;br /&gt;
#Assignment&lt;br /&gt;
##mod/assignment:view- reading the assignment description&lt;br /&gt;
##mod/assignment:submit - turn assignment in&lt;br /&gt;
##mod/assignment:grade - grading, viewing of list of submitted assignments&lt;br /&gt;
#Chat&lt;br /&gt;
##mod/chat:chat - allows a user to participate in this chat&lt;br /&gt;
##mod/chat:readlog - allows a user to read past chat session logs&lt;br /&gt;
##mod/chat:deletelog - allows a user to delete past chat logs&lt;br /&gt;
#Choice&lt;br /&gt;
##mod/choice:choose - make a choice&lt;br /&gt;
##mod/choice:readresponses - read all responses&lt;br /&gt;
##mod/choice:deleteresponses - deletes all responses&lt;br /&gt;
##mod/choice:downloadresponses - download responses&lt;br /&gt;
#Database&lt;br /&gt;
##mod/data:readentry - reads other people&#039;s entry&lt;br /&gt;
##mod/data:writeentry - add / edit and delete (own) entries&lt;br /&gt;
##mod/data:managetemplates - add, delete, edit fields and templates&lt;br /&gt;
##mod/data:manageentries - edit/delete all entries&lt;br /&gt;
##mod/data:comment - comment&lt;br /&gt;
##mod/data:managecomments - edit/delete all comments&lt;br /&gt;
##mod/data:rate - rate an entry&lt;br /&gt;
##mod/data:approve - approves an entry&lt;br /&gt;
##mod/data:uploadentries - batch upload of entries&lt;br /&gt;
#Exercise&lt;br /&gt;
##mod/exercise:assess&lt;br /&gt;
#Forum&lt;br /&gt;
##mod/forum:viewforum&lt;br /&gt;
##mod/forum:viewdiscussion&lt;br /&gt;
##mod/forum:viewdiscussionsfromallgroups&lt;br /&gt;
##mod/forum:viewhiddentimedposts&lt;br /&gt;
##mod/forum:startdiscussion&lt;br /&gt;
##mod/forum:replypost&lt;br /&gt;
##mod/forum:viewrating&lt;br /&gt;
##mod/forum:viewanyrating&lt;br /&gt;
##mod/forum:rate&lt;br /&gt;
##mod/forum:createattachment&lt;br /&gt;
##mod/forum:deleteownpost&lt;br /&gt;
##mod/forum:deleteanypost&lt;br /&gt;
##mod/forum:splitdiscussions&lt;br /&gt;
##mod/forum:movediscussions&lt;br /&gt;
##mod/forum:editanypost&lt;br /&gt;
##mod/forum:viewqandawithoutposting&lt;br /&gt;
##mod/forum:viewsubscribers&lt;br /&gt;
##mod/forum:managesubscriptions&lt;br /&gt;
##mod/forum:throttlingapplies&lt;br /&gt;
#Glossary&lt;br /&gt;
##mod/glossary:view - read entries&lt;br /&gt;
##mod/glossary:write - add entries&lt;br /&gt;
##mod/glossary:manageentries - add, edit, delete entries&lt;br /&gt;
##mod/glossary:managecategories - create, delete, edit categories&lt;br /&gt;
##mod/glossary:comment - comment on an entry&lt;br /&gt;
##mod/glossary:managecomments - edit, delete comments&lt;br /&gt;
##mod/glossary:import - import glossaries&lt;br /&gt;
##mod/glossary:export - export glossaries&lt;br /&gt;
##mod/glossary:approve - approve glossaries&lt;br /&gt;
##mod/glossary:rate - rates glossary&lt;br /&gt;
##mod/glossary:viewrating - view ratings&lt;br /&gt;
#Hotpot&lt;br /&gt;
##mod/hotpot:attempt - attempt a hotpot&lt;br /&gt;
##mod/hotpot:viewreport - review and view reports&lt;br /&gt;
##mod/hotpot:grade - (grade? and) regrade&lt;br /&gt;
##mod/hotpot:deleteattempt - deletes attempts&lt;br /&gt;
#Label&lt;br /&gt;
##none&lt;br /&gt;
#Lams&lt;br /&gt;
##mod/lams:participate - original student&lt;br /&gt;
##mod/lams:manage - original teacher&lt;br /&gt;
#Lesson&lt;br /&gt;
##mod/lesson:view&lt;br /&gt;
##mod/lesson:edit - add and edit pages&lt;br /&gt;
##mod/lesson:manage - view student attempts&lt;br /&gt;
#Quiz&lt;br /&gt;
##mod/quiz:grade - comment, override grade, manual grade&lt;br /&gt;
##mod/quiz:preview - previews the quiz&lt;br /&gt;
##mod/quiz:viewreports - view quiz result reports&lt;br /&gt;
##mod/quiz:manage - add/delete/move (up or down) questions for a quiz&lt;br /&gt;
##mod/quiz:attempt - attempt the quiz--[[User:Tim Hunt|Tim Hunt]]&lt;br /&gt;
#Resource&lt;br /&gt;
##mod/resource:view&lt;br /&gt;
#Scorm&lt;br /&gt;
##mod/scorm:view&lt;br /&gt;
##mod/scorm:viewgrades&lt;br /&gt;
#Survey&lt;br /&gt;
##mod/survey:download - downloads survery result&lt;br /&gt;
##mod/survey:participate - participate/ do survey&lt;br /&gt;
##mod/survey:readresponses - read all user&#039;s responese&lt;br /&gt;
#Wiki&lt;br /&gt;
##mod/wiki:view - basic capability needed to view wiki content&lt;br /&gt;
##mod/wiki:participate - original student, meaning depends of type and course setting&lt;br /&gt;
##mod/wiki:manage - original teacher, manages assigned group; moodle/site:accessallgroups is needed to manage all groups &lt;br /&gt;
##(Waiting on new wiki)&lt;br /&gt;
#Workshop&lt;br /&gt;
##mod/workshop:view - basic capability needed to enter workshop&lt;br /&gt;
##mod/workshop:participate - original student, allows user to submit and assess&lt;br /&gt;
##mod/workshop:manage - original teacher, user can manage others&lt;br /&gt;
##(Waiting on new Workshop)&lt;br /&gt;
&lt;br /&gt;
===Enrolment-level Capabilities===&lt;br /&gt;
&lt;br /&gt;
The naming convention for capabilities that are specific to enrolment is &#039;enrol/enrol_name:capability&#039;. The enrolment capabilities are defined in enrol/enrol_name/db/access.php.&lt;br /&gt;
&lt;br /&gt;
#Authorize.net Payment Gateway &lt;br /&gt;
##enrol/authorize:managepayments - manage user payments, capture, void, refund, delete etc.&lt;br /&gt;
&lt;br /&gt;
===Blocks===&lt;br /&gt;
#activity_modules&lt;br /&gt;
##None&lt;br /&gt;
#admin&lt;br /&gt;
#admin_2&lt;br /&gt;
#admin_bookmarks&lt;br /&gt;
#blog_menu&lt;br /&gt;
#blog_tags&lt;br /&gt;
#calendar_month&lt;br /&gt;
#calendar_upcoming&lt;br /&gt;
#course_list&lt;br /&gt;
#course_summary&lt;br /&gt;
#glossary_random&lt;br /&gt;
#html&lt;br /&gt;
#loancalc&lt;br /&gt;
#login&lt;br /&gt;
#messages&lt;br /&gt;
#news_items&lt;br /&gt;
#online_users&lt;br /&gt;
#participants&lt;br /&gt;
#quiz_results&lt;br /&gt;
#recent_activity&lt;br /&gt;
#rss_client&lt;br /&gt;
##block/rss_client:createprivatefeeds&lt;br /&gt;
##block/rss_client:createsharedfeeds&lt;br /&gt;
##block/rss_client:manageownfeeds&lt;br /&gt;
##block/rss_client:manageanyfeeds&lt;br /&gt;
#search&lt;br /&gt;
#search_forums&lt;br /&gt;
#section_links&lt;br /&gt;
#site_main_menu&lt;br /&gt;
#social_activities&lt;br /&gt;
&lt;br /&gt;
===Questions===&lt;br /&gt;
I am adding question categories here because they seem to have been forgotten in the whole scheme of things since having been removed from the quiz module itself. I&#039;ve made a suggestion on how these could be handled in [http://www.moodle.org/bugs/bug.php?op=show&amp;amp;bugid=6118&amp;amp;pos= bug 6118].&lt;br /&gt;
&lt;br /&gt;
See [http://moodle.org/mod/forum/discuss.php?d=51143 this forum thread] for a discussion about the current problems wth publishing question categories.[[User:Tim Hunt|Tim Hunt]] 18:50, 8 August 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
==Programming Interface==&lt;br /&gt;
&lt;br /&gt;
Although the Roles system may look complicated at first glance, implementing it in Moodle code is fairly simple.&lt;br /&gt;
&lt;br /&gt;
* You need to define each capability once, so that Moodle can upgrade existing roles to take advantage of it.  You do this in an access.php inside the db folder of any module (eg see mod/forum/db/access.php).  The array contains entries like this (note the descriptions for the legacy roles which provides forward compatibility):&lt;br /&gt;
    &#039;mod/forum:viewforum&#039; =&amp;gt; array(&lt;br /&gt;
        &#039;captype&#039; =&amp;gt; &#039;read&#039;,&lt;br /&gt;
        &#039;contextlevel&#039; =&amp;gt; CONTEXT_MODULE,&lt;br /&gt;
        &#039;legacy&#039; =&amp;gt; array(&lt;br /&gt;
            &#039;guest&#039; =&amp;gt; CAP_PREVENT,&lt;br /&gt;
            &#039;student&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;teacher&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;editingteacher&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;coursecreator&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;admin&#039; =&amp;gt; CAP_ALLOW&lt;br /&gt;
        )&lt;br /&gt;
    ),&lt;br /&gt;
* To load/change these capabilities you need to bump the module version.   There&#039;s no need to provide changes or differences as Moodle will scan the whole array and sort it out.&lt;br /&gt;
* On each page you need to find the context the user is working in, using the get_context_instance() function.  For example, in the forum module:&lt;br /&gt;
&lt;br /&gt;
  $context = get_context_instance(CONTEXT_MODULE, $cm-&amp;gt;id);&lt;br /&gt;
* Then, whenever you want to check that the current user has rights to do something, call has_capability() like this:&lt;br /&gt;
    if (!has_capability(&#039;mod/forum:viewforum&#039;, $context)) {&lt;br /&gt;
        print_error(&#039;nopermissiontoviewforum&#039;);&lt;br /&gt;
    }&lt;br /&gt;
* If you just want to assert a capability and then finish with an error message if it&#039;s not met (as we did above), then a shorter way it to use require_capability() like this:&lt;br /&gt;
&lt;br /&gt;
    require_capability(&#039;mod/forum:viewforum&#039;, $context);&lt;br /&gt;
&lt;br /&gt;
* Note that there are extra parameters you can specify to get a custom error message, otherwise users get an automated &amp;quot;No permissions&amp;quot; message that lists the permission they were missing.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
As a result of the new Roles System, all calls to isadmin(), iscoursecreator, isteacheredit(), isteacher(), isstudent(), and isguest() will have to be replaced with calls to has_capability() or require_capability().   However, these functions will be retained for some backward compatibility with old code, using the legacy capabilities to try and work out what to do.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Problem areas we are working on ==&lt;br /&gt;
&lt;br /&gt;
===Student view===&lt;br /&gt;
&lt;br /&gt;
The &amp;quot;Student view&amp;quot; button has been removed completely.&lt;br /&gt;
&lt;br /&gt;
If there is time and a secure way can be found, it will be replaced by a menu to let the user assume a temporary role in the context of that course.&lt;br /&gt;
&lt;br /&gt;
===Teacher forum===&lt;br /&gt;
&lt;br /&gt;
Teacher forums were always a curious exception to normal forums, as they were not part of a course as such, and were not backed up.&lt;br /&gt;
&lt;br /&gt;
We&#039;re taking the opportunity to rectify this.   The upgrade converts teacher forums with content to normal forums in section 0 of the course, and ensures that only teachers can access them.  If the teacher forum had not been used in the course then it&#039;s not converted and will just dissappear.&lt;br /&gt;
&lt;br /&gt;
===Enrolment plugins===&lt;br /&gt;
&lt;br /&gt;
====Process of logging in====&lt;br /&gt;
&lt;br /&gt;
(more soon)&lt;br /&gt;
&lt;br /&gt;
====Process of checking access to a course====&lt;br /&gt;
&lt;br /&gt;
require_login($course-&amp;gt;id) is called by the script and has logic like this:&lt;br /&gt;
&lt;br /&gt;
# Is the user a guest at site level?&lt;br /&gt;
## Yes: Does the course allow guests?&lt;br /&gt;
### Yes: return true (and further capabilities are checked by the script)&lt;br /&gt;
### No:  send the user to course/enrol.php for enrolment&lt;br /&gt;
## No: continue below&lt;br /&gt;
&lt;br /&gt;
# Does the user have moodle/course:view in that (course) context?&lt;br /&gt;
## Yes: then they can enter (and further capabilities are checked by the script)&lt;br /&gt;
##  No: is guest access allowed on the course?&lt;br /&gt;
### Yes: assign temporary guest role to that user for that context (in session cache).&lt;br /&gt;
### No: send the user to course/enrol.php for enrolment.&lt;br /&gt;
&lt;br /&gt;
====Process of enrolling====&lt;br /&gt;
&lt;br /&gt;
(more soon)&lt;br /&gt;
&lt;br /&gt;
==Scenario brainstorming==&lt;br /&gt;
&lt;br /&gt;
This section is for brainstorming some example roles that we would like to support.  Note some of these *may* not be possible in 1.7.&lt;br /&gt;
&lt;br /&gt;
===Student===&lt;br /&gt;
Obviously.&lt;br /&gt;
&lt;br /&gt;
===Site Designers===&lt;br /&gt;
Is there a role for people involved in how the site looks but not full administrators? Thinking here of online control of themes rather than FTP theme uploading. But in either case they caneditlogos, caneditcss, candeditlevelatwhichthemeapplies.&lt;br /&gt;
&lt;br /&gt;
===Educational Authority Adviser===&lt;br /&gt;
Someone who would want to browse the site and may be asked to comment or contribute to particular discussions or developments in school. Access for this role would be controlled by the school in the case of school level moodles but may be different if there were to be a Local Authority wide Moodle.&lt;br /&gt;
&lt;br /&gt;
===Educational Inspector===&lt;br /&gt;
Someone who will visit the site to verify the school&#039;s self review that comments on home school relationships, extending the classroom etc. They may want to see summaries of usage and reports from surveys garnering parent and pupil views.&lt;br /&gt;
&lt;br /&gt;
===Second Marker / Moderator===&lt;br /&gt;
A teacher within ths site that has access to assignments and quizzes from another teacher&#039;s course for second marking purposes. This may need additional functionality adding to the assignment module so that two sets of grades/feedback can be given to one set of assignments.&lt;br /&gt;
&lt;br /&gt;
===Peer observer of teaching===&lt;br /&gt;
Many institutions encourage peer observation of teaching, to encourage reflection on practice. In online environments this will be similar to moderation or inspection. The peer observer would need to be able to experience the course &amp;quot;as a student&amp;quot;, but also to be able to view summaries of usage, transcripts of interactions (forums/surveys/polls etc), grades assigned (e.g. in assignments).&lt;br /&gt;
&lt;br /&gt;
===External Examiner===&lt;br /&gt;
Has all the rights of inspectors, but would also need to be able to review assignments and feedback, view forums, glossaries etc. However, would not want to post, feedback onto the site at all.&lt;br /&gt;
&lt;br /&gt;
===Parent===&lt;br /&gt;
A parent will have one or more children in one or more institutions which could be using one or more moodle instances or a mixture of Learning Platforms. A parent&#039;s role will vary depending on the age of their children and whether they are contributing as a parent or a school supporter.&lt;br /&gt;
&lt;br /&gt;
In Early Years (EY=3+4 yr olds) and Key Stage 1 (KS1=5+6 yr olds) they may play/learn on an activity or write for the child. Parents often interpret homework tasks and read to their children perhaps filling in a joint reading diary. In Key Stage 2 (KS2=7-11 yr olds) parents would be more monitoring but may join in as well.&lt;br /&gt;
&lt;br /&gt;
In Key stages 3 (KS3=12-14 yr olds) and 4 (KS4=15+16 yr olds) this changes to more of a monitoring/awareness role where a parent would expect to have a summary report of attendance, attainment and general achievement on a weekly/monthly/termly or annual basis. Parents will often be asked to sign and write back comments about this review report.&lt;br /&gt;
&lt;br /&gt;
In all Key Stages there is a great need for parents to receive communication from the school which they can confirm they have received by signing a form. In some cases this may also involve making choices from a list. It may also involve payment for a trip or disco being returned so there could be the possibility of electronic payments. Also in all Key Satges there may be a home-school agreement which may be signed up to. Could this form part of a site policy system that incorporates a tickable list of activities the parent agrees to the child using (blogs/wikis/forums etc.)?&lt;br /&gt;
&lt;br /&gt;
Parent&#039;s evenings often involve complex booking systems that attempt to get parent&#039;s and teachers together. Easy for EY/KS1/KS2 very difficult for KS3/KS4. Wow would this help if it was built into the Learning Platform.&lt;br /&gt;
&lt;br /&gt;
In some cases there needs to be confidential communication between the parent and the teacher without the child being party to this. It may involve teaching and learning but could also involve a behaviour or medical issue. Often this may be done via a sealed letter or face to face. &lt;br /&gt;
&lt;br /&gt;
The latest incarnation of OfSTED with the Self Review Framework (SEF) there is a greater emphasis on schools gathering parent voice via surveys and discussion. There is a clear match here with parents have access to parental votes, questionnaires and discussions and for schools to be able to publish news, results and reports back to parents.&lt;br /&gt;
&lt;br /&gt;
In the UK the LP framework and agenda as being pushed by the DfES via Becta emphasises that within the mandatory groups and roles functionality the parent role is likely to be required to meet the LP Framework procurement standard.&lt;br /&gt;
&lt;br /&gt;
Again in the UK, parents have their own independent right of access to a child&#039;s educational records. Obviously, children&#039;s records must not be made available to other parties, including the parents of other children in the same class. Thus it would be necessary to associate parent accounts with their own child&#039;s accounts in such a way that they could, if so desired, have read access to their child&#039;s grades, answers and contributions, but generally not those of other children - this may be problematic in the case of wiki activities or forum posts.&lt;br /&gt;
&lt;br /&gt;
There is some concern that children&#039;s forum contributions etc may be constrained if their parents are able to read all that they write; this may be particularly problematic in areas such as Personal, Social and Health Education (PSHE), where some schools may choose to use obfuscated usernames.&lt;br /&gt;
&lt;br /&gt;
===Manager===&lt;br /&gt;
&#039;&#039;Please add text here...&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Weekly Seminar Leader===&lt;br /&gt;
&#039;&#039;In a university seminar, typically 8-15 students in their 3rd/4th year, each student is responsible for leading one topic in a study series.  I ask each student to research 5-10 resources, then give a powerpoint presentation to the other students.  This is followed by an in-class discussion and then online homework.  The homework involves some fun quiz questions and then some reflective journal questions.  I ask each seminar leader to prepare the quiz questions and journal questions as well as their presentation.  To do that, I would like to assign activity-making/authoring roles to the student--either for a short period, or for duration of the whole course.  Thus &amp;quot;Allow Quiz Authoring Role&amp;quot; or &amp;quot;Allow Assignment Authoring Role&amp;quot; at the course level or, if possible, even the Topic level (in a topic or week format course) would be important.&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Mentor/Mentee===&lt;br /&gt;
&#039;&#039;Please add text here...&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Community-Designed Rating Criteria===&lt;br /&gt;
&#039;&#039;The gradebook tends to be the domain of the teacher.  What if community/peer ratings/marks could also be entered there? What if peer assessment criteria could be designed by the students, not just the teacher?&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Visitor===&lt;br /&gt;
&lt;br /&gt;
This would be a role whereby one could allow a visitor to visit one&#039;s classroom. This might be a colleague interested in seeing your course, or a journalist who might be writing an article about one&#039;s site. They should not be able to see the names of any students anywhere (eg recent activity, forum posts) for privacy reasons. They should be able to try out things like quizzes, and lessons but no grades would be recorded (like in teacher preview mode). They would not be able to participate in choices and forums but could view them. It would be read only in a way like former-student role below but without access to a particular student&#039;s records that former student role would grant.&lt;br /&gt;
&lt;br /&gt;
===Guest Speaker===&lt;br /&gt;
&lt;br /&gt;
This role would be similar to the Visitor role above, but would allow seeing student names, and also allow both reading and posting to a specific forum or forums. We often have &amp;quot;guest speakers&amp;quot; who read and respond to student forum posts. Right now we have to add them as students, which isn&#039;t ideal.&lt;br /&gt;
&lt;br /&gt;
===Former Student===&lt;br /&gt;
This role would be of particular use for courses with rolling enrollments. This role would be one where a student had completed all of the requirements of a course (ie assignments, quizzes etc.) but wished to have continued access to the course material for review or consultation. The key factor is that one would give access to the completed student to the notes he read, his work and the teacher&#039;s comments on it, but he would not be allowed to do anything that would take up the teacher&#039;s time. In other words, a sort-of read-only access to the course. How forums, which might contain pertinent information and would continue to grow, would be handled is a question. Perhaps the student would be shown only what was in the forums at the time he completed the course. He would not be allowed to see any new posts or add any himself. Same thing for database and glossary entries. In other words, a snapshot of the course at the time his regular enrollment ended. He shouldn&#039;t be able to see the names or profiles of any newly enrolled students for privacy reasons-hence the restrictions on forum access. One issue that would have to be dealt with would be changes to existing modules-such as resources. Does the student get access to the module as it was or as it is? We have no versioning of resources in Moodle so this would be a problem. What about a teacher changing a quiz question so that the answer is different? What would a former student see?&lt;br /&gt;
&lt;br /&gt;
===Alumnus=== An ALUMNUS should be able to search for all other ALUMNI of the school, interact with them and be enrolled in a seperate course - which is like a META course with all the content of his learning and interaction - as well as capabilities to be a part of this ALUMNI only course.  All the teachers of courses during school years should automatically be a part of the ALUMNI course .. which means when an ALUMNUS is enrolled in a course, the original teachers of all his courses get enrolled ?  --[[User:Anil Sharma|Anil Sharma]] 20:54, 15 July 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Librarian===&lt;br /&gt;
&lt;br /&gt;
Reference Librarians have an active role in most of the courses taught at some schools such as Earlham College (with Bibliographic Instruction). The Librarian role within Moodle could encompass default read access to all courses (unless prohibited by course teacher) and read access to all components of the course unless access is barred (again by teacher). The Librarians would also perhaps have a block called perhaps Reference Services or Reference Desk with write access where they could deposit resources. Also this block might have a chat applet whereby enrolled students could chat to the Reference Librarian on duty about their bibliographic research needs.&lt;br /&gt;
&lt;br /&gt;
In schools there is often a book review system. This may be covered by the lending system database but may not in which case a librarian may neeed to have a course area they can create a database template to handle the reviews in which case they may have a normal teacher style role? Off topic but course an integration with common schools database systems would be great.&lt;br /&gt;
&lt;br /&gt;
===Teacher===&lt;br /&gt;
&lt;br /&gt;
Teachers should have read access to other Teacher&#039;s courses unless explictly prohibited. They should be able to set parts of their own course to be totally private (perhaps even to admin?). Just as each activity can currently be set to have group access, each activity could have a permissions field. Teachers could set default permissions for all activities on their course (eg they might disallow Librarian access for example) and then change the access permission for an individual activity. &lt;br /&gt;
&lt;br /&gt;
I think that what is needed is a simple heirarchy of permissions and levels of granularity.&lt;br /&gt;
&lt;br /&gt;
I would take issue with &amp;quot;teachers should have read access to other teacher&#039;s courses unless explicitly prohibited.&amp;quot; This is a violation of the students&#039; privacy as how they perform and what they do in one class isn&#039;t the business of another teacher. Moreover, in the real world a teacher wouldn&#039;t suddenly go sit in on a colleague&#039;s class without asking permission first. I would not have appreciated such an invasion of privacy as either a teacher or a student. It could be an option, but shouldn&#039;t be default.--[[User:N Hansen|N Hansen]] 19:54, 12 June 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Community Education Tutors/Trainers===&lt;br /&gt;
Teachers may be community adult education trainers making use of a school moodle so must only have access to their courses unless given access elsewhere. They would not necessarily get the default teacher privileges.&lt;br /&gt;
&lt;br /&gt;
===Secretary/Student Worker===&lt;br /&gt;
&lt;br /&gt;
We often have faculty who want their departmental secretary or student worker to scan and upload files and perhaps create resources. Currently they have to be given teacher access to the course. This is dangerous from a FERPA standpoint since they could easily get access to grades.&lt;br /&gt;
&lt;br /&gt;
===Teaching Assistant===&lt;br /&gt;
&lt;br /&gt;
Our Faculty frequently have undergraduate students acting as Teaching Assistants. These students need to be able to add resources, create assignments, and possibly grade assignments. However, due to FERPA they cannot have access to other students&#039; overall grade information. I think the requirements here are slightly different than those of Secretary/Student Worker&lt;br /&gt;
&lt;br /&gt;
===Student - FERPA rights===&lt;br /&gt;
&lt;br /&gt;
A student that has asserted their FERPA rights to non-disclosure.  Typically includes not publishing their name&lt;br /&gt;
in any public place.  Could include this student only being seen with an &amp;quot;alias&amp;quot; within course spaces.  Is this an attribute rather&lt;br /&gt;
than a role?&lt;br /&gt;
&lt;br /&gt;
===Help Desk===&lt;br /&gt;
&lt;br /&gt;
Help desk agents that have read access for the purposes of trouble shooting.  Some care in placing this role within a hierarchy&lt;br /&gt;
of inheritance is needed, full access will be problematic with FERPA.&lt;br /&gt;
&lt;br /&gt;
===Admin - Catgory based===&lt;br /&gt;
&lt;br /&gt;
Basically a person in between full Admin and Creator that has the permissions of an Admin but only with respect to courses and students. Currently a Creator has permissions site-wide which does not always meet the requirements of a given organisation (e.g. Department A may not be happy that a person from Department B can create/modify courses within Department A&#039;s area). The ability to designate a Creator within a specific category would allow areas to be set up for a faculty/department/organisation and allow the Admin for that area to create/delete courses, upload users, add site-wide entries to the calendar etc.&lt;br /&gt;
&lt;br /&gt;
===Process Roles===&lt;br /&gt;
&lt;br /&gt;
organising the learning process for a group you wish to have the choice to place students in differnt roles: examples of this are:&lt;br /&gt;
* Give a student the role of forum-moderator with edit and chunk-rights&lt;br /&gt;
* Give students different roles &amp;amp; rights in a Webquest design (and change these roles next week&lt;br /&gt;
* Give students different resources, depending of their roles in a rolegame/simulation&lt;br /&gt;
* Give a student the rights to create the section content of next week (and only that week..)&lt;br /&gt;
&lt;br /&gt;
==Things to finish for 1.7 Beta==&lt;br /&gt;
&#039;&#039;&#039;18 Sept 2006&#039;&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
#Remove core references to user_student, user_teacher, user_admin, user_coursecreator tables.  [Yu]&lt;br /&gt;
#Address function: isteacher, isadmin, isstudent [Yu]&lt;br /&gt;
#Remove &amp;quot;view&amp;quot; capabilities from all modules unless required [Vy]&lt;br /&gt;
#Remove all old references from remaining Blocks [Vy]&lt;br /&gt;
#Metacourses [Skodak]&lt;br /&gt;
#Add risks to GUI[Skodak]&lt;br /&gt;
#Fixing debugging calls [Martin]&lt;br /&gt;
#Enrolment plugins  [Martin]&lt;br /&gt;
#Statistics [Catalyst]&lt;br /&gt;
#Backups [Eloy?]&lt;br /&gt;
&lt;br /&gt;
==See also==&lt;br /&gt;
&lt;br /&gt;
*Using Moodle [http://moodle.org/mod/forum/discuss.php?d=38788 Roles and Permissions architecture] forum discussion&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[Category:Future]]&lt;br /&gt;
[[Category:Roles]]&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Roles&amp;diff=3098</id>
		<title>Roles</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Roles&amp;diff=3098"/>
		<updated>2006-09-11T05:15:27Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* Core-level Capabilities */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&#039;&#039;&#039;Roles and permissions&#039;&#039;&#039; will be in Moodle 1.7 and are available in the developer version of Moodle.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Definitions==&lt;br /&gt;
&lt;br /&gt;
A role is an identifier of the user&#039;s status in some context, for example, teacher, student and forum moderator are examples of roles.&lt;br /&gt;
&lt;br /&gt;
A capability is a description of some particular Moodle feature. Capabilities are associated with roles. For example, &#039;&#039;mod/forum:replypost&#039;&#039; is a capability.&lt;br /&gt;
&lt;br /&gt;
A permission is some value that is assigned for a capability for a particular role.  For example, allow or prevent.&lt;br /&gt;
&lt;br /&gt;
A context is a &amp;quot;space&amp;quot; in the Moodle, such as courses, activity modules, blocks etc.&lt;br /&gt;
&lt;br /&gt;
==The existing system==&lt;br /&gt;
&lt;br /&gt;
Currently in Moodle, we have a fixed set of roles i.e. primary admin, admins, course creators, editing teachers, non-editing teachers, students, and guests. For each role, the capability or actions that they can performed are fixed. For example, the role student allows the user to submit an assignment, but doesn&#039;t allow the user to browse/edit other users&#039; work. By using this setup we limit ourselves to a rather rigid set of capabilities for each role. If we want, say a particular student or group to be able to mark assignments in a particular course, we can&#039;t do that without giving these users teacher privileges.&lt;br /&gt;
&lt;br /&gt;
==The new roles and capability system==&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{{Moodle 1.7}}The new system will allow authorized users to define an arbitrary number of roles (eg a teacher) &lt;br /&gt;
&lt;br /&gt;
A role consists of a list of permissions for different possible actions within Moodle (eg delete discussions, add activities etc)&lt;br /&gt;
&lt;br /&gt;
Roles can be applied to users in a context (eg assign Fred as a teacher in a particular course)&lt;br /&gt;
&lt;br /&gt;
Here are the possible contexts, listed from the most general to the most specific. &lt;br /&gt;
&lt;br /&gt;
#CONTEXT_SYSTEM&lt;br /&gt;
#CONTEXT_PERSONAL&lt;br /&gt;
#CONTEXT_USERID&lt;br /&gt;
#CONTEXT_COURSECAT&lt;br /&gt;
#CONTEXT_COURSE&lt;br /&gt;
#CONTEXT_GROUP&lt;br /&gt;
#CONTEXT_MODULE&lt;br /&gt;
#CONTEXT_BLOCK&lt;br /&gt;
&lt;br /&gt;
An authorized user will be able to assign an arbitrary number of roles to each user in any context.&lt;br /&gt;
&lt;br /&gt;
Capabilities can have the following permissions:&lt;br /&gt;
&lt;br /&gt;
#CAP_INHERIT&lt;br /&gt;
#CAP_ALLOW&lt;br /&gt;
#CAP_PREVENT&lt;br /&gt;
#CAP_PROHIBIT&lt;br /&gt;
&lt;br /&gt;
If no permission is defined, then the capability permission is inherited from a context that is more general than the current context. If we define different permission values for the same capability in different contexts, we say that we are overriding the capability in the more specific context.&lt;br /&gt;
&lt;br /&gt;
Since the capabilities in each role could be different, there could be conflict in capabilities. This is resolved by enforcing the rule that the capability defined for a more specific context will win, unless a prohibit is encountered in a less specific context.&lt;br /&gt;
&lt;br /&gt;
For example, Mark has a student role at course level, which allows him to write into a wiki. But Mark also got assigned a Visitor role at a module context level (for a particular wiki) which prevents him from writing to the wiki (read only). Therefore, for this particular wiki, Mark will not be able to write to the wiki since the more specific context wins.&lt;br /&gt;
&lt;br /&gt;
If we set a prohibit on a capability, it means that the capability cannot be overridden and will always have a permission of prevent (deny). Prohibit always wins. For example, Jeff has a naughty student role that prohibits him from postings in any forums (for the whole site), but he&#039;s also assigned a facilitator role in &amp;quot;Science forum&amp;quot; in the course Science and Math 101. Since prohibit always wins, Jeff is unable to post in &amp;quot;Science forum&amp;quot;.&lt;br /&gt;
&lt;br /&gt;
Allow and prevent will cancel each other out if set for the same capability at the same context level. If this happens, we refer to the previous context level to determine the permission for the capability.&lt;br /&gt;
&lt;br /&gt;
This may sound more complex than it really is in practice.  The upshot is that the system can be flexible enough to allow any combination of permissions.&lt;br /&gt;
&lt;br /&gt;
==Upgrading from 1.6==&lt;br /&gt;
&lt;br /&gt;
A smooth upgrade will be provided with 1.7. The existing roles (admin, teacher, student, etc), and the existing capabilities will be automatically retained.  This is done by creating default roles at site/course levels, and assigning the current users to these roles accordingly. The default roles will have default capabilities associated with them, mirroring what we have  in 1.6.   With no modifications, Moodle will operate exactly the same before and after the upgrade.&lt;br /&gt;
&lt;br /&gt;
===Teachers===&lt;br /&gt;
&lt;br /&gt;
Users who were teachers will be assigned the default legacy teacher role (or non-editing teacher role) in all courses they were teacher.&lt;br /&gt;
&lt;br /&gt;
===Students===&lt;br /&gt;
&lt;br /&gt;
Users who were students will be assigned the default student role in all courses they were student.&lt;br /&gt;
&lt;br /&gt;
===Guests===&lt;br /&gt;
&lt;br /&gt;
There will still be a single guest user with no default role at site level.   For each course that allows guest access, the guest role will be assigned to the guest user for that course context.   The guest control for the course will be modified from three to two options (guests always need to enter enrolment key - on/off).  This setting is checked as now to force guests to enter key.&lt;br /&gt;
&lt;br /&gt;
==Capabilities==&lt;br /&gt;
&lt;br /&gt;
This will be a comprehensive list of capabilities (it&#039;s not complete yet). It is important that capability names are unique.&lt;br /&gt;
&lt;br /&gt;
===Core-level Capabilities===&lt;br /&gt;
&lt;br /&gt;
Moodle core capability names start with &#039;moodle/&#039;.  The next word indicates what type of core capability it is, and the last word is the actual capability itself.  The capabilities for the Moodle core are defined in lib/db/access.php&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
#moodle/legacy:guest - legacy capabilities are used to transition existing users to the new roles system during the upgrade to Moodle 1.7&lt;br /&gt;
#moodle/legacy:student&lt;br /&gt;
#moodle/legacy:teacher&lt;br /&gt;
#moodle/legacy:editingteacher&lt;br /&gt;
#moodle/legacy:coursecreator&lt;br /&gt;
#moodle/legacy:admin&lt;br /&gt;
#moodle/site:doanything - special capability, meant for admins, if is set, overrides all other capability settings&lt;br /&gt;
#moodle/site:config - applicable in admin/index.php and config.php (might break down later) : 1)admin/config.php 2)admin/configure.php 3)blocks/admin/block_admin.php load_content_for_site()&lt;br /&gt;
#moodle/site:readallmessages - reads all messages and history&lt;br /&gt;
#moodle/site:approvecourse - approves a pending course&lt;br /&gt;
#moodle/site:manageblocks - adding/removing/editing blocks (site, course contexts only for now) : 1)_add_edit_controls moodleblock.class.php &lt;br /&gt;
#moodle/site:backup - can create a course backup : 1)course/category.php 2)block_admin.php&lt;br /&gt;
#moodle/site:restore - can restore into this context : 1)course/category.php 2)block_admin.php&lt;br /&gt;
#moodle/site:import - can import other courses into this context : 1)block_admin.php&lt;br /&gt;
#moodle/site:accessallgroups - able to access all groups irrespective of what group the user is in&lt;br /&gt;
#moodle/site:accessdb - directly accessing db (phpmyadmin)&lt;br /&gt;
#moodle/site:viewfullnames - able to see fullnames of other users&lt;br /&gt;
#moodle/site:viewreports - able to view site/course reports&lt;br /&gt;
#moodle/site:trustcontent - ability to use trusttext feature and bypass cleaning in specific areas&lt;br /&gt;
#moodle/blog:view - read blogs&lt;br /&gt;
#moodle/blog:create - write new blog posts&lt;br /&gt;
#moodle/blog:manageofficialtags - create/delete official blog tags that others can use&lt;br /&gt;
#moodle/blog:managepersonaltags - create/delete official blog tags that others can use&lt;br /&gt;
#moodle/blog:manageentries - edit/delete all blog entries&lt;br /&gt;
#moodle/course:setcurrentsection - mark course section&lt;br /&gt;
#moodle/course:create - create courses : 1)course/edit.php 2)course/category.php 3)course/index.php&lt;br /&gt;
#moodle/course:delete - create courses : 1)course/category.php&lt;br /&gt;
#moodle/course:update - update course settings&lt;br /&gt;
#moodle/course:view - can use this to find participants&lt;br /&gt;
#moodle/course:viewparticipants - allows a user to view participant list&lt;br /&gt;
#moodle/course:viewscales - view scales (i.e. in a help window?) : 1)course/scales.php&lt;br /&gt;
#moodle/course:manageactivities - adding/removing/editing activities and resources (don&#039;t think it makes any sense to split these)&lt;br /&gt;
#moodle/course:managescales - add, delete, edit scales, move scales up and down : 1)blocks/block_admin.php 2)course/scales.php&lt;br /&gt;
#moodle/course:managegroups - managing groups, add, edit, delete : 1)course/groups.php 2)course/group.php&lt;br /&gt;
#moodle/course:managefiles - manage course files and folders&lt;br /&gt;
#moodle/course:managequestions - manage course questions&lt;br /&gt;
#moodle/course:reset - able to reset the course&lt;br /&gt;
#moodle/course:visibility - hide/show courses : 1)course/category.php&lt;br /&gt;
#moodle/course:viewhiddencourses - see hidden courses&lt;br /&gt;
#moodle/course:activityvisibility - hide/show activities within a course&lt;br /&gt;
#moodle/course:viewhiddenactivities - able to see activities that have been hidden&lt;br /&gt;
#moodle/course:sectionvisibility - hide/show sections&lt;br /&gt;
#moodle/course:viewhiddensections - view hidden sections&lt;br /&gt;
#moodle/course:viewcoursegrades - views all grades in course&lt;br /&gt;
#moodle/course:viewhiddenuserfields - view all hidden user fields&lt;br /&gt;
#moodle/course:managegrades - manages grades settings in course&lt;br /&gt;
#moodle/category:create - create category : 1)course/index.php&lt;br /&gt;
#moodle/category:delete - delete category : 1)course/index.php&lt;br /&gt;
#moodle/category:update - update category settings (sort and rename) this is currently an admin capability : 1)course/category.php&lt;br /&gt;
#moodle/category:visibility - hide/show categories : 1)course/index.php&lt;br /&gt;
#moodle/user:viewusergrades - view your own, or other user&#039;s grades (with specified context)&lt;br /&gt;
#moodle/user:create - create user : 1) user/edit.php&lt;br /&gt;
#moodle/user:delete - delete user : 1) admin/user.php&lt;br /&gt;
#moodle/user:update - update user settings : 1) user/edit.php&lt;br /&gt;
#moodle/user:viewdetails - view personally-identifying user details (e.g. name, photo). This ties in with the &amp;quot;visitor&amp;quot; scenario described below.&lt;br /&gt;
#moodle/calendar:manageownentries - create/edit/delete &lt;br /&gt;
#moodle/calendar:manageentries - create/edit/delete&lt;br /&gt;
#moodle/role:assign - assign roles to users&lt;br /&gt;
#moodle/role:override - can override role capabilities (depending on context)&lt;br /&gt;
#moodle/role:manage - create/edit/delete roles, set capability permissions for each role&lt;br /&gt;
#moodle/question:import - imports questions (course level?) - Yes, question permissions currently need to be course-level.--[[User:Tim Hunt|Tim Hunt]]&lt;br /&gt;
#moodle/question:export - exports questions (course level?)&lt;br /&gt;
#moodle/question:managecateory - add/delete/edit question categories (course level?)&lt;br /&gt;
#moodle/question:manage - add/edit/delete a question (course level)&lt;br /&gt;
&lt;br /&gt;
===User-level Capabilities===&lt;br /&gt;
# moodle/user:readuserposts -read individual user posts on profile page (parent?)&lt;br /&gt;
# moodle/user:readuserblogs -read individual user blogs on profile page (parent?)&lt;br /&gt;
# moodle/user:viewuseractivitiesreport-read individual activity report on profile page (parent?)&lt;br /&gt;
# moodle/user:editprofile - edit profile (normally used in CONTEXT_USERID and CONTEXT_SYSTEM)&lt;br /&gt;
&lt;br /&gt;
===Module-level Capabilities===&lt;br /&gt;
The capabilities are cached into a database table when a module is installed or updated. Whenever the capability definitions are updated, the module version number should be bumped up so that the database table can be updated.&lt;br /&gt;
&lt;br /&gt;
The naming convention for capabilities that are specific to modules and blocks is &#039;mod/mod_name:capability&#039;.  The part before the colon is the full path to the module in the Moodle code.  The module capabilities are defined in mod/mod_name/db/access.php.&lt;br /&gt;
&lt;br /&gt;
#Assignment&lt;br /&gt;
##mod/assignment:view- reading the assignment description&lt;br /&gt;
##mod/assignment:submit - turn assignment in&lt;br /&gt;
##mod/assignment:grade - grading, viewing of list of submitted assignments&lt;br /&gt;
#Chat&lt;br /&gt;
##mod/chat:chat - allows a user to participate in this chat&lt;br /&gt;
##mod/chat:readlog - allows a user to read past chat session logs&lt;br /&gt;
##mod/chat:deletelog - allows a user to delete past chat logs&lt;br /&gt;
#Choice&lt;br /&gt;
##mod/choice:choose - make a choice&lt;br /&gt;
##mod/choice:readresponses - read all responses&lt;br /&gt;
##mod/choice:deleteresponses - deletes all responses&lt;br /&gt;
##mod/choice:downloadresponses - download responses&lt;br /&gt;
#Database&lt;br /&gt;
##mod/data:readentry - reads other people&#039;s entry&lt;br /&gt;
##mod/data:writeentry - add / edit and delete (own) entries&lt;br /&gt;
##mod/data:managetemplates - add, delete, edit fields and templates&lt;br /&gt;
##mod/data:manageentries - edit/delete all entries&lt;br /&gt;
##mod/data:comment - comment&lt;br /&gt;
##mod/data:managecomments - edit/delete all comments&lt;br /&gt;
##mod/data:rate - rate an entry&lt;br /&gt;
##mod/data:approve - approves an entry&lt;br /&gt;
##mod/data:uploadentries - batch upload of entries&lt;br /&gt;
#Exercise&lt;br /&gt;
##mod/exercise:assess&lt;br /&gt;
#Forum&lt;br /&gt;
##mod/forum:viewforum&lt;br /&gt;
##mod/forum:viewdiscussion&lt;br /&gt;
##mod/forum:viewdiscussionsfromallgroups&lt;br /&gt;
##mod/forum:viewhiddentimedposts&lt;br /&gt;
##mod/forum:startdiscussion&lt;br /&gt;
##mod/forum:replypost&lt;br /&gt;
##mod/forum:viewrating&lt;br /&gt;
##mod/forum:viewanyrating&lt;br /&gt;
##mod/forum:rate&lt;br /&gt;
##mod/forum:createattachment&lt;br /&gt;
##mod/forum:deleteownpost&lt;br /&gt;
##mod/forum:deleteanypost&lt;br /&gt;
##mod/forum:splitdiscussions&lt;br /&gt;
##mod/forum:movediscussions&lt;br /&gt;
##mod/forum:editanypost&lt;br /&gt;
##mod/forum:viewqandawithoutposting&lt;br /&gt;
##mod/forum:viewsubscribers&lt;br /&gt;
##mod/forum:managesubscriptions&lt;br /&gt;
##mod/forum:throttlingapplies&lt;br /&gt;
#Glossary&lt;br /&gt;
##mod/glossary:view - read entries&lt;br /&gt;
##mod/glossary:write - add entries&lt;br /&gt;
##mod/glossary:manageentries - add, edit, delete entries&lt;br /&gt;
##mod/glossary:managecategories - create, delete, edit categories&lt;br /&gt;
##mod/glossary:comment - comment on an entry&lt;br /&gt;
##mod/glossary:managecomments - edit, delete comments&lt;br /&gt;
##mod/glossary:import - import glossaries&lt;br /&gt;
##mod/glossary:export - export glossaries&lt;br /&gt;
##mod/glossary:approve - approve glossaries&lt;br /&gt;
##mod/glossary:rate - rates glossary&lt;br /&gt;
##mod/glossary:viewrating - view ratings&lt;br /&gt;
#Hotpot&lt;br /&gt;
##mod/hotpot:attempt - attempt a hotpot&lt;br /&gt;
##mod/hotpot:viewreport - review and view reports&lt;br /&gt;
##mod/hotpot:grade - (grade? and) regrade&lt;br /&gt;
##mod/hotpot:deleteattempt - deletes attempts&lt;br /&gt;
#Label&lt;br /&gt;
##none&lt;br /&gt;
#Lams&lt;br /&gt;
##TBD&lt;br /&gt;
#Lesson&lt;br /&gt;
##mod/lesson:view&lt;br /&gt;
##mod/lesson:edit - add and edit pages&lt;br /&gt;
##mod/lesson:manage - view student attempts&lt;br /&gt;
#Quiz&lt;br /&gt;
##mod/quiz:grade - comment, override grade, manual grade&lt;br /&gt;
##mod/quiz:preview - previews the quiz&lt;br /&gt;
##mod/quiz:viewreports - view quiz result reports&lt;br /&gt;
##mod/quiz:manage - add/delete/move (up or down) questions for a quiz&lt;br /&gt;
##mod/quiz:attempt - attempt the quiz--[[User:Tim Hunt|Tim Hunt]]&lt;br /&gt;
#Resource&lt;br /&gt;
##mod/resource:view&lt;br /&gt;
#Scorm&lt;br /&gt;
##mod/scorm:view&lt;br /&gt;
##mod/scorm:viewgrades&lt;br /&gt;
#Survey&lt;br /&gt;
##mod/survey:download - downloads survery result&lt;br /&gt;
##mod/survey:participate - participate/ do survey&lt;br /&gt;
##mod/survey:readresponses - read all user&#039;s responese&lt;br /&gt;
#Wiki&lt;br /&gt;
##Waiting on new wiki&lt;br /&gt;
#Workshop&lt;br /&gt;
##mod/workshop:view - basic capability neede to enter workshop&lt;br /&gt;
##mod/workshop:participace - original student, allows use to submit and assess&lt;br /&gt;
##mod/workshop:manage - original teacher, user can manage others&lt;br /&gt;
##(Waiting on new Workshop)&lt;br /&gt;
&lt;br /&gt;
===Enrolment-level Capabilities===&lt;br /&gt;
&lt;br /&gt;
The naming convention for capabilities that are specific to enrolment is &#039;enrol/enrol_name:capability&#039;. The enrolment capabilities are defined in enrol/enrol_name/db/access.php.&lt;br /&gt;
&lt;br /&gt;
#Authorize.net Payment Gateway &lt;br /&gt;
##enrol/authorize:managepayments - manage user payments, capture, void, refund, delete etc.&lt;br /&gt;
&lt;br /&gt;
===Blocks===&lt;br /&gt;
#activity_modules&lt;br /&gt;
##None&lt;br /&gt;
#admin&lt;br /&gt;
#admin_2&lt;br /&gt;
#admin_bookmarks&lt;br /&gt;
#blog_menu&lt;br /&gt;
#blog_tags&lt;br /&gt;
#calendar_month&lt;br /&gt;
#calendar_upcoming&lt;br /&gt;
#course_list&lt;br /&gt;
#course_summary&lt;br /&gt;
#glossary_random&lt;br /&gt;
#html&lt;br /&gt;
#loancalc&lt;br /&gt;
#login&lt;br /&gt;
#messages&lt;br /&gt;
#news_items&lt;br /&gt;
#online_users&lt;br /&gt;
#participants&lt;br /&gt;
#quiz_results&lt;br /&gt;
#recent_activity&lt;br /&gt;
#rss_client&lt;br /&gt;
#search&lt;br /&gt;
#search_forums&lt;br /&gt;
#section_links&lt;br /&gt;
#site_main_menu&lt;br /&gt;
#social_activities&lt;br /&gt;
&lt;br /&gt;
===Questions===&lt;br /&gt;
I am adding question categories here because they seem to have been forgotten in the whole scheme of things since having been removed from the quiz module itself. I&#039;ve made a suggestion on how these could be handled in [http://www.moodle.org/bugs/bug.php?op=show&amp;amp;bugid=6118&amp;amp;pos= bug 6118].&lt;br /&gt;
&lt;br /&gt;
See [http://moodle.org/mod/forum/discuss.php?d=51143 this forum thread] for a discussion about the current problems wth publishing question categories.[[User:Tim Hunt|Tim Hunt]] 18:50, 8 August 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
==Programming Interface==&lt;br /&gt;
&lt;br /&gt;
Although the Roles system may look complicated at first glance, implementing it in Moodle code is fairly simple.&lt;br /&gt;
&lt;br /&gt;
* You need to define each capability once, so that Moodle can upgrade existing roles to take advantage of it.  You do this in an access.php inside the db folder of any module (eg see mod/forum/db/access.php).  The array contains entries like this (note the descriptions for the legacy roles which provides forward compatibility):&lt;br /&gt;
    &#039;mod/forum:viewforum&#039; =&amp;gt; array(&lt;br /&gt;
        &#039;captype&#039; =&amp;gt; &#039;read&#039;,&lt;br /&gt;
        &#039;contextlevel&#039; =&amp;gt; CONTEXT_MODULE,&lt;br /&gt;
        &#039;legacy&#039; =&amp;gt; array(&lt;br /&gt;
            &#039;guest&#039; =&amp;gt; CAP_PREVENT,&lt;br /&gt;
            &#039;student&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;teacher&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;editingteacher&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;coursecreator&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;admin&#039; =&amp;gt; CAP_ALLOW&lt;br /&gt;
        )&lt;br /&gt;
    ),&lt;br /&gt;
* To load/change these capabilities you need to bump the module version.   There&#039;s no need to provide changes or differences as Moodle will scan the whole array and sort it out.&lt;br /&gt;
* On each page you need to find the context the user is working in, using the get_context_instance() function.  For example, in the forum module:&lt;br /&gt;
&lt;br /&gt;
  $context = get_context_instance(CONTEXT_MODULE, $cm-&amp;gt;id);&lt;br /&gt;
* Then, whenever you want to check that the current user has rights to do something, call has_capability() like this:&lt;br /&gt;
    if (!has_capability(&#039;mod/forum:viewforum&#039;, $context)) {&lt;br /&gt;
        print_error(&#039;nopermissiontoviewforum&#039;);&lt;br /&gt;
    }&lt;br /&gt;
* If you just want to assert a capability and then finish with an error message if it&#039;s not met (as we did above), then a shorter way it to use require_capability() like this:&lt;br /&gt;
&lt;br /&gt;
    require_capability(&#039;mod/forum:viewforum&#039;, $context);&lt;br /&gt;
&lt;br /&gt;
* Note that there are extra parameters you can specify to get a custom error message, otherwise users get an automated &amp;quot;No permissions&amp;quot; message that lists the permission they were missing.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
As a result of the new Roles System, all calls to isadmin(), iscoursecreator, isteacheredit(), isteacher(), isstudent(), and isguest() will have to be replaced with calls to has_capability() or require_capability().   However, these functions will be retained for some backward compatibility with old code, using the legacy capabilities to try and work out what to do.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Problem areas we are working on ==&lt;br /&gt;
&lt;br /&gt;
===Student view===&lt;br /&gt;
&lt;br /&gt;
The &amp;quot;Student view&amp;quot; button has been removed completely.&lt;br /&gt;
&lt;br /&gt;
If there is time and a secure way can be found, it will be replaced by a menu to let the user assume a temporary role in the context of that course.&lt;br /&gt;
&lt;br /&gt;
===Teacher forum===&lt;br /&gt;
&lt;br /&gt;
Teacher forums were always a curious exception to normal forums, as they were not part of a course as such, and were not backed up.&lt;br /&gt;
&lt;br /&gt;
We&#039;re taking the opportunity to rectify this.   The upgrade converts teacher forums with content to normal forums in section 0 of the course, and ensures that only teachers can access them.  If the teacher forum had not been used in the course then it&#039;s not converted and will just dissappear.&lt;br /&gt;
&lt;br /&gt;
===Enrolment plugins===&lt;br /&gt;
&lt;br /&gt;
====Process of logging in====&lt;br /&gt;
&lt;br /&gt;
(more soon)&lt;br /&gt;
&lt;br /&gt;
====Process of checking access to a course====&lt;br /&gt;
&lt;br /&gt;
require_login($course-&amp;gt;id) is called by the script and has logic like this:&lt;br /&gt;
&lt;br /&gt;
# Is the user a guest at site level?&lt;br /&gt;
## Yes: Does the course allow guests?&lt;br /&gt;
### Yes: return true (and further capabilities are checked by the script)&lt;br /&gt;
### No:  send the user to course/enrol.php for enrolment&lt;br /&gt;
## No: continue below&lt;br /&gt;
&lt;br /&gt;
# Does the user have moodle/course:view in that (course) context?&lt;br /&gt;
## Yes: then they can enter (and further capabilities are checked by the script)&lt;br /&gt;
##  No: is guest access allowed on the course?&lt;br /&gt;
### Yes: assign temporary guest role to that user for that context (in session cache).&lt;br /&gt;
### No: send the user to course/enrol.php for enrolment.&lt;br /&gt;
&lt;br /&gt;
====Process of enrolling====&lt;br /&gt;
&lt;br /&gt;
(more soon)&lt;br /&gt;
&lt;br /&gt;
==Scenario brainstorming==&lt;br /&gt;
&lt;br /&gt;
This section is for brainstorming some example roles that we would like to support.  Note some of these *may* not be possible in 1.7.&lt;br /&gt;
&lt;br /&gt;
===Student===&lt;br /&gt;
Has this one been missed?&lt;br /&gt;
&lt;br /&gt;
===Site Designers===&lt;br /&gt;
Is there a role for people involved in how the site looks but not full administrators? Thinking here of online control of themes rather than FTP theme uploading. But in either case they caneditlogos, caneditcss, candeditlevelatwhichthemeapplies.&lt;br /&gt;
&lt;br /&gt;
===Educational Authority Adviser===&lt;br /&gt;
Someone who would want to browse the site and may be asked to comment or contribute to particular discussions or developments in school. Access for this role would be controlled by the school in the case of school level moodles but may be different if there were to be a Local Authority wide Moodle.&lt;br /&gt;
&lt;br /&gt;
===Educational Inspector===&lt;br /&gt;
Someone who will visit the site to verify the school&#039;s self review that comments on home school relationships, extending the classroom etc. They may want to see summaries of usage and reports from surveys garnering parent and pupil views.&lt;br /&gt;
&lt;br /&gt;
===Second Marker / Moderator===&lt;br /&gt;
A teacher within ths site that has access to assignments and quizzes from another teacher&#039;s course for second marking purposes. This may need additional functionality adding to the assignment module so that two sets of grades/feedback can be given to one set of assignments.&lt;br /&gt;
&lt;br /&gt;
===Peer observer of teaching===&lt;br /&gt;
Many institutions encourage peer observation of teaching, to encourage reflection on practice. In online environments this will be similar to moderation or inspection. The peer observer would need to be able to experience the course &amp;quot;as a student&amp;quot;, but also to be able to view summaries of usage, transcripts of interactions (forums/surveys/polls etc), grades assigned (e.g. in assignments).&lt;br /&gt;
&lt;br /&gt;
===External Examiner===&lt;br /&gt;
Has all the rights of inpectors, but would also need to be able to review assignments and feedback, view forums, glossaries etc. However, would not want to post, feedback onto the site at all.&lt;br /&gt;
&lt;br /&gt;
===Parent===&lt;br /&gt;
A parent will have one or more children in one or more institutions which could be using one or more moodle instances or a mixture of Learning Platforms. A parent&#039;s role will vary depending on the age of their children and whether they are contributing as a parent or a school supporter.&lt;br /&gt;
&lt;br /&gt;
In Early Years (EY=3+4 yr olds) and Key Stage 1 (KS1=5+6 yr olds) they may play/learn on an activity or write for the child. Parents often interpret homework tasks and read to their children perhaps filling in a joint reading diary. In Key Stage 2 (KS2=7-11 yr olds) parents would be more monitoring but may join in as well.&lt;br /&gt;
&lt;br /&gt;
In Key stages 3 (KS3=12-14 yr olds) and 4 (KS4=15+16 yr olds) this changes to more of a monitoring/awareness role where a parent would expect to have a summary report of attendance, attainment and general achievement on a weekly/monthly/termly or annual basis. Parents will often be asked to sign and write back comments about this review report.&lt;br /&gt;
&lt;br /&gt;
In all Key Stages there is a great need for parents to receive communication from the school which they can confirm they have received by signing a form. In some cases this may also involve making choices from a list. It may also involve payment for a trip or disco being returned so there could be the possibility of electronic payments. Also in all Key Satges there may be a home-school agreement which may be signed up to. Could this form part of a site policy system that incorporates a tickable list of activities the parent agrees to the child using (blogs/wikis/forums etc.)?&lt;br /&gt;
&lt;br /&gt;
Parent&#039;s evenings often involve complex booking systems that attempt to get parent&#039;s and teachers together. Easy for EY/KS1/KS2 very difficult for KS3/KS4. Wow would this help if it was built into the Learning Platform.&lt;br /&gt;
&lt;br /&gt;
In some cases there needs to be confidential communication between the parent and the teacher without the child being party to this. It may involve teaching and learning but could also involve a behaviour or medical issue. Often this may be done via a sealed letter or face to face. &lt;br /&gt;
&lt;br /&gt;
The latest incarnation of OfSTED with the Self Review Framework (SEF) there is a greater emphasis on schools gathering parent voice via surveys and discussion. There is a clear match here with parents have access to parental votes, questionnaires and discussions and for schools to be able to publish news, results and reports back to parents.&lt;br /&gt;
&lt;br /&gt;
In the UK the LP framework and agenda as being pushed by the DfES via Becta emphasises that within the mandatory groups and roles functionality the parent role is likely to be required to meet the LP Framework procurement standard.&lt;br /&gt;
&lt;br /&gt;
Again in the UK, parents have their own independent right of access to a child&#039;s educational records. Obviously, children&#039;s records must not be made available to other parties, including the parents of other children in the same class. Thus it would be necessary to associate parent accounts with their own child&#039;s accounts in such a way that they could, if so desired, have read access to their child&#039;s grades, answers and contributions, but generally not those of other children - this may be problematic in the case of wiki activities or forum posts.&lt;br /&gt;
&lt;br /&gt;
There is some concern that children&#039;s forum contributions etc may be constrained if their parents are able to read all that they write; this may be particularly problematic in areas such as Personal, Social and Health Education (PSHE), where some schools may choose to use obfuscated usernames.&lt;br /&gt;
&lt;br /&gt;
===Manager===&lt;br /&gt;
&#039;&#039;Please add text here...&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Weekly Seminar Leader===&lt;br /&gt;
&#039;&#039;In a university seminar, typically 8-15 students in their 3rd/4th year, each student is responsible for leading one topic in a study series.  I ask each student to research 5-10 resources, then give a powerpoint presentation to the other students.  This is followed by an in-class discussion and then online homework.  The homework involves some fun quiz questions and then some reflective journal questions.  I ask each seminar leader to prepare the quiz questions and journal questions as well as their presentation.  To do that, I would like to assign activity-making/authoring roles to the student--either for a short period, or for duration of the whole course.  Thus &amp;quot;Allow Quiz Authoring Role&amp;quot; or &amp;quot;Allow Assignment Authoring Role&amp;quot; at the course level or, if possible, even the Topic level (in a topic or week format course) would be important.&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Mentor/Mentee===&lt;br /&gt;
&#039;&#039;Please add text here...&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Community-Designed Rating Criteria===&lt;br /&gt;
&#039;&#039;The gradebook tends to be the domain of the teacher.  What if community/peer ratings/marks could also be entered there? What if peer assessment criteria could be designed by the students, not just the teacher?&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Visitor===&lt;br /&gt;
&lt;br /&gt;
This would be a role whereby one could allow a visitor to visit one&#039;s classroom. This might be a colleague interested in seeing your course, or a journalist who might be writing an article about one&#039;s site. They should not be able to see the names of any students anywhere (eg recent activity, forum posts) for privacy reasons. They should be able to try out things like quizzes, and lessons but no grades would be recorded (like in teacher preview mode). They would not be able to participate in choices and forums but could view them. It would be read only in a way like former-student role below but without access to a particular student&#039;s records that former student role would grant.&lt;br /&gt;
&lt;br /&gt;
===Guest Speaker===&lt;br /&gt;
&lt;br /&gt;
This role would be similar to the Visitor role above, but would allow seeing student names, and also allow both reading and posting to a specific forum or forums. We often have &amp;quot;guest speakers&amp;quot; who read and respond to student forum posts. Right now we have to add them as students, which isn&#039;t ideal.&lt;br /&gt;
&lt;br /&gt;
===Former Student===&lt;br /&gt;
This role would be of particular use for courses with rolling enrollments. This role would be one where a student had completed all of the requirements of a course (ie assignments, quizzes etc.) but wished to have continued access to the course material for review or consultation. The key factor is that one would give access to the completed student to the notes he read, his work and the teacher&#039;s comments on it, but he would not be allowed to do anything that would take up the teacher&#039;s time. In other words, a sort-of read-only access to the course. How forums, which might contain pertinent information and would continue to grow, would be handled is a question. Perhaps the student would be shown only what was in the forums at the time he completed the course. He would not be allowed to see any new posts or add any himself. Same thing for database and glossary entries. In other words, a snapshot of the course at the time his regular enrollment ended. He shouldn&#039;t be able to see the names or profiles of any newly enrolled students for privacy reasons-hence the restrictions on forum access. One issue that would have to be dealt with would be changes to existing modules-such as resources. Does the student get access to the module as it was or as it is? We have no versioning of resources in Moodle so this would be a problem. What about a teacher changing a quiz question so that the answer is different? What would a former student see?&lt;br /&gt;
&lt;br /&gt;
===Alumnus=== An ALUMNUS should be able to search for all other ALUMNI of the school, interact with them and be enrolled in a seperate course - which is like a META course with all the content of his learning and interaction - as well as capabilities to be a part of this ALUMNI only course.  All the teachers of courses during school years should automatically be a part of the ALUMNI course .. which means when an ALUMNUS is enrolled in a course, the original teachers of all his courses get enrolled ?  --[[User:Anil Sharma|Anil Sharma]] 20:54, 15 July 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Librarian===&lt;br /&gt;
&lt;br /&gt;
Reference Librarians have an active role in most of the courses taught at some schools such as Earlham College (with Bibliographic Instruction). The Librarian role within Moodle could encompass default read access to all courses (unless prohibited by course teacher) and read access to all components of the course unless access is barred (again by teacher). The Librarians would also perhaps have a block called perhaps Reference Services or Reference Desk with write access where they could deposit resources. Also this block might have a chat applet whereby enrolled students could chat to the Reference Librarian on duty about their bibliographic research needs.&lt;br /&gt;
&lt;br /&gt;
In schools there is often a book review system. This may be covered by the lending system database but may not in which case a librarian may neeed to have a course area they can create a database template to handle the reviews in which case they may have a normal teacher style role? Off topic but course an integration with common schools database systems would be great.&lt;br /&gt;
&lt;br /&gt;
===Teacher===&lt;br /&gt;
&lt;br /&gt;
Teachers should have read access to other Teacher&#039;s courses unless explictly prohibited. They should be able to set parts of their own course to be totally private (perhaps even to admin?). Just as each activity can currently be set to have group access, each activity could have a permissions field. Teachers could set default permissions for all activities on their course (eg they might disallow Librarian access for example) and then change the access permission for an individual activity. &lt;br /&gt;
&lt;br /&gt;
I think that what is needed is a simple heirarchy of permissions and levels of granularity.&lt;br /&gt;
&lt;br /&gt;
I would take issue with &amp;quot;teachers should have read access to other teacher&#039;s courses unless explicitly prohibited.&amp;quot; This is a violation of the students&#039; privacy as how they perform and what they do in one class isn&#039;t the business of another teacher. Moreover, in the real world a teacher wouldn&#039;t suddenly go sit in on a colleague&#039;s class without asking permission first. I would not have appreciated such an invasion of privacy as either a teacher or a student. It could be an option, but shouldn&#039;t be default.--[[User:N Hansen|N Hansen]] 19:54, 12 June 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Community Education Tutors/Trainers===&lt;br /&gt;
Teachers may be community adult education trainers making use of a school moodle so must only have access to their courses unless given access elsewhere. They would not necessarily get the default teacher privileges.&lt;br /&gt;
&lt;br /&gt;
===Secretary/Student Worker===&lt;br /&gt;
&lt;br /&gt;
We often have faculty who want their departmental secretary or student worker to scan and upload files and perhaps create resources. Currently they have to be given teacher access to the course. This is dangerous from a FERPA standpoint since they could easily get access to grades.&lt;br /&gt;
&lt;br /&gt;
===Teaching Assistant===&lt;br /&gt;
&lt;br /&gt;
Our Faculty frequently have undergraduate students acting as Teaching Assistants. These students need to be able to add resources, create assignments, and possibly grade assignments. However, due to FERPA they cannot have access to other students&#039; overall grade information. I think the requirements here are slightly different than those of Secretary/Student Worker&lt;br /&gt;
&lt;br /&gt;
===Student - FERPA rights===&lt;br /&gt;
&lt;br /&gt;
A student that has asserted their FERPA rights to non-disclosure.  Typically includes not publishing their name&lt;br /&gt;
in any public place.  Could include this student only being seen with an &amp;quot;alias&amp;quot; within course spaces.  Is this an attribute rather&lt;br /&gt;
than a role?&lt;br /&gt;
&lt;br /&gt;
===Help Desk===&lt;br /&gt;
&lt;br /&gt;
Help desk agents that have read access for the purposes of trouble shooting.  Some care in placing this role within a hierarchy&lt;br /&gt;
of inheritance is needed, full access will be problematic with FERPA.&lt;br /&gt;
&lt;br /&gt;
===Admin - Catgory based===&lt;br /&gt;
&lt;br /&gt;
Basically a person in between full Admin and Creator that has the permissions of an Admin but only with respect to courses and students. Currently a Creator has permissions site-wide which does not always meet the requirements of a given organisation (e.g. Department A may not be happy that a person from Department B can create/modify courses within Department A&#039;s area). The ability to designate a Creator within a specific category would allow areas to be set up for a faculty/department/organisation and allow the Admin for that area to create/delete courses, upload users, add site-wide entries to the calendar etc.&lt;br /&gt;
&lt;br /&gt;
===PROCESS ROLES===&lt;br /&gt;
&lt;br /&gt;
organising the learning process for a group you wish to have the choice to place students in differnt roles: examples of this are:&lt;br /&gt;
&amp;lt;li&amp;gt;1. Give a student the role of forum-moderator with edit and chunk-rights&lt;br /&gt;
&amp;lt;li&amp;gt;2. Give students different roles &amp;amp; rights in a Webquest design (and change these roles next week&lt;br /&gt;
&amp;lt;li&amp;gt;3. Give students different resources, depending of their roles in a rolegame/simulation&lt;br /&gt;
&amp;lt;li&amp;gt;4. Give a student the rights to create the section content of next week (and only that week..)&lt;br /&gt;
&amp;lt;li&amp;gt;5. ..&lt;br /&gt;
&lt;br /&gt;
==See also==&lt;br /&gt;
&lt;br /&gt;
*Using Moodle [http://moodle.org/mod/forum/discuss.php?d=38788 Roles and Permissions architecture] forum discussion&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[Category:Future]]&lt;br /&gt;
[[Category:Roles]]&lt;br /&gt;
&lt;br /&gt;
[[ru:Роли]]&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Roles&amp;diff=3097</id>
		<title>Roles</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Roles&amp;diff=3097"/>
		<updated>2006-09-11T04:53:03Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* Core-level Capabilities */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&#039;&#039;&#039;Roles and permissions&#039;&#039;&#039; will be in Moodle 1.7 and are available in the developer version of Moodle.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Definitions==&lt;br /&gt;
&lt;br /&gt;
A role is an identifier of the user&#039;s status in some context, for example, teacher, student and forum moderator are examples of roles.&lt;br /&gt;
&lt;br /&gt;
A capability is a description of some particular Moodle feature. Capabilities are associated with roles. For example, &#039;&#039;mod/forum:replypost&#039;&#039; is a capability.&lt;br /&gt;
&lt;br /&gt;
A permission is some value that is assigned for a capability for a particular role.  For example, allow or prevent.&lt;br /&gt;
&lt;br /&gt;
A context is a &amp;quot;space&amp;quot; in the Moodle, such as courses, activity modules, blocks etc.&lt;br /&gt;
&lt;br /&gt;
==The existing system==&lt;br /&gt;
&lt;br /&gt;
Currently in Moodle, we have a fixed set of roles i.e. primary admin, admins, course creators, editing teachers, non-editing teachers, students, and guests. For each role, the capability or actions that they can performed are fixed. For example, the role student allows the user to submit an assignment, but doesn&#039;t allow the user to browse/edit other users&#039; work. By using this setup we limit ourselves to a rather rigid set of capabilities for each role. If we want, say a particular student or group to be able to mark assignments in a particular course, we can&#039;t do that without giving these users teacher privileges.&lt;br /&gt;
&lt;br /&gt;
==The new roles and capability system==&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{{Moodle 1.7}}The new system will allow authorized users to define an arbitrary number of roles (eg a teacher) &lt;br /&gt;
&lt;br /&gt;
A role consists of a list of permissions for different possible actions within Moodle (eg delete discussions, add activities etc)&lt;br /&gt;
&lt;br /&gt;
Roles can be applied to users in a context (eg assign Fred as a teacher in a particular course)&lt;br /&gt;
&lt;br /&gt;
Here are the possible contexts, listed from the most general to the most specific. &lt;br /&gt;
&lt;br /&gt;
#CONTEXT_SYSTEM&lt;br /&gt;
#CONTEXT_PERSONAL&lt;br /&gt;
#CONTEXT_USERID&lt;br /&gt;
#CONTEXT_COURSECAT&lt;br /&gt;
#CONTEXT_COURSE&lt;br /&gt;
#CONTEXT_GROUP&lt;br /&gt;
#CONTEXT_MODULE&lt;br /&gt;
#CONTEXT_BLOCK&lt;br /&gt;
&lt;br /&gt;
An authorized user will be able to assign an arbitrary number of roles to each user in any context.&lt;br /&gt;
&lt;br /&gt;
Capabilities can have the following permissions:&lt;br /&gt;
&lt;br /&gt;
#CAP_INHERIT&lt;br /&gt;
#CAP_ALLOW&lt;br /&gt;
#CAP_PREVENT&lt;br /&gt;
#CAP_PROHIBIT&lt;br /&gt;
&lt;br /&gt;
If no permission is defined, then the capability permission is inherited from a context that is more general than the current context. If we define different permission values for the same capability in different contexts, we say that we are overriding the capability in the more specific context.&lt;br /&gt;
&lt;br /&gt;
Since the capabilities in each role could be different, there could be conflict in capabilities. This is resolved by enforcing the rule that the capability defined for a more specific context will win, unless a prohibit is encountered in a less specific context.&lt;br /&gt;
&lt;br /&gt;
For example, Mark has a student role at course level, which allows him to write into a wiki. But Mark also got assigned a Visitor role at a module context level (for a particular wiki) which prevents him from writing to the wiki (read only). Therefore, for this particular wiki, Mark will not be able to write to the wiki since the more specific context wins.&lt;br /&gt;
&lt;br /&gt;
If we set a prohibit on a capability, it means that the capability cannot be overridden and will always have a permission of prevent (deny). Prohibit always wins. For example, Jeff has a naughty student role that prohibits him from postings in any forums (for the whole site), but he&#039;s also assigned a facilitator role in &amp;quot;Science forum&amp;quot; in the course Science and Math 101. Since prohibit always wins, Jeff is unable to post in &amp;quot;Science forum&amp;quot;.&lt;br /&gt;
&lt;br /&gt;
Allow and prevent will cancel each other out if set for the same capability at the same context level. If this happens, we refer to the previous context level to determine the permission for the capability.&lt;br /&gt;
&lt;br /&gt;
This may sound more complex than it really is in practice.  The upshot is that the system can be flexible enough to allow any combination of permissions.&lt;br /&gt;
&lt;br /&gt;
==Upgrading from 1.6==&lt;br /&gt;
&lt;br /&gt;
A smooth upgrade will be provided with 1.7. The existing roles (admin, teacher, student, etc), and the existing capabilities will be automatically retained.  This is done by creating default roles at site/course levels, and assigning the current users to these roles accordingly. The default roles will have default capabilities associated with them, mirroring what we have  in 1.6.   With no modifications, Moodle will operate exactly the same before and after the upgrade.&lt;br /&gt;
&lt;br /&gt;
===Teachers===&lt;br /&gt;
&lt;br /&gt;
Users who were teachers will be assigned the default legacy teacher role (or non-editing teacher role) in all courses they were teacher.&lt;br /&gt;
&lt;br /&gt;
===Students===&lt;br /&gt;
&lt;br /&gt;
Users who were students will be assigned the default student role in all courses they were student.&lt;br /&gt;
&lt;br /&gt;
===Guests===&lt;br /&gt;
&lt;br /&gt;
There will still be a single guest user with no default role at site level.   For each course that allows guest access, the guest role will be assigned to the guest user for that course context.   The guest control for the course will be modified from three to two options (guests always need to enter enrolment key - on/off).  This setting is checked as now to force guests to enter key.&lt;br /&gt;
&lt;br /&gt;
==Capabilities==&lt;br /&gt;
&lt;br /&gt;
This will be a comprehensive list of capabilities (it&#039;s not complete yet). It is important that capability names are unique.&lt;br /&gt;
&lt;br /&gt;
===Core-level Capabilities===&lt;br /&gt;
&lt;br /&gt;
Moodle core capability names start with &#039;moodle/&#039;.  The next word indicates what type of core capability it is, and the last word is the actual capability itself.  The capabilities for the Moodle core are defined in lib/db/access.php&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
#moodle/legacy:guest - legacy capabilities are used to transition existing users to the new roles system during the upgrade to Moodle 1.7&lt;br /&gt;
#moodle/legacy:student&lt;br /&gt;
#moodle/legacy:teacher&lt;br /&gt;
#moodle/legacy:editingteacher&lt;br /&gt;
#moodle/legacy:coursecreator&lt;br /&gt;
#moodle/legacy:admin&lt;br /&gt;
#moodle/site:doanything - special capability, meant for admins, if is set, overrides all other capability settings&lt;br /&gt;
#moodle/site:config - applicable in admin/index.php and config.php (might break down later) : 1)admin/config.php 2)admin/configure.php 3)blocks/admin/block_admin.php load_content_for_site()&lt;br /&gt;
#moodle/site:readallmessages - reads all messages and history&lt;br /&gt;
#moodle/site:approvecourse - approves a pending course&lt;br /&gt;
#moodle/site:manageblocks - adding/removing/editing blocks (site, course contexts only for now) : 1)_add_edit_controls moodleblock.class.php &lt;br /&gt;
#moodle/site:backup - can create a course backup : 1)course/category.php 2)block_admin.php&lt;br /&gt;
#moodle/site:restore - can restore into this context : 1)course/category.php 2)block_admin.php&lt;br /&gt;
#moodle/site:import - can import other courses into this context : 1)block_admin.php&lt;br /&gt;
#moodle/site:accessallgroups - able to access all groups irrespective of what group the user is in&lt;br /&gt;
#moodle/site:accessdb - directly accessing db (phpmyadmin)&lt;br /&gt;
#moodle/site:viewfullnames - able to see fullnames of other users&lt;br /&gt;
#moodle/site:viewreports - able to view site/course reports&lt;br /&gt;
#moodle/site:trustcontent - ability to use trusttext feature and bypass cleaning in specific areas&lt;br /&gt;
#moodle/blog:view - read blogs&lt;br /&gt;
#moodle/blog:create - write new blog posts&lt;br /&gt;
#moodle/blog:manageofficialtags - create/delete official blog tags that others can use&lt;br /&gt;
#moodle/blog:managepersonaltags - create/delete official blog tags that others can use&lt;br /&gt;
#moodle/blog:manageentries - edit/delete all blog entries&lt;br /&gt;
#moodle/course:setcurrentsection - mark course section&lt;br /&gt;
#moodle/course:create - create courses : 1)course/edit.php 2)course/category.php 3)course/index.php&lt;br /&gt;
#moodle/course:delete - create courses : 1)course/category.php&lt;br /&gt;
#moodle/course:update - update course settings&lt;br /&gt;
#moodle/course:view - can use this to find participants&lt;br /&gt;
#moodle/course:viewparticipants - allows a user to view participant list&lt;br /&gt;
#moodle/course:viewscales - view scales (i.e. in a help window?) : 1)course/scales.php&lt;br /&gt;
#moodle/course:manageactivities - adding/removing/editing activities and resources (don&#039;t think it makes any sense to split these)&lt;br /&gt;
#moodle/course:managescales - add, delete, edit scales, move scales up and down : 1)blocks/block_admin.php 2)course/scales.php&lt;br /&gt;
#moodle/course:managegroups - managing groups, add, edit, delete : 1)course/groups.php 2)course/group.php&lt;br /&gt;
#moodle/course:managefiles - manage course files and folders&lt;br /&gt;
#moodle/course:managequestions - manage course questions&lt;br /&gt;
#moodle/course:reset - able to reset the course&lt;br /&gt;
#moodle/course:visibility - hide/show courses : 1)course/category.php&lt;br /&gt;
#moodle/course:viewhiddencourses - see hidden courses&lt;br /&gt;
#moodle/course:activityvisibility - hide/show activities within a course&lt;br /&gt;
#moodle/course:viewhiddenactivities - able to see activities that have been hidden&lt;br /&gt;
#moodle/course:sectionvisibility - hide/show sections&lt;br /&gt;
#moodle/course:viewhiddensections - view hidden sections&lt;br /&gt;
#moodle/course:viewcoursegrades - views all grades in course&lt;br /&gt;
#moodle/course:managegrades - manages grades settings in course&lt;br /&gt;
#moodle/category:create - create category : 1)course/index.php&lt;br /&gt;
#moodle/category:delete - delete category : 1)course/index.php&lt;br /&gt;
#moodle/category:update - update category settings (sort and rename) this is currently an admin capability : 1)course/category.php&lt;br /&gt;
#moodle/category:visibility - hide/show categories : 1)course/index.php&lt;br /&gt;
#moodle/user:viewusergrades - view your own, or other user&#039;s grades (with specified context)&lt;br /&gt;
#moodle/user:create - create user : 1) user/edit.php&lt;br /&gt;
#moodle/user:delete - delete user : 1) admin/user.php&lt;br /&gt;
#moodle/user:update - update user settings : 1) user/edit.php&lt;br /&gt;
#moodle/user:viewdetails - view personally-identifying user details (e.g. name, photo). This ties in with the &amp;quot;visitor&amp;quot; scenario described below.&lt;br /&gt;
#moodle/calendar:manageownentries - create/edit/delete &lt;br /&gt;
#moodle/calendar:manageentries - create/edit/delete&lt;br /&gt;
#moodle/role:assign - assign roles to users&lt;br /&gt;
#moodle/role:override - can override role capabilities (depending on context)&lt;br /&gt;
#moodle/role:manage - create/edit/delete roles, set capability permissions for each role&lt;br /&gt;
#moodle/question:import - imports questions (course level?) - Yes, question permissions currently need to be course-level.--[[User:Tim Hunt|Tim Hunt]]&lt;br /&gt;
#moodle/question:export - exports questions (course level?)&lt;br /&gt;
#moodle/question:managecateory - add/delete/edit question categories (course level?)&lt;br /&gt;
#moodle/question:manage - add/edit/delete a question (course level)&lt;br /&gt;
&lt;br /&gt;
===User-level Capabilities===&lt;br /&gt;
# moodle/user:readuserposts -read individual user posts on profile page (parent?)&lt;br /&gt;
# moodle/user:readuserblogs -read individual user blogs on profile page (parent?)&lt;br /&gt;
# moodle/user:viewuseractivitiesreport-read individual activity report on profile page (parent?)&lt;br /&gt;
# moodle/user:editprofile - edit profile (normally used in CONTEXT_USERID and CONTEXT_SYSTEM)&lt;br /&gt;
&lt;br /&gt;
===Module-level Capabilities===&lt;br /&gt;
The capabilities are cached into a database table when a module is installed or updated. Whenever the capability definitions are updated, the module version number should be bumped up so that the database table can be updated.&lt;br /&gt;
&lt;br /&gt;
The naming convention for capabilities that are specific to modules and blocks is &#039;mod/mod_name:capability&#039;.  The part before the colon is the full path to the module in the Moodle code.  The module capabilities are defined in mod/mod_name/db/access.php.&lt;br /&gt;
&lt;br /&gt;
#Assignment&lt;br /&gt;
##mod/assignment:view- reading the assignment description&lt;br /&gt;
##mod/assignment:submit - turn assignment in&lt;br /&gt;
##mod/assignment:grade - grading, viewing of list of submitted assignments&lt;br /&gt;
#Chat&lt;br /&gt;
##mod/chat:chat - allows a user to participate in this chat&lt;br /&gt;
##mod/chat:readlog - allows a user to read past chat session logs&lt;br /&gt;
##mod/chat:deletelog - allows a user to delete past chat logs&lt;br /&gt;
#Choice&lt;br /&gt;
##mod/choice:choose - make a choice&lt;br /&gt;
##mod/choice:readresponses - read all responses&lt;br /&gt;
##mod/choice:deleteresponses - deletes all responses&lt;br /&gt;
##mod/choice:downloadresponses - download responses&lt;br /&gt;
#Database&lt;br /&gt;
##mod/data:readentry - reads other people&#039;s entry&lt;br /&gt;
##mod/data:writeentry - add / edit and delete (own) entries&lt;br /&gt;
##mod/data:managetemplates - add, delete, edit fields and templates&lt;br /&gt;
##mod/data:manageentries - edit/delete all entries&lt;br /&gt;
##mod/data:comment - comment&lt;br /&gt;
##mod/data:managecomments - edit/delete all comments&lt;br /&gt;
##mod/data:rate - rate an entry&lt;br /&gt;
##mod/data:approve - approves an entry&lt;br /&gt;
##mod/data:uploadentries - batch upload of entries&lt;br /&gt;
#Exercise&lt;br /&gt;
##mod/exercise:assess&lt;br /&gt;
#Forum&lt;br /&gt;
##mod/forum:viewforum&lt;br /&gt;
##mod/forum:viewdiscussion&lt;br /&gt;
##mod/forum:viewdiscussionsfromallgroups&lt;br /&gt;
##mod/forum:viewhiddentimedposts&lt;br /&gt;
##mod/forum:startdiscussion&lt;br /&gt;
##mod/forum:replypost&lt;br /&gt;
##mod/forum:viewrating&lt;br /&gt;
##mod/forum:viewanyrating&lt;br /&gt;
##mod/forum:rate&lt;br /&gt;
##mod/forum:createattachment&lt;br /&gt;
##mod/forum:deleteownpost&lt;br /&gt;
##mod/forum:deleteanypost&lt;br /&gt;
##mod/forum:splitdiscussions&lt;br /&gt;
##mod/forum:movediscussions&lt;br /&gt;
##mod/forum:editanypost&lt;br /&gt;
##mod/forum:viewqandawithoutposting&lt;br /&gt;
##mod/forum:viewsubscribers&lt;br /&gt;
##mod/forum:managesubscriptions&lt;br /&gt;
##mod/forum:throttlingapplies&lt;br /&gt;
#Glossary&lt;br /&gt;
##mod/glossary:view - read entries&lt;br /&gt;
##mod/glossary:write - add entries&lt;br /&gt;
##mod/glossary:manageentries - add, edit, delete entries&lt;br /&gt;
##mod/glossary:managecategories - create, delete, edit categories&lt;br /&gt;
##mod/glossary:comment - comment on an entry&lt;br /&gt;
##mod/glossary:managecomments - edit, delete comments&lt;br /&gt;
##mod/glossary:import - import glossaries&lt;br /&gt;
##mod/glossary:export - export glossaries&lt;br /&gt;
##mod/glossary:approve - approve glossaries&lt;br /&gt;
##mod/glossary:rate - rates glossary&lt;br /&gt;
##mod/glossary:viewrating - view ratings&lt;br /&gt;
#Hotpot&lt;br /&gt;
##mod/hotpot:attempt - attempt a hotpot&lt;br /&gt;
##mod/hotpot:viewreport - review and view reports&lt;br /&gt;
##mod/hotpot:grade - (grade? and) regrade&lt;br /&gt;
##mod/hotpot:deleteattempt - deletes attempts&lt;br /&gt;
#Label&lt;br /&gt;
##none&lt;br /&gt;
#Lams&lt;br /&gt;
##TBD&lt;br /&gt;
#Lesson&lt;br /&gt;
##mod/lesson:view&lt;br /&gt;
##mod/lesson:edit - add and edit pages&lt;br /&gt;
##mod/lesson:manage - view student attempts&lt;br /&gt;
#Quiz&lt;br /&gt;
##mod/quiz:grade - comment, override grade, manual grade&lt;br /&gt;
##mod/quiz:preview - previews the quiz&lt;br /&gt;
##mod/quiz:viewreports - view quiz result reports&lt;br /&gt;
##mod/quiz:manage - add/delete/move (up or down) questions for a quiz&lt;br /&gt;
##mod/quiz:attempt - attempt the quiz--[[User:Tim Hunt|Tim Hunt]]&lt;br /&gt;
#Resource&lt;br /&gt;
##mod/resource:view&lt;br /&gt;
#Scorm&lt;br /&gt;
##mod/scorm:view&lt;br /&gt;
##mod/scorm:viewgrades&lt;br /&gt;
#Survey&lt;br /&gt;
##mod/survey:download - downloads survery result&lt;br /&gt;
##mod/survey:participate - participate/ do survey&lt;br /&gt;
##mod/survey:readresponses - read all user&#039;s responese&lt;br /&gt;
#Wiki&lt;br /&gt;
##Waiting on new wiki&lt;br /&gt;
#Workshop&lt;br /&gt;
##mod/workshop:view - basic capability neede to enter workshop&lt;br /&gt;
##mod/workshop:participace - original student, allows use to submit and assess&lt;br /&gt;
##mod/workshop:manage - original teacher, user can manage others&lt;br /&gt;
##(Waiting on new Workshop)&lt;br /&gt;
&lt;br /&gt;
===Enrolment-level Capabilities===&lt;br /&gt;
&lt;br /&gt;
The naming convention for capabilities that are specific to enrolment is &#039;enrol/enrol_name:capability&#039;. The enrolment capabilities are defined in enrol/enrol_name/db/access.php.&lt;br /&gt;
&lt;br /&gt;
#Authorize.net Payment Gateway &lt;br /&gt;
##enrol/authorize:managepayments - manage user payments, capture, void, refund, delete etc.&lt;br /&gt;
&lt;br /&gt;
===Blocks===&lt;br /&gt;
#activity_modules&lt;br /&gt;
##None&lt;br /&gt;
#admin&lt;br /&gt;
#admin_2&lt;br /&gt;
#admin_bookmarks&lt;br /&gt;
#blog_menu&lt;br /&gt;
#blog_tags&lt;br /&gt;
#calendar_month&lt;br /&gt;
#calendar_upcoming&lt;br /&gt;
#course_list&lt;br /&gt;
#course_summary&lt;br /&gt;
#glossary_random&lt;br /&gt;
#html&lt;br /&gt;
#loancalc&lt;br /&gt;
#login&lt;br /&gt;
#messages&lt;br /&gt;
#news_items&lt;br /&gt;
#online_users&lt;br /&gt;
#participants&lt;br /&gt;
#quiz_results&lt;br /&gt;
#recent_activity&lt;br /&gt;
#rss_client&lt;br /&gt;
#search&lt;br /&gt;
#search_forums&lt;br /&gt;
#section_links&lt;br /&gt;
#site_main_menu&lt;br /&gt;
#social_activities&lt;br /&gt;
&lt;br /&gt;
===Questions===&lt;br /&gt;
I am adding question categories here because they seem to have been forgotten in the whole scheme of things since having been removed from the quiz module itself. I&#039;ve made a suggestion on how these could be handled in [http://www.moodle.org/bugs/bug.php?op=show&amp;amp;bugid=6118&amp;amp;pos= bug 6118].&lt;br /&gt;
&lt;br /&gt;
See [http://moodle.org/mod/forum/discuss.php?d=51143 this forum thread] for a discussion about the current problems wth publishing question categories.[[User:Tim Hunt|Tim Hunt]] 18:50, 8 August 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
==Programming Interface==&lt;br /&gt;
&lt;br /&gt;
Although the Roles system may look complicated at first glance, implementing it in Moodle code is fairly simple.&lt;br /&gt;
&lt;br /&gt;
* You need to define each capability once, so that Moodle can upgrade existing roles to take advantage of it.  You do this in an access.php inside the db folder of any module (eg see mod/forum/db/access.php).  The array contains entries like this (note the descriptions for the legacy roles which provides forward compatibility):&lt;br /&gt;
    &#039;mod/forum:viewforum&#039; =&amp;gt; array(&lt;br /&gt;
        &#039;captype&#039; =&amp;gt; &#039;read&#039;,&lt;br /&gt;
        &#039;contextlevel&#039; =&amp;gt; CONTEXT_MODULE,&lt;br /&gt;
        &#039;legacy&#039; =&amp;gt; array(&lt;br /&gt;
            &#039;guest&#039; =&amp;gt; CAP_PREVENT,&lt;br /&gt;
            &#039;student&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;teacher&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;editingteacher&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;coursecreator&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;admin&#039; =&amp;gt; CAP_ALLOW&lt;br /&gt;
        )&lt;br /&gt;
    ),&lt;br /&gt;
* To load/change these capabilities you need to bump the module version.   There&#039;s no need to provide changes or differences as Moodle will scan the whole array and sort it out.&lt;br /&gt;
* On each page you need to find the context the user is working in, using the get_context_instance() function.  For example, in the forum module:&lt;br /&gt;
&lt;br /&gt;
  $context = get_context_instance(CONTEXT_MODULE, $cm-&amp;gt;id);&lt;br /&gt;
* Then, whenever you want to check that the current user has rights to do something, call has_capability() like this:&lt;br /&gt;
    if (!has_capability(&#039;mod/forum:viewforum&#039;, $context)) {&lt;br /&gt;
        print_error(&#039;nopermissiontoviewforum&#039;);&lt;br /&gt;
    }&lt;br /&gt;
* If you just want to assert a capability and then finish with an error message if it&#039;s not met (as we did above), then a shorter way it to use require_capability() like this:&lt;br /&gt;
&lt;br /&gt;
    require_capability(&#039;mod/forum:viewforum&#039;, $context);&lt;br /&gt;
&lt;br /&gt;
* Note that there are extra parameters you can specify to get a custom error message, otherwise users get an automated &amp;quot;No permissions&amp;quot; message that lists the permission they were missing.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
As a result of the new Roles System, all calls to isadmin(), iscoursecreator, isteacheredit(), isteacher(), isstudent(), and isguest() will have to be replaced with calls to has_capability() or require_capability().   However, these functions will be retained for some backward compatibility with old code, using the legacy capabilities to try and work out what to do.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Problem areas we are working on ==&lt;br /&gt;
&lt;br /&gt;
===Student view===&lt;br /&gt;
&lt;br /&gt;
The &amp;quot;Student view&amp;quot; button has been removed completely.&lt;br /&gt;
&lt;br /&gt;
If there is time and a secure way can be found, it will be replaced by a menu to let the user assume a temporary role in the context of that course.&lt;br /&gt;
&lt;br /&gt;
===Teacher forum===&lt;br /&gt;
&lt;br /&gt;
Teacher forums were always a curious exception to normal forums, as they were not part of a course as such, and were not backed up.&lt;br /&gt;
&lt;br /&gt;
We&#039;re taking the opportunity to rectify this.   The upgrade converts teacher forums with content to normal forums in section 0 of the course, and ensures that only teachers can access them.  If the teacher forum had not been used in the course then it&#039;s not converted and will just dissappear.&lt;br /&gt;
&lt;br /&gt;
===Enrolment plugins===&lt;br /&gt;
&lt;br /&gt;
====Process of logging in====&lt;br /&gt;
&lt;br /&gt;
(more soon)&lt;br /&gt;
&lt;br /&gt;
====Process of checking access to a course====&lt;br /&gt;
&lt;br /&gt;
require_login($course-&amp;gt;id) is called by the script and has logic like this:&lt;br /&gt;
&lt;br /&gt;
# Is the user a guest at site level?&lt;br /&gt;
## Yes: Does the course allow guests?&lt;br /&gt;
### Yes: return true (and further capabilities are checked by the script)&lt;br /&gt;
### No:  send the user to course/enrol.php for enrolment&lt;br /&gt;
## No: continue below&lt;br /&gt;
&lt;br /&gt;
# Does the user have moodle/course:view in that (course) context?&lt;br /&gt;
## Yes: then they can enter (and further capabilities are checked by the script)&lt;br /&gt;
##  No: is guest access allowed on the course?&lt;br /&gt;
### Yes: assign temporary guest role to that user for that context (in session cache).&lt;br /&gt;
### No: send the user to course/enrol.php for enrolment.&lt;br /&gt;
&lt;br /&gt;
====Process of enrolling====&lt;br /&gt;
&lt;br /&gt;
(more soon)&lt;br /&gt;
&lt;br /&gt;
==Scenario brainstorming==&lt;br /&gt;
&lt;br /&gt;
This section is for brainstorming some example roles that we would like to support.  Note some of these *may* not be possible in 1.7.&lt;br /&gt;
&lt;br /&gt;
===Student===&lt;br /&gt;
Has this one been missed?&lt;br /&gt;
&lt;br /&gt;
===Site Designers===&lt;br /&gt;
Is there a role for people involved in how the site looks but not full administrators? Thinking here of online control of themes rather than FTP theme uploading. But in either case they caneditlogos, caneditcss, candeditlevelatwhichthemeapplies.&lt;br /&gt;
&lt;br /&gt;
===Educational Authority Adviser===&lt;br /&gt;
Someone who would want to browse the site and may be asked to comment or contribute to particular discussions or developments in school. Access for this role would be controlled by the school in the case of school level moodles but may be different if there were to be a Local Authority wide Moodle.&lt;br /&gt;
&lt;br /&gt;
===Educational Inspector===&lt;br /&gt;
Someone who will visit the site to verify the school&#039;s self review that comments on home school relationships, extending the classroom etc. They may want to see summaries of usage and reports from surveys garnering parent and pupil views.&lt;br /&gt;
&lt;br /&gt;
===Second Marker / Moderator===&lt;br /&gt;
A teacher within ths site that has access to assignments and quizzes from another teacher&#039;s course for second marking purposes. This may need additional functionality adding to the assignment module so that two sets of grades/feedback can be given to one set of assignments.&lt;br /&gt;
&lt;br /&gt;
===Peer observer of teaching===&lt;br /&gt;
Many institutions encourage peer observation of teaching, to encourage reflection on practice. In online environments this will be similar to moderation or inspection. The peer observer would need to be able to experience the course &amp;quot;as a student&amp;quot;, but also to be able to view summaries of usage, transcripts of interactions (forums/surveys/polls etc), grades assigned (e.g. in assignments).&lt;br /&gt;
&lt;br /&gt;
===External Examiner===&lt;br /&gt;
Has all the rights of inpectors, but would also need to be able to review assignments and feedback, view forums, glossaries etc. However, would not want to post, feedback onto the site at all.&lt;br /&gt;
&lt;br /&gt;
===Parent===&lt;br /&gt;
A parent will have one or more children in one or more institutions which could be using one or more moodle instances or a mixture of Learning Platforms. A parent&#039;s role will vary depending on the age of their children and whether they are contributing as a parent or a school supporter.&lt;br /&gt;
&lt;br /&gt;
In Early Years (EY=3+4 yr olds) and Key Stage 1 (KS1=5+6 yr olds) they may play/learn on an activity or write for the child. Parents often interpret homework tasks and read to their children perhaps filling in a joint reading diary. In Key Stage 2 (KS2=7-11 yr olds) parents would be more monitoring but may join in as well.&lt;br /&gt;
&lt;br /&gt;
In Key stages 3 (KS3=12-14 yr olds) and 4 (KS4=15+16 yr olds) this changes to more of a monitoring/awareness role where a parent would expect to have a summary report of attendance, attainment and general achievement on a weekly/monthly/termly or annual basis. Parents will often be asked to sign and write back comments about this review report.&lt;br /&gt;
&lt;br /&gt;
In all Key Stages there is a great need for parents to receive communication from the school which they can confirm they have received by signing a form. In some cases this may also involve making choices from a list. It may also involve payment for a trip or disco being returned so there could be the possibility of electronic payments. Also in all Key Satges there may be a home-school agreement which may be signed up to. Could this form part of a site policy system that incorporates a tickable list of activities the parent agrees to the child using (blogs/wikis/forums etc.)?&lt;br /&gt;
&lt;br /&gt;
Parent&#039;s evenings often involve complex booking systems that attempt to get parent&#039;s and teachers together. Easy for EY/KS1/KS2 very difficult for KS3/KS4. Wow would this help if it was built into the Learning Platform.&lt;br /&gt;
&lt;br /&gt;
In some cases there needs to be confidential communication between the parent and the teacher without the child being party to this. It may involve teaching and learning but could also involve a behaviour or medical issue. Often this may be done via a sealed letter or face to face. &lt;br /&gt;
&lt;br /&gt;
The latest incarnation of OfSTED with the Self Review Framework (SEF) there is a greater emphasis on schools gathering parent voice via surveys and discussion. There is a clear match here with parents have access to parental votes, questionnaires and discussions and for schools to be able to publish news, results and reports back to parents.&lt;br /&gt;
&lt;br /&gt;
In the UK the LP framework and agenda as being pushed by the DfES via Becta emphasises that within the mandatory groups and roles functionality the parent role is likely to be required to meet the LP Framework procurement standard.&lt;br /&gt;
&lt;br /&gt;
Again in the UK, parents have their own independent right of access to a child&#039;s educational records. Obviously, children&#039;s records must not be made available to other parties, including the parents of other children in the same class. Thus it would be necessary to associate parent accounts with their own child&#039;s accounts in such a way that they could, if so desired, have read access to their child&#039;s grades, answers and contributions, but generally not those of other children - this may be problematic in the case of wiki activities or forum posts.&lt;br /&gt;
&lt;br /&gt;
There is some concern that children&#039;s forum contributions etc may be constrained if their parents are able to read all that they write; this may be particularly problematic in areas such as Personal, Social and Health Education (PSHE), where some schools may choose to use obfuscated usernames.&lt;br /&gt;
&lt;br /&gt;
===Manager===&lt;br /&gt;
&#039;&#039;Please add text here...&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Weekly Seminar Leader===&lt;br /&gt;
&#039;&#039;In a university seminar, typically 8-15 students in their 3rd/4th year, each student is responsible for leading one topic in a study series.  I ask each student to research 5-10 resources, then give a powerpoint presentation to the other students.  This is followed by an in-class discussion and then online homework.  The homework involves some fun quiz questions and then some reflective journal questions.  I ask each seminar leader to prepare the quiz questions and journal questions as well as their presentation.  To do that, I would like to assign activity-making/authoring roles to the student--either for a short period, or for duration of the whole course.  Thus &amp;quot;Allow Quiz Authoring Role&amp;quot; or &amp;quot;Allow Assignment Authoring Role&amp;quot; at the course level or, if possible, even the Topic level (in a topic or week format course) would be important.&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Mentor/Mentee===&lt;br /&gt;
&#039;&#039;Please add text here...&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Community-Designed Rating Criteria===&lt;br /&gt;
&#039;&#039;The gradebook tends to be the domain of the teacher.  What if community/peer ratings/marks could also be entered there? What if peer assessment criteria could be designed by the students, not just the teacher?&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Visitor===&lt;br /&gt;
&lt;br /&gt;
This would be a role whereby one could allow a visitor to visit one&#039;s classroom. This might be a colleague interested in seeing your course, or a journalist who might be writing an article about one&#039;s site. They should not be able to see the names of any students anywhere (eg recent activity, forum posts) for privacy reasons. They should be able to try out things like quizzes, and lessons but no grades would be recorded (like in teacher preview mode). They would not be able to participate in choices and forums but could view them. It would be read only in a way like former-student role below but without access to a particular student&#039;s records that former student role would grant.&lt;br /&gt;
&lt;br /&gt;
===Guest Speaker===&lt;br /&gt;
&lt;br /&gt;
This role would be similar to the Visitor role above, but would allow seeing student names, and also allow both reading and posting to a specific forum or forums. We often have &amp;quot;guest speakers&amp;quot; who read and respond to student forum posts. Right now we have to add them as students, which isn&#039;t ideal.&lt;br /&gt;
&lt;br /&gt;
===Former Student===&lt;br /&gt;
This role would be of particular use for courses with rolling enrollments. This role would be one where a student had completed all of the requirements of a course (ie assignments, quizzes etc.) but wished to have continued access to the course material for review or consultation. The key factor is that one would give access to the completed student to the notes he read, his work and the teacher&#039;s comments on it, but he would not be allowed to do anything that would take up the teacher&#039;s time. In other words, a sort-of read-only access to the course. How forums, which might contain pertinent information and would continue to grow, would be handled is a question. Perhaps the student would be shown only what was in the forums at the time he completed the course. He would not be allowed to see any new posts or add any himself. Same thing for database and glossary entries. In other words, a snapshot of the course at the time his regular enrollment ended. He shouldn&#039;t be able to see the names or profiles of any newly enrolled students for privacy reasons-hence the restrictions on forum access. One issue that would have to be dealt with would be changes to existing modules-such as resources. Does the student get access to the module as it was or as it is? We have no versioning of resources in Moodle so this would be a problem. What about a teacher changing a quiz question so that the answer is different? What would a former student see?&lt;br /&gt;
&lt;br /&gt;
===Alumnus=== An ALUMNUS should be able to search for all other ALUMNI of the school, interact with them and be enrolled in a seperate course - which is like a META course with all the content of his learning and interaction - as well as capabilities to be a part of this ALUMNI only course.  All the teachers of courses during school years should automatically be a part of the ALUMNI course .. which means when an ALUMNUS is enrolled in a course, the original teachers of all his courses get enrolled ?  --[[User:Anil Sharma|Anil Sharma]] 20:54, 15 July 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Librarian===&lt;br /&gt;
&lt;br /&gt;
Reference Librarians have an active role in most of the courses taught at some schools such as Earlham College (with Bibliographic Instruction). The Librarian role within Moodle could encompass default read access to all courses (unless prohibited by course teacher) and read access to all components of the course unless access is barred (again by teacher). The Librarians would also perhaps have a block called perhaps Reference Services or Reference Desk with write access where they could deposit resources. Also this block might have a chat applet whereby enrolled students could chat to the Reference Librarian on duty about their bibliographic research needs.&lt;br /&gt;
&lt;br /&gt;
In schools there is often a book review system. This may be covered by the lending system database but may not in which case a librarian may neeed to have a course area they can create a database template to handle the reviews in which case they may have a normal teacher style role? Off topic but course an integration with common schools database systems would be great.&lt;br /&gt;
&lt;br /&gt;
===Teacher===&lt;br /&gt;
&lt;br /&gt;
Teachers should have read access to other Teacher&#039;s courses unless explictly prohibited. They should be able to set parts of their own course to be totally private (perhaps even to admin?). Just as each activity can currently be set to have group access, each activity could have a permissions field. Teachers could set default permissions for all activities on their course (eg they might disallow Librarian access for example) and then change the access permission for an individual activity. &lt;br /&gt;
&lt;br /&gt;
I think that what is needed is a simple heirarchy of permissions and levels of granularity.&lt;br /&gt;
&lt;br /&gt;
I would take issue with &amp;quot;teachers should have read access to other teacher&#039;s courses unless explicitly prohibited.&amp;quot; This is a violation of the students&#039; privacy as how they perform and what they do in one class isn&#039;t the business of another teacher. Moreover, in the real world a teacher wouldn&#039;t suddenly go sit in on a colleague&#039;s class without asking permission first. I would not have appreciated such an invasion of privacy as either a teacher or a student. It could be an option, but shouldn&#039;t be default.--[[User:N Hansen|N Hansen]] 19:54, 12 June 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Community Education Tutors/Trainers===&lt;br /&gt;
Teachers may be community adult education trainers making use of a school moodle so must only have access to their courses unless given access elsewhere. They would not necessarily get the default teacher privileges.&lt;br /&gt;
&lt;br /&gt;
===Secretary/Student Worker===&lt;br /&gt;
&lt;br /&gt;
We often have faculty who want their departmental secretary or student worker to scan and upload files and perhaps create resources. Currently they have to be given teacher access to the course. This is dangerous from a FERPA standpoint since they could easily get access to grades.&lt;br /&gt;
&lt;br /&gt;
===Teaching Assistant===&lt;br /&gt;
&lt;br /&gt;
Our Faculty frequently have undergraduate students acting as Teaching Assistants. These students need to be able to add resources, create assignments, and possibly grade assignments. However, due to FERPA they cannot have access to other students&#039; overall grade information. I think the requirements here are slightly different than those of Secretary/Student Worker&lt;br /&gt;
&lt;br /&gt;
===Student - FERPA rights===&lt;br /&gt;
&lt;br /&gt;
A student that has asserted their FERPA rights to non-disclosure.  Typically includes not publishing their name&lt;br /&gt;
in any public place.  Could include this student only being seen with an &amp;quot;alias&amp;quot; within course spaces.  Is this an attribute rather&lt;br /&gt;
than a role?&lt;br /&gt;
&lt;br /&gt;
===Help Desk===&lt;br /&gt;
&lt;br /&gt;
Help desk agents that have read access for the purposes of trouble shooting.  Some care in placing this role within a hierarchy&lt;br /&gt;
of inheritance is needed, full access will be problematic with FERPA.&lt;br /&gt;
&lt;br /&gt;
===Admin - Catgory based===&lt;br /&gt;
&lt;br /&gt;
Basically a person in between full Admin and Creator that has the permissions of an Admin but only with respect to courses and students. Currently a Creator has permissions site-wide which does not always meet the requirements of a given organisation (e.g. Department A may not be happy that a person from Department B can create/modify courses within Department A&#039;s area). The ability to designate a Creator within a specific category would allow areas to be set up for a faculty/department/organisation and allow the Admin for that area to create/delete courses, upload users, add site-wide entries to the calendar etc.&lt;br /&gt;
&lt;br /&gt;
===PROCESS ROLES===&lt;br /&gt;
&lt;br /&gt;
organising the learning process for a group you wish to have the choice to place students in differnt roles: examples of this are:&lt;br /&gt;
&amp;lt;li&amp;gt;1. Give a student the role of forum-moderator with edit and chunk-rights&lt;br /&gt;
&amp;lt;li&amp;gt;2. Give students different roles &amp;amp; rights in a Webquest design (and change these roles next week&lt;br /&gt;
&amp;lt;li&amp;gt;3. Give students different resources, depending of their roles in a rolegame/simulation&lt;br /&gt;
&amp;lt;li&amp;gt;4. Give a student the rights to create the section content of next week (and only that week..)&lt;br /&gt;
&amp;lt;li&amp;gt;5. ..&lt;br /&gt;
&lt;br /&gt;
==See also==&lt;br /&gt;
&lt;br /&gt;
*Using Moodle [http://moodle.org/mod/forum/discuss.php?d=38788 Roles and Permissions architecture] forum discussion&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[Category:Future]]&lt;br /&gt;
[[Category:Roles]]&lt;br /&gt;
&lt;br /&gt;
[[ru:Роли]]&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Roles&amp;diff=3094</id>
		<title>Roles</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Roles&amp;diff=3094"/>
		<updated>2006-09-08T06:31:09Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* Core-level Capabilities */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&#039;&#039;&#039;Roles and permissions&#039;&#039;&#039; will be in Moodle 1.7 and are available in the developer version of Moodle.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Definitions==&lt;br /&gt;
&lt;br /&gt;
A role is an identifier of the user&#039;s status in some context, for example, teacher, student and forum moderator are examples of roles.&lt;br /&gt;
&lt;br /&gt;
A capability is a description of some particular Moodle feature. Capabilities are associated with roles. For example, &#039;&#039;mod/forum:replypost&#039;&#039; is a capability.&lt;br /&gt;
&lt;br /&gt;
A permission is some value that is assigned for a capability for a particular role.  For example, allow or prevent.&lt;br /&gt;
&lt;br /&gt;
A context is a &amp;quot;space&amp;quot; in the Moodle, such as courses, activity modules, blocks etc.&lt;br /&gt;
&lt;br /&gt;
==The existing system==&lt;br /&gt;
&lt;br /&gt;
Currently in Moodle, we have a fixed set of roles i.e. primary admin, admins, course creators, editing teachers, non-editing teachers, students, and guests. For each role, the capability or actions that they can performed are fixed. For example, the role student allows the user to submit an assignment, but doesn&#039;t allow the user to browse/edit other users&#039; work. By using this setup we limit ourselves to a rather rigid set of capabilities for each role. If we want, say a particular student or group to be able to mark assignments in a particular course, we can&#039;t do that without giving these users teacher privileges.&lt;br /&gt;
&lt;br /&gt;
==The new roles and capability system==&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{{Moodle 1.7}}The new system will allow authorized users to define an arbitrary number of roles (eg a teacher) &lt;br /&gt;
&lt;br /&gt;
A role consists of a list of permissions for different possible actions within Moodle (eg delete discussions, add activities etc)&lt;br /&gt;
&lt;br /&gt;
Roles can be applied to users in a context (eg assign Fred as a teacher in a particular course)&lt;br /&gt;
&lt;br /&gt;
Here are the possible contexts, listed from the most general to the most specific. &lt;br /&gt;
&lt;br /&gt;
#CONTEXT_SYSTEM&lt;br /&gt;
#CONTEXT_PERSONAL&lt;br /&gt;
#CONTEXT_USERID&lt;br /&gt;
#CONTEXT_COURSECAT&lt;br /&gt;
#CONTEXT_COURSE&lt;br /&gt;
#CONTEXT_GROUP&lt;br /&gt;
#CONTEXT_MODULE&lt;br /&gt;
#CONTEXT_BLOCK&lt;br /&gt;
&lt;br /&gt;
An authorized user will be able to assign an arbitrary number of roles to each user in any context.&lt;br /&gt;
&lt;br /&gt;
Capabilities can have the following permissions:&lt;br /&gt;
&lt;br /&gt;
#CAP_INHERIT&lt;br /&gt;
#CAP_ALLOW&lt;br /&gt;
#CAP_PREVENT&lt;br /&gt;
#CAP_PROHIBIT&lt;br /&gt;
&lt;br /&gt;
If no permission is defined, then the capability permission is inherited from a context that is more general than the current context. If we define different permission values for the same capability in different contexts, we say that we are overriding the capability in the more specific context.&lt;br /&gt;
&lt;br /&gt;
Since the capabilities in each role could be different, there could be conflict in capabilities. This is resolved by enforcing the rule that the capability defined for a more specific context will win, unless a prohibit is encountered in a less specific context.&lt;br /&gt;
&lt;br /&gt;
For example, Mark has a student role at course level, which allows him to write into a wiki. But Mark also got assigned a Visitor role at a module context level (for a particular wiki) which prevents him from writing to the wiki (read only). Therefore, for this particular wiki, Mark will not be able to write to the wiki since the more specific context wins.&lt;br /&gt;
&lt;br /&gt;
If we set a prohibit on a capability, it means that the capability cannot be overridden and will always have a permission of prevent (deny). Prohibit always wins. For example, Jeff has a naughty student role that prohibits him from postings in any forums (for the whole site), but he&#039;s also assigned a facilitator role in &amp;quot;Science forum&amp;quot; in the course Science and Math 101. Since prohibit always wins, Jeff is unable to post in &amp;quot;Science forum&amp;quot;.&lt;br /&gt;
&lt;br /&gt;
Allow and prevent will cancel each other out if set for the same capability at the same context level. If this happens, we refer to the previous context level to determine the permission for the capability.&lt;br /&gt;
&lt;br /&gt;
This may sound more complex than it really is in practice.  The upshot is that the system can be flexible enough to allow any combination of permissions.&lt;br /&gt;
&lt;br /&gt;
==Upgrading from 1.6==&lt;br /&gt;
&lt;br /&gt;
A smooth upgrade will be provided with 1.7. The existing roles (admin, teacher, student, etc), and the existing capabilities will be automatically retained.  This is done by creating default roles at site/course levels, and assigning the current users to these roles accordingly. The default roles will have default capabilities associated with them, mirroring what we have  in 1.6.   With no modifications, Moodle will operate exactly the same before and after the upgrade.&lt;br /&gt;
&lt;br /&gt;
===Teachers===&lt;br /&gt;
&lt;br /&gt;
Users who were teachers will be assigned the default legacy teacher role (or non-editing teacher role) in all courses they were teacher.&lt;br /&gt;
&lt;br /&gt;
===Students===&lt;br /&gt;
&lt;br /&gt;
Users who were students will be assigned the default student role in all courses they were student.&lt;br /&gt;
&lt;br /&gt;
===Guests===&lt;br /&gt;
&lt;br /&gt;
There will still be a single guest user with no default role at site level.   For each course that allows guest access, the guest role will be assigned to the guest user for that course context.   The guest control for the course will be modified from three to two options (guests always need to enter enrolment key - on/off).  This setting is checked as now to force guests to enter key.&lt;br /&gt;
&lt;br /&gt;
==Capabilities==&lt;br /&gt;
&lt;br /&gt;
This will be a comprehensive list of capabilities (it&#039;s not complete yet). It is important that capability names are unique.&lt;br /&gt;
&lt;br /&gt;
===Core-level Capabilities===&lt;br /&gt;
&lt;br /&gt;
Moodle core capability names start with &#039;moodle/&#039;.  The next word indicates what type of core capability it is, and the last word is the actual capability itself.  The capabilities for the Moodle core are defined in lib/db/access.php&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
#moodle/legacy:guest - legacy capabilities are used to transition existing users to the new roles system during the upgrade to Moodle 1.7&lt;br /&gt;
#moodle/legacy:student&lt;br /&gt;
#moodle/legacy:teacher&lt;br /&gt;
#moodle/legacy:editingteacher&lt;br /&gt;
#moodle/legacy:coursecreator&lt;br /&gt;
#moodle/legacy:admin&lt;br /&gt;
#moodle/site:doanything - special capability, meant for admins, if is set, overrides all other capability settings&lt;br /&gt;
#moodle/site:config - applicable in admin/index.php and config.php (might break down later) : 1)admin/config.php 2)admin/configure.php 3)blocks/admin/block_admin.php load_content_for_site()&lt;br /&gt;
#moodle/site:readallmessages - reads all messages and history&lt;br /&gt;
#moodle/site:approvecourse - approves a pending course&lt;br /&gt;
#moodle/site:manageblocks - adding/removing/editing blocks (site, course contexts only for now) : 1)_add_edit_controls moodleblock.class.php &lt;br /&gt;
#moodle/site:backup - can create a course backup : 1)course/category.php 2)block_admin.php&lt;br /&gt;
#moodle/site:restore - can restore into this context : 1)course/category.php 2)block_admin.php&lt;br /&gt;
#moodle/site:import - can import other courses into this context : 1)block_admin.php&lt;br /&gt;
#moodle/site:accessallgroups - able to access all groups irrespective of what group the user is in&lt;br /&gt;
#moodle/site:accessdb - directly accessing db (phpmyadmin)&lt;br /&gt;
#moodle/site:viewfullnames - able to see fullnames of other users&lt;br /&gt;
#moodle/site:viewreports - able to view site/course reports&lt;br /&gt;
#moodle/site:trustcontent - ability to use trusttext feature and bypass cleaning in specific areas&lt;br /&gt;
#moodle/blog:view - read blogs&lt;br /&gt;
#moodle/blog:create - write new blog posts&lt;br /&gt;
#moodle/blog:manageofficialtags - create/delete official blog tags that others can use&lt;br /&gt;
#moodle/blog:managepersonaltags - create/delete official blog tags that others can use&lt;br /&gt;
#moodle/blog:manageentries - edit/delete all blog entries&lt;br /&gt;
#moodle/course:setcurrentsection - mark course section&lt;br /&gt;
#moodle/course:create - create courses : 1)course/edit.php 2)course/category.php 3)course/index.php&lt;br /&gt;
#moodle/course:delete - create courses : 1)course/category.php&lt;br /&gt;
#moodle/course:update - update course settings&lt;br /&gt;
#moodle/course:view - can use this to find participants&lt;br /&gt;
#moodle/course:viewparticipants - allows a user to view participant list&lt;br /&gt;
#moodle/course:viewscales - view scales (i.e. in a help window?) : 1)course/scales.php&lt;br /&gt;
#moodle/course:manageactivities - adding/removing/editing activities and resources (don&#039;t think it makes any sense to split these)&lt;br /&gt;
#moodle/course:managescales - add, delete, edit scales, move scales up and down : 1)blocks/block_admin.php 2)course/scales.php&lt;br /&gt;
#moodle/course:managegroups - managing groups, add, edit, delete : 1)course/groups.php 2)course/group.php&lt;br /&gt;
#moodle/course:managefiles - manage course files and folders&lt;br /&gt;
#moodle/course:managequestions - manage course questions&lt;br /&gt;
#moodle/course:reset - able to reset the course&lt;br /&gt;
#moodle/course:visibility - hide/show courses : 1)course/category.php&lt;br /&gt;
#moodle/course:activityvisibility - hide/show activities within a course&lt;br /&gt;
#moodle/course:viewhiddenactivities - able to see activities that have been hidden&lt;br /&gt;
#moodle/course:sectionvisibility - hide/show sections&lt;br /&gt;
#moodle/course:viewhiddensections - view hidden sections&lt;br /&gt;
#moodle/course:viewcoursegrades - views all grades in course&lt;br /&gt;
#moodle/course:managegrades - manages grades settings in course&lt;br /&gt;
#moodle/category:create - create category : 1)course/index.php&lt;br /&gt;
#moodle/category:delete - delete category : 1)course/index.php&lt;br /&gt;
#moodle/category:update - update category settings (sort and rename) this is currently an admin capability : 1)course/category.php&lt;br /&gt;
#moodle/category:visibility - hide/show categories : 1)course/index.php&lt;br /&gt;
#moodle/user:viewusergrades - view your own, or other user&#039;s grades (with specified context)&lt;br /&gt;
#moodle/user:create - create user : 1) user/edit.php&lt;br /&gt;
#moodle/user:delete - delete user : 1) admin/user.php&lt;br /&gt;
#moodle/user:update - update user settings : 1) user/edit.php&lt;br /&gt;
#moodle/user:viewdetails - view personally-identifying user details (e.g. name, photo). This ties in with the &amp;quot;visitor&amp;quot; scenario described below.&lt;br /&gt;
#moodle/calendar:manageownentries - create/edit/delete &lt;br /&gt;
#moodle/calendar:manageentries - create/edit/delete&lt;br /&gt;
#moodle/role:assign - assign roles to users&lt;br /&gt;
#moodle/role:override - can override role capabilities (depending on context)&lt;br /&gt;
#moodle/role:manage - create/edit/delete roles, set capability permissions for each role&lt;br /&gt;
#moodle/question:import - imports questions (course level?) - Yes, question permissions currently need to be course-level.--[[User:Tim Hunt|Tim Hunt]]&lt;br /&gt;
#moodle/question:export - exports questions (course level?)&lt;br /&gt;
#moodle/question:managecateory - add/delete/edit question categories (course level?)&lt;br /&gt;
#moodle/question:manage - add/edit/delete a question (course level)&lt;br /&gt;
&lt;br /&gt;
===User-level Capabilities===&lt;br /&gt;
# moodle/user:readuserposts -read individual user posts on profile page (parent?)&lt;br /&gt;
# moodle/user:readuserblogs -read individual user blogs on profile page (parent?)&lt;br /&gt;
# moodle/user:viewuseractivitiesreport-read individual activity report on profile page (parent?)&lt;br /&gt;
# moodle/user:editprofile - edit profile (normally used in CONTEXT_USERID and CONTEXT_SYSTEM)&lt;br /&gt;
&lt;br /&gt;
===Module-level Capabilities===&lt;br /&gt;
The capabilities are cached into a database table when a module is installed or updated. Whenever the capability definitions are updated, the module version number should be bumped up so that the database table can be updated.&lt;br /&gt;
&lt;br /&gt;
The naming convention for capabilities that are specific to modules and blocks is &#039;mod/mod_name:capability&#039;.  The part before the colon is the full path to the module in the Moodle code.  The module capabilities are defined in mod/mod_name/db/access.php.&lt;br /&gt;
&lt;br /&gt;
#Assignment&lt;br /&gt;
##mod/assignment:view- reading the assignment description&lt;br /&gt;
##mod/assignment:submit - turn assignment in&lt;br /&gt;
##mod/assignment:grade - grading, viewing of list of submitted assignments&lt;br /&gt;
#Chat&lt;br /&gt;
##mod/chat:chat - allows a user to participate in this chat&lt;br /&gt;
##mod/chat:readlog - allows a user to read past chat session logs&lt;br /&gt;
##mod/chat:deletelog - allows a user to delete past chat logs&lt;br /&gt;
#Choice&lt;br /&gt;
##mod/choice:choose - make a choice&lt;br /&gt;
##mod/choice:readresponses - read all responses&lt;br /&gt;
##mod/choice:deleteresponses - deletes all responses&lt;br /&gt;
##mod/choice:downloadresponses - download responses&lt;br /&gt;
#Database&lt;br /&gt;
##mod/data:readentry - reads other people&#039;s entry&lt;br /&gt;
##mod/data:writeentry - add / edit and delete (own) entries&lt;br /&gt;
##mod/data:managetemplates - add, delete, edit fields and templates&lt;br /&gt;
##mod/data:manageentries - edit/delete all entries&lt;br /&gt;
##mod/data:comment - comment&lt;br /&gt;
##mod/data:managecomments - edit/delete all comments&lt;br /&gt;
##mod/data:rate - rate an entry&lt;br /&gt;
##mod/data:approve - approves an entry&lt;br /&gt;
##mod/data:uploadentries - batch upload of entries&lt;br /&gt;
#Exercise&lt;br /&gt;
##mod/exercise:assess&lt;br /&gt;
#Forum&lt;br /&gt;
##mod/forum:viewforum&lt;br /&gt;
##mod/forum:viewdiscussion&lt;br /&gt;
##mod/forum:viewdiscussionsfromallgroups&lt;br /&gt;
##mod/forum:viewhiddentimedposts&lt;br /&gt;
##mod/forum:startdiscussion&lt;br /&gt;
##mod/forum:replypost&lt;br /&gt;
##mod/forum:viewrating&lt;br /&gt;
##mod/forum:viewanyrating&lt;br /&gt;
##mod/forum:rate&lt;br /&gt;
##mod/forum:createattachment&lt;br /&gt;
##mod/forum:deleteownpost&lt;br /&gt;
##mod/forum:deleteanypost&lt;br /&gt;
##mod/forum:splitdiscussions&lt;br /&gt;
##mod/forum:movediscussions&lt;br /&gt;
##mod/forum:editanypost&lt;br /&gt;
##mod/forum:viewqandawithoutposting&lt;br /&gt;
##mod/forum:viewsubscribers&lt;br /&gt;
##mod/forum:managesubscriptions&lt;br /&gt;
##mod/forum:throttlingapplies&lt;br /&gt;
#Glossary&lt;br /&gt;
##mod/glossary:view - read entries&lt;br /&gt;
##mod/glossary:write - add entries&lt;br /&gt;
##mod/glossary:manageentries - add, edit, delete entries&lt;br /&gt;
##mod/glossary:managecategories - create, delete, edit categories&lt;br /&gt;
##mod/glossary:comment - comment on an entry&lt;br /&gt;
##mod/glossary:managecomments - edit, delete comments&lt;br /&gt;
##mod/glossary:import - import glossaries&lt;br /&gt;
##mod/glossary:export - export glossaries&lt;br /&gt;
##mod/glossary:approve - approve glossaries&lt;br /&gt;
##mod/glossary:rate - rates glossary&lt;br /&gt;
##mod/glossary:viewrating - view ratings&lt;br /&gt;
#Hotpot&lt;br /&gt;
##mod/hotpot:attempt - attempt a hotpot&lt;br /&gt;
##mod/hotpot:viewreport - review and view reports&lt;br /&gt;
##mod/hotpot:grade - (grade? and) regrade&lt;br /&gt;
##mod/hotpot:deleteattempt - deletes attempts&lt;br /&gt;
#Label&lt;br /&gt;
##none&lt;br /&gt;
#Lams&lt;br /&gt;
##TBD&lt;br /&gt;
#Lesson&lt;br /&gt;
##TBD&lt;br /&gt;
#Quiz&lt;br /&gt;
##mod/quiz:grade - comment, override grade, manual grade&lt;br /&gt;
##mod/quiz:preview - previews the quiz&lt;br /&gt;
##mod/quiz:viewreports - view quiz result reports&lt;br /&gt;
##mod/quiz:manage - add/delete/move (up or down) questions for a quiz&lt;br /&gt;
##mod/quiz:attempt - attempt the quiz--[[User:Tim Hunt|Tim Hunt]]&lt;br /&gt;
#Resource&lt;br /&gt;
##mod/resource:view&lt;br /&gt;
#Scorm&lt;br /&gt;
##mod/scorm:view&lt;br /&gt;
##mod/scorm:viewgrades&lt;br /&gt;
#Survey&lt;br /&gt;
##mod/survey:download - downloads survery result&lt;br /&gt;
##mod/survey:participate - participate/ do survey&lt;br /&gt;
##mod/survey:readresponses - read all user&#039;s responese&lt;br /&gt;
#Wiki&lt;br /&gt;
##Waiting on new wiki&lt;br /&gt;
#Workshop&lt;br /&gt;
##mod/workshop:view - basic capability neede to enter workshop&lt;br /&gt;
##mod/workshop:participace - original student, allows use to submit and assess&lt;br /&gt;
##mod/workshop:manage - original teacher, user can manage others&lt;br /&gt;
##(Waiting on new Workshop)&lt;br /&gt;
&lt;br /&gt;
===Enrolment-level Capabilities===&lt;br /&gt;
&lt;br /&gt;
The naming convention for capabilities that are specific to enrolment is &#039;enrol/enrol_name:capability&#039;. The enrolment capabilities are defined in enrol/enrol_name/db/access.php.&lt;br /&gt;
&lt;br /&gt;
#Authorize.net Payment Gateway &lt;br /&gt;
##enrol/authorize:managepayments - manage user payments, capture, void, refund, delete etc.&lt;br /&gt;
&lt;br /&gt;
===Blocks===&lt;br /&gt;
#activity_modules&lt;br /&gt;
##None&lt;br /&gt;
#admin&lt;br /&gt;
#admin_2&lt;br /&gt;
#admin_bookmarks&lt;br /&gt;
#blog_menu&lt;br /&gt;
#blog_tags&lt;br /&gt;
#calendar_month&lt;br /&gt;
#calendar_upcoming&lt;br /&gt;
#course_list&lt;br /&gt;
#course_summary&lt;br /&gt;
#glossary_random&lt;br /&gt;
#html&lt;br /&gt;
#loancalc&lt;br /&gt;
#login&lt;br /&gt;
#messages&lt;br /&gt;
#news_items&lt;br /&gt;
#online_users&lt;br /&gt;
#participants&lt;br /&gt;
#quiz_results&lt;br /&gt;
#recent_activity&lt;br /&gt;
#rss_client&lt;br /&gt;
#search&lt;br /&gt;
#search_forums&lt;br /&gt;
#section_links&lt;br /&gt;
#site_main_menu&lt;br /&gt;
#social_activities&lt;br /&gt;
&lt;br /&gt;
===Questions===&lt;br /&gt;
I am adding question categories here because they seem to have been forgotten in the whole scheme of things since having been removed from the quiz module itself. I&#039;ve made a suggestion on how these could be handled in [http://www.moodle.org/bugs/bug.php?op=show&amp;amp;bugid=6118&amp;amp;pos= bug 6118].&lt;br /&gt;
&lt;br /&gt;
See [http://moodle.org/mod/forum/discuss.php?d=51143 this forum thread] for a discussion about the current problems wth publishing question categories.[[User:Tim Hunt|Tim Hunt]] 18:50, 8 August 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
==Programming Interface==&lt;br /&gt;
&lt;br /&gt;
Although the Roles system may look complicated at first glance, implementing it in Moodle code is fairly simple.&lt;br /&gt;
&lt;br /&gt;
* You need to define each capability once, so that Moodle can upgrade existing roles to take advantage of it.  You do this in an access.php inside the db folder of any module (eg see mod/forum/db/access.php).  The array contains entries like this (note the descriptions for the legacy roles which provides forward compatibility):&lt;br /&gt;
    &#039;mod/forum:viewforum&#039; =&amp;gt; array(&lt;br /&gt;
        &#039;captype&#039; =&amp;gt; &#039;read&#039;,&lt;br /&gt;
        &#039;contextlevel&#039; =&amp;gt; CONTEXT_MODULE,&lt;br /&gt;
        &#039;legacy&#039; =&amp;gt; array(&lt;br /&gt;
            &#039;guest&#039; =&amp;gt; CAP_PREVENT,&lt;br /&gt;
            &#039;student&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;teacher&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;editingteacher&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;coursecreator&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;admin&#039; =&amp;gt; CAP_ALLOW&lt;br /&gt;
        )&lt;br /&gt;
    ),&lt;br /&gt;
* To load/change these capabilities you need to bump the module version.   There&#039;s no need to provide changes or differences as Moodle will scan the whole array and sort it out.&lt;br /&gt;
* On each page you need to find the context the user is working in, using the get_context_instance() function.  For example, in the forum module:&lt;br /&gt;
&lt;br /&gt;
  $context = get_context_instance(CONTEXT_MODULE, $cm-&amp;gt;id);&lt;br /&gt;
* Then, whenever you want to check that the current user has rights to do something, call has_capability() like this:&lt;br /&gt;
    if (!has_capability(&#039;mod/forum:viewforum&#039;, $context)) {&lt;br /&gt;
        print_error(&#039;nopermissiontoviewforum&#039;);&lt;br /&gt;
    }&lt;br /&gt;
* If you just want to assert a capability and then finish with an error message if it&#039;s not met (as we did above), then a shorter way it to use require_capability() like this:&lt;br /&gt;
&lt;br /&gt;
    require_capability(&#039;mod/forum:viewforum&#039;, $context);&lt;br /&gt;
&lt;br /&gt;
* Note that there are extra parameters you can specify to get a custom error message, otherwise users get an automated &amp;quot;No permissions&amp;quot; message that lists the permission they were missing.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
As a result of the new Roles System, all calls to isadmin(), iscoursecreator, isteacheredit(), isteacher(), isstudent(), and isguest() will have to be replaced with calls to has_capability() or require_capability().   However, these functions will be retained for some backward compatibility with old code, using the legacy capabilities to try and work out what to do.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Problem areas we are working on ==&lt;br /&gt;
&lt;br /&gt;
===Student view===&lt;br /&gt;
&lt;br /&gt;
The &amp;quot;Student view&amp;quot; button has been removed completely.&lt;br /&gt;
&lt;br /&gt;
If there is time and a secure way can be found, it will be replaced by a menu to let the user assume a temporary role in the context of that course.&lt;br /&gt;
&lt;br /&gt;
===Teacher forum===&lt;br /&gt;
&lt;br /&gt;
Teacher forums were always a curious exception to normal forums, as they were not part of a course as such, and were not backed up.&lt;br /&gt;
&lt;br /&gt;
We&#039;re taking the opportunity to rectify this.   The upgrade converts teacher forums with content to normal forums in section 0 of the course, and ensures that only teachers can access them.  If the teacher forum had not been used in the course then it&#039;s not converted and will just dissappear.&lt;br /&gt;
&lt;br /&gt;
===Enrolment plugins===&lt;br /&gt;
&lt;br /&gt;
====Process of logging in====&lt;br /&gt;
&lt;br /&gt;
(more soon)&lt;br /&gt;
&lt;br /&gt;
====Process of checking access to a course====&lt;br /&gt;
&lt;br /&gt;
require_login($course-&amp;gt;id) is called by the script and has logic like this:&lt;br /&gt;
&lt;br /&gt;
# Is the user a guest at site level?&lt;br /&gt;
## Yes: Does the course allow guests?&lt;br /&gt;
### Yes: return true (and further capabilities are checked by the script)&lt;br /&gt;
### No:  send the user to course/enrol.php for enrolment&lt;br /&gt;
## No: continue below&lt;br /&gt;
&lt;br /&gt;
# Does the user have moodle/course:view in that (course) context?&lt;br /&gt;
## Yes: then they can enter (and further capabilities are checked by the script)&lt;br /&gt;
##  No: is guest access allowed on the course?&lt;br /&gt;
### Yes: assign temporary guest role to that user for that context (in session cache).&lt;br /&gt;
### No: send the user to course/enrol.php for enrolment.&lt;br /&gt;
&lt;br /&gt;
====Process of enrolling====&lt;br /&gt;
&lt;br /&gt;
(more soon)&lt;br /&gt;
&lt;br /&gt;
==Scenario brainstorming==&lt;br /&gt;
&lt;br /&gt;
This section is for brainstorming some example roles that we would like to support.  Note some of these *may* not be possible in 1.7.&lt;br /&gt;
&lt;br /&gt;
===Student===&lt;br /&gt;
Has this one been missed?&lt;br /&gt;
&lt;br /&gt;
===Site Designers===&lt;br /&gt;
Is there a role for people involved in how the site looks but not full administrators? Thinking here of online control of themes rather than FTP theme uploading. But in either case they caneditlogos, caneditcss, candeditlevelatwhichthemeapplies.&lt;br /&gt;
&lt;br /&gt;
===Educational Authority Adviser===&lt;br /&gt;
Someone who would want to browse the site and may be asked to comment or contribute to particular discussions or developments in school. Access for this role would be controlled by the school in the case of school level moodles but may be different if there were to be a Local Authority wide Moodle.&lt;br /&gt;
&lt;br /&gt;
===Educational Inspector===&lt;br /&gt;
Someone who will visit the site to verify the school&#039;s self review that comments on home school relationships, extending the classroom etc. They may want to see summaries of usage and reports from surveys garnering parent and pupil views.&lt;br /&gt;
&lt;br /&gt;
===Second Marker / Moderator===&lt;br /&gt;
A teacher within ths site that has access to assignments and quizzes from another teacher&#039;s course for second marking purposes. This may need additional functionality adding to the assignment module so that two sets of grades/feedback can be given to one set of assignments.&lt;br /&gt;
&lt;br /&gt;
===Peer observer of teaching===&lt;br /&gt;
Many institutions encourage peer observation of teaching, to encourage reflection on practice. In online environments this will be similar to moderation or inspection. The peer observer would need to be able to experience the course &amp;quot;as a student&amp;quot;, but also to be able to view summaries of usage, transcripts of interactions (forums/surveys/polls etc), grades assigned (e.g. in assignments).&lt;br /&gt;
&lt;br /&gt;
===External Examiner===&lt;br /&gt;
Has all the rights of inpectors, but would also need to be able to review assignments and feedback, view forums, glossaries etc. However, would not want to post, feedback onto the site at all.&lt;br /&gt;
&lt;br /&gt;
===Parent===&lt;br /&gt;
A parent will have one or more children in one or more institutions which could be using one or more moodle instances or a mixture of Learning Platforms. A parent&#039;s role will vary depending on the age of their children and whether they are contributing as a parent or a school supporter.&lt;br /&gt;
&lt;br /&gt;
In Early Years (EY=3+4 yr olds) and Key Stage 1 (KS1=5+6 yr olds) they may play/learn on an activity or write for the child. Parents often interpret homework tasks and read to their children perhaps filling in a joint reading diary. In Key Stage 2 (KS2=7-11 yr olds) parents would be more monitoring but may join in as well.&lt;br /&gt;
&lt;br /&gt;
In Key stages 3 (KS3=12-14 yr olds) and 4 (KS4=15+16 yr olds) this changes to more of a monitoring/awareness role where a parent would expect to have a summary report of attendance, attainment and general achievement on a weekly/monthly/termly or annual basis. Parents will often be asked to sign and write back comments about this review report.&lt;br /&gt;
&lt;br /&gt;
In all Key Stages there is a great need for parents to receive communication from the school which they can confirm they have received by signing a form. In some cases this may also involve making choices from a list. It may also involve payment for a trip or disco being returned so there could be the possibility of electronic payments. Also in all Key Satges there may be a home-school agreement which may be signed up to. Could this form part of a site policy system that incorporates a tickable list of activities the parent agrees to the child using (blogs/wikis/forums etc.)?&lt;br /&gt;
&lt;br /&gt;
Parent&#039;s evenings often involve complex booking systems that attempt to get parent&#039;s and teachers together. Easy for EY/KS1/KS2 very difficult for KS3/KS4. Wow would this help if it was built into the Learning Platform.&lt;br /&gt;
&lt;br /&gt;
In some cases there needs to be confidential communication between the parent and the teacher without the child being party to this. It may involve teaching and learning but could also involve a behaviour or medical issue. Often this may be done via a sealed letter or face to face. &lt;br /&gt;
&lt;br /&gt;
The latest incarnation of OfSTED with the Self Review Framework (SEF) there is a greater emphasis on schools gathering parent voice via surveys and discussion. There is a clear match here with parents have access to parental votes, questionnaires and discussions and for schools to be able to publish news, results and reports back to parents.&lt;br /&gt;
&lt;br /&gt;
In the UK the LP framework and agenda as being pushed by the DfES via Becta emphasises that within the mandatory groups and roles functionality the parent role is likely to be required to meet the LP Framework procurement standard.&lt;br /&gt;
&lt;br /&gt;
Again in the UK, parents have their own independent right of access to a child&#039;s educational records. Obviously, children&#039;s records must not be made available to other parties, including the parents of other children in the same class. Thus it would be necessary to associate parent accounts with their own child&#039;s accounts in such a way that they could, if so desired, have read access to their child&#039;s grades, answers and contributions, but generally not those of other children - this may be problematic in the case of wiki activities or forum posts.&lt;br /&gt;
&lt;br /&gt;
There is some concern that children&#039;s forum contributions etc may be constrained if their parents are able to read all that they write; this may be particularly problematic in areas such as Personal, Social and Health Education (PSHE), where some schools may choose to use obfuscated usernames.&lt;br /&gt;
&lt;br /&gt;
===Manager===&lt;br /&gt;
&#039;&#039;Please add text here...&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Weekly Seminar Leader===&lt;br /&gt;
&#039;&#039;In a university seminar, typically 8-15 students in their 3rd/4th year, each student is responsible for leading one topic in a study series.  I ask each student to research 5-10 resources, then give a powerpoint presentation to the other students.  This is followed by an in-class discussion and then online homework.  The homework involves some fun quiz questions and then some reflective journal questions.  I ask each seminar leader to prepare the quiz questions and journal questions as well as their presentation.  To do that, I would like to assign activity-making/authoring roles to the student--either for a short period, or for duration of the whole course.  Thus &amp;quot;Allow Quiz Authoring Role&amp;quot; or &amp;quot;Allow Assignment Authoring Role&amp;quot; at the course level or, if possible, even the Topic level (in a topic or week format course) would be important.&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Mentor/Mentee===&lt;br /&gt;
&#039;&#039;Please add text here...&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Community-Designed Rating Criteria===&lt;br /&gt;
&#039;&#039;The gradebook tends to be the domain of the teacher.  What if community/peer ratings/marks could also be entered there? What if peer assessment criteria could be designed by the students, not just the teacher?&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Visitor===&lt;br /&gt;
&lt;br /&gt;
This would be a role whereby one could allow a visitor to visit one&#039;s classroom. This might be a colleague interested in seeing your course, or a journalist who might be writing an article about one&#039;s site. They should not be able to see the names of any students anywhere (eg recent activity, forum posts) for privacy reasons. They should be able to try out things like quizzes, and lessons but no grades would be recorded (like in teacher preview mode). They would not be able to participate in choices and forums but could view them. It would be read only in a way like former-student role below but without access to a particular student&#039;s records that former student role would grant.&lt;br /&gt;
&lt;br /&gt;
===Guest Speaker===&lt;br /&gt;
&lt;br /&gt;
This role would be similar to the Visitor role above, but would allow seeing student names, and also allow both reading and posting to a specific forum or forums. We often have &amp;quot;guest speakers&amp;quot; who read and respond to student forum posts. Right now we have to add them as students, which isn&#039;t ideal.&lt;br /&gt;
&lt;br /&gt;
===Former Student===&lt;br /&gt;
This role would be of particular use for courses with rolling enrollments. This role would be one where a student had completed all of the requirements of a course (ie assignments, quizzes etc.) but wished to have continued access to the course material for review or consultation. The key factor is that one would give access to the completed student to the notes he read, his work and the teacher&#039;s comments on it, but he would not be allowed to do anything that would take up the teacher&#039;s time. In other words, a sort-of read-only access to the course. How forums, which might contain pertinent information and would continue to grow, would be handled is a question. Perhaps the student would be shown only what was in the forums at the time he completed the course. He would not be allowed to see any new posts or add any himself. Same thing for database and glossary entries. In other words, a snapshot of the course at the time his regular enrollment ended. He shouldn&#039;t be able to see the names or profiles of any newly enrolled students for privacy reasons-hence the restrictions on forum access. One issue that would have to be dealt with would be changes to existing modules-such as resources. Does the student get access to the module as it was or as it is? We have no versioning of resources in Moodle so this would be a problem. What about a teacher changing a quiz question so that the answer is different? What would a former student see?&lt;br /&gt;
&lt;br /&gt;
===Alumnus=== An ALUMNUS should be able to search for all other ALUMNI of the school, interact with them and be enrolled in a seperate course - which is like a META course with all the content of his learning and interaction - as well as capabilities to be a part of this ALUMNI only course.  All the teachers of courses during school years should automatically be a part of the ALUMNI course .. which means when an ALUMNUS is enrolled in a course, the original teachers of all his courses get enrolled ?  --[[User:Anil Sharma|Anil Sharma]] 20:54, 15 July 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Librarian===&lt;br /&gt;
&lt;br /&gt;
Reference Librarians have an active role in most of the courses taught at Earlham College (with Bibliographic Instruction). The Librarian role within Moodle could encompass default read access to all courses (unless prohibited by course teacher) and read access to all components of the course unless access is barred (again by teacher). The Librarians would also perhaps have a block called perhaps Reference Services or Reference Desk with write access where they could deposit resources. Also this block might have a chat applet whereby enrolled students could chat to the Reference Librarian on duty about their bibliographic research needs.&lt;br /&gt;
&lt;br /&gt;
In schools there is often a book review system. This may be covered by the lending system database but may not in which case a librarian may neeed to have a course area they can create a database template to handle the reviews in which case they may have a normal teacher style role? Off topic but course an integration with common schools database systems would be great.&lt;br /&gt;
&lt;br /&gt;
===Teacher===&lt;br /&gt;
&lt;br /&gt;
Teachers should have read access to other Teacher&#039;s courses unless explictly prohibited. They should be able to set parts of their own course to be totally private (perhaps even to admin?). Just as each activity can currently be set to have group access, each activity could have a permissions field. Teachers could set default permissions for all activities on their course (eg they might disallow Librarian access for example) and then change the access permission for an individual activity. &lt;br /&gt;
&lt;br /&gt;
I think that what is needed is a simple heirarchy of permissions and levels of granularity.&lt;br /&gt;
&lt;br /&gt;
I would take issue with &amp;quot;teachers should have read access to other teacher&#039;s courses unless explicitly prohibited.&amp;quot; This is a violation of the students&#039; privacy as how they perform and what they do in one class isn&#039;t the business of another teacher. Moreover, in the real world a teacher wouldn&#039;t suddenly go sit in on a colleague&#039;s class without asking permission first. I would not have appreciated such an invasion of privacy as either a teacher or a student. It could be an option, but shouldn&#039;t be default.--[[User:N Hansen|N Hansen]] 19:54, 12 June 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Community Education Tutors/Trainers===&lt;br /&gt;
Teachers may be community adult education trainers making use of a school moodle so must only have access to their courses unless given access elsewhere. They would not necessarily get the default teacher privileges.&lt;br /&gt;
&lt;br /&gt;
===Secretary/Student Worker===&lt;br /&gt;
&lt;br /&gt;
We often have faculty who want their departmental secretary or student worker to scan and upload files and perhaps create resources. Currently they have to be given teacher access to the course. This is dangerous from a FERPA standpoint since they could easily get access to grades.&lt;br /&gt;
&lt;br /&gt;
===Teaching Assistant===&lt;br /&gt;
&lt;br /&gt;
Our Faculty frequently have undergraduate students acting as Teaching Assistants. These students need to be able to add resources, create assignments, and possibly grade assignments. However, due to FERPA they cannot have access to other students&#039; overall grade information. I think the requirements here are slightly different than those of Secretary/Student Worker&lt;br /&gt;
&lt;br /&gt;
===Student - FERPA rights===&lt;br /&gt;
&lt;br /&gt;
A student that has asserted their FERPA rights to non-disclosure.  Typically includes not publishing their name&lt;br /&gt;
in any public place.  Could include this student only being seen with an &amp;quot;alias&amp;quot; within course spaces.  Is this an attribute rather&lt;br /&gt;
than a role?&lt;br /&gt;
&lt;br /&gt;
===Help Desk===&lt;br /&gt;
&lt;br /&gt;
Help desk agents that have read access for the purposes of trouble shooting.  Some care in placing this role within a hierarchy&lt;br /&gt;
of inheritance is needed, full access will be problematic with FERPA.&lt;br /&gt;
&lt;br /&gt;
===Admin - Catgory based===&lt;br /&gt;
&lt;br /&gt;
Basically a person in between full Admin and Creator that has the permissions of an Admin but only with respect to courses and students. Currently a Creator has permissions site-wide which does not always meet the requirements of a given organisation (e.g. Department A may not be happy that a person from Department B can create/modify courses within Department A&#039;s area). The ability to designate a Creator within a specific category would allow areas to be set up for a faculty/department/organisation and allow the Admin for that area to create/delete courses, upload users, add site-wide entries to the calendar etc.&lt;br /&gt;
&lt;br /&gt;
===PROCESS ROLES===&lt;br /&gt;
&lt;br /&gt;
organising the learning process for a group you wish to have the choice to place students in differnt roles: examples of this are:&lt;br /&gt;
&amp;lt;li&amp;gt;1. Give a student the role of forum-moderator with edit and chunk-rights&lt;br /&gt;
&amp;lt;li&amp;gt;2. Give students different roles &amp;amp; rights in a Webquest design (and change these roles next week&lt;br /&gt;
&amp;lt;li&amp;gt;3. Give students different resources, depending of their roles in a rolegame/simulation&lt;br /&gt;
&amp;lt;li&amp;gt;4. Give a student the rights to create the section content of next week (and only that week..)&lt;br /&gt;
&amp;lt;li&amp;gt;5. ..&lt;br /&gt;
&lt;br /&gt;
==See also==&lt;br /&gt;
&lt;br /&gt;
*Using Moodle [http://moodle.org/mod/forum/discuss.php?d=38788 Roles and Permissions architecture] forum discussion&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[Category:Future]]&lt;br /&gt;
[[Category:Roles]]&lt;br /&gt;
&lt;br /&gt;
[[ru:Роли]]&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Roles&amp;diff=3093</id>
		<title>Roles</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Roles&amp;diff=3093"/>
		<updated>2006-09-08T03:06:31Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* Core-level Capabilities */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&#039;&#039;&#039;Roles and permissions&#039;&#039;&#039; will be in Moodle 1.7 and are available in the developer version of Moodle.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Definitions==&lt;br /&gt;
&lt;br /&gt;
A role is an identifier of the user&#039;s status in some context, for example, teacher, student and forum moderator are examples of roles.&lt;br /&gt;
&lt;br /&gt;
A capability is a description of some particular Moodle feature. Capabilities are associated with roles. For example, &#039;&#039;mod/forum:replypost&#039;&#039; is a capability.&lt;br /&gt;
&lt;br /&gt;
A permission is some value that is assigned for a capability for a particular role.  For example, allow or prevent.&lt;br /&gt;
&lt;br /&gt;
A context is a &amp;quot;space&amp;quot; in the Moodle, such as courses, activity modules, blocks etc.&lt;br /&gt;
&lt;br /&gt;
==The existing system==&lt;br /&gt;
&lt;br /&gt;
Currently in Moodle, we have a fixed set of roles i.e. primary admin, admins, course creators, editing teachers, non-editing teachers, students, and guests. For each role, the capability or actions that they can performed are fixed. For example, the role student allows the user to submit an assignment, but doesn&#039;t allow the user to browse/edit other users&#039; work. By using this setup we limit ourselves to a rather rigid set of capabilities for each role. If we want, say a particular student or group to be able to mark assignments in a particular course, we can&#039;t do that without giving these users teacher privileges.&lt;br /&gt;
&lt;br /&gt;
==The new roles and capability system==&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{{Moodle 1.7}}The new system will allow authorized users to define an arbitrary number of roles (eg a teacher) &lt;br /&gt;
&lt;br /&gt;
A role consists of a list of permissions for different possible actions within Moodle (eg delete discussions, add activities etc)&lt;br /&gt;
&lt;br /&gt;
Roles can be applied to users in a context (eg assign Fred as a teacher in a particular course)&lt;br /&gt;
&lt;br /&gt;
Here are the possible contexts, listed from the most general to the most specific. &lt;br /&gt;
&lt;br /&gt;
#CONTEXT_SYSTEM&lt;br /&gt;
#CONTEXT_PERSONAL&lt;br /&gt;
#CONTEXT_USERID&lt;br /&gt;
#CONTEXT_COURSECAT&lt;br /&gt;
#CONTEXT_COURSE&lt;br /&gt;
#CONTEXT_GROUP&lt;br /&gt;
#CONTEXT_MODULE&lt;br /&gt;
#CONTEXT_BLOCK&lt;br /&gt;
&lt;br /&gt;
An authorized user will be able to assign an arbitrary number of roles to each user in any context.&lt;br /&gt;
&lt;br /&gt;
Capabilities can have the following permissions:&lt;br /&gt;
&lt;br /&gt;
#CAP_INHERIT&lt;br /&gt;
#CAP_ALLOW&lt;br /&gt;
#CAP_PREVENT&lt;br /&gt;
#CAP_PROHIBIT&lt;br /&gt;
&lt;br /&gt;
If no permission is defined, then the capability permission is inherited from a context that is more general than the current context. If we define different permission values for the same capability in different contexts, we say that we are overriding the capability in the more specific context.&lt;br /&gt;
&lt;br /&gt;
Since the capabilities in each role could be different, there could be conflict in capabilities. This is resolved by enforcing the rule that the capability defined for a more specific context will win, unless a prohibit is encountered in a less specific context.&lt;br /&gt;
&lt;br /&gt;
For example, Mark has a student role at course level, which allows him to write into a wiki. But Mark also got assigned a Visitor role at a module context level (for a particular wiki) which prevents him from writing to the wiki (read only). Therefore, for this particular wiki, Mark will not be able to write to the wiki since the more specific context wins.&lt;br /&gt;
&lt;br /&gt;
If we set a prohibit on a capability, it means that the capability cannot be overridden and will always have a permission of prevent (deny). Prohibit always wins. For example, Jeff has a naughty student role that prohibits him from postings in any forums (for the whole site), but he&#039;s also assigned a facilitator role in &amp;quot;Science forum&amp;quot; in the course Science and Math 101. Since prohibit always wins, Jeff is unable to post in &amp;quot;Science forum&amp;quot;.&lt;br /&gt;
&lt;br /&gt;
Allow and prevent will cancel each other out if set for the same capability at the same context level. If this happens, we refer to the previous context level to determine the permission for the capability.&lt;br /&gt;
&lt;br /&gt;
This may sound more complex than it really is in practice.  The upshot is that the system can be flexible enough to allow any combination of permissions.&lt;br /&gt;
&lt;br /&gt;
==Upgrading from 1.6==&lt;br /&gt;
&lt;br /&gt;
A smooth upgrade will be provided with 1.7. The existing roles (admin, teacher, student, etc), and the existing capabilities will be automatically retained.  This is done by creating default roles at site/course levels, and assigning the current users to these roles accordingly. The default roles will have default capabilities associated with them, mirroring what we have  in 1.6.   With no modifications, Moodle will operate exactly the same before and after the upgrade.&lt;br /&gt;
&lt;br /&gt;
===Teachers===&lt;br /&gt;
&lt;br /&gt;
Users who were teachers will be assigned the default legacy teacher role (or non-editing teacher role) in all courses they were teacher.&lt;br /&gt;
&lt;br /&gt;
===Students===&lt;br /&gt;
&lt;br /&gt;
Users who were students will be assigned the default student role in all courses they were student.&lt;br /&gt;
&lt;br /&gt;
===Guests===&lt;br /&gt;
&lt;br /&gt;
There will still be a single guest user with no default role at site level.   For each course that allows guest access, the guest role will be assigned to the guest user for that course context.   The guest control for the course will be modified from three to two options (guests always need to enter enrolment key - on/off).  This setting is checked as now to force guests to enter key.&lt;br /&gt;
&lt;br /&gt;
==Capabilities==&lt;br /&gt;
&lt;br /&gt;
This will be a comprehensive list of capabilities (it&#039;s not complete yet). It is important that capability names are unique.&lt;br /&gt;
&lt;br /&gt;
===Core-level Capabilities===&lt;br /&gt;
&lt;br /&gt;
Moodle core capability names start with &#039;moodle/&#039;.  The next word indicates what type of core capability it is, and the last word is the actual capability itself.  The capabilities for the Moodle core are defined in lib/db/access.php&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
#moodle/legacy:guest - legacy capabilities are used to transition existing users to the new roles system during the upgrade to Moodle 1.7&lt;br /&gt;
#moodle/legacy:student&lt;br /&gt;
#moodle/legacy:teacher&lt;br /&gt;
#moodle/legacy:editingteacher&lt;br /&gt;
#moodle/legacy:coursecreator&lt;br /&gt;
#moodle/legacy:admin&lt;br /&gt;
#moodle/site:doanything - special capability, meant for admins, if is set, overrides all other capability settings&lt;br /&gt;
#moodle/site:config - applicable in admin/index.php and config.php (might break down later) : 1)admin/config.php 2)admin/configure.php 3)blocks/admin/block_admin.php load_content_for_site()&lt;br /&gt;
#moodle/site:approvecourse - approves a pending course&lt;br /&gt;
#moodle/site:manageblocks - adding/removing/editing blocks (site, course contexts only for now) : 1)_add_edit_controls moodleblock.class.php &lt;br /&gt;
#moodle/site:backup - can create a course backup : 1)course/category.php 2)block_admin.php&lt;br /&gt;
#moodle/site:restore - can restore into this context : 1)course/category.php 2)block_admin.php&lt;br /&gt;
#moodle/site:import - can import other courses into this context : 1)block_admin.php&lt;br /&gt;
#moodle/site:accessallgroups - able to access all groups irrespective of what group the user is in&lt;br /&gt;
#moodle/site:accessdb - directly accessing db (phpmyadmin)&lt;br /&gt;
#moodle/site:viewfullnames - able to see fullnames of other users&lt;br /&gt;
#moodle/site:viewreports - able to view site/course reports&lt;br /&gt;
#moodle/site:trustcontent - ability to use trusttext feature and bypass cleaning in specific areas&lt;br /&gt;
#moodle/blog:view - read blogs&lt;br /&gt;
#moodle/blog:create - write new blog posts&lt;br /&gt;
#moodle/blog:manageofficialtags - create/delete official blog tags that others can use&lt;br /&gt;
#moodle/blog:managepersonaltags - create/delete official blog tags that others can use&lt;br /&gt;
#moodle/blog:manageentries - edit/delete all blog entries&lt;br /&gt;
#moodle/course:setcurrentsection - mark course section&lt;br /&gt;
#moodle/course:create - create courses : 1)course/edit.php 2)course/category.php 3)course/index.php&lt;br /&gt;
#moodle/course:delete - create courses : 1)course/category.php&lt;br /&gt;
#moodle/course:update - update course settings&lt;br /&gt;
#moodle/course:view - can use this to find participants&lt;br /&gt;
#moodle/course:viewparticipants - allows a user to view participant list&lt;br /&gt;
#moodle/course:viewscales - view scales (i.e. in a help window?) : 1)course/scales.php&lt;br /&gt;
#moodle/course:manageactivities - adding/removing/editing activities and resources (don&#039;t think it makes any sense to split these)&lt;br /&gt;
#moodle/course:managescales - add, delete, edit scales, move scales up and down : 1)blocks/block_admin.php 2)course/scales.php&lt;br /&gt;
#moodle/course:managegroups - managing groups, add, edit, delete : 1)course/groups.php 2)course/group.php&lt;br /&gt;
#moodle/course:managefiles - manage course files and folders&lt;br /&gt;
#moodle/course:managequestions - manage course questions&lt;br /&gt;
#moodle/course:reset - able to reset the course&lt;br /&gt;
#moodle/course:visibility - hide/show courses : 1)course/category.php&lt;br /&gt;
#moodle/course:activityvisibility - hide/show activities within a course&lt;br /&gt;
#moodle/course:viewhiddenactivities - able to see activities that have been hidden&lt;br /&gt;
#moodle/course:sectionvisibility - hide/show sections&lt;br /&gt;
#moodle/course:viewhiddensections - view hidden sections&lt;br /&gt;
#moodle/course:viewcoursegrades - views all grades in course&lt;br /&gt;
#moodle/course:managegrades - manages grades settings in course&lt;br /&gt;
#moodle/category:create - create category : 1)course/index.php&lt;br /&gt;
#moodle/category:delete - delete category : 1)course/index.php&lt;br /&gt;
#moodle/category:update - update category settings (sort and rename) this is currently an admin capability : 1)course/category.php&lt;br /&gt;
#moodle/category:visibility - hide/show categories : 1)course/index.php&lt;br /&gt;
#moodle/user:viewusergrades - view your own, or other user&#039;s grades (with specified context)&lt;br /&gt;
#moodle/user:create - create user : 1) user/edit.php&lt;br /&gt;
#moodle/user:delete - delete user : 1) admin/user.php&lt;br /&gt;
#moodle/user:update - update user settings : 1) user/edit.php&lt;br /&gt;
#moodle/user:viewdetails - view personally-identifying user details (e.g. name, photo). This ties in with the &amp;quot;visitor&amp;quot; scenario described below.&lt;br /&gt;
#moodle/calendar:manageownentries - create/edit/delete &lt;br /&gt;
#moodle/calendar:manageentries - create/edit/delete&lt;br /&gt;
#moodle/role:assign - assign roles to users&lt;br /&gt;
#moodle/role:override - can override role capabilities (depending on context)&lt;br /&gt;
#moodle/role:manage - create/edit/delete roles, set capability permissions for each role&lt;br /&gt;
#moodle/question:import - imports questions (course level?) - Yes, question permissions currently need to be course-level.--[[User:Tim Hunt|Tim Hunt]]&lt;br /&gt;
#moodle/question:export - exports questions (course level?)&lt;br /&gt;
#moodle/question:managecateory - add/delete/edit question categories (course level?)&lt;br /&gt;
#moodle/question:manage - add/edit/delete a question (course level)&lt;br /&gt;
&lt;br /&gt;
===User-level Capabilities===&lt;br /&gt;
# moodle/user:readuserposts -read individual user posts on profile page (parent?)&lt;br /&gt;
# moodle/user:readuserblogs -read individual user blogs on profile page (parent?)&lt;br /&gt;
# moodle/user:viewuseractivitiesreport-read individual activity report on profile page (parent?)&lt;br /&gt;
# moodle/user:editprofile - edit profile (normally used in CONTEXT_USERID and CONTEXT_SYSTEM)&lt;br /&gt;
&lt;br /&gt;
===Module-level Capabilities===&lt;br /&gt;
The capabilities are cached into a database table when a module is installed or updated. Whenever the capability definitions are updated, the module version number should be bumped up so that the database table can be updated.&lt;br /&gt;
&lt;br /&gt;
The naming convention for capabilities that are specific to modules and blocks is &#039;mod/mod_name:capability&#039;.  The part before the colon is the full path to the module in the Moodle code.  The module capabilities are defined in mod/mod_name/db/access.php.&lt;br /&gt;
&lt;br /&gt;
#Assignment&lt;br /&gt;
##mod/assignment:view- reading the assignment description&lt;br /&gt;
##mod/assignment:submit - turn assignment in&lt;br /&gt;
##mod/assignment:grade - grading, viewing of list of submitted assignments&lt;br /&gt;
#Chat&lt;br /&gt;
##mod/chat:chat - allows a user to participate in this chat&lt;br /&gt;
##mod/chat:readlog - allows a user to read past chat session logs&lt;br /&gt;
##mod/chat:deletelog - allows a user to delete past chat logs&lt;br /&gt;
#Choice&lt;br /&gt;
##mod/choice:choose - make a choice&lt;br /&gt;
##mod/choice:readresponses - read all responses&lt;br /&gt;
##mod/choice:deleteresponses - deletes all responses&lt;br /&gt;
##mod/choice:downloadresponses - download responses&lt;br /&gt;
#Database&lt;br /&gt;
##mod/data:readentry - reads other people&#039;s entry&lt;br /&gt;
##mod/data:writeentry - add / edit and delete (own) entries&lt;br /&gt;
##mod/data:managetemplates - add, delete, edit fields and templates&lt;br /&gt;
##mod/data:manageentries - edit/delete all entries&lt;br /&gt;
##mod/data:comment - comment&lt;br /&gt;
##mod/data:managecomments - edit/delete all comments&lt;br /&gt;
##mod/data:rate - rate an entry&lt;br /&gt;
##mod/data:approve - approves an entry&lt;br /&gt;
##mod/data:uploadentries - batch upload of entries&lt;br /&gt;
#Exercise&lt;br /&gt;
##mod/exercise:assess&lt;br /&gt;
#Forum&lt;br /&gt;
##mod/forum:viewforum&lt;br /&gt;
##mod/forum:viewdiscussion&lt;br /&gt;
##mod/forum:viewdiscussionsfromallgroups&lt;br /&gt;
##mod/forum:viewhiddentimedposts&lt;br /&gt;
##mod/forum:startdiscussion&lt;br /&gt;
##mod/forum:replypost&lt;br /&gt;
##mod/forum:viewrating&lt;br /&gt;
##mod/forum:viewanyrating&lt;br /&gt;
##mod/forum:rate&lt;br /&gt;
##mod/forum:createattachment&lt;br /&gt;
##mod/forum:deleteownpost&lt;br /&gt;
##mod/forum:deleteanypost&lt;br /&gt;
##mod/forum:splitdiscussions&lt;br /&gt;
##mod/forum:movediscussions&lt;br /&gt;
##mod/forum:editanypost&lt;br /&gt;
##mod/forum:viewqandawithoutposting&lt;br /&gt;
##mod/forum:viewsubscribers&lt;br /&gt;
##mod/forum:managesubscriptions&lt;br /&gt;
##mod/forum:throttlingapplies&lt;br /&gt;
#Glossary&lt;br /&gt;
##mod/glossary:view - read entries&lt;br /&gt;
##mod/glossary:write - add entries&lt;br /&gt;
##mod/glossary:manageentries - add, edit, delete entries&lt;br /&gt;
##mod/glossary:managecategories - create, delete, edit categories&lt;br /&gt;
##mod/glossary:comment - comment on an entry&lt;br /&gt;
##mod/glossary:managecomments - edit, delete comments&lt;br /&gt;
##mod/glossary:import - import glossaries&lt;br /&gt;
##mod/glossary:export - export glossaries&lt;br /&gt;
##mod/glossary:approve - approve glossaries&lt;br /&gt;
##mod/glossary:rate - rates glossary&lt;br /&gt;
##mod/glossary:viewrating - view ratings&lt;br /&gt;
#Hotpot&lt;br /&gt;
##mod/hotpot:attempt - attempt a hotpot&lt;br /&gt;
##mod/hotpot:viewreport - review and view reports&lt;br /&gt;
##mod/hotpot:grade - (grade? and) regrade&lt;br /&gt;
##mod/hotpot:deleteattempt - deletes attempts&lt;br /&gt;
#Label&lt;br /&gt;
##none&lt;br /&gt;
#Lams&lt;br /&gt;
##TBD&lt;br /&gt;
#Lesson&lt;br /&gt;
##TBD&lt;br /&gt;
#Quiz&lt;br /&gt;
##mod/quiz:grade - comment, override grade, manual grade&lt;br /&gt;
##mod/quiz:preview - previews the quiz&lt;br /&gt;
##mod/quiz:viewreports - view quiz result reports&lt;br /&gt;
##mod/quiz:manage - add/delete/move (up or down) questions for a quiz&lt;br /&gt;
##mod/quiz:attempt - attempt the quiz--[[User:Tim Hunt|Tim Hunt]]&lt;br /&gt;
#Resource&lt;br /&gt;
##mod/resource:view&lt;br /&gt;
#Scorm&lt;br /&gt;
##mod/scorm:view&lt;br /&gt;
##mod/scorm:viewgrades&lt;br /&gt;
#Survey&lt;br /&gt;
##mod/survey:download - downloads survery result&lt;br /&gt;
##mod/survey:participate - participate/ do survey&lt;br /&gt;
##mod/survey:readresponses - read all user&#039;s responese&lt;br /&gt;
#Wiki&lt;br /&gt;
##Waiting on new wiki&lt;br /&gt;
#Workshop&lt;br /&gt;
##mod/workshop:view - basic capability neede to enter workshop&lt;br /&gt;
##mod/workshop:participace - original student, allows use to submit and assess&lt;br /&gt;
##mod/workshop:manage - original teacher, user can manage others&lt;br /&gt;
##(Waiting on new Workshop)&lt;br /&gt;
&lt;br /&gt;
===Enrolment-level Capabilities===&lt;br /&gt;
&lt;br /&gt;
The naming convention for capabilities that are specific to enrolment is &#039;enrol/enrol_name:capability&#039;. The enrolment capabilities are defined in enrol/enrol_name/db/access.php.&lt;br /&gt;
&lt;br /&gt;
#Authorize.net Payment Gateway &lt;br /&gt;
##enrol/authorize:managepayments - manage user payments, capture, void, refund, delete etc.&lt;br /&gt;
&lt;br /&gt;
===Blocks===&lt;br /&gt;
#activity_modules&lt;br /&gt;
##None&lt;br /&gt;
#admin&lt;br /&gt;
#admin_2&lt;br /&gt;
#admin_bookmarks&lt;br /&gt;
#blog_menu&lt;br /&gt;
#blog_tags&lt;br /&gt;
#calendar_month&lt;br /&gt;
#calendar_upcoming&lt;br /&gt;
#course_list&lt;br /&gt;
#course_summary&lt;br /&gt;
#glossary_random&lt;br /&gt;
#html&lt;br /&gt;
#loancalc&lt;br /&gt;
#login&lt;br /&gt;
#messages&lt;br /&gt;
#news_items&lt;br /&gt;
#online_users&lt;br /&gt;
#participants&lt;br /&gt;
#quiz_results&lt;br /&gt;
#recent_activity&lt;br /&gt;
#rss_client&lt;br /&gt;
#search&lt;br /&gt;
#search_forums&lt;br /&gt;
#section_links&lt;br /&gt;
#site_main_menu&lt;br /&gt;
#social_activities&lt;br /&gt;
&lt;br /&gt;
===Questions===&lt;br /&gt;
I am adding question categories here because they seem to have been forgotten in the whole scheme of things since having been removed from the quiz module itself. I&#039;ve made a suggestion on how these could be handled in [http://www.moodle.org/bugs/bug.php?op=show&amp;amp;bugid=6118&amp;amp;pos= bug 6118].&lt;br /&gt;
&lt;br /&gt;
See [http://moodle.org/mod/forum/discuss.php?d=51143 this forum thread] for a discussion about the current problems wth publishing question categories.[[User:Tim Hunt|Tim Hunt]] 18:50, 8 August 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
==Programming Interface==&lt;br /&gt;
&lt;br /&gt;
Although the Roles system may look complicated at first glance, implementing it in Moodle code is fairly simple.&lt;br /&gt;
&lt;br /&gt;
* You need to define each capability once, so that Moodle can upgrade existing roles to take advantage of it.  You do this in an access.php inside the db folder of any module (eg see mod/forum/db/access.php).  The array contains entries like this (note the descriptions for the legacy roles which provides forward compatibility):&lt;br /&gt;
    &#039;mod/forum:viewforum&#039; =&amp;gt; array(&lt;br /&gt;
        &#039;captype&#039; =&amp;gt; &#039;read&#039;,&lt;br /&gt;
        &#039;contextlevel&#039; =&amp;gt; CONTEXT_MODULE,&lt;br /&gt;
        &#039;legacy&#039; =&amp;gt; array(&lt;br /&gt;
            &#039;guest&#039; =&amp;gt; CAP_PREVENT,&lt;br /&gt;
            &#039;student&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;teacher&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;editingteacher&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;coursecreator&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;admin&#039; =&amp;gt; CAP_ALLOW&lt;br /&gt;
        )&lt;br /&gt;
    ),&lt;br /&gt;
* To load/change these capabilities you need to bump the module version.   There&#039;s no need to provide changes or differences as Moodle will scan the whole array and sort it out.&lt;br /&gt;
* On each page you need to find the context the user is working in, using the get_context_instance() function.  For example, in the forum module:&lt;br /&gt;
&lt;br /&gt;
  $context = get_context_instance(CONTEXT_MODULE, $cm-&amp;gt;id);&lt;br /&gt;
* Then, whenever you want to check that the current user has rights to do something, call has_capability() like this:&lt;br /&gt;
    if (!has_capability(&#039;mod/forum:viewforum&#039;, $context)) {&lt;br /&gt;
        print_error(&#039;nopermissiontoviewforum&#039;);&lt;br /&gt;
    }&lt;br /&gt;
* If you just want to assert a capability and then finish with an error message if it&#039;s not met (as we did above), then a shorter way it to use require_capability() like this:&lt;br /&gt;
&lt;br /&gt;
    require_capability(&#039;mod/forum:viewforum&#039;, $context);&lt;br /&gt;
&lt;br /&gt;
* Note that there are extra parameters you can specify to get a custom error message, otherwise users get an automated &amp;quot;No permissions&amp;quot; message that lists the permission they were missing.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
As a result of the new Roles System, all calls to isadmin(), iscoursecreator, isteacheredit(), isteacher(), isstudent(), and isguest() will have to be replaced with calls to has_capability() or require_capability().   However, these functions will be retained for some backward compatibility with old code, using the legacy capabilities to try and work out what to do.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Problem areas we are working on ==&lt;br /&gt;
&lt;br /&gt;
===Student view===&lt;br /&gt;
&lt;br /&gt;
The &amp;quot;Student view&amp;quot; button has been removed completely.&lt;br /&gt;
&lt;br /&gt;
If there is time and a secure way can be found, it will be replaced by a menu to let the user assume a temporary role in the context of that course.&lt;br /&gt;
&lt;br /&gt;
===Teacher forum===&lt;br /&gt;
&lt;br /&gt;
Teacher forums were always a curious exception to normal forums, as they were not part of a course as such, and were not backed up.&lt;br /&gt;
&lt;br /&gt;
We&#039;re taking the opportunity to rectify this.   The upgrade converts teacher forums with content to normal forums in section 0 of the course, and ensures that only teachers can access them.  If the teacher forum had not been used in the course then it&#039;s not converted and will just dissappear.&lt;br /&gt;
&lt;br /&gt;
===Enrolment plugins===&lt;br /&gt;
&lt;br /&gt;
====Process of logging in====&lt;br /&gt;
&lt;br /&gt;
(more soon)&lt;br /&gt;
&lt;br /&gt;
====Process of checking access to a course====&lt;br /&gt;
&lt;br /&gt;
require_login($course-&amp;gt;id) is called by the script and has logic like this:&lt;br /&gt;
&lt;br /&gt;
# Is the user a guest at site level?&lt;br /&gt;
## Yes: Does the course allow guests?&lt;br /&gt;
### Yes: return true (and further capabilities are checked by the script)&lt;br /&gt;
### No:  send the user to course/enrol.php for enrolment&lt;br /&gt;
## No: continue below&lt;br /&gt;
&lt;br /&gt;
# Does the user have moodle/course:view in that (course) context?&lt;br /&gt;
## Yes: then they can enter (and further capabilities are checked by the script)&lt;br /&gt;
##  No: is guest access allowed on the course?&lt;br /&gt;
### Yes: assign temporary guest role to that user for that context (in session cache).&lt;br /&gt;
### No: send the user to course/enrol.php for enrolment.&lt;br /&gt;
&lt;br /&gt;
====Process of enrolling====&lt;br /&gt;
&lt;br /&gt;
(more soon)&lt;br /&gt;
&lt;br /&gt;
==Scenario brainstorming==&lt;br /&gt;
&lt;br /&gt;
This section is for brainstorming some example roles that we would like to support.  Note some of these *may* not be possible in 1.7.&lt;br /&gt;
&lt;br /&gt;
===Student===&lt;br /&gt;
Has this one been missed?&lt;br /&gt;
&lt;br /&gt;
===Site Designers===&lt;br /&gt;
Is there a role for people involved in how the site looks but not full administrators? Thinking here of online control of themes rather than FTP theme uploading. But in either case they caneditlogos, caneditcss, candeditlevelatwhichthemeapplies.&lt;br /&gt;
&lt;br /&gt;
===Educational Authority Adviser===&lt;br /&gt;
Someone who would want to browse the site and may be asked to comment or contribute to particular discussions or developments in school. Access for this role would be controlled by the school in the case of school level moodles but may be different if there were to be a Local Authority wide Moodle.&lt;br /&gt;
&lt;br /&gt;
===Educational Inspector===&lt;br /&gt;
Someone who will visit the site to verify the school&#039;s self review that comments on home school relationships, extending the classroom etc. They may want to see summaries of usage and reports from surveys garnering parent and pupil views.&lt;br /&gt;
&lt;br /&gt;
===Second Marker / Moderator===&lt;br /&gt;
A teacher within ths site that has access to assignments and quizzes from another teacher&#039;s course for second marking purposes. This may need additional functionality adding to the assignment module so that two sets of grades/feedback can be given to one set of assignments.&lt;br /&gt;
&lt;br /&gt;
===Peer observer of teaching===&lt;br /&gt;
Many institutions encourage peer observation of teaching, to encourage reflection on practice. In online environments this will be similar to moderation or inspection. The peer observer would need to be able to experience the course &amp;quot;as a student&amp;quot;, but also to be able to view summaries of usage, transcripts of interactions (forums/surveys/polls etc), grades assigned (e.g. in assignments).&lt;br /&gt;
&lt;br /&gt;
===External Examiner===&lt;br /&gt;
Has all the rights of inpectors, but would also need to be able to review assignments and feedback, view forums, glossaries etc. However, would not want to post, feedback onto the site at all.&lt;br /&gt;
&lt;br /&gt;
===Parent===&lt;br /&gt;
A parent will have one or more children in one or more institutions which could be using one or more moodle instances or a mixture of Learning Platforms. A parent&#039;s role will vary depending on the age of their children and whether they are contributing as a parent or a school supporter.&lt;br /&gt;
&lt;br /&gt;
In Early Years (EY=3+4 yr olds) and Key Stage 1 (KS1=5+6 yr olds) they may play/learn on an activity or write for the child. Parents often interpret homework tasks and read to their children perhaps filling in a joint reading diary. In Key Stage 2 (KS2=7-11 yr olds) parents would be more monitoring but may join in as well.&lt;br /&gt;
&lt;br /&gt;
In Key stages 3 (KS3=12-14 yr olds) and 4 (KS4=15+16 yr olds) this changes to more of a monitoring/awareness role where a parent would expect to have a summary report of attendance, attainment and general achievement on a weekly/monthly/termly or annual basis. Parents will often be asked to sign and write back comments about this review report.&lt;br /&gt;
&lt;br /&gt;
In all Key Stages there is a great need for parents to receive communication from the school which they can confirm they have received by signing a form. In some cases this may also involve making choices from a list. It may also involve payment for a trip or disco being returned so there could be the possibility of electronic payments. Also in all Key Satges there may be a home-school agreement which may be signed up to. Could this form part of a site policy system that incorporates a tickable list of activities the parent agrees to the child using (blogs/wikis/forums etc.)?&lt;br /&gt;
&lt;br /&gt;
Parent&#039;s evenings often involve complex booking systems that attempt to get parent&#039;s and teachers together. Easy for EY/KS1/KS2 very difficult for KS3/KS4. Wow would this help if it was built into the Learning Platform.&lt;br /&gt;
&lt;br /&gt;
In some cases there needs to be confidential communication between the parent and the teacher without the child being party to this. It may involve teaching and learning but could also involve a behaviour or medical issue. Often this may be done via a sealed letter or face to face. &lt;br /&gt;
&lt;br /&gt;
The latest incarnation of OfSTED with the Self Review Framework (SEF) there is a greater emphasis on schools gathering parent voice via surveys and discussion. There is a clear match here with parents have access to parental votes, questionnaires and discussions and for schools to be able to publish news, results and reports back to parents.&lt;br /&gt;
&lt;br /&gt;
In the UK the LP framework and agenda as being pushed by the DfES via Becta emphasises that within the mandatory groups and roles functionality the parent role is likely to be required to meet the LP Framework procurement standard.&lt;br /&gt;
&lt;br /&gt;
Again in the UK, parents have their own independent right of access to a child&#039;s educational records. Obviously, children&#039;s records must not be made available to other parties, including the parents of other children in the same class. Thus it would be necessary to associate parent accounts with their own child&#039;s accounts in such a way that they could, if so desired, have read access to their child&#039;s grades, answers and contributions, but generally not those of other children - this may be problematic in the case of wiki activities or forum posts.&lt;br /&gt;
&lt;br /&gt;
There is some concern that children&#039;s forum contributions etc may be constrained if their parents are able to read all that they write; this may be particularly problematic in areas such as Personal, Social and Health Education (PSHE), where some schools may choose to use obfuscated usernames.&lt;br /&gt;
&lt;br /&gt;
===Manager===&lt;br /&gt;
&#039;&#039;Please add text here...&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Weekly Seminar Leader===&lt;br /&gt;
&#039;&#039;In a university seminar, typically 8-15 students in their 3rd/4th year, each student is responsible for leading one topic in a study series.  I ask each student to research 5-10 resources, then give a powerpoint presentation to the other students.  This is followed by an in-class discussion and then online homework.  The homework involves some fun quiz questions and then some reflective journal questions.  I ask each seminar leader to prepare the quiz questions and journal questions as well as their presentation.  To do that, I would like to assign activity-making/authoring roles to the student--either for a short period, or for duration of the whole course.  Thus &amp;quot;Allow Quiz Authoring Role&amp;quot; or &amp;quot;Allow Assignment Authoring Role&amp;quot; at the course level or, if possible, even the Topic level (in a topic or week format course) would be important.&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Mentor/Mentee===&lt;br /&gt;
&#039;&#039;Please add text here...&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Community-Designed Rating Criteria===&lt;br /&gt;
&#039;&#039;The gradebook tends to be the domain of the teacher.  What if community/peer ratings/marks could also be entered there? What if peer assessment criteria could be designed by the students, not just the teacher?&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Visitor===&lt;br /&gt;
&lt;br /&gt;
This would be a role whereby one could allow a visitor to visit one&#039;s classroom. This might be a colleague interested in seeing your course, or a journalist who might be writing an article about one&#039;s site. They should not be able to see the names of any students anywhere (eg recent activity, forum posts) for privacy reasons. They should be able to try out things like quizzes, and lessons but no grades would be recorded (like in teacher preview mode). They would not be able to participate in choices and forums but could view them. It would be read only in a way like former-student role below but without access to a particular student&#039;s records that former student role would grant.&lt;br /&gt;
&lt;br /&gt;
===Guest Speaker===&lt;br /&gt;
&lt;br /&gt;
This role would be similar to the Visitor role above, but would allow seeing student names, and also allow both reading and posting to a specific forum or forums. We often have &amp;quot;guest speakers&amp;quot; who read and respond to student forum posts. Right now we have to add them as students, which isn&#039;t ideal.&lt;br /&gt;
&lt;br /&gt;
===Former Student===&lt;br /&gt;
This role would be of particular use for courses with rolling enrollments. This role would be one where a student had completed all of the requirements of a course (ie assignments, quizzes etc.) but wished to have continued access to the course material for review or consultation. The key factor is that one would give access to the completed student to the notes he read, his work and the teacher&#039;s comments on it, but he would not be allowed to do anything that would take up the teacher&#039;s time. In other words, a sort-of read-only access to the course. How forums, which might contain pertinent information and would continue to grow, would be handled is a question. Perhaps the student would be shown only what was in the forums at the time he completed the course. He would not be allowed to see any new posts or add any himself. Same thing for database and glossary entries. In other words, a snapshot of the course at the time his regular enrollment ended. He shouldn&#039;t be able to see the names or profiles of any newly enrolled students for privacy reasons-hence the restrictions on forum access. One issue that would have to be dealt with would be changes to existing modules-such as resources. Does the student get access to the module as it was or as it is? We have no versioning of resources in Moodle so this would be a problem. What about a teacher changing a quiz question so that the answer is different? What would a former student see?&lt;br /&gt;
&lt;br /&gt;
===Alumnus=== An ALUMNUS should be able to search for all other ALUMNI of the school, interact with them and be enrolled in a seperate course - which is like a META course with all the content of his learning and interaction - as well as capabilities to be a part of this ALUMNI only course.  All the teachers of courses during school years should automatically be a part of the ALUMNI course .. which means when an ALUMNUS is enrolled in a course, the original teachers of all his courses get enrolled ?  --[[User:Anil Sharma|Anil Sharma]] 20:54, 15 July 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Librarian===&lt;br /&gt;
&lt;br /&gt;
Reference Librarians have an active role in most of the courses taught at Earlham College (with Bibliographic Instruction). The Librarian role within Moodle could encompass default read access to all courses (unless prohibited by course teacher) and read access to all components of the course unless access is barred (again by teacher). The Librarians would also perhaps have a block called perhaps Reference Services or Reference Desk with write access where they could deposit resources. Also this block might have a chat applet whereby enrolled students could chat to the Reference Librarian on duty about their bibliographic research needs.&lt;br /&gt;
&lt;br /&gt;
In schools there is often a book review system. This may be covered by the lending system database but may not in which case a librarian may neeed to have a course area they can create a database template to handle the reviews in which case they may have a normal teacher style role? Off topic but course an integration with common schools database systems would be great.&lt;br /&gt;
&lt;br /&gt;
===Teacher===&lt;br /&gt;
&lt;br /&gt;
Teachers should have read access to other Teacher&#039;s courses unless explictly prohibited. They should be able to set parts of their own course to be totally private (perhaps even to admin?). Just as each activity can currently be set to have group access, each activity could have a permissions field. Teachers could set default permissions for all activities on their course (eg they might disallow Librarian access for example) and then change the access permission for an individual activity. &lt;br /&gt;
&lt;br /&gt;
I think that what is needed is a simple heirarchy of permissions and levels of granularity.&lt;br /&gt;
&lt;br /&gt;
I would take issue with &amp;quot;teachers should have read access to other teacher&#039;s courses unless explicitly prohibited.&amp;quot; This is a violation of the students&#039; privacy as how they perform and what they do in one class isn&#039;t the business of another teacher. Moreover, in the real world a teacher wouldn&#039;t suddenly go sit in on a colleague&#039;s class without asking permission first. I would not have appreciated such an invasion of privacy as either a teacher or a student. It could be an option, but shouldn&#039;t be default.--[[User:N Hansen|N Hansen]] 19:54, 12 June 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Community Education Tutors/Trainers===&lt;br /&gt;
Teachers may be community adult education trainers making use of a school moodle so must only have access to their courses unless given access elsewhere. They would not necessarily get the default teacher privileges.&lt;br /&gt;
&lt;br /&gt;
===Secretary/Student Worker===&lt;br /&gt;
&lt;br /&gt;
We often have faculty who want their departmental secretary or student worker to scan and upload files and perhaps create resources. Currently they have to be given teacher access to the course. This is dangerous from a FERPA standpoint since they could easily get access to grades.&lt;br /&gt;
&lt;br /&gt;
===Teaching Assistant===&lt;br /&gt;
&lt;br /&gt;
Our Faculty frequently have undergraduate students acting as Teaching Assistants. These students need to be able to add resources, create assignments, and possibly grade assignments. However, due to FERPA they cannot have access to other students&#039; overall grade information. I think the requirements here are slightly different than those of Secretary/Student Worker&lt;br /&gt;
&lt;br /&gt;
===Student - FERPA rights===&lt;br /&gt;
&lt;br /&gt;
A student that has asserted their FERPA rights to non-disclosure.  Typically includes not publishing their name&lt;br /&gt;
in any public place.  Could include this student only being seen with an &amp;quot;alias&amp;quot; within course spaces.  Is this an attribute rather&lt;br /&gt;
than a role?&lt;br /&gt;
&lt;br /&gt;
===Help Desk===&lt;br /&gt;
&lt;br /&gt;
Help desk agents that have read access for the purposes of trouble shooting.  Some care in placing this role within a hierarchy&lt;br /&gt;
of inheritance is needed, full access will be problematic with FERPA.&lt;br /&gt;
&lt;br /&gt;
===Admin - Catgory based===&lt;br /&gt;
&lt;br /&gt;
Basically a person in between full Admin and Creator that has the permissions of an Admin but only with respect to courses and students. Currently a Creator has permissions site-wide which does not always meet the requirements of a given organisation (e.g. Department A may not be happy that a person from Department B can create/modify courses within Department A&#039;s area). The ability to designate a Creator within a specific category would allow areas to be set up for a faculty/department/organisation and allow the Admin for that area to create/delete courses, upload users, add site-wide entries to the calendar etc.&lt;br /&gt;
&lt;br /&gt;
===PROCESS ROLES===&lt;br /&gt;
&lt;br /&gt;
organising the learning process for a group you wish to have the choice to place students in differnt roles: examples of this are:&lt;br /&gt;
&amp;lt;li&amp;gt;1. Give a student the role of forum-moderator with edit and chunk-rights&lt;br /&gt;
&amp;lt;li&amp;gt;2. Give students different roles &amp;amp; rights in a Webquest design (and change these roles next week&lt;br /&gt;
&amp;lt;li&amp;gt;3. Give students different resources, depending of their roles in a rolegame/simulation&lt;br /&gt;
&amp;lt;li&amp;gt;4. Give a student the rights to create the section content of next week (and only that week..)&lt;br /&gt;
&amp;lt;li&amp;gt;5. ..&lt;br /&gt;
&lt;br /&gt;
==See also==&lt;br /&gt;
&lt;br /&gt;
*Using Moodle [http://moodle.org/mod/forum/discuss.php?d=38788 Roles and Permissions architecture] forum discussion&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[Category:Future]]&lt;br /&gt;
[[Category:Roles]]&lt;br /&gt;
&lt;br /&gt;
[[ru:Роли]]&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Roles&amp;diff=3092</id>
		<title>Roles</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Roles&amp;diff=3092"/>
		<updated>2006-09-08T03:05:05Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* Core-level Capabilities */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&#039;&#039;&#039;Roles and permissions&#039;&#039;&#039; will be in Moodle 1.7 and are available in the developer version of Moodle.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Definitions==&lt;br /&gt;
&lt;br /&gt;
A role is an identifier of the user&#039;s status in some context, for example, teacher, student and forum moderator are examples of roles.&lt;br /&gt;
&lt;br /&gt;
A capability is a description of some particular Moodle feature. Capabilities are associated with roles. For example, &#039;&#039;mod/forum:replypost&#039;&#039; is a capability.&lt;br /&gt;
&lt;br /&gt;
A permission is some value that is assigned for a capability for a particular role.  For example, allow or prevent.&lt;br /&gt;
&lt;br /&gt;
A context is a &amp;quot;space&amp;quot; in the Moodle, such as courses, activity modules, blocks etc.&lt;br /&gt;
&lt;br /&gt;
==The existing system==&lt;br /&gt;
&lt;br /&gt;
Currently in Moodle, we have a fixed set of roles i.e. primary admin, admins, course creators, editing teachers, non-editing teachers, students, and guests. For each role, the capability or actions that they can performed are fixed. For example, the role student allows the user to submit an assignment, but doesn&#039;t allow the user to browse/edit other users&#039; work. By using this setup we limit ourselves to a rather rigid set of capabilities for each role. If we want, say a particular student or group to be able to mark assignments in a particular course, we can&#039;t do that without giving these users teacher privileges.&lt;br /&gt;
&lt;br /&gt;
==The new roles and capability system==&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{{Moodle 1.7}}The new system will allow authorized users to define an arbitrary number of roles (eg a teacher) &lt;br /&gt;
&lt;br /&gt;
A role consists of a list of permissions for different possible actions within Moodle (eg delete discussions, add activities etc)&lt;br /&gt;
&lt;br /&gt;
Roles can be applied to users in a context (eg assign Fred as a teacher in a particular course)&lt;br /&gt;
&lt;br /&gt;
Here are the possible contexts, listed from the most general to the most specific. &lt;br /&gt;
&lt;br /&gt;
#CONTEXT_SYSTEM&lt;br /&gt;
#CONTEXT_PERSONAL&lt;br /&gt;
#CONTEXT_USERID&lt;br /&gt;
#CONTEXT_COURSECAT&lt;br /&gt;
#CONTEXT_COURSE&lt;br /&gt;
#CONTEXT_GROUP&lt;br /&gt;
#CONTEXT_MODULE&lt;br /&gt;
#CONTEXT_BLOCK&lt;br /&gt;
&lt;br /&gt;
An authorized user will be able to assign an arbitrary number of roles to each user in any context.&lt;br /&gt;
&lt;br /&gt;
Capabilities can have the following permissions:&lt;br /&gt;
&lt;br /&gt;
#CAP_INHERIT&lt;br /&gt;
#CAP_ALLOW&lt;br /&gt;
#CAP_PREVENT&lt;br /&gt;
#CAP_PROHIBIT&lt;br /&gt;
&lt;br /&gt;
If no permission is defined, then the capability permission is inherited from a context that is more general than the current context. If we define different permission values for the same capability in different contexts, we say that we are overriding the capability in the more specific context.&lt;br /&gt;
&lt;br /&gt;
Since the capabilities in each role could be different, there could be conflict in capabilities. This is resolved by enforcing the rule that the capability defined for a more specific context will win, unless a prohibit is encountered in a less specific context.&lt;br /&gt;
&lt;br /&gt;
For example, Mark has a student role at course level, which allows him to write into a wiki. But Mark also got assigned a Visitor role at a module context level (for a particular wiki) which prevents him from writing to the wiki (read only). Therefore, for this particular wiki, Mark will not be able to write to the wiki since the more specific context wins.&lt;br /&gt;
&lt;br /&gt;
If we set a prohibit on a capability, it means that the capability cannot be overridden and will always have a permission of prevent (deny). Prohibit always wins. For example, Jeff has a naughty student role that prohibits him from postings in any forums (for the whole site), but he&#039;s also assigned a facilitator role in &amp;quot;Science forum&amp;quot; in the course Science and Math 101. Since prohibit always wins, Jeff is unable to post in &amp;quot;Science forum&amp;quot;.&lt;br /&gt;
&lt;br /&gt;
Allow and prevent will cancel each other out if set for the same capability at the same context level. If this happens, we refer to the previous context level to determine the permission for the capability.&lt;br /&gt;
&lt;br /&gt;
This may sound more complex than it really is in practice.  The upshot is that the system can be flexible enough to allow any combination of permissions.&lt;br /&gt;
&lt;br /&gt;
==Upgrading from 1.6==&lt;br /&gt;
&lt;br /&gt;
A smooth upgrade will be provided with 1.7. The existing roles (admin, teacher, student, etc), and the existing capabilities will be automatically retained.  This is done by creating default roles at site/course levels, and assigning the current users to these roles accordingly. The default roles will have default capabilities associated with them, mirroring what we have  in 1.6.   With no modifications, Moodle will operate exactly the same before and after the upgrade.&lt;br /&gt;
&lt;br /&gt;
===Teachers===&lt;br /&gt;
&lt;br /&gt;
Users who were teachers will be assigned the default legacy teacher role (or non-editing teacher role) in all courses they were teacher.&lt;br /&gt;
&lt;br /&gt;
===Students===&lt;br /&gt;
&lt;br /&gt;
Users who were students will be assigned the default student role in all courses they were student.&lt;br /&gt;
&lt;br /&gt;
===Guests===&lt;br /&gt;
&lt;br /&gt;
There will still be a single guest user with no default role at site level.   For each course that allows guest access, the guest role will be assigned to the guest user for that course context.   The guest control for the course will be modified from three to two options (guests always need to enter enrolment key - on/off).  This setting is checked as now to force guests to enter key.&lt;br /&gt;
&lt;br /&gt;
==Capabilities==&lt;br /&gt;
&lt;br /&gt;
This will be a comprehensive list of capabilities (it&#039;s not complete yet). It is important that capability names are unique.&lt;br /&gt;
&lt;br /&gt;
===Core-level Capabilities===&lt;br /&gt;
&lt;br /&gt;
Moodle core capability names start with &#039;moodle/&#039;.  The next word indicates what type of core capability it is, and the last word is the actual capability itself.  The capabilities for the Moodle core are defined in lib/db/access.php&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
#moodle/legacy:guest - legacy capabilities are used to transition existing users to the new roles system during the upgrade to Moodle 1.7&lt;br /&gt;
#moodle/legacy:student&lt;br /&gt;
#moodle/legacy:teacher&lt;br /&gt;
#moodle/legacy:editingteacher&lt;br /&gt;
#moodle/legacy:coursecreator&lt;br /&gt;
#moodle/legacy:admin&lt;br /&gt;
#moodle/site:doanything - special capability, meant for admins, if is set, overrides all other capability settings&lt;br /&gt;
#moodle/site:config - applicable in admin/index.php and config.php (might break down later) : 1)admin/config.php 2)admin/configure.php 3)blocks/admin/block_admin.php load_content_for_site()&lt;br /&gt;
#moodle/site:manageblocks - adding/removing/editing blocks (site, course contexts only for now) : 1)_add_edit_controls moodleblock.class.php &lt;br /&gt;
#moodle/site:backup - can create a course backup : 1)course/category.php 2)block_admin.php&lt;br /&gt;
#moodle/site:restore - can restore into this context : 1)course/category.php 2)block_admin.php&lt;br /&gt;
#moodle/site:import - can import other courses into this context : 1)block_admin.php&lt;br /&gt;
#moodle/site:accessallgroups - able to access all groups irrespective of what group the user is in&lt;br /&gt;
#moodle/site:accessdb - directly accessing db (phpmyadmin)&lt;br /&gt;
#moodle/site:viewfullnames - able to see fullnames of other users&lt;br /&gt;
#moodle/site:viewreports - able to view site/course reports&lt;br /&gt;
#moodle/site:trustcontent - ability to use trusttext feature and bypass cleaning in specific areas&lt;br /&gt;
#moodle/blog:view - read blogs&lt;br /&gt;
#moodle/blog:create - write new blog posts&lt;br /&gt;
#moodle/blog:manageofficialtags - create/delete official blog tags that others can use&lt;br /&gt;
#moodle/blog:managepersonaltags - create/delete official blog tags that others can use&lt;br /&gt;
#moodle/blog:manageentries - edit/delete all blog entries&lt;br /&gt;
#moodle/course:setcurrentsection - mark course section&lt;br /&gt;
#moodle/course:approve - approves a pending course&lt;br /&gt;
#moodle/course:create - create courses : 1)course/edit.php 2)course/category.php 3)course/index.php&lt;br /&gt;
#moodle/course:delete - create courses : 1)course/category.php&lt;br /&gt;
#moodle/course:update - update course settings&lt;br /&gt;
#moodle/course:view - can use this to find participants&lt;br /&gt;
#moodle/course:viewparticipants - allows a user to view participant list&lt;br /&gt;
#moodle/course:viewscales - view scales (i.e. in a help window?) : 1)course/scales.php&lt;br /&gt;
#moodle/course:manageactivities - adding/removing/editing activities and resources (don&#039;t think it makes any sense to split these)&lt;br /&gt;
#moodle/course:managescales - add, delete, edit scales, move scales up and down : 1)blocks/block_admin.php 2)course/scales.php&lt;br /&gt;
#moodle/course:managegroups - managing groups, add, edit, delete : 1)course/groups.php 2)course/group.php&lt;br /&gt;
#moodle/course:managefiles - manage course files and folders&lt;br /&gt;
#moodle/course:managequestions - manage course questions&lt;br /&gt;
#moodle/course:reset - able to reset the course&lt;br /&gt;
#moodle/course:visibility - hide/show courses : 1)course/category.php&lt;br /&gt;
#moodle/course:activityvisibility - hide/show activities within a course&lt;br /&gt;
#moodle/course:viewhiddenactivities - able to see activities that have been hidden&lt;br /&gt;
#moodle/course:sectionvisibility - hide/show sections&lt;br /&gt;
#moodle/course:viewhiddensections - view hidden sections&lt;br /&gt;
#moodle/course:viewcoursegrades - views all grades in course&lt;br /&gt;
#moodle/course:managegrades - manages grades settings in course&lt;br /&gt;
#moodle/category:create - create category : 1)course/index.php&lt;br /&gt;
#moodle/category:delete - delete category : 1)course/index.php&lt;br /&gt;
#moodle/category:update - update category settings (sort and rename) this is currently an admin capability : 1)course/category.php&lt;br /&gt;
#moodle/category:visibility - hide/show categories : 1)course/index.php&lt;br /&gt;
#moodle/user:viewusergrades - view your own, or other user&#039;s grades (with specified context)&lt;br /&gt;
#moodle/user:create - create user : 1) user/edit.php&lt;br /&gt;
#moodle/user:delete - delete user : 1) admin/user.php&lt;br /&gt;
#moodle/user:update - update user settings : 1) user/edit.php&lt;br /&gt;
#moodle/user:viewdetails - view personally-identifying user details (e.g. name, photo). This ties in with the &amp;quot;visitor&amp;quot; scenario described below.&lt;br /&gt;
#moodle/calendar:manageownentries - create/edit/delete &lt;br /&gt;
#moodle/calendar:manageentries - create/edit/delete&lt;br /&gt;
#moodle/role:assign - assign roles to users&lt;br /&gt;
#moodle/role:override - can override role capabilities (depending on context)&lt;br /&gt;
#moodle/role:manage - create/edit/delete roles, set capability permissions for each role&lt;br /&gt;
#moodle/question:import - imports questions (course level?) - Yes, question permissions currently need to be course-level.--[[User:Tim Hunt|Tim Hunt]]&lt;br /&gt;
#moodle/question:export - exports questions (course level?)&lt;br /&gt;
#moodle/question:managecateory - add/delete/edit question categories (course level?)&lt;br /&gt;
#moodle/question:manage - add/edit/delete a question (course level)&lt;br /&gt;
&lt;br /&gt;
===User-level Capabilities===&lt;br /&gt;
# moodle/user:readuserposts -read individual user posts on profile page (parent?)&lt;br /&gt;
# moodle/user:readuserblogs -read individual user blogs on profile page (parent?)&lt;br /&gt;
# moodle/user:viewuseractivitiesreport-read individual activity report on profile page (parent?)&lt;br /&gt;
# moodle/user:editprofile - edit profile (normally used in CONTEXT_USERID and CONTEXT_SYSTEM)&lt;br /&gt;
&lt;br /&gt;
===Module-level Capabilities===&lt;br /&gt;
The capabilities are cached into a database table when a module is installed or updated. Whenever the capability definitions are updated, the module version number should be bumped up so that the database table can be updated.&lt;br /&gt;
&lt;br /&gt;
The naming convention for capabilities that are specific to modules and blocks is &#039;mod/mod_name:capability&#039;.  The part before the colon is the full path to the module in the Moodle code.  The module capabilities are defined in mod/mod_name/db/access.php.&lt;br /&gt;
&lt;br /&gt;
#Assignment&lt;br /&gt;
##mod/assignment:view- reading the assignment description&lt;br /&gt;
##mod/assignment:submit - turn assignment in&lt;br /&gt;
##mod/assignment:grade - grading, viewing of list of submitted assignments&lt;br /&gt;
#Chat&lt;br /&gt;
##mod/chat:chat - allows a user to participate in this chat&lt;br /&gt;
##mod/chat:readlog - allows a user to read past chat session logs&lt;br /&gt;
##mod/chat:deletelog - allows a user to delete past chat logs&lt;br /&gt;
#Choice&lt;br /&gt;
##mod/choice:choose - make a choice&lt;br /&gt;
##mod/choice:readresponses - read all responses&lt;br /&gt;
##mod/choice:deleteresponses - deletes all responses&lt;br /&gt;
##mod/choice:downloadresponses - download responses&lt;br /&gt;
#Database&lt;br /&gt;
##mod/data:readentry - reads other people&#039;s entry&lt;br /&gt;
##mod/data:writeentry - add / edit and delete (own) entries&lt;br /&gt;
##mod/data:managetemplates - add, delete, edit fields and templates&lt;br /&gt;
##mod/data:manageentries - edit/delete all entries&lt;br /&gt;
##mod/data:comment - comment&lt;br /&gt;
##mod/data:managecomments - edit/delete all comments&lt;br /&gt;
##mod/data:rate - rate an entry&lt;br /&gt;
##mod/data:approve - approves an entry&lt;br /&gt;
##mod/data:uploadentries - batch upload of entries&lt;br /&gt;
#Exercise&lt;br /&gt;
##mod/exercise:assess&lt;br /&gt;
#Forum&lt;br /&gt;
##mod/forum:viewforum&lt;br /&gt;
##mod/forum:viewdiscussion&lt;br /&gt;
##mod/forum:viewdiscussionsfromallgroups&lt;br /&gt;
##mod/forum:viewhiddentimedposts&lt;br /&gt;
##mod/forum:startdiscussion&lt;br /&gt;
##mod/forum:replypost&lt;br /&gt;
##mod/forum:viewrating&lt;br /&gt;
##mod/forum:viewanyrating&lt;br /&gt;
##mod/forum:rate&lt;br /&gt;
##mod/forum:createattachment&lt;br /&gt;
##mod/forum:deleteownpost&lt;br /&gt;
##mod/forum:deleteanypost&lt;br /&gt;
##mod/forum:splitdiscussions&lt;br /&gt;
##mod/forum:movediscussions&lt;br /&gt;
##mod/forum:editanypost&lt;br /&gt;
##mod/forum:viewqandawithoutposting&lt;br /&gt;
##mod/forum:viewsubscribers&lt;br /&gt;
##mod/forum:managesubscriptions&lt;br /&gt;
##mod/forum:throttlingapplies&lt;br /&gt;
#Glossary&lt;br /&gt;
##mod/glossary:view - read entries&lt;br /&gt;
##mod/glossary:write - add entries&lt;br /&gt;
##mod/glossary:manageentries - add, edit, delete entries&lt;br /&gt;
##mod/glossary:managecategories - create, delete, edit categories&lt;br /&gt;
##mod/glossary:comment - comment on an entry&lt;br /&gt;
##mod/glossary:managecomments - edit, delete comments&lt;br /&gt;
##mod/glossary:import - import glossaries&lt;br /&gt;
##mod/glossary:export - export glossaries&lt;br /&gt;
##mod/glossary:approve - approve glossaries&lt;br /&gt;
##mod/glossary:rate - rates glossary&lt;br /&gt;
##mod/glossary:viewrating - view ratings&lt;br /&gt;
#Hotpot&lt;br /&gt;
##mod/hotpot:attempt - attempt a hotpot&lt;br /&gt;
##mod/hotpot:viewreport - review and view reports&lt;br /&gt;
##mod/hotpot:grade - (grade? and) regrade&lt;br /&gt;
##mod/hotpot:deleteattempt - deletes attempts&lt;br /&gt;
#Label&lt;br /&gt;
##none&lt;br /&gt;
#Lams&lt;br /&gt;
##TBD&lt;br /&gt;
#Lesson&lt;br /&gt;
##TBD&lt;br /&gt;
#Quiz&lt;br /&gt;
##mod/quiz:grade - comment, override grade, manual grade&lt;br /&gt;
##mod/quiz:preview - previews the quiz&lt;br /&gt;
##mod/quiz:viewreports - view quiz result reports&lt;br /&gt;
##mod/quiz:manage - add/delete/move (up or down) questions for a quiz&lt;br /&gt;
##mod/quiz:attempt - attempt the quiz--[[User:Tim Hunt|Tim Hunt]]&lt;br /&gt;
#Resource&lt;br /&gt;
##mod/resource:view&lt;br /&gt;
#Scorm&lt;br /&gt;
##mod/scorm:view&lt;br /&gt;
##mod/scorm:viewgrades&lt;br /&gt;
#Survey&lt;br /&gt;
##mod/survey:download - downloads survery result&lt;br /&gt;
##mod/survey:participate - participate/ do survey&lt;br /&gt;
##mod/survey:readresponses - read all user&#039;s responese&lt;br /&gt;
#Wiki&lt;br /&gt;
##Waiting on new wiki&lt;br /&gt;
#Workshop&lt;br /&gt;
##mod/workshop:view - basic capability neede to enter workshop&lt;br /&gt;
##mod/workshop:participace - original student, allows use to submit and assess&lt;br /&gt;
##mod/workshop:manage - original teacher, user can manage others&lt;br /&gt;
##(Waiting on new Workshop)&lt;br /&gt;
&lt;br /&gt;
===Enrolment-level Capabilities===&lt;br /&gt;
&lt;br /&gt;
The naming convention for capabilities that are specific to enrolment is &#039;enrol/enrol_name:capability&#039;. The enrolment capabilities are defined in enrol/enrol_name/db/access.php.&lt;br /&gt;
&lt;br /&gt;
#Authorize.net Payment Gateway &lt;br /&gt;
##enrol/authorize:managepayments - manage user payments, capture, void, refund, delete etc.&lt;br /&gt;
&lt;br /&gt;
===Blocks===&lt;br /&gt;
#activity_modules&lt;br /&gt;
##None&lt;br /&gt;
#admin&lt;br /&gt;
#admin_2&lt;br /&gt;
#admin_bookmarks&lt;br /&gt;
#blog_menu&lt;br /&gt;
#blog_tags&lt;br /&gt;
#calendar_month&lt;br /&gt;
#calendar_upcoming&lt;br /&gt;
#course_list&lt;br /&gt;
#course_summary&lt;br /&gt;
#glossary_random&lt;br /&gt;
#html&lt;br /&gt;
#loancalc&lt;br /&gt;
#login&lt;br /&gt;
#messages&lt;br /&gt;
#news_items&lt;br /&gt;
#online_users&lt;br /&gt;
#participants&lt;br /&gt;
#quiz_results&lt;br /&gt;
#recent_activity&lt;br /&gt;
#rss_client&lt;br /&gt;
#search&lt;br /&gt;
#search_forums&lt;br /&gt;
#section_links&lt;br /&gt;
#site_main_menu&lt;br /&gt;
#social_activities&lt;br /&gt;
&lt;br /&gt;
===Questions===&lt;br /&gt;
I am adding question categories here because they seem to have been forgotten in the whole scheme of things since having been removed from the quiz module itself. I&#039;ve made a suggestion on how these could be handled in [http://www.moodle.org/bugs/bug.php?op=show&amp;amp;bugid=6118&amp;amp;pos= bug 6118].&lt;br /&gt;
&lt;br /&gt;
See [http://moodle.org/mod/forum/discuss.php?d=51143 this forum thread] for a discussion about the current problems wth publishing question categories.[[User:Tim Hunt|Tim Hunt]] 18:50, 8 August 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
==Programming Interface==&lt;br /&gt;
&lt;br /&gt;
Although the Roles system may look complicated at first glance, implementing it in Moodle code is fairly simple.&lt;br /&gt;
&lt;br /&gt;
* You need to define each capability once, so that Moodle can upgrade existing roles to take advantage of it.  You do this in an access.php inside the db folder of any module (eg see mod/forum/db/access.php).  The array contains entries like this (note the descriptions for the legacy roles which provides forward compatibility):&lt;br /&gt;
    &#039;mod/forum:viewforum&#039; =&amp;gt; array(&lt;br /&gt;
        &#039;captype&#039; =&amp;gt; &#039;read&#039;,&lt;br /&gt;
        &#039;contextlevel&#039; =&amp;gt; CONTEXT_MODULE,&lt;br /&gt;
        &#039;legacy&#039; =&amp;gt; array(&lt;br /&gt;
            &#039;guest&#039; =&amp;gt; CAP_PREVENT,&lt;br /&gt;
            &#039;student&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;teacher&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;editingteacher&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;coursecreator&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;admin&#039; =&amp;gt; CAP_ALLOW&lt;br /&gt;
        )&lt;br /&gt;
    ),&lt;br /&gt;
* To load/change these capabilities you need to bump the module version.   There&#039;s no need to provide changes or differences as Moodle will scan the whole array and sort it out.&lt;br /&gt;
* On each page you need to find the context the user is working in, using the get_context_instance() function.  For example, in the forum module:&lt;br /&gt;
&lt;br /&gt;
  $context = get_context_instance(CONTEXT_MODULE, $cm-&amp;gt;id);&lt;br /&gt;
* Then, whenever you want to check that the current user has rights to do something, call has_capability() like this:&lt;br /&gt;
    if (!has_capability(&#039;mod/forum:viewforum&#039;, $context)) {&lt;br /&gt;
        print_error(&#039;nopermissiontoviewforum&#039;);&lt;br /&gt;
    }&lt;br /&gt;
* If you just want to assert a capability and then finish with an error message if it&#039;s not met (as we did above), then a shorter way it to use require_capability() like this:&lt;br /&gt;
&lt;br /&gt;
    require_capability(&#039;mod/forum:viewforum&#039;, $context);&lt;br /&gt;
&lt;br /&gt;
* Note that there are extra parameters you can specify to get a custom error message, otherwise users get an automated &amp;quot;No permissions&amp;quot; message that lists the permission they were missing.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
As a result of the new Roles System, all calls to isadmin(), iscoursecreator, isteacheredit(), isteacher(), isstudent(), and isguest() will have to be replaced with calls to has_capability() or require_capability().   However, these functions will be retained for some backward compatibility with old code, using the legacy capabilities to try and work out what to do.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Problem areas we are working on ==&lt;br /&gt;
&lt;br /&gt;
===Student view===&lt;br /&gt;
&lt;br /&gt;
The &amp;quot;Student view&amp;quot; button has been removed completely.&lt;br /&gt;
&lt;br /&gt;
If there is time and a secure way can be found, it will be replaced by a menu to let the user assume a temporary role in the context of that course.&lt;br /&gt;
&lt;br /&gt;
===Teacher forum===&lt;br /&gt;
&lt;br /&gt;
Teacher forums were always a curious exception to normal forums, as they were not part of a course as such, and were not backed up.&lt;br /&gt;
&lt;br /&gt;
We&#039;re taking the opportunity to rectify this.   The upgrade converts teacher forums with content to normal forums in section 0 of the course, and ensures that only teachers can access them.  If the teacher forum had not been used in the course then it&#039;s not converted and will just dissappear.&lt;br /&gt;
&lt;br /&gt;
===Enrolment plugins===&lt;br /&gt;
&lt;br /&gt;
====Process of logging in====&lt;br /&gt;
&lt;br /&gt;
(more soon)&lt;br /&gt;
&lt;br /&gt;
====Process of checking access to a course====&lt;br /&gt;
&lt;br /&gt;
require_login($course-&amp;gt;id) is called by the script and has logic like this:&lt;br /&gt;
&lt;br /&gt;
# Is the user a guest at site level?&lt;br /&gt;
## Yes: Does the course allow guests?&lt;br /&gt;
### Yes: return true (and further capabilities are checked by the script)&lt;br /&gt;
### No:  send the user to course/enrol.php for enrolment&lt;br /&gt;
## No: continue below&lt;br /&gt;
&lt;br /&gt;
# Does the user have moodle/course:view in that (course) context?&lt;br /&gt;
## Yes: then they can enter (and further capabilities are checked by the script)&lt;br /&gt;
##  No: is guest access allowed on the course?&lt;br /&gt;
### Yes: assign temporary guest role to that user for that context (in session cache).&lt;br /&gt;
### No: send the user to course/enrol.php for enrolment.&lt;br /&gt;
&lt;br /&gt;
====Process of enrolling====&lt;br /&gt;
&lt;br /&gt;
(more soon)&lt;br /&gt;
&lt;br /&gt;
==Scenario brainstorming==&lt;br /&gt;
&lt;br /&gt;
This section is for brainstorming some example roles that we would like to support.  Note some of these *may* not be possible in 1.7.&lt;br /&gt;
&lt;br /&gt;
===Student===&lt;br /&gt;
Has this one been missed?&lt;br /&gt;
&lt;br /&gt;
===Site Designers===&lt;br /&gt;
Is there a role for people involved in how the site looks but not full administrators? Thinking here of online control of themes rather than FTP theme uploading. But in either case they caneditlogos, caneditcss, candeditlevelatwhichthemeapplies.&lt;br /&gt;
&lt;br /&gt;
===Educational Authority Adviser===&lt;br /&gt;
Someone who would want to browse the site and may be asked to comment or contribute to particular discussions or developments in school. Access for this role would be controlled by the school in the case of school level moodles but may be different if there were to be a Local Authority wide Moodle.&lt;br /&gt;
&lt;br /&gt;
===Educational Inspector===&lt;br /&gt;
Someone who will visit the site to verify the school&#039;s self review that comments on home school relationships, extending the classroom etc. They may want to see summaries of usage and reports from surveys garnering parent and pupil views.&lt;br /&gt;
&lt;br /&gt;
===Second Marker / Moderator===&lt;br /&gt;
A teacher within ths site that has access to assignments and quizzes from another teacher&#039;s course for second marking purposes. This may need additional functionality adding to the assignment module so that two sets of grades/feedback can be given to one set of assignments.&lt;br /&gt;
&lt;br /&gt;
===Peer observer of teaching===&lt;br /&gt;
Many institutions encourage peer observation of teaching, to encourage reflection on practice. In online environments this will be similar to moderation or inspection. The peer observer would need to be able to experience the course &amp;quot;as a student&amp;quot;, but also to be able to view summaries of usage, transcripts of interactions (forums/surveys/polls etc), grades assigned (e.g. in assignments).&lt;br /&gt;
&lt;br /&gt;
===External Examiner===&lt;br /&gt;
Has all the rights of inpectors, but would also need to be able to review assignments and feedback, view forums, glossaries etc. However, would not want to post, feedback onto the site at all.&lt;br /&gt;
&lt;br /&gt;
===Parent===&lt;br /&gt;
A parent will have one or more children in one or more institutions which could be using one or more moodle instances or a mixture of Learning Platforms. A parent&#039;s role will vary depending on the age of their children and whether they are contributing as a parent or a school supporter.&lt;br /&gt;
&lt;br /&gt;
In Early Years (EY=3+4 yr olds) and Key Stage 1 (KS1=5+6 yr olds) they may play/learn on an activity or write for the child. Parents often interpret homework tasks and read to their children perhaps filling in a joint reading diary. In Key Stage 2 (KS2=7-11 yr olds) parents would be more monitoring but may join in as well.&lt;br /&gt;
&lt;br /&gt;
In Key stages 3 (KS3=12-14 yr olds) and 4 (KS4=15+16 yr olds) this changes to more of a monitoring/awareness role where a parent would expect to have a summary report of attendance, attainment and general achievement on a weekly/monthly/termly or annual basis. Parents will often be asked to sign and write back comments about this review report.&lt;br /&gt;
&lt;br /&gt;
In all Key Stages there is a great need for parents to receive communication from the school which they can confirm they have received by signing a form. In some cases this may also involve making choices from a list. It may also involve payment for a trip or disco being returned so there could be the possibility of electronic payments. Also in all Key Satges there may be a home-school agreement which may be signed up to. Could this form part of a site policy system that incorporates a tickable list of activities the parent agrees to the child using (blogs/wikis/forums etc.)?&lt;br /&gt;
&lt;br /&gt;
Parent&#039;s evenings often involve complex booking systems that attempt to get parent&#039;s and teachers together. Easy for EY/KS1/KS2 very difficult for KS3/KS4. Wow would this help if it was built into the Learning Platform.&lt;br /&gt;
&lt;br /&gt;
In some cases there needs to be confidential communication between the parent and the teacher without the child being party to this. It may involve teaching and learning but could also involve a behaviour or medical issue. Often this may be done via a sealed letter or face to face. &lt;br /&gt;
&lt;br /&gt;
The latest incarnation of OfSTED with the Self Review Framework (SEF) there is a greater emphasis on schools gathering parent voice via surveys and discussion. There is a clear match here with parents have access to parental votes, questionnaires and discussions and for schools to be able to publish news, results and reports back to parents.&lt;br /&gt;
&lt;br /&gt;
In the UK the LP framework and agenda as being pushed by the DfES via Becta emphasises that within the mandatory groups and roles functionality the parent role is likely to be required to meet the LP Framework procurement standard.&lt;br /&gt;
&lt;br /&gt;
Again in the UK, parents have their own independent right of access to a child&#039;s educational records. Obviously, children&#039;s records must not be made available to other parties, including the parents of other children in the same class. Thus it would be necessary to associate parent accounts with their own child&#039;s accounts in such a way that they could, if so desired, have read access to their child&#039;s grades, answers and contributions, but generally not those of other children - this may be problematic in the case of wiki activities or forum posts.&lt;br /&gt;
&lt;br /&gt;
There is some concern that children&#039;s forum contributions etc may be constrained if their parents are able to read all that they write; this may be particularly problematic in areas such as Personal, Social and Health Education (PSHE), where some schools may choose to use obfuscated usernames.&lt;br /&gt;
&lt;br /&gt;
===Manager===&lt;br /&gt;
&#039;&#039;Please add text here...&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Weekly Seminar Leader===&lt;br /&gt;
&#039;&#039;In a university seminar, typically 8-15 students in their 3rd/4th year, each student is responsible for leading one topic in a study series.  I ask each student to research 5-10 resources, then give a powerpoint presentation to the other students.  This is followed by an in-class discussion and then online homework.  The homework involves some fun quiz questions and then some reflective journal questions.  I ask each seminar leader to prepare the quiz questions and journal questions as well as their presentation.  To do that, I would like to assign activity-making/authoring roles to the student--either for a short period, or for duration of the whole course.  Thus &amp;quot;Allow Quiz Authoring Role&amp;quot; or &amp;quot;Allow Assignment Authoring Role&amp;quot; at the course level or, if possible, even the Topic level (in a topic or week format course) would be important.&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Mentor/Mentee===&lt;br /&gt;
&#039;&#039;Please add text here...&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Community-Designed Rating Criteria===&lt;br /&gt;
&#039;&#039;The gradebook tends to be the domain of the teacher.  What if community/peer ratings/marks could also be entered there? What if peer assessment criteria could be designed by the students, not just the teacher?&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Visitor===&lt;br /&gt;
&lt;br /&gt;
This would be a role whereby one could allow a visitor to visit one&#039;s classroom. This might be a colleague interested in seeing your course, or a journalist who might be writing an article about one&#039;s site. They should not be able to see the names of any students anywhere (eg recent activity, forum posts) for privacy reasons. They should be able to try out things like quizzes, and lessons but no grades would be recorded (like in teacher preview mode). They would not be able to participate in choices and forums but could view them. It would be read only in a way like former-student role below but without access to a particular student&#039;s records that former student role would grant.&lt;br /&gt;
&lt;br /&gt;
===Guest Speaker===&lt;br /&gt;
&lt;br /&gt;
This role would be similar to the Visitor role above, but would allow seeing student names, and also allow both reading and posting to a specific forum or forums. We often have &amp;quot;guest speakers&amp;quot; who read and respond to student forum posts. Right now we have to add them as students, which isn&#039;t ideal.&lt;br /&gt;
&lt;br /&gt;
===Former Student===&lt;br /&gt;
This role would be of particular use for courses with rolling enrollments. This role would be one where a student had completed all of the requirements of a course (ie assignments, quizzes etc.) but wished to have continued access to the course material for review or consultation. The key factor is that one would give access to the completed student to the notes he read, his work and the teacher&#039;s comments on it, but he would not be allowed to do anything that would take up the teacher&#039;s time. In other words, a sort-of read-only access to the course. How forums, which might contain pertinent information and would continue to grow, would be handled is a question. Perhaps the student would be shown only what was in the forums at the time he completed the course. He would not be allowed to see any new posts or add any himself. Same thing for database and glossary entries. In other words, a snapshot of the course at the time his regular enrollment ended. He shouldn&#039;t be able to see the names or profiles of any newly enrolled students for privacy reasons-hence the restrictions on forum access. One issue that would have to be dealt with would be changes to existing modules-such as resources. Does the student get access to the module as it was or as it is? We have no versioning of resources in Moodle so this would be a problem. What about a teacher changing a quiz question so that the answer is different? What would a former student see?&lt;br /&gt;
&lt;br /&gt;
===Alumnus=== An ALUMNUS should be able to search for all other ALUMNI of the school, interact with them and be enrolled in a seperate course - which is like a META course with all the content of his learning and interaction - as well as capabilities to be a part of this ALUMNI only course.  All the teachers of courses during school years should automatically be a part of the ALUMNI course .. which means when an ALUMNUS is enrolled in a course, the original teachers of all his courses get enrolled ?  --[[User:Anil Sharma|Anil Sharma]] 20:54, 15 July 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Librarian===&lt;br /&gt;
&lt;br /&gt;
Reference Librarians have an active role in most of the courses taught at Earlham College (with Bibliographic Instruction). The Librarian role within Moodle could encompass default read access to all courses (unless prohibited by course teacher) and read access to all components of the course unless access is barred (again by teacher). The Librarians would also perhaps have a block called perhaps Reference Services or Reference Desk with write access where they could deposit resources. Also this block might have a chat applet whereby enrolled students could chat to the Reference Librarian on duty about their bibliographic research needs.&lt;br /&gt;
&lt;br /&gt;
In schools there is often a book review system. This may be covered by the lending system database but may not in which case a librarian may neeed to have a course area they can create a database template to handle the reviews in which case they may have a normal teacher style role? Off topic but course an integration with common schools database systems would be great.&lt;br /&gt;
&lt;br /&gt;
===Teacher===&lt;br /&gt;
&lt;br /&gt;
Teachers should have read access to other Teacher&#039;s courses unless explictly prohibited. They should be able to set parts of their own course to be totally private (perhaps even to admin?). Just as each activity can currently be set to have group access, each activity could have a permissions field. Teachers could set default permissions for all activities on their course (eg they might disallow Librarian access for example) and then change the access permission for an individual activity. &lt;br /&gt;
&lt;br /&gt;
I think that what is needed is a simple heirarchy of permissions and levels of granularity.&lt;br /&gt;
&lt;br /&gt;
I would take issue with &amp;quot;teachers should have read access to other teacher&#039;s courses unless explicitly prohibited.&amp;quot; This is a violation of the students&#039; privacy as how they perform and what they do in one class isn&#039;t the business of another teacher. Moreover, in the real world a teacher wouldn&#039;t suddenly go sit in on a colleague&#039;s class without asking permission first. I would not have appreciated such an invasion of privacy as either a teacher or a student. It could be an option, but shouldn&#039;t be default.--[[User:N Hansen|N Hansen]] 19:54, 12 June 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Community Education Tutors/Trainers===&lt;br /&gt;
Teachers may be community adult education trainers making use of a school moodle so must only have access to their courses unless given access elsewhere. They would not necessarily get the default teacher privileges.&lt;br /&gt;
&lt;br /&gt;
===Secretary/Student Worker===&lt;br /&gt;
&lt;br /&gt;
We often have faculty who want their departmental secretary or student worker to scan and upload files and perhaps create resources. Currently they have to be given teacher access to the course. This is dangerous from a FERPA standpoint since they could easily get access to grades.&lt;br /&gt;
&lt;br /&gt;
===Teaching Assistant===&lt;br /&gt;
&lt;br /&gt;
Our Faculty frequently have undergraduate students acting as Teaching Assistants. These students need to be able to add resources, create assignments, and possibly grade assignments. However, due to FERPA they cannot have access to other students&#039; overall grade information. I think the requirements here are slightly different than those of Secretary/Student Worker&lt;br /&gt;
&lt;br /&gt;
===Student - FERPA rights===&lt;br /&gt;
&lt;br /&gt;
A student that has asserted their FERPA rights to non-disclosure.  Typically includes not publishing their name&lt;br /&gt;
in any public place.  Could include this student only being seen with an &amp;quot;alias&amp;quot; within course spaces.  Is this an attribute rather&lt;br /&gt;
than a role?&lt;br /&gt;
&lt;br /&gt;
===Help Desk===&lt;br /&gt;
&lt;br /&gt;
Help desk agents that have read access for the purposes of trouble shooting.  Some care in placing this role within a hierarchy&lt;br /&gt;
of inheritance is needed, full access will be problematic with FERPA.&lt;br /&gt;
&lt;br /&gt;
===Admin - Catgory based===&lt;br /&gt;
&lt;br /&gt;
Basically a person in between full Admin and Creator that has the permissions of an Admin but only with respect to courses and students. Currently a Creator has permissions site-wide which does not always meet the requirements of a given organisation (e.g. Department A may not be happy that a person from Department B can create/modify courses within Department A&#039;s area). The ability to designate a Creator within a specific category would allow areas to be set up for a faculty/department/organisation and allow the Admin for that area to create/delete courses, upload users, add site-wide entries to the calendar etc.&lt;br /&gt;
&lt;br /&gt;
===PROCESS ROLES===&lt;br /&gt;
&lt;br /&gt;
organising the learning process for a group you wish to have the choice to place students in differnt roles: examples of this are:&lt;br /&gt;
&amp;lt;li&amp;gt;1. Give a student the role of forum-moderator with edit and chunk-rights&lt;br /&gt;
&amp;lt;li&amp;gt;2. Give students different roles &amp;amp; rights in a Webquest design (and change these roles next week&lt;br /&gt;
&amp;lt;li&amp;gt;3. Give students different resources, depending of their roles in a rolegame/simulation&lt;br /&gt;
&amp;lt;li&amp;gt;4. Give a student the rights to create the section content of next week (and only that week..)&lt;br /&gt;
&amp;lt;li&amp;gt;5. ..&lt;br /&gt;
&lt;br /&gt;
==See also==&lt;br /&gt;
&lt;br /&gt;
*Using Moodle [http://moodle.org/mod/forum/discuss.php?d=38788 Roles and Permissions architecture] forum discussion&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[Category:Future]]&lt;br /&gt;
[[Category:Roles]]&lt;br /&gt;
&lt;br /&gt;
[[ru:Роли]]&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Roles&amp;diff=3091</id>
		<title>Roles</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Roles&amp;diff=3091"/>
		<updated>2006-09-08T02:26:26Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* Core-level Capabilities */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&#039;&#039;&#039;Roles and permissions&#039;&#039;&#039; will be in Moodle 1.7 and are available in the developer version of Moodle.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Definitions==&lt;br /&gt;
&lt;br /&gt;
A role is an identifier of the user&#039;s status in some context, for example, teacher, student and forum moderator are examples of roles.&lt;br /&gt;
&lt;br /&gt;
A capability is a description of some particular Moodle feature. Capabilities are associated with roles. For example, &#039;&#039;mod/forum:replypost&#039;&#039; is a capability.&lt;br /&gt;
&lt;br /&gt;
A permission is some value that is assigned for a capability for a particular role.  For example, allow or prevent.&lt;br /&gt;
&lt;br /&gt;
A context is a &amp;quot;space&amp;quot; in the Moodle, such as courses, activity modules, blocks etc.&lt;br /&gt;
&lt;br /&gt;
==The existing system==&lt;br /&gt;
&lt;br /&gt;
Currently in Moodle, we have a fixed set of roles i.e. primary admin, admins, course creators, editing teachers, non-editing teachers, students, and guests. For each role, the capability or actions that they can performed are fixed. For example, the role student allows the user to submit an assignment, but doesn&#039;t allow the user to browse/edit other users&#039; work. By using this setup we limit ourselves to a rather rigid set of capabilities for each role. If we want, say a particular student or group to be able to mark assignments in a particular course, we can&#039;t do that without giving these users teacher privileges.&lt;br /&gt;
&lt;br /&gt;
==The new roles and capability system==&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{{Moodle 1.7}}The new system will allow authorized users to define an arbitrary number of roles (eg a teacher) &lt;br /&gt;
&lt;br /&gt;
A role consists of a list of permissions for different possible actions within Moodle (eg delete discussions, add activities etc)&lt;br /&gt;
&lt;br /&gt;
Roles can be applied to users in a context (eg assign Fred as a teacher in a particular course)&lt;br /&gt;
&lt;br /&gt;
Here are the possible contexts, listed from the most general to the most specific. &lt;br /&gt;
&lt;br /&gt;
#CONTEXT_SYSTEM&lt;br /&gt;
#CONTEXT_PERSONAL&lt;br /&gt;
#CONTEXT_USERID&lt;br /&gt;
#CONTEXT_COURSECAT&lt;br /&gt;
#CONTEXT_COURSE&lt;br /&gt;
#CONTEXT_GROUP&lt;br /&gt;
#CONTEXT_MODULE&lt;br /&gt;
#CONTEXT_BLOCK&lt;br /&gt;
&lt;br /&gt;
An authorized user will be able to assign an arbitrary number of roles to each user in any context.&lt;br /&gt;
&lt;br /&gt;
Capabilities can have the following permissions:&lt;br /&gt;
&lt;br /&gt;
#CAP_INHERIT&lt;br /&gt;
#CAP_ALLOW&lt;br /&gt;
#CAP_PREVENT&lt;br /&gt;
#CAP_PROHIBIT&lt;br /&gt;
&lt;br /&gt;
If no permission is defined, then the capability permission is inherited from a context that is more general than the current context. If we define different permission values for the same capability in different contexts, we say that we are overriding the capability in the more specific context.&lt;br /&gt;
&lt;br /&gt;
Since the capabilities in each role could be different, there could be conflict in capabilities. This is resolved by enforcing the rule that the capability defined for a more specific context will win, unless a prohibit is encountered in a less specific context.&lt;br /&gt;
&lt;br /&gt;
For example, Mark has a student role at course level, which allows him to write into a wiki. But Mark also got assigned a Visitor role at a module context level (for a particular wiki) which prevents him from writing to the wiki (read only). Therefore, for this particular wiki, Mark will not be able to write to the wiki since the more specific context wins.&lt;br /&gt;
&lt;br /&gt;
If we set a prohibit on a capability, it means that the capability cannot be overridden and will always have a permission of prevent (deny). Prohibit always wins. For example, Jeff has a naughty student role that prohibits him from postings in any forums (for the whole site), but he&#039;s also assigned a facilitator role in &amp;quot;Science forum&amp;quot; in the course Science and Math 101. Since prohibit always wins, Jeff is unable to post in &amp;quot;Science forum&amp;quot;.&lt;br /&gt;
&lt;br /&gt;
Allow and prevent will cancel each other out if set for the same capability at the same context level. If this happens, we refer to the previous context level to determine the permission for the capability.&lt;br /&gt;
&lt;br /&gt;
This may sound more complex than it really is in practice.  The upshot is that the system can be flexible enough to allow any combination of permissions.&lt;br /&gt;
&lt;br /&gt;
==Upgrading from 1.6==&lt;br /&gt;
&lt;br /&gt;
A smooth upgrade will be provided with 1.7. The existing roles (admin, teacher, student, etc), and the existing capabilities will be automatically retained.  This is done by creating default roles at site/course levels, and assigning the current users to these roles accordingly. The default roles will have default capabilities associated with them, mirroring what we have  in 1.6.   With no modifications, Moodle will operate exactly the same before and after the upgrade.&lt;br /&gt;
&lt;br /&gt;
===Teachers===&lt;br /&gt;
&lt;br /&gt;
Users who were teachers will be assigned the default legacy teacher role (or non-editing teacher role) in all courses they were teacher.&lt;br /&gt;
&lt;br /&gt;
===Students===&lt;br /&gt;
&lt;br /&gt;
Users who were students will be assigned the default student role in all courses they were student.&lt;br /&gt;
&lt;br /&gt;
===Guests===&lt;br /&gt;
&lt;br /&gt;
There will still be a single guest user with no default role at site level.   For each course that allows guest access, the guest role will be assigned to the guest user for that course context.   The guest control for the course will be modified from three to two options (guests always need to enter enrolment key - on/off).  This setting is checked as now to force guests to enter key.&lt;br /&gt;
&lt;br /&gt;
==Capabilities==&lt;br /&gt;
&lt;br /&gt;
This will be a comprehensive list of capabilities (it&#039;s not complete yet). It is important that capability names are unique.&lt;br /&gt;
&lt;br /&gt;
===Core-level Capabilities===&lt;br /&gt;
&lt;br /&gt;
Moodle core capability names start with &#039;moodle/&#039;.  The next word indicates what type of core capability it is, and the last word is the actual capability itself.  The capabilities for the Moodle core are defined in lib/db/access.php&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
#moodle/legacy:guest - legacy capabilities are used to transition existing users to the new roles system during the upgrade to Moodle 1.7&lt;br /&gt;
#moodle/legacy:student&lt;br /&gt;
#moodle/legacy:teacher&lt;br /&gt;
#moodle/legacy:editingteacher&lt;br /&gt;
#moodle/legacy:coursecreator&lt;br /&gt;
#moodle/legacy:admin&lt;br /&gt;
#moodle/site:doanything - special capability, meant for admins, if is set, overrides all other capability settings&lt;br /&gt;
#moodle/site:config - applicable in admin/index.php and config.php (might break down later) : 1)admin/config.php 2)admin/configure.php 3)blocks/admin/block_admin.php load_content_for_site()&lt;br /&gt;
#moodle/site:manageblocks - adding/removing/editing blocks (site, course contexts only for now) : 1)_add_edit_controls moodleblock.class.php &lt;br /&gt;
#moodle/site:backup - can create a course backup : 1)course/category.php 2)block_admin.php&lt;br /&gt;
#moodle/site:restore - can restore into this context : 1)course/category.php 2)block_admin.php&lt;br /&gt;
#moodle/site:import - can import other courses into this context : 1)block_admin.php&lt;br /&gt;
#moodle/site:accessallgroups - able to access all groups irrespective of what group the user is in&lt;br /&gt;
#moodle/site:accessdb - directly accessing db (phpmyadmin)&lt;br /&gt;
#moodle/site:viewfullnames - able to see fullnames of other users&lt;br /&gt;
#moodle/site:viewreports - able to view site/course reports&lt;br /&gt;
#moodle/site:trustcontent - ability to use trusttext feature and bypass cleaning in specific areas&lt;br /&gt;
#moodle/blog:view - read blogs&lt;br /&gt;
#moodle/blog:create - write new blog posts&lt;br /&gt;
#moodle/blog:manageofficialtags - create/delete official blog tags that others can use&lt;br /&gt;
#moodle/blog:managepersonaltags - create/delete official blog tags that others can use&lt;br /&gt;
#moodle/blog:manageentries - edit/delete all blog entries&lt;br /&gt;
#moodle/course:setcurrentsection - mark course section&lt;br /&gt;
#moodle/course:create - create courses : 1)course/edit.php 2)course/category.php 3)course/index.php&lt;br /&gt;
#moodle/course:delete - create courses : 1)course/category.php&lt;br /&gt;
#moodle/course:update - update course settings&lt;br /&gt;
#moodle/course:view - can use this to find participants&lt;br /&gt;
#moodle/course:viewparticipants - allows a user to view participant list&lt;br /&gt;
#moodle/course:viewscales - view scales (i.e. in a help window?) : 1)course/scales.php&lt;br /&gt;
#moodle/course:manageactivities - adding/removing/editing activities and resources (don&#039;t think it makes any sense to split these)&lt;br /&gt;
#moodle/course:managescales - add, delete, edit scales, move scales up and down : 1)blocks/block_admin.php 2)course/scales.php&lt;br /&gt;
#moodle/course:managegroups - managing groups, add, edit, delete : 1)course/groups.php 2)course/group.php&lt;br /&gt;
#moodle/course:managefiles - manage course files and folders&lt;br /&gt;
#moodle/course:managequestions - manage course questions&lt;br /&gt;
#moodle/course:reset - able to reset the course&lt;br /&gt;
#moodle/course:visibility - hide/show courses : 1)course/category.php&lt;br /&gt;
#moodle/course:activityvisibility - hide/show activities within a course&lt;br /&gt;
#moodle/course:viewhiddenactivities - able to see activities that have been hidden&lt;br /&gt;
#moodle/course:sectionvisibility - hide/show sections&lt;br /&gt;
#moodle/course:viewhiddensections - view hidden sections&lt;br /&gt;
#moodle/course:viewcoursegrades - views all grades in course&lt;br /&gt;
#moodle/course:managegrades - manages grades settings in course&lt;br /&gt;
#moodle/category:create - create category : 1)course/index.php&lt;br /&gt;
#moodle/category:delete - delete category : 1)course/index.php&lt;br /&gt;
#moodle/category:update - update category settings (sort and rename) this is currently an admin capability : 1)course/category.php&lt;br /&gt;
#moodle/category:visibility - hide/show categories : 1)course/index.php&lt;br /&gt;
#moodle/user:viewusergrades - view your own, or other user&#039;s grades (with specified context)&lt;br /&gt;
#moodle/user:create - create user : 1) user/edit.php&lt;br /&gt;
#moodle/user:delete - delete user : 1) admin/user.php&lt;br /&gt;
#moodle/user:update - update user settings : 1) user/edit.php&lt;br /&gt;
#moodle/user:viewdetails - view personally-identifying user details (e.g. name, photo). This ties in with the &amp;quot;visitor&amp;quot; scenario described below.&lt;br /&gt;
#moodle/calendar:manageownentries - create/edit/delete &lt;br /&gt;
#moodle/calendar:manageentries - create/edit/delete&lt;br /&gt;
#moodle/role:assign - assign roles to users&lt;br /&gt;
#moodle/role:override - can override role capabilities (depending on context)&lt;br /&gt;
#moodle/role:manage - create/edit/delete roles, set capability permissions for each role&lt;br /&gt;
#moodle/question:import - imports questions (course level?) - Yes, question permissions currently need to be course-level.--[[User:Tim Hunt|Tim Hunt]]&lt;br /&gt;
#moodle/question:export - exports questions (course level?)&lt;br /&gt;
#moodle/question:managecateory - add/delete/edit question categories (course level?)&lt;br /&gt;
#moodle/question:manage - add/edit/delete a question (course level)&lt;br /&gt;
&lt;br /&gt;
===User-level Capabilities===&lt;br /&gt;
# moodle/user:readuserposts -read individual user posts on profile page (parent?)&lt;br /&gt;
# moodle/user:readuserblogs -read individual user blogs on profile page (parent?)&lt;br /&gt;
# moodle/user:viewuseractivitiesreport-read individual activity report on profile page (parent?)&lt;br /&gt;
# moodle/user:editprofile - edit profile (normally used in CONTEXT_USERID and CONTEXT_SYSTEM)&lt;br /&gt;
&lt;br /&gt;
===Module-level Capabilities===&lt;br /&gt;
The capabilities are cached into a database table when a module is installed or updated. Whenever the capability definitions are updated, the module version number should be bumped up so that the database table can be updated.&lt;br /&gt;
&lt;br /&gt;
The naming convention for capabilities that are specific to modules and blocks is &#039;mod/mod_name:capability&#039;.  The part before the colon is the full path to the module in the Moodle code.  The module capabilities are defined in mod/mod_name/db/access.php.&lt;br /&gt;
&lt;br /&gt;
#Assignment&lt;br /&gt;
##mod/assignment:view- reading the assignment description&lt;br /&gt;
##mod/assignment:submit - turn assignment in&lt;br /&gt;
##mod/assignment:grade - grading, viewing of list of submitted assignments&lt;br /&gt;
#Chat&lt;br /&gt;
##mod/chat:chat - allows a user to participate in this chat&lt;br /&gt;
##mod/chat:readlog - allows a user to read past chat session logs&lt;br /&gt;
##mod/chat:deletelog - allows a user to delete past chat logs&lt;br /&gt;
#Choice&lt;br /&gt;
##mod/choice:choose - make a choice&lt;br /&gt;
##mod/choice:readresponses - read all responses&lt;br /&gt;
##mod/choice:deleteresponses - deletes all responses&lt;br /&gt;
##mod/choice:downloadresponses - download responses&lt;br /&gt;
#Database&lt;br /&gt;
##mod/data:readentry - reads other people&#039;s entry&lt;br /&gt;
##mod/data:writeentry - add / edit and delete (own) entries&lt;br /&gt;
##mod/data:managetemplates - add, delete, edit fields and templates&lt;br /&gt;
##mod/data:manageentries - edit/delete all entries&lt;br /&gt;
##mod/data:comment - comment&lt;br /&gt;
##mod/data:managecomments - edit/delete all comments&lt;br /&gt;
##mod/data:rate - rate an entry&lt;br /&gt;
##mod/data:approve - approves an entry&lt;br /&gt;
##mod/data:uploadentries - batch upload of entries&lt;br /&gt;
#Exercise&lt;br /&gt;
##mod/exercise:assess&lt;br /&gt;
#Forum&lt;br /&gt;
##mod/forum:viewforum&lt;br /&gt;
##mod/forum:viewdiscussion&lt;br /&gt;
##mod/forum:viewdiscussionsfromallgroups&lt;br /&gt;
##mod/forum:viewhiddentimedposts&lt;br /&gt;
##mod/forum:startdiscussion&lt;br /&gt;
##mod/forum:replypost&lt;br /&gt;
##mod/forum:viewrating&lt;br /&gt;
##mod/forum:viewanyrating&lt;br /&gt;
##mod/forum:rate&lt;br /&gt;
##mod/forum:createattachment&lt;br /&gt;
##mod/forum:deleteownpost&lt;br /&gt;
##mod/forum:deleteanypost&lt;br /&gt;
##mod/forum:splitdiscussions&lt;br /&gt;
##mod/forum:movediscussions&lt;br /&gt;
##mod/forum:editanypost&lt;br /&gt;
##mod/forum:viewqandawithoutposting&lt;br /&gt;
##mod/forum:viewsubscribers&lt;br /&gt;
##mod/forum:managesubscriptions&lt;br /&gt;
##mod/forum:throttlingapplies&lt;br /&gt;
#Glossary&lt;br /&gt;
##mod/glossary:view - read entries&lt;br /&gt;
##mod/glossary:write - add entries&lt;br /&gt;
##mod/glossary:manageentries - add, edit, delete entries&lt;br /&gt;
##mod/glossary:managecategories - create, delete, edit categories&lt;br /&gt;
##mod/glossary:comment - comment on an entry&lt;br /&gt;
##mod/glossary:managecomments - edit, delete comments&lt;br /&gt;
##mod/glossary:import - import glossaries&lt;br /&gt;
##mod/glossary:export - export glossaries&lt;br /&gt;
##mod/glossary:approve - approve glossaries&lt;br /&gt;
##mod/glossary:rate - rates glossary&lt;br /&gt;
##mod/glossary:viewrating - view ratings&lt;br /&gt;
#Hotpot&lt;br /&gt;
##mod/hotpot:attempt - attempt a hotpot&lt;br /&gt;
##mod/hotpot:viewreport - review and view reports&lt;br /&gt;
##mod/hotpot:grade - (grade? and) regrade&lt;br /&gt;
##mod/hotpot:deleteattempt - deletes attempts&lt;br /&gt;
#Label&lt;br /&gt;
##none&lt;br /&gt;
#Lams&lt;br /&gt;
##TBD&lt;br /&gt;
#Lesson&lt;br /&gt;
##TBD&lt;br /&gt;
#Quiz&lt;br /&gt;
##mod/quiz:grade - comment, override grade, manual grade&lt;br /&gt;
##mod/quiz:preview - previews the quiz&lt;br /&gt;
##mod/quiz:viewreports - view quiz result reports&lt;br /&gt;
##mod/quiz:manage - add/delete/move (up or down) questions for a quiz&lt;br /&gt;
##mod/quiz:attempt - attempt the quiz--[[User:Tim Hunt|Tim Hunt]]&lt;br /&gt;
#Resource&lt;br /&gt;
##mod/resource:view&lt;br /&gt;
#Scorm&lt;br /&gt;
##mod/scorm:view&lt;br /&gt;
##mod/scorm:viewgrades&lt;br /&gt;
#Survey&lt;br /&gt;
##mod/survey:download - downloads survery result&lt;br /&gt;
##mod/survey:participate - participate/ do survey&lt;br /&gt;
##mod/survey:readresponses - read all user&#039;s responese&lt;br /&gt;
#Wiki&lt;br /&gt;
##Waiting on new wiki&lt;br /&gt;
#Workshop&lt;br /&gt;
##mod/workshop:view - basic capability neede to enter workshop&lt;br /&gt;
##mod/workshop:participace - original student, allows use to submit and assess&lt;br /&gt;
##mod/workshop:manage - original teacher, user can manage others&lt;br /&gt;
##(Waiting on new Workshop)&lt;br /&gt;
&lt;br /&gt;
===Enrolment-level Capabilities===&lt;br /&gt;
&lt;br /&gt;
The naming convention for capabilities that are specific to enrolment is &#039;enrol/enrol_name:capability&#039;. The enrolment capabilities are defined in enrol/enrol_name/db/access.php.&lt;br /&gt;
&lt;br /&gt;
#Authorize.net Payment Gateway &lt;br /&gt;
##enrol/authorize:managepayments - manage user payments, capture, void, refund, delete etc.&lt;br /&gt;
&lt;br /&gt;
===Blocks===&lt;br /&gt;
#activity_modules&lt;br /&gt;
##None&lt;br /&gt;
#admin&lt;br /&gt;
#admin_2&lt;br /&gt;
#admin_bookmarks&lt;br /&gt;
#blog_menu&lt;br /&gt;
#blog_tags&lt;br /&gt;
#calendar_month&lt;br /&gt;
#calendar_upcoming&lt;br /&gt;
#course_list&lt;br /&gt;
#course_summary&lt;br /&gt;
#glossary_random&lt;br /&gt;
#html&lt;br /&gt;
#loancalc&lt;br /&gt;
#login&lt;br /&gt;
#messages&lt;br /&gt;
#news_items&lt;br /&gt;
#online_users&lt;br /&gt;
#participants&lt;br /&gt;
#quiz_results&lt;br /&gt;
#recent_activity&lt;br /&gt;
#rss_client&lt;br /&gt;
#search&lt;br /&gt;
#search_forums&lt;br /&gt;
#section_links&lt;br /&gt;
#site_main_menu&lt;br /&gt;
#social_activities&lt;br /&gt;
&lt;br /&gt;
===Questions===&lt;br /&gt;
I am adding question categories here because they seem to have been forgotten in the whole scheme of things since having been removed from the quiz module itself. I&#039;ve made a suggestion on how these could be handled in [http://www.moodle.org/bugs/bug.php?op=show&amp;amp;bugid=6118&amp;amp;pos= bug 6118].&lt;br /&gt;
&lt;br /&gt;
See [http://moodle.org/mod/forum/discuss.php?d=51143 this forum thread] for a discussion about the current problems wth publishing question categories.[[User:Tim Hunt|Tim Hunt]] 18:50, 8 August 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
==Programming Interface==&lt;br /&gt;
&lt;br /&gt;
Although the Roles system may look complicated at first glance, implementing it in Moodle code is fairly simple.&lt;br /&gt;
&lt;br /&gt;
* You need to define each capability once, so that Moodle can upgrade existing roles to take advantage of it.  You do this in an access.php inside the db folder of any module (eg see mod/forum/db/access.php).  The array contains entries like this (note the descriptions for the legacy roles which provides forward compatibility):&lt;br /&gt;
    &#039;mod/forum:viewforum&#039; =&amp;gt; array(&lt;br /&gt;
        &#039;captype&#039; =&amp;gt; &#039;read&#039;,&lt;br /&gt;
        &#039;contextlevel&#039; =&amp;gt; CONTEXT_MODULE,&lt;br /&gt;
        &#039;legacy&#039; =&amp;gt; array(&lt;br /&gt;
            &#039;guest&#039; =&amp;gt; CAP_PREVENT,&lt;br /&gt;
            &#039;student&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;teacher&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;editingteacher&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;coursecreator&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;admin&#039; =&amp;gt; CAP_ALLOW&lt;br /&gt;
        )&lt;br /&gt;
    ),&lt;br /&gt;
* To load/change these capabilities you need to bump the module version.   There&#039;s no need to provide changes or differences as Moodle will scan the whole array and sort it out.&lt;br /&gt;
* On each page you need to find the context the user is working in, using the get_context_instance() function.  For example, in the forum module:&lt;br /&gt;
&lt;br /&gt;
  $context = get_context_instance(CONTEXT_MODULE, $cm-&amp;gt;id);&lt;br /&gt;
* Then, whenever you want to check that the current user has rights to do something, call has_capability() like this:&lt;br /&gt;
    if (!has_capability(&#039;mod/forum:viewforum&#039;, $context)) {&lt;br /&gt;
        print_error(&#039;nopermissiontoviewforum&#039;);&lt;br /&gt;
    }&lt;br /&gt;
* If you just want to assert a capability and then finish with an error message if it&#039;s not met (as we did above), then a shorter way it to use require_capability() like this:&lt;br /&gt;
&lt;br /&gt;
    require_capability(&#039;mod/forum:viewforum&#039;, $context);&lt;br /&gt;
&lt;br /&gt;
* Note that there are extra parameters you can specify to get a custom error message, otherwise users get an automated &amp;quot;No permissions&amp;quot; message that lists the permission they were missing.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
As a result of the new Roles System, all calls to isadmin(), iscoursecreator, isteacheredit(), isteacher(), isstudent(), and isguest() will have to be replaced with calls to has_capability() or require_capability().   However, these functions will be retained for some backward compatibility with old code, using the legacy capabilities to try and work out what to do.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Problem areas we are working on ==&lt;br /&gt;
&lt;br /&gt;
===Student view===&lt;br /&gt;
&lt;br /&gt;
The &amp;quot;Student view&amp;quot; button has been removed completely.&lt;br /&gt;
&lt;br /&gt;
If there is time and a secure way can be found, it will be replaced by a menu to let the user assume a temporary role in the context of that course.&lt;br /&gt;
&lt;br /&gt;
===Teacher forum===&lt;br /&gt;
&lt;br /&gt;
Teacher forums were always a curious exception to normal forums, as they were not part of a course as such, and were not backed up.&lt;br /&gt;
&lt;br /&gt;
We&#039;re taking the opportunity to rectify this.   The upgrade converts teacher forums with content to normal forums in section 0 of the course, and ensures that only teachers can access them.  If the teacher forum had not been used in the course then it&#039;s not converted and will just dissappear.&lt;br /&gt;
&lt;br /&gt;
===Enrolment plugins===&lt;br /&gt;
&lt;br /&gt;
====Process of logging in====&lt;br /&gt;
&lt;br /&gt;
(more soon)&lt;br /&gt;
&lt;br /&gt;
====Process of checking access to a course====&lt;br /&gt;
&lt;br /&gt;
require_login($course-&amp;gt;id) is called by the script and has logic like this:&lt;br /&gt;
&lt;br /&gt;
# Is the user a guest at site level?&lt;br /&gt;
## Yes: Does the course allow guests?&lt;br /&gt;
### Yes: return true (and further capabilities are checked by the script)&lt;br /&gt;
### No:  send the user to course/enrol.php for enrolment&lt;br /&gt;
## No: continue below&lt;br /&gt;
&lt;br /&gt;
# Does the user have moodle/course:view in that (course) context?&lt;br /&gt;
## Yes: then they can enter (and further capabilities are checked by the script)&lt;br /&gt;
##  No: is guest access allowed on the course?&lt;br /&gt;
### Yes: assign temporary guest role to that user for that context (in session cache).&lt;br /&gt;
### No: send the user to course/enrol.php for enrolment.&lt;br /&gt;
&lt;br /&gt;
====Process of enrolling====&lt;br /&gt;
&lt;br /&gt;
(more soon)&lt;br /&gt;
&lt;br /&gt;
==Scenario brainstorming==&lt;br /&gt;
&lt;br /&gt;
This section is for brainstorming some example roles that we would like to support.  Note some of these *may* not be possible in 1.7.&lt;br /&gt;
&lt;br /&gt;
===Student===&lt;br /&gt;
Has this one been missed?&lt;br /&gt;
&lt;br /&gt;
===Site Designers===&lt;br /&gt;
Is there a role for people involved in how the site looks but not full administrators? Thinking here of online control of themes rather than FTP theme uploading. But in either case they caneditlogos, caneditcss, candeditlevelatwhichthemeapplies.&lt;br /&gt;
&lt;br /&gt;
===Educational Authority Adviser===&lt;br /&gt;
Someone who would want to browse the site and may be asked to comment or contribute to particular discussions or developments in school. Access for this role would be controlled by the school in the case of school level moodles but may be different if there were to be a Local Authority wide Moodle.&lt;br /&gt;
&lt;br /&gt;
===Educational Inspector===&lt;br /&gt;
Someone who will visit the site to verify the school&#039;s self review that comments on home school relationships, extending the classroom etc. They may want to see summaries of usage and reports from surveys garnering parent and pupil views.&lt;br /&gt;
&lt;br /&gt;
===Second Marker / Moderator===&lt;br /&gt;
A teacher within ths site that has access to assignments and quizzes from another teacher&#039;s course for second marking purposes. This may need additional functionality adding to the assignment module so that two sets of grades/feedback can be given to one set of assignments.&lt;br /&gt;
&lt;br /&gt;
===Peer observer of teaching===&lt;br /&gt;
Many institutions encourage peer observation of teaching, to encourage reflection on practice. In online environments this will be similar to moderation or inspection. The peer observer would need to be able to experience the course &amp;quot;as a student&amp;quot;, but also to be able to view summaries of usage, transcripts of interactions (forums/surveys/polls etc), grades assigned (e.g. in assignments).&lt;br /&gt;
&lt;br /&gt;
===External Examiner===&lt;br /&gt;
Has all the rights of inpectors, but would also need to be able to review assignments and feedback, view forums, glossaries etc. However, would not want to post, feedback onto the site at all.&lt;br /&gt;
&lt;br /&gt;
===Parent===&lt;br /&gt;
A parent will have one or more children in one or more institutions which could be using one or more moodle instances or a mixture of Learning Platforms. A parent&#039;s role will vary depending on the age of their children and whether they are contributing as a parent or a school supporter.&lt;br /&gt;
&lt;br /&gt;
In Early Years (EY=3+4 yr olds) and Key Stage 1 (KS1=5+6 yr olds) they may play/learn on an activity or write for the child. Parents often interpret homework tasks and read to their children perhaps filling in a joint reading diary. In Key Stage 2 (KS2=7-11 yr olds) parents would be more monitoring but may join in as well.&lt;br /&gt;
&lt;br /&gt;
In Key stages 3 (KS3=12-14 yr olds) and 4 (KS4=15+16 yr olds) this changes to more of a monitoring/awareness role where a parent would expect to have a summary report of attendance, attainment and general achievement on a weekly/monthly/termly or annual basis. Parents will often be asked to sign and write back comments about this review report.&lt;br /&gt;
&lt;br /&gt;
In all Key Stages there is a great need for parents to receive communication from the school which they can confirm they have received by signing a form. In some cases this may also involve making choices from a list. It may also involve payment for a trip or disco being returned so there could be the possibility of electronic payments. Also in all Key Satges there may be a home-school agreement which may be signed up to. Could this form part of a site policy system that incorporates a tickable list of activities the parent agrees to the child using (blogs/wikis/forums etc.)?&lt;br /&gt;
&lt;br /&gt;
Parent&#039;s evenings often involve complex booking systems that attempt to get parent&#039;s and teachers together. Easy for EY/KS1/KS2 very difficult for KS3/KS4. Wow would this help if it was built into the Learning Platform.&lt;br /&gt;
&lt;br /&gt;
In some cases there needs to be confidential communication between the parent and the teacher without the child being party to this. It may involve teaching and learning but could also involve a behaviour or medical issue. Often this may be done via a sealed letter or face to face. &lt;br /&gt;
&lt;br /&gt;
The latest incarnation of OfSTED with the Self Review Framework (SEF) there is a greater emphasis on schools gathering parent voice via surveys and discussion. There is a clear match here with parents have access to parental votes, questionnaires and discussions and for schools to be able to publish news, results and reports back to parents.&lt;br /&gt;
&lt;br /&gt;
In the UK the LP framework and agenda as being pushed by the DfES via Becta emphasises that within the mandatory groups and roles functionality the parent role is likely to be required to meet the LP Framework procurement standard.&lt;br /&gt;
&lt;br /&gt;
Again in the UK, parents have their own independent right of access to a child&#039;s educational records. Obviously, children&#039;s records must not be made available to other parties, including the parents of other children in the same class. Thus it would be necessary to associate parent accounts with their own child&#039;s accounts in such a way that they could, if so desired, have read access to their child&#039;s grades, answers and contributions, but generally not those of other children - this may be problematic in the case of wiki activities or forum posts.&lt;br /&gt;
&lt;br /&gt;
There is some concern that children&#039;s forum contributions etc may be constrained if their parents are able to read all that they write; this may be particularly problematic in areas such as Personal, Social and Health Education (PSHE), where some schools may choose to use obfuscated usernames.&lt;br /&gt;
&lt;br /&gt;
===Manager===&lt;br /&gt;
&#039;&#039;Please add text here...&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Weekly Seminar Leader===&lt;br /&gt;
&#039;&#039;In a university seminar, typically 8-15 students in their 3rd/4th year, each student is responsible for leading one topic in a study series.  I ask each student to research 5-10 resources, then give a powerpoint presentation to the other students.  This is followed by an in-class discussion and then online homework.  The homework involves some fun quiz questions and then some reflective journal questions.  I ask each seminar leader to prepare the quiz questions and journal questions as well as their presentation.  To do that, I would like to assign activity-making/authoring roles to the student--either for a short period, or for duration of the whole course.  Thus &amp;quot;Allow Quiz Authoring Role&amp;quot; or &amp;quot;Allow Assignment Authoring Role&amp;quot; at the course level or, if possible, even the Topic level (in a topic or week format course) would be important.&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Mentor/Mentee===&lt;br /&gt;
&#039;&#039;Please add text here...&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Community-Designed Rating Criteria===&lt;br /&gt;
&#039;&#039;The gradebook tends to be the domain of the teacher.  What if community/peer ratings/marks could also be entered there? What if peer assessment criteria could be designed by the students, not just the teacher?&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Visitor===&lt;br /&gt;
&lt;br /&gt;
This would be a role whereby one could allow a visitor to visit one&#039;s classroom. This might be a colleague interested in seeing your course, or a journalist who might be writing an article about one&#039;s site. They should not be able to see the names of any students anywhere (eg recent activity, forum posts) for privacy reasons. They should be able to try out things like quizzes, and lessons but no grades would be recorded (like in teacher preview mode). They would not be able to participate in choices and forums but could view them. It would be read only in a way like former-student role below but without access to a particular student&#039;s records that former student role would grant.&lt;br /&gt;
&lt;br /&gt;
===Guest Speaker===&lt;br /&gt;
&lt;br /&gt;
This role would be similar to the Visitor role above, but would allow seeing student names, and also allow both reading and posting to a specific forum or forums. We often have &amp;quot;guest speakers&amp;quot; who read and respond to student forum posts. Right now we have to add them as students, which isn&#039;t ideal.&lt;br /&gt;
&lt;br /&gt;
===Former Student===&lt;br /&gt;
This role would be of particular use for courses with rolling enrollments. This role would be one where a student had completed all of the requirements of a course (ie assignments, quizzes etc.) but wished to have continued access to the course material for review or consultation. The key factor is that one would give access to the completed student to the notes he read, his work and the teacher&#039;s comments on it, but he would not be allowed to do anything that would take up the teacher&#039;s time. In other words, a sort-of read-only access to the course. How forums, which might contain pertinent information and would continue to grow, would be handled is a question. Perhaps the student would be shown only what was in the forums at the time he completed the course. He would not be allowed to see any new posts or add any himself. Same thing for database and glossary entries. In other words, a snapshot of the course at the time his regular enrollment ended. He shouldn&#039;t be able to see the names or profiles of any newly enrolled students for privacy reasons-hence the restrictions on forum access. One issue that would have to be dealt with would be changes to existing modules-such as resources. Does the student get access to the module as it was or as it is? We have no versioning of resources in Moodle so this would be a problem. What about a teacher changing a quiz question so that the answer is different? What would a former student see?&lt;br /&gt;
&lt;br /&gt;
===Alumnus=== An ALUMNUS should be able to search for all other ALUMNI of the school, interact with them and be enrolled in a seperate course - which is like a META course with all the content of his learning and interaction - as well as capabilities to be a part of this ALUMNI only course.  All the teachers of courses during school years should automatically be a part of the ALUMNI course .. which means when an ALUMNUS is enrolled in a course, the original teachers of all his courses get enrolled ?  --[[User:Anil Sharma|Anil Sharma]] 20:54, 15 July 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Librarian===&lt;br /&gt;
&lt;br /&gt;
Reference Librarians have an active role in most of the courses taught at Earlham College (with Bibliographic Instruction). The Librarian role within Moodle could encompass default read access to all courses (unless prohibited by course teacher) and read access to all components of the course unless access is barred (again by teacher). The Librarians would also perhaps have a block called perhaps Reference Services or Reference Desk with write access where they could deposit resources. Also this block might have a chat applet whereby enrolled students could chat to the Reference Librarian on duty about their bibliographic research needs.&lt;br /&gt;
&lt;br /&gt;
In schools there is often a book review system. This may be covered by the lending system database but may not in which case a librarian may neeed to have a course area they can create a database template to handle the reviews in which case they may have a normal teacher style role? Off topic but course an integration with common schools database systems would be great.&lt;br /&gt;
&lt;br /&gt;
===Teacher===&lt;br /&gt;
&lt;br /&gt;
Teachers should have read access to other Teacher&#039;s courses unless explictly prohibited. They should be able to set parts of their own course to be totally private (perhaps even to admin?). Just as each activity can currently be set to have group access, each activity could have a permissions field. Teachers could set default permissions for all activities on their course (eg they might disallow Librarian access for example) and then change the access permission for an individual activity. &lt;br /&gt;
&lt;br /&gt;
I think that what is needed is a simple heirarchy of permissions and levels of granularity.&lt;br /&gt;
&lt;br /&gt;
I would take issue with &amp;quot;teachers should have read access to other teacher&#039;s courses unless explicitly prohibited.&amp;quot; This is a violation of the students&#039; privacy as how they perform and what they do in one class isn&#039;t the business of another teacher. Moreover, in the real world a teacher wouldn&#039;t suddenly go sit in on a colleague&#039;s class without asking permission first. I would not have appreciated such an invasion of privacy as either a teacher or a student. It could be an option, but shouldn&#039;t be default.--[[User:N Hansen|N Hansen]] 19:54, 12 June 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Community Education Tutors/Trainers===&lt;br /&gt;
Teachers may be community adult education trainers making use of a school moodle so must only have access to their courses unless given access elsewhere. They would not necessarily get the default teacher privileges.&lt;br /&gt;
&lt;br /&gt;
===Secretary/Student Worker===&lt;br /&gt;
&lt;br /&gt;
We often have faculty who want their departmental secretary or student worker to scan and upload files and perhaps create resources. Currently they have to be given teacher access to the course. This is dangerous from a FERPA standpoint since they could easily get access to grades.&lt;br /&gt;
&lt;br /&gt;
===Teaching Assistant===&lt;br /&gt;
&lt;br /&gt;
Our Faculty frequently have undergraduate students acting as Teaching Assistants. These students need to be able to add resources, create assignments, and possibly grade assignments. However, due to FERPA they cannot have access to other students&#039; overall grade information. I think the requirements here are slightly different than those of Secretary/Student Worker&lt;br /&gt;
&lt;br /&gt;
===Student - FERPA rights===&lt;br /&gt;
&lt;br /&gt;
A student that has asserted their FERPA rights to non-disclosure.  Typically includes not publishing their name&lt;br /&gt;
in any public place.  Could include this student only being seen with an &amp;quot;alias&amp;quot; within course spaces.  Is this an attribute rather&lt;br /&gt;
than a role?&lt;br /&gt;
&lt;br /&gt;
===Help Desk===&lt;br /&gt;
&lt;br /&gt;
Help desk agents that have read access for the purposes of trouble shooting.  Some care in placing this role within a hierarchy&lt;br /&gt;
of inheritance is needed, full access will be problematic with FERPA.&lt;br /&gt;
&lt;br /&gt;
===Admin - Catgory based===&lt;br /&gt;
&lt;br /&gt;
Basically a person in between full Admin and Creator that has the permissions of an Admin but only with respect to courses and students. Currently a Creator has permissions site-wide which does not always meet the requirements of a given organisation (e.g. Department A may not be happy that a person from Department B can create/modify courses within Department A&#039;s area). The ability to designate a Creator within a specific category would allow areas to be set up for a faculty/department/organisation and allow the Admin for that area to create/delete courses, upload users, add site-wide entries to the calendar etc.&lt;br /&gt;
&lt;br /&gt;
===PROCESS ROLES===&lt;br /&gt;
&lt;br /&gt;
organising the learning process for a group you wish to have the choice to place students in differnt roles: examples of this are:&lt;br /&gt;
&amp;lt;li&amp;gt;1. Give a student the role of forum-moderator with edit and chunk-rights&lt;br /&gt;
&amp;lt;li&amp;gt;2. Give students different roles &amp;amp; rights in a Webquest design (and change these roles next week&lt;br /&gt;
&amp;lt;li&amp;gt;3. Give students different resources, depending of their roles in a rolegame/simulation&lt;br /&gt;
&amp;lt;li&amp;gt;4. Give a student the rights to create the section content of next week (and only that week..)&lt;br /&gt;
&amp;lt;li&amp;gt;5. ..&lt;br /&gt;
&lt;br /&gt;
==See also==&lt;br /&gt;
&lt;br /&gt;
*Using Moodle [http://moodle.org/mod/forum/discuss.php?d=38788 Roles and Permissions architecture] forum discussion&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[Category:Future]]&lt;br /&gt;
[[Category:Roles]]&lt;br /&gt;
&lt;br /&gt;
[[ru:Роли]]&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Roles&amp;diff=3088</id>
		<title>Roles</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Roles&amp;diff=3088"/>
		<updated>2006-09-07T04:05:22Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* User-level Capabilities */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&#039;&#039;&#039;Roles and permissions&#039;&#039;&#039; will be in Moodle 1.7 and are available in the developer version of Moodle.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Definitions==&lt;br /&gt;
&lt;br /&gt;
A role is an identifier of the user&#039;s status in some context, for example, teacher, student and forum moderator are examples of roles.&lt;br /&gt;
&lt;br /&gt;
A capability is a description of some particular Moodle feature. Capabilities are associated with roles. For example, &#039;&#039;mod/forum:replypost&#039;&#039; is a capability.&lt;br /&gt;
&lt;br /&gt;
A permission is some value that is assigned for a capability for a particular role.  For example, allow or prevent.&lt;br /&gt;
&lt;br /&gt;
A context is a &amp;quot;space&amp;quot; in the Moodle, such as courses, activity modules, blocks etc.&lt;br /&gt;
&lt;br /&gt;
==The existing system==&lt;br /&gt;
&lt;br /&gt;
Currently in Moodle, we have a fixed set of roles i.e. primary admin, admins, course creators, editing teachers, non-editing teachers, students, and guests. For each role, the capability or actions that they can performed are fixed. For example, the role student allows the user to submit an assignment, but doesn&#039;t allow the user to browse/edit other users&#039; work. By using this setup we limit ourselves to a rather rigid set of capabilities for each role. If we want, say a particular student or group to be able to mark assignments in a particular course, we can&#039;t do that without giving these users teacher privileges.&lt;br /&gt;
&lt;br /&gt;
==The new roles and capability system==&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{{Moodle 1.7}}The new system will allow authorized users to define an arbitrary number of roles (eg a teacher) &lt;br /&gt;
&lt;br /&gt;
A role consists of a list of permissions for different possible actions within Moodle (eg delete discussions, add activities etc)&lt;br /&gt;
&lt;br /&gt;
Roles can be applied to users in a context (eg assign Fred as a teacher in a particular course)&lt;br /&gt;
&lt;br /&gt;
Here are the possible contexts, listed from the most general to the most specific. &lt;br /&gt;
&lt;br /&gt;
#CONTEXT_SYSTEM&lt;br /&gt;
#CONTEXT_PERSONAL&lt;br /&gt;
#CONTEXT_USERID&lt;br /&gt;
#CONTEXT_COURSECAT&lt;br /&gt;
#CONTEXT_COURSE&lt;br /&gt;
#CONTEXT_GROUP&lt;br /&gt;
#CONTEXT_MODULE&lt;br /&gt;
#CONTEXT_BLOCK&lt;br /&gt;
&lt;br /&gt;
An authorized user will be able to assign an arbitrary number of roles to each user in any context.&lt;br /&gt;
&lt;br /&gt;
Capabilities can have the following permissions:&lt;br /&gt;
&lt;br /&gt;
#CAP_INHERIT&lt;br /&gt;
#CAP_ALLOW&lt;br /&gt;
#CAP_PREVENT&lt;br /&gt;
#CAP_PROHIBIT&lt;br /&gt;
&lt;br /&gt;
If no permission is defined, then the capability permission is inherited from a context that is more general than the current context. If we define different permission values for the same capability in different contexts, we say that we are overriding the capability in the more specific context.&lt;br /&gt;
&lt;br /&gt;
Since the capabilities in each role could be different, there could be conflict in capabilities. This is resolved by enforcing the rule that the capability defined for a more specific context will win, unless a prohibit is encountered in a less specific context.&lt;br /&gt;
&lt;br /&gt;
For example, Mark has a student role at course level, which allows him to write into a wiki. But Mark also got assigned a Visitor role at a module context level (for a particular wiki) which prevents him from writing to the wiki (read only). Therefore, for this particular wiki, Mark will not be able to write to the wiki since the more specific context wins.&lt;br /&gt;
&lt;br /&gt;
If we set a prohibit on a capability, it means that the capability cannot be overridden and will always have a permission of prevent (deny). Prohibit always wins. For example, Jeff has a naughty student role that prohibits him from postings in any forums (for the whole site), but he&#039;s also assigned a facilitator role in &amp;quot;Science forum&amp;quot; in the course Science and Math 101. Since prohibit always wins, Jeff is unable to post in &amp;quot;Science forum&amp;quot;.&lt;br /&gt;
&lt;br /&gt;
Allow and prevent will cancel each other out if set for the same capability at the same context level. If this happens, we refer to the previous context level to determine the permission for the capability.&lt;br /&gt;
&lt;br /&gt;
This may sound more complex than it really is in practice.  The upshot is that the system can be flexible enough to allow any combination of permissions.&lt;br /&gt;
&lt;br /&gt;
==Upgrading from 1.6==&lt;br /&gt;
&lt;br /&gt;
A smooth upgrade will be provided with 1.7. The existing roles (admin, teacher, student, etc), and the existing capabilities will be automatically retained.  This is done by creating default roles at site/course levels, and assigning the current users to these roles accordingly. The default roles will have default capabilities associated with them, mirroring what we have  in 1.6.   With no modifications, Moodle will operate exactly the same before and after the upgrade.&lt;br /&gt;
&lt;br /&gt;
===Teachers===&lt;br /&gt;
&lt;br /&gt;
Users who were teachers will be assigned the default legacy teacher role (or non-editing teacher role) in all courses they were teacher.&lt;br /&gt;
&lt;br /&gt;
===Students===&lt;br /&gt;
&lt;br /&gt;
Users who were students will be assigned the default student role in all courses they were student.&lt;br /&gt;
&lt;br /&gt;
===Guests===&lt;br /&gt;
&lt;br /&gt;
There will still be a single guest user with no default role at site level.   For each course that allows guest access, the guest role will be assigned to the guest user for that course context.   The guest control for the course will be modified from three to two options (guests always need to enter enrolment key - on/off).  This setting is checked as now to force guests to enter key.&lt;br /&gt;
&lt;br /&gt;
==Capabilities==&lt;br /&gt;
&lt;br /&gt;
This will be a comprehensive list of capabilities (it&#039;s not complete yet). It is important that capability names are unique.&lt;br /&gt;
&lt;br /&gt;
===Core-level Capabilities===&lt;br /&gt;
&lt;br /&gt;
Moodle core capability names start with &#039;moodle/&#039;.  The next word indicates what type of core capability it is, and the last word is the actual capability itself.  The capabilities for the Moodle core are defined in lib/db/access.php&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
#moodle/legacy:guest - legacy capabilities are used to transition existing users to the new roles system during the upgrade to Moodle 1.7&lt;br /&gt;
#moodle/legacy:student&lt;br /&gt;
#moodle/legacy:teacher&lt;br /&gt;
#moodle/legacy:editingteacher&lt;br /&gt;
#moodle/legacy:coursecreator&lt;br /&gt;
#moodle/legacy:admin&lt;br /&gt;
#moodle/site:doanything - special capability, meant for admins, if is set, overrides all other capability settings&lt;br /&gt;
#moodle/site:config - applicable in admin/index.php and config.php (might break down later) : 1)admin/config.php 2)admin/configure.php 3)blocks/admin/block_admin.php load_content_for_site()&lt;br /&gt;
#moodle/site:manageblocks - adding/removing/editing blocks (site, course contexts only for now) : 1)_add_edit_controls moodleblock.class.php &lt;br /&gt;
#moodle/site:backup - can create a course backup : 1)course/category.php 2)block_admin.php&lt;br /&gt;
#moodle/site:restore - can restore into this context : 1)course/category.php 2)block_admin.php&lt;br /&gt;
#moodle/site:import - can import other courses into this context : 1)block_admin.php&lt;br /&gt;
#moodle/site:accessallgroups - able to access all groups irrespective of what group the user is in&lt;br /&gt;
#moodle/site:accessdb - directly accessing db (phpmyadmin)&lt;br /&gt;
#moodle/site:viewfullnames - able to see fullnames of other users&lt;br /&gt;
#moodle/site:viewreports - able to view site/course reports&lt;br /&gt;
#moodle/site:trustcontent - ability to use trusttext feature and bypass cleaning in specific areas&lt;br /&gt;
#moodle/blog:view - read blogs&lt;br /&gt;
#moodle/blog:create - write new blog posts&lt;br /&gt;
#moodle/blog:manageofficialtags - create/delete official blog tags that others can use&lt;br /&gt;
#moodle/blog:managepersonaltags - create/delete official blog tags that others can use&lt;br /&gt;
#moodle/blog:manageentries - edit/delete all blog entries&lt;br /&gt;
#moodle/course:setcurrentsection - mark course section&lt;br /&gt;
#moodle/course:create - create courses : 1)course/edit.php 2)course/category.php 3)course/index.php&lt;br /&gt;
#moodle/course:delete - create courses : 1)course/category.php&lt;br /&gt;
#moodle/course:update - update course settings&lt;br /&gt;
#moodle/course:view - can use this to find participants&lt;br /&gt;
#moodle/course:viewparticipants - allows a user to view participant list&lt;br /&gt;
#moodle/course:viewscales - view scales (i.e. in a help window?) : 1)course/scales.php&lt;br /&gt;
#moodle/course:manageactivities - adding/removing/editing activities and resources (don&#039;t think it makes any sense to split these)&lt;br /&gt;
#moodle/course:managescales - add, delete, edit scales, move scales up and down : 1)blocks/block_admin.php 2)course/scales.php&lt;br /&gt;
#moodle/course:managegroups - managing groups, add, edit, delete : 1)course/groups.php 2)course/group.php&lt;br /&gt;
#moodle/course:managefiles - manage course files and folders&lt;br /&gt;
#moodle/course:managequestions - manage course questions&lt;br /&gt;
#moodle/course:reset - able to reset the course&lt;br /&gt;
#moodle/course:visibility - hide/show courses : 1)course/category.php&lt;br /&gt;
#moodle/course:activityvisibility - hide/show activities within a course&lt;br /&gt;
#moodle/course:viewhiddenactivities - able to see activities that have been hidden&lt;br /&gt;
#moodle/course:sectionvisibility - hide/show sections&lt;br /&gt;
#moodle/course:viewhiddensections - view hidden sections&lt;br /&gt;
#moodle/course:viewcoursegrades - views all grades in course&lt;br /&gt;
#moodle/course:managegrades - manages grades settings in course&lt;br /&gt;
#moodle/category:create - create category : 1)course/index.php&lt;br /&gt;
#moodle/category:delete - delete category : 1)course/index.php&lt;br /&gt;
#moodle/category:update - update category settings : 1)course/category.php&lt;br /&gt;
#moodle/category:visibility - hide/show categories : 1)course/index.php&lt;br /&gt;
#moodle/user:viewusergrades - view your own, or other user&#039;s grades (with specified context)&lt;br /&gt;
#moodle/user:create - create user : 1) user/edit.php&lt;br /&gt;
#moodle/user:delete - delete user : 1) admin/user.php&lt;br /&gt;
#moodle/user:update - update user settings : 1) user/edit.php&lt;br /&gt;
#moodle/user:viewdetails - view personally-identifying user details (e.g. name, photo). This ties in with the &amp;quot;visitor&amp;quot; scenario described below.&lt;br /&gt;
#moodle/calendar:manageownentries - create/edit/delete &lt;br /&gt;
#moodle/calendar:manageentries - create/edit/delete&lt;br /&gt;
#moodle/role:assign - assign roles to users&lt;br /&gt;
#moodle/role:override - can override role capabilities (depending on context)&lt;br /&gt;
#moodle/role:manage - create/edit/delete roles, set capability permissions for each role&lt;br /&gt;
#moodle/question:import - imports questions (course level?) - Yes, question permissions currently need to be course-level.--[[User:Tim Hunt|Tim Hunt]]&lt;br /&gt;
#moodle/question:export - exports questions (course level?)&lt;br /&gt;
#moodle/question:managecateory - add/delete/edit question categories (course level?)&lt;br /&gt;
#moodle/question:manage - add/edit/delete a question (course level)&lt;br /&gt;
&lt;br /&gt;
===User-level Capabilities===&lt;br /&gt;
# moodle/user:readuserposts -read individual user posts on profile page (parent?)&lt;br /&gt;
# moodle/user:readuserblogs -read individual user blogs on profile page (parent?)&lt;br /&gt;
# moodle/user:viewuseractivitiesreport-read individual activity report on profile page (parent?)&lt;br /&gt;
# moodle/user:editprofile - edit profile (normally used in CONTEXT_USERID and CONTEXT_SYSTEM)&lt;br /&gt;
&lt;br /&gt;
===Module-level Capabilities===&lt;br /&gt;
The capabilities are cached into a database table when a module is installed or updated. Whenever the capability definitions are updated, the module version number should be bumped up so that the database table can be updated.&lt;br /&gt;
&lt;br /&gt;
The naming convention for capabilities that are specific to modules and blocks is &#039;mod/mod_name:capability&#039;.  The part before the colon is the full path to the module in the Moodle code.  The module capabilities are defined in mod/mod_name/db/access.php.&lt;br /&gt;
&lt;br /&gt;
#Assignment&lt;br /&gt;
##mod/assignment:view- reading the assignment description&lt;br /&gt;
##mod/assignment:submit - turn assignment in&lt;br /&gt;
##mod/assignment:grade - grading, viewing of list of submitted assignments&lt;br /&gt;
#Chat&lt;br /&gt;
##mod/chat:chat - allows a user to participate in this chat&lt;br /&gt;
##mod/chat:readlog - allows a user to read past chat session logs&lt;br /&gt;
##mod/chat:deletelog - allows a user to delete past chat logs&lt;br /&gt;
#Choice&lt;br /&gt;
##mod/choice:choose - make a choice&lt;br /&gt;
##mod/choice:readresponses - read all responses&lt;br /&gt;
##mod/choice:deleteresponses - deletes all responses&lt;br /&gt;
##mod/choice:downloadresponses - download responses&lt;br /&gt;
#Database&lt;br /&gt;
##mod/data:readentry - reads other people&#039;s entry&lt;br /&gt;
##mod/data:writeentry - add / edit and delete (own) entries&lt;br /&gt;
##mod/data:managetemplates - add, delete, edit fields and templates&lt;br /&gt;
##mod/data:manageentries - edit/delete all entries&lt;br /&gt;
##mod/data:comment - comment&lt;br /&gt;
##mod/data:managecomments - edit/delete all comments&lt;br /&gt;
##mod/data:rate - rate an entry&lt;br /&gt;
##mod/data:approve - approves an entry&lt;br /&gt;
##mod/data:uploadentries - batch upload of entries&lt;br /&gt;
#Exercise&lt;br /&gt;
##mod/exercise:assess&lt;br /&gt;
#Forum&lt;br /&gt;
##mod/forum:viewforum&lt;br /&gt;
##mod/forum:viewdiscussion&lt;br /&gt;
##mod/forum:viewdiscussionsfromallgroups&lt;br /&gt;
##mod/forum:viewhiddentimedposts&lt;br /&gt;
##mod/forum:startdiscussion&lt;br /&gt;
##mod/forum:replypost&lt;br /&gt;
##mod/forum:viewrating&lt;br /&gt;
##mod/forum:viewanyrating&lt;br /&gt;
##mod/forum:rate&lt;br /&gt;
##mod/forum:createattachment&lt;br /&gt;
##mod/forum:deleteownpost&lt;br /&gt;
##mod/forum:deleteanypost&lt;br /&gt;
##mod/forum:splitdiscussions&lt;br /&gt;
##mod/forum:movediscussions&lt;br /&gt;
##mod/forum:editanypost&lt;br /&gt;
##mod/forum:viewqandawithoutposting&lt;br /&gt;
##mod/forum:viewsubscribers&lt;br /&gt;
##mod/forum:managesubscriptions&lt;br /&gt;
##mod/forum:throttlingapplies&lt;br /&gt;
#Glossary&lt;br /&gt;
##mod/glossary:view - read entries&lt;br /&gt;
##mod/glossary:write - add entries&lt;br /&gt;
##mod/glossary:manageentries - add, edit, delete entries&lt;br /&gt;
##mod/glossary:managecategories - create, delete, edit categories&lt;br /&gt;
##mod/glossary:comment - comment on an entry&lt;br /&gt;
##mod/glossary:managecomments - edit, delete comments&lt;br /&gt;
##mod/glossary:import - import glossaries&lt;br /&gt;
##mod/glossary:export - export glossaries&lt;br /&gt;
##mod/glossary:approve - approve glossaries&lt;br /&gt;
##mod/glossary:rate - rates glossary&lt;br /&gt;
##mod/glossary:viewrating - view ratings&lt;br /&gt;
#Hotpot&lt;br /&gt;
##mod/hotpot:attempt - attempt a hotpot&lt;br /&gt;
##mod/hotpot:viewreport - review and view reports&lt;br /&gt;
##mod/hotpot:grade - (grade? and) regrade&lt;br /&gt;
##mod/hotpot:deleteattempt - deletes attempts&lt;br /&gt;
#Label&lt;br /&gt;
##none&lt;br /&gt;
#Lams&lt;br /&gt;
##TBD&lt;br /&gt;
#Lesson&lt;br /&gt;
##TBD&lt;br /&gt;
#Quiz&lt;br /&gt;
##mod/quiz:grade - comment, override grade, manual grade&lt;br /&gt;
##mod/quiz:preview - previews the quiz&lt;br /&gt;
##mod/quiz:viewreports - view quiz result reports&lt;br /&gt;
##mod/quiz:manage - add/delete/move (up or down) questions for a quiz&lt;br /&gt;
##mod/quiz:attempt - attempt the quiz--[[User:Tim Hunt|Tim Hunt]]&lt;br /&gt;
#Resource&lt;br /&gt;
##mod/resource:view&lt;br /&gt;
#Scorm&lt;br /&gt;
##mod/scorm:view&lt;br /&gt;
##mod/scorm:viewgrades&lt;br /&gt;
#Survey&lt;br /&gt;
##mod/survey:download - downloads survery result&lt;br /&gt;
##mod/survey:participate - participate/ do survey&lt;br /&gt;
##mod/survey:readresponses - read all user&#039;s responese&lt;br /&gt;
#Wiki&lt;br /&gt;
##Waiting on new wiki&lt;br /&gt;
#Workshop&lt;br /&gt;
##Waiting on new Workshop&lt;br /&gt;
&lt;br /&gt;
===Enrolment-level Capabilities===&lt;br /&gt;
&lt;br /&gt;
The naming convention for capabilities that are specific to enrolment is &#039;enrol/enrol_name:capability&#039;. The enrolment capabilities are defined in enrol/enrol_name/db/access.php.&lt;br /&gt;
&lt;br /&gt;
#Authorize.net Payment Gateway &lt;br /&gt;
##enrol/authorize:managepayments - manage user payments, capture, void, refund, delete etc.&lt;br /&gt;
&lt;br /&gt;
===Blocks===&lt;br /&gt;
#activity_modules&lt;br /&gt;
##None&lt;br /&gt;
#admin&lt;br /&gt;
#admin_2&lt;br /&gt;
#admin_bookmarks&lt;br /&gt;
#blog_menu&lt;br /&gt;
#blog_tags&lt;br /&gt;
#calendar_month&lt;br /&gt;
#calendar_upcoming&lt;br /&gt;
#course_list&lt;br /&gt;
#course_summary&lt;br /&gt;
#glossary_random&lt;br /&gt;
#html&lt;br /&gt;
#loancalc&lt;br /&gt;
#login&lt;br /&gt;
#messages&lt;br /&gt;
#news_items&lt;br /&gt;
#online_users&lt;br /&gt;
#participants&lt;br /&gt;
#quiz_results&lt;br /&gt;
#recent_activity&lt;br /&gt;
#rss_client&lt;br /&gt;
#search&lt;br /&gt;
#search_forums&lt;br /&gt;
#section_links&lt;br /&gt;
#site_main_menu&lt;br /&gt;
#social_activities&lt;br /&gt;
&lt;br /&gt;
===Questions===&lt;br /&gt;
I am adding question categories here because they seem to have been forgotten in the whole scheme of things since having been removed from the quiz module itself. I&#039;ve made a suggestion on how these could be handled in [http://www.moodle.org/bugs/bug.php?op=show&amp;amp;bugid=6118&amp;amp;pos= bug 6118].&lt;br /&gt;
&lt;br /&gt;
See [http://moodle.org/mod/forum/discuss.php?d=51143 this forum thread] for a discussion about the current problems wth publishing question categories.[[User:Tim Hunt|Tim Hunt]] 18:50, 8 August 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
==Programming Interface==&lt;br /&gt;
&lt;br /&gt;
Although the Roles system may look complicated at first glance, implementing it in Moodle code is fairly simple.&lt;br /&gt;
&lt;br /&gt;
* You need to define each capability once, so that Moodle can upgrade existing roles to take advantage of it.  You do this in an access.php inside the db folder of any module (eg see mod/forum/db/access.php).  The array contains entries like this (note the descriptions for the legacy roles which provides forward compatibility):&lt;br /&gt;
    &#039;mod/forum:viewforum&#039; =&amp;gt; array(&lt;br /&gt;
        &#039;captype&#039; =&amp;gt; &#039;read&#039;,&lt;br /&gt;
        &#039;contextlevel&#039; =&amp;gt; CONTEXT_MODULE,&lt;br /&gt;
        &#039;legacy&#039; =&amp;gt; array(&lt;br /&gt;
            &#039;guest&#039; =&amp;gt; CAP_PREVENT,&lt;br /&gt;
            &#039;student&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;teacher&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;editingteacher&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;coursecreator&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;admin&#039; =&amp;gt; CAP_ALLOW&lt;br /&gt;
        )&lt;br /&gt;
    ),&lt;br /&gt;
* To load/change these capabilities you need to bump the module version.   There&#039;s no need to provide changes or differences as Moodle will scan the whole array and sort it out.&lt;br /&gt;
* On each page you need to find the context the user is working in, using the get_context_instance() function.  For example, in the forum module:&lt;br /&gt;
&lt;br /&gt;
  $context = get_context_instance(CONTEXT_MODULE, $cm-&amp;gt;id);&lt;br /&gt;
* Then, whenever you want to check that the current user has rights to do something, call has_capability() like this:&lt;br /&gt;
    if (!has_capability(&#039;mod/forum:viewforum&#039;, $context)) {&lt;br /&gt;
        print_error(&#039;nopermissiontoviewforum&#039;);&lt;br /&gt;
    }&lt;br /&gt;
* If you just want to assert a capability and then finish with an error message if it&#039;s not met (as we did above), then a shorter way it to use require_capability() like this:&lt;br /&gt;
&lt;br /&gt;
    require_capability(&#039;mod/forum:viewforum&#039;, $context);&lt;br /&gt;
&lt;br /&gt;
* Note that there are extra parameters you can specify to get a custom error message, otherwise users get an automated &amp;quot;No permissions&amp;quot; message that lists the permission they were missing.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
As a result of the new Roles System, all calls to isadmin(), iscoursecreator, isteacheredit(), isteacher(), isstudent(), and isguest() will have to be replaced with calls to has_capability() or require_capability().   However, these functions will be retained for some backward compatibility with old code, using the legacy capabilities to try and work out what to do.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Problem areas we are working on ==&lt;br /&gt;
&lt;br /&gt;
===Student view===&lt;br /&gt;
&lt;br /&gt;
The &amp;quot;Student view&amp;quot; button has been removed completely.&lt;br /&gt;
&lt;br /&gt;
If there is time and a secure way can be found, it will be replaced by a menu to let the user assume a temporary role in the context of that course.&lt;br /&gt;
&lt;br /&gt;
===Teacher forum===&lt;br /&gt;
&lt;br /&gt;
Teacher forums were always a curious exception to normal forums, as they were not part of a course as such, and were not backed up.&lt;br /&gt;
&lt;br /&gt;
We&#039;re taking the opportunity to rectify this.   The upgrade converts teacher forums with content to normal forums in section 0 of the course, and ensures that only teachers can access them.  If the teacher forum had not been used in the course then it&#039;s not converted and will just dissappear.&lt;br /&gt;
&lt;br /&gt;
===Enrolment plugins===&lt;br /&gt;
&lt;br /&gt;
====Process of logging in====&lt;br /&gt;
&lt;br /&gt;
(more soon)&lt;br /&gt;
&lt;br /&gt;
====Process of checking access to a course====&lt;br /&gt;
&lt;br /&gt;
require_login($course-&amp;gt;id) is called by the script and has logic like this:&lt;br /&gt;
&lt;br /&gt;
# Is the user a guest at site level?&lt;br /&gt;
## Yes: Does the course allow guests?&lt;br /&gt;
### Yes: return true (and further capabilities are checked by the script)&lt;br /&gt;
### No:  send the user to course/enrol.php for enrolment&lt;br /&gt;
## No: continue below&lt;br /&gt;
&lt;br /&gt;
# Does the user have moodle/course:view in that (course) context?&lt;br /&gt;
## Yes: then they can enter (and further capabilities are checked by the script)&lt;br /&gt;
##  No: is guest access allowed on the course?&lt;br /&gt;
### Yes: assign temporary guest role to that user for that context (in session cache).&lt;br /&gt;
### No: send the user to course/enrol.php for enrolment.&lt;br /&gt;
&lt;br /&gt;
====Process of enrolling====&lt;br /&gt;
&lt;br /&gt;
(more soon)&lt;br /&gt;
&lt;br /&gt;
==Scenario brainstorming==&lt;br /&gt;
&lt;br /&gt;
This section is for brainstorming some example roles that we would like to support.  Note some of these *may* not be possible in 1.7.&lt;br /&gt;
&lt;br /&gt;
===Student===&lt;br /&gt;
Has this one been missed?&lt;br /&gt;
&lt;br /&gt;
===Site Designers===&lt;br /&gt;
Is there a role for people involved in how the site looks but not full administrators? Thinking here of online control of themes rather than FTP theme uploading. But in either case they caneditlogos, caneditcss, candeditlevelatwhichthemeapplies.&lt;br /&gt;
&lt;br /&gt;
===Educational Authority Adviser===&lt;br /&gt;
Someone who would want to browse the site and may be asked to comment or contribute to particular discussions or developments in school. Access for this role would be controlled by the school in the case of school level moodles but may be different if there were to be a Local Authority wide Moodle.&lt;br /&gt;
&lt;br /&gt;
===Educational Inspector===&lt;br /&gt;
Someone who will visit the site to verify the school&#039;s self review that comments on home school relationships, extending the classroom etc. They may want to see summaries of usage and reports from surveys garnering parent and pupil views.&lt;br /&gt;
&lt;br /&gt;
===Second Marker / Moderator===&lt;br /&gt;
A teacher within ths site that has access to assignments and quizzes from another teacher&#039;s course for second marking purposes. This may need additional functionality adding to the assignment module so that two sets of grades/feedback can be given to one set of assignments.&lt;br /&gt;
&lt;br /&gt;
===Peer observer of teaching===&lt;br /&gt;
Many institutions encourage peer observation of teaching, to encourage reflection on practice. In online environments this will be similar to moderation or inspection. The peer observer would need to be able to experience the course &amp;quot;as a student&amp;quot;, but also to be able to view summaries of usage, transcripts of interactions (forums/surveys/polls etc), grades assigned (e.g. in assignments).&lt;br /&gt;
&lt;br /&gt;
===External Examiner===&lt;br /&gt;
Has all the rights of inpectors, but would also need to be able to review assignments and feedback, view forums, glossaries etc. However, would not want to post, feedback onto the site at all.&lt;br /&gt;
&lt;br /&gt;
===Parent===&lt;br /&gt;
A parent will have one or more children in one or more institutions which could be using one or more moodle instances or a mixture of Learning Platforms. A parent&#039;s role will vary depending on the age of their children and whether they are contributing as a parent or a school supporter.&lt;br /&gt;
&lt;br /&gt;
In Early Years (EY=3+4 yr olds) and Key Stage 1 (KS1=5+6 yr olds) they may play/learn on an activity or write for the child. Parents often interpret homework tasks and read to their children perhaps filling in a joint reading diary. In Key Stage 2 (KS2=7-11 yr olds) parents would be more monitoring but may join in as well.&lt;br /&gt;
&lt;br /&gt;
In Key stages 3 (KS3=12-14 yr olds) and 4 (KS4=15+16 yr olds) this changes to more of a monitoring/awareness role where a parent would expect to have a summary report of attendance, attainment and general achievement on a weekly/monthly/termly or annual basis. Parents will often be asked to sign and write back comments about this review report.&lt;br /&gt;
&lt;br /&gt;
In all Key Stages there is a great need for parents to receive communication from the school which they can confirm they have received by signing a form. In some cases this may also involve making choices from a list. It may also involve payment for a trip or disco being returned so there could be the possibility of electronic payments. Also in all Key Satges there may be a home-school agreement which may be signed up to. Could this form part of a site policy system that incorporates a tickable list of activities the parent agrees to the child using (blogs/wikis/forums etc.)?&lt;br /&gt;
&lt;br /&gt;
Parent&#039;s evenings often involve complex booking systems that attempt to get parent&#039;s and teachers together. Easy for EY/KS1/KS2 very difficult for KS3/KS4. Wow would this help if it was built into the Learning Platform.&lt;br /&gt;
&lt;br /&gt;
In some cases there needs to be confidential communication between the parent and the teacher without the child being party to this. It may involve teaching and learning but could also involve a behaviour or medical issue. Often this may be done via a sealed letter or face to face. &lt;br /&gt;
&lt;br /&gt;
The latest incarnation of OfSTED with the Self Review Framework (SEF) there is a greater emphasis on schools gathering parent voice via surveys and discussion. There is a clear match here with parents have access to parental votes, questionnaires and discussions and for schools to be able to publish news, results and reports back to parents.&lt;br /&gt;
&lt;br /&gt;
In the UK the LP framework and agenda as being pushed by the DfES via Becta emphasises that within the mandatory groups and roles functionality the parent role is likely to be required to meet the LP Framework procurement standard.&lt;br /&gt;
&lt;br /&gt;
Again in the UK, parents have their own independent right of access to a child&#039;s educational records. Obviously, children&#039;s records must not be made available to other parties, including the parents of other children in the same class. Thus it would be necessary to associate parent accounts with their own child&#039;s accounts in such a way that they could, if so desired, have read access to their child&#039;s grades, answers and contributions, but generally not those of other children - this may be problematic in the case of wiki activities or forum posts.&lt;br /&gt;
&lt;br /&gt;
There is some concern that children&#039;s forum contributions etc may be constrained if their parents are able to read all that they write; this may be particularly problematic in areas such as Personal, Social and Health Education (PSHE), where some schools may choose to use obfuscated usernames.&lt;br /&gt;
&lt;br /&gt;
===Manager===&lt;br /&gt;
&#039;&#039;Please add text here...&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Weekly Seminar Leader===&lt;br /&gt;
&#039;&#039;In a university seminar, typically 8-15 students in their 3rd/4th year, each student is responsible for leading one topic in a study series.  I ask each student to research 5-10 resources, then give a powerpoint presentation to the other students.  This is followed by an in-class discussion and then online homework.  The homework involves some fun quiz questions and then some reflective journal questions.  I ask each seminar leader to prepare the quiz questions and journal questions as well as their presentation.  To do that, I would like to assign activity-making/authoring roles to the student--either for a short period, or for duration of the whole course.  Thus &amp;quot;Allow Quiz Authoring Role&amp;quot; or &amp;quot;Allow Assignment Authoring Role&amp;quot; at the course level or, if possible, even the Topic level (in a topic or week format course) would be important.&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Mentor/Mentee===&lt;br /&gt;
&#039;&#039;Please add text here...&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Community-Designed Rating Criteria===&lt;br /&gt;
&#039;&#039;The gradebook tends to be the domain of the teacher.  What if community/peer ratings/marks could also be entered there? What if peer assessment criteria could be designed by the students, not just the teacher?&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Visitor===&lt;br /&gt;
&lt;br /&gt;
This would be a role whereby one could allow a visitor to visit one&#039;s classroom. This might be a colleague interested in seeing your course, or a journalist who might be writing an article about one&#039;s site. They should not be able to see the names of any students anywhere (eg recent activity, forum posts) for privacy reasons. They should be able to try out things like quizzes, and lessons but no grades would be recorded (like in teacher preview mode). They would not be able to participate in choices and forums but could view them. It would be read only in a way like former-student role below but without access to a particular student&#039;s records that former student role would grant.&lt;br /&gt;
&lt;br /&gt;
===Guest Speaker===&lt;br /&gt;
&lt;br /&gt;
This role would be similar to the Visitor role above, but would allow seeing student names, and also allow both reading and posting to a specific forum or forums. We often have &amp;quot;guest speakers&amp;quot; who read and respond to student forum posts. Right now we have to add them as students, which isn&#039;t ideal.&lt;br /&gt;
&lt;br /&gt;
===Former Student===&lt;br /&gt;
This role would be of particular use for courses with rolling enrollments. This role would be one where a student had completed all of the requirements of a course (ie assignments, quizzes etc.) but wished to have continued access to the course material for review or consultation. The key factor is that one would give access to the completed student to the notes he read, his work and the teacher&#039;s comments on it, but he would not be allowed to do anything that would take up the teacher&#039;s time. In other words, a sort-of read-only access to the course. How forums, which might contain pertinent information and would continue to grow, would be handled is a question. Perhaps the student would be shown only what was in the forums at the time he completed the course. He would not be allowed to see any new posts or add any himself. Same thing for database and glossary entries. In other words, a snapshot of the course at the time his regular enrollment ended. He shouldn&#039;t be able to see the names or profiles of any newly enrolled students for privacy reasons-hence the restrictions on forum access. One issue that would have to be dealt with would be changes to existing modules-such as resources. Does the student get access to the module as it was or as it is? We have no versioning of resources in Moodle so this would be a problem. What about a teacher changing a quiz question so that the answer is different? What would a former student see?&lt;br /&gt;
&lt;br /&gt;
===Alumnus=== An ALUMNUS should be able to search for all other ALUMNI of the school, interact with them and be enrolled in a seperate course - which is like a META course with all the content of his learning and interaction - as well as capabilities to be a part of this ALUMNI only course.  All the teachers of courses during school years should automatically be a part of the ALUMNI course .. which means when an ALUMNUS is enrolled in a course, the original teachers of all his courses get enrolled ?  --[[User:Anil Sharma|Anil Sharma]] 20:54, 15 July 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Librarian===&lt;br /&gt;
&lt;br /&gt;
Reference Librarians have an active role in most of the courses taught at Earlham College (with Bibliographic Instruction). The Librarian role within Moodle could encompass default read access to all courses (unless prohibited by course teacher) and read access to all components of the course unless access is barred (again by teacher). The Librarians would also perhaps have a block called perhaps Reference Services or Reference Desk with write access where they could deposit resources. Also this block might have a chat applet whereby enrolled students could chat to the Reference Librarian on duty about their bibliographic research needs.&lt;br /&gt;
&lt;br /&gt;
In schools there is often a book review system. This may be covered by the lending system database but may not in which case a librarian may neeed to have a course area they can create a database template to handle the reviews in which case they may have a normal teacher style role? Off topic but course an integration with common schools database systems would be great.&lt;br /&gt;
&lt;br /&gt;
===Teacher===&lt;br /&gt;
&lt;br /&gt;
Teachers should have read access to other Teacher&#039;s courses unless explictly prohibited. They should be able to set parts of their own course to be totally private (perhaps even to admin?). Just as each activity can currently be set to have group access, each activity could have a permissions field. Teachers could set default permissions for all activities on their course (eg they might disallow Librarian access for example) and then change the access permission for an individual activity. &lt;br /&gt;
&lt;br /&gt;
I think that what is needed is a simple heirarchy of permissions and levels of granularity.&lt;br /&gt;
&lt;br /&gt;
I would take issue with &amp;quot;teachers should have read access to other teacher&#039;s courses unless explicitly prohibited.&amp;quot; This is a violation of the students&#039; privacy as how they perform and what they do in one class isn&#039;t the business of another teacher. Moreover, in the real world a teacher wouldn&#039;t suddenly go sit in on a colleague&#039;s class without asking permission first. I would not have appreciated such an invasion of privacy as either a teacher or a student. It could be an option, but shouldn&#039;t be default.--[[User:N Hansen|N Hansen]] 19:54, 12 June 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Community Education Tutors/Trainers===&lt;br /&gt;
Teachers may be community adult education trainers making use of a school moodle so must only have access to their courses unless given access elsewhere. They would not necessarily get the default teacher privileges.&lt;br /&gt;
&lt;br /&gt;
===Secretary/Student Worker===&lt;br /&gt;
&lt;br /&gt;
We often have faculty who want their departmental secretary or student worker to scan and upload files and perhaps create resources. Currently they have to be given teacher access to the course. This is dangerous from a FERPA standpoint since they could easily get access to grades.&lt;br /&gt;
&lt;br /&gt;
===Teaching Assistant===&lt;br /&gt;
&lt;br /&gt;
Our Faculty frequently have undergraduate students acting as Teaching Assistants. These students need to be able to add resources, create assignments, and possibly grade assignments. However, due to FERPA they cannot have access to other students&#039; overall grade information. I think the requirements here are slightly different than those of Secretary/Student Worker&lt;br /&gt;
&lt;br /&gt;
===Student - FERPA rights===&lt;br /&gt;
&lt;br /&gt;
A student that has asserted their FERPA rights to non-disclosure.  Typically includes not publishing their name&lt;br /&gt;
in any public place.  Could include this student only being seen with an &amp;quot;alias&amp;quot; within course spaces.  Is this an attribute rather&lt;br /&gt;
than a role?&lt;br /&gt;
&lt;br /&gt;
===Help Desk===&lt;br /&gt;
&lt;br /&gt;
Help desk agents that have read access for the purposes of trouble shooting.  Some care in placing this role within a hierarchy&lt;br /&gt;
of inheritance is needed, full access will be problematic with FERPA.&lt;br /&gt;
&lt;br /&gt;
===Admin - Catgory based===&lt;br /&gt;
&lt;br /&gt;
Basically a person in between full Admin and Creator that has the permissions of an Admin but only with respect to courses and students. Currently a Creator has permissions site-wide which does not always meet the requirements of a given organisation (e.g. Department A may not be happy that a person from Department B can create/modify courses within Department A&#039;s area). The ability to designate a Creator within a specific category would allow areas to be set up for a faculty/department/organisation and allow the Admin for that area to create/delete courses, upload users, add site-wide entries to the calendar etc.&lt;br /&gt;
&lt;br /&gt;
===PROCESS ROLES===&lt;br /&gt;
&lt;br /&gt;
organising the learning process for a group you wish to have the choice to place students in differnt roles: examples of this are:&lt;br /&gt;
&amp;lt;li&amp;gt;1. Give a student the role of forum-moderator with edit and chunk-rights&lt;br /&gt;
&amp;lt;li&amp;gt;2. Give students different roles &amp;amp; rights in a Webquest design (and change these roles next week&lt;br /&gt;
&amp;lt;li&amp;gt;3. Give students different resources, depending of their roles in a rolegame/simulation&lt;br /&gt;
&amp;lt;li&amp;gt;4. Give a student the rights to create the section content of next week (and only that week..)&lt;br /&gt;
&amp;lt;li&amp;gt;5. ..&lt;br /&gt;
&lt;br /&gt;
==See also==&lt;br /&gt;
&lt;br /&gt;
*Using Moodle [http://moodle.org/mod/forum/discuss.php?d=38788 Roles and Permissions architecture] forum discussion&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[Category:Future]]&lt;br /&gt;
[[Category:Roles]]&lt;br /&gt;
&lt;br /&gt;
[[ru:Роли]]&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Roles&amp;diff=3087</id>
		<title>Roles</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Roles&amp;diff=3087"/>
		<updated>2006-09-07T04:05:02Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* User-level Capabilities */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&#039;&#039;&#039;Roles and permissions&#039;&#039;&#039; will be in Moodle 1.7 and are available in the developer version of Moodle.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Definitions==&lt;br /&gt;
&lt;br /&gt;
A role is an identifier of the user&#039;s status in some context, for example, teacher, student and forum moderator are examples of roles.&lt;br /&gt;
&lt;br /&gt;
A capability is a description of some particular Moodle feature. Capabilities are associated with roles. For example, &#039;&#039;mod/forum:replypost&#039;&#039; is a capability.&lt;br /&gt;
&lt;br /&gt;
A permission is some value that is assigned for a capability for a particular role.  For example, allow or prevent.&lt;br /&gt;
&lt;br /&gt;
A context is a &amp;quot;space&amp;quot; in the Moodle, such as courses, activity modules, blocks etc.&lt;br /&gt;
&lt;br /&gt;
==The existing system==&lt;br /&gt;
&lt;br /&gt;
Currently in Moodle, we have a fixed set of roles i.e. primary admin, admins, course creators, editing teachers, non-editing teachers, students, and guests. For each role, the capability or actions that they can performed are fixed. For example, the role student allows the user to submit an assignment, but doesn&#039;t allow the user to browse/edit other users&#039; work. By using this setup we limit ourselves to a rather rigid set of capabilities for each role. If we want, say a particular student or group to be able to mark assignments in a particular course, we can&#039;t do that without giving these users teacher privileges.&lt;br /&gt;
&lt;br /&gt;
==The new roles and capability system==&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{{Moodle 1.7}}The new system will allow authorized users to define an arbitrary number of roles (eg a teacher) &lt;br /&gt;
&lt;br /&gt;
A role consists of a list of permissions for different possible actions within Moodle (eg delete discussions, add activities etc)&lt;br /&gt;
&lt;br /&gt;
Roles can be applied to users in a context (eg assign Fred as a teacher in a particular course)&lt;br /&gt;
&lt;br /&gt;
Here are the possible contexts, listed from the most general to the most specific. &lt;br /&gt;
&lt;br /&gt;
#CONTEXT_SYSTEM&lt;br /&gt;
#CONTEXT_PERSONAL&lt;br /&gt;
#CONTEXT_USERID&lt;br /&gt;
#CONTEXT_COURSECAT&lt;br /&gt;
#CONTEXT_COURSE&lt;br /&gt;
#CONTEXT_GROUP&lt;br /&gt;
#CONTEXT_MODULE&lt;br /&gt;
#CONTEXT_BLOCK&lt;br /&gt;
&lt;br /&gt;
An authorized user will be able to assign an arbitrary number of roles to each user in any context.&lt;br /&gt;
&lt;br /&gt;
Capabilities can have the following permissions:&lt;br /&gt;
&lt;br /&gt;
#CAP_INHERIT&lt;br /&gt;
#CAP_ALLOW&lt;br /&gt;
#CAP_PREVENT&lt;br /&gt;
#CAP_PROHIBIT&lt;br /&gt;
&lt;br /&gt;
If no permission is defined, then the capability permission is inherited from a context that is more general than the current context. If we define different permission values for the same capability in different contexts, we say that we are overriding the capability in the more specific context.&lt;br /&gt;
&lt;br /&gt;
Since the capabilities in each role could be different, there could be conflict in capabilities. This is resolved by enforcing the rule that the capability defined for a more specific context will win, unless a prohibit is encountered in a less specific context.&lt;br /&gt;
&lt;br /&gt;
For example, Mark has a student role at course level, which allows him to write into a wiki. But Mark also got assigned a Visitor role at a module context level (for a particular wiki) which prevents him from writing to the wiki (read only). Therefore, for this particular wiki, Mark will not be able to write to the wiki since the more specific context wins.&lt;br /&gt;
&lt;br /&gt;
If we set a prohibit on a capability, it means that the capability cannot be overridden and will always have a permission of prevent (deny). Prohibit always wins. For example, Jeff has a naughty student role that prohibits him from postings in any forums (for the whole site), but he&#039;s also assigned a facilitator role in &amp;quot;Science forum&amp;quot; in the course Science and Math 101. Since prohibit always wins, Jeff is unable to post in &amp;quot;Science forum&amp;quot;.&lt;br /&gt;
&lt;br /&gt;
Allow and prevent will cancel each other out if set for the same capability at the same context level. If this happens, we refer to the previous context level to determine the permission for the capability.&lt;br /&gt;
&lt;br /&gt;
This may sound more complex than it really is in practice.  The upshot is that the system can be flexible enough to allow any combination of permissions.&lt;br /&gt;
&lt;br /&gt;
==Upgrading from 1.6==&lt;br /&gt;
&lt;br /&gt;
A smooth upgrade will be provided with 1.7. The existing roles (admin, teacher, student, etc), and the existing capabilities will be automatically retained.  This is done by creating default roles at site/course levels, and assigning the current users to these roles accordingly. The default roles will have default capabilities associated with them, mirroring what we have  in 1.6.   With no modifications, Moodle will operate exactly the same before and after the upgrade.&lt;br /&gt;
&lt;br /&gt;
===Teachers===&lt;br /&gt;
&lt;br /&gt;
Users who were teachers will be assigned the default legacy teacher role (or non-editing teacher role) in all courses they were teacher.&lt;br /&gt;
&lt;br /&gt;
===Students===&lt;br /&gt;
&lt;br /&gt;
Users who were students will be assigned the default student role in all courses they were student.&lt;br /&gt;
&lt;br /&gt;
===Guests===&lt;br /&gt;
&lt;br /&gt;
There will still be a single guest user with no default role at site level.   For each course that allows guest access, the guest role will be assigned to the guest user for that course context.   The guest control for the course will be modified from three to two options (guests always need to enter enrolment key - on/off).  This setting is checked as now to force guests to enter key.&lt;br /&gt;
&lt;br /&gt;
==Capabilities==&lt;br /&gt;
&lt;br /&gt;
This will be a comprehensive list of capabilities (it&#039;s not complete yet). It is important that capability names are unique.&lt;br /&gt;
&lt;br /&gt;
===Core-level Capabilities===&lt;br /&gt;
&lt;br /&gt;
Moodle core capability names start with &#039;moodle/&#039;.  The next word indicates what type of core capability it is, and the last word is the actual capability itself.  The capabilities for the Moodle core are defined in lib/db/access.php&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
#moodle/legacy:guest - legacy capabilities are used to transition existing users to the new roles system during the upgrade to Moodle 1.7&lt;br /&gt;
#moodle/legacy:student&lt;br /&gt;
#moodle/legacy:teacher&lt;br /&gt;
#moodle/legacy:editingteacher&lt;br /&gt;
#moodle/legacy:coursecreator&lt;br /&gt;
#moodle/legacy:admin&lt;br /&gt;
#moodle/site:doanything - special capability, meant for admins, if is set, overrides all other capability settings&lt;br /&gt;
#moodle/site:config - applicable in admin/index.php and config.php (might break down later) : 1)admin/config.php 2)admin/configure.php 3)blocks/admin/block_admin.php load_content_for_site()&lt;br /&gt;
#moodle/site:manageblocks - adding/removing/editing blocks (site, course contexts only for now) : 1)_add_edit_controls moodleblock.class.php &lt;br /&gt;
#moodle/site:backup - can create a course backup : 1)course/category.php 2)block_admin.php&lt;br /&gt;
#moodle/site:restore - can restore into this context : 1)course/category.php 2)block_admin.php&lt;br /&gt;
#moodle/site:import - can import other courses into this context : 1)block_admin.php&lt;br /&gt;
#moodle/site:accessallgroups - able to access all groups irrespective of what group the user is in&lt;br /&gt;
#moodle/site:accessdb - directly accessing db (phpmyadmin)&lt;br /&gt;
#moodle/site:viewfullnames - able to see fullnames of other users&lt;br /&gt;
#moodle/site:viewreports - able to view site/course reports&lt;br /&gt;
#moodle/site:trustcontent - ability to use trusttext feature and bypass cleaning in specific areas&lt;br /&gt;
#moodle/blog:view - read blogs&lt;br /&gt;
#moodle/blog:create - write new blog posts&lt;br /&gt;
#moodle/blog:manageofficialtags - create/delete official blog tags that others can use&lt;br /&gt;
#moodle/blog:managepersonaltags - create/delete official blog tags that others can use&lt;br /&gt;
#moodle/blog:manageentries - edit/delete all blog entries&lt;br /&gt;
#moodle/course:setcurrentsection - mark course section&lt;br /&gt;
#moodle/course:create - create courses : 1)course/edit.php 2)course/category.php 3)course/index.php&lt;br /&gt;
#moodle/course:delete - create courses : 1)course/category.php&lt;br /&gt;
#moodle/course:update - update course settings&lt;br /&gt;
#moodle/course:view - can use this to find participants&lt;br /&gt;
#moodle/course:viewparticipants - allows a user to view participant list&lt;br /&gt;
#moodle/course:viewscales - view scales (i.e. in a help window?) : 1)course/scales.php&lt;br /&gt;
#moodle/course:manageactivities - adding/removing/editing activities and resources (don&#039;t think it makes any sense to split these)&lt;br /&gt;
#moodle/course:managescales - add, delete, edit scales, move scales up and down : 1)blocks/block_admin.php 2)course/scales.php&lt;br /&gt;
#moodle/course:managegroups - managing groups, add, edit, delete : 1)course/groups.php 2)course/group.php&lt;br /&gt;
#moodle/course:managefiles - manage course files and folders&lt;br /&gt;
#moodle/course:managequestions - manage course questions&lt;br /&gt;
#moodle/course:reset - able to reset the course&lt;br /&gt;
#moodle/course:visibility - hide/show courses : 1)course/category.php&lt;br /&gt;
#moodle/course:activityvisibility - hide/show activities within a course&lt;br /&gt;
#moodle/course:viewhiddenactivities - able to see activities that have been hidden&lt;br /&gt;
#moodle/course:sectionvisibility - hide/show sections&lt;br /&gt;
#moodle/course:viewhiddensections - view hidden sections&lt;br /&gt;
#moodle/course:viewcoursegrades - views all grades in course&lt;br /&gt;
#moodle/course:managegrades - manages grades settings in course&lt;br /&gt;
#moodle/category:create - create category : 1)course/index.php&lt;br /&gt;
#moodle/category:delete - delete category : 1)course/index.php&lt;br /&gt;
#moodle/category:update - update category settings : 1)course/category.php&lt;br /&gt;
#moodle/category:visibility - hide/show categories : 1)course/index.php&lt;br /&gt;
#moodle/user:viewusergrades - view your own, or other user&#039;s grades (with specified context)&lt;br /&gt;
#moodle/user:create - create user : 1) user/edit.php&lt;br /&gt;
#moodle/user:delete - delete user : 1) admin/user.php&lt;br /&gt;
#moodle/user:update - update user settings : 1) user/edit.php&lt;br /&gt;
#moodle/user:viewdetails - view personally-identifying user details (e.g. name, photo). This ties in with the &amp;quot;visitor&amp;quot; scenario described below.&lt;br /&gt;
#moodle/calendar:manageownentries - create/edit/delete &lt;br /&gt;
#moodle/calendar:manageentries - create/edit/delete&lt;br /&gt;
#moodle/role:assign - assign roles to users&lt;br /&gt;
#moodle/role:override - can override role capabilities (depending on context)&lt;br /&gt;
#moodle/role:manage - create/edit/delete roles, set capability permissions for each role&lt;br /&gt;
#moodle/question:import - imports questions (course level?) - Yes, question permissions currently need to be course-level.--[[User:Tim Hunt|Tim Hunt]]&lt;br /&gt;
#moodle/question:export - exports questions (course level?)&lt;br /&gt;
#moodle/question:managecateory - add/delete/edit question categories (course level?)&lt;br /&gt;
#moodle/question:manage - add/edit/delete a question (course level)&lt;br /&gt;
&lt;br /&gt;
===User-level Capabilities===&lt;br /&gt;
# moodle/user:readuserposts -read individual user posts on profile page (parent?)&lt;br /&gt;
# moodle/user:readuserblogs -read individual user blogs on profile page (parent?)&lt;br /&gt;
# moodle/user:viewuseractivitiesreport-read individual activity report on profile page (parent?)&lt;br /&gt;
# moodle/user:editprofilt - edit profile (normally used in CONTEXT_USERID and CONTEXT_SYSTEM)&lt;br /&gt;
&lt;br /&gt;
===Module-level Capabilities===&lt;br /&gt;
The capabilities are cached into a database table when a module is installed or updated. Whenever the capability definitions are updated, the module version number should be bumped up so that the database table can be updated.&lt;br /&gt;
&lt;br /&gt;
The naming convention for capabilities that are specific to modules and blocks is &#039;mod/mod_name:capability&#039;.  The part before the colon is the full path to the module in the Moodle code.  The module capabilities are defined in mod/mod_name/db/access.php.&lt;br /&gt;
&lt;br /&gt;
#Assignment&lt;br /&gt;
##mod/assignment:view- reading the assignment description&lt;br /&gt;
##mod/assignment:submit - turn assignment in&lt;br /&gt;
##mod/assignment:grade - grading, viewing of list of submitted assignments&lt;br /&gt;
#Chat&lt;br /&gt;
##mod/chat:chat - allows a user to participate in this chat&lt;br /&gt;
##mod/chat:readlog - allows a user to read past chat session logs&lt;br /&gt;
##mod/chat:deletelog - allows a user to delete past chat logs&lt;br /&gt;
#Choice&lt;br /&gt;
##mod/choice:choose - make a choice&lt;br /&gt;
##mod/choice:readresponses - read all responses&lt;br /&gt;
##mod/choice:deleteresponses - deletes all responses&lt;br /&gt;
##mod/choice:downloadresponses - download responses&lt;br /&gt;
#Database&lt;br /&gt;
##mod/data:readentry - reads other people&#039;s entry&lt;br /&gt;
##mod/data:writeentry - add / edit and delete (own) entries&lt;br /&gt;
##mod/data:managetemplates - add, delete, edit fields and templates&lt;br /&gt;
##mod/data:manageentries - edit/delete all entries&lt;br /&gt;
##mod/data:comment - comment&lt;br /&gt;
##mod/data:managecomments - edit/delete all comments&lt;br /&gt;
##mod/data:rate - rate an entry&lt;br /&gt;
##mod/data:approve - approves an entry&lt;br /&gt;
##mod/data:uploadentries - batch upload of entries&lt;br /&gt;
#Exercise&lt;br /&gt;
##mod/exercise:assess&lt;br /&gt;
#Forum&lt;br /&gt;
##mod/forum:viewforum&lt;br /&gt;
##mod/forum:viewdiscussion&lt;br /&gt;
##mod/forum:viewdiscussionsfromallgroups&lt;br /&gt;
##mod/forum:viewhiddentimedposts&lt;br /&gt;
##mod/forum:startdiscussion&lt;br /&gt;
##mod/forum:replypost&lt;br /&gt;
##mod/forum:viewrating&lt;br /&gt;
##mod/forum:viewanyrating&lt;br /&gt;
##mod/forum:rate&lt;br /&gt;
##mod/forum:createattachment&lt;br /&gt;
##mod/forum:deleteownpost&lt;br /&gt;
##mod/forum:deleteanypost&lt;br /&gt;
##mod/forum:splitdiscussions&lt;br /&gt;
##mod/forum:movediscussions&lt;br /&gt;
##mod/forum:editanypost&lt;br /&gt;
##mod/forum:viewqandawithoutposting&lt;br /&gt;
##mod/forum:viewsubscribers&lt;br /&gt;
##mod/forum:managesubscriptions&lt;br /&gt;
##mod/forum:throttlingapplies&lt;br /&gt;
#Glossary&lt;br /&gt;
##mod/glossary:view - read entries&lt;br /&gt;
##mod/glossary:write - add entries&lt;br /&gt;
##mod/glossary:manageentries - add, edit, delete entries&lt;br /&gt;
##mod/glossary:managecategories - create, delete, edit categories&lt;br /&gt;
##mod/glossary:comment - comment on an entry&lt;br /&gt;
##mod/glossary:managecomments - edit, delete comments&lt;br /&gt;
##mod/glossary:import - import glossaries&lt;br /&gt;
##mod/glossary:export - export glossaries&lt;br /&gt;
##mod/glossary:approve - approve glossaries&lt;br /&gt;
##mod/glossary:rate - rates glossary&lt;br /&gt;
##mod/glossary:viewrating - view ratings&lt;br /&gt;
#Hotpot&lt;br /&gt;
##mod/hotpot:attempt - attempt a hotpot&lt;br /&gt;
##mod/hotpot:viewreport - review and view reports&lt;br /&gt;
##mod/hotpot:grade - (grade? and) regrade&lt;br /&gt;
##mod/hotpot:deleteattempt - deletes attempts&lt;br /&gt;
#Label&lt;br /&gt;
##none&lt;br /&gt;
#Lams&lt;br /&gt;
##TBD&lt;br /&gt;
#Lesson&lt;br /&gt;
##TBD&lt;br /&gt;
#Quiz&lt;br /&gt;
##mod/quiz:grade - comment, override grade, manual grade&lt;br /&gt;
##mod/quiz:preview - previews the quiz&lt;br /&gt;
##mod/quiz:viewreports - view quiz result reports&lt;br /&gt;
##mod/quiz:manage - add/delete/move (up or down) questions for a quiz&lt;br /&gt;
##mod/quiz:attempt - attempt the quiz--[[User:Tim Hunt|Tim Hunt]]&lt;br /&gt;
#Resource&lt;br /&gt;
##mod/resource:view&lt;br /&gt;
#Scorm&lt;br /&gt;
##mod/scorm:view&lt;br /&gt;
##mod/scorm:viewgrades&lt;br /&gt;
#Survey&lt;br /&gt;
##mod/survey:download - downloads survery result&lt;br /&gt;
##mod/survey:participate - participate/ do survey&lt;br /&gt;
##mod/survey:readresponses - read all user&#039;s responese&lt;br /&gt;
#Wiki&lt;br /&gt;
##Waiting on new wiki&lt;br /&gt;
#Workshop&lt;br /&gt;
##Waiting on new Workshop&lt;br /&gt;
&lt;br /&gt;
===Enrolment-level Capabilities===&lt;br /&gt;
&lt;br /&gt;
The naming convention for capabilities that are specific to enrolment is &#039;enrol/enrol_name:capability&#039;. The enrolment capabilities are defined in enrol/enrol_name/db/access.php.&lt;br /&gt;
&lt;br /&gt;
#Authorize.net Payment Gateway &lt;br /&gt;
##enrol/authorize:managepayments - manage user payments, capture, void, refund, delete etc.&lt;br /&gt;
&lt;br /&gt;
===Blocks===&lt;br /&gt;
#activity_modules&lt;br /&gt;
##None&lt;br /&gt;
#admin&lt;br /&gt;
#admin_2&lt;br /&gt;
#admin_bookmarks&lt;br /&gt;
#blog_menu&lt;br /&gt;
#blog_tags&lt;br /&gt;
#calendar_month&lt;br /&gt;
#calendar_upcoming&lt;br /&gt;
#course_list&lt;br /&gt;
#course_summary&lt;br /&gt;
#glossary_random&lt;br /&gt;
#html&lt;br /&gt;
#loancalc&lt;br /&gt;
#login&lt;br /&gt;
#messages&lt;br /&gt;
#news_items&lt;br /&gt;
#online_users&lt;br /&gt;
#participants&lt;br /&gt;
#quiz_results&lt;br /&gt;
#recent_activity&lt;br /&gt;
#rss_client&lt;br /&gt;
#search&lt;br /&gt;
#search_forums&lt;br /&gt;
#section_links&lt;br /&gt;
#site_main_menu&lt;br /&gt;
#social_activities&lt;br /&gt;
&lt;br /&gt;
===Questions===&lt;br /&gt;
I am adding question categories here because they seem to have been forgotten in the whole scheme of things since having been removed from the quiz module itself. I&#039;ve made a suggestion on how these could be handled in [http://www.moodle.org/bugs/bug.php?op=show&amp;amp;bugid=6118&amp;amp;pos= bug 6118].&lt;br /&gt;
&lt;br /&gt;
See [http://moodle.org/mod/forum/discuss.php?d=51143 this forum thread] for a discussion about the current problems wth publishing question categories.[[User:Tim Hunt|Tim Hunt]] 18:50, 8 August 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
==Programming Interface==&lt;br /&gt;
&lt;br /&gt;
Although the Roles system may look complicated at first glance, implementing it in Moodle code is fairly simple.&lt;br /&gt;
&lt;br /&gt;
* You need to define each capability once, so that Moodle can upgrade existing roles to take advantage of it.  You do this in an access.php inside the db folder of any module (eg see mod/forum/db/access.php).  The array contains entries like this (note the descriptions for the legacy roles which provides forward compatibility):&lt;br /&gt;
    &#039;mod/forum:viewforum&#039; =&amp;gt; array(&lt;br /&gt;
        &#039;captype&#039; =&amp;gt; &#039;read&#039;,&lt;br /&gt;
        &#039;contextlevel&#039; =&amp;gt; CONTEXT_MODULE,&lt;br /&gt;
        &#039;legacy&#039; =&amp;gt; array(&lt;br /&gt;
            &#039;guest&#039; =&amp;gt; CAP_PREVENT,&lt;br /&gt;
            &#039;student&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;teacher&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;editingteacher&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;coursecreator&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;admin&#039; =&amp;gt; CAP_ALLOW&lt;br /&gt;
        )&lt;br /&gt;
    ),&lt;br /&gt;
* To load/change these capabilities you need to bump the module version.   There&#039;s no need to provide changes or differences as Moodle will scan the whole array and sort it out.&lt;br /&gt;
* On each page you need to find the context the user is working in, using the get_context_instance() function.  For example, in the forum module:&lt;br /&gt;
&lt;br /&gt;
  $context = get_context_instance(CONTEXT_MODULE, $cm-&amp;gt;id);&lt;br /&gt;
* Then, whenever you want to check that the current user has rights to do something, call has_capability() like this:&lt;br /&gt;
    if (!has_capability(&#039;mod/forum:viewforum&#039;, $context)) {&lt;br /&gt;
        print_error(&#039;nopermissiontoviewforum&#039;);&lt;br /&gt;
    }&lt;br /&gt;
* If you just want to assert a capability and then finish with an error message if it&#039;s not met (as we did above), then a shorter way it to use require_capability() like this:&lt;br /&gt;
&lt;br /&gt;
    require_capability(&#039;mod/forum:viewforum&#039;, $context);&lt;br /&gt;
&lt;br /&gt;
* Note that there are extra parameters you can specify to get a custom error message, otherwise users get an automated &amp;quot;No permissions&amp;quot; message that lists the permission they were missing.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
As a result of the new Roles System, all calls to isadmin(), iscoursecreator, isteacheredit(), isteacher(), isstudent(), and isguest() will have to be replaced with calls to has_capability() or require_capability().   However, these functions will be retained for some backward compatibility with old code, using the legacy capabilities to try and work out what to do.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Problem areas we are working on ==&lt;br /&gt;
&lt;br /&gt;
===Student view===&lt;br /&gt;
&lt;br /&gt;
The &amp;quot;Student view&amp;quot; button has been removed completely.&lt;br /&gt;
&lt;br /&gt;
If there is time and a secure way can be found, it will be replaced by a menu to let the user assume a temporary role in the context of that course.&lt;br /&gt;
&lt;br /&gt;
===Teacher forum===&lt;br /&gt;
&lt;br /&gt;
Teacher forums were always a curious exception to normal forums, as they were not part of a course as such, and were not backed up.&lt;br /&gt;
&lt;br /&gt;
We&#039;re taking the opportunity to rectify this.   The upgrade converts teacher forums with content to normal forums in section 0 of the course, and ensures that only teachers can access them.  If the teacher forum had not been used in the course then it&#039;s not converted and will just dissappear.&lt;br /&gt;
&lt;br /&gt;
===Enrolment plugins===&lt;br /&gt;
&lt;br /&gt;
====Process of logging in====&lt;br /&gt;
&lt;br /&gt;
(more soon)&lt;br /&gt;
&lt;br /&gt;
====Process of checking access to a course====&lt;br /&gt;
&lt;br /&gt;
require_login($course-&amp;gt;id) is called by the script and has logic like this:&lt;br /&gt;
&lt;br /&gt;
# Is the user a guest at site level?&lt;br /&gt;
## Yes: Does the course allow guests?&lt;br /&gt;
### Yes: return true (and further capabilities are checked by the script)&lt;br /&gt;
### No:  send the user to course/enrol.php for enrolment&lt;br /&gt;
## No: continue below&lt;br /&gt;
&lt;br /&gt;
# Does the user have moodle/course:view in that (course) context?&lt;br /&gt;
## Yes: then they can enter (and further capabilities are checked by the script)&lt;br /&gt;
##  No: is guest access allowed on the course?&lt;br /&gt;
### Yes: assign temporary guest role to that user for that context (in session cache).&lt;br /&gt;
### No: send the user to course/enrol.php for enrolment.&lt;br /&gt;
&lt;br /&gt;
====Process of enrolling====&lt;br /&gt;
&lt;br /&gt;
(more soon)&lt;br /&gt;
&lt;br /&gt;
==Scenario brainstorming==&lt;br /&gt;
&lt;br /&gt;
This section is for brainstorming some example roles that we would like to support.  Note some of these *may* not be possible in 1.7.&lt;br /&gt;
&lt;br /&gt;
===Student===&lt;br /&gt;
Has this one been missed?&lt;br /&gt;
&lt;br /&gt;
===Site Designers===&lt;br /&gt;
Is there a role for people involved in how the site looks but not full administrators? Thinking here of online control of themes rather than FTP theme uploading. But in either case they caneditlogos, caneditcss, candeditlevelatwhichthemeapplies.&lt;br /&gt;
&lt;br /&gt;
===Educational Authority Adviser===&lt;br /&gt;
Someone who would want to browse the site and may be asked to comment or contribute to particular discussions or developments in school. Access for this role would be controlled by the school in the case of school level moodles but may be different if there were to be a Local Authority wide Moodle.&lt;br /&gt;
&lt;br /&gt;
===Educational Inspector===&lt;br /&gt;
Someone who will visit the site to verify the school&#039;s self review that comments on home school relationships, extending the classroom etc. They may want to see summaries of usage and reports from surveys garnering parent and pupil views.&lt;br /&gt;
&lt;br /&gt;
===Second Marker / Moderator===&lt;br /&gt;
A teacher within ths site that has access to assignments and quizzes from another teacher&#039;s course for second marking purposes. This may need additional functionality adding to the assignment module so that two sets of grades/feedback can be given to one set of assignments.&lt;br /&gt;
&lt;br /&gt;
===Peer observer of teaching===&lt;br /&gt;
Many institutions encourage peer observation of teaching, to encourage reflection on practice. In online environments this will be similar to moderation or inspection. The peer observer would need to be able to experience the course &amp;quot;as a student&amp;quot;, but also to be able to view summaries of usage, transcripts of interactions (forums/surveys/polls etc), grades assigned (e.g. in assignments).&lt;br /&gt;
&lt;br /&gt;
===External Examiner===&lt;br /&gt;
Has all the rights of inpectors, but would also need to be able to review assignments and feedback, view forums, glossaries etc. However, would not want to post, feedback onto the site at all.&lt;br /&gt;
&lt;br /&gt;
===Parent===&lt;br /&gt;
A parent will have one or more children in one or more institutions which could be using one or more moodle instances or a mixture of Learning Platforms. A parent&#039;s role will vary depending on the age of their children and whether they are contributing as a parent or a school supporter.&lt;br /&gt;
&lt;br /&gt;
In Early Years (EY=3+4 yr olds) and Key Stage 1 (KS1=5+6 yr olds) they may play/learn on an activity or write for the child. Parents often interpret homework tasks and read to their children perhaps filling in a joint reading diary. In Key Stage 2 (KS2=7-11 yr olds) parents would be more monitoring but may join in as well.&lt;br /&gt;
&lt;br /&gt;
In Key stages 3 (KS3=12-14 yr olds) and 4 (KS4=15+16 yr olds) this changes to more of a monitoring/awareness role where a parent would expect to have a summary report of attendance, attainment and general achievement on a weekly/monthly/termly or annual basis. Parents will often be asked to sign and write back comments about this review report.&lt;br /&gt;
&lt;br /&gt;
In all Key Stages there is a great need for parents to receive communication from the school which they can confirm they have received by signing a form. In some cases this may also involve making choices from a list. It may also involve payment for a trip or disco being returned so there could be the possibility of electronic payments. Also in all Key Satges there may be a home-school agreement which may be signed up to. Could this form part of a site policy system that incorporates a tickable list of activities the parent agrees to the child using (blogs/wikis/forums etc.)?&lt;br /&gt;
&lt;br /&gt;
Parent&#039;s evenings often involve complex booking systems that attempt to get parent&#039;s and teachers together. Easy for EY/KS1/KS2 very difficult for KS3/KS4. Wow would this help if it was built into the Learning Platform.&lt;br /&gt;
&lt;br /&gt;
In some cases there needs to be confidential communication between the parent and the teacher without the child being party to this. It may involve teaching and learning but could also involve a behaviour or medical issue. Often this may be done via a sealed letter or face to face. &lt;br /&gt;
&lt;br /&gt;
The latest incarnation of OfSTED with the Self Review Framework (SEF) there is a greater emphasis on schools gathering parent voice via surveys and discussion. There is a clear match here with parents have access to parental votes, questionnaires and discussions and for schools to be able to publish news, results and reports back to parents.&lt;br /&gt;
&lt;br /&gt;
In the UK the LP framework and agenda as being pushed by the DfES via Becta emphasises that within the mandatory groups and roles functionality the parent role is likely to be required to meet the LP Framework procurement standard.&lt;br /&gt;
&lt;br /&gt;
Again in the UK, parents have their own independent right of access to a child&#039;s educational records. Obviously, children&#039;s records must not be made available to other parties, including the parents of other children in the same class. Thus it would be necessary to associate parent accounts with their own child&#039;s accounts in such a way that they could, if so desired, have read access to their child&#039;s grades, answers and contributions, but generally not those of other children - this may be problematic in the case of wiki activities or forum posts.&lt;br /&gt;
&lt;br /&gt;
There is some concern that children&#039;s forum contributions etc may be constrained if their parents are able to read all that they write; this may be particularly problematic in areas such as Personal, Social and Health Education (PSHE), where some schools may choose to use obfuscated usernames.&lt;br /&gt;
&lt;br /&gt;
===Manager===&lt;br /&gt;
&#039;&#039;Please add text here...&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Weekly Seminar Leader===&lt;br /&gt;
&#039;&#039;In a university seminar, typically 8-15 students in their 3rd/4th year, each student is responsible for leading one topic in a study series.  I ask each student to research 5-10 resources, then give a powerpoint presentation to the other students.  This is followed by an in-class discussion and then online homework.  The homework involves some fun quiz questions and then some reflective journal questions.  I ask each seminar leader to prepare the quiz questions and journal questions as well as their presentation.  To do that, I would like to assign activity-making/authoring roles to the student--either for a short period, or for duration of the whole course.  Thus &amp;quot;Allow Quiz Authoring Role&amp;quot; or &amp;quot;Allow Assignment Authoring Role&amp;quot; at the course level or, if possible, even the Topic level (in a topic or week format course) would be important.&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Mentor/Mentee===&lt;br /&gt;
&#039;&#039;Please add text here...&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Community-Designed Rating Criteria===&lt;br /&gt;
&#039;&#039;The gradebook tends to be the domain of the teacher.  What if community/peer ratings/marks could also be entered there? What if peer assessment criteria could be designed by the students, not just the teacher?&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Visitor===&lt;br /&gt;
&lt;br /&gt;
This would be a role whereby one could allow a visitor to visit one&#039;s classroom. This might be a colleague interested in seeing your course, or a journalist who might be writing an article about one&#039;s site. They should not be able to see the names of any students anywhere (eg recent activity, forum posts) for privacy reasons. They should be able to try out things like quizzes, and lessons but no grades would be recorded (like in teacher preview mode). They would not be able to participate in choices and forums but could view them. It would be read only in a way like former-student role below but without access to a particular student&#039;s records that former student role would grant.&lt;br /&gt;
&lt;br /&gt;
===Guest Speaker===&lt;br /&gt;
&lt;br /&gt;
This role would be similar to the Visitor role above, but would allow seeing student names, and also allow both reading and posting to a specific forum or forums. We often have &amp;quot;guest speakers&amp;quot; who read and respond to student forum posts. Right now we have to add them as students, which isn&#039;t ideal.&lt;br /&gt;
&lt;br /&gt;
===Former Student===&lt;br /&gt;
This role would be of particular use for courses with rolling enrollments. This role would be one where a student had completed all of the requirements of a course (ie assignments, quizzes etc.) but wished to have continued access to the course material for review or consultation. The key factor is that one would give access to the completed student to the notes he read, his work and the teacher&#039;s comments on it, but he would not be allowed to do anything that would take up the teacher&#039;s time. In other words, a sort-of read-only access to the course. How forums, which might contain pertinent information and would continue to grow, would be handled is a question. Perhaps the student would be shown only what was in the forums at the time he completed the course. He would not be allowed to see any new posts or add any himself. Same thing for database and glossary entries. In other words, a snapshot of the course at the time his regular enrollment ended. He shouldn&#039;t be able to see the names or profiles of any newly enrolled students for privacy reasons-hence the restrictions on forum access. One issue that would have to be dealt with would be changes to existing modules-such as resources. Does the student get access to the module as it was or as it is? We have no versioning of resources in Moodle so this would be a problem. What about a teacher changing a quiz question so that the answer is different? What would a former student see?&lt;br /&gt;
&lt;br /&gt;
===Alumnus=== An ALUMNUS should be able to search for all other ALUMNI of the school, interact with them and be enrolled in a seperate course - which is like a META course with all the content of his learning and interaction - as well as capabilities to be a part of this ALUMNI only course.  All the teachers of courses during school years should automatically be a part of the ALUMNI course .. which means when an ALUMNUS is enrolled in a course, the original teachers of all his courses get enrolled ?  --[[User:Anil Sharma|Anil Sharma]] 20:54, 15 July 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Librarian===&lt;br /&gt;
&lt;br /&gt;
Reference Librarians have an active role in most of the courses taught at Earlham College (with Bibliographic Instruction). The Librarian role within Moodle could encompass default read access to all courses (unless prohibited by course teacher) and read access to all components of the course unless access is barred (again by teacher). The Librarians would also perhaps have a block called perhaps Reference Services or Reference Desk with write access where they could deposit resources. Also this block might have a chat applet whereby enrolled students could chat to the Reference Librarian on duty about their bibliographic research needs.&lt;br /&gt;
&lt;br /&gt;
In schools there is often a book review system. This may be covered by the lending system database but may not in which case a librarian may neeed to have a course area they can create a database template to handle the reviews in which case they may have a normal teacher style role? Off topic but course an integration with common schools database systems would be great.&lt;br /&gt;
&lt;br /&gt;
===Teacher===&lt;br /&gt;
&lt;br /&gt;
Teachers should have read access to other Teacher&#039;s courses unless explictly prohibited. They should be able to set parts of their own course to be totally private (perhaps even to admin?). Just as each activity can currently be set to have group access, each activity could have a permissions field. Teachers could set default permissions for all activities on their course (eg they might disallow Librarian access for example) and then change the access permission for an individual activity. &lt;br /&gt;
&lt;br /&gt;
I think that what is needed is a simple heirarchy of permissions and levels of granularity.&lt;br /&gt;
&lt;br /&gt;
I would take issue with &amp;quot;teachers should have read access to other teacher&#039;s courses unless explicitly prohibited.&amp;quot; This is a violation of the students&#039; privacy as how they perform and what they do in one class isn&#039;t the business of another teacher. Moreover, in the real world a teacher wouldn&#039;t suddenly go sit in on a colleague&#039;s class without asking permission first. I would not have appreciated such an invasion of privacy as either a teacher or a student. It could be an option, but shouldn&#039;t be default.--[[User:N Hansen|N Hansen]] 19:54, 12 June 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Community Education Tutors/Trainers===&lt;br /&gt;
Teachers may be community adult education trainers making use of a school moodle so must only have access to their courses unless given access elsewhere. They would not necessarily get the default teacher privileges.&lt;br /&gt;
&lt;br /&gt;
===Secretary/Student Worker===&lt;br /&gt;
&lt;br /&gt;
We often have faculty who want their departmental secretary or student worker to scan and upload files and perhaps create resources. Currently they have to be given teacher access to the course. This is dangerous from a FERPA standpoint since they could easily get access to grades.&lt;br /&gt;
&lt;br /&gt;
===Teaching Assistant===&lt;br /&gt;
&lt;br /&gt;
Our Faculty frequently have undergraduate students acting as Teaching Assistants. These students need to be able to add resources, create assignments, and possibly grade assignments. However, due to FERPA they cannot have access to other students&#039; overall grade information. I think the requirements here are slightly different than those of Secretary/Student Worker&lt;br /&gt;
&lt;br /&gt;
===Student - FERPA rights===&lt;br /&gt;
&lt;br /&gt;
A student that has asserted their FERPA rights to non-disclosure.  Typically includes not publishing their name&lt;br /&gt;
in any public place.  Could include this student only being seen with an &amp;quot;alias&amp;quot; within course spaces.  Is this an attribute rather&lt;br /&gt;
than a role?&lt;br /&gt;
&lt;br /&gt;
===Help Desk===&lt;br /&gt;
&lt;br /&gt;
Help desk agents that have read access for the purposes of trouble shooting.  Some care in placing this role within a hierarchy&lt;br /&gt;
of inheritance is needed, full access will be problematic with FERPA.&lt;br /&gt;
&lt;br /&gt;
===Admin - Catgory based===&lt;br /&gt;
&lt;br /&gt;
Basically a person in between full Admin and Creator that has the permissions of an Admin but only with respect to courses and students. Currently a Creator has permissions site-wide which does not always meet the requirements of a given organisation (e.g. Department A may not be happy that a person from Department B can create/modify courses within Department A&#039;s area). The ability to designate a Creator within a specific category would allow areas to be set up for a faculty/department/organisation and allow the Admin for that area to create/delete courses, upload users, add site-wide entries to the calendar etc.&lt;br /&gt;
&lt;br /&gt;
===PROCESS ROLES===&lt;br /&gt;
&lt;br /&gt;
organising the learning process for a group you wish to have the choice to place students in differnt roles: examples of this are:&lt;br /&gt;
&amp;lt;li&amp;gt;1. Give a student the role of forum-moderator with edit and chunk-rights&lt;br /&gt;
&amp;lt;li&amp;gt;2. Give students different roles &amp;amp; rights in a Webquest design (and change these roles next week&lt;br /&gt;
&amp;lt;li&amp;gt;3. Give students different resources, depending of their roles in a rolegame/simulation&lt;br /&gt;
&amp;lt;li&amp;gt;4. Give a student the rights to create the section content of next week (and only that week..)&lt;br /&gt;
&amp;lt;li&amp;gt;5. ..&lt;br /&gt;
&lt;br /&gt;
==See also==&lt;br /&gt;
&lt;br /&gt;
*Using Moodle [http://moodle.org/mod/forum/discuss.php?d=38788 Roles and Permissions architecture] forum discussion&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[Category:Future]]&lt;br /&gt;
[[Category:Roles]]&lt;br /&gt;
&lt;br /&gt;
[[ru:Роли]]&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Roles&amp;diff=3086</id>
		<title>Roles</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Roles&amp;diff=3086"/>
		<updated>2006-09-05T06:47:33Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* Core-level Capabilities */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&#039;&#039;&#039;Roles and permissions&#039;&#039;&#039; will be in Moodle 1.7 and are available in the developer version of Moodle.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Definitions==&lt;br /&gt;
&lt;br /&gt;
A role is an identifier of the user&#039;s status in some context, for example, teacher, student and forum moderator are examples of roles.&lt;br /&gt;
&lt;br /&gt;
A capability is a description of some particular Moodle feature. Capabilities are associated with roles. For example, &#039;&#039;mod/forum:replypost&#039;&#039; is a capability.&lt;br /&gt;
&lt;br /&gt;
A permission is some value that is assigned for a capability for a particular role.  For example, allow or prevent.&lt;br /&gt;
&lt;br /&gt;
A context is a &amp;quot;space&amp;quot; in the Moodle, such as courses, activity modules, blocks etc.&lt;br /&gt;
&lt;br /&gt;
==The existing system==&lt;br /&gt;
&lt;br /&gt;
Currently in Moodle, we have a fixed set of roles i.e. primary admin, admins, course creators, editing teachers, non-editing teachers, students, and guests. For each role, the capability or actions that they can performed are fixed. For example, the role student allows the user to submit an assignment, but doesn&#039;t allow the user to browse/edit other users&#039; work. By using this setup we limit ourselves to a rather rigid set of capabilities for each role. If we want, say a particular student or group to be able to mark assignments in a particular course, we can&#039;t do that without giving these users teacher privileges.&lt;br /&gt;
&lt;br /&gt;
==The new roles and capability system==&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{{Moodle 1.7}}The new system will allow authorized users to define an arbitrary number of roles (eg a teacher) &lt;br /&gt;
&lt;br /&gt;
A role consists of a list of permissions for different possible actions within Moodle (eg delete discussions, add activities etc)&lt;br /&gt;
&lt;br /&gt;
Roles can be applied to users in a context (eg assign Fred as a teacher in a particular course)&lt;br /&gt;
&lt;br /&gt;
Here are the possible contexts, listed from the most general to the most specific. &lt;br /&gt;
&lt;br /&gt;
#CONTEXT_SYSTEM&lt;br /&gt;
#CONTEXT_PERSONAL&lt;br /&gt;
#CONTEXT_USERID&lt;br /&gt;
#CONTEXT_COURSECAT&lt;br /&gt;
#CONTEXT_COURSE&lt;br /&gt;
#CONTEXT_GROUP&lt;br /&gt;
#CONTEXT_MODULE&lt;br /&gt;
#CONTEXT_BLOCK&lt;br /&gt;
&lt;br /&gt;
An authorized user will be able to assign an arbitrary number of roles to each user in any context.&lt;br /&gt;
&lt;br /&gt;
Capabilities can have the following permissions:&lt;br /&gt;
&lt;br /&gt;
#CAP_INHERIT&lt;br /&gt;
#CAP_ALLOW&lt;br /&gt;
#CAP_PREVENT&lt;br /&gt;
#CAP_PROHIBIT&lt;br /&gt;
&lt;br /&gt;
If no permission is defined, then the capability permission is inherited from a context that is more general than the current context. If we define different permission values for the same capability in different contexts, we say that we are overriding the capability in the more specific context.&lt;br /&gt;
&lt;br /&gt;
Since the capabilities in each role could be different, there could be conflict in capabilities. This is resolved by enforcing the rule that the capability defined for a more specific context will win, unless a prohibit is encountered in a less specific context.&lt;br /&gt;
&lt;br /&gt;
For example, Mark has a student role at course level, which allows him to write into a wiki. But Mark also got assigned a Visitor role at a module context level (for a particular wiki) which prevents him from writing to the wiki (read only). Therefore, for this particular wiki, Mark will not be able to write to the wiki since the more specific context wins.&lt;br /&gt;
&lt;br /&gt;
If we set a prohibit on a capability, it means that the capability cannot be overridden and will always have a permission of prevent (deny). Prohibit always wins. For example, Jeff has a naughty student role that prohibits him from postings in any forums (for the whole site), but he&#039;s also assigned a facilitator role in &amp;quot;Science forum&amp;quot; in the course Science and Math 101. Since prohibit always wins, Jeff is unable to post in &amp;quot;Science forum&amp;quot;.&lt;br /&gt;
&lt;br /&gt;
Allow and prevent will cancel each other out if set for the same capability at the same context level. If this happens, we refer to the previous context level to determine the permission for the capability.&lt;br /&gt;
&lt;br /&gt;
This may sound more complex than it really is in practice.  The upshot is that the system can be flexible enough to allow any combination of permissions.&lt;br /&gt;
&lt;br /&gt;
==Upgrading from 1.6==&lt;br /&gt;
&lt;br /&gt;
A smooth upgrade will be provided with 1.7. The existing roles (admin, teacher, student, etc), and the existing capabilities will be automatically retained.  This is done by creating default roles at site/course levels, and assigning the current users to these roles accordingly. The default roles will have default capabilities associated with them, mirroring what we have  in 1.6.   With no modifications, Moodle will operate exactly the same before and after the upgrade.&lt;br /&gt;
&lt;br /&gt;
===Teachers===&lt;br /&gt;
&lt;br /&gt;
Users who were teachers will be assigned the default legacy teacher role (or non-editing teacher role) in all courses they were teacher.&lt;br /&gt;
&lt;br /&gt;
===Students===&lt;br /&gt;
&lt;br /&gt;
Users who were students will be assigned the default student role in all courses they were student.&lt;br /&gt;
&lt;br /&gt;
===Guests===&lt;br /&gt;
&lt;br /&gt;
There will still be a single guest user with no default role at site level.   For each course that allows guest access, the guest role will be assigned to the guest user for that course context.   The guest control for the course will be modified from three to two options (guests always need to enter enrolment key - on/off).  This setting is checked as now to force guests to enter key.&lt;br /&gt;
&lt;br /&gt;
==Capabilities==&lt;br /&gt;
&lt;br /&gt;
This will be a comprehensive list of capabilities (it&#039;s not complete yet). It is important that capability names are unique.&lt;br /&gt;
&lt;br /&gt;
===Core-level Capabilities===&lt;br /&gt;
&lt;br /&gt;
Moodle core capability names start with &#039;moodle/&#039;.  The next word indicates what type of core capability it is, and the last word is the actual capability itself.  The capabilities for the Moodle core are defined in lib/db/access.php&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
#moodle/legacy:guest - legacy capabilities are used to transition existing users to the new roles system during the upgrade to Moodle 1.7&lt;br /&gt;
#moodle/legacy:student&lt;br /&gt;
#moodle/legacy:teacher&lt;br /&gt;
#moodle/legacy:editingteacher&lt;br /&gt;
#moodle/legacy:coursecreator&lt;br /&gt;
#moodle/legacy:admin&lt;br /&gt;
#moodle/site:doanything - special capability, meant for admins, if is set, overrides all other capability settings&lt;br /&gt;
#moodle/site:config - applicable in admin/index.php and config.php (might break down later) : 1)admin/config.php 2)admin/configure.php 3)blocks/admin/block_admin.php load_content_for_site()&lt;br /&gt;
#moodle/site:manageblocks - adding/removing/editing blocks (site, course contexts only for now) : 1)_add_edit_controls moodleblock.class.php &lt;br /&gt;
#moodle/site:backup - can create a course backup : 1)course/category.php 2)block_admin.php&lt;br /&gt;
#moodle/site:restore - can restore into this context : 1)course/category.php 2)block_admin.php&lt;br /&gt;
#moodle/site:import - can import other courses into this context : 1)block_admin.php&lt;br /&gt;
#moodle/site:accessallgroups - able to access all groups irrespective of what group the user is in&lt;br /&gt;
#moodle/site:accessdb - directly accessing db (phpmyadmin)&lt;br /&gt;
#moodle/site:viewfullnames - able to see fullnames of other users&lt;br /&gt;
#moodle/site:viewreports - able to view site/course reports&lt;br /&gt;
#moodle/site:trustcontent - ability to use trusttext feature and bypass cleaning in specific areas&lt;br /&gt;
#moodle/blog:view - read blogs&lt;br /&gt;
#moodle/blog:create - write new blog posts&lt;br /&gt;
#moodle/blog:manageofficialtags - create/delete official blog tags that others can use&lt;br /&gt;
#moodle/blog:managepersonaltags - create/delete official blog tags that others can use&lt;br /&gt;
#moodle/blog:manageentries - edit/delete all blog entries&lt;br /&gt;
#moodle/course:setcurrentsection - mark course section&lt;br /&gt;
#moodle/course:create - create courses : 1)course/edit.php 2)course/category.php 3)course/index.php&lt;br /&gt;
#moodle/course:delete - create courses : 1)course/category.php&lt;br /&gt;
#moodle/course:update - update course settings&lt;br /&gt;
#moodle/course:view - can use this to find participants&lt;br /&gt;
#moodle/course:viewparticipants - allows a user to view participant list&lt;br /&gt;
#moodle/course:viewscales - view scales (i.e. in a help window?) : 1)course/scales.php&lt;br /&gt;
#moodle/course:manageactivities - adding/removing/editing activities and resources (don&#039;t think it makes any sense to split these)&lt;br /&gt;
#moodle/course:managescales - add, delete, edit scales, move scales up and down : 1)blocks/block_admin.php 2)course/scales.php&lt;br /&gt;
#moodle/course:managegroups - managing groups, add, edit, delete : 1)course/groups.php 2)course/group.php&lt;br /&gt;
#moodle/course:managefiles - manage course files and folders&lt;br /&gt;
#moodle/course:managequestions - manage course questions&lt;br /&gt;
#moodle/course:reset - able to reset the course&lt;br /&gt;
#moodle/course:visibility - hide/show courses : 1)course/category.php&lt;br /&gt;
#moodle/course:activityvisibility - hide/show activities within a course&lt;br /&gt;
#moodle/course:viewhiddenactivities - able to see activities that have been hidden&lt;br /&gt;
#moodle/course:sectionvisibility - hide/show sections&lt;br /&gt;
#moodle/course:viewhiddensections - view hidden sections&lt;br /&gt;
#moodle/course:viewcoursegrades - views all grades in course&lt;br /&gt;
#moodle/course:managegrades - manages grades settings in course&lt;br /&gt;
#moodle/category:create - create category : 1)course/index.php&lt;br /&gt;
#moodle/category:delete - delete category : 1)course/index.php&lt;br /&gt;
#moodle/category:update - update category settings : 1)course/category.php&lt;br /&gt;
#moodle/category:visibility - hide/show categories : 1)course/index.php&lt;br /&gt;
#moodle/user:viewusergrades - view your own, or other user&#039;s grades (with specified context)&lt;br /&gt;
#moodle/user:create - create user : 1) user/edit.php&lt;br /&gt;
#moodle/user:delete - delete user : 1) admin/user.php&lt;br /&gt;
#moodle/user:update - update user settings : 1) user/edit.php&lt;br /&gt;
#moodle/user:viewdetails - view personally-identifying user details (e.g. name, photo). This ties in with the &amp;quot;visitor&amp;quot; scenario described below.&lt;br /&gt;
#moodle/calendar:manageownentries - create/edit/delete &lt;br /&gt;
#moodle/calendar:manageentries - create/edit/delete&lt;br /&gt;
#moodle/role:assign - assign roles to users&lt;br /&gt;
#moodle/role:override - can override role capabilities (depending on context)&lt;br /&gt;
#moodle/role:manage - create/edit/delete roles, set capability permissions for each role&lt;br /&gt;
#moodle/question:import - imports questions (course level?) - Yes, question permissions currently need to be course-level.--[[User:Tim Hunt|Tim Hunt]]&lt;br /&gt;
#moodle/question:export - exports questions (course level?)&lt;br /&gt;
#moodle/question:managecateory - add/delete/edit question categories (course level?)&lt;br /&gt;
#moodle/question:manage - add/edit/delete a question (course level)&lt;br /&gt;
&lt;br /&gt;
===User-level Capabilities===&lt;br /&gt;
# moodle/user:readuserposts -read individual user posts on profile page (parent?)&lt;br /&gt;
# moodle/user:readuserblogs -read individual user blogs on profile page (parent?)&lt;br /&gt;
# moodle/user:viewuseractivitiesreport-read individual activity report on profile page (parent?)&lt;br /&gt;
&lt;br /&gt;
===Module-level Capabilities===&lt;br /&gt;
The capabilities are cached into a database table when a module is installed or updated. Whenever the capability definitions are updated, the module version number should be bumped up so that the database table can be updated.&lt;br /&gt;
&lt;br /&gt;
The naming convention for capabilities that are specific to modules and blocks is &#039;mod/mod_name:capability&#039;.  The part before the colon is the full path to the module in the Moodle code.  The module capabilities are defined in mod/mod_name/db/access.php.&lt;br /&gt;
&lt;br /&gt;
#Assignment&lt;br /&gt;
##mod/assignment:view- reading the assignment description&lt;br /&gt;
##mod/assignment:submit - turn assignment in&lt;br /&gt;
##mod/assignment:grade - grading, viewing of list of submitted assignments&lt;br /&gt;
#Chat&lt;br /&gt;
##mod/chat:chat - allows a user to participate in this chat&lt;br /&gt;
##mod/chat:readlog - allows a user to read past chat session logs&lt;br /&gt;
##mod/chat:deletelog - allows a user to delete past chat logs&lt;br /&gt;
#Choice&lt;br /&gt;
##mod/choice:choose - make a choice&lt;br /&gt;
##mod/choice:readresponses - read all responses&lt;br /&gt;
##mod/choice:deleteresponses - deletes all responses&lt;br /&gt;
##mod/choice:downloadresponses - download responses&lt;br /&gt;
#Database&lt;br /&gt;
##mod/data:readentry - reads other people&#039;s entry&lt;br /&gt;
##mod/data:writeentry - add / edit and delete (own) entries&lt;br /&gt;
##mod/data:managetemplates - add, delete, edit fields and templates&lt;br /&gt;
##mod/data:manageentries - edit/delete all entries&lt;br /&gt;
##mod/data:comment - comment&lt;br /&gt;
##mod/data:managecomments - edit/delete all comments&lt;br /&gt;
##mod/data:rate - rate an entry&lt;br /&gt;
##mod/data:approve - approves an entry&lt;br /&gt;
##mod/data:uploadentries - batch upload of entries&lt;br /&gt;
#Exercise&lt;br /&gt;
##mod/exercise:assess&lt;br /&gt;
#Forum&lt;br /&gt;
##mod/forum:viewforum&lt;br /&gt;
##mod/forum:viewdiscussion&lt;br /&gt;
##mod/forum:viewdiscussionsfromallgroups&lt;br /&gt;
##mod/forum:viewhiddentimedposts&lt;br /&gt;
##mod/forum:startdiscussion&lt;br /&gt;
##mod/forum:replypost&lt;br /&gt;
##mod/forum:viewrating&lt;br /&gt;
##mod/forum:viewanyrating&lt;br /&gt;
##mod/forum:rate&lt;br /&gt;
##mod/forum:createattachment&lt;br /&gt;
##mod/forum:deleteownpost&lt;br /&gt;
##mod/forum:deleteanypost&lt;br /&gt;
##mod/forum:splitdiscussions&lt;br /&gt;
##mod/forum:movediscussions&lt;br /&gt;
##mod/forum:editanypost&lt;br /&gt;
##mod/forum:viewqandawithoutposting&lt;br /&gt;
##mod/forum:viewsubscribers&lt;br /&gt;
##mod/forum:managesubscriptions&lt;br /&gt;
##mod/forum:throttlingapplies&lt;br /&gt;
#Glossary&lt;br /&gt;
##mod/glossary:view - read entries&lt;br /&gt;
##mod/glossary:write - add entries&lt;br /&gt;
##mod/glossary:manageentries - add, edit, delete entries&lt;br /&gt;
##mod/glossary:managecategories - create, delete, edit categories&lt;br /&gt;
##mod/glossary:comment - comment on an entry&lt;br /&gt;
##mod/glossary:managecomments - edit, delete comments&lt;br /&gt;
##mod/glossary:import - import glossaries&lt;br /&gt;
##mod/glossary:export - export glossaries&lt;br /&gt;
##mod/glossary:approve - approve glossaries&lt;br /&gt;
##mod/glossary:rate - rates glossary&lt;br /&gt;
##mod/glossary:viewrating - view ratings&lt;br /&gt;
#Hotpot&lt;br /&gt;
##mod/hotpot:attempt - attempt a hotpot&lt;br /&gt;
##mod/hotpot:viewreport - review and view reports&lt;br /&gt;
##mod/hotpot:grade - (grade? and) regrade&lt;br /&gt;
##mod/hotpot:deleteattempt - deletes attempts&lt;br /&gt;
#Label&lt;br /&gt;
##none&lt;br /&gt;
#Lams&lt;br /&gt;
##TBD&lt;br /&gt;
#Lesson&lt;br /&gt;
##TBD&lt;br /&gt;
#Quiz&lt;br /&gt;
##mod/quiz:grade - comment, override grade, manual grade&lt;br /&gt;
##mod/quiz:preview - previews the quiz&lt;br /&gt;
##mod/quiz:viewreports - view quiz result reports&lt;br /&gt;
##mod/quiz:manage - add/delete/move (up or down) questions for a quiz&lt;br /&gt;
##mod/quiz:attempt - attempt the quiz--[[User:Tim Hunt|Tim Hunt]]&lt;br /&gt;
#Resource&lt;br /&gt;
##mod/resource:view&lt;br /&gt;
#Scorm&lt;br /&gt;
##mod/scorm:view&lt;br /&gt;
##mod/scorm:viewgrades&lt;br /&gt;
#Survey&lt;br /&gt;
##mod/survey:download - downloads survery result&lt;br /&gt;
##mod/survey:participate - participate/ do survey&lt;br /&gt;
##mod/survey:readresponses - read all user&#039;s responese&lt;br /&gt;
#Wiki&lt;br /&gt;
##Waiting on new wiki&lt;br /&gt;
#Workshop&lt;br /&gt;
##Waiting on new Workshop&lt;br /&gt;
&lt;br /&gt;
===Enrolment-level Capabilities===&lt;br /&gt;
&lt;br /&gt;
The naming convention for capabilities that are specific to enrolment is &#039;enrol/enrol_name:capability&#039;. The enrolment capabilities are defined in enrol/enrol_name/db/access.php.&lt;br /&gt;
&lt;br /&gt;
#Authorize.net Payment Gateway &lt;br /&gt;
##enrol/authorize:managepayments - manage user payments, capture, void, refund, delete etc.&lt;br /&gt;
&lt;br /&gt;
===Blocks===&lt;br /&gt;
#activity_modules&lt;br /&gt;
##None&lt;br /&gt;
#admin&lt;br /&gt;
#admin_2&lt;br /&gt;
#admin_bookmarks&lt;br /&gt;
#blog_menu&lt;br /&gt;
#blog_tags&lt;br /&gt;
#calendar_month&lt;br /&gt;
#calendar_upcoming&lt;br /&gt;
#course_list&lt;br /&gt;
#course_summary&lt;br /&gt;
#glossary_random&lt;br /&gt;
#html&lt;br /&gt;
#loancalc&lt;br /&gt;
#login&lt;br /&gt;
#messages&lt;br /&gt;
#news_items&lt;br /&gt;
#online_users&lt;br /&gt;
#participants&lt;br /&gt;
#quiz_results&lt;br /&gt;
#recent_activity&lt;br /&gt;
#rss_client&lt;br /&gt;
#search&lt;br /&gt;
#search_forums&lt;br /&gt;
#section_links&lt;br /&gt;
#site_main_menu&lt;br /&gt;
#social_activities&lt;br /&gt;
&lt;br /&gt;
===Questions===&lt;br /&gt;
I am adding question categories here because they seem to have been forgotten in the whole scheme of things since having been removed from the quiz module itself. I&#039;ve made a suggestion on how these could be handled in [http://www.moodle.org/bugs/bug.php?op=show&amp;amp;bugid=6118&amp;amp;pos= bug 6118].&lt;br /&gt;
&lt;br /&gt;
See [http://moodle.org/mod/forum/discuss.php?d=51143 this forum thread] for a discussion about the current problems wth publishing question categories.[[User:Tim Hunt|Tim Hunt]] 18:50, 8 August 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
==Programming Interface==&lt;br /&gt;
&lt;br /&gt;
Although the Roles system may look complicated at first glance, implementing it in Moodle code is fairly simple.&lt;br /&gt;
&lt;br /&gt;
* You need to define each capability once, so that Moodle can upgrade existing roles to take advantage of it.  You do this in an access.php inside the db folder of any module (eg see mod/forum/db/access.php).  The array contains entries like this (note the descriptions for the legacy roles which provides forward compatibility):&lt;br /&gt;
    &#039;mod/forum:viewforum&#039; =&amp;gt; array(&lt;br /&gt;
        &#039;captype&#039; =&amp;gt; &#039;read&#039;,&lt;br /&gt;
        &#039;contextlevel&#039; =&amp;gt; CONTEXT_MODULE,&lt;br /&gt;
        &#039;legacy&#039; =&amp;gt; array(&lt;br /&gt;
            &#039;guest&#039; =&amp;gt; CAP_PREVENT,&lt;br /&gt;
            &#039;student&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;teacher&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;editingteacher&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;coursecreator&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;admin&#039; =&amp;gt; CAP_ALLOW&lt;br /&gt;
        )&lt;br /&gt;
    ),&lt;br /&gt;
* To load/change these capabilities you need to bump the module version.   There&#039;s no need to provide changes or differences as Moodle will scan the whole array and sort it out.&lt;br /&gt;
* On each page you need to find the context the user is working in, using the get_context_instance() function.  For example, in the forum module:&lt;br /&gt;
&lt;br /&gt;
  $context = get_context_instance(CONTEXT_MODULE, $cm-&amp;gt;id);&lt;br /&gt;
* Then, whenever you want to check that the current user has rights to do something, call has_capability() like this:&lt;br /&gt;
    if (!has_capability(&#039;mod/forum:viewforum&#039;, $context)) {&lt;br /&gt;
        print_error(&#039;nopermissiontoviewforum&#039;);&lt;br /&gt;
    }&lt;br /&gt;
* If you just want to assert a capability and then finish with an error message if it&#039;s not met (as we did above), then a shorter way it to use require_capability() like this:&lt;br /&gt;
&lt;br /&gt;
    require_capability(&#039;mod/forum:viewforum&#039;, $context);&lt;br /&gt;
&lt;br /&gt;
* Note that there are extra parameters you can specify to get a custom error message, otherwise users get an automated &amp;quot;No permissions&amp;quot; message that lists the permission they were missing.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
As a result of the new Roles System, all calls to isadmin(), iscoursecreator, isteacheredit(), isteacher(), isstudent(), and isguest() will have to be replaced with calls to has_capability() or require_capability().   However, these functions will be retained for some backward compatibility with old code, using the legacy capabilities to try and work out what to do.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Problem areas we are working on ==&lt;br /&gt;
&lt;br /&gt;
===Student view===&lt;br /&gt;
&lt;br /&gt;
The &amp;quot;Student view&amp;quot; button has been removed completely.&lt;br /&gt;
&lt;br /&gt;
If there is time and a secure way can be found, it will be replaced by a menu to let the user assume a temporary role in the context of that course.&lt;br /&gt;
&lt;br /&gt;
===Teacher forum===&lt;br /&gt;
&lt;br /&gt;
Teacher forums were always a curious exception to normal forums, as they were not part of a course as such, and were not backed up.&lt;br /&gt;
&lt;br /&gt;
We&#039;re taking the opportunity to rectify this.   The upgrade converts teacher forums with content to normal forums in section 0 of the course, and ensures that only teachers can access them.  If the teacher forum had not been used in the course then it&#039;s not converted and will just dissappear.&lt;br /&gt;
&lt;br /&gt;
===Enrolment plugins===&lt;br /&gt;
&lt;br /&gt;
====Process of logging in====&lt;br /&gt;
&lt;br /&gt;
(more soon)&lt;br /&gt;
&lt;br /&gt;
====Process of checking access to a course====&lt;br /&gt;
&lt;br /&gt;
require_login($course-&amp;gt;id) is called by the script and has logic like this:&lt;br /&gt;
&lt;br /&gt;
# Is the user a guest at site level?&lt;br /&gt;
## Yes: Does the course allow guests?&lt;br /&gt;
### Yes: return true (and further capabilities are checked by the script)&lt;br /&gt;
### No:  send the user to course/enrol.php for enrolment&lt;br /&gt;
## No: continue below&lt;br /&gt;
&lt;br /&gt;
# Does the user have moodle/course:view in that (course) context?&lt;br /&gt;
## Yes: then they can enter (and further capabilities are checked by the script)&lt;br /&gt;
##  No: is guest access allowed on the course?&lt;br /&gt;
### Yes: assign temporary guest role to that user for that context (in session cache).&lt;br /&gt;
### No: send the user to course/enrol.php for enrolment.&lt;br /&gt;
&lt;br /&gt;
====Process of enrolling====&lt;br /&gt;
&lt;br /&gt;
(more soon)&lt;br /&gt;
&lt;br /&gt;
==Scenario brainstorming==&lt;br /&gt;
&lt;br /&gt;
This section is for brainstorming some example roles that we would like to support.  Note some of these *may* not be possible in 1.7.&lt;br /&gt;
&lt;br /&gt;
===Student===&lt;br /&gt;
Has this one been missed?&lt;br /&gt;
&lt;br /&gt;
===Site Designers===&lt;br /&gt;
Is there a role for people involved in how the site looks but not full administrators? Thinking here of online control of themes rather than FTP theme uploading. But in either case they caneditlogos, caneditcss, candeditlevelatwhichthemeapplies.&lt;br /&gt;
&lt;br /&gt;
===Educational Authority Adviser===&lt;br /&gt;
Someone who would want to browse the site and may be asked to comment or contribute to particular discussions or developments in school. Access for this role would be controlled by the school in the case of school level moodles but may be different if there were to be a Local Authority wide Moodle.&lt;br /&gt;
&lt;br /&gt;
===Educational Inspector===&lt;br /&gt;
Someone who will visit the site to verify the school&#039;s self review that comments on home school relationships, extending the classroom etc. They may want to see summaries of usage and reports from surveys garnering parent and pupil views.&lt;br /&gt;
&lt;br /&gt;
===Second Marker / Moderator===&lt;br /&gt;
A teacher within ths site that has access to assignments and quizzes from another teacher&#039;s course for second marking purposes. This may need additional functionality adding to the assignment module so that two sets of grades/feedback can be given to one set of assignments.&lt;br /&gt;
&lt;br /&gt;
===Peer observer of teaching===&lt;br /&gt;
Many institutions encourage peer observation of teaching, to encourage reflection on practice. In online environments this will be similar to moderation or inspection. The peer observer would need to be able to experience the course &amp;quot;as a student&amp;quot;, but also to be able to view summaries of usage, transcripts of interactions (forums/surveys/polls etc), grades assigned (e.g. in assignments).&lt;br /&gt;
&lt;br /&gt;
===External Examiner===&lt;br /&gt;
Has all the rights of inpectors, but would also need to be able to review assignments and feedback, view forums, glossaries etc. However, would not want to post, feedback onto the site at all.&lt;br /&gt;
&lt;br /&gt;
===Parent===&lt;br /&gt;
A parent will have one or more children in one or more institutions which could be using one or more moodle instances or a mixture of Learning Platforms. A parent&#039;s role will vary depending on the age of their children and whether they are contributing as a parent or a school supporter.&lt;br /&gt;
&lt;br /&gt;
In Early Years (EY=3+4 yr olds) and Key Stage 1 (KS1=5+6 yr olds) they may play/learn on an activity or write for the child. Parents often interpret homework tasks and read to their children perhaps filling in a joint reading diary. In Key Stage 2 (KS2=7-11 yr olds) parents would be more monitoring but may join in as well.&lt;br /&gt;
&lt;br /&gt;
In Key stages 3 (KS3=12-14 yr olds) and 4 (KS4=15+16 yr olds) this changes to more of a monitoring/awareness role where a parent would expect to have a summary report of attendance, attainment and general achievement on a weekly/monthly/termly or annual basis. Parents will often be asked to sign and write back comments about this review report.&lt;br /&gt;
&lt;br /&gt;
In all Key Stages there is a great need for parents to receive communication from the school which they can confirm they have received by signing a form. In some cases this may also involve making choices from a list. It may also involve payment for a trip or disco being returned so there could be the possibility of electronic payments. Also in all Key Satges there may be a home-school agreement which may be signed up to. Could this form part of a site policy system that incorporates a tickable list of activities the parent agrees to the child using (blogs/wikis/forums etc.)?&lt;br /&gt;
&lt;br /&gt;
Parent&#039;s evenings often involve complex booking systems that attempt to get parent&#039;s and teachers together. Easy for EY/KS1/KS2 very difficult for KS3/KS4. Wow would this help if it was built into the Learning Platform.&lt;br /&gt;
&lt;br /&gt;
In some cases there needs to be confidential communication between the parent and the teacher without the child being party to this. It may involve teaching and learning but could also involve a behaviour or medical issue. Often this may be done via a sealed letter or face to face. &lt;br /&gt;
&lt;br /&gt;
The latest incarnation of OfSTED with the Self Review Framework (SEF) there is a greater emphasis on schools gathering parent voice via surveys and discussion. There is a clear match here with parents have access to parental votes, questionnaires and discussions and for schools to be able to publish news, results and reports back to parents.&lt;br /&gt;
&lt;br /&gt;
In the UK the LP framework and agenda as being pushed by the DfES via Becta emphasises that within the mandatory groups and roles functionality the parent role is likely to be required to meet the LP Framework procurement standard.&lt;br /&gt;
&lt;br /&gt;
Again in the UK, parents have their own independent right of access to a child&#039;s educational records. Obviously, children&#039;s records must not be made available to other parties, including the parents of other children in the same class. Thus it would be necessary to associate parent accounts with their own child&#039;s accounts in such a way that they could, if so desired, have read access to their child&#039;s grades, answers and contributions, but generally not those of other children - this may be problematic in the case of wiki activities or forum posts.&lt;br /&gt;
&lt;br /&gt;
There is some concern that children&#039;s forum contributions etc may be constrained if their parents are able to read all that they write; this may be particularly problematic in areas such as Personal, Social and Health Education (PSHE), where some schools may choose to use obfuscated usernames.&lt;br /&gt;
&lt;br /&gt;
===Manager===&lt;br /&gt;
&#039;&#039;Please add text here...&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Weekly Seminar Leader===&lt;br /&gt;
&#039;&#039;In a university seminar, typically 8-15 students in their 3rd/4th year, each student is responsible for leading one topic in a study series.  I ask each student to research 5-10 resources, then give a powerpoint presentation to the other students.  This is followed by an in-class discussion and then online homework.  The homework involves some fun quiz questions and then some reflective journal questions.  I ask each seminar leader to prepare the quiz questions and journal questions as well as their presentation.  To do that, I would like to assign activity-making/authoring roles to the student--either for a short period, or for duration of the whole course.  Thus &amp;quot;Allow Quiz Authoring Role&amp;quot; or &amp;quot;Allow Assignment Authoring Role&amp;quot; at the course level or, if possible, even the Topic level (in a topic or week format course) would be important.&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Mentor/Mentee===&lt;br /&gt;
&#039;&#039;Please add text here...&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Community-Designed Rating Criteria===&lt;br /&gt;
&#039;&#039;The gradebook tends to be the domain of the teacher.  What if community/peer ratings/marks could also be entered there? What if peer assessment criteria could be designed by the students, not just the teacher?&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Visitor===&lt;br /&gt;
&lt;br /&gt;
This would be a role whereby one could allow a visitor to visit one&#039;s classroom. This might be a colleague interested in seeing your course, or a journalist who might be writing an article about one&#039;s site. They should not be able to see the names of any students anywhere (eg recent activity, forum posts) for privacy reasons. They should be able to try out things like quizzes, and lessons but no grades would be recorded (like in teacher preview mode). They would not be able to participate in choices and forums but could view them. It would be read only in a way like former-student role below but without access to a particular student&#039;s records that former student role would grant.&lt;br /&gt;
&lt;br /&gt;
===Guest Speaker===&lt;br /&gt;
&lt;br /&gt;
This role would be similar to the Visitor role above, but would allow seeing student names, and also allow both reading and posting to a specific forum or forums. We often have &amp;quot;guest speakers&amp;quot; who read and respond to student forum posts. Right now we have to add them as students, which isn&#039;t ideal.&lt;br /&gt;
&lt;br /&gt;
===Former Student===&lt;br /&gt;
This role would be of particular use for courses with rolling enrollments. This role would be one where a student had completed all of the requirements of a course (ie assignments, quizzes etc.) but wished to have continued access to the course material for review or consultation. The key factor is that one would give access to the completed student to the notes he read, his work and the teacher&#039;s comments on it, but he would not be allowed to do anything that would take up the teacher&#039;s time. In other words, a sort-of read-only access to the course. How forums, which might contain pertinent information and would continue to grow, would be handled is a question. Perhaps the student would be shown only what was in the forums at the time he completed the course. He would not be allowed to see any new posts or add any himself. Same thing for database and glossary entries. In other words, a snapshot of the course at the time his regular enrollment ended. He shouldn&#039;t be able to see the names or profiles of any newly enrolled students for privacy reasons-hence the restrictions on forum access. One issue that would have to be dealt with would be changes to existing modules-such as resources. Does the student get access to the module as it was or as it is? We have no versioning of resources in Moodle so this would be a problem. What about a teacher changing a quiz question so that the answer is different? What would a former student see?&lt;br /&gt;
&lt;br /&gt;
===Alumnus=== An ALUMNUS should be able to search for all other ALUMNI of the school, interact with them and be enrolled in a seperate course - which is like a META course with all the content of his learning and interaction - as well as capabilities to be a part of this ALUMNI only course.  All the teachers of courses during school years should automatically be a part of the ALUMNI course .. which means when an ALUMNUS is enrolled in a course, the original teachers of all his courses get enrolled ?  --[[User:Anil Sharma|Anil Sharma]] 20:54, 15 July 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Librarian===&lt;br /&gt;
&lt;br /&gt;
Reference Librarians have an active role in most of the courses taught at Earlham College (with Bibliographic Instruction). The Librarian role within Moodle could encompass default read access to all courses (unless prohibited by course teacher) and read access to all components of the course unless access is barred (again by teacher). The Librarians would also perhaps have a block called perhaps Reference Services or Reference Desk with write access where they could deposit resources. Also this block might have a chat applet whereby enrolled students could chat to the Reference Librarian on duty about their bibliographic research needs.&lt;br /&gt;
&lt;br /&gt;
In schools there is often a book review system. This may be covered by the lending system database but may not in which case a librarian may neeed to have a course area they can create a database template to handle the reviews in which case they may have a normal teacher style role? Off topic but course an integration with common schools database systems would be great.&lt;br /&gt;
&lt;br /&gt;
===Teacher===&lt;br /&gt;
&lt;br /&gt;
Teachers should have read access to other Teacher&#039;s courses unless explictly prohibited. They should be able to set parts of their own course to be totally private (perhaps even to admin?). Just as each activity can currently be set to have group access, each activity could have a permissions field. Teachers could set default permissions for all activities on their course (eg they might disallow Librarian access for example) and then change the access permission for an individual activity. &lt;br /&gt;
&lt;br /&gt;
I think that what is needed is a simple heirarchy of permissions and levels of granularity.&lt;br /&gt;
&lt;br /&gt;
I would take issue with &amp;quot;teachers should have read access to other teacher&#039;s courses unless explicitly prohibited.&amp;quot; This is a violation of the students&#039; privacy as how they perform and what they do in one class isn&#039;t the business of another teacher. Moreover, in the real world a teacher wouldn&#039;t suddenly go sit in on a colleague&#039;s class without asking permission first. I would not have appreciated such an invasion of privacy as either a teacher or a student. It could be an option, but shouldn&#039;t be default.--[[User:N Hansen|N Hansen]] 19:54, 12 June 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Community Education Tutors/Trainers===&lt;br /&gt;
Teachers may be community adult education trainers making use of a school moodle so must only have access to their courses unless given access elsewhere. They would not necessarily get the default teacher privileges.&lt;br /&gt;
&lt;br /&gt;
===Secretary/Student Worker===&lt;br /&gt;
&lt;br /&gt;
We often have faculty who want their departmental secretary or student worker to scan and upload files and perhaps create resources. Currently they have to be given teacher access to the course. This is dangerous from a FERPA standpoint since they could easily get access to grades.&lt;br /&gt;
&lt;br /&gt;
===Teaching Assistant===&lt;br /&gt;
&lt;br /&gt;
Our Faculty frequently have undergraduate students acting as Teaching Assistants. These students need to be able to add resources, create assignments, and possibly grade assignments. However, due to FERPA they cannot have access to other students&#039; overall grade information. I think the requirements here are slightly different than those of Secretary/Student Worker&lt;br /&gt;
&lt;br /&gt;
===Student - FERPA rights===&lt;br /&gt;
&lt;br /&gt;
A student that has asserted their FERPA rights to non-disclosure.  Typically includes not publishing their name&lt;br /&gt;
in any public place.  Could include this student only being seen with an &amp;quot;alias&amp;quot; within course spaces.  Is this an attribute rather&lt;br /&gt;
than a role?&lt;br /&gt;
&lt;br /&gt;
===Help Desk===&lt;br /&gt;
&lt;br /&gt;
Help desk agents that have read access for the purposes of trouble shooting.  Some care in placing this role within a hierarchy&lt;br /&gt;
of inheritance is needed, full access will be problematic with FERPA.&lt;br /&gt;
&lt;br /&gt;
===Admin - Catgory based===&lt;br /&gt;
&lt;br /&gt;
Basically a person in between full Admin and Creator that has the permissions of an Admin but only with respect to courses and students. Currently a Creator has permissions site-wide which does not always meet the requirements of a given organisation (e.g. Department A may not be happy that a person from Department B can create/modify courses within Department A&#039;s area). The ability to designate a Creator within a specific category would allow areas to be set up for a faculty/department/organisation and allow the Admin for that area to create/delete courses, upload users, add site-wide entries to the calendar etc.&lt;br /&gt;
&lt;br /&gt;
===PROCESS ROLES===&lt;br /&gt;
&lt;br /&gt;
organising the learning process for a group you wish to have the choice to place students in differnt roles: examples of this are:&lt;br /&gt;
&amp;lt;li&amp;gt;1. Give a student the role of forum-moderator with edit and chunk-rights&lt;br /&gt;
&amp;lt;li&amp;gt;2. Give students different roles &amp;amp; rights in a Webquest design (and change these roles next week&lt;br /&gt;
&amp;lt;li&amp;gt;3. Give students different resources, depending of their roles in a rolegame/simulation&lt;br /&gt;
&amp;lt;li&amp;gt;4. Give a student the rights to create the section content of next week (and only that week..)&lt;br /&gt;
&amp;lt;li&amp;gt;5. ..&lt;br /&gt;
&lt;br /&gt;
==See also==&lt;br /&gt;
&lt;br /&gt;
*Using Moodle [http://moodle.org/mod/forum/discuss.php?d=38788 Roles and Permissions architecture] forum discussion&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[Category:Future]]&lt;br /&gt;
[[Category:Roles]]&lt;br /&gt;
&lt;br /&gt;
[[ru:Роли]]&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Roles&amp;diff=3085</id>
		<title>Roles</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Roles&amp;diff=3085"/>
		<updated>2006-09-05T02:19:43Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* Core-level Capabilities */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&#039;&#039;&#039;Roles and permissions&#039;&#039;&#039; will be in Moodle 1.7 and are available in the developer version of Moodle.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Definitions==&lt;br /&gt;
&lt;br /&gt;
A role is an identifier of the user&#039;s status in some context, for example, teacher, student and forum moderator are examples of roles.&lt;br /&gt;
&lt;br /&gt;
A capability is a description of some particular Moodle feature. Capabilities are associated with roles. For example, &#039;&#039;mod/forum:replypost&#039;&#039; is a capability.&lt;br /&gt;
&lt;br /&gt;
A permission is some value that is assigned for a capability for a particular role.  For example, allow or prevent.&lt;br /&gt;
&lt;br /&gt;
A context is a &amp;quot;space&amp;quot; in the Moodle, such as courses, activity modules, blocks etc.&lt;br /&gt;
&lt;br /&gt;
==The existing system==&lt;br /&gt;
&lt;br /&gt;
Currently in Moodle, we have a fixed set of roles i.e. primary admin, admins, course creators, editing teachers, non-editing teachers, students, and guests. For each role, the capability or actions that they can performed are fixed. For example, the role student allows the user to submit an assignment, but doesn&#039;t allow the user to browse/edit other users&#039; work. By using this setup we limit ourselves to a rather rigid set of capabilities for each role. If we want, say a particular student or group to be able to mark assignments in a particular course, we can&#039;t do that without giving these users teacher privileges.&lt;br /&gt;
&lt;br /&gt;
==The new roles and capability system==&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{{Moodle 1.7}}The new system will allow authorized users to define an arbitrary number of roles (eg a teacher) &lt;br /&gt;
&lt;br /&gt;
A role consists of a list of permissions for different possible actions within Moodle (eg delete discussions, add activities etc)&lt;br /&gt;
&lt;br /&gt;
Roles can be applied to users in a context (eg assign Fred as a teacher in a particular course)&lt;br /&gt;
&lt;br /&gt;
Here are the possible contexts, listed from the most general to the most specific. &lt;br /&gt;
&lt;br /&gt;
#CONTEXT_SYSTEM&lt;br /&gt;
#CONTEXT_PERSONAL&lt;br /&gt;
#CONTEXT_USERID&lt;br /&gt;
#CONTEXT_COURSECAT&lt;br /&gt;
#CONTEXT_COURSE&lt;br /&gt;
#CONTEXT_GROUP&lt;br /&gt;
#CONTEXT_MODULE&lt;br /&gt;
#CONTEXT_BLOCK&lt;br /&gt;
&lt;br /&gt;
An authorized user will be able to assign an arbitrary number of roles to each user in any context.&lt;br /&gt;
&lt;br /&gt;
Capabilities can have the following permissions:&lt;br /&gt;
&lt;br /&gt;
#CAP_INHERIT&lt;br /&gt;
#CAP_ALLOW&lt;br /&gt;
#CAP_PREVENT&lt;br /&gt;
#CAP_PROHIBIT&lt;br /&gt;
&lt;br /&gt;
If no permission is defined, then the capability permission is inherited from a context that is more general than the current context. If we define different permission values for the same capability in different contexts, we say that we are overriding the capability in the more specific context.&lt;br /&gt;
&lt;br /&gt;
Since the capabilities in each role could be different, there could be conflict in capabilities. This is resolved by enforcing the rule that the capability defined for a more specific context will win, unless a prohibit is encountered in a less specific context.&lt;br /&gt;
&lt;br /&gt;
For example, Mark has a student role at course level, which allows him to write into a wiki. But Mark also got assigned a Visitor role at a module context level (for a particular wiki) which prevents him from writing to the wiki (read only). Therefore, for this particular wiki, Mark will not be able to write to the wiki since the more specific context wins.&lt;br /&gt;
&lt;br /&gt;
If we set a prohibit on a capability, it means that the capability cannot be overridden and will always have a permission of prevent (deny). Prohibit always wins. For example, Jeff has a naughty student role that prohibits him from postings in any forums (for the whole site), but he&#039;s also assigned a facilitator role in &amp;quot;Science forum&amp;quot; in the course Science and Math 101. Since prohibit always wins, Jeff is unable to post in &amp;quot;Science forum&amp;quot;.&lt;br /&gt;
&lt;br /&gt;
Allow and prevent will cancel each other out if set for the same capability at the same context level. If this happens, we refer to the previous context level to determine the permission for the capability.&lt;br /&gt;
&lt;br /&gt;
This may sound more complex than it really is in practice.  The upshot is that the system can be flexible enough to allow any combination of permissions.&lt;br /&gt;
&lt;br /&gt;
==Upgrading from 1.6==&lt;br /&gt;
&lt;br /&gt;
A smooth upgrade will be provided with 1.7. The existing roles (admin, teacher, student, etc), and the existing capabilities will be automatically retained.  This is done by creating default roles at site/course levels, and assigning the current users to these roles accordingly. The default roles will have default capabilities associated with them, mirroring what we have  in 1.6.   With no modifications, Moodle will operate exactly the same before and after the upgrade.&lt;br /&gt;
&lt;br /&gt;
===Teachers===&lt;br /&gt;
&lt;br /&gt;
Users who were teachers will be assigned the default legacy teacher role (or non-editing teacher role) in all courses they were teacher.&lt;br /&gt;
&lt;br /&gt;
===Students===&lt;br /&gt;
&lt;br /&gt;
Users who were students will be assigned the default student role in all courses they were student.&lt;br /&gt;
&lt;br /&gt;
===Guests===&lt;br /&gt;
&lt;br /&gt;
There will still be a single guest user with no default role at site level.   For each course that allows guest access, the guest role will be assigned to the guest user for that course context.   The guest control for the course will be modified from three to two options (guests always need to enter enrolment key - on/off).  This setting is checked as now to force guests to enter key.&lt;br /&gt;
&lt;br /&gt;
==Capabilities==&lt;br /&gt;
&lt;br /&gt;
This will be a comprehensive list of capabilities (it&#039;s not complete yet). It is important that capability names are unique.&lt;br /&gt;
&lt;br /&gt;
===Core-level Capabilities===&lt;br /&gt;
&lt;br /&gt;
Moodle core capability names start with &#039;moodle/&#039;.  The next word indicates what type of core capability it is, and the last word is the actual capability itself.  The capabilities for the Moodle core are defined in lib/db/access.php&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
#moodle/legacy:guest - legacy capabilities are used to transition existing users to the new roles system during the upgrade to Moodle 1.7&lt;br /&gt;
#moodle/legacy:student&lt;br /&gt;
#moodle/legacy:teacher&lt;br /&gt;
#moodle/legacy:editingteacher&lt;br /&gt;
#moodle/legacy:coursecreator&lt;br /&gt;
#moodle/legacy:admin&lt;br /&gt;
#moodle/site:doanything - special capability, meant for admins, if is set, overrides all other capability settings&lt;br /&gt;
#moodle/site:config - applicable in admin/index.php and config.php (might break down later) : 1)admin/config.php 2)admin/configure.php 3)blocks/admin/block_admin.php load_content_for_site()&lt;br /&gt;
#moodle/site:manageblocks - adding/removing/editing blocks (site, course contexts only for now) : 1)_add_edit_controls moodleblock.class.php &lt;br /&gt;
#moodle/site:backup - can create a course backup : 1)course/category.php 2)block_admin.php&lt;br /&gt;
#moodle/site:restore - can restore into this context : 1)course/category.php 2)block_admin.php&lt;br /&gt;
#moodle/site:import - can import other courses into this context : 1)block_admin.php&lt;br /&gt;
#moodle/site:accessallgroups - able to access all groups irrespective of what group the user is in&lt;br /&gt;
#moodle/site:accessdb - directly accessing db (phpmyadmin)&lt;br /&gt;
#moodle/site:viewfullnames - able to see fullnames of other users&lt;br /&gt;
#moodle/site:viewreports - able to view site/course reports&lt;br /&gt;
#moodle/site:trustcontent - ability to use trusttext feature and bypass cleaning in specific areas&lt;br /&gt;
#moodle/blog:view - read blogs&lt;br /&gt;
#moodle/blog:create - write new blog posts&lt;br /&gt;
#moodle/blog:manageofficialtags - create/delete official blog tags that others can use&lt;br /&gt;
#moodle/blog:managepersonaltags - create/delete official blog tags that others can use&lt;br /&gt;
#moodle/blog:manageentries - edit/delete all blog entries&lt;br /&gt;
#moodle/course:setcurrentsection - mark course section&lt;br /&gt;
#moodle/course:create - create courses : 1)course/edit.php 2)course/category.php 3)course/index.php&lt;br /&gt;
#moodle/course:delete - create courses : 1)course/category.php&lt;br /&gt;
#moodle/course:update - update course settings&lt;br /&gt;
#moodle/course:view - can use this to find participants&lt;br /&gt;
#moodle/course:viewparticipants - allows a user to view participant list&lt;br /&gt;
#moodle/course:viewscales - view scales (i.e. in a help window?) : 1)course/scales.php&lt;br /&gt;
#moodle/course:manageactivities - adding/removing/editing activities and resources (don&#039;t think it makes any sense to split these)&lt;br /&gt;
#moodle/course:managescales - add, delete, edit scales, move scales up and down : 1)blocks/block_admin.php 2)course/scales.php&lt;br /&gt;
#moodle/course:managegroups - managing groups, add, edit, delete : 1)course/groups.php 2)course/group.php&lt;br /&gt;
#moodle/course:managefiles - manage course files and folders&lt;br /&gt;
#moodle/course:managequestions - manage course questions&lt;br /&gt;
#moodle/course:reset - able to reset the course&lt;br /&gt;
#moodle/course:visibility - hide/show courses : 1)course/category.php&lt;br /&gt;
#moodle/course:activityvisibility - hide/show activities within a course&lt;br /&gt;
#moodle/course:viewhiddenactivities - able to see activities that have been hidden&lt;br /&gt;
#moodle/course:sectionvisibility - hide/show sections&lt;br /&gt;
#moodle/course:viewhiddensections - view hidden sections&lt;br /&gt;
#moodle/category:create - create category : 1)course/index.php&lt;br /&gt;
#moodle/category:delete - delete category : 1)course/index.php&lt;br /&gt;
#moodle/category:update - update category settings : 1)course/category.php&lt;br /&gt;
#moodle/category:visibility - hide/show categories : 1)course/index.php&lt;br /&gt;
#moodle/user:create - create user : 1) user/edit.php&lt;br /&gt;
#moodle/user:delete - delete user : 1) admin/user.php&lt;br /&gt;
#moodle/user:update - update user settings : 1) user/edit.php&lt;br /&gt;
#moodle/user:viewdetails - view personally-identifying user details (e.g. name, photo). This ties in with the &amp;quot;visitor&amp;quot; scenario described below.&lt;br /&gt;
#moodle/calendar:manageownentries - create/edit/delete &lt;br /&gt;
#moodle/calendar:manageentries - create/edit/delete&lt;br /&gt;
#moodle/role:assign - assign roles to users&lt;br /&gt;
#moodle/role:override - can override role capabilities (depending on context)&lt;br /&gt;
#moodle/role:manage - create/edit/delete roles, set capability permissions for each role&lt;br /&gt;
#moodle/question:import - imports questions (course level?) - Yes, question permissions currently need to be course-level.--[[User:Tim Hunt|Tim Hunt]]&lt;br /&gt;
#moodle/question:export - exports questions (course level?)&lt;br /&gt;
#moodle/question:managecateory - add/delete/edit question categories (course level?)&lt;br /&gt;
#moodle/question:manage - add/edit/delete a question (course level)&lt;br /&gt;
&lt;br /&gt;
===User-level Capabilities===&lt;br /&gt;
# moodle/user:readuserposts -read individual user posts on profile page (parent?)&lt;br /&gt;
# moodle/user:readuserblogs -read individual user blogs on profile page (parent?)&lt;br /&gt;
# moodle/user:viewuseractivitiesreport-read individual activity report on profile page (parent?)&lt;br /&gt;
&lt;br /&gt;
===Module-level Capabilities===&lt;br /&gt;
The capabilities are cached into a database table when a module is installed or updated. Whenever the capability definitions are updated, the module version number should be bumped up so that the database table can be updated.&lt;br /&gt;
&lt;br /&gt;
The naming convention for capabilities that are specific to modules and blocks is &#039;mod/mod_name:capability&#039;.  The part before the colon is the full path to the module in the Moodle code.  The module capabilities are defined in mod/mod_name/db/access.php.&lt;br /&gt;
&lt;br /&gt;
#Assignment&lt;br /&gt;
##mod/assignment:view- reading the assignment description&lt;br /&gt;
##mod/assignment:submit - turn assignment in&lt;br /&gt;
##mod/assignment:grade - grading, viewing of list of submitted assignments&lt;br /&gt;
#Chat&lt;br /&gt;
##mod/chat:chat - allows a user to participate in this chat&lt;br /&gt;
##mod/chat:readlog - allows a user to read past chat session logs&lt;br /&gt;
##mod/chat:deletelog - allows a user to delete past chat logs&lt;br /&gt;
#Choice&lt;br /&gt;
##mod/choice:choose - make a choice&lt;br /&gt;
##mod/choice:readresponses - read all responses&lt;br /&gt;
##mod/choice:deleteresponses - deletes all responses&lt;br /&gt;
##mod/choice:downloadresponses - download responses&lt;br /&gt;
#Database&lt;br /&gt;
##mod/data:readentry - reads other people&#039;s entry&lt;br /&gt;
##mod/data:writeentry - add / edit and delete (own) entries&lt;br /&gt;
##mod/data:managetemplates - add, delete, edit fields and templates&lt;br /&gt;
##mod/data:manageentries - edit/delete all entries&lt;br /&gt;
##mod/data:comment - comment&lt;br /&gt;
##mod/data:managecomments - edit/delete all comments&lt;br /&gt;
##mod/data:rate - rate an entry&lt;br /&gt;
##mod/data:approve - approves an entry&lt;br /&gt;
##mod/data:uploadentries - batch upload of entries&lt;br /&gt;
#Exercise&lt;br /&gt;
##mod/exercise:assess&lt;br /&gt;
#Forum&lt;br /&gt;
##mod/forum:viewforum&lt;br /&gt;
##mod/forum:viewdiscussion&lt;br /&gt;
##mod/forum:viewdiscussionsfromallgroups&lt;br /&gt;
##mod/forum:viewhiddentimedposts&lt;br /&gt;
##mod/forum:startdiscussion&lt;br /&gt;
##mod/forum:replypost&lt;br /&gt;
##mod/forum:viewrating&lt;br /&gt;
##mod/forum:viewanyrating&lt;br /&gt;
##mod/forum:rate&lt;br /&gt;
##mod/forum:createattachment&lt;br /&gt;
##mod/forum:deleteownpost&lt;br /&gt;
##mod/forum:deleteanypost&lt;br /&gt;
##mod/forum:splitdiscussions&lt;br /&gt;
##mod/forum:movediscussions&lt;br /&gt;
##mod/forum:editanypost&lt;br /&gt;
##mod/forum:viewqandawithoutposting&lt;br /&gt;
##mod/forum:viewsubscribers&lt;br /&gt;
##mod/forum:managesubscriptions&lt;br /&gt;
##mod/forum:throttlingapplies&lt;br /&gt;
#Glossary&lt;br /&gt;
##mod/glossary:view - read entries&lt;br /&gt;
##mod/glossary:write - add entries&lt;br /&gt;
##mod/glossary:manageentries - add, edit, delete entries&lt;br /&gt;
##mod/glossary:managecategories - create, delete, edit categories&lt;br /&gt;
##mod/glossary:comment - comment on an entry&lt;br /&gt;
##mod/glossary:managecomments - edit, delete comments&lt;br /&gt;
##mod/glossary:import - import glossaries&lt;br /&gt;
##mod/glossary:export - export glossaries&lt;br /&gt;
##mod/glossary:approve - approve glossaries&lt;br /&gt;
##mod/glossary:rate - rates glossary&lt;br /&gt;
##mod/glossary:viewrating - view ratings&lt;br /&gt;
#Hotpot&lt;br /&gt;
##mod/hotpot:attempt - attempt a hotpot&lt;br /&gt;
##mod/hotpot:viewreport - review and view reports&lt;br /&gt;
##mod/hotpot:grade - (grade? and) regrade&lt;br /&gt;
##mod/hotpot:deleteattempt - deletes attempts&lt;br /&gt;
#Label&lt;br /&gt;
##none&lt;br /&gt;
#Lams&lt;br /&gt;
##TBD&lt;br /&gt;
#Lesson&lt;br /&gt;
##TBD&lt;br /&gt;
#Quiz&lt;br /&gt;
##mod/quiz:grade - comment, override grade, manual grade&lt;br /&gt;
##mod/quiz:preview - previews the quiz&lt;br /&gt;
##mod/quiz:viewreports - view quiz result reports&lt;br /&gt;
##mod/quiz:manage - add/delete/move (up or down) questions for a quiz&lt;br /&gt;
##mod/quiz:attempt - attempt the quiz--[[User:Tim Hunt|Tim Hunt]]&lt;br /&gt;
#Resource&lt;br /&gt;
##mod/resource:view&lt;br /&gt;
#Scorm&lt;br /&gt;
##mod/scorm:view&lt;br /&gt;
##mod/scorm:viewgrades&lt;br /&gt;
#Survey&lt;br /&gt;
##mod/survey:download - downloads survery result&lt;br /&gt;
##mod/survey:participate - participate/ do survey&lt;br /&gt;
##mod/survey:readresponses - read all user&#039;s responese&lt;br /&gt;
#Wiki&lt;br /&gt;
##Waiting on new wiki&lt;br /&gt;
#Workshop&lt;br /&gt;
##Waiting on new Workshop&lt;br /&gt;
&lt;br /&gt;
===Enrolment-level Capabilities===&lt;br /&gt;
&lt;br /&gt;
The naming convention for capabilities that are specific to enrolment is &#039;enrol/enrol_name:capability&#039;. The enrolment capabilities are defined in enrol/enrol_name/db/access.php.&lt;br /&gt;
&lt;br /&gt;
#Authorize.net Payment Gateway &lt;br /&gt;
##enrol/authorize:managepayments - manage user payments, capture, void, refund, delete etc.&lt;br /&gt;
&lt;br /&gt;
===Blocks===&lt;br /&gt;
#activity_modules&lt;br /&gt;
##None&lt;br /&gt;
#admin&lt;br /&gt;
#admin_2&lt;br /&gt;
#admin_bookmarks&lt;br /&gt;
#blog_menu&lt;br /&gt;
#blog_tags&lt;br /&gt;
#calendar_month&lt;br /&gt;
#calendar_upcoming&lt;br /&gt;
#course_list&lt;br /&gt;
#course_summary&lt;br /&gt;
#glossary_random&lt;br /&gt;
#html&lt;br /&gt;
#loancalc&lt;br /&gt;
#login&lt;br /&gt;
#messages&lt;br /&gt;
#news_items&lt;br /&gt;
#online_users&lt;br /&gt;
#participants&lt;br /&gt;
#quiz_results&lt;br /&gt;
#recent_activity&lt;br /&gt;
#rss_client&lt;br /&gt;
#search&lt;br /&gt;
#search_forums&lt;br /&gt;
#section_links&lt;br /&gt;
#site_main_menu&lt;br /&gt;
#social_activities&lt;br /&gt;
&lt;br /&gt;
===Questions===&lt;br /&gt;
I am adding question categories here because they seem to have been forgotten in the whole scheme of things since having been removed from the quiz module itself. I&#039;ve made a suggestion on how these could be handled in [http://www.moodle.org/bugs/bug.php?op=show&amp;amp;bugid=6118&amp;amp;pos= bug 6118].&lt;br /&gt;
&lt;br /&gt;
See [http://moodle.org/mod/forum/discuss.php?d=51143 this forum thread] for a discussion about the current problems wth publishing question categories.[[User:Tim Hunt|Tim Hunt]] 18:50, 8 August 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
==Programming Interface==&lt;br /&gt;
&lt;br /&gt;
Although the Roles system may look complicated at first glance, implementing it in Moodle code is fairly simple.&lt;br /&gt;
&lt;br /&gt;
* You need to define each capability once, so that Moodle can upgrade existing roles to take advantage of it.  You do this in an access.php inside the db folder of any module (eg see mod/forum/db/access.php).  The array contains entries like this (note the descriptions for the legacy roles which provides forward compatibility):&lt;br /&gt;
    &#039;mod/forum:viewforum&#039; =&amp;gt; array(&lt;br /&gt;
        &#039;captype&#039; =&amp;gt; &#039;read&#039;,&lt;br /&gt;
        &#039;contextlevel&#039; =&amp;gt; CONTEXT_MODULE,&lt;br /&gt;
        &#039;legacy&#039; =&amp;gt; array(&lt;br /&gt;
            &#039;guest&#039; =&amp;gt; CAP_PREVENT,&lt;br /&gt;
            &#039;student&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;teacher&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;editingteacher&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;coursecreator&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;admin&#039; =&amp;gt; CAP_ALLOW&lt;br /&gt;
        )&lt;br /&gt;
    ),&lt;br /&gt;
* To load/change these capabilities you need to bump the module version.   There&#039;s no need to provide changes or differences as Moodle will scan the whole array and sort it out.&lt;br /&gt;
* On each page you need to find the context the user is working in, using the get_context_instance() function.  For example, in the forum module:&lt;br /&gt;
&lt;br /&gt;
  $context = get_context_instance(CONTEXT_MODULE, $cm-&amp;gt;id);&lt;br /&gt;
* Then, whenever you want to check that the current user has rights to do something, call has_capability() like this:&lt;br /&gt;
    if (!has_capability(&#039;mod/forum:viewforum&#039;, $context)) {&lt;br /&gt;
        print_error(&#039;nopermissiontoviewforum&#039;);&lt;br /&gt;
    }&lt;br /&gt;
* If you just want to assert a capability and then finish with an error message if it&#039;s not met (as we did above), then a shorter way it to use require_capability() like this:&lt;br /&gt;
&lt;br /&gt;
    require_capability(&#039;mod/forum:viewforum&#039;, $context);&lt;br /&gt;
&lt;br /&gt;
* Note that there are extra parameters you can specify to get a custom error message, otherwise users get an automated &amp;quot;No permissions&amp;quot; message that lists the permission they were missing.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
As a result of the new Roles System, all calls to isadmin(), iscoursecreator, isteacheredit(), isteacher(), isstudent(), and isguest() will have to be replaced with calls to has_capability() or require_capability().   However, these functions will be retained for some backward compatibility with old code, using the legacy capabilities to try and work out what to do.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Problem areas we are working on ==&lt;br /&gt;
&lt;br /&gt;
===Student view===&lt;br /&gt;
&lt;br /&gt;
The &amp;quot;Student view&amp;quot; button has been removed completely.&lt;br /&gt;
&lt;br /&gt;
If there is time and a secure way can be found, it will be replaced by a menu to let the user assume a temporary role in the context of that course.&lt;br /&gt;
&lt;br /&gt;
===Teacher forum===&lt;br /&gt;
&lt;br /&gt;
Teacher forums were always a curious exception to normal forums, as they were not part of a course as such, and were not backed up.&lt;br /&gt;
&lt;br /&gt;
We&#039;re taking the opportunity to rectify this.   The upgrade converts teacher forums with content to normal forums in section 0 of the course, and ensures that only teachers can access them.  If the teacher forum had not been used in the course then it&#039;s not converted and will just dissappear.&lt;br /&gt;
&lt;br /&gt;
===Enrolment plugins===&lt;br /&gt;
&lt;br /&gt;
====Process of logging in====&lt;br /&gt;
&lt;br /&gt;
(more soon)&lt;br /&gt;
&lt;br /&gt;
====Process of checking access to a course====&lt;br /&gt;
&lt;br /&gt;
require_login($course-&amp;gt;id) is called by the script and has logic like this:&lt;br /&gt;
&lt;br /&gt;
# Is the user a guest at site level?&lt;br /&gt;
## Yes: Does the course allow guests?&lt;br /&gt;
### Yes: return true (and further capabilities are checked by the script)&lt;br /&gt;
### No:  send the user to course/enrol.php for enrolment&lt;br /&gt;
## No: continue below&lt;br /&gt;
&lt;br /&gt;
# Does the user have moodle/course:view in that (course) context?&lt;br /&gt;
## Yes: then they can enter (and further capabilities are checked by the script)&lt;br /&gt;
##  No: is guest access allowed on the course?&lt;br /&gt;
### Yes: assign temporary guest role to that user for that context (in session cache).&lt;br /&gt;
### No: send the user to course/enrol.php for enrolment.&lt;br /&gt;
&lt;br /&gt;
====Process of enrolling====&lt;br /&gt;
&lt;br /&gt;
(more soon)&lt;br /&gt;
&lt;br /&gt;
==Scenario brainstorming==&lt;br /&gt;
&lt;br /&gt;
This section is for brainstorming some example roles that we would like to support.  Note some of these *may* not be possible in 1.7.&lt;br /&gt;
&lt;br /&gt;
===Student===&lt;br /&gt;
Has this one been missed?&lt;br /&gt;
&lt;br /&gt;
===Site Designers===&lt;br /&gt;
Is there a role for people involved in how the site looks but not full administrators? Thinking here of online control of themes rather than FTP theme uploading. But in either case they caneditlogos, caneditcss, candeditlevelatwhichthemeapplies.&lt;br /&gt;
&lt;br /&gt;
===Educational Authority Adviser===&lt;br /&gt;
Someone who would want to browse the site and may be asked to comment or contribute to particular discussions or developments in school. Access for this role would be controlled by the school in the case of school level moodles but may be different if there were to be a Local Authority wide Moodle.&lt;br /&gt;
&lt;br /&gt;
===Educational Inspector===&lt;br /&gt;
Someone who will visit the site to verify the school&#039;s self review that comments on home school relationships, extending the classroom etc. They may want to see summaries of usage and reports from surveys garnering parent and pupil views.&lt;br /&gt;
&lt;br /&gt;
===Second Marker / Moderator===&lt;br /&gt;
A teacher within ths site that has access to assignments and quizzes from another teacher&#039;s course for second marking purposes. This may need additional functionality adding to the assignment module so that two sets of grades/feedback can be given to one set of assignments.&lt;br /&gt;
&lt;br /&gt;
===Peer observer of teaching===&lt;br /&gt;
Many institutions encourage peer observation of teaching, to encourage reflection on practice. In online environments this will be similar to moderation or inspection. The peer observer would need to be able to experience the course &amp;quot;as a student&amp;quot;, but also to be able to view summaries of usage, transcripts of interactions (forums/surveys/polls etc), grades assigned (e.g. in assignments).&lt;br /&gt;
&lt;br /&gt;
===External Examiner===&lt;br /&gt;
Has all the rights of inpectors, but would also need to be able to review assignments and feedback, view forums, glossaries etc. However, would not want to post, feedback onto the site at all.&lt;br /&gt;
&lt;br /&gt;
===Parent===&lt;br /&gt;
A parent will have one or more children in one or more institutions which could be using one or more moodle instances or a mixture of Learning Platforms. A parent&#039;s role will vary depending on the age of their children and whether they are contributing as a parent or a school supporter.&lt;br /&gt;
&lt;br /&gt;
In Early Years (EY=3+4 yr olds) and Key Stage 1 (KS1=5+6 yr olds) they may play/learn on an activity or write for the child. Parents often interpret homework tasks and read to their children perhaps filling in a joint reading diary. In Key Stage 2 (KS2=7-11 yr olds) parents would be more monitoring but may join in as well.&lt;br /&gt;
&lt;br /&gt;
In Key stages 3 (KS3=12-14 yr olds) and 4 (KS4=15+16 yr olds) this changes to more of a monitoring/awareness role where a parent would expect to have a summary report of attendance, attainment and general achievement on a weekly/monthly/termly or annual basis. Parents will often be asked to sign and write back comments about this review report.&lt;br /&gt;
&lt;br /&gt;
In all Key Stages there is a great need for parents to receive communication from the school which they can confirm they have received by signing a form. In some cases this may also involve making choices from a list. It may also involve payment for a trip or disco being returned so there could be the possibility of electronic payments. Also in all Key Satges there may be a home-school agreement which may be signed up to. Could this form part of a site policy system that incorporates a tickable list of activities the parent agrees to the child using (blogs/wikis/forums etc.)?&lt;br /&gt;
&lt;br /&gt;
Parent&#039;s evenings often involve complex booking systems that attempt to get parent&#039;s and teachers together. Easy for EY/KS1/KS2 very difficult for KS3/KS4. Wow would this help if it was built into the Learning Platform.&lt;br /&gt;
&lt;br /&gt;
In some cases there needs to be confidential communication between the parent and the teacher without the child being party to this. It may involve teaching and learning but could also involve a behaviour or medical issue. Often this may be done via a sealed letter or face to face. &lt;br /&gt;
&lt;br /&gt;
The latest incarnation of OfSTED with the Self Review Framework (SEF) there is a greater emphasis on schools gathering parent voice via surveys and discussion. There is a clear match here with parents have access to parental votes, questionnaires and discussions and for schools to be able to publish news, results and reports back to parents.&lt;br /&gt;
&lt;br /&gt;
In the UK the LP framework and agenda as being pushed by the DfES via Becta emphasises that within the mandatory groups and roles functionality the parent role is likely to be required to meet the LP Framework procurement standard.&lt;br /&gt;
&lt;br /&gt;
Again in the UK, parents have their own independent right of access to a child&#039;s educational records. Obviously, children&#039;s records must not be made available to other parties, including the parents of other children in the same class. Thus it would be necessary to associate parent accounts with their own child&#039;s accounts in such a way that they could, if so desired, have read access to their child&#039;s grades, answers and contributions, but generally not those of other children - this may be problematic in the case of wiki activities or forum posts.&lt;br /&gt;
&lt;br /&gt;
There is some concern that children&#039;s forum contributions etc may be constrained if their parents are able to read all that they write; this may be particularly problematic in areas such as Personal, Social and Health Education (PSHE), where some schools may choose to use obfuscated usernames.&lt;br /&gt;
&lt;br /&gt;
===Manager===&lt;br /&gt;
&#039;&#039;Please add text here...&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Weekly Seminar Leader===&lt;br /&gt;
&#039;&#039;In a university seminar, typically 8-15 students in their 3rd/4th year, each student is responsible for leading one topic in a study series.  I ask each student to research 5-10 resources, then give a powerpoint presentation to the other students.  This is followed by an in-class discussion and then online homework.  The homework involves some fun quiz questions and then some reflective journal questions.  I ask each seminar leader to prepare the quiz questions and journal questions as well as their presentation.  To do that, I would like to assign activity-making/authoring roles to the student--either for a short period, or for duration of the whole course.  Thus &amp;quot;Allow Quiz Authoring Role&amp;quot; or &amp;quot;Allow Assignment Authoring Role&amp;quot; at the course level or, if possible, even the Topic level (in a topic or week format course) would be important.&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Mentor/Mentee===&lt;br /&gt;
&#039;&#039;Please add text here...&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Community-Designed Rating Criteria===&lt;br /&gt;
&#039;&#039;The gradebook tends to be the domain of the teacher.  What if community/peer ratings/marks could also be entered there? What if peer assessment criteria could be designed by the students, not just the teacher?&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Visitor===&lt;br /&gt;
&lt;br /&gt;
This would be a role whereby one could allow a visitor to visit one&#039;s classroom. This might be a colleague interested in seeing your course, or a journalist who might be writing an article about one&#039;s site. They should not be able to see the names of any students anywhere (eg recent activity, forum posts) for privacy reasons. They should be able to try out things like quizzes, and lessons but no grades would be recorded (like in teacher preview mode). They would not be able to participate in choices and forums but could view them. It would be read only in a way like former-student role below but without access to a particular student&#039;s records that former student role would grant.&lt;br /&gt;
&lt;br /&gt;
===Guest Speaker===&lt;br /&gt;
&lt;br /&gt;
This role would be similar to the Visitor role above, but would allow seeing student names, and also allow both reading and posting to a specific forum or forums. We often have &amp;quot;guest speakers&amp;quot; who read and respond to student forum posts. Right now we have to add them as students, which isn&#039;t ideal.&lt;br /&gt;
&lt;br /&gt;
===Former Student===&lt;br /&gt;
This role would be of particular use for courses with rolling enrollments. This role would be one where a student had completed all of the requirements of a course (ie assignments, quizzes etc.) but wished to have continued access to the course material for review or consultation. The key factor is that one would give access to the completed student to the notes he read, his work and the teacher&#039;s comments on it, but he would not be allowed to do anything that would take up the teacher&#039;s time. In other words, a sort-of read-only access to the course. How forums, which might contain pertinent information and would continue to grow, would be handled is a question. Perhaps the student would be shown only what was in the forums at the time he completed the course. He would not be allowed to see any new posts or add any himself. Same thing for database and glossary entries. In other words, a snapshot of the course at the time his regular enrollment ended. He shouldn&#039;t be able to see the names or profiles of any newly enrolled students for privacy reasons-hence the restrictions on forum access. One issue that would have to be dealt with would be changes to existing modules-such as resources. Does the student get access to the module as it was or as it is? We have no versioning of resources in Moodle so this would be a problem. What about a teacher changing a quiz question so that the answer is different? What would a former student see?&lt;br /&gt;
&lt;br /&gt;
===Alumnus=== An ALUMNUS should be able to search for all other ALUMNI of the school, interact with them and be enrolled in a seperate course - which is like a META course with all the content of his learning and interaction - as well as capabilities to be a part of this ALUMNI only course.  All the teachers of courses during school years should automatically be a part of the ALUMNI course .. which means when an ALUMNUS is enrolled in a course, the original teachers of all his courses get enrolled ?  --[[User:Anil Sharma|Anil Sharma]] 20:54, 15 July 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Librarian===&lt;br /&gt;
&lt;br /&gt;
Reference Librarians have an active role in most of the courses taught at Earlham College (with Bibliographic Instruction). The Librarian role within Moodle could encompass default read access to all courses (unless prohibited by course teacher) and read access to all components of the course unless access is barred (again by teacher). The Librarians would also perhaps have a block called perhaps Reference Services or Reference Desk with write access where they could deposit resources. Also this block might have a chat applet whereby enrolled students could chat to the Reference Librarian on duty about their bibliographic research needs.&lt;br /&gt;
&lt;br /&gt;
In schools there is often a book review system. This may be covered by the lending system database but may not in which case a librarian may neeed to have a course area they can create a database template to handle the reviews in which case they may have a normal teacher style role? Off topic but course an integration with common schools database systems would be great.&lt;br /&gt;
&lt;br /&gt;
===Teacher===&lt;br /&gt;
&lt;br /&gt;
Teachers should have read access to other Teacher&#039;s courses unless explictly prohibited. They should be able to set parts of their own course to be totally private (perhaps even to admin?). Just as each activity can currently be set to have group access, each activity could have a permissions field. Teachers could set default permissions for all activities on their course (eg they might disallow Librarian access for example) and then change the access permission for an individual activity. &lt;br /&gt;
&lt;br /&gt;
I think that what is needed is a simple heirarchy of permissions and levels of granularity.&lt;br /&gt;
&lt;br /&gt;
I would take issue with &amp;quot;teachers should have read access to other teacher&#039;s courses unless explicitly prohibited.&amp;quot; This is a violation of the students&#039; privacy as how they perform and what they do in one class isn&#039;t the business of another teacher. Moreover, in the real world a teacher wouldn&#039;t suddenly go sit in on a colleague&#039;s class without asking permission first. I would not have appreciated such an invasion of privacy as either a teacher or a student. It could be an option, but shouldn&#039;t be default.--[[User:N Hansen|N Hansen]] 19:54, 12 June 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Community Education Tutors/Trainers===&lt;br /&gt;
Teachers may be community adult education trainers making use of a school moodle so must only have access to their courses unless given access elsewhere. They would not necessarily get the default teacher privileges.&lt;br /&gt;
&lt;br /&gt;
===Secretary/Student Worker===&lt;br /&gt;
&lt;br /&gt;
We often have faculty who want their departmental secretary or student worker to scan and upload files and perhaps create resources. Currently they have to be given teacher access to the course. This is dangerous from a FERPA standpoint since they could easily get access to grades.&lt;br /&gt;
&lt;br /&gt;
===Teaching Assistant===&lt;br /&gt;
&lt;br /&gt;
Our Faculty frequently have undergraduate students acting as Teaching Assistants. These students need to be able to add resources, create assignments, and possibly grade assignments. However, due to FERPA they cannot have access to other students&#039; overall grade information. I think the requirements here are slightly different than those of Secretary/Student Worker&lt;br /&gt;
&lt;br /&gt;
===Student - FERPA rights===&lt;br /&gt;
&lt;br /&gt;
A student that has asserted their FERPA rights to non-disclosure.  Typically includes not publishing their name&lt;br /&gt;
in any public place.  Could include this student only being seen with an &amp;quot;alias&amp;quot; within course spaces.  Is this an attribute rather&lt;br /&gt;
than a role?&lt;br /&gt;
&lt;br /&gt;
===Help Desk===&lt;br /&gt;
&lt;br /&gt;
Help desk agents that have read access for the purposes of trouble shooting.  Some care in placing this role within a hierarchy&lt;br /&gt;
of inheritance is needed, full access will be problematic with FERPA.&lt;br /&gt;
&lt;br /&gt;
===Admin - Catgory based===&lt;br /&gt;
&lt;br /&gt;
Basically a person in between full Admin and Creator that has the permissions of an Admin but only with respect to courses and students. Currently a Creator has permissions site-wide which does not always meet the requirements of a given organisation (e.g. Department A may not be happy that a person from Department B can create/modify courses within Department A&#039;s area). The ability to designate a Creator within a specific category would allow areas to be set up for a faculty/department/organisation and allow the Admin for that area to create/delete courses, upload users, add site-wide entries to the calendar etc.&lt;br /&gt;
&lt;br /&gt;
===PROCESS ROLES===&lt;br /&gt;
&lt;br /&gt;
organising the learning process for a group you wish to have the choice to place students in differnt roles: examples of this are:&lt;br /&gt;
&amp;lt;li&amp;gt;1. Give a student the role of forum-moderator with edit and chunk-rights&lt;br /&gt;
&amp;lt;li&amp;gt;2. Give students different roles &amp;amp; rights in a Webquest design (and change these roles next week&lt;br /&gt;
&amp;lt;li&amp;gt;3. Give students different resources, depending of their roles in a rolegame/simulation&lt;br /&gt;
&amp;lt;li&amp;gt;4. Give a student the rights to create the section content of next week (and only that week..)&lt;br /&gt;
&amp;lt;li&amp;gt;5. ..&lt;br /&gt;
&lt;br /&gt;
==See also==&lt;br /&gt;
&lt;br /&gt;
*Using Moodle [http://moodle.org/mod/forum/discuss.php?d=38788 Roles and Permissions architecture] forum discussion&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[Category:Future]]&lt;br /&gt;
[[Category:Roles]]&lt;br /&gt;
&lt;br /&gt;
[[ru:Роли]]&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Roles&amp;diff=3079</id>
		<title>Roles</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Roles&amp;diff=3079"/>
		<updated>2006-08-30T07:18:15Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* Module-level Capabilities */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&#039;&#039;&#039;Roles and permissions&#039;&#039;&#039; will be in Moodle 1.7 and are available in the developer version of Moodle.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Definitions==&lt;br /&gt;
&lt;br /&gt;
A role is an identifier of the user&#039;s status in some context, for example, teacher, student and forum moderator are examples of roles.&lt;br /&gt;
&lt;br /&gt;
A capability is a description of some particular Moodle feature. Capabilities are associated with roles. For example, &#039;&#039;mod/forum:replypost&#039;&#039; is a capability.&lt;br /&gt;
&lt;br /&gt;
A permission is some value that is assigned for a capability for a particular role.  For example, allow or prevent.&lt;br /&gt;
&lt;br /&gt;
A context is a &amp;quot;space&amp;quot; in the Moodle, such as courses, activity modules, blocks etc.&lt;br /&gt;
&lt;br /&gt;
==The existing system==&lt;br /&gt;
&lt;br /&gt;
Currently in Moodle, we have a fixed set of roles i.e. primary admin, admins, course creators, editing teachers, non-editing teachers, students, and guests. For each role, the capability or actions that they can performed are fixed. For example, the role student allows the user to submit an assignment, but doesn&#039;t allow the user to browse/edit other users&#039; work. By using this setup we limit ourselves to a rather rigid set of capabilities for each role. If we want, say a particular student or group to be able to mark assignments in a particular course, we can&#039;t do that without giving these users teacher privileges.&lt;br /&gt;
&lt;br /&gt;
==The new roles and capability system==&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{{Moodle 1.7}}The new system will allow authorized users to define an arbitrary number of roles (eg a teacher) &lt;br /&gt;
&lt;br /&gt;
A role consists of a list of permissions for different possible actions within Moodle (eg delete discussions, add activities etc)&lt;br /&gt;
&lt;br /&gt;
Roles can be applied to users in a context (eg assign Fred as a teacher in a particular course)&lt;br /&gt;
&lt;br /&gt;
Here are the possible contexts, listed from the most general to the most specific. &lt;br /&gt;
&lt;br /&gt;
#CONTEXT_SYSTEM&lt;br /&gt;
#CONTEXT_PERSONAL&lt;br /&gt;
#CONTEXT_USERID&lt;br /&gt;
#CONTEXT_COURSECAT&lt;br /&gt;
#CONTEXT_COURSE&lt;br /&gt;
#CONTEXT_GROUP&lt;br /&gt;
#CONTEXT_MODULE&lt;br /&gt;
#CONTEXT_BLOCK&lt;br /&gt;
&lt;br /&gt;
An authorized user will be able to assign an arbitrary number of roles to each user in any context.&lt;br /&gt;
&lt;br /&gt;
Capabilities can have the following permissions:&lt;br /&gt;
&lt;br /&gt;
#CAP_INHERIT&lt;br /&gt;
#CAP_ALLOW&lt;br /&gt;
#CAP_PREVENT&lt;br /&gt;
#CAP_PROHIBIT&lt;br /&gt;
&lt;br /&gt;
If no permission is defined, then the capability permission is inherited from a context that is more general than the current context. If we define different permission values for the same capability in different contexts, we say that we are overriding the capability in the more specific context.&lt;br /&gt;
&lt;br /&gt;
Since the capabilities in each role could be different, there could be conflict in capabilities. This is resolved by enforcing the rule that the capability defined for a more specific context will win, unless a prohibit is encountered in a less specific context.&lt;br /&gt;
&lt;br /&gt;
For example, Mark has a student role at course level, which allows him to write into a wiki. But Mark also got assigned a Visitor role at a module context level (for a particular wiki) which prevents him from writing to the wiki (read only). Therefore, for this particular wiki, Mark will not be able to write to the wiki since the more specific context wins.&lt;br /&gt;
&lt;br /&gt;
If we set a prohibit on a capability, it means that the capability cannot be overridden and will always have a permission of prevent (deny). Prohibit always wins. For example, Jeff has a naughty student role that prohibits him from postings in any forums (for the whole site), but he&#039;s also assigned a facilitator role in &amp;quot;Science forum&amp;quot; in the course Science and Math 101. Since prohibit always wins, Jeff is unable to post in &amp;quot;Science forum&amp;quot;.&lt;br /&gt;
&lt;br /&gt;
Allow and prevent will cancel each other out if set for the same capability at the same context level. If this happens, we refer to the previous context level to determine the permission for the capability.&lt;br /&gt;
&lt;br /&gt;
This may sound more complex than it really is in practice.  The upshot is that the system can be flexible enough to allow any combination of permissions.&lt;br /&gt;
&lt;br /&gt;
==Upgrading from 1.6==&lt;br /&gt;
&lt;br /&gt;
A smooth upgrade will be provided with 1.7. The existing roles (admin, teacher, student, etc), and the existing capabilities will be automatically retained.  This is done by creating default roles at site/course levels, and assigning the current users to these roles accordingly. The default roles will have default capabilities associated with them, mirroring what we have  in 1.6.   With no modifications, Moodle will operate exactly the same before and after the upgrade.&lt;br /&gt;
&lt;br /&gt;
===Teachers===&lt;br /&gt;
&lt;br /&gt;
Users who were teachers will be assigned the default legacy teacher role (or non-editing teacher role) in all courses they were teacher.&lt;br /&gt;
&lt;br /&gt;
===Students===&lt;br /&gt;
&lt;br /&gt;
Users who were students will be assigned the default student role in all courses they were student.&lt;br /&gt;
&lt;br /&gt;
===Guests===&lt;br /&gt;
&lt;br /&gt;
There will still be a single guest user with no default role at site level.   For each course that allows guest access, the guest role will be assigned to the guest user for that course context.   The guest control for the course will be modified from three to two options (guests always need to enter enrolment key - on/off).  This setting is checked as now to force guests to enter key.&lt;br /&gt;
&lt;br /&gt;
==Capabilities==&lt;br /&gt;
&lt;br /&gt;
This will be a comprehensive list of capabilities (it&#039;s not complete yet). It is important that capability names are unique.&lt;br /&gt;
&lt;br /&gt;
===Core-level Capabilities===&lt;br /&gt;
&lt;br /&gt;
Moodle core capability names start with &#039;moodle/&#039;.  The next word indicates what type of core capability it is, and the last word is the actual capability itself.  The capabilities for the Moodle core are defined in lib/db/access.php&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
#moodle/legacy:guest - legacy capabilities are used to transition existing users to the new roles system during the upgrade to Moodle 1.7&lt;br /&gt;
#moodle/legacy:student&lt;br /&gt;
#moodle/legacy:teacher&lt;br /&gt;
#moodle/legacy:editingteacher&lt;br /&gt;
#moodle/legacy:coursecreator&lt;br /&gt;
#moodle/legacy:admin&lt;br /&gt;
#moodle/site:doanything - special capability, meant for admins, if is set, overrides all other capability settings&lt;br /&gt;
#moodle/site:config - applicable in admin/index.php and config.php (might break down later) : 1)admin/config.php 2)admin/configure.php 3)blocks/admin/block_admin.php load_content_for_site()&lt;br /&gt;
#moodle/site:manageblocks - adding/removing/editing blocks (site, course contexts only for now) : 1)_add_edit_controls moodleblock.class.php &lt;br /&gt;
#moodle/site:backup - can create a course backup : 1)course/category.php 2)block_admin.php&lt;br /&gt;
#moodle/site:restore - can restore into this context : 1)course/category.php 2)block_admin.php&lt;br /&gt;
#moodle/site:import - can import other courses into this context : 1)block_admin.php&lt;br /&gt;
#moodle/site:accessallgroups - able to access all groups irrespective of what group the user is in&lt;br /&gt;
#moodle/site:accessdb - directly accessing db (phpmyadmin)&lt;br /&gt;
#moodle/site:viewfullnames - able to see fullnames of other users&lt;br /&gt;
#moodle/site:viewreports - able to view site/course reports&lt;br /&gt;
#moodle/blog:view - read blogs&lt;br /&gt;
#moodle/blog:create - write new blog posts&lt;br /&gt;
#moodle/blog:manageofficialtags - create/delete official blog tags that others can use&lt;br /&gt;
#moodle/blog:managepersonaltags - create/delete official blog tags that others can use&lt;br /&gt;
#moodle/blog:manageentries - edit/delete all blog entries&lt;br /&gt;
#moodle/course:create - create courses : 1)course/edit.php 2)course/category.php 3)course/index.php&lt;br /&gt;
#moodle/course:delete - create courses : 1)course/category.php&lt;br /&gt;
#moodle/course:update - update course settings&lt;br /&gt;
#moodle/course:view - can use this to find participants&lt;br /&gt;
#moodle/course:viewparticipants - allows a user to view participant list&lt;br /&gt;
#moodle/course:viewscales - view scales (i.e. in a help window?) : 1)course/scales.php&lt;br /&gt;
#moodle/course:manageactivities - adding/removing/editing activities and resources (don&#039;t think it makes any sense to split these)&lt;br /&gt;
#moodle/course:managescales - add, delete, edit scales, move scales up and down : 1)blocks/block_admin.php 2)course/scales.php&lt;br /&gt;
#moodle/course:managegroups - managing groups, add, edit, delete : 1)course/groups.php 2)course/group.php&lt;br /&gt;
#moodle/course:managefiles - manage course files and folders&lt;br /&gt;
#moodle/course:managequestions - manage course questions&lt;br /&gt;
#moodle/course:reset - able to reset the course&lt;br /&gt;
#moodle/course:visibility - hide/show courses : 1)course/category.php&lt;br /&gt;
#moodle/course:activityvisibility - hide/show activities within a course&lt;br /&gt;
#moodle/course:viewhiddenactivities - able to see activities that have been hidden&lt;br /&gt;
#moodle/category:create - create category : 1)course/index.php&lt;br /&gt;
#moodle/category:delete - delete category : 1)course/index.php&lt;br /&gt;
#moodle/category:update - update category settings : 1)course/category.php&lt;br /&gt;
#moodle/category:visibility - hide/show categories : 1)course/index.php&lt;br /&gt;
#moodle/user:create - create user : 1) user/edit.php&lt;br /&gt;
#moodle/user:delete - delete user : 1) admin/user.php&lt;br /&gt;
#moodle/user:update - update user settings : 1) user/edit.php&lt;br /&gt;
#moodle/user:viewdetails - view personally-identifying user details (e.g. name, photo). This ties in with the &amp;quot;visitor&amp;quot; scenario described below.&lt;br /&gt;
#moodle/calendar:manageownentries - create/edit/delete &lt;br /&gt;
#moodle/calendar:manageentries - create/edit/delete&lt;br /&gt;
#moodle/role:assign - assign roles to users&lt;br /&gt;
#moodle/role:override - can override role capabilities (depending on context)&lt;br /&gt;
#moodle/role:manage - create/edit/delete roles, set capability permissions for each role&lt;br /&gt;
#moodle/question:import - imports questions (course level?) - Yes, question permissions currently need to be course-level.--[[User:Tim Hunt|Tim Hunt]]&lt;br /&gt;
#moodle/question:export - exports questions (course level?)&lt;br /&gt;
#moodle/question:managecateory - add/delete/edit question categories (course level?)&lt;br /&gt;
#moodle/question:manage - add/edit/delete a question (course level)&lt;br /&gt;
&lt;br /&gt;
===User-level Capabilities===&lt;br /&gt;
# moodle/user:readuserposts -read individual user posts on profile page (parent?)&lt;br /&gt;
# moodle/user:readuserblogs -read individual user blogs on profile page (parent?)&lt;br /&gt;
# moodle/user:viewuseractivitiesreport-read individual activity report on profile page (parent?)&lt;br /&gt;
&lt;br /&gt;
===Module-level Capabilities===&lt;br /&gt;
The capabilities are cached into a database table when a module is installed or updated. Whenever the capability definitions are updated, the module version number should be bumped up so that the database table can be updated.&lt;br /&gt;
&lt;br /&gt;
The naming convention for capabilities that are specific to modules and blocks is &#039;mod/mod_name:capability&#039;.  The part before the colon is the full path to the module in the Moodle code.  The module capabilities are defined in mod/mod_name/db/access.php.&lt;br /&gt;
&lt;br /&gt;
#Assignment&lt;br /&gt;
##mod/assignment:view- reading the assignment description&lt;br /&gt;
##mod/assignment:submit - turn assignment in&lt;br /&gt;
##mod/assignment:grade - grading, viewing of list of submitted assignments&lt;br /&gt;
#Chat&lt;br /&gt;
##mod/chat:chat - allows a user to participate in this chat&lt;br /&gt;
##mod/chat:readlog - allows a user to read past chat session logs&lt;br /&gt;
##mod/chat:deletelog - allows a user to delete past chat logs&lt;br /&gt;
#Choice&lt;br /&gt;
##mod/choice:choose - make a choice&lt;br /&gt;
##mod/choice:readresponses - read all responses&lt;br /&gt;
##mod/choice:deleteresponses - deletes all responses&lt;br /&gt;
##mod/choice:downloadresponses - download responses&lt;br /&gt;
#Database&lt;br /&gt;
##mod/data:readentry - reads other people&#039;s entry&lt;br /&gt;
##mod/data:writeentry - add / edit and delete (own) entries&lt;br /&gt;
##mod/data:managetemplates - add, delete, edit fields and templates&lt;br /&gt;
##mod/data:manageentries - edit/delete all entries&lt;br /&gt;
##mod/data:comment - comment&lt;br /&gt;
##mod/data:managecomments - edit/delete all comments&lt;br /&gt;
##mod/data:rate - rate an entry&lt;br /&gt;
##mod/data:approve - approves an entry&lt;br /&gt;
##mod/data:uploadentries - batch upload of entries&lt;br /&gt;
#Exercise&lt;br /&gt;
##mod/exercise:assess&lt;br /&gt;
#Forum&lt;br /&gt;
##mod/forum:viewforum&lt;br /&gt;
##mod/forum:viewdiscussion&lt;br /&gt;
##mod/forum:viewdiscussionsfromallgroups&lt;br /&gt;
##mod/forum:viewhiddentimedposts&lt;br /&gt;
##mod/forum:startdiscussion&lt;br /&gt;
##mod/forum:replypost&lt;br /&gt;
##mod/forum:viewrating&lt;br /&gt;
##mod/forum:viewanyrating&lt;br /&gt;
##mod/forum:rate&lt;br /&gt;
##mod/forum:createattachment&lt;br /&gt;
##mod/forum:deleteownpost&lt;br /&gt;
##mod/forum:deleteanypost&lt;br /&gt;
##mod/forum:splitdiscussions&lt;br /&gt;
##mod/forum:movediscussions&lt;br /&gt;
##mod/forum:editanypost&lt;br /&gt;
##mod/forum:viewqandawithoutposting&lt;br /&gt;
##mod/forum:viewsubscribers&lt;br /&gt;
##mod/forum:managesubscriptions&lt;br /&gt;
##mod/forum:throttlingapplies&lt;br /&gt;
#Glossary&lt;br /&gt;
##mod/glossary:view - read entries&lt;br /&gt;
##mod/glossary:write - add entries&lt;br /&gt;
##mod/glossary:manageentries - add, edit, delete entries&lt;br /&gt;
##mod/glossary:managecategories - create, delete, edit categories&lt;br /&gt;
##mod/glossary:comment - comment on an entry&lt;br /&gt;
##mod/glossary:managecomments - edit, delete comments&lt;br /&gt;
##mod/glossary:import - import glossaries&lt;br /&gt;
##mod/glossary:export - export glossaries&lt;br /&gt;
##mod/glossary:approve - approve glossaries&lt;br /&gt;
##mod/glossary:rate - rates glossary&lt;br /&gt;
##mod/glossary:viewrating - view ratings&lt;br /&gt;
#Hotpot&lt;br /&gt;
##mod/hotpot:attempt - attempt a hotpot&lt;br /&gt;
##mod/hotpot:viewreport - review and view reports&lt;br /&gt;
##mod/hotpot:grade - (grade? and) regrade&lt;br /&gt;
##mod/hotpot:deleteattempt - deletes attempts&lt;br /&gt;
#Label&lt;br /&gt;
##none&lt;br /&gt;
#Lams&lt;br /&gt;
##TBD&lt;br /&gt;
#Lesson&lt;br /&gt;
##TBD&lt;br /&gt;
#Quiz&lt;br /&gt;
##mod/quiz:grade - comment, override grade, manual grade&lt;br /&gt;
##mod/quiz:preview - previews the quiz&lt;br /&gt;
##mod/quiz:viewreports - view quiz result reports&lt;br /&gt;
##mod/quiz:manage - add/delete/move (up or down) questions for a quiz&lt;br /&gt;
##mod/quiz:attempt - attempt the quiz--[[User:Tim Hunt|Tim Hunt]]&lt;br /&gt;
#Resource&lt;br /&gt;
##mod/resource:view&lt;br /&gt;
#Scorm&lt;br /&gt;
##mod/scorm:view&lt;br /&gt;
##mod/scorm:viewgrades&lt;br /&gt;
#Survey&lt;br /&gt;
##mod/survey:download - downloads survery result&lt;br /&gt;
##mod/survey:participate - participate/ do survey&lt;br /&gt;
##mod/survey:readresponses - read all user&#039;s responese&lt;br /&gt;
#Wiki&lt;br /&gt;
##Waiting on new wiki&lt;br /&gt;
#Workshop&lt;br /&gt;
##Waiting on new Workshop&lt;br /&gt;
&lt;br /&gt;
===Enrolment-level Capabilities===&lt;br /&gt;
&lt;br /&gt;
The naming convention for capabilities that are specific to enrolment is &#039;enrol/enrol_name:capability&#039;. The enrolment capabilities are defined in enrol/enrol_name/db/access.php.&lt;br /&gt;
&lt;br /&gt;
#Authorize.net Payment Gateway &lt;br /&gt;
##enrol/authorize:managepayments - manage user payments, capture, void, refund, delete etc.&lt;br /&gt;
&lt;br /&gt;
Will it be possible to enroll people into different roles in a course as part of the enrollment process itself? I mean could you have an option to self-enroll (either involving payment or not) into multiple roles? In fact, will there be any possibility of a student self-selecting a role for themselves, but no one else but themselves?--[[User:N Hansen|N Hansen]] 02:00, 14 August 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Blocks===&lt;br /&gt;
#activity_modules&lt;br /&gt;
##None&lt;br /&gt;
#admin&lt;br /&gt;
#admin_2&lt;br /&gt;
#admin_bookmarks&lt;br /&gt;
#blog_menu&lt;br /&gt;
#blog_tags&lt;br /&gt;
#calendar_month&lt;br /&gt;
#calendar_upcoming&lt;br /&gt;
#course_list&lt;br /&gt;
#course_summary&lt;br /&gt;
#glossary_random&lt;br /&gt;
#html&lt;br /&gt;
#loancalc&lt;br /&gt;
#login&lt;br /&gt;
#messages&lt;br /&gt;
#news_items&lt;br /&gt;
#online_users&lt;br /&gt;
#participants&lt;br /&gt;
#quiz_results&lt;br /&gt;
#recent_activity&lt;br /&gt;
#rss_client&lt;br /&gt;
#search&lt;br /&gt;
#search_forums&lt;br /&gt;
#section_links&lt;br /&gt;
#site_main_menu&lt;br /&gt;
#social_activities&lt;br /&gt;
&lt;br /&gt;
===Questions===&lt;br /&gt;
I am adding question categories here because they seem to have been forgotten in the whole scheme of things since having been removed from the quiz module itself. I&#039;ve made a suggestion on how these could be handled in [http://www.moodle.org/bugs/bug.php?op=show&amp;amp;bugid=6118&amp;amp;pos= bug 6118].&lt;br /&gt;
&lt;br /&gt;
See [http://moodle.org/mod/forum/discuss.php?d=51143 this forum thread] for a discussion about the current problems wth publishing question categories.[[User:Tim Hunt|Tim Hunt]] 18:50, 8 August 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
==Programming Interface==&lt;br /&gt;
&lt;br /&gt;
Although the Roles system may look complicated at first glance, implementing it in Moodle code is fairly simple.&lt;br /&gt;
&lt;br /&gt;
* You need to define each capability once, so that Moodle can upgrade existing roles to take advantage of it.  You do this in an access.php inside the db folder of any module (eg see mod/forum/db/access.php).  The array contains entries like this (note the descriptions for the legacy roles which provides forward compatibility):&lt;br /&gt;
    &#039;mod/forum:viewforum&#039; =&amp;gt; array(&lt;br /&gt;
        &#039;captype&#039; =&amp;gt; &#039;read&#039;,&lt;br /&gt;
        &#039;contextlevel&#039; =&amp;gt; CONTEXT_MODULE,&lt;br /&gt;
        &#039;legacy&#039; =&amp;gt; array(&lt;br /&gt;
            &#039;guest&#039; =&amp;gt; CAP_PREVENT,&lt;br /&gt;
            &#039;student&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;teacher&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;editingteacher&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;coursecreator&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;admin&#039; =&amp;gt; CAP_ALLOW&lt;br /&gt;
        )&lt;br /&gt;
    ),&lt;br /&gt;
* To load/change these capabilities you need to bump the module version.   There&#039;s no need to provide changes or differences as Moodle will scan the whole array and sort it out.&lt;br /&gt;
* On each page you need to find the context the user is working in, using the get_context_instance() function.  For example, in the forum module:&lt;br /&gt;
&lt;br /&gt;
  $context = get_context_instance(CONTEXT_MODULE, $cm-&amp;gt;id);&lt;br /&gt;
* Then, whenever you want to check that the current user has rights to do something, call has_capability() like this:&lt;br /&gt;
    if (!has_capability(&#039;mod/forum:viewforum&#039;, $context)) {&lt;br /&gt;
        print_error(&#039;nopermissiontoviewforum&#039;);&lt;br /&gt;
    }&lt;br /&gt;
* If you just want to assert a capability and then finish with an error message if it&#039;s not met (as we did above), then a shorter way it to use require_capability() like this:&lt;br /&gt;
&lt;br /&gt;
    require_capability(&#039;mod/forum:viewforum&#039;, $context);&lt;br /&gt;
&lt;br /&gt;
* Note that there are extra parameters you can specify to get a custom error message, otherwise users get an automated &amp;quot;No permissions&amp;quot; message that lists the permission they were missing.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
As a result of the new Roles System, all calls to isadmin(), iscoursecreator, isteacheredit(), isteacher(), isstudent(), and isguest() will have to be replaced with calls to has_capability() or require_capability().   However, these functions will be retained for some backward compatibility with old code, using the legacy capabilities to try and work out what to do.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Problem areas we are working on ==&lt;br /&gt;
&lt;br /&gt;
===Student view===&lt;br /&gt;
===Teacher forum===&lt;br /&gt;
===Enrolment plugins===&lt;br /&gt;
&lt;br /&gt;
==Scenario brainstorming==&lt;br /&gt;
&lt;br /&gt;
This section is for brainstorming some example roles that we would like to support.  Note some of these *may* not be possible in 1.7.&lt;br /&gt;
&lt;br /&gt;
===Student===&lt;br /&gt;
Has this one been missed?&lt;br /&gt;
&lt;br /&gt;
===Site Designers===&lt;br /&gt;
Is there a role for people involved in how the site looks but not full administrators? Thinking here of online control of themes rather than FTP theme uploading. But in either case they caneditlogos, caneditcss, candeditlevelatwhichthemeapplies.&lt;br /&gt;
&lt;br /&gt;
===Educational Authority Adviser===&lt;br /&gt;
Someone who would want to browse the site and may be asked to comment or contribute to particular discussions or developments in school. Access for this role would be controlled by the school in the case of school level moodles but may be different if there were to be a Local Authority wide Moodle.&lt;br /&gt;
&lt;br /&gt;
===Educational Inspector===&lt;br /&gt;
Someone who will visit the site to verify the school&#039;s self review that comments on home school relationships, extending the classroom etc. They may want to see summaries of usage and reports from surveys garnering parent and pupil views.&lt;br /&gt;
&lt;br /&gt;
===Second Marker / Moderator===&lt;br /&gt;
A teacher within ths site that has access to assignments and quizzes from another teacher&#039;s course for second marking purposes. This may need additional functionality adding to the assignment module so that two sets of grades/feedback can be given to one set of assignments.&lt;br /&gt;
&lt;br /&gt;
===Peer observer of teaching===&lt;br /&gt;
Many institutions encourage peer observation of teaching, to encourage reflection on practice. In online environments this will be similar to moderation or inspection. The peer observer would need to be able to experience the course &amp;quot;as a student&amp;quot;, but also to be able to view summaries of usage, transcripts of interactions (forums/surveys/polls etc), grades assigned (e.g. in assignments).&lt;br /&gt;
&lt;br /&gt;
===External Examiner===&lt;br /&gt;
Has all the rights of inpectors, but would also need to be able to review assignments and feedback, view forums, glossaries etc. However, would not want to post, feedback onto the site at all.&lt;br /&gt;
&lt;br /&gt;
===Parent===&lt;br /&gt;
A parent will have one or more children in one or more institutions which could be using one or more moodle instances or a mixture of Learning Platforms. A parent&#039;s role will vary depending on the age of their children and whether they are contributing as a parent or a school supporter.&lt;br /&gt;
&lt;br /&gt;
In Early Years (EY=3+4 yr olds) and Key Stage 1 (KS1=5+6 yr olds) they may play/learn on an activity or write for the child. Parents often interpret homework tasks and read to their children perhaps filling in a joint reading diary. In Key Stage 2 (KS2=7-11 yr olds) parents would be more monitoring but may join in as well.&lt;br /&gt;
&lt;br /&gt;
In Key stages 3 (KS3=12-14 yr olds) and 4 (KS4=15+16 yr olds) this changes to more of a monitoring/awareness role where a parent would expect to have a summary report of attendance, attainment and general achievement on a weekly/monthly/termly or annual basis. Parents will often be asked to sign and write back comments about this review report.&lt;br /&gt;
&lt;br /&gt;
In all Key Stages there is a great need for parents to receive communication from the school which they can confirm they have received by signing a form. In some cases this may also involve making choices from a list. It may also involve payment for a trip or disco being returned so there could be the possibility of electronic payments. Also in all Key Satges there may be a home-school agreement which may be signed up to. Could this form part of a site policy system that incorporates a tickable list of activities the parent agrees to the child using (blogs/wikis/forums etc.)?&lt;br /&gt;
&lt;br /&gt;
Parent&#039;s evenings often involve complex booking systems that attempt to get parent&#039;s and teachers together. Easy for EY/KS1/KS2 very difficult for KS3/KS4. Wow would this help if it was built into the Learning Platform.&lt;br /&gt;
&lt;br /&gt;
In some cases there needs to be confidential communication between the parent and the teacher without the child being party to this. It may involve teaching and learning but could also involve a behaviour or medical issue. Often this may be done via a sealed letter or face to face. &lt;br /&gt;
&lt;br /&gt;
The latest incarnation of OfSTED with the Self Review Framework (SEF) there is a greater emphasis on schools gathering parent voice via surveys and discussion. There is a clear match here with parents have access to parental votes, questionnaires and discussions and for schools to be able to publish news, results and reports back to parents.&lt;br /&gt;
&lt;br /&gt;
In the UK the LP framework and agenda as being pushed by the DfES via Becta emphasises that within the mandatory groups and roles functionality the parent role is likely to be required to meet the LP Framework procurement standard.&lt;br /&gt;
&lt;br /&gt;
Again in the UK, parents have their own independent right of access to a child&#039;s educational records. Obviously, children&#039;s records must not be made available to other parties, including the parents of other children in the same class. Thus it would be necessary to associate parent accounts with their own child&#039;s accounts in such a way that they could, if so desired, have read access to their child&#039;s grades, answers and contributions, but generally not those of other children - this may be problematic in the case of wiki activities or forum posts.&lt;br /&gt;
&lt;br /&gt;
There is some concern that children&#039;s forum contributions etc may be constrained if their parents are able to read all that they write; this may be particularly problematic in areas such as Personal, Social and Health Education (PSHE), where some schools may choose to use obfuscated usernames.&lt;br /&gt;
&lt;br /&gt;
===Manager===&lt;br /&gt;
&#039;&#039;Please add text here...&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Weekly Seminar Leader===&lt;br /&gt;
&#039;&#039;In a university seminar, typically 8-15 students in their 3rd/4th year, each student is responsible for leading one topic in a study series.  I ask each student to research 5-10 resources, then give a powerpoint presentation to the other students.  This is followed by an in-class discussion and then online homework.  The homework involves some fun quiz questions and then some reflective journal questions.  I ask each seminar leader to prepare the quiz questions and journal questions as well as their presentation.  To do that, I would like to assign activity-making/authoring roles to the student--either for a short period, or for duration of the whole course.  Thus &amp;quot;Allow Quiz Authoring Role&amp;quot; or &amp;quot;Allow Assignment Authoring Role&amp;quot; at the course level or, if possible, even the Topic level (in a topic or week format course) would be important.&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Mentor/Mentee===&lt;br /&gt;
&#039;&#039;Please add text here...&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Community-Designed Rating Criteria===&lt;br /&gt;
&#039;&#039;The gradebook tends to be the domain of the teacher.  What if community/peer ratings/marks could also be entered there? What if peer assessment criteria could be designed by the students, not just the teacher?&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Visitor===&lt;br /&gt;
&lt;br /&gt;
This would be a role whereby one could allow a visitor to visit one&#039;s classroom. This might be a colleague interested in seeing your course, or a journalist who might be writing an article about one&#039;s site. They should not be able to see the names of any students anywhere (eg recent activity, forum posts) for privacy reasons. They should be able to try out things like quizzes, and lessons but no grades would be recorded (like in teacher preview mode). They would not be able to participate in choices and forums but could view them. It would be read only in a way like former-student role below but without access to a particular student&#039;s records that former student role would grant.&lt;br /&gt;
&lt;br /&gt;
===Guest Speaker===&lt;br /&gt;
&lt;br /&gt;
This role would be similar to the Visitor role above, but would allow seeing student names, and also allow both reading and posting to a specific forum or forums. We often have &amp;quot;guest speakers&amp;quot; who read and respond to student forum posts. Right now we have to add them as students, which isn&#039;t ideal.&lt;br /&gt;
&lt;br /&gt;
===Former Student===&lt;br /&gt;
This role would be of particular use for courses with rolling enrollments. This role would be one where a student had completed all of the requirements of a course (ie assignments, quizzes etc.) but wished to have continued access to the course material for review or consultation. The key factor is that one would give access to the completed student to the notes he read, his work and the teacher&#039;s comments on it, but he would not be allowed to do anything that would take up the teacher&#039;s time. In other words, a sort-of read-only access to the course. How forums, which might contain pertinent information and would continue to grow, would be handled is a question. Perhaps the student would be shown only what was in the forums at the time he completed the course. He would not be allowed to see any new posts or add any himself. Same thing for database and glossary entries. In other words, a snapshot of the course at the time his regular enrollment ended. He shouldn&#039;t be able to see the names or profiles of any newly enrolled students for privacy reasons-hence the restrictions on forum access. One issue that would have to be dealt with would be changes to existing modules-such as resources. Does the student get access to the module as it was or as it is? We have no versioning of resources in Moodle so this would be a problem. What about a teacher changing a quiz question so that the answer is different? What would a former student see?&lt;br /&gt;
&lt;br /&gt;
===Alumnus=== An ALUMNUS should be able to search for all other ALUMNI of the school, interact with them and be enrolled in a seperate course - which is like a META course with all the content of his learning and interaction - as well as capabilities to be a part of this ALUMNI only course.  All the teachers of courses during school years should automatically be a part of the ALUMNI course .. which means when an ALUMNUS is enrolled in a course, the original teachers of all his courses get enrolled ?  --[[User:Anil Sharma|Anil Sharma]] 20:54, 15 July 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Librarian===&lt;br /&gt;
&lt;br /&gt;
Reference Librarians have an active role in most of the courses taught at Earlham College (with Bibliographic Instruction). The Librarian role within Moodle could encompass default read access to all courses (unless prohibited by course teacher) and read access to all components of the course unless access is barred (again by teacher). The Librarians would also perhaps have a block called perhaps Reference Services or Reference Desk with write access where they could deposit resources. Also this block might have a chat applet whereby enrolled students could chat to the Reference Librarian on duty about their bibliographic research needs.&lt;br /&gt;
&lt;br /&gt;
In schools there is often a book review system. This may be covered by the lending system database but may not in which case a librarian may neeed to have a course area they can create a database template to handle the reviews in which case they may have a normal teacher style role? Off topic but course an integration with common schools database systems would be great.&lt;br /&gt;
&lt;br /&gt;
===Teacher===&lt;br /&gt;
&lt;br /&gt;
Teachers should have read access to other Teacher&#039;s courses unless explictly prohibited. They should be able to set parts of their own course to be totally private (perhaps even to admin?). Just as each activity can currently be set to have group access, each activity could have a permissions field. Teachers could set default permissions for all activities on their course (eg they might disallow Librarian access for example) and then change the access permission for an individual activity. &lt;br /&gt;
&lt;br /&gt;
I think that what is needed is a simple heirarchy of permissions and levels of granularity.&lt;br /&gt;
&lt;br /&gt;
I would take issue with &amp;quot;teachers should have read access to other teacher&#039;s courses unless explicitly prohibited.&amp;quot; This is a violation of the students&#039; privacy as how they perform and what they do in one class isn&#039;t the business of another teacher. Moreover, in the real world a teacher wouldn&#039;t suddenly go sit in on a colleague&#039;s class without asking permission first. I would not have appreciated such an invasion of privacy as either a teacher or a student. It could be an option, but shouldn&#039;t be default.--[[User:N Hansen|N Hansen]] 19:54, 12 June 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Community Education Tutors/Trainers===&lt;br /&gt;
Teachers may be community adult education trainers making use of a school moodle so must only have access to their courses unless given access elsewhere. They would not necessarily get the default teacher privileges.&lt;br /&gt;
&lt;br /&gt;
===Secretary/Student Worker===&lt;br /&gt;
&lt;br /&gt;
We often have faculty who want their departmental secretary or student worker to scan and upload files and perhaps create resources. Currently they have to be given teacher access to the course. This is dangerous from a FERPA standpoint since they could easily get access to grades.&lt;br /&gt;
&lt;br /&gt;
===Teaching Assistant===&lt;br /&gt;
&lt;br /&gt;
Our Faculty frequently have undergraduate students acting as Teaching Assistants. These students need to be able to add resources, create assignments, and possibly grade assignments. However, due to FERPA they cannot have access to other students&#039; overall grade information. I think the requirements here are slightly different than those of Secretary/Student Worker&lt;br /&gt;
&lt;br /&gt;
===Student - FERPA rights===&lt;br /&gt;
&lt;br /&gt;
A student that has asserted their FERPA rights to non-disclosure.  Typically includes not publishing their name&lt;br /&gt;
in any public place.  Could include this student only being seen with an &amp;quot;alias&amp;quot; within course spaces.  Is this an attribute rather&lt;br /&gt;
than a role?&lt;br /&gt;
&lt;br /&gt;
===Help Desk===&lt;br /&gt;
&lt;br /&gt;
Help desk agents that have read access for the purposes of trouble shooting.  Some care in placing this role within a hierarchy&lt;br /&gt;
of inheritance is needed, full access will be problematic with FERPA.&lt;br /&gt;
&lt;br /&gt;
===Admin - Catgory based===&lt;br /&gt;
&lt;br /&gt;
Basically a person in between full Admin and Creator that has the permissions of an Admin but only with respect to courses and students. Currently a Creator has permissions site-wide which does not always meet the requirements of a given organisation (e.g. Department A may not be happy that a person from Department B can create/modify courses within Department A&#039;s area). The ability to designate a Creator within a specific category would allow areas to be set up for a faculty/department/organisation and allow the Admin for that area to create/delete courses, upload users, add site-wide entries to the calendar etc.&lt;br /&gt;
&lt;br /&gt;
===PROCESS ROLES===&lt;br /&gt;
&lt;br /&gt;
organising the learning process for a group you wish to have the choice to place students in differnt roles: examples of this are:&lt;br /&gt;
&amp;lt;li&amp;gt;1. Give a student the role of forum-moderator with edit and chunk-rights&lt;br /&gt;
&amp;lt;li&amp;gt;2. Give students different roles &amp;amp; rights in a Webquest design (and change these roles next week&lt;br /&gt;
&amp;lt;li&amp;gt;3. Give students different resources, depending of their roles in a rolegame/simulation&lt;br /&gt;
&amp;lt;li&amp;gt;4. Give a student the rights to create the section content of next week (and only that week..)&lt;br /&gt;
&amp;lt;li&amp;gt;5. ..&lt;br /&gt;
&lt;br /&gt;
==See also==&lt;br /&gt;
&lt;br /&gt;
*Using Moodle [http://moodle.org/mod/forum/discuss.php?d=38788 Roles and Permissions architecture] forum discussion&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[Category:Future]]&lt;br /&gt;
[[Category:Roles]]&lt;br /&gt;
&lt;br /&gt;
[[ru:Роли]]&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Roles&amp;diff=3078</id>
		<title>Roles</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Roles&amp;diff=3078"/>
		<updated>2006-08-30T06:43:47Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* Module-level Capabilities */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&#039;&#039;&#039;Roles and permissions&#039;&#039;&#039; will be in Moodle 1.7 and are available in the developer version of Moodle.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Definitions==&lt;br /&gt;
&lt;br /&gt;
A role is an identifier of the user&#039;s status in some context, for example, teacher, student and forum moderator are examples of roles.&lt;br /&gt;
&lt;br /&gt;
A capability is a description of some particular Moodle feature. Capabilities are associated with roles. For example, &#039;&#039;mod/forum:replypost&#039;&#039; is a capability.&lt;br /&gt;
&lt;br /&gt;
A permission is some value that is assigned for a capability for a particular role.  For example, allow or prevent.&lt;br /&gt;
&lt;br /&gt;
A context is a &amp;quot;space&amp;quot; in the Moodle, such as courses, activity modules, blocks etc.&lt;br /&gt;
&lt;br /&gt;
==The existing system==&lt;br /&gt;
&lt;br /&gt;
Currently in Moodle, we have a fixed set of roles i.e. primary admin, admins, course creators, editing teachers, non-editing teachers, students, and guests. For each role, the capability or actions that they can performed are fixed. For example, the role student allows the user to submit an assignment, but doesn&#039;t allow the user to browse/edit other users&#039; work. By using this setup we limit ourselves to a rather rigid set of capabilities for each role. If we want, say a particular student or group to be able to mark assignments in a particular course, we can&#039;t do that without giving these users teacher privileges.&lt;br /&gt;
&lt;br /&gt;
==The new roles and capability system==&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{{Moodle 1.7}}The new system will allow authorized users to define an arbitrary number of roles (eg a teacher) &lt;br /&gt;
&lt;br /&gt;
A role consists of a list of permissions for different possible actions within Moodle (eg delete discussions, add activities etc)&lt;br /&gt;
&lt;br /&gt;
Roles can be applied to users in a context (eg assign Fred as a teacher in a particular course)&lt;br /&gt;
&lt;br /&gt;
Here are the possible contexts, listed from the most general to the most specific. &lt;br /&gt;
&lt;br /&gt;
#CONTEXT_SYSTEM&lt;br /&gt;
#CONTEXT_PERSONAL&lt;br /&gt;
#CONTEXT_USERID&lt;br /&gt;
#CONTEXT_COURSECAT&lt;br /&gt;
#CONTEXT_COURSE&lt;br /&gt;
#CONTEXT_GROUP&lt;br /&gt;
#CONTEXT_MODULE&lt;br /&gt;
#CONTEXT_BLOCK&lt;br /&gt;
&lt;br /&gt;
An authorized user will be able to assign an arbitrary number of roles to each user in any context.&lt;br /&gt;
&lt;br /&gt;
Capabilities can have the following permissions:&lt;br /&gt;
&lt;br /&gt;
#CAP_INHERIT&lt;br /&gt;
#CAP_ALLOW&lt;br /&gt;
#CAP_PREVENT&lt;br /&gt;
#CAP_PROHIBIT&lt;br /&gt;
&lt;br /&gt;
If no permission is defined, then the capability permission is inherited from a context that is more general than the current context. If we define different permission values for the same capability in different contexts, we say that we are overriding the capability in the more specific context.&lt;br /&gt;
&lt;br /&gt;
Since the capabilities in each role could be different, there could be conflict in capabilities. This is resolved by enforcing the rule that the capability defined for a more specific context will win, unless a prohibit is encountered in a less specific context.&lt;br /&gt;
&lt;br /&gt;
For example, Mark has a student role at course level, which allows him to write into a wiki. But Mark also got assigned a Visitor role at a module context level (for a particular wiki) which prevents him from writing to the wiki (read only). Therefore, for this particular wiki, Mark will not be able to write to the wiki since the more specific context wins.&lt;br /&gt;
&lt;br /&gt;
If we set a prohibit on a capability, it means that the capability cannot be overridden and will always have a permission of prevent (deny). Prohibit always wins. For example, Jeff has a naughty student role that prohibits him from postings in any forums (for the whole site), but he&#039;s also assigned a facilitator role in &amp;quot;Science forum&amp;quot; in the course Science and Math 101. Since prohibit always wins, Jeff is unable to post in &amp;quot;Science forum&amp;quot;.&lt;br /&gt;
&lt;br /&gt;
Allow and prevent will cancel each other out if set for the same capability at the same context level. If this happens, we refer to the previous context level to determine the permission for the capability.&lt;br /&gt;
&lt;br /&gt;
This may sound more complex than it really is in practice.  The upshot is that the system can be flexible enough to allow any combination of permissions.&lt;br /&gt;
&lt;br /&gt;
==Upgrading from 1.6==&lt;br /&gt;
&lt;br /&gt;
A smooth upgrade will be provided with 1.7. The existing roles (admin, teacher, student, etc), and the existing capabilities will be automatically retained.  This is done by creating default roles at site/course levels, and assigning the current users to these roles accordingly. The default roles will have default capabilities associated with them, mirroring what we have  in 1.6.   With no modifications, Moodle will operate exactly the same before and after the upgrade.&lt;br /&gt;
&lt;br /&gt;
===Teachers===&lt;br /&gt;
&lt;br /&gt;
Users who were teachers will be assigned the default legacy teacher role (or non-editing teacher role) in all courses they were teacher.&lt;br /&gt;
&lt;br /&gt;
===Students===&lt;br /&gt;
&lt;br /&gt;
Users who were students will be assigned the default student role in all courses they were student.&lt;br /&gt;
&lt;br /&gt;
===Guests===&lt;br /&gt;
&lt;br /&gt;
There will still be a single guest user with no default role at site level.   For each course that allows guest access, the guest role will be assigned to the guest user for that course context.   The guest control for the course will be modified from three to two options (guests always need to enter enrolment key - on/off).  This setting is checked as now to force guests to enter key.&lt;br /&gt;
&lt;br /&gt;
==Capabilities==&lt;br /&gt;
&lt;br /&gt;
This will be a comprehensive list of capabilities (it&#039;s not complete yet). It is important that capability names are unique.&lt;br /&gt;
&lt;br /&gt;
===Core-level Capabilities===&lt;br /&gt;
&lt;br /&gt;
Moodle core capability names start with &#039;moodle/&#039;.  The next word indicates what type of core capability it is, and the last word is the actual capability itself.  The capabilities for the Moodle core are defined in lib/db/access.php&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
#moodle/legacy:guest - legacy capabilities are used to transition existing users to the new roles system during the upgrade to Moodle 1.7&lt;br /&gt;
#moodle/legacy:student&lt;br /&gt;
#moodle/legacy:teacher&lt;br /&gt;
#moodle/legacy:editingteacher&lt;br /&gt;
#moodle/legacy:coursecreator&lt;br /&gt;
#moodle/legacy:admin&lt;br /&gt;
#moodle/site:doanything - special capability, meant for admins, if is set, overrides all other capability settings&lt;br /&gt;
#moodle/site:config - applicable in admin/index.php and config.php (might break down later) : 1)admin/config.php 2)admin/configure.php 3)blocks/admin/block_admin.php load_content_for_site()&lt;br /&gt;
#moodle/site:manageblocks - adding/removing/editing blocks (site, course contexts only for now) : 1)_add_edit_controls moodleblock.class.php &lt;br /&gt;
#moodle/site:backup - can create a course backup : 1)course/category.php 2)block_admin.php&lt;br /&gt;
#moodle/site:restore - can restore into this context : 1)course/category.php 2)block_admin.php&lt;br /&gt;
#moodle/site:import - can import other courses into this context : 1)block_admin.php&lt;br /&gt;
#moodle/site:accessallgroups - able to access all groups irrespective of what group the user is in&lt;br /&gt;
#moodle/site:accessdb - directly accessing db (phpmyadmin)&lt;br /&gt;
#moodle/site:viewfullnames - able to see fullnames of other users&lt;br /&gt;
#moodle/site:viewreports - able to view site/course reports&lt;br /&gt;
#moodle/blog:view - read blogs&lt;br /&gt;
#moodle/blog:create - write new blog posts&lt;br /&gt;
#moodle/blog:manageofficialtags - create/delete official blog tags that others can use&lt;br /&gt;
#moodle/blog:managepersonaltags - create/delete official blog tags that others can use&lt;br /&gt;
#moodle/blog:manageentries - edit/delete all blog entries&lt;br /&gt;
#moodle/course:create - create courses : 1)course/edit.php 2)course/category.php 3)course/index.php&lt;br /&gt;
#moodle/course:delete - create courses : 1)course/category.php&lt;br /&gt;
#moodle/course:update - update course settings&lt;br /&gt;
#moodle/course:view - can use this to find participants&lt;br /&gt;
#moodle/course:viewparticipants - allows a user to view participant list&lt;br /&gt;
#moodle/course:viewscales - view scales (i.e. in a help window?) : 1)course/scales.php&lt;br /&gt;
#moodle/course:manageactivities - adding/removing/editing activities and resources (don&#039;t think it makes any sense to split these)&lt;br /&gt;
#moodle/course:managescales - add, delete, edit scales, move scales up and down : 1)blocks/block_admin.php 2)course/scales.php&lt;br /&gt;
#moodle/course:managegroups - managing groups, add, edit, delete : 1)course/groups.php 2)course/group.php&lt;br /&gt;
#moodle/course:managefiles - manage course files and folders&lt;br /&gt;
#moodle/course:managequestions - manage course questions&lt;br /&gt;
#moodle/course:reset - able to reset the course&lt;br /&gt;
#moodle/course:visibility - hide/show courses : 1)course/category.php&lt;br /&gt;
#moodle/course:activityvisibility - hide/show activities within a course&lt;br /&gt;
#moodle/course:viewhiddenactivities - able to see activities that have been hidden&lt;br /&gt;
#moodle/category:create - create category : 1)course/index.php&lt;br /&gt;
#moodle/category:delete - delete category : 1)course/index.php&lt;br /&gt;
#moodle/category:update - update category settings : 1)course/category.php&lt;br /&gt;
#moodle/category:visibility - hide/show categories : 1)course/index.php&lt;br /&gt;
#moodle/user:create - create user : 1) user/edit.php&lt;br /&gt;
#moodle/user:delete - delete user : 1) admin/user.php&lt;br /&gt;
#moodle/user:update - update user settings : 1) user/edit.php&lt;br /&gt;
#moodle/user:viewdetails - view personally-identifying user details (e.g. name, photo). This ties in with the &amp;quot;visitor&amp;quot; scenario described below.&lt;br /&gt;
#moodle/calendar:manageownentries - create/edit/delete &lt;br /&gt;
#moodle/calendar:manageentries - create/edit/delete&lt;br /&gt;
#moodle/role:assign - assign roles to users&lt;br /&gt;
#moodle/role:override - can override role capabilities (depending on context)&lt;br /&gt;
#moodle/role:manage - create/edit/delete roles, set capability permissions for each role&lt;br /&gt;
#moodle/question:import - imports questions (course level?) - Yes, question permissions currently need to be course-level.--[[User:Tim Hunt|Tim Hunt]]&lt;br /&gt;
#moodle/question:export - exports questions (course level?)&lt;br /&gt;
#moodle/question:managecateory - add/delete/edit question categories (course level?)&lt;br /&gt;
#moodle/question:manage - add/edit/delete a question (course level)&lt;br /&gt;
&lt;br /&gt;
===User-level Capabilities===&lt;br /&gt;
# moodle/user:readuserposts -read individual user posts on profile page (parent?)&lt;br /&gt;
# moodle/user:readuserblogs -read individual user blogs on profile page (parent?)&lt;br /&gt;
# moodle/user:viewuseractivitiesreport-read individual activity report on profile page (parent?)&lt;br /&gt;
&lt;br /&gt;
===Module-level Capabilities===&lt;br /&gt;
The capabilities are cached into a database table when a module is installed or updated. Whenever the capability definitions are updated, the module version number should be bumped up so that the database table can be updated.&lt;br /&gt;
&lt;br /&gt;
The naming convention for capabilities that are specific to modules and blocks is &#039;mod/mod_name:capability&#039;.  The part before the colon is the full path to the module in the Moodle code.  The module capabilities are defined in mod/mod_name/db/access.php.&lt;br /&gt;
&lt;br /&gt;
#Assignment&lt;br /&gt;
##mod/assignment:view- reading the assignment description&lt;br /&gt;
##mod/assignment:submit - turn assignment in&lt;br /&gt;
##mod/assignment:grade - grading, viewing of list of submitted assignments&lt;br /&gt;
#Chat&lt;br /&gt;
##mod/chat:chat - allows a user to participate in this chat&lt;br /&gt;
##mod/chat:readlog - allows a user to read past chat session logs&lt;br /&gt;
##mod/chat:deletelog - allows a user to delete past chat logs&lt;br /&gt;
#Choice&lt;br /&gt;
##mod/choice:choose - make a choice&lt;br /&gt;
##mod/choice:readresponses - read all responses&lt;br /&gt;
##mod/choice:deleteresponses - deletes all responses&lt;br /&gt;
##mod/choice:downloadresponses - download responses&lt;br /&gt;
#Database&lt;br /&gt;
##mod/data:readentry - reads other people&#039;s entry&lt;br /&gt;
##mod/data:writeentry - add / edit and delete (own) entries&lt;br /&gt;
##mod/data:managetemplates - add, delete, edit fields and templates&lt;br /&gt;
##mod/data:manageentries - edit/delete all entries&lt;br /&gt;
##mod/data:comment - comment&lt;br /&gt;
##mod/data:managecomments - edit/delete all comments&lt;br /&gt;
##mod/data:rate - rate an entry&lt;br /&gt;
##mod/data:approve - approves an entry&lt;br /&gt;
##mod/data:uploadentries - batch upload of entries&lt;br /&gt;
#Exercise&lt;br /&gt;
##mod/exercise:assess&lt;br /&gt;
#Forum&lt;br /&gt;
##mod/forum:viewforum&lt;br /&gt;
##mod/forum:viewdiscussion&lt;br /&gt;
##mod/forum:viewdiscussionsfromallgroups&lt;br /&gt;
##mod/forum:viewhiddentimedposts&lt;br /&gt;
##mod/forum:startdiscussion&lt;br /&gt;
##mod/forum:replypost&lt;br /&gt;
##mod/forum:viewrating&lt;br /&gt;
##mod/forum:viewanyrating&lt;br /&gt;
##mod/forum:rate&lt;br /&gt;
##mod/forum:createattachment&lt;br /&gt;
##mod/forum:deleteownpost&lt;br /&gt;
##mod/forum:deleteanypost&lt;br /&gt;
##mod/forum:splitdiscussions&lt;br /&gt;
##mod/forum:movediscussions&lt;br /&gt;
##mod/forum:editanypost&lt;br /&gt;
##mod/forum:viewqandawithoutposting&lt;br /&gt;
##mod/forum:viewsubscribers&lt;br /&gt;
##mod/forum:managesubscriptions&lt;br /&gt;
##mod/forum:throttlingapplies&lt;br /&gt;
#Glossary&lt;br /&gt;
##mod/glossary:view - read entries&lt;br /&gt;
##mod/glossary:write - add entries&lt;br /&gt;
##mod/glossary:manageentries - add, edit, delete entries&lt;br /&gt;
##mod/glossary:managecategories - create, delete, edit categories&lt;br /&gt;
##mod/glossary:comment - comment on an entry&lt;br /&gt;
##mod/glossary:managecomments - edit, delete comments&lt;br /&gt;
##mod/glossary:import - import glossaries&lt;br /&gt;
##mod/glossary:export - export glossaries&lt;br /&gt;
##mod/glossary:approve - approve glossaries&lt;br /&gt;
##mod/glossary:rate - rates glossary&lt;br /&gt;
##mod/glossary:viewrating - view ratings&lt;br /&gt;
#Hotpot&lt;br /&gt;
##mod/hotpot:attempt - attempt a hotpot&lt;br /&gt;
##mod/hotpot:viewreport - review and view reports&lt;br /&gt;
##mod/hotpot:grade - (grade? and) regrade&lt;br /&gt;
#Label&lt;br /&gt;
##none&lt;br /&gt;
#Lams&lt;br /&gt;
##TBD&lt;br /&gt;
#Lesson&lt;br /&gt;
##TBD&lt;br /&gt;
#Quiz&lt;br /&gt;
##mod/quiz:grade - comment, override grade, manual grade&lt;br /&gt;
##mod/quiz:preview - previews the quiz&lt;br /&gt;
##mod/quiz:viewreports - view quiz result reports&lt;br /&gt;
##mod/quiz:manage - add/delete/move (up or down) questions for a quiz&lt;br /&gt;
##mod/quiz:attempt - attempt the quiz--[[User:Tim Hunt|Tim Hunt]]&lt;br /&gt;
#Resource&lt;br /&gt;
##mod/resource:view&lt;br /&gt;
#Scorm&lt;br /&gt;
##mod/scorm:view&lt;br /&gt;
##mod/scorm:viewgrades&lt;br /&gt;
#Survey&lt;br /&gt;
##mod/survey:download - downloads survery result&lt;br /&gt;
##mod/survey:participate - participate/ do survey&lt;br /&gt;
##mod/survey:readresponses - read all user&#039;s responese&lt;br /&gt;
#Wiki&lt;br /&gt;
##Waiting on new wiki&lt;br /&gt;
#Workshop&lt;br /&gt;
##Waiting on new Workshop&lt;br /&gt;
&lt;br /&gt;
===Enrolment-level Capabilities===&lt;br /&gt;
&lt;br /&gt;
The naming convention for capabilities that are specific to enrolment is &#039;enrol/enrol_name:capability&#039;. The enrolment capabilities are defined in enrol/enrol_name/db/access.php.&lt;br /&gt;
&lt;br /&gt;
#Authorize.net Payment Gateway &lt;br /&gt;
##enrol/authorize:managepayments - manage user payments, capture, void, refund, delete etc.&lt;br /&gt;
&lt;br /&gt;
Will it be possible to enroll people into different roles in a course as part of the enrollment process itself? I mean could you have an option to self-enroll (either involving payment or not) into multiple roles? In fact, will there be any possibility of a student self-selecting a role for themselves, but no one else but themselves?--[[User:N Hansen|N Hansen]] 02:00, 14 August 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Blocks===&lt;br /&gt;
#activity_modules&lt;br /&gt;
##None&lt;br /&gt;
#admin&lt;br /&gt;
#admin_2&lt;br /&gt;
#admin_bookmarks&lt;br /&gt;
#blog_menu&lt;br /&gt;
#blog_tags&lt;br /&gt;
#calendar_month&lt;br /&gt;
#calendar_upcoming&lt;br /&gt;
#course_list&lt;br /&gt;
#course_summary&lt;br /&gt;
#glossary_random&lt;br /&gt;
#html&lt;br /&gt;
#loancalc&lt;br /&gt;
#login&lt;br /&gt;
#messages&lt;br /&gt;
#news_items&lt;br /&gt;
#online_users&lt;br /&gt;
#participants&lt;br /&gt;
#quiz_results&lt;br /&gt;
#recent_activity&lt;br /&gt;
#rss_client&lt;br /&gt;
#search&lt;br /&gt;
#search_forums&lt;br /&gt;
#section_links&lt;br /&gt;
#site_main_menu&lt;br /&gt;
#social_activities&lt;br /&gt;
&lt;br /&gt;
===Questions===&lt;br /&gt;
I am adding question categories here because they seem to have been forgotten in the whole scheme of things since having been removed from the quiz module itself. I&#039;ve made a suggestion on how these could be handled in [http://www.moodle.org/bugs/bug.php?op=show&amp;amp;bugid=6118&amp;amp;pos= bug 6118].&lt;br /&gt;
&lt;br /&gt;
See [http://moodle.org/mod/forum/discuss.php?d=51143 this forum thread] for a discussion about the current problems wth publishing question categories.[[User:Tim Hunt|Tim Hunt]] 18:50, 8 August 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
==Programming Interface==&lt;br /&gt;
&lt;br /&gt;
Although the Roles system may look complicated at first glance, implementing it in Moodle code is fairly simple.&lt;br /&gt;
&lt;br /&gt;
* You need to define each capability once, so that Moodle can upgrade existing roles to take advantage of it.  You do this in an access.php inside the db folder of any module (eg see mod/forum/db/access.php).  The array contains entries like this (note the descriptions for the legacy roles which provides forward compatibility):&lt;br /&gt;
    &#039;mod/forum:viewforum&#039; =&amp;gt; array(&lt;br /&gt;
        &#039;captype&#039; =&amp;gt; &#039;read&#039;,&lt;br /&gt;
        &#039;contextlevel&#039; =&amp;gt; CONTEXT_MODULE,&lt;br /&gt;
        &#039;legacy&#039; =&amp;gt; array(&lt;br /&gt;
            &#039;guest&#039; =&amp;gt; CAP_PREVENT,&lt;br /&gt;
            &#039;student&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;teacher&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;editingteacher&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;coursecreator&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;admin&#039; =&amp;gt; CAP_ALLOW&lt;br /&gt;
        )&lt;br /&gt;
    ),&lt;br /&gt;
* To load/change these capabilities you need to bump the module version.   There&#039;s no need to provide changes or differences as Moodle will scan the whole array and sort it out.&lt;br /&gt;
* On each page you need to find the context the user is working in, using the get_context_instance() function.  For example, in the forum module:&lt;br /&gt;
&lt;br /&gt;
  $context = get_context_instance(CONTEXT_MODULE, $cm-&amp;gt;id);&lt;br /&gt;
* Then, whenever you want to check that the current user has rights to do something, call has_capability() like this:&lt;br /&gt;
    if (!has_capability(&#039;mod/forum:viewforum&#039;, $context)) {&lt;br /&gt;
        print_error(&#039;nopermissiontoviewforum&#039;);&lt;br /&gt;
    }&lt;br /&gt;
* If you just want to assert a capability and then finish with an error message if it&#039;s not met (as we did above), then a shorter way it to use require_capability() like this:&lt;br /&gt;
&lt;br /&gt;
    require_capability(&#039;mod/forum:viewforum&#039;, $context);&lt;br /&gt;
&lt;br /&gt;
* Note that there are extra parameters you can specify to get a custom error message, otherwise users get an automated &amp;quot;No permissions&amp;quot; message that lists the permission they were missing.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
As a result of the new Roles System, all calls to isadmin(), iscoursecreator, isteacheredit(), isteacher(), isstudent(), and isguest() will have to be replaced with calls to has_capability() or require_capability().   However, these functions will be retained for some backward compatibility with old code, using the legacy capabilities to try and work out what to do.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Problem areas we are working on ==&lt;br /&gt;
&lt;br /&gt;
===Student view===&lt;br /&gt;
===Teacher forum===&lt;br /&gt;
===Enrolment plugins===&lt;br /&gt;
&lt;br /&gt;
==Scenario brainstorming==&lt;br /&gt;
&lt;br /&gt;
This section is for brainstorming some example roles that we would like to support.  Note some of these *may* not be possible in 1.7.&lt;br /&gt;
&lt;br /&gt;
===Student===&lt;br /&gt;
Has this one been missed?&lt;br /&gt;
&lt;br /&gt;
===Site Designers===&lt;br /&gt;
Is there a role for people involved in how the site looks but not full administrators? Thinking here of online control of themes rather than FTP theme uploading. But in either case they caneditlogos, caneditcss, candeditlevelatwhichthemeapplies.&lt;br /&gt;
&lt;br /&gt;
===Educational Authority Adviser===&lt;br /&gt;
Someone who would want to browse the site and may be asked to comment or contribute to particular discussions or developments in school. Access for this role would be controlled by the school in the case of school level moodles but may be different if there were to be a Local Authority wide Moodle.&lt;br /&gt;
&lt;br /&gt;
===Educational Inspector===&lt;br /&gt;
Someone who will visit the site to verify the school&#039;s self review that comments on home school relationships, extending the classroom etc. They may want to see summaries of usage and reports from surveys garnering parent and pupil views.&lt;br /&gt;
&lt;br /&gt;
===Second Marker / Moderator===&lt;br /&gt;
A teacher within ths site that has access to assignments and quizzes from another teacher&#039;s course for second marking purposes. This may need additional functionality adding to the assignment module so that two sets of grades/feedback can be given to one set of assignments.&lt;br /&gt;
&lt;br /&gt;
===Peer observer of teaching===&lt;br /&gt;
Many institutions encourage peer observation of teaching, to encourage reflection on practice. In online environments this will be similar to moderation or inspection. The peer observer would need to be able to experience the course &amp;quot;as a student&amp;quot;, but also to be able to view summaries of usage, transcripts of interactions (forums/surveys/polls etc), grades assigned (e.g. in assignments).&lt;br /&gt;
&lt;br /&gt;
===External Examiner===&lt;br /&gt;
Has all the rights of inpectors, but would also need to be able to review assignments and feedback, view forums, glossaries etc. However, would not want to post, feedback onto the site at all.&lt;br /&gt;
&lt;br /&gt;
===Parent===&lt;br /&gt;
A parent will have one or more children in one or more institutions which could be using one or more moodle instances or a mixture of Learning Platforms. A parent&#039;s role will vary depending on the age of their children and whether they are contributing as a parent or a school supporter.&lt;br /&gt;
&lt;br /&gt;
In Early Years (EY=3+4 yr olds) and Key Stage 1 (KS1=5+6 yr olds) they may play/learn on an activity or write for the child. Parents often interpret homework tasks and read to their children perhaps filling in a joint reading diary. In Key Stage 2 (KS2=7-11 yr olds) parents would be more monitoring but may join in as well.&lt;br /&gt;
&lt;br /&gt;
In Key stages 3 (KS3=12-14 yr olds) and 4 (KS4=15+16 yr olds) this changes to more of a monitoring/awareness role where a parent would expect to have a summary report of attendance, attainment and general achievement on a weekly/monthly/termly or annual basis. Parents will often be asked to sign and write back comments about this review report.&lt;br /&gt;
&lt;br /&gt;
In all Key Stages there is a great need for parents to receive communication from the school which they can confirm they have received by signing a form. In some cases this may also involve making choices from a list. It may also involve payment for a trip or disco being returned so there could be the possibility of electronic payments. Also in all Key Satges there may be a home-school agreement which may be signed up to. Could this form part of a site policy system that incorporates a tickable list of activities the parent agrees to the child using (blogs/wikis/forums etc.)?&lt;br /&gt;
&lt;br /&gt;
Parent&#039;s evenings often involve complex booking systems that attempt to get parent&#039;s and teachers together. Easy for EY/KS1/KS2 very difficult for KS3/KS4. Wow would this help if it was built into the Learning Platform.&lt;br /&gt;
&lt;br /&gt;
In some cases there needs to be confidential communication between the parent and the teacher without the child being party to this. It may involve teaching and learning but could also involve a behaviour or medical issue. Often this may be done via a sealed letter or face to face. &lt;br /&gt;
&lt;br /&gt;
The latest incarnation of OfSTED with the Self Review Framework (SEF) there is a greater emphasis on schools gathering parent voice via surveys and discussion. There is a clear match here with parents have access to parental votes, questionnaires and discussions and for schools to be able to publish news, results and reports back to parents.&lt;br /&gt;
&lt;br /&gt;
In the UK the LP framework and agenda as being pushed by the DfES via Becta emphasises that within the mandatory groups and roles functionality the parent role is likely to be required to meet the LP Framework procurement standard.&lt;br /&gt;
&lt;br /&gt;
Again in the UK, parents have their own independent right of access to a child&#039;s educational records. Obviously, children&#039;s records must not be made available to other parties, including the parents of other children in the same class. Thus it would be necessary to associate parent accounts with their own child&#039;s accounts in such a way that they could, if so desired, have read access to their child&#039;s grades, answers and contributions, but generally not those of other children - this may be problematic in the case of wiki activities or forum posts.&lt;br /&gt;
&lt;br /&gt;
There is some concern that children&#039;s forum contributions etc may be constrained if their parents are able to read all that they write; this may be particularly problematic in areas such as Personal, Social and Health Education (PSHE), where some schools may choose to use obfuscated usernames.&lt;br /&gt;
&lt;br /&gt;
===Manager===&lt;br /&gt;
&#039;&#039;Please add text here...&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Weekly Seminar Leader===&lt;br /&gt;
&#039;&#039;In a university seminar, typically 8-15 students in their 3rd/4th year, each student is responsible for leading one topic in a study series.  I ask each student to research 5-10 resources, then give a powerpoint presentation to the other students.  This is followed by an in-class discussion and then online homework.  The homework involves some fun quiz questions and then some reflective journal questions.  I ask each seminar leader to prepare the quiz questions and journal questions as well as their presentation.  To do that, I would like to assign activity-making/authoring roles to the student--either for a short period, or for duration of the whole course.  Thus &amp;quot;Allow Quiz Authoring Role&amp;quot; or &amp;quot;Allow Assignment Authoring Role&amp;quot; at the course level or, if possible, even the Topic level (in a topic or week format course) would be important.&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Mentor/Mentee===&lt;br /&gt;
&#039;&#039;Please add text here...&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Community-Designed Rating Criteria===&lt;br /&gt;
&#039;&#039;The gradebook tends to be the domain of the teacher.  What if community/peer ratings/marks could also be entered there? What if peer assessment criteria could be designed by the students, not just the teacher?&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Visitor===&lt;br /&gt;
&lt;br /&gt;
This would be a role whereby one could allow a visitor to visit one&#039;s classroom. This might be a colleague interested in seeing your course, or a journalist who might be writing an article about one&#039;s site. They should not be able to see the names of any students anywhere (eg recent activity, forum posts) for privacy reasons. They should be able to try out things like quizzes, and lessons but no grades would be recorded (like in teacher preview mode). They would not be able to participate in choices and forums but could view them. It would be read only in a way like former-student role below but without access to a particular student&#039;s records that former student role would grant.&lt;br /&gt;
&lt;br /&gt;
===Guest Speaker===&lt;br /&gt;
&lt;br /&gt;
This role would be similar to the Visitor role above, but would allow seeing student names, and also allow both reading and posting to a specific forum or forums. We often have &amp;quot;guest speakers&amp;quot; who read and respond to student forum posts. Right now we have to add them as students, which isn&#039;t ideal.&lt;br /&gt;
&lt;br /&gt;
===Former Student===&lt;br /&gt;
This role would be of particular use for courses with rolling enrollments. This role would be one where a student had completed all of the requirements of a course (ie assignments, quizzes etc.) but wished to have continued access to the course material for review or consultation. The key factor is that one would give access to the completed student to the notes he read, his work and the teacher&#039;s comments on it, but he would not be allowed to do anything that would take up the teacher&#039;s time. In other words, a sort-of read-only access to the course. How forums, which might contain pertinent information and would continue to grow, would be handled is a question. Perhaps the student would be shown only what was in the forums at the time he completed the course. He would not be allowed to see any new posts or add any himself. Same thing for database and glossary entries. In other words, a snapshot of the course at the time his regular enrollment ended. He shouldn&#039;t be able to see the names or profiles of any newly enrolled students for privacy reasons-hence the restrictions on forum access. One issue that would have to be dealt with would be changes to existing modules-such as resources. Does the student get access to the module as it was or as it is? We have no versioning of resources in Moodle so this would be a problem. What about a teacher changing a quiz question so that the answer is different? What would a former student see?&lt;br /&gt;
&lt;br /&gt;
===Alumnus=== An ALUMNUS should be able to search for all other ALUMNI of the school, interact with them and be enrolled in a seperate course - which is like a META course with all the content of his learning and interaction - as well as capabilities to be a part of this ALUMNI only course.  All the teachers of courses during school years should automatically be a part of the ALUMNI course .. which means when an ALUMNUS is enrolled in a course, the original teachers of all his courses get enrolled ?  --[[User:Anil Sharma|Anil Sharma]] 20:54, 15 July 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Librarian===&lt;br /&gt;
&lt;br /&gt;
Reference Librarians have an active role in most of the courses taught at Earlham College (with Bibliographic Instruction). The Librarian role within Moodle could encompass default read access to all courses (unless prohibited by course teacher) and read access to all components of the course unless access is barred (again by teacher). The Librarians would also perhaps have a block called perhaps Reference Services or Reference Desk with write access where they could deposit resources. Also this block might have a chat applet whereby enrolled students could chat to the Reference Librarian on duty about their bibliographic research needs.&lt;br /&gt;
&lt;br /&gt;
In schools there is often a book review system. This may be covered by the lending system database but may not in which case a librarian may neeed to have a course area they can create a database template to handle the reviews in which case they may have a normal teacher style role? Off topic but course an integration with common schools database systems would be great.&lt;br /&gt;
&lt;br /&gt;
===Teacher===&lt;br /&gt;
&lt;br /&gt;
Teachers should have read access to other Teacher&#039;s courses unless explictly prohibited. They should be able to set parts of their own course to be totally private (perhaps even to admin?). Just as each activity can currently be set to have group access, each activity could have a permissions field. Teachers could set default permissions for all activities on their course (eg they might disallow Librarian access for example) and then change the access permission for an individual activity. &lt;br /&gt;
&lt;br /&gt;
I think that what is needed is a simple heirarchy of permissions and levels of granularity.&lt;br /&gt;
&lt;br /&gt;
I would take issue with &amp;quot;teachers should have read access to other teacher&#039;s courses unless explicitly prohibited.&amp;quot; This is a violation of the students&#039; privacy as how they perform and what they do in one class isn&#039;t the business of another teacher. Moreover, in the real world a teacher wouldn&#039;t suddenly go sit in on a colleague&#039;s class without asking permission first. I would not have appreciated such an invasion of privacy as either a teacher or a student. It could be an option, but shouldn&#039;t be default.--[[User:N Hansen|N Hansen]] 19:54, 12 June 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Community Education Tutors/Trainers===&lt;br /&gt;
Teachers may be community adult education trainers making use of a school moodle so must only have access to their courses unless given access elsewhere. They would not necessarily get the default teacher privileges.&lt;br /&gt;
&lt;br /&gt;
===Secretary/Student Worker===&lt;br /&gt;
&lt;br /&gt;
We often have faculty who want their departmental secretary or student worker to scan and upload files and perhaps create resources. Currently they have to be given teacher access to the course. This is dangerous from a FERPA standpoint since they could easily get access to grades.&lt;br /&gt;
&lt;br /&gt;
===Teaching Assistant===&lt;br /&gt;
&lt;br /&gt;
Our Faculty frequently have undergraduate students acting as Teaching Assistants. These students need to be able to add resources, create assignments, and possibly grade assignments. However, due to FERPA they cannot have access to other students&#039; overall grade information. I think the requirements here are slightly different than those of Secretary/Student Worker&lt;br /&gt;
&lt;br /&gt;
===Student - FERPA rights===&lt;br /&gt;
&lt;br /&gt;
A student that has asserted their FERPA rights to non-disclosure.  Typically includes not publishing their name&lt;br /&gt;
in any public place.  Could include this student only being seen with an &amp;quot;alias&amp;quot; within course spaces.  Is this an attribute rather&lt;br /&gt;
than a role?&lt;br /&gt;
&lt;br /&gt;
===Help Desk===&lt;br /&gt;
&lt;br /&gt;
Help desk agents that have read access for the purposes of trouble shooting.  Some care in placing this role within a hierarchy&lt;br /&gt;
of inheritance is needed, full access will be problematic with FERPA.&lt;br /&gt;
&lt;br /&gt;
===Admin - Catgory based===&lt;br /&gt;
&lt;br /&gt;
Basically a person in between full Admin and Creator that has the permissions of an Admin but only with respect to courses and students. Currently a Creator has permissions site-wide which does not always meet the requirements of a given organisation (e.g. Department A may not be happy that a person from Department B can create/modify courses within Department A&#039;s area). The ability to designate a Creator within a specific category would allow areas to be set up for a faculty/department/organisation and allow the Admin for that area to create/delete courses, upload users, add site-wide entries to the calendar etc.&lt;br /&gt;
&lt;br /&gt;
===PROCESS ROLES===&lt;br /&gt;
&lt;br /&gt;
organising the learning process for a group you wish to have the choice to place students in differnt roles: examples of this are:&lt;br /&gt;
&amp;lt;li&amp;gt;1. Give a student the role of forum-moderator with edit and chunk-rights&lt;br /&gt;
&amp;lt;li&amp;gt;2. Give students different roles &amp;amp; rights in a Webquest design (and change these roles next week&lt;br /&gt;
&amp;lt;li&amp;gt;3. Give students different resources, depending of their roles in a rolegame/simulation&lt;br /&gt;
&amp;lt;li&amp;gt;4. Give a student the rights to create the section content of next week (and only that week..)&lt;br /&gt;
&amp;lt;li&amp;gt;5. ..&lt;br /&gt;
&lt;br /&gt;
==See also==&lt;br /&gt;
&lt;br /&gt;
*Using Moodle [http://moodle.org/mod/forum/discuss.php?d=38788 Roles and Permissions architecture] forum discussion&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[Category:Future]]&lt;br /&gt;
[[Category:Roles]]&lt;br /&gt;
&lt;br /&gt;
[[ru:Роли]]&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Roles&amp;diff=3077</id>
		<title>Roles</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Roles&amp;diff=3077"/>
		<updated>2006-08-30T06:42:46Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* Module-level Capabilities */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&#039;&#039;&#039;Roles and permissions&#039;&#039;&#039; will be in Moodle 1.7 and are available in the developer version of Moodle.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Definitions==&lt;br /&gt;
&lt;br /&gt;
A role is an identifier of the user&#039;s status in some context, for example, teacher, student and forum moderator are examples of roles.&lt;br /&gt;
&lt;br /&gt;
A capability is a description of some particular Moodle feature. Capabilities are associated with roles. For example, &#039;&#039;mod/forum:replypost&#039;&#039; is a capability.&lt;br /&gt;
&lt;br /&gt;
A permission is some value that is assigned for a capability for a particular role.  For example, allow or prevent.&lt;br /&gt;
&lt;br /&gt;
A context is a &amp;quot;space&amp;quot; in the Moodle, such as courses, activity modules, blocks etc.&lt;br /&gt;
&lt;br /&gt;
==The existing system==&lt;br /&gt;
&lt;br /&gt;
Currently in Moodle, we have a fixed set of roles i.e. primary admin, admins, course creators, editing teachers, non-editing teachers, students, and guests. For each role, the capability or actions that they can performed are fixed. For example, the role student allows the user to submit an assignment, but doesn&#039;t allow the user to browse/edit other users&#039; work. By using this setup we limit ourselves to a rather rigid set of capabilities for each role. If we want, say a particular student or group to be able to mark assignments in a particular course, we can&#039;t do that without giving these users teacher privileges.&lt;br /&gt;
&lt;br /&gt;
==The new roles and capability system==&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{{Moodle 1.7}}The new system will allow authorized users to define an arbitrary number of roles (eg a teacher) &lt;br /&gt;
&lt;br /&gt;
A role consists of a list of permissions for different possible actions within Moodle (eg delete discussions, add activities etc)&lt;br /&gt;
&lt;br /&gt;
Roles can be applied to users in a context (eg assign Fred as a teacher in a particular course)&lt;br /&gt;
&lt;br /&gt;
Here are the possible contexts, listed from the most general to the most specific. &lt;br /&gt;
&lt;br /&gt;
#CONTEXT_SYSTEM&lt;br /&gt;
#CONTEXT_PERSONAL&lt;br /&gt;
#CONTEXT_USERID&lt;br /&gt;
#CONTEXT_COURSECAT&lt;br /&gt;
#CONTEXT_COURSE&lt;br /&gt;
#CONTEXT_GROUP&lt;br /&gt;
#CONTEXT_MODULE&lt;br /&gt;
#CONTEXT_BLOCK&lt;br /&gt;
&lt;br /&gt;
An authorized user will be able to assign an arbitrary number of roles to each user in any context.&lt;br /&gt;
&lt;br /&gt;
Capabilities can have the following permissions:&lt;br /&gt;
&lt;br /&gt;
#CAP_INHERIT&lt;br /&gt;
#CAP_ALLOW&lt;br /&gt;
#CAP_PREVENT&lt;br /&gt;
#CAP_PROHIBIT&lt;br /&gt;
&lt;br /&gt;
If no permission is defined, then the capability permission is inherited from a context that is more general than the current context. If we define different permission values for the same capability in different contexts, we say that we are overriding the capability in the more specific context.&lt;br /&gt;
&lt;br /&gt;
Since the capabilities in each role could be different, there could be conflict in capabilities. This is resolved by enforcing the rule that the capability defined for a more specific context will win, unless a prohibit is encountered in a less specific context.&lt;br /&gt;
&lt;br /&gt;
For example, Mark has a student role at course level, which allows him to write into a wiki. But Mark also got assigned a Visitor role at a module context level (for a particular wiki) which prevents him from writing to the wiki (read only). Therefore, for this particular wiki, Mark will not be able to write to the wiki since the more specific context wins.&lt;br /&gt;
&lt;br /&gt;
If we set a prohibit on a capability, it means that the capability cannot be overridden and will always have a permission of prevent (deny). Prohibit always wins. For example, Jeff has a naughty student role that prohibits him from postings in any forums (for the whole site), but he&#039;s also assigned a facilitator role in &amp;quot;Science forum&amp;quot; in the course Science and Math 101. Since prohibit always wins, Jeff is unable to post in &amp;quot;Science forum&amp;quot;.&lt;br /&gt;
&lt;br /&gt;
Allow and prevent will cancel each other out if set for the same capability at the same context level. If this happens, we refer to the previous context level to determine the permission for the capability.&lt;br /&gt;
&lt;br /&gt;
This may sound more complex than it really is in practice.  The upshot is that the system can be flexible enough to allow any combination of permissions.&lt;br /&gt;
&lt;br /&gt;
==Upgrading from 1.6==&lt;br /&gt;
&lt;br /&gt;
A smooth upgrade will be provided with 1.7. The existing roles (admin, teacher, student, etc), and the existing capabilities will be automatically retained.  This is done by creating default roles at site/course levels, and assigning the current users to these roles accordingly. The default roles will have default capabilities associated with them, mirroring what we have  in 1.6.   With no modifications, Moodle will operate exactly the same before and after the upgrade.&lt;br /&gt;
&lt;br /&gt;
===Teachers===&lt;br /&gt;
&lt;br /&gt;
Users who were teachers will be assigned the default legacy teacher role (or non-editing teacher role) in all courses they were teacher.&lt;br /&gt;
&lt;br /&gt;
===Students===&lt;br /&gt;
&lt;br /&gt;
Users who were students will be assigned the default student role in all courses they were student.&lt;br /&gt;
&lt;br /&gt;
===Guests===&lt;br /&gt;
&lt;br /&gt;
There will still be a single guest user with no default role at site level.   For each course that allows guest access, the guest role will be assigned to the guest user for that course context.   The guest control for the course will be modified from three to two options (guests always need to enter enrolment key - on/off).  This setting is checked as now to force guests to enter key.&lt;br /&gt;
&lt;br /&gt;
==Capabilities==&lt;br /&gt;
&lt;br /&gt;
This will be a comprehensive list of capabilities (it&#039;s not complete yet). It is important that capability names are unique.&lt;br /&gt;
&lt;br /&gt;
===Core-level Capabilities===&lt;br /&gt;
&lt;br /&gt;
Moodle core capability names start with &#039;moodle/&#039;.  The next word indicates what type of core capability it is, and the last word is the actual capability itself.  The capabilities for the Moodle core are defined in lib/db/access.php&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
#moodle/legacy:guest - legacy capabilities are used to transition existing users to the new roles system during the upgrade to Moodle 1.7&lt;br /&gt;
#moodle/legacy:student&lt;br /&gt;
#moodle/legacy:teacher&lt;br /&gt;
#moodle/legacy:editingteacher&lt;br /&gt;
#moodle/legacy:coursecreator&lt;br /&gt;
#moodle/legacy:admin&lt;br /&gt;
#moodle/site:doanything - special capability, meant for admins, if is set, overrides all other capability settings&lt;br /&gt;
#moodle/site:config - applicable in admin/index.php and config.php (might break down later) : 1)admin/config.php 2)admin/configure.php 3)blocks/admin/block_admin.php load_content_for_site()&lt;br /&gt;
#moodle/site:manageblocks - adding/removing/editing blocks (site, course contexts only for now) : 1)_add_edit_controls moodleblock.class.php &lt;br /&gt;
#moodle/site:backup - can create a course backup : 1)course/category.php 2)block_admin.php&lt;br /&gt;
#moodle/site:restore - can restore into this context : 1)course/category.php 2)block_admin.php&lt;br /&gt;
#moodle/site:import - can import other courses into this context : 1)block_admin.php&lt;br /&gt;
#moodle/site:accessallgroups - able to access all groups irrespective of what group the user is in&lt;br /&gt;
#moodle/site:accessdb - directly accessing db (phpmyadmin)&lt;br /&gt;
#moodle/site:viewfullnames - able to see fullnames of other users&lt;br /&gt;
#moodle/site:viewreports - able to view site/course reports&lt;br /&gt;
#moodle/blog:view - read blogs&lt;br /&gt;
#moodle/blog:create - write new blog posts&lt;br /&gt;
#moodle/blog:manageofficialtags - create/delete official blog tags that others can use&lt;br /&gt;
#moodle/blog:managepersonaltags - create/delete official blog tags that others can use&lt;br /&gt;
#moodle/blog:manageentries - edit/delete all blog entries&lt;br /&gt;
#moodle/course:create - create courses : 1)course/edit.php 2)course/category.php 3)course/index.php&lt;br /&gt;
#moodle/course:delete - create courses : 1)course/category.php&lt;br /&gt;
#moodle/course:update - update course settings&lt;br /&gt;
#moodle/course:view - can use this to find participants&lt;br /&gt;
#moodle/course:viewparticipants - allows a user to view participant list&lt;br /&gt;
#moodle/course:viewscales - view scales (i.e. in a help window?) : 1)course/scales.php&lt;br /&gt;
#moodle/course:manageactivities - adding/removing/editing activities and resources (don&#039;t think it makes any sense to split these)&lt;br /&gt;
#moodle/course:managescales - add, delete, edit scales, move scales up and down : 1)blocks/block_admin.php 2)course/scales.php&lt;br /&gt;
#moodle/course:managegroups - managing groups, add, edit, delete : 1)course/groups.php 2)course/group.php&lt;br /&gt;
#moodle/course:managefiles - manage course files and folders&lt;br /&gt;
#moodle/course:managequestions - manage course questions&lt;br /&gt;
#moodle/course:reset - able to reset the course&lt;br /&gt;
#moodle/course:visibility - hide/show courses : 1)course/category.php&lt;br /&gt;
#moodle/course:activityvisibility - hide/show activities within a course&lt;br /&gt;
#moodle/course:viewhiddenactivities - able to see activities that have been hidden&lt;br /&gt;
#moodle/category:create - create category : 1)course/index.php&lt;br /&gt;
#moodle/category:delete - delete category : 1)course/index.php&lt;br /&gt;
#moodle/category:update - update category settings : 1)course/category.php&lt;br /&gt;
#moodle/category:visibility - hide/show categories : 1)course/index.php&lt;br /&gt;
#moodle/user:create - create user : 1) user/edit.php&lt;br /&gt;
#moodle/user:delete - delete user : 1) admin/user.php&lt;br /&gt;
#moodle/user:update - update user settings : 1) user/edit.php&lt;br /&gt;
#moodle/user:viewdetails - view personally-identifying user details (e.g. name, photo). This ties in with the &amp;quot;visitor&amp;quot; scenario described below.&lt;br /&gt;
#moodle/calendar:manageownentries - create/edit/delete &lt;br /&gt;
#moodle/calendar:manageentries - create/edit/delete&lt;br /&gt;
#moodle/role:assign - assign roles to users&lt;br /&gt;
#moodle/role:override - can override role capabilities (depending on context)&lt;br /&gt;
#moodle/role:manage - create/edit/delete roles, set capability permissions for each role&lt;br /&gt;
#moodle/question:import - imports questions (course level?) - Yes, question permissions currently need to be course-level.--[[User:Tim Hunt|Tim Hunt]]&lt;br /&gt;
#moodle/question:export - exports questions (course level?)&lt;br /&gt;
#moodle/question:managecateory - add/delete/edit question categories (course level?)&lt;br /&gt;
#moodle/question:manage - add/edit/delete a question (course level)&lt;br /&gt;
&lt;br /&gt;
===User-level Capabilities===&lt;br /&gt;
# moodle/user:readuserposts -read individual user posts on profile page (parent?)&lt;br /&gt;
# moodle/user:readuserblogs -read individual user blogs on profile page (parent?)&lt;br /&gt;
# moodle/user:viewuseractivitiesreport-read individual activity report on profile page (parent?)&lt;br /&gt;
&lt;br /&gt;
===Module-level Capabilities===&lt;br /&gt;
The capabilities are cached into a database table when a module is installed or updated. Whenever the capability definitions are updated, the module version number should be bumped up so that the database table can be updated.&lt;br /&gt;
&lt;br /&gt;
The naming convention for capabilities that are specific to modules and blocks is &#039;mod/mod_name:capability&#039;.  The part before the colon is the full path to the module in the Moodle code.  The module capabilities are defined in mod/mod_name/db/access.php.&lt;br /&gt;
&lt;br /&gt;
#Assignment&lt;br /&gt;
##mod/assignment:view- reading the assignment description&lt;br /&gt;
##mod/assignment:submit - turn assignment in&lt;br /&gt;
##mod/assignment:grade - grading, viewing of list of submitted assignments&lt;br /&gt;
#Chat&lt;br /&gt;
##mod/chat:chat - allows a user to participate in this chat&lt;br /&gt;
##mod/chat:readlog - allows a user to read past chat session logs&lt;br /&gt;
##mod/chat:deletelog - allows a user to delete past chat logs&lt;br /&gt;
#Choice&lt;br /&gt;
##mod/choice:choose - make a choice&lt;br /&gt;
##mod/choice:readresponses - read all responses&lt;br /&gt;
##mod/choice:deleteresponses - deletes all responses&lt;br /&gt;
##mod/choice:downloadresponses - download responses&lt;br /&gt;
#Database&lt;br /&gt;
##mod/data:readentry - reads other people&#039;s entry&lt;br /&gt;
##mod/data:writeentry - add / edit and delete (own) entries&lt;br /&gt;
##mod/data:managetemplates - add, delete, edit fields and templates&lt;br /&gt;
##mod/data:manageentries - edit/delete all entries&lt;br /&gt;
##mod/data:comment - comment&lt;br /&gt;
##mod/data:managecomments - edit/delete all comments&lt;br /&gt;
##mod/data:rate - rate an entry&lt;br /&gt;
##mod/data:approve - approves an entry&lt;br /&gt;
##mod/data:uploadentries - batch upload of entries&lt;br /&gt;
#Exercise&lt;br /&gt;
##mod/exercise:assess&lt;br /&gt;
#Forum&lt;br /&gt;
##mod/forum:viewforum&lt;br /&gt;
##mod/forum:viewdiscussion&lt;br /&gt;
##mod/forum:viewdiscussionsfromallgroups&lt;br /&gt;
##mod/forum:viewhiddentimedposts&lt;br /&gt;
##mod/forum:startdiscussion&lt;br /&gt;
##mod/forum:replypost&lt;br /&gt;
##mod/forum:viewrating&lt;br /&gt;
##mod/forum:viewanyrating&lt;br /&gt;
##mod/forum:rate&lt;br /&gt;
##mod/forum:createattachment&lt;br /&gt;
##mod/forum:deleteownpost&lt;br /&gt;
##mod/forum:deleteanypost&lt;br /&gt;
##mod/forum:splitdiscussions&lt;br /&gt;
##mod/forum:movediscussions&lt;br /&gt;
##mod/forum:editanypost&lt;br /&gt;
##mod/forum:viewqandawithoutposting&lt;br /&gt;
##mod/forum:viewsubscribers&lt;br /&gt;
##mod/forum:managesubscriptions&lt;br /&gt;
##mod/forum:throttlingapplies&lt;br /&gt;
#Glossary&lt;br /&gt;
##mod/glossary:view - read entries&lt;br /&gt;
##mod/glossary:write - add entries&lt;br /&gt;
##mod/glossary:manageentries - add, edit, delete entries&lt;br /&gt;
##mod/glossary:managecategories - create, delete, edit categories&lt;br /&gt;
##mod/glossary:comment - comment on an entry&lt;br /&gt;
##mod/glossary:managecomments - edit, delete comments&lt;br /&gt;
##mod/glossary:import - import glossaries&lt;br /&gt;
##mod/glossary:export - export glossaries&lt;br /&gt;
##mod/glossary:approve - approve glossaries&lt;br /&gt;
##mod/glossary:rate - rates glossary&lt;br /&gt;
##mod/glossary:viewrating - view ratings&lt;br /&gt;
#Hotpot&lt;br /&gt;
##mod/hotpot:attempt - attempt a hotpot&lt;br /&gt;
##mod/hotpot:viewreport - review and view reports&lt;br /&gt;
#Label&lt;br /&gt;
##none&lt;br /&gt;
#Lams&lt;br /&gt;
##TBD&lt;br /&gt;
#Lesson&lt;br /&gt;
##TBD&lt;br /&gt;
#Quiz&lt;br /&gt;
##mod/quiz:grade - comment, override grade, manual grade&lt;br /&gt;
##mod/quiz:preview - previews the quiz&lt;br /&gt;
##mod/quiz:viewreports - view quiz result reports&lt;br /&gt;
##mod/quiz:manage - add/delete/move (up or down) questions for a quiz&lt;br /&gt;
##mod/quiz:attempt - attempt the quiz--[[User:Tim Hunt|Tim Hunt]]&lt;br /&gt;
#Resource&lt;br /&gt;
##mod/resource:view&lt;br /&gt;
#Scorm&lt;br /&gt;
##mod/scorm:view&lt;br /&gt;
##mod/scorm:viewgrades&lt;br /&gt;
#Survey&lt;br /&gt;
##mod/survey:download - downloads survery result&lt;br /&gt;
##mod/survey:participate - participate/ do survey&lt;br /&gt;
##mod/survey:readresponses - read all user&#039;s responese&lt;br /&gt;
#Wiki&lt;br /&gt;
##Waiting on new wiki&lt;br /&gt;
#Workshop&lt;br /&gt;
##Waiting on new Workshop&lt;br /&gt;
&lt;br /&gt;
===Enrolment-level Capabilities===&lt;br /&gt;
&lt;br /&gt;
The naming convention for capabilities that are specific to enrolment is &#039;enrol/enrol_name:capability&#039;. The enrolment capabilities are defined in enrol/enrol_name/db/access.php.&lt;br /&gt;
&lt;br /&gt;
#Authorize.net Payment Gateway &lt;br /&gt;
##enrol/authorize:managepayments - manage user payments, capture, void, refund, delete etc.&lt;br /&gt;
&lt;br /&gt;
Will it be possible to enroll people into different roles in a course as part of the enrollment process itself? I mean could you have an option to self-enroll (either involving payment or not) into multiple roles? In fact, will there be any possibility of a student self-selecting a role for themselves, but no one else but themselves?--[[User:N Hansen|N Hansen]] 02:00, 14 August 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Blocks===&lt;br /&gt;
#activity_modules&lt;br /&gt;
##None&lt;br /&gt;
#admin&lt;br /&gt;
#admin_2&lt;br /&gt;
#admin_bookmarks&lt;br /&gt;
#blog_menu&lt;br /&gt;
#blog_tags&lt;br /&gt;
#calendar_month&lt;br /&gt;
#calendar_upcoming&lt;br /&gt;
#course_list&lt;br /&gt;
#course_summary&lt;br /&gt;
#glossary_random&lt;br /&gt;
#html&lt;br /&gt;
#loancalc&lt;br /&gt;
#login&lt;br /&gt;
#messages&lt;br /&gt;
#news_items&lt;br /&gt;
#online_users&lt;br /&gt;
#participants&lt;br /&gt;
#quiz_results&lt;br /&gt;
#recent_activity&lt;br /&gt;
#rss_client&lt;br /&gt;
#search&lt;br /&gt;
#search_forums&lt;br /&gt;
#section_links&lt;br /&gt;
#site_main_menu&lt;br /&gt;
#social_activities&lt;br /&gt;
&lt;br /&gt;
===Questions===&lt;br /&gt;
I am adding question categories here because they seem to have been forgotten in the whole scheme of things since having been removed from the quiz module itself. I&#039;ve made a suggestion on how these could be handled in [http://www.moodle.org/bugs/bug.php?op=show&amp;amp;bugid=6118&amp;amp;pos= bug 6118].&lt;br /&gt;
&lt;br /&gt;
See [http://moodle.org/mod/forum/discuss.php?d=51143 this forum thread] for a discussion about the current problems wth publishing question categories.[[User:Tim Hunt|Tim Hunt]] 18:50, 8 August 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
==Programming Interface==&lt;br /&gt;
&lt;br /&gt;
Although the Roles system may look complicated at first glance, implementing it in Moodle code is fairly simple.&lt;br /&gt;
&lt;br /&gt;
* You need to define each capability once, so that Moodle can upgrade existing roles to take advantage of it.  You do this in an access.php inside the db folder of any module (eg see mod/forum/db/access.php).  The array contains entries like this (note the descriptions for the legacy roles which provides forward compatibility):&lt;br /&gt;
    &#039;mod/forum:viewforum&#039; =&amp;gt; array(&lt;br /&gt;
        &#039;captype&#039; =&amp;gt; &#039;read&#039;,&lt;br /&gt;
        &#039;contextlevel&#039; =&amp;gt; CONTEXT_MODULE,&lt;br /&gt;
        &#039;legacy&#039; =&amp;gt; array(&lt;br /&gt;
            &#039;guest&#039; =&amp;gt; CAP_PREVENT,&lt;br /&gt;
            &#039;student&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;teacher&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;editingteacher&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;coursecreator&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;admin&#039; =&amp;gt; CAP_ALLOW&lt;br /&gt;
        )&lt;br /&gt;
    ),&lt;br /&gt;
* To load/change these capabilities you need to bump the module version.   There&#039;s no need to provide changes or differences as Moodle will scan the whole array and sort it out.&lt;br /&gt;
* On each page you need to find the context the user is working in, using the get_context_instance() function.  For example, in the forum module:&lt;br /&gt;
&lt;br /&gt;
  $context = get_context_instance(CONTEXT_MODULE, $cm-&amp;gt;id);&lt;br /&gt;
* Then, whenever you want to check that the current user has rights to do something, call has_capability() like this:&lt;br /&gt;
    if (!has_capability(&#039;mod/forum:viewforum&#039;, $context)) {&lt;br /&gt;
        print_error(&#039;nopermissiontoviewforum&#039;);&lt;br /&gt;
    }&lt;br /&gt;
* If you just want to assert a capability and then finish with an error message if it&#039;s not met (as we did above), then a shorter way it to use require_capability() like this:&lt;br /&gt;
&lt;br /&gt;
    require_capability(&#039;mod/forum:viewforum&#039;, $context);&lt;br /&gt;
&lt;br /&gt;
* Note that there are extra parameters you can specify to get a custom error message, otherwise users get an automated &amp;quot;No permissions&amp;quot; message that lists the permission they were missing.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
As a result of the new Roles System, all calls to isadmin(), iscoursecreator, isteacheredit(), isteacher(), isstudent(), and isguest() will have to be replaced with calls to has_capability() or require_capability().   However, these functions will be retained for some backward compatibility with old code, using the legacy capabilities to try and work out what to do.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Problem areas we are working on ==&lt;br /&gt;
&lt;br /&gt;
===Student view===&lt;br /&gt;
===Teacher forum===&lt;br /&gt;
===Enrolment plugins===&lt;br /&gt;
&lt;br /&gt;
==Scenario brainstorming==&lt;br /&gt;
&lt;br /&gt;
This section is for brainstorming some example roles that we would like to support.  Note some of these *may* not be possible in 1.7.&lt;br /&gt;
&lt;br /&gt;
===Student===&lt;br /&gt;
Has this one been missed?&lt;br /&gt;
&lt;br /&gt;
===Site Designers===&lt;br /&gt;
Is there a role for people involved in how the site looks but not full administrators? Thinking here of online control of themes rather than FTP theme uploading. But in either case they caneditlogos, caneditcss, candeditlevelatwhichthemeapplies.&lt;br /&gt;
&lt;br /&gt;
===Educational Authority Adviser===&lt;br /&gt;
Someone who would want to browse the site and may be asked to comment or contribute to particular discussions or developments in school. Access for this role would be controlled by the school in the case of school level moodles but may be different if there were to be a Local Authority wide Moodle.&lt;br /&gt;
&lt;br /&gt;
===Educational Inspector===&lt;br /&gt;
Someone who will visit the site to verify the school&#039;s self review that comments on home school relationships, extending the classroom etc. They may want to see summaries of usage and reports from surveys garnering parent and pupil views.&lt;br /&gt;
&lt;br /&gt;
===Second Marker / Moderator===&lt;br /&gt;
A teacher within ths site that has access to assignments and quizzes from another teacher&#039;s course for second marking purposes. This may need additional functionality adding to the assignment module so that two sets of grades/feedback can be given to one set of assignments.&lt;br /&gt;
&lt;br /&gt;
===Peer observer of teaching===&lt;br /&gt;
Many institutions encourage peer observation of teaching, to encourage reflection on practice. In online environments this will be similar to moderation or inspection. The peer observer would need to be able to experience the course &amp;quot;as a student&amp;quot;, but also to be able to view summaries of usage, transcripts of interactions (forums/surveys/polls etc), grades assigned (e.g. in assignments).&lt;br /&gt;
&lt;br /&gt;
===External Examiner===&lt;br /&gt;
Has all the rights of inpectors, but would also need to be able to review assignments and feedback, view forums, glossaries etc. However, would not want to post, feedback onto the site at all.&lt;br /&gt;
&lt;br /&gt;
===Parent===&lt;br /&gt;
A parent will have one or more children in one or more institutions which could be using one or more moodle instances or a mixture of Learning Platforms. A parent&#039;s role will vary depending on the age of their children and whether they are contributing as a parent or a school supporter.&lt;br /&gt;
&lt;br /&gt;
In Early Years (EY=3+4 yr olds) and Key Stage 1 (KS1=5+6 yr olds) they may play/learn on an activity or write for the child. Parents often interpret homework tasks and read to their children perhaps filling in a joint reading diary. In Key Stage 2 (KS2=7-11 yr olds) parents would be more monitoring but may join in as well.&lt;br /&gt;
&lt;br /&gt;
In Key stages 3 (KS3=12-14 yr olds) and 4 (KS4=15+16 yr olds) this changes to more of a monitoring/awareness role where a parent would expect to have a summary report of attendance, attainment and general achievement on a weekly/monthly/termly or annual basis. Parents will often be asked to sign and write back comments about this review report.&lt;br /&gt;
&lt;br /&gt;
In all Key Stages there is a great need for parents to receive communication from the school which they can confirm they have received by signing a form. In some cases this may also involve making choices from a list. It may also involve payment for a trip or disco being returned so there could be the possibility of electronic payments. Also in all Key Satges there may be a home-school agreement which may be signed up to. Could this form part of a site policy system that incorporates a tickable list of activities the parent agrees to the child using (blogs/wikis/forums etc.)?&lt;br /&gt;
&lt;br /&gt;
Parent&#039;s evenings often involve complex booking systems that attempt to get parent&#039;s and teachers together. Easy for EY/KS1/KS2 very difficult for KS3/KS4. Wow would this help if it was built into the Learning Platform.&lt;br /&gt;
&lt;br /&gt;
In some cases there needs to be confidential communication between the parent and the teacher without the child being party to this. It may involve teaching and learning but could also involve a behaviour or medical issue. Often this may be done via a sealed letter or face to face. &lt;br /&gt;
&lt;br /&gt;
The latest incarnation of OfSTED with the Self Review Framework (SEF) there is a greater emphasis on schools gathering parent voice via surveys and discussion. There is a clear match here with parents have access to parental votes, questionnaires and discussions and for schools to be able to publish news, results and reports back to parents.&lt;br /&gt;
&lt;br /&gt;
In the UK the LP framework and agenda as being pushed by the DfES via Becta emphasises that within the mandatory groups and roles functionality the parent role is likely to be required to meet the LP Framework procurement standard.&lt;br /&gt;
&lt;br /&gt;
Again in the UK, parents have their own independent right of access to a child&#039;s educational records. Obviously, children&#039;s records must not be made available to other parties, including the parents of other children in the same class. Thus it would be necessary to associate parent accounts with their own child&#039;s accounts in such a way that they could, if so desired, have read access to their child&#039;s grades, answers and contributions, but generally not those of other children - this may be problematic in the case of wiki activities or forum posts.&lt;br /&gt;
&lt;br /&gt;
There is some concern that children&#039;s forum contributions etc may be constrained if their parents are able to read all that they write; this may be particularly problematic in areas such as Personal, Social and Health Education (PSHE), where some schools may choose to use obfuscated usernames.&lt;br /&gt;
&lt;br /&gt;
===Manager===&lt;br /&gt;
&#039;&#039;Please add text here...&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Weekly Seminar Leader===&lt;br /&gt;
&#039;&#039;In a university seminar, typically 8-15 students in their 3rd/4th year, each student is responsible for leading one topic in a study series.  I ask each student to research 5-10 resources, then give a powerpoint presentation to the other students.  This is followed by an in-class discussion and then online homework.  The homework involves some fun quiz questions and then some reflective journal questions.  I ask each seminar leader to prepare the quiz questions and journal questions as well as their presentation.  To do that, I would like to assign activity-making/authoring roles to the student--either for a short period, or for duration of the whole course.  Thus &amp;quot;Allow Quiz Authoring Role&amp;quot; or &amp;quot;Allow Assignment Authoring Role&amp;quot; at the course level or, if possible, even the Topic level (in a topic or week format course) would be important.&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Mentor/Mentee===&lt;br /&gt;
&#039;&#039;Please add text here...&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Community-Designed Rating Criteria===&lt;br /&gt;
&#039;&#039;The gradebook tends to be the domain of the teacher.  What if community/peer ratings/marks could also be entered there? What if peer assessment criteria could be designed by the students, not just the teacher?&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Visitor===&lt;br /&gt;
&lt;br /&gt;
This would be a role whereby one could allow a visitor to visit one&#039;s classroom. This might be a colleague interested in seeing your course, or a journalist who might be writing an article about one&#039;s site. They should not be able to see the names of any students anywhere (eg recent activity, forum posts) for privacy reasons. They should be able to try out things like quizzes, and lessons but no grades would be recorded (like in teacher preview mode). They would not be able to participate in choices and forums but could view them. It would be read only in a way like former-student role below but without access to a particular student&#039;s records that former student role would grant.&lt;br /&gt;
&lt;br /&gt;
===Guest Speaker===&lt;br /&gt;
&lt;br /&gt;
This role would be similar to the Visitor role above, but would allow seeing student names, and also allow both reading and posting to a specific forum or forums. We often have &amp;quot;guest speakers&amp;quot; who read and respond to student forum posts. Right now we have to add them as students, which isn&#039;t ideal.&lt;br /&gt;
&lt;br /&gt;
===Former Student===&lt;br /&gt;
This role would be of particular use for courses with rolling enrollments. This role would be one where a student had completed all of the requirements of a course (ie assignments, quizzes etc.) but wished to have continued access to the course material for review or consultation. The key factor is that one would give access to the completed student to the notes he read, his work and the teacher&#039;s comments on it, but he would not be allowed to do anything that would take up the teacher&#039;s time. In other words, a sort-of read-only access to the course. How forums, which might contain pertinent information and would continue to grow, would be handled is a question. Perhaps the student would be shown only what was in the forums at the time he completed the course. He would not be allowed to see any new posts or add any himself. Same thing for database and glossary entries. In other words, a snapshot of the course at the time his regular enrollment ended. He shouldn&#039;t be able to see the names or profiles of any newly enrolled students for privacy reasons-hence the restrictions on forum access. One issue that would have to be dealt with would be changes to existing modules-such as resources. Does the student get access to the module as it was or as it is? We have no versioning of resources in Moodle so this would be a problem. What about a teacher changing a quiz question so that the answer is different? What would a former student see?&lt;br /&gt;
&lt;br /&gt;
===Alumnus=== An ALUMNUS should be able to search for all other ALUMNI of the school, interact with them and be enrolled in a seperate course - which is like a META course with all the content of his learning and interaction - as well as capabilities to be a part of this ALUMNI only course.  All the teachers of courses during school years should automatically be a part of the ALUMNI course .. which means when an ALUMNUS is enrolled in a course, the original teachers of all his courses get enrolled ?  --[[User:Anil Sharma|Anil Sharma]] 20:54, 15 July 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Librarian===&lt;br /&gt;
&lt;br /&gt;
Reference Librarians have an active role in most of the courses taught at Earlham College (with Bibliographic Instruction). The Librarian role within Moodle could encompass default read access to all courses (unless prohibited by course teacher) and read access to all components of the course unless access is barred (again by teacher). The Librarians would also perhaps have a block called perhaps Reference Services or Reference Desk with write access where they could deposit resources. Also this block might have a chat applet whereby enrolled students could chat to the Reference Librarian on duty about their bibliographic research needs.&lt;br /&gt;
&lt;br /&gt;
In schools there is often a book review system. This may be covered by the lending system database but may not in which case a librarian may neeed to have a course area they can create a database template to handle the reviews in which case they may have a normal teacher style role? Off topic but course an integration with common schools database systems would be great.&lt;br /&gt;
&lt;br /&gt;
===Teacher===&lt;br /&gt;
&lt;br /&gt;
Teachers should have read access to other Teacher&#039;s courses unless explictly prohibited. They should be able to set parts of their own course to be totally private (perhaps even to admin?). Just as each activity can currently be set to have group access, each activity could have a permissions field. Teachers could set default permissions for all activities on their course (eg they might disallow Librarian access for example) and then change the access permission for an individual activity. &lt;br /&gt;
&lt;br /&gt;
I think that what is needed is a simple heirarchy of permissions and levels of granularity.&lt;br /&gt;
&lt;br /&gt;
I would take issue with &amp;quot;teachers should have read access to other teacher&#039;s courses unless explicitly prohibited.&amp;quot; This is a violation of the students&#039; privacy as how they perform and what they do in one class isn&#039;t the business of another teacher. Moreover, in the real world a teacher wouldn&#039;t suddenly go sit in on a colleague&#039;s class without asking permission first. I would not have appreciated such an invasion of privacy as either a teacher or a student. It could be an option, but shouldn&#039;t be default.--[[User:N Hansen|N Hansen]] 19:54, 12 June 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Community Education Tutors/Trainers===&lt;br /&gt;
Teachers may be community adult education trainers making use of a school moodle so must only have access to their courses unless given access elsewhere. They would not necessarily get the default teacher privileges.&lt;br /&gt;
&lt;br /&gt;
===Secretary/Student Worker===&lt;br /&gt;
&lt;br /&gt;
We often have faculty who want their departmental secretary or student worker to scan and upload files and perhaps create resources. Currently they have to be given teacher access to the course. This is dangerous from a FERPA standpoint since they could easily get access to grades.&lt;br /&gt;
&lt;br /&gt;
===Teaching Assistant===&lt;br /&gt;
&lt;br /&gt;
Our Faculty frequently have undergraduate students acting as Teaching Assistants. These students need to be able to add resources, create assignments, and possibly grade assignments. However, due to FERPA they cannot have access to other students&#039; overall grade information. I think the requirements here are slightly different than those of Secretary/Student Worker&lt;br /&gt;
&lt;br /&gt;
===Student - FERPA rights===&lt;br /&gt;
&lt;br /&gt;
A student that has asserted their FERPA rights to non-disclosure.  Typically includes not publishing their name&lt;br /&gt;
in any public place.  Could include this student only being seen with an &amp;quot;alias&amp;quot; within course spaces.  Is this an attribute rather&lt;br /&gt;
than a role?&lt;br /&gt;
&lt;br /&gt;
===Help Desk===&lt;br /&gt;
&lt;br /&gt;
Help desk agents that have read access for the purposes of trouble shooting.  Some care in placing this role within a hierarchy&lt;br /&gt;
of inheritance is needed, full access will be problematic with FERPA.&lt;br /&gt;
&lt;br /&gt;
===Admin - Catgory based===&lt;br /&gt;
&lt;br /&gt;
Basically a person in between full Admin and Creator that has the permissions of an Admin but only with respect to courses and students. Currently a Creator has permissions site-wide which does not always meet the requirements of a given organisation (e.g. Department A may not be happy that a person from Department B can create/modify courses within Department A&#039;s area). The ability to designate a Creator within a specific category would allow areas to be set up for a faculty/department/organisation and allow the Admin for that area to create/delete courses, upload users, add site-wide entries to the calendar etc.&lt;br /&gt;
&lt;br /&gt;
===PROCESS ROLES===&lt;br /&gt;
&lt;br /&gt;
organising the learning process for a group you wish to have the choice to place students in differnt roles: examples of this are:&lt;br /&gt;
&amp;lt;li&amp;gt;1. Give a student the role of forum-moderator with edit and chunk-rights&lt;br /&gt;
&amp;lt;li&amp;gt;2. Give students different roles &amp;amp; rights in a Webquest design (and change these roles next week&lt;br /&gt;
&amp;lt;li&amp;gt;3. Give students different resources, depending of their roles in a rolegame/simulation&lt;br /&gt;
&amp;lt;li&amp;gt;4. Give a student the rights to create the section content of next week (and only that week..)&lt;br /&gt;
&amp;lt;li&amp;gt;5. ..&lt;br /&gt;
&lt;br /&gt;
==See also==&lt;br /&gt;
&lt;br /&gt;
*Using Moodle [http://moodle.org/mod/forum/discuss.php?d=38788 Roles and Permissions architecture] forum discussion&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[Category:Future]]&lt;br /&gt;
[[Category:Roles]]&lt;br /&gt;
&lt;br /&gt;
[[ru:Роли]]&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Roles&amp;diff=3076</id>
		<title>Roles</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Roles&amp;diff=3076"/>
		<updated>2006-08-29T04:25:35Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* Core-level Capabilities */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&#039;&#039;&#039;Roles and permissions&#039;&#039;&#039; will be in Moodle 1.7 and are available in the developer version of Moodle.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Definitions==&lt;br /&gt;
&lt;br /&gt;
A role is an identifier of the user&#039;s status in some context, for example, teacher, student and forum moderator are examples of roles.&lt;br /&gt;
&lt;br /&gt;
A capability is a description of some particular Moodle feature. Capabilities are associated with roles. For example, &#039;&#039;mod/forum:replypost&#039;&#039; is a capability.&lt;br /&gt;
&lt;br /&gt;
A permission is some value that is assigned for a capability for a particular role.  For example, allow or prevent.&lt;br /&gt;
&lt;br /&gt;
A context is a &amp;quot;space&amp;quot; in the Moodle, such as courses, activity modules, blocks etc.&lt;br /&gt;
&lt;br /&gt;
==The existing system==&lt;br /&gt;
&lt;br /&gt;
Currently in Moodle, we have a fixed set of roles i.e. primary admin, admins, course creators, editing teachers, non-editing teachers, students, and guests. For each role, the capability or actions that they can performed are fixed. For example, the role student allows the user to submit an assignment, but doesn&#039;t allow the user to browse/edit other users&#039; work. By using this setup we limit ourselves to a rather rigid set of capabilities for each role. If we want, say a particular student or group to be able to mark assignments in a particular course, we can&#039;t do that without giving these users teacher privileges.&lt;br /&gt;
&lt;br /&gt;
==The new roles and capability system==&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{{Moodle 1.7}}The new system will allow authorized users to define an arbitrary number of roles (eg a teacher) &lt;br /&gt;
&lt;br /&gt;
A role consists of a list of permissions for different possible actions within Moodle (eg delete discussions, add activities etc)&lt;br /&gt;
&lt;br /&gt;
Roles can be applied to users in a context (eg assign Fred as a teacher in a particular course)&lt;br /&gt;
&lt;br /&gt;
Here are the possible contexts, listed from the most general to the most specific. &lt;br /&gt;
&lt;br /&gt;
#CONTEXT_SYSTEM&lt;br /&gt;
#CONTEXT_PERSONAL&lt;br /&gt;
#CONTEXT_USERID&lt;br /&gt;
#CONTEXT_COURSECAT&lt;br /&gt;
#CONTEXT_COURSE&lt;br /&gt;
#CONTEXT_GROUP&lt;br /&gt;
#CONTEXT_MODULE&lt;br /&gt;
#CONTEXT_BLOCK&lt;br /&gt;
&lt;br /&gt;
An authorized user will be able to assign an arbitrary number of roles to each user in any context.&lt;br /&gt;
&lt;br /&gt;
Capabilities can have the following permissions:&lt;br /&gt;
&lt;br /&gt;
#CAP_INHERIT&lt;br /&gt;
#CAP_ALLOW&lt;br /&gt;
#CAP_PREVENT&lt;br /&gt;
#CAP_PROHIBIT&lt;br /&gt;
&lt;br /&gt;
If no permission is defined, then the capability permission is inherited from a context that is more general than the current context. If we define different permission values for the same capability in different contexts, we say that we are overriding the capability in the more specific context.&lt;br /&gt;
&lt;br /&gt;
Since the capabilities in each role could be different, there could be conflict in capabilities. This is resolved by enforcing the rule that the capability defined for a more specific context will win, unless a prohibit is encountered in a less specific context.&lt;br /&gt;
&lt;br /&gt;
For example, Mark has a student role at course level, which allows him to write into a wiki. But Mark also got assigned a Visitor role at a module context level (for a particular wiki) which prevents him from writing to the wiki (read only). Therefore, for this particular wiki, Mark will not be able to write to the wiki since the more specific context wins.&lt;br /&gt;
&lt;br /&gt;
If we set a prohibit on a capability, it means that the capability cannot be overridden and will always have a permission of prevent (deny). Prohibit always wins. For example, Jeff has a naughty student role that prohibits him from postings in any forums (for the whole site), but he&#039;s also assigned a facilitator role in &amp;quot;Science forum&amp;quot; in the course Science and Math 101. Since prohibit always wins, Jeff is unable to post in &amp;quot;Science forum&amp;quot;.&lt;br /&gt;
&lt;br /&gt;
Allow and prevent will cancel each other out if set for the same capability at the same context level. If this happens, we refer to the previous context level to determine the permission for the capability.&lt;br /&gt;
&lt;br /&gt;
This may sound more complex than it really is in practice.  The upshot is that the system can be flexible enough to allow any combination of permissions.&lt;br /&gt;
&lt;br /&gt;
==Upgrading from 1.6==&lt;br /&gt;
&lt;br /&gt;
A smooth upgrade will be provided with 1.7. The existing roles (admin, teacher, student, etc), and the existing capabilities will be automatically retained.  This is done by creating default roles at site/course levels, and assigning the current users to these roles accordingly. The default roles will have default capabilities associated with them, mirroring what we have  in 1.6.   With no modifications, Moodle will operate exactly the same before and after the upgrade.&lt;br /&gt;
&lt;br /&gt;
===Teachers===&lt;br /&gt;
&lt;br /&gt;
Users who were teachers will be assigned the default legacy teacher role (or non-editing teacher role) in all courses they were teacher.&lt;br /&gt;
&lt;br /&gt;
===Students===&lt;br /&gt;
&lt;br /&gt;
Users who were students will be assigned the default student role in all courses they were student.&lt;br /&gt;
&lt;br /&gt;
===Guests===&lt;br /&gt;
&lt;br /&gt;
There will still be a single guest user with no default role at site level.   For each course that allows guest access, the guest role will be assigned to the guest user for that course context.   The guest control for the course will be modified from three to two options (guests always need to enter enrolment key - on/off).  This setting is checked as now to force guests to enter key.&lt;br /&gt;
&lt;br /&gt;
==Capabilities==&lt;br /&gt;
&lt;br /&gt;
This will be a comprehensive list of capabilities (it&#039;s not complete yet). It is important that capability names are unique.&lt;br /&gt;
&lt;br /&gt;
===Core-level Capabilities===&lt;br /&gt;
&lt;br /&gt;
Moodle core capability names start with &#039;moodle/&#039;.  The next word indicates what type of core capability it is, and the last word is the actual capability itself.  The capabilities for the Moodle core are defined in lib/db/access.php&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
#moodle/legacy:guest - legacy capabilities are used to transition existing users to the new roles system during the upgrade to Moodle 1.7&lt;br /&gt;
#moodle/legacy:student&lt;br /&gt;
#moodle/legacy:teacher&lt;br /&gt;
#moodle/legacy:editingteacher&lt;br /&gt;
#moodle/legacy:coursecreator&lt;br /&gt;
#moodle/legacy:admin&lt;br /&gt;
#moodle/site:doanything - special capability, meant for admins, if is set, overrides all other capability settings&lt;br /&gt;
#moodle/site:config - applicable in admin/index.php and config.php (might break down later) : 1)admin/config.php 2)admin/configure.php 3)blocks/admin/block_admin.php load_content_for_site()&lt;br /&gt;
#moodle/site:manageblocks - adding/removing/editing blocks (site, course contexts only for now) : 1)_add_edit_controls moodleblock.class.php &lt;br /&gt;
#moodle/site:backup - can create a course backup : 1)course/category.php 2)block_admin.php&lt;br /&gt;
#moodle/site:restore - can restore into this context : 1)course/category.php 2)block_admin.php&lt;br /&gt;
#moodle/site:import - can import other courses into this context : 1)block_admin.php&lt;br /&gt;
#moodle/site:accessallgroups - able to access all groups irrespective of what group the user is in&lt;br /&gt;
#moodle/site:accessdb - directly accessing db (phpmyadmin)&lt;br /&gt;
#moodle/site:viewfullnames - able to see fullnames of other users&lt;br /&gt;
#moodle/site:viewreports - able to view site/course reports&lt;br /&gt;
#moodle/blog:view - read blogs&lt;br /&gt;
#moodle/blog:create - write new blog posts&lt;br /&gt;
#moodle/blog:manageofficialtags - create/delete official blog tags that others can use&lt;br /&gt;
#moodle/blog:managepersonaltags - create/delete official blog tags that others can use&lt;br /&gt;
#moodle/blog:manageentries - edit/delete all blog entries&lt;br /&gt;
#moodle/course:create - create courses : 1)course/edit.php 2)course/category.php 3)course/index.php&lt;br /&gt;
#moodle/course:delete - create courses : 1)course/category.php&lt;br /&gt;
#moodle/course:update - update course settings&lt;br /&gt;
#moodle/course:view - can use this to find participants&lt;br /&gt;
#moodle/course:viewparticipants - allows a user to view participant list&lt;br /&gt;
#moodle/course:viewscales - view scales (i.e. in a help window?) : 1)course/scales.php&lt;br /&gt;
#moodle/course:manageactivities - adding/removing/editing activities and resources (don&#039;t think it makes any sense to split these)&lt;br /&gt;
#moodle/course:managescales - add, delete, edit scales, move scales up and down : 1)blocks/block_admin.php 2)course/scales.php&lt;br /&gt;
#moodle/course:managegroups - managing groups, add, edit, delete : 1)course/groups.php 2)course/group.php&lt;br /&gt;
#moodle/course:managefiles - manage course files and folders&lt;br /&gt;
#moodle/course:managequestions - manage course questions&lt;br /&gt;
#moodle/course:reset - able to reset the course&lt;br /&gt;
#moodle/course:visibility - hide/show courses : 1)course/category.php&lt;br /&gt;
#moodle/course:activityvisibility - hide/show activities within a course&lt;br /&gt;
#moodle/course:viewhiddenactivities - able to see activities that have been hidden&lt;br /&gt;
#moodle/category:create - create category : 1)course/index.php&lt;br /&gt;
#moodle/category:delete - delete category : 1)course/index.php&lt;br /&gt;
#moodle/category:update - update category settings : 1)course/category.php&lt;br /&gt;
#moodle/category:visibility - hide/show categories : 1)course/index.php&lt;br /&gt;
#moodle/user:create - create user : 1) user/edit.php&lt;br /&gt;
#moodle/user:delete - delete user : 1) admin/user.php&lt;br /&gt;
#moodle/user:update - update user settings : 1) user/edit.php&lt;br /&gt;
#moodle/user:viewdetails - view personally-identifying user details (e.g. name, photo). This ties in with the &amp;quot;visitor&amp;quot; scenario described below.&lt;br /&gt;
#moodle/calendar:manageownentries - create/edit/delete &lt;br /&gt;
#moodle/calendar:manageentries - create/edit/delete&lt;br /&gt;
#moodle/role:assign - assign roles to users&lt;br /&gt;
#moodle/role:override - can override role capabilities (depending on context)&lt;br /&gt;
#moodle/role:manage - create/edit/delete roles, set capability permissions for each role&lt;br /&gt;
#moodle/question:import - imports questions (course level?) - Yes, question permissions currently need to be course-level.--[[User:Tim Hunt|Tim Hunt]]&lt;br /&gt;
#moodle/question:export - exports questions (course level?)&lt;br /&gt;
#moodle/question:managecateory - add/delete/edit question categories (course level?)&lt;br /&gt;
#moodle/question:manage - add/edit/delete a question (course level)&lt;br /&gt;
&lt;br /&gt;
===User-level Capabilities===&lt;br /&gt;
# moodle/user:readuserposts -read individual user posts on profile page (parent?)&lt;br /&gt;
# moodle/user:readuserblogs -read individual user blogs on profile page (parent?)&lt;br /&gt;
# moodle/user:viewuseractivitiesreport-read individual activity report on profile page (parent?)&lt;br /&gt;
&lt;br /&gt;
===Module-level Capabilities===&lt;br /&gt;
The capabilities are cached into a database table when a module is installed or updated. Whenever the capability definitions are updated, the module version number should be bumped up so that the database table can be updated.&lt;br /&gt;
&lt;br /&gt;
The naming convention for capabilities that are specific to modules and blocks is &#039;mod/mod_name:capability&#039;.  The part before the colon is the full path to the module in the Moodle code.  The module capabilities are defined in mod/mod_name/db/access.php.&lt;br /&gt;
&lt;br /&gt;
#Assignment&lt;br /&gt;
##mod/assignment:view- reading the assignment description&lt;br /&gt;
##mod/assignment:submit - turn assignment in&lt;br /&gt;
##mod/assignment:grade - grading, viewing of list of submitted assignments&lt;br /&gt;
#Chat&lt;br /&gt;
##mod/chat:chat - allows a user to participate in this chat&lt;br /&gt;
##mod/chat:readlog - allows a user to read past chat session logs&lt;br /&gt;
##mod/chat:deletelog - allows a user to delete past chat logs&lt;br /&gt;
#Choice&lt;br /&gt;
##mod/choice:choose - make a choice&lt;br /&gt;
##mod/choice:readresponses - read all responses&lt;br /&gt;
##mod/choice:deleteresponses - deletes all responses&lt;br /&gt;
##mod/choice:downloadresponses - download responses&lt;br /&gt;
#Database&lt;br /&gt;
##mod/data:readentry - reads other people&#039;s entry&lt;br /&gt;
##mod/data:writeentry - add / edit and delete (own) entries&lt;br /&gt;
##mod/data:managetemplates - add, delete, edit fields and templates&lt;br /&gt;
##mod/data:manageentries - edit/delete all entries&lt;br /&gt;
##mod/data:comment - comment&lt;br /&gt;
##mod/data:managecomments - edit/delete all comments&lt;br /&gt;
##mod/data:rate - rate an entry&lt;br /&gt;
##mod/data:approve - approves an entry&lt;br /&gt;
##mod/data:uploadentries - batch upload of entries&lt;br /&gt;
#Exercise&lt;br /&gt;
##mod/exercise:assess&lt;br /&gt;
#Forum&lt;br /&gt;
##mod/forum:viewforum&lt;br /&gt;
##mod/forum:viewdiscussion&lt;br /&gt;
##mod/forum:viewdiscussionsfromallgroups&lt;br /&gt;
##mod/forum:viewhiddentimedposts&lt;br /&gt;
##mod/forum:startdiscussion&lt;br /&gt;
##mod/forum:replypost&lt;br /&gt;
##mod/forum:viewrating&lt;br /&gt;
##mod/forum:viewanyrating&lt;br /&gt;
##mod/forum:rate&lt;br /&gt;
##mod/forum:createattachment&lt;br /&gt;
##mod/forum:deleteownpost&lt;br /&gt;
##mod/forum:deleteanypost&lt;br /&gt;
##mod/forum:splitdiscussions&lt;br /&gt;
##mod/forum:movediscussions&lt;br /&gt;
##mod/forum:editanypost&lt;br /&gt;
##mod/forum:viewqandawithoutposting&lt;br /&gt;
##mod/forum:viewsubscribers&lt;br /&gt;
##mod/forum:managesubscriptions&lt;br /&gt;
##mod/forum:throttlingapplies&lt;br /&gt;
#Glossary&lt;br /&gt;
##mod/glossary:view - read entries&lt;br /&gt;
##mod/glossary:write - add entries&lt;br /&gt;
##mod/glossary:manageentries - add, edit, delete entries&lt;br /&gt;
##mod/glossary:managecategories - create, delete, edit categories&lt;br /&gt;
##mod/glossary:comment - comment on an entry&lt;br /&gt;
##mod/glossary:managecomments - edit, delete comments&lt;br /&gt;
##mod/glossary:import - import glossaries&lt;br /&gt;
##mod/glossary:export - export glossaries&lt;br /&gt;
##mod/glossary:approve - approve glossaries&lt;br /&gt;
##mod/glossary:rate - rates glossary&lt;br /&gt;
##mod/glossary:viewrating - view ratings&lt;br /&gt;
#Hotpot&lt;br /&gt;
##mod/hotpot:view&lt;br /&gt;
#Label&lt;br /&gt;
##none&lt;br /&gt;
#Lams&lt;br /&gt;
##TBD&lt;br /&gt;
#Lesson&lt;br /&gt;
##TBD&lt;br /&gt;
#Quiz&lt;br /&gt;
##mod/quiz:grade - comment, override grade, manual grade&lt;br /&gt;
##mod/quiz:preview - previews the quiz&lt;br /&gt;
##mod/quiz:viewreports - view quiz result reports&lt;br /&gt;
##mod/quiz:manage - add/delete/move (up or down) questions for a quiz&lt;br /&gt;
##mod/quiz:attempt - attempt the quiz--[[User:Tim Hunt|Tim Hunt]]&lt;br /&gt;
#Resource&lt;br /&gt;
##mod/resource:view&lt;br /&gt;
#Scorm&lt;br /&gt;
##mod/scorm:view&lt;br /&gt;
##mod/scorm:viewgrades&lt;br /&gt;
#Survey&lt;br /&gt;
##mod/survey:download - downloads survery result&lt;br /&gt;
##mod/survey:participate - participate/ do survey&lt;br /&gt;
##mod/survey:readresponses - read all user&#039;s responese&lt;br /&gt;
#Wiki&lt;br /&gt;
##Waiting on new wiki&lt;br /&gt;
#Workshop&lt;br /&gt;
##Waiting on new Workshop&lt;br /&gt;
&lt;br /&gt;
===Enrolment-level Capabilities===&lt;br /&gt;
&lt;br /&gt;
The naming convention for capabilities that are specific to enrolment is &#039;enrol/enrol_name:capability&#039;. The enrolment capabilities are defined in enrol/enrol_name/db/access.php.&lt;br /&gt;
&lt;br /&gt;
#Authorize.net Payment Gateway &lt;br /&gt;
##enrol/authorize:managepayments - manage user payments, capture, void, refund, delete etc.&lt;br /&gt;
&lt;br /&gt;
Will it be possible to enroll people into different roles in a course as part of the enrollment process itself? I mean could you have an option to self-enroll (either involving payment or not) into multiple roles? In fact, will there be any possibility of a student self-selecting a role for themselves, but no one else but themselves?--[[User:N Hansen|N Hansen]] 02:00, 14 August 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Blocks===&lt;br /&gt;
#activity_modules&lt;br /&gt;
##None&lt;br /&gt;
#admin&lt;br /&gt;
#admin_2&lt;br /&gt;
#admin_bookmarks&lt;br /&gt;
#blog_menu&lt;br /&gt;
#blog_tags&lt;br /&gt;
#calendar_month&lt;br /&gt;
#calendar_upcoming&lt;br /&gt;
#course_list&lt;br /&gt;
#course_summary&lt;br /&gt;
#glossary_random&lt;br /&gt;
#html&lt;br /&gt;
#loancalc&lt;br /&gt;
#login&lt;br /&gt;
#messages&lt;br /&gt;
#news_items&lt;br /&gt;
#online_users&lt;br /&gt;
#participants&lt;br /&gt;
#quiz_results&lt;br /&gt;
#recent_activity&lt;br /&gt;
#rss_client&lt;br /&gt;
#search&lt;br /&gt;
#search_forums&lt;br /&gt;
#section_links&lt;br /&gt;
#site_main_menu&lt;br /&gt;
#social_activities&lt;br /&gt;
&lt;br /&gt;
===Questions===&lt;br /&gt;
I am adding question categories here because they seem to have been forgotten in the whole scheme of things since having been removed from the quiz module itself. I&#039;ve made a suggestion on how these could be handled in [http://www.moodle.org/bugs/bug.php?op=show&amp;amp;bugid=6118&amp;amp;pos= bug 6118].&lt;br /&gt;
&lt;br /&gt;
See [http://moodle.org/mod/forum/discuss.php?d=51143 this forum thread] for a discussion about the current problems wth publishing question categories.[[User:Tim Hunt|Tim Hunt]] 18:50, 8 August 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
==Programming Interface==&lt;br /&gt;
&lt;br /&gt;
Although the Roles system may look complicated at first glance, implementing it in Moodle code is fairly simple.&lt;br /&gt;
&lt;br /&gt;
* You need to define each capability once, so that Moodle can upgrade existing roles to take advantage of it.  You do this in an access.php inside the db folder of any module (eg see mod/forum/db/access.php).  The array contains entries like this (note the descriptions for the legacy roles which provides forward compatibility):&lt;br /&gt;
    &#039;mod/forum:viewforum&#039; =&amp;gt; array(&lt;br /&gt;
        &#039;captype&#039; =&amp;gt; &#039;read&#039;,&lt;br /&gt;
        &#039;contextlevel&#039; =&amp;gt; CONTEXT_MODULE,&lt;br /&gt;
        &#039;legacy&#039; =&amp;gt; array(&lt;br /&gt;
            &#039;guest&#039; =&amp;gt; CAP_PREVENT,&lt;br /&gt;
            &#039;student&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;teacher&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;editingteacher&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;coursecreator&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;admin&#039; =&amp;gt; CAP_ALLOW&lt;br /&gt;
        )&lt;br /&gt;
    ),&lt;br /&gt;
* To load/change these capabilities you need to bump the module version.   There&#039;s no need to provide changes or differences as Moodle will scan the whole array and sort it out.&lt;br /&gt;
* On each page you need to find the context the user is working in, using the get_context_instance() function.  For example, in the forum module:&lt;br /&gt;
&lt;br /&gt;
  $context = get_context_instance(CONTEXT_MODULE, $cm-&amp;gt;id);&lt;br /&gt;
* Then, whenever you want to check that the current user has rights to do something, call has_capability() like this:&lt;br /&gt;
    if (!has_capability(&#039;mod/forum:viewforum&#039;, $context)) {&lt;br /&gt;
        print_error(&#039;nopermissiontoviewforum&#039;);&lt;br /&gt;
    }&lt;br /&gt;
* If you just want to assert a capability and then finish with an error message if it&#039;s not met (as we did above), then a shorter way it to use require_capability() like this:&lt;br /&gt;
&lt;br /&gt;
    require_capability(&#039;mod/forum:viewforum&#039;, $context);&lt;br /&gt;
&lt;br /&gt;
* Note that there are extra parameters you can specify to get a custom error message, otherwise users get an automated &amp;quot;No permissions&amp;quot; message that lists the permission they were missing.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
As a result of the new Roles System, all calls to isadmin(), iscoursecreator, isteacheredit(), isteacher(), isstudent(), and isguest() will have to be replaced with calls to has_capability() or require_capability().   However, these functions will be retained for some backward compatibility with old code, using the legacy capabilities to try and work out what to do.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Problem areas we are working on ==&lt;br /&gt;
&lt;br /&gt;
===Student view===&lt;br /&gt;
===Teacher forum===&lt;br /&gt;
===Enrolment plugins===&lt;br /&gt;
&lt;br /&gt;
==Scenario brainstorming==&lt;br /&gt;
&lt;br /&gt;
This section is for brainstorming some example roles that we would like to support.  Note some of these *may* not be possible in 1.7.&lt;br /&gt;
&lt;br /&gt;
===Student===&lt;br /&gt;
Has this one been missed?&lt;br /&gt;
&lt;br /&gt;
===Site Designers===&lt;br /&gt;
Is there a role for people involved in how the site looks but not full administrators? Thinking here of online control of themes rather than FTP theme uploading. But in either case they caneditlogos, caneditcss, candeditlevelatwhichthemeapplies.&lt;br /&gt;
&lt;br /&gt;
===Educational Authority Adviser===&lt;br /&gt;
Someone who would want to browse the site and may be asked to comment or contribute to particular discussions or developments in school. Access for this role would be controlled by the school in the case of school level moodles but may be different if there were to be a Local Authority wide Moodle.&lt;br /&gt;
&lt;br /&gt;
===Educational Inspector===&lt;br /&gt;
Someone who will visit the site to verify the school&#039;s self review that comments on home school relationships, extending the classroom etc. They may want to see summaries of usage and reports from surveys garnering parent and pupil views.&lt;br /&gt;
&lt;br /&gt;
===Second Marker / Moderator===&lt;br /&gt;
A teacher within ths site that has access to assignments and quizzes from another teacher&#039;s course for second marking purposes. This may need additional functionality adding to the assignment module so that two sets of grades/feedback can be given to one set of assignments.&lt;br /&gt;
&lt;br /&gt;
===Peer observer of teaching===&lt;br /&gt;
Many institutions encourage peer observation of teaching, to encourage reflection on practice. In online environments this will be similar to moderation or inspection. The peer observer would need to be able to experience the course &amp;quot;as a student&amp;quot;, but also to be able to view summaries of usage, transcripts of interactions (forums/surveys/polls etc), grades assigned (e.g. in assignments).&lt;br /&gt;
&lt;br /&gt;
===External Examiner===&lt;br /&gt;
Has all the rights of inpectors, but would also need to be able to review assignments and feedback, view forums, glossaries etc. However, would not want to post, feedback onto the site at all.&lt;br /&gt;
&lt;br /&gt;
===Parent===&lt;br /&gt;
A parent will have one or more children in one or more institutions which could be using one or more moodle instances or a mixture of Learning Platforms. A parent&#039;s role will vary depending on the age of their children and whether they are contributing as a parent or a school supporter.&lt;br /&gt;
&lt;br /&gt;
In Early Years (EY=3+4 yr olds) and Key Stage 1 (KS1=5+6 yr olds) they may play/learn on an activity or write for the child. Parents often interpret homework tasks and read to their children perhaps filling in a joint reading diary. In Key Stage 2 (KS2=7-11 yr olds) parents would be more monitoring but may join in as well.&lt;br /&gt;
&lt;br /&gt;
In Key stages 3 (KS3=12-14 yr olds) and 4 (KS4=15+16 yr olds) this changes to more of a monitoring/awareness role where a parent would expect to have a summary report of attendance, attainment and general achievement on a weekly/monthly/termly or annual basis. Parents will often be asked to sign and write back comments about this review report.&lt;br /&gt;
&lt;br /&gt;
In all Key Stages there is a great need for parents to receive communication from the school which they can confirm they have received by signing a form. In some cases this may also involve making choices from a list. It may also involve payment for a trip or disco being returned so there could be the possibility of electronic payments. Also in all Key Satges there may be a home-school agreement which may be signed up to. Could this form part of a site policy system that incorporates a tickable list of activities the parent agrees to the child using (blogs/wikis/forums etc.)?&lt;br /&gt;
&lt;br /&gt;
Parent&#039;s evenings often involve complex booking systems that attempt to get parent&#039;s and teachers together. Easy for EY/KS1/KS2 very difficult for KS3/KS4. Wow would this help if it was built into the Learning Platform.&lt;br /&gt;
&lt;br /&gt;
In some cases there needs to be confidential communication between the parent and the teacher without the child being party to this. It may involve teaching and learning but could also involve a behaviour or medical issue. Often this may be done via a sealed letter or face to face. &lt;br /&gt;
&lt;br /&gt;
The latest incarnation of OfSTED with the Self Review Framework (SEF) there is a greater emphasis on schools gathering parent voice via surveys and discussion. There is a clear match here with parents have access to parental votes, questionnaires and discussions and for schools to be able to publish news, results and reports back to parents.&lt;br /&gt;
&lt;br /&gt;
In the UK the LP framework and agenda as being pushed by the DfES via Becta emphasises that within the mandatory groups and roles functionality the parent role is likely to be required to meet the LP Framework procurement standard.&lt;br /&gt;
&lt;br /&gt;
Again in the UK, parents have their own independent right of access to a child&#039;s educational records. Obviously, children&#039;s records must not be made available to other parties, including the parents of other children in the same class. Thus it would be necessary to associate parent accounts with their own child&#039;s accounts in such a way that they could, if so desired, have read access to their child&#039;s grades, answers and contributions, but generally not those of other children - this may be problematic in the case of wiki activities or forum posts.&lt;br /&gt;
&lt;br /&gt;
There is some concern that children&#039;s forum contributions etc may be constrained if their parents are able to read all that they write; this may be particularly problematic in areas such as Personal, Social and Health Education (PSHE), where some schools may choose to use obfuscated usernames.&lt;br /&gt;
&lt;br /&gt;
===Manager===&lt;br /&gt;
&#039;&#039;Please add text here...&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Weekly Seminar Leader===&lt;br /&gt;
&#039;&#039;In a university seminar, typically 8-15 students in their 3rd/4th year, each student is responsible for leading one topic in a study series.  I ask each student to research 5-10 resources, then give a powerpoint presentation to the other students.  This is followed by an in-class discussion and then online homework.  The homework involves some fun quiz questions and then some reflective journal questions.  I ask each seminar leader to prepare the quiz questions and journal questions as well as their presentation.  To do that, I would like to assign activity-making/authoring roles to the student--either for a short period, or for duration of the whole course.  Thus &amp;quot;Allow Quiz Authoring Role&amp;quot; or &amp;quot;Allow Assignment Authoring Role&amp;quot; at the course level or, if possible, even the Topic level (in a topic or week format course) would be important.&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Mentor/Mentee===&lt;br /&gt;
&#039;&#039;Please add text here...&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Community-Designed Rating Criteria===&lt;br /&gt;
&#039;&#039;The gradebook tends to be the domain of the teacher.  What if community/peer ratings/marks could also be entered there? What if peer assessment criteria could be designed by the students, not just the teacher?&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Visitor===&lt;br /&gt;
&lt;br /&gt;
This would be a role whereby one could allow a visitor to visit one&#039;s classroom. This might be a colleague interested in seeing your course, or a journalist who might be writing an article about one&#039;s site. They should not be able to see the names of any students anywhere (eg recent activity, forum posts) for privacy reasons. They should be able to try out things like quizzes, and lessons but no grades would be recorded (like in teacher preview mode). They would not be able to participate in choices and forums but could view them. It would be read only in a way like former-student role below but without access to a particular student&#039;s records that former student role would grant.&lt;br /&gt;
&lt;br /&gt;
===Guest Speaker===&lt;br /&gt;
&lt;br /&gt;
This role would be similar to the Visitor role above, but would allow seeing student names, and also allow both reading and posting to a specific forum or forums. We often have &amp;quot;guest speakers&amp;quot; who read and respond to student forum posts. Right now we have to add them as students, which isn&#039;t ideal.&lt;br /&gt;
&lt;br /&gt;
===Former Student===&lt;br /&gt;
This role would be of particular use for courses with rolling enrollments. This role would be one where a student had completed all of the requirements of a course (ie assignments, quizzes etc.) but wished to have continued access to the course material for review or consultation. The key factor is that one would give access to the completed student to the notes he read, his work and the teacher&#039;s comments on it, but he would not be allowed to do anything that would take up the teacher&#039;s time. In other words, a sort-of read-only access to the course. How forums, which might contain pertinent information and would continue to grow, would be handled is a question. Perhaps the student would be shown only what was in the forums at the time he completed the course. He would not be allowed to see any new posts or add any himself. Same thing for database and glossary entries. In other words, a snapshot of the course at the time his regular enrollment ended. He shouldn&#039;t be able to see the names or profiles of any newly enrolled students for privacy reasons-hence the restrictions on forum access. One issue that would have to be dealt with would be changes to existing modules-such as resources. Does the student get access to the module as it was or as it is? We have no versioning of resources in Moodle so this would be a problem. What about a teacher changing a quiz question so that the answer is different? What would a former student see?&lt;br /&gt;
&lt;br /&gt;
===Alumnus=== An ALUMNUS should be able to search for all other ALUMNI of the school, interact with them and be enrolled in a seperate course - which is like a META course with all the content of his learning and interaction - as well as capabilities to be a part of this ALUMNI only course.  All the teachers of courses during school years should automatically be a part of the ALUMNI course .. which means when an ALUMNUS is enrolled in a course, the original teachers of all his courses get enrolled ?  --[[User:Anil Sharma|Anil Sharma]] 20:54, 15 July 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Librarian===&lt;br /&gt;
&lt;br /&gt;
Reference Librarians have an active role in most of the courses taught at Earlham College (with Bibliographic Instruction). The Librarian role within Moodle could encompass default read access to all courses (unless prohibited by course teacher) and read access to all components of the course unless access is barred (again by teacher). The Librarians would also perhaps have a block called perhaps Reference Services or Reference Desk with write access where they could deposit resources. Also this block might have a chat applet whereby enrolled students could chat to the Reference Librarian on duty about their bibliographic research needs.&lt;br /&gt;
&lt;br /&gt;
In schools there is often a book review system. This may be covered by the lending system database but may not in which case a librarian may neeed to have a course area they can create a database template to handle the reviews in which case they may have a normal teacher style role? Off topic but course an integration with common schools database systems would be great.&lt;br /&gt;
&lt;br /&gt;
===Teacher===&lt;br /&gt;
&lt;br /&gt;
Teachers should have read access to other Teacher&#039;s courses unless explictly prohibited. They should be able to set parts of their own course to be totally private (perhaps even to admin?). Just as each activity can currently be set to have group access, each activity could have a permissions field. Teachers could set default permissions for all activities on their course (eg they might disallow Librarian access for example) and then change the access permission for an individual activity. &lt;br /&gt;
&lt;br /&gt;
I think that what is needed is a simple heirarchy of permissions and levels of granularity.&lt;br /&gt;
&lt;br /&gt;
I would take issue with &amp;quot;teachers should have read access to other teacher&#039;s courses unless explicitly prohibited.&amp;quot; This is a violation of the students&#039; privacy as how they perform and what they do in one class isn&#039;t the business of another teacher. Moreover, in the real world a teacher wouldn&#039;t suddenly go sit in on a colleague&#039;s class without asking permission first. I would not have appreciated such an invasion of privacy as either a teacher or a student. It could be an option, but shouldn&#039;t be default.--[[User:N Hansen|N Hansen]] 19:54, 12 June 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Community Education Tutors/Trainers===&lt;br /&gt;
Teachers may be community adult education trainers making use of a school moodle so must only have access to their courses unless given access elsewhere. They would not necessarily get the default teacher privileges.&lt;br /&gt;
&lt;br /&gt;
===Secretary/Student Worker===&lt;br /&gt;
&lt;br /&gt;
We often have faculty who want their departmental secretary or student worker to scan and upload files and perhaps create resources. Currently they have to be given teacher access to the course. This is dangerous from a FERPA standpoint since they could easily get access to grades.&lt;br /&gt;
&lt;br /&gt;
===Teaching Assistant===&lt;br /&gt;
&lt;br /&gt;
Our Faculty frequently have undergraduate students acting as Teaching Assistants. These students need to be able to add resources, create assignments, and possibly grade assignments. However, due to FERPA they cannot have access to other students&#039; overall grade information. I think the requirements here are slightly different than those of Secretary/Student Worker&lt;br /&gt;
&lt;br /&gt;
===Student - FERPA rights===&lt;br /&gt;
&lt;br /&gt;
A student that has asserted their FERPA rights to non-disclosure.  Typically includes not publishing their name&lt;br /&gt;
in any public place.  Could include this student only being seen with an &amp;quot;alias&amp;quot; within course spaces.  Is this an attribute rather&lt;br /&gt;
than a role?&lt;br /&gt;
&lt;br /&gt;
===Help Desk===&lt;br /&gt;
&lt;br /&gt;
Help desk agents that have read access for the purposes of trouble shooting.  Some care in placing this role within a hierarchy&lt;br /&gt;
of inheritance is needed, full access will be problematic with FERPA.&lt;br /&gt;
&lt;br /&gt;
===Admin - Catgory based===&lt;br /&gt;
&lt;br /&gt;
Basically a person in between full Admin and Creator that has the permissions of an Admin but only with respect to courses and students. Currently a Creator has permissions site-wide which does not always meet the requirements of a given organisation (e.g. Department A may not be happy that a person from Department B can create/modify courses within Department A&#039;s area). The ability to designate a Creator within a specific category would allow areas to be set up for a faculty/department/organisation and allow the Admin for that area to create/delete courses, upload users, add site-wide entries to the calendar etc.&lt;br /&gt;
&lt;br /&gt;
===PROCESS ROLES===&lt;br /&gt;
&lt;br /&gt;
organising the learning process for a group you wish to have the choice to place students in differnt roles: examples of this are:&lt;br /&gt;
&amp;lt;li&amp;gt;1. Give a student the role of forum-moderator with edit and chunk-rights&lt;br /&gt;
&amp;lt;li&amp;gt;2. Give students different roles &amp;amp; rights in a Webquest design (and change these roles next week&lt;br /&gt;
&amp;lt;li&amp;gt;3. Give students different resources, depending of their roles in a rolegame/simulation&lt;br /&gt;
&amp;lt;li&amp;gt;4. Give a student the rights to create the section content of next week (and only that week..)&lt;br /&gt;
&amp;lt;li&amp;gt;5. ..&lt;br /&gt;
&lt;br /&gt;
==See also==&lt;br /&gt;
&lt;br /&gt;
*Using Moodle [http://moodle.org/mod/forum/discuss.php?d=38788 Roles and Permissions architecture] forum discussion&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[Category:Future]]&lt;br /&gt;
[[Category:Roles]]&lt;br /&gt;
&lt;br /&gt;
[[ru:Роли]]&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Roles&amp;diff=3075</id>
		<title>Roles</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Roles&amp;diff=3075"/>
		<updated>2006-08-29T02:39:59Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* Core-level Capabilities */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&#039;&#039;&#039;Roles and permissions&#039;&#039;&#039; will be in Moodle 1.7 and are available in the developer version of Moodle.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Definitions==&lt;br /&gt;
&lt;br /&gt;
A role is an identifier of the user&#039;s status in some context, for example, teacher, student and forum moderator are examples of roles.&lt;br /&gt;
&lt;br /&gt;
A capability is a description of some particular Moodle feature. Capabilities are associated with roles. For example, &#039;&#039;mod/forum:replypost&#039;&#039; is a capability.&lt;br /&gt;
&lt;br /&gt;
A permission is some value that is assigned for a capability for a particular role.  For example, allow or prevent.&lt;br /&gt;
&lt;br /&gt;
A context is a &amp;quot;space&amp;quot; in the Moodle, such as courses, activity modules, blocks etc.&lt;br /&gt;
&lt;br /&gt;
==The existing system==&lt;br /&gt;
&lt;br /&gt;
Currently in Moodle, we have a fixed set of roles i.e. primary admin, admins, course creators, editing teachers, non-editing teachers, students, and guests. For each role, the capability or actions that they can performed are fixed. For example, the role student allows the user to submit an assignment, but doesn&#039;t allow the user to browse/edit other users&#039; work. By using this setup we limit ourselves to a rather rigid set of capabilities for each role. If we want, say a particular student or group to be able to mark assignments in a particular course, we can&#039;t do that without giving these users teacher privileges.&lt;br /&gt;
&lt;br /&gt;
==The new roles and capability system==&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{{Moodle 1.7}}The new system will allow authorized users to define an arbitrary number of roles (eg a teacher) &lt;br /&gt;
&lt;br /&gt;
A role consists of a list of permissions for different possible actions within Moodle (eg delete discussions, add activities etc)&lt;br /&gt;
&lt;br /&gt;
Roles can be applied to users in a context (eg assign Fred as a teacher in a particular course)&lt;br /&gt;
&lt;br /&gt;
Here are the possible contexts, listed from the most general to the most specific. &lt;br /&gt;
&lt;br /&gt;
#CONTEXT_SYSTEM&lt;br /&gt;
#CONTEXT_PERSONAL&lt;br /&gt;
#CONTEXT_USERID&lt;br /&gt;
#CONTEXT_COURSECAT&lt;br /&gt;
#CONTEXT_COURSE&lt;br /&gt;
#CONTEXT_GROUP&lt;br /&gt;
#CONTEXT_MODULE&lt;br /&gt;
#CONTEXT_BLOCK&lt;br /&gt;
&lt;br /&gt;
An authorized user will be able to assign an arbitrary number of roles to each user in any context.&lt;br /&gt;
&lt;br /&gt;
Capabilities can have the following permissions:&lt;br /&gt;
&lt;br /&gt;
#CAP_INHERIT&lt;br /&gt;
#CAP_ALLOW&lt;br /&gt;
#CAP_PREVENT&lt;br /&gt;
#CAP_PROHIBIT&lt;br /&gt;
&lt;br /&gt;
If no permission is defined, then the capability permission is inherited from a context that is more general than the current context. If we define different permission values for the same capability in different contexts, we say that we are overriding the capability in the more specific context.&lt;br /&gt;
&lt;br /&gt;
Since the capabilities in each role could be different, there could be conflict in capabilities. This is resolved by enforcing the rule that the capability defined for a more specific context will win, unless a prohibit is encountered in a less specific context.&lt;br /&gt;
&lt;br /&gt;
For example, Mark has a student role at course level, which allows him to write into a wiki. But Mark also got assigned a Visitor role at a module context level (for a particular wiki) which prevents him from writing to the wiki (read only). Therefore, for this particular wiki, Mark will not be able to write to the wiki since the more specific context wins.&lt;br /&gt;
&lt;br /&gt;
If we set a prohibit on a capability, it means that the capability cannot be overridden and will always have a permission of prevent (deny). Prohibit always wins. For example, Jeff has a naughty student role that prohibits him from postings in any forums (for the whole site), but he&#039;s also assigned a facilitator role in &amp;quot;Science forum&amp;quot; in the course Science and Math 101. Since prohibit always wins, Jeff is unable to post in &amp;quot;Science forum&amp;quot;.&lt;br /&gt;
&lt;br /&gt;
Allow and prevent will cancel each other out if set for the same capability at the same context level. If this happens, we refer to the previous context level to determine the permission for the capability.&lt;br /&gt;
&lt;br /&gt;
This may sound more complex than it really is in practice.  The upshot is that the system can be flexible enough to allow any combination of permissions.&lt;br /&gt;
&lt;br /&gt;
==Upgrading from 1.6==&lt;br /&gt;
&lt;br /&gt;
A smooth upgrade will be provided with 1.7. The existing roles (admin, teacher, student, etc), and the existing capabilities will be automatically retained.  This is done by creating default roles at site/course levels, and assigning the current users to these roles accordingly. The default roles will have default capabilities associated with them, mirroring what we have  in 1.6.   With no modifications, Moodle will operate exactly the same before and after the upgrade.&lt;br /&gt;
&lt;br /&gt;
===Teachers===&lt;br /&gt;
&lt;br /&gt;
Users who were teachers will be assigned the default legacy teacher role (or non-editing teacher role) in all courses they were teacher.&lt;br /&gt;
&lt;br /&gt;
===Students===&lt;br /&gt;
&lt;br /&gt;
Users who were students will be assigned the default student role in all courses they were student.&lt;br /&gt;
&lt;br /&gt;
===Guests===&lt;br /&gt;
&lt;br /&gt;
There will still be a single guest user with no default role at site level.   For each course that allows guest access, the guest role will be assigned to the guest user for that course context.   The guest control for the course will be modified from three to two options (guests always need to enter enrolment key - on/off).  This setting is checked as now to force guests to enter key.&lt;br /&gt;
&lt;br /&gt;
==Capabilities==&lt;br /&gt;
&lt;br /&gt;
This will be a comprehensive list of capabilities (it&#039;s not complete yet). It is important that capability names are unique.&lt;br /&gt;
&lt;br /&gt;
===Core-level Capabilities===&lt;br /&gt;
&lt;br /&gt;
Moodle core capability names start with &#039;moodle/&#039;.  The next word indicates what type of core capability it is, and the last word is the actual capability itself.  The capabilities for the Moodle core are defined in lib/db/access.php&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
#moodle/legacy:guest - legacy capabilities are used to transition existing users to the new roles system during the upgrade to Moodle 1.7&lt;br /&gt;
#moodle/legacy:student&lt;br /&gt;
#moodle/legacy:teacher&lt;br /&gt;
#moodle/legacy:editingteacher&lt;br /&gt;
#moodle/legacy:coursecreator&lt;br /&gt;
#moodle/legacy:admin&lt;br /&gt;
#moodle/site:doanything - special capability, meant for admins, if is set, overrides all other capability settings&lt;br /&gt;
#moodle/site:config - applicable in admin/index.php and config.php (might break down later) : 1)admin/config.php 2)admin/configure.php 3)blocks/admin/block_admin.php load_content_for_site()&lt;br /&gt;
#moodle/site:manageblocks - adding/removing/editing blocks (site, course contexts only for now) : 1)_add_edit_controls moodleblock.class.php &lt;br /&gt;
#moodle/site:backup - can create a course backup : 1)course/category.php 2)block_admin.php&lt;br /&gt;
#moodle/site:restore - can restore into this context : 1)course/category.php 2)block_admin.php&lt;br /&gt;
#moodle/site:import - can import other courses into this context : 1)block_admin.php&lt;br /&gt;
#moodle/site:accessallgroups - able to access all groups irrespective of what group the user is in&lt;br /&gt;
#moodle/site:accessdb - directly accessing db (phpmyadmin)&lt;br /&gt;
#moodle/site:viewfullnames - able to see fullnames of other users&lt;br /&gt;
#moodle/site:viewreports - able to view site/course reports&lt;br /&gt;
#moodle/blog:view - read blogs&lt;br /&gt;
#moodle/blog:create - write new blog posts&lt;br /&gt;
#moodle/blog:manageofficialtags - create/delete official blog tags that others can use&lt;br /&gt;
#moodle/blog:managepersonaltags - create/delete official blog tags that others can use&lt;br /&gt;
#moodle/blog:manageentries - edit/delete all blog entries&lt;br /&gt;
#moodle/course:create - create courses : 1)course/edit.php 2)course/category.php 3)course/index.php&lt;br /&gt;
#moodle/course:delete - create courses : 1)course/category.php&lt;br /&gt;
#moodle/course:update - update course settings&lt;br /&gt;
#moodle/course:view - can use this to find participants&lt;br /&gt;
#moodle/course:viewparticipants - allows a user to view participant list&lt;br /&gt;
#moodle/course:viewscales - view scales (i.e. in a help window?) : 1)course/scales.php&lt;br /&gt;
#moodle/course:manageactivities - adding/removing/editing activities and resources (don&#039;t think it makes any sense to split these)&lt;br /&gt;
#moodle/course:managescales - add, delete, edit scales, move scales up and down : 1)blocks/block_admin.php 2)course/scales.php&lt;br /&gt;
#moodle/course:managegroups - managing groups, add, edit, delete : 1)course/groups.php 2)course/group.php&lt;br /&gt;
#moodle/course:managefiles - manage course files and folders&lt;br /&gt;
#moodle/course:managequestions - manage course questions&lt;br /&gt;
#moodle/course:reset - able to reset the course&lt;br /&gt;
#moodle/course:visibility - hide/show courses : 1)course/category.php&lt;br /&gt;
#moodle/course:activityvisibility - hide/show activities within a course&lt;br /&gt;
#moodle/course:viewhiddenactivities - able to see activities that have been hidden&lt;br /&gt;
#moodle/course:viewrecent - view recent activities&lt;br /&gt;
#moodle/category:create - create category : 1)course/index.php&lt;br /&gt;
#moodle/category:delete - delete category : 1)course/index.php&lt;br /&gt;
#moodle/category:update - update category settings : 1)course/category.php&lt;br /&gt;
#moodle/category:visibility - hide/show categories : 1)course/index.php&lt;br /&gt;
#moodle/user:create - create user : 1) user/edit.php&lt;br /&gt;
#moodle/user:delete - delete user : 1) admin/user.php&lt;br /&gt;
#moodle/user:update - update user settings : 1) user/edit.php&lt;br /&gt;
#moodle/user:viewdetails - view personally-identifying user details (e.g. name, photo). This ties in with the &amp;quot;visitor&amp;quot; scenario described below.&lt;br /&gt;
#moodle/calendar:manageownentries - create/edit/delete &lt;br /&gt;
#moodle/calendar:manageentries - create/edit/delete&lt;br /&gt;
#moodle/role:assign - assign roles to users&lt;br /&gt;
#moodle/role:override - can override role capabilities (depending on context)&lt;br /&gt;
#moodle/role:manage - create/edit/delete roles, set capability permissions for each role&lt;br /&gt;
#moodle/question:import - imports questions (course level?) - Yes, question permissions currently need to be course-level.--[[User:Tim Hunt|Tim Hunt]]&lt;br /&gt;
#moodle/question:export - exports questions (course level?)&lt;br /&gt;
#moodle/question:managecateory - add/delete/edit question categories (course level?)&lt;br /&gt;
#moodle/question:manage - add/edit/delete a question (course level)&lt;br /&gt;
&lt;br /&gt;
===User-level Capabilities===&lt;br /&gt;
# moodle/user:readuserposts -read individual user posts on profile page (parent?)&lt;br /&gt;
# moodle/user:readuserblogs -read individual user blogs on profile page (parent?)&lt;br /&gt;
# moodle/user:viewuseractivitiesreport-read individual activity report on profile page (parent?)&lt;br /&gt;
&lt;br /&gt;
===Module-level Capabilities===&lt;br /&gt;
The capabilities are cached into a database table when a module is installed or updated. Whenever the capability definitions are updated, the module version number should be bumped up so that the database table can be updated.&lt;br /&gt;
&lt;br /&gt;
The naming convention for capabilities that are specific to modules and blocks is &#039;mod/mod_name:capability&#039;.  The part before the colon is the full path to the module in the Moodle code.  The module capabilities are defined in mod/mod_name/db/access.php.&lt;br /&gt;
&lt;br /&gt;
#Assignment&lt;br /&gt;
##mod/assignment:view- reading the assignment description&lt;br /&gt;
##mod/assignment:submit - turn assignment in&lt;br /&gt;
##mod/assignment:grade - grading, viewing of list of submitted assignments&lt;br /&gt;
#Chat&lt;br /&gt;
##mod/chat:chat - allows a user to participate in this chat&lt;br /&gt;
##mod/chat:readlog - allows a user to read past chat session logs&lt;br /&gt;
##mod/chat:deletelog - allows a user to delete past chat logs&lt;br /&gt;
#Choice&lt;br /&gt;
##mod/choice:choose - make a choice&lt;br /&gt;
##mod/choice:readresponses - read all responses&lt;br /&gt;
##mod/choice:deleteresponses - deletes all responses&lt;br /&gt;
##mod/choice:downloadresponses - download responses&lt;br /&gt;
#Database&lt;br /&gt;
##mod/data:readentry - reads other people&#039;s entry&lt;br /&gt;
##mod/data:writeentry - add / edit and delete (own) entries&lt;br /&gt;
##mod/data:managetemplates - add, delete, edit fields and templates&lt;br /&gt;
##mod/data:manageentries - edit/delete all entries&lt;br /&gt;
##mod/data:comment - comment&lt;br /&gt;
##mod/data:managecomments - edit/delete all comments&lt;br /&gt;
##mod/data:rate - rate an entry&lt;br /&gt;
##mod/data:approve - approves an entry&lt;br /&gt;
##mod/data:uploadentries - batch upload of entries&lt;br /&gt;
#Exercise&lt;br /&gt;
##mod/exercise:assess&lt;br /&gt;
#Forum&lt;br /&gt;
##mod/forum:viewforum&lt;br /&gt;
##mod/forum:viewdiscussion&lt;br /&gt;
##mod/forum:viewdiscussionsfromallgroups&lt;br /&gt;
##mod/forum:viewhiddentimedposts&lt;br /&gt;
##mod/forum:startdiscussion&lt;br /&gt;
##mod/forum:replypost&lt;br /&gt;
##mod/forum:viewrating&lt;br /&gt;
##mod/forum:viewanyrating&lt;br /&gt;
##mod/forum:rate&lt;br /&gt;
##mod/forum:createattachment&lt;br /&gt;
##mod/forum:deleteownpost&lt;br /&gt;
##mod/forum:deleteanypost&lt;br /&gt;
##mod/forum:splitdiscussions&lt;br /&gt;
##mod/forum:movediscussions&lt;br /&gt;
##mod/forum:editanypost&lt;br /&gt;
##mod/forum:viewqandawithoutposting&lt;br /&gt;
##mod/forum:viewsubscribers&lt;br /&gt;
##mod/forum:managesubscriptions&lt;br /&gt;
##mod/forum:throttlingapplies&lt;br /&gt;
#Glossary&lt;br /&gt;
##mod/glossary:view - read entries&lt;br /&gt;
##mod/glossary:write - add entries&lt;br /&gt;
##mod/glossary:manageentries - add, edit, delete entries&lt;br /&gt;
##mod/glossary:managecategories - create, delete, edit categories&lt;br /&gt;
##mod/glossary:comment - comment on an entry&lt;br /&gt;
##mod/glossary:managecomments - edit, delete comments&lt;br /&gt;
##mod/glossary:import - import glossaries&lt;br /&gt;
##mod/glossary:export - export glossaries&lt;br /&gt;
##mod/glossary:approve - approve glossaries&lt;br /&gt;
##mod/glossary:rate - rates glossary&lt;br /&gt;
##mod/glossary:viewrating - view ratings&lt;br /&gt;
#Hotpot&lt;br /&gt;
##mod/hotpot:view&lt;br /&gt;
#Label&lt;br /&gt;
##none&lt;br /&gt;
#Lams&lt;br /&gt;
##TBD&lt;br /&gt;
#Lesson&lt;br /&gt;
##TBD&lt;br /&gt;
#Quiz&lt;br /&gt;
##mod/quiz:grade - comment, override grade, manual grade&lt;br /&gt;
##mod/quiz:preview - previews the quiz&lt;br /&gt;
##mod/quiz:viewreports - view quiz result reports&lt;br /&gt;
##mod/quiz:manage - add/delete/move (up or down) questions for a quiz&lt;br /&gt;
##mod/quiz:attempt - attempt the quiz--[[User:Tim Hunt|Tim Hunt]]&lt;br /&gt;
#Resource&lt;br /&gt;
##mod/resource:view&lt;br /&gt;
#Scorm&lt;br /&gt;
##mod/scorm:view&lt;br /&gt;
##mod/scorm:viewgrades&lt;br /&gt;
#Survey&lt;br /&gt;
##mod/survey:download - downloads survery result&lt;br /&gt;
##mod/survey:participate - participate/ do survey&lt;br /&gt;
##mod/survey:readresponses - read all user&#039;s responese&lt;br /&gt;
#Wiki&lt;br /&gt;
##Waiting on new wiki&lt;br /&gt;
#Workshop&lt;br /&gt;
##Waiting on new Workshop&lt;br /&gt;
&lt;br /&gt;
===Enrolment-level Capabilities===&lt;br /&gt;
&lt;br /&gt;
The naming convention for capabilities that are specific to enrolment is &#039;enrol/enrol_name:capability&#039;. The enrolment capabilities are defined in enrol/enrol_name/db/access.php.&lt;br /&gt;
&lt;br /&gt;
#Authorize.net Payment Gateway &lt;br /&gt;
##enrol/authorize:managepayments - manage user payments, capture, void, refund, delete etc.&lt;br /&gt;
&lt;br /&gt;
Will it be possible to enroll people into different roles in a course as part of the enrollment process itself? I mean could you have an option to self-enroll (either involving payment or not) into multiple roles? In fact, will there be any possibility of a student self-selecting a role for themselves, but no one else but themselves?--[[User:N Hansen|N Hansen]] 02:00, 14 August 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Blocks===&lt;br /&gt;
#activity_modules&lt;br /&gt;
##None&lt;br /&gt;
#admin&lt;br /&gt;
#admin_2&lt;br /&gt;
#admin_bookmarks&lt;br /&gt;
#blog_menu&lt;br /&gt;
#blog_tags&lt;br /&gt;
#calendar_month&lt;br /&gt;
#calendar_upcoming&lt;br /&gt;
#course_list&lt;br /&gt;
#course_summary&lt;br /&gt;
#glossary_random&lt;br /&gt;
#html&lt;br /&gt;
#loancalc&lt;br /&gt;
#login&lt;br /&gt;
#messages&lt;br /&gt;
#news_items&lt;br /&gt;
#online_users&lt;br /&gt;
#participants&lt;br /&gt;
#quiz_results&lt;br /&gt;
#recent_activity&lt;br /&gt;
#rss_client&lt;br /&gt;
#search&lt;br /&gt;
#search_forums&lt;br /&gt;
#section_links&lt;br /&gt;
#site_main_menu&lt;br /&gt;
#social_activities&lt;br /&gt;
&lt;br /&gt;
===Questions===&lt;br /&gt;
I am adding question categories here because they seem to have been forgotten in the whole scheme of things since having been removed from the quiz module itself. I&#039;ve made a suggestion on how these could be handled in [http://www.moodle.org/bugs/bug.php?op=show&amp;amp;bugid=6118&amp;amp;pos= bug 6118].&lt;br /&gt;
&lt;br /&gt;
See [http://moodle.org/mod/forum/discuss.php?d=51143 this forum thread] for a discussion about the current problems wth publishing question categories.[[User:Tim Hunt|Tim Hunt]] 18:50, 8 August 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
==Programming Interface==&lt;br /&gt;
&lt;br /&gt;
Although the Roles system may look complicated at first glance, implementing it in Moodle code is fairly simple.&lt;br /&gt;
&lt;br /&gt;
* You need to define each capability once, so that Moodle can upgrade existing roles to take advantage of it.  You do this in an access.php inside the db folder of any module (eg see mod/forum/db/access.php).  The array contains entries like this (note the descriptions for the legacy roles which provides forward compatibility):&lt;br /&gt;
    &#039;mod/forum:viewforum&#039; =&amp;gt; array(&lt;br /&gt;
        &#039;captype&#039; =&amp;gt; &#039;read&#039;,&lt;br /&gt;
        &#039;contextlevel&#039; =&amp;gt; CONTEXT_MODULE,&lt;br /&gt;
        &#039;legacy&#039; =&amp;gt; array(&lt;br /&gt;
            &#039;guest&#039; =&amp;gt; CAP_PREVENT,&lt;br /&gt;
            &#039;student&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;teacher&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;editingteacher&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;coursecreator&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;admin&#039; =&amp;gt; CAP_ALLOW&lt;br /&gt;
        )&lt;br /&gt;
    ),&lt;br /&gt;
* To load/change these capabilities you need to bump the module version.   There&#039;s no need to provide changes or differences as Moodle will scan the whole array and sort it out.&lt;br /&gt;
* On each page you need to find the context the user is working in, using the get_context_instance() function.  For example, in the forum module:&lt;br /&gt;
&lt;br /&gt;
  $context = get_context_instance(CONTEXT_MODULE, $cm-&amp;gt;id);&lt;br /&gt;
* Then, whenever you want to check that the current user has rights to do something, call has_capability() like this:&lt;br /&gt;
    if (!has_capability(&#039;mod/forum:viewforum&#039;, $context)) {&lt;br /&gt;
        print_error(&#039;nopermissiontoviewforum&#039;);&lt;br /&gt;
    }&lt;br /&gt;
* If you just want to assert a capability and then finish with an error message if it&#039;s not met (as we did above), then a shorter way it to use require_capability() like this:&lt;br /&gt;
&lt;br /&gt;
    require_capability(&#039;mod/forum:viewforum&#039;, $context);&lt;br /&gt;
&lt;br /&gt;
* Note that there are extra parameters you can specify to get a custom error message, otherwise users get an automated &amp;quot;No permissions&amp;quot; message that lists the permission they were missing.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
As a result of the new Roles System, all calls to isadmin(), iscoursecreator, isteacheredit(), isteacher(), isstudent(), and isguest() will have to be replaced with calls to has_capability() or require_capability().   However, these functions will be retained for some backward compatibility with old code, using the legacy capabilities to try and work out what to do.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Problem areas we are working on ==&lt;br /&gt;
&lt;br /&gt;
===Student view===&lt;br /&gt;
===Teacher forum===&lt;br /&gt;
===Enrolment plugins===&lt;br /&gt;
&lt;br /&gt;
==Scenario brainstorming==&lt;br /&gt;
&lt;br /&gt;
This section is for brainstorming some example roles that we would like to support.  Note some of these *may* not be possible in 1.7.&lt;br /&gt;
&lt;br /&gt;
===Student===&lt;br /&gt;
Has this one been missed?&lt;br /&gt;
&lt;br /&gt;
===Site Designers===&lt;br /&gt;
Is there a role for people involved in how the site looks but not full administrators? Thinking here of online control of themes rather than FTP theme uploading. But in either case they caneditlogos, caneditcss, candeditlevelatwhichthemeapplies.&lt;br /&gt;
&lt;br /&gt;
===Educational Authority Adviser===&lt;br /&gt;
Someone who would want to browse the site and may be asked to comment or contribute to particular discussions or developments in school. Access for this role would be controlled by the school in the case of school level moodles but may be different if there were to be a Local Authority wide Moodle.&lt;br /&gt;
&lt;br /&gt;
===Educational Inspector===&lt;br /&gt;
Someone who will visit the site to verify the school&#039;s self review that comments on home school relationships, extending the classroom etc. They may want to see summaries of usage and reports from surveys garnering parent and pupil views.&lt;br /&gt;
&lt;br /&gt;
===Second Marker / Moderator===&lt;br /&gt;
A teacher within ths site that has access to assignments and quizzes from another teacher&#039;s course for second marking purposes. This may need additional functionality adding to the assignment module so that two sets of grades/feedback can be given to one set of assignments.&lt;br /&gt;
&lt;br /&gt;
===Peer observer of teaching===&lt;br /&gt;
Many institutions encourage peer observation of teaching, to encourage reflection on practice. In online environments this will be similar to moderation or inspection. The peer observer would need to be able to experience the course &amp;quot;as a student&amp;quot;, but also to be able to view summaries of usage, transcripts of interactions (forums/surveys/polls etc), grades assigned (e.g. in assignments).&lt;br /&gt;
&lt;br /&gt;
===External Examiner===&lt;br /&gt;
Has all the rights of inpectors, but would also need to be able to review assignments and feedback, view forums, glossaries etc. However, would not want to post, feedback onto the site at all.&lt;br /&gt;
&lt;br /&gt;
===Parent===&lt;br /&gt;
A parent will have one or more children in one or more institutions which could be using one or more moodle instances or a mixture of Learning Platforms. A parent&#039;s role will vary depending on the age of their children and whether they are contributing as a parent or a school supporter.&lt;br /&gt;
&lt;br /&gt;
In Early Years (EY=3+4 yr olds) and Key Stage 1 (KS1=5+6 yr olds) they may play/learn on an activity or write for the child. Parents often interpret homework tasks and read to their children perhaps filling in a joint reading diary. In Key Stage 2 (KS2=7-11 yr olds) parents would be more monitoring but may join in as well.&lt;br /&gt;
&lt;br /&gt;
In Key stages 3 (KS3=12-14 yr olds) and 4 (KS4=15+16 yr olds) this changes to more of a monitoring/awareness role where a parent would expect to have a summary report of attendance, attainment and general achievement on a weekly/monthly/termly or annual basis. Parents will often be asked to sign and write back comments about this review report.&lt;br /&gt;
&lt;br /&gt;
In all Key Stages there is a great need for parents to receive communication from the school which they can confirm they have received by signing a form. In some cases this may also involve making choices from a list. It may also involve payment for a trip or disco being returned so there could be the possibility of electronic payments. Also in all Key Satges there may be a home-school agreement which may be signed up to. Could this form part of a site policy system that incorporates a tickable list of activities the parent agrees to the child using (blogs/wikis/forums etc.)?&lt;br /&gt;
&lt;br /&gt;
Parent&#039;s evenings often involve complex booking systems that attempt to get parent&#039;s and teachers together. Easy for EY/KS1/KS2 very difficult for KS3/KS4. Wow would this help if it was built into the Learning Platform.&lt;br /&gt;
&lt;br /&gt;
In some cases there needs to be confidential communication between the parent and the teacher without the child being party to this. It may involve teaching and learning but could also involve a behaviour or medical issue. Often this may be done via a sealed letter or face to face. &lt;br /&gt;
&lt;br /&gt;
The latest incarnation of OfSTED with the Self Review Framework (SEF) there is a greater emphasis on schools gathering parent voice via surveys and discussion. There is a clear match here with parents have access to parental votes, questionnaires and discussions and for schools to be able to publish news, results and reports back to parents.&lt;br /&gt;
&lt;br /&gt;
In the UK the LP framework and agenda as being pushed by the DfES via Becta emphasises that within the mandatory groups and roles functionality the parent role is likely to be required to meet the LP Framework procurement standard.&lt;br /&gt;
&lt;br /&gt;
Again in the UK, parents have their own independent right of access to a child&#039;s educational records. Obviously, children&#039;s records must not be made available to other parties, including the parents of other children in the same class. Thus it would be necessary to associate parent accounts with their own child&#039;s accounts in such a way that they could, if so desired, have read access to their child&#039;s grades, answers and contributions, but generally not those of other children - this may be problematic in the case of wiki activities or forum posts.&lt;br /&gt;
&lt;br /&gt;
There is some concern that children&#039;s forum contributions etc may be constrained if their parents are able to read all that they write; this may be particularly problematic in areas such as Personal, Social and Health Education (PSHE), where some schools may choose to use obfuscated usernames.&lt;br /&gt;
&lt;br /&gt;
===Manager===&lt;br /&gt;
&#039;&#039;Please add text here...&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Weekly Seminar Leader===&lt;br /&gt;
&#039;&#039;In a university seminar, typically 8-15 students in their 3rd/4th year, each student is responsible for leading one topic in a study series.  I ask each student to research 5-10 resources, then give a powerpoint presentation to the other students.  This is followed by an in-class discussion and then online homework.  The homework involves some fun quiz questions and then some reflective journal questions.  I ask each seminar leader to prepare the quiz questions and journal questions as well as their presentation.  To do that, I would like to assign activity-making/authoring roles to the student--either for a short period, or for duration of the whole course.  Thus &amp;quot;Allow Quiz Authoring Role&amp;quot; or &amp;quot;Allow Assignment Authoring Role&amp;quot; at the course level or, if possible, even the Topic level (in a topic or week format course) would be important.&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Mentor/Mentee===&lt;br /&gt;
&#039;&#039;Please add text here...&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Community-Designed Rating Criteria===&lt;br /&gt;
&#039;&#039;The gradebook tends to be the domain of the teacher.  What if community/peer ratings/marks could also be entered there? What if peer assessment criteria could be designed by the students, not just the teacher?&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Visitor===&lt;br /&gt;
&lt;br /&gt;
This would be a role whereby one could allow a visitor to visit one&#039;s classroom. This might be a colleague interested in seeing your course, or a journalist who might be writing an article about one&#039;s site. They should not be able to see the names of any students anywhere (eg recent activity, forum posts) for privacy reasons. They should be able to try out things like quizzes, and lessons but no grades would be recorded (like in teacher preview mode). They would not be able to participate in choices and forums but could view them. It would be read only in a way like former-student role below but without access to a particular student&#039;s records that former student role would grant.&lt;br /&gt;
&lt;br /&gt;
===Guest Speaker===&lt;br /&gt;
&lt;br /&gt;
This role would be similar to the Visitor role above, but would allow seeing student names, and also allow both reading and posting to a specific forum or forums. We often have &amp;quot;guest speakers&amp;quot; who read and respond to student forum posts. Right now we have to add them as students, which isn&#039;t ideal.&lt;br /&gt;
&lt;br /&gt;
===Former Student===&lt;br /&gt;
This role would be of particular use for courses with rolling enrollments. This role would be one where a student had completed all of the requirements of a course (ie assignments, quizzes etc.) but wished to have continued access to the course material for review or consultation. The key factor is that one would give access to the completed student to the notes he read, his work and the teacher&#039;s comments on it, but he would not be allowed to do anything that would take up the teacher&#039;s time. In other words, a sort-of read-only access to the course. How forums, which might contain pertinent information and would continue to grow, would be handled is a question. Perhaps the student would be shown only what was in the forums at the time he completed the course. He would not be allowed to see any new posts or add any himself. Same thing for database and glossary entries. In other words, a snapshot of the course at the time his regular enrollment ended. He shouldn&#039;t be able to see the names or profiles of any newly enrolled students for privacy reasons-hence the restrictions on forum access. One issue that would have to be dealt with would be changes to existing modules-such as resources. Does the student get access to the module as it was or as it is? We have no versioning of resources in Moodle so this would be a problem. What about a teacher changing a quiz question so that the answer is different? What would a former student see?&lt;br /&gt;
&lt;br /&gt;
===Alumnus=== An ALUMNUS should be able to search for all other ALUMNI of the school, interact with them and be enrolled in a seperate course - which is like a META course with all the content of his learning and interaction - as well as capabilities to be a part of this ALUMNI only course.  All the teachers of courses during school years should automatically be a part of the ALUMNI course .. which means when an ALUMNUS is enrolled in a course, the original teachers of all his courses get enrolled ?  --[[User:Anil Sharma|Anil Sharma]] 20:54, 15 July 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Librarian===&lt;br /&gt;
&lt;br /&gt;
Reference Librarians have an active role in most of the courses taught at Earlham College (with Bibliographic Instruction). The Librarian role within Moodle could encompass default read access to all courses (unless prohibited by course teacher) and read access to all components of the course unless access is barred (again by teacher). The Librarians would also perhaps have a block called perhaps Reference Services or Reference Desk with write access where they could deposit resources. Also this block might have a chat applet whereby enrolled students could chat to the Reference Librarian on duty about their bibliographic research needs.&lt;br /&gt;
&lt;br /&gt;
In schools there is often a book review system. This may be covered by the lending system database but may not in which case a librarian may neeed to have a course area they can create a database template to handle the reviews in which case they may have a normal teacher style role? Off topic but course an integration with common schools database systems would be great.&lt;br /&gt;
&lt;br /&gt;
===Teacher===&lt;br /&gt;
&lt;br /&gt;
Teachers should have read access to other Teacher&#039;s courses unless explictly prohibited. They should be able to set parts of their own course to be totally private (perhaps even to admin?). Just as each activity can currently be set to have group access, each activity could have a permissions field. Teachers could set default permissions for all activities on their course (eg they might disallow Librarian access for example) and then change the access permission for an individual activity. &lt;br /&gt;
&lt;br /&gt;
I think that what is needed is a simple heirarchy of permissions and levels of granularity.&lt;br /&gt;
&lt;br /&gt;
I would take issue with &amp;quot;teachers should have read access to other teacher&#039;s courses unless explicitly prohibited.&amp;quot; This is a violation of the students&#039; privacy as how they perform and what they do in one class isn&#039;t the business of another teacher. Moreover, in the real world a teacher wouldn&#039;t suddenly go sit in on a colleague&#039;s class without asking permission first. I would not have appreciated such an invasion of privacy as either a teacher or a student. It could be an option, but shouldn&#039;t be default.--[[User:N Hansen|N Hansen]] 19:54, 12 June 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Community Education Tutors/Trainers===&lt;br /&gt;
Teachers may be community adult education trainers making use of a school moodle so must only have access to their courses unless given access elsewhere. They would not necessarily get the default teacher privileges.&lt;br /&gt;
&lt;br /&gt;
===Secretary/Student Worker===&lt;br /&gt;
&lt;br /&gt;
We often have faculty who want their departmental secretary or student worker to scan and upload files and perhaps create resources. Currently they have to be given teacher access to the course. This is dangerous from a FERPA standpoint since they could easily get access to grades.&lt;br /&gt;
&lt;br /&gt;
===Teaching Assistant===&lt;br /&gt;
&lt;br /&gt;
Our Faculty frequently have undergraduate students acting as Teaching Assistants. These students need to be able to add resources, create assignments, and possibly grade assignments. However, due to FERPA they cannot have access to other students&#039; overall grade information. I think the requirements here are slightly different than those of Secretary/Student Worker&lt;br /&gt;
&lt;br /&gt;
===Student - FERPA rights===&lt;br /&gt;
&lt;br /&gt;
A student that has asserted their FERPA rights to non-disclosure.  Typically includes not publishing their name&lt;br /&gt;
in any public place.  Could include this student only being seen with an &amp;quot;alias&amp;quot; within course spaces.  Is this an attribute rather&lt;br /&gt;
than a role?&lt;br /&gt;
&lt;br /&gt;
===Help Desk===&lt;br /&gt;
&lt;br /&gt;
Help desk agents that have read access for the purposes of trouble shooting.  Some care in placing this role within a hierarchy&lt;br /&gt;
of inheritance is needed, full access will be problematic with FERPA.&lt;br /&gt;
&lt;br /&gt;
===Admin - Catgory based===&lt;br /&gt;
&lt;br /&gt;
Basically a person in between full Admin and Creator that has the permissions of an Admin but only with respect to courses and students. Currently a Creator has permissions site-wide which does not always meet the requirements of a given organisation (e.g. Department A may not be happy that a person from Department B can create/modify courses within Department A&#039;s area). The ability to designate a Creator within a specific category would allow areas to be set up for a faculty/department/organisation and allow the Admin for that area to create/delete courses, upload users, add site-wide entries to the calendar etc.&lt;br /&gt;
&lt;br /&gt;
===PROCESS ROLES===&lt;br /&gt;
&lt;br /&gt;
organising the learning process for a group you wish to have the choice to place students in differnt roles: examples of this are:&lt;br /&gt;
&amp;lt;li&amp;gt;1. Give a student the role of forum-moderator with edit and chunk-rights&lt;br /&gt;
&amp;lt;li&amp;gt;2. Give students different roles &amp;amp; rights in a Webquest design (and change these roles next week&lt;br /&gt;
&amp;lt;li&amp;gt;3. Give students different resources, depending of their roles in a rolegame/simulation&lt;br /&gt;
&amp;lt;li&amp;gt;4. Give a student the rights to create the section content of next week (and only that week..)&lt;br /&gt;
&amp;lt;li&amp;gt;5. ..&lt;br /&gt;
&lt;br /&gt;
==See also==&lt;br /&gt;
&lt;br /&gt;
*Using Moodle [http://moodle.org/mod/forum/discuss.php?d=38788 Roles and Permissions architecture] forum discussion&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[Category:Future]]&lt;br /&gt;
[[Category:Roles]]&lt;br /&gt;
&lt;br /&gt;
[[ru:Роли]]&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Roles&amp;diff=3072</id>
		<title>Roles</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Roles&amp;diff=3072"/>
		<updated>2006-08-24T02:56:41Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* Core-level Capabilities */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&#039;&#039;&#039;Roles and permissions&#039;&#039;&#039; will be in Moodle 1.7 and are available in the developer version of Moodle.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Definitions==&lt;br /&gt;
&lt;br /&gt;
A role is an identifier of the user&#039;s status in some context, for example, teacher, student and forum moderator are examples of roles.&lt;br /&gt;
&lt;br /&gt;
A capability is a description of some particular Moodle feature. Capabilities are associated with roles. For example, &#039;&#039;mod/forum:replypost&#039;&#039; is a capability.&lt;br /&gt;
&lt;br /&gt;
A permission is some value that is assigned for a capability for a particular role.  For example, allow or prevent.&lt;br /&gt;
&lt;br /&gt;
A context is a &amp;quot;space&amp;quot; in the Moodle, such as courses, activity modules, blocks etc.&lt;br /&gt;
&lt;br /&gt;
==The existing system==&lt;br /&gt;
&lt;br /&gt;
Currently in Moodle, we have a fixed set of roles i.e. primary admin, admins, course creators, editing teachers, non-editing teachers, students, and guests. For each role, the capability or actions that they can performed are fixed. For example, the role student allows the user to submit an assignment, but doesn&#039;t allow the user to browse/edit other users&#039; work. By using this setup we limit ourselves to a rather rigid set of capabilities for each role. If we want, say a particular student or group to be able to mark assignments in a particular course, we can&#039;t do that without giving these users teacher privileges.&lt;br /&gt;
&lt;br /&gt;
==The new roles and capability system==&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{{Moodle 1.7}}The new system will allow authorized users to define an arbitrary number of roles (eg a teacher) &lt;br /&gt;
&lt;br /&gt;
A role consists of a list of permissions for different possible actions within Moodle (eg delete discussions, add activities etc)&lt;br /&gt;
&lt;br /&gt;
Roles can be applied to users in a context (eg assign Fred as a teacher in a particular course)&lt;br /&gt;
&lt;br /&gt;
Here are the possible contexts, listed from the most general to the most specific. &lt;br /&gt;
&lt;br /&gt;
#CONTEXT_SYSTEM&lt;br /&gt;
#CONTEXT_PERSONAL&lt;br /&gt;
#CONTEXT_USERID&lt;br /&gt;
#CONTEXT_COURSECAT&lt;br /&gt;
#CONTEXT_COURSE&lt;br /&gt;
#CONTEXT_GROUP&lt;br /&gt;
#CONTEXT_MODULE&lt;br /&gt;
#CONTEXT_BLOCK&lt;br /&gt;
&lt;br /&gt;
An authorized user will be able to assign an arbitrary number of roles to each user in any context.&lt;br /&gt;
&lt;br /&gt;
Capabilities can have the following permissions:&lt;br /&gt;
&lt;br /&gt;
#CAP_INHERIT&lt;br /&gt;
#CAP_ALLOW&lt;br /&gt;
#CAP_PREVENT&lt;br /&gt;
#CAP_PROHIBIT&lt;br /&gt;
&lt;br /&gt;
If no permission is defined, then the capability permission is inherited from a context that is more general than the current context. If we define different permission values for the same capability in different contexts, we say that we are overriding the capability in the more specific context.&lt;br /&gt;
&lt;br /&gt;
Since the capabilities in each role could be different, there could be conflict in capabilities. This is resolved by enforcing the rule that the capability defined for a more specific context will win, unless a prohibit is encountered in a less specific context.&lt;br /&gt;
&lt;br /&gt;
For example, Mark has a student role at course level, which allows him to write into a wiki. But Mark also got assigned a Visitor role at a module context level (for a particular wiki) which prevents him from writing to the wiki (read only). Therefore, for this particular wiki, Mark will not be able to write to the wiki since the more specific context wins.&lt;br /&gt;
&lt;br /&gt;
If we set a prohibit on a capability, it means that the capability cannot be overridden and will always have a permission of prevent (deny). Prohibit always wins. For example, Jeff has a naughty student role that prohibits him from postings in any forums (for the whole site), but he&#039;s also assigned a facilitator role in &amp;quot;Science forum&amp;quot; in the course Science and Math 101. Since prohibit always wins, Jeff is unable to post in &amp;quot;Science forum&amp;quot;.&lt;br /&gt;
&lt;br /&gt;
Allow and prevent will cancel each other out if set for the same capability at the same context level. If this happens, we refer to the previous context level to determine the permission for the capability.&lt;br /&gt;
&lt;br /&gt;
This may sound more complex than it really is in practice.  The upshot is that the system can be flexible enough to allow any combination of permissions.&lt;br /&gt;
&lt;br /&gt;
==Upgrading from 1.6==&lt;br /&gt;
&lt;br /&gt;
A smooth upgrade will be provided with 1.7. The existing roles (admin, teacher, student, etc), and the existing capabilities will be automatically retained.  This is done by creating default roles at site/course levels, and assigning the current users to these roles accordingly. The default roles will have default capabilities associated with them, mirroring what we have  in 1.6.   With no modifications, Moodle will operate exactly the same before and after the upgrade.&lt;br /&gt;
&lt;br /&gt;
===Teachers===&lt;br /&gt;
&lt;br /&gt;
Users who were teachers will be assigned the default legacy teacher role (or non-editing teacher role) in all courses they were teacher.&lt;br /&gt;
&lt;br /&gt;
===Students===&lt;br /&gt;
&lt;br /&gt;
Users who were students will be assigned the default student role in all courses they were student.&lt;br /&gt;
&lt;br /&gt;
===Guests===&lt;br /&gt;
&lt;br /&gt;
There will still be a single guest user with no default role at site level.   For each course that allows guest access, the guest role will be assigned to the guest user for that course context.   The guest control for the course will be modified from three to two options (guests always need to enter enrolment key - on/off).  This setting is checked as now to force guests to enter key.&lt;br /&gt;
&lt;br /&gt;
==Capabilities==&lt;br /&gt;
&lt;br /&gt;
This will be a comprehensive list of capabilities (it&#039;s not complete yet). It is important that capability names are unique.&lt;br /&gt;
&lt;br /&gt;
===Core-level Capabilities===&lt;br /&gt;
&lt;br /&gt;
Moodle core capability names start with &#039;moodle/&#039;.  The next word indicates what type of core capability it is, and the last word is the actual capability itself.  The capabilities for the Moodle core are defined in lib/db/access.php&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
#moodle/legacy:guest - legacy capabilities are used to transition existing users to the new roles system during the upgrade to Moodle 1.7&lt;br /&gt;
#moodle/legacy:student&lt;br /&gt;
#moodle/legacy:teacher&lt;br /&gt;
#moodle/legacy:editingteacher&lt;br /&gt;
#moodle/legacy:coursecreator&lt;br /&gt;
#moodle/legacy:admin&lt;br /&gt;
#moodle/site:doanything - special capability, meant for admins, if is set, overrides all other capability settings&lt;br /&gt;
#moodle/site:config - applicable in admin/index.php and config.php (might break down later) : 1)admin/config.php 2)admin/configure.php 3)blocks/admin/block_admin.php load_content_for_site()&lt;br /&gt;
#moodle/site:manageblocks - adding/removing/editing blocks (site, course contexts only for now) : 1)_add_edit_controls moodleblock.class.php &lt;br /&gt;
#moodle/site:backup - can create a course backup : 1)course/category.php 2)block_admin.php&lt;br /&gt;
#moodle/site:restore - can restore into this context : 1)course/category.php 2)block_admin.php&lt;br /&gt;
#moodle/site:import - can import other courses into this context : 1)block_admin.php&lt;br /&gt;
#moodle/site:accessallgroups - able to access all groups irrespective of what group the user is in&lt;br /&gt;
#moodle/site:accessdb - directly accessing db (phpmyadmin)&lt;br /&gt;
#moodle/site:viewfullnames - able to see fullnames of other users&lt;br /&gt;
#moodle/site:viewreports - able to view site/course reports&lt;br /&gt;
#moodle/blog:view - read blogs&lt;br /&gt;
#moodle/blog:create - write new blog posts&lt;br /&gt;
#moodle/blog:manageofficialtags - create/delete official blog tags that others can use&lt;br /&gt;
#moodle/blog:managepersonaltags - create/delete official blog tags that others can use&lt;br /&gt;
#moodle/blog:manageentries - edit/delete all blog entries&lt;br /&gt;
#moodle/course:create - create courses : 1)course/edit.php 2)course/category.php 3)course/index.php&lt;br /&gt;
#moodle/course:delete - create courses : 1)course/category.php&lt;br /&gt;
#moodle/course:update - update course settings&lt;br /&gt;
#moodle/course:view - can use this to find participants&lt;br /&gt;
#moodle/course:viewparticipants - allows a user to view participant list&lt;br /&gt;
#moodle/course:viewscales - view scales (i.e. in a help window?) : 1)course/scales.php&lt;br /&gt;
#moodle/course:manageactivities - adding/removing/editing activities and resources (don&#039;t think it makes any sense to split these)&lt;br /&gt;
#moodle/course:managescales - add, delete, edit scales, move scales up and down : 1)blocks/block_admin.php 2)course/scales.php&lt;br /&gt;
#moodle/course:managegroups - managing groups, add, edit, delete : 1)course/groups.php 2)course/group.php&lt;br /&gt;
#moodle/course:managefiles - manage course files and folders&lt;br /&gt;
#moodle/course:managequestions - manage course questions&lt;br /&gt;
#moodle/course:reset - able to reset the course&lt;br /&gt;
#moodle/course:visibility - hide/show courses : 1)course/category.php&lt;br /&gt;
#moodle/course:activityvisibility - hide/show activities within a course&lt;br /&gt;
#moodle/course:viewhiddenactivities - able to see activities that have been hidden&lt;br /&gt;
#moodle/category:create - create category : 1)course/index.php&lt;br /&gt;
#moodle/category:delete - delete category : 1)course/index.php&lt;br /&gt;
#moodle/category:update - update category settings : 1)course/category.php&lt;br /&gt;
#moodle/category:visibility - hide/show categories : 1)course/index.php&lt;br /&gt;
#moodle/user:create - create user : 1) user/edit.php&lt;br /&gt;
#moodle/user:delete - delete user : 1) admin/user.php&lt;br /&gt;
#moodle/user:update - update user settings : 1) user/edit.php&lt;br /&gt;
#moodle/user:viewdetails - view personally-identifying user details (e.g. name, photo). This ties in with the &amp;quot;visitor&amp;quot; scenario described below.&lt;br /&gt;
#moodle/calendar:manageownentries - create/edit/delete &lt;br /&gt;
#moodle/calendar:manageentries - create/edit/delete&lt;br /&gt;
#moodle/role:assign - assign roles to users&lt;br /&gt;
#moodle/role:override - can override role capabilities (depending on context)&lt;br /&gt;
#moodle/role:manage - create/edit/delete roles, set capability permissions for each role&lt;br /&gt;
#moodle/question:import - imports questions (course level?) - Yes, question permissions currently need to be course-level.--[[User:Tim Hunt|Tim Hunt]]&lt;br /&gt;
#moodle/question:export - exports questions (course level?)&lt;br /&gt;
#moodle/question:managecateory - add/delete/edit question categories (course level?)&lt;br /&gt;
#moodle/question:manage - add/edit/delete a question (course level)&lt;br /&gt;
&lt;br /&gt;
===User-level Capabilities===&lt;br /&gt;
# moodle/user:readuserposts -read individual user posts on profile page (parent?)&lt;br /&gt;
# moodle/user:readuserblogs -read individual user blogs on profile page (parent?)&lt;br /&gt;
# moodle/user:viewuseractivitiesreport-read individual activity report on profile page (parent?)&lt;br /&gt;
&lt;br /&gt;
===Module-level Capabilities===&lt;br /&gt;
The capabilities are cached into a database table when a module is installed or updated. Whenever the capability definitions are updated, the module version number should be bumped up so that the database table can be updated.&lt;br /&gt;
&lt;br /&gt;
The naming convention for capabilities that are specific to modules and blocks is &#039;mod/mod_name:capability&#039;.  The part before the colon is the full path to the module in the Moodle code.  The module capabilities are defined in mod/mod_name/db/access.php.&lt;br /&gt;
&lt;br /&gt;
#Assignment&lt;br /&gt;
##mod/assignment:view- reading the assignment description&lt;br /&gt;
##mod/assignment:submit - turn assignment in&lt;br /&gt;
##mod/assignment:grade - grading, viewing of list of submitted assignments&lt;br /&gt;
#Chat&lt;br /&gt;
##mod/chat:chat - allows a user to participate in this chat&lt;br /&gt;
##mod/chat:readlog - allows a user to read past chat session logs&lt;br /&gt;
##mod/chat:deletelog - allows a user to delete past chat logs&lt;br /&gt;
#Choice&lt;br /&gt;
##mod/choice:choose - make a choice&lt;br /&gt;
##mod/choice:readresponses - read all responses&lt;br /&gt;
##mod/choice:deleteresponses - deletes all responses&lt;br /&gt;
##mod/choice:downloadresponses - download responses&lt;br /&gt;
#Database&lt;br /&gt;
##mod/data:readentry - reads other people&#039;s entry&lt;br /&gt;
##mod/data:writeentry - add / edit and delete (own) entries&lt;br /&gt;
##mod/data:managetemplates - add, delete, edit fields and templates&lt;br /&gt;
##mod/data:manageentries - edit/delete all entries&lt;br /&gt;
##mod/data:comment - comment&lt;br /&gt;
##mod/data:managecomments - edit/delete all comments&lt;br /&gt;
##mod/data:rate - rate an entry&lt;br /&gt;
##mod/data:approve - approves an entry&lt;br /&gt;
##mod/data:uploadentries - batch upload of entries&lt;br /&gt;
#Exercise&lt;br /&gt;
##mod/exercise:assess&lt;br /&gt;
#Forum&lt;br /&gt;
##mod/forum:viewforum&lt;br /&gt;
##mod/forum:viewdiscussion&lt;br /&gt;
##mod/forum:viewdiscussionsfromallgroups&lt;br /&gt;
##mod/forum:viewhiddentimedposts&lt;br /&gt;
##mod/forum:startdiscussion&lt;br /&gt;
##mod/forum:replypost&lt;br /&gt;
##mod/forum:viewrating&lt;br /&gt;
##mod/forum:viewanyrating&lt;br /&gt;
##mod/forum:rate&lt;br /&gt;
##mod/forum:createattachment&lt;br /&gt;
##mod/forum:deleteownpost&lt;br /&gt;
##mod/forum:deleteanypost&lt;br /&gt;
##mod/forum:splitdiscussions&lt;br /&gt;
##mod/forum:movediscussions&lt;br /&gt;
##mod/forum:editanypost&lt;br /&gt;
##mod/forum:viewqandawithoutposting&lt;br /&gt;
##mod/forum:viewsubscribers&lt;br /&gt;
##mod/forum:managesubscriptions&lt;br /&gt;
##mod/forum:throttlingapplies&lt;br /&gt;
#Glossary&lt;br /&gt;
##mod/glossary:view - read entries&lt;br /&gt;
##mod/glossary:write - add entries&lt;br /&gt;
##mod/glossary:manageentries - add, edit, delete entries&lt;br /&gt;
##mod/glossary:managecategories - create, delete, edit categories&lt;br /&gt;
##mod/glossary:comment - comment on an entry&lt;br /&gt;
##mod/glossary:managecomments - edit, delete comments&lt;br /&gt;
##mod/glossary:import - import glossaries&lt;br /&gt;
##mod/glossary:export - export glossaries&lt;br /&gt;
##mod/glossary:approve - approve glossaries&lt;br /&gt;
##mod/glossary:rate - rates glossary&lt;br /&gt;
##mod/glossary:viewrating - view ratings&lt;br /&gt;
#Hotpot&lt;br /&gt;
##mod/hotpot:view&lt;br /&gt;
#Label&lt;br /&gt;
##none&lt;br /&gt;
#Lams&lt;br /&gt;
##TBD&lt;br /&gt;
#Lesson&lt;br /&gt;
##TBD&lt;br /&gt;
#Quiz&lt;br /&gt;
##mod/quiz:grade - comment, override grade, manual grade&lt;br /&gt;
##mod/quiz:preview - previews the quiz&lt;br /&gt;
##mod/quiz:viewreports - view quiz result reports&lt;br /&gt;
##mod/quiz:manage - add/delete/move (up or down) questions for a quiz&lt;br /&gt;
##mod/quiz:attempt - attempt the quiz--[[User:Tim Hunt|Tim Hunt]]&lt;br /&gt;
#Resource&lt;br /&gt;
##mod/resource:view&lt;br /&gt;
#Scorm&lt;br /&gt;
##mod/scorm:view&lt;br /&gt;
##mod/scorm:viewgrades&lt;br /&gt;
#Survey&lt;br /&gt;
##mod/survey:download - downloads survery result&lt;br /&gt;
##mod/survey:participate - participate/ do survey&lt;br /&gt;
##mod/survey:readresponses - read all user&#039;s responese&lt;br /&gt;
#Wiki&lt;br /&gt;
##Waiting on new wiki&lt;br /&gt;
#Workshop&lt;br /&gt;
##Waiting on new Workshop&lt;br /&gt;
&lt;br /&gt;
===Enrolment-level Capabilities===&lt;br /&gt;
&lt;br /&gt;
The naming convention for capabilities that are specific to enrolment is &#039;enrol/enrol_name:capability&#039;. The enrolment capabilities are defined in enrol/enrol_name/db/access.php.&lt;br /&gt;
&lt;br /&gt;
#Authorize.net Payment Gateway &lt;br /&gt;
##enrol/authorize:managepayments - manage user payments, capture, void, refund, delete etc.&lt;br /&gt;
&lt;br /&gt;
Will it be possible to enroll people into different roles in a course as part of the enrollment process itself? I mean could you have an option to self-enroll (either involving payment or not) into multiple roles? In fact, will there be any possibility of a student self-selecting a role for themselves, but no one else but themselves?--[[User:N Hansen|N Hansen]] 02:00, 14 August 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Blocks===&lt;br /&gt;
&lt;br /&gt;
===Questions===&lt;br /&gt;
I am adding question categories here because they seem to have been forgotten in the whole scheme of things since having been removed from the quiz module itself. I&#039;ve made a suggestion on how these could be handled in [http://www.moodle.org/bugs/bug.php?op=show&amp;amp;bugid=6118&amp;amp;pos= bug 6118].&lt;br /&gt;
&lt;br /&gt;
See [http://moodle.org/mod/forum/discuss.php?d=51143 this forum thread] for a discussion about the current problems wth publishing question categories.[[User:Tim Hunt|Tim Hunt]] 18:50, 8 August 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
==Programming Interface==&lt;br /&gt;
&lt;br /&gt;
Although the Roles system may look complicated at first glance, implementing it in Moodle code is fairly simple.&lt;br /&gt;
&lt;br /&gt;
* You need to define each capability once, so that Moodle can upgrade existing roles to take advantage of it.  You do this in an access.php inside the db folder of any module (eg see mod/forum/db/access.php).  The array contains entries like this (note the descriptions for the legacy roles which provides forward compatibility):&lt;br /&gt;
    &#039;mod/forum:viewforum&#039; =&amp;gt; array(&lt;br /&gt;
        &#039;captype&#039; =&amp;gt; &#039;read&#039;,&lt;br /&gt;
        &#039;contextlevel&#039; =&amp;gt; CONTEXT_MODULE,&lt;br /&gt;
        &#039;legacy&#039; =&amp;gt; array(&lt;br /&gt;
            &#039;guest&#039; =&amp;gt; CAP_PREVENT,&lt;br /&gt;
            &#039;student&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;teacher&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;editingteacher&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;coursecreator&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;admin&#039; =&amp;gt; CAP_ALLOW&lt;br /&gt;
        )&lt;br /&gt;
    ),&lt;br /&gt;
* To load/change these capabilities you need to bump the module version.   There&#039;s no need to provide changes or differences as Moodle will scan the whole array and sort it out.&lt;br /&gt;
* On each page you need to find the context the user is working in, using the get_context_instance() function.  For example, in the forum module:&lt;br /&gt;
&lt;br /&gt;
  $context = get_context_instance(CONTEXT_MODULE, $cm-&amp;gt;id);&lt;br /&gt;
* Then, whenever you want to check that the current user has rights to do something, call has_capability() like this:&lt;br /&gt;
    if (!has_capability(&#039;mod/forum:viewforum&#039;, $context)) {&lt;br /&gt;
        print_error(&#039;nopermissiontoviewforum&#039;);&lt;br /&gt;
    }&lt;br /&gt;
* If you just want to assert a capability and then finish with an error message if it&#039;s not met (as we did above), then a shorter way it to use require_capability() like this:&lt;br /&gt;
&lt;br /&gt;
    require_capability(&#039;mod/forum:viewforum&#039;, $context);&lt;br /&gt;
&lt;br /&gt;
* Note that there are extra parameters you can specify to get a custom error message, otherwise users get an automated &amp;quot;No permissions&amp;quot; message that lists the permission they were missing.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
As a result of the new Roles System, all calls to isadmin(), iscoursecreator, isteacheredit(), isteacher(), isstudent(), and isguest() will have to be replaced with calls to has_capability() or require_capability().   However, these functions will be retained for some backward compatibility with old code, using the legacy capabilities to try and work out what to do.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Problem areas we are working on ==&lt;br /&gt;
&lt;br /&gt;
===Student view===&lt;br /&gt;
===Teacher forum===&lt;br /&gt;
===Enrolment plugins===&lt;br /&gt;
&lt;br /&gt;
==Scenario brainstorming==&lt;br /&gt;
&lt;br /&gt;
This section is for brainstorming some example roles that we would like to support.  Note some of these *may* not be possible in 1.7.&lt;br /&gt;
&lt;br /&gt;
===Student===&lt;br /&gt;
Has this one been missed?&lt;br /&gt;
&lt;br /&gt;
===Site Designers===&lt;br /&gt;
Is there a role for people involved in how the site looks but not full administrators? Thinking here of online control of themes rather than FTP theme uploading. But in either case they caneditlogos, caneditcss, candeditlevelatwhichthemeapplies.&lt;br /&gt;
&lt;br /&gt;
===Educational Authority Adviser===&lt;br /&gt;
Someone who would want to browse the site and may be asked to comment or contribute to particular discussions or developments in school. Access for this role would be controlled by the school in the case of school level moodles but may be different if there were to be a Local Authority wide Moodle.&lt;br /&gt;
&lt;br /&gt;
===Educational Inspector===&lt;br /&gt;
Someone who will visit the site to verify the school&#039;s self review that comments on home school relationships, extending the classroom etc. They may want to see summaries of usage and reports from surveys garnering parent and pupil views.&lt;br /&gt;
&lt;br /&gt;
===Second Marker / Moderator===&lt;br /&gt;
A teacher within ths site that has access to assignments and quizzes from another teacher&#039;s course for second marking purposes. This may need additional functionality adding to the assignment module so that two sets of grades/feedback can be given to one set of assignments.&lt;br /&gt;
&lt;br /&gt;
===Peer observer of teaching===&lt;br /&gt;
Many institutions encourage peer observation of teaching, to encourage reflection on practice. In online environments this will be similar to moderation or inspection. The peer observer would need to be able to experience the course &amp;quot;as a student&amp;quot;, but also to be able to view summaries of usage, transcripts of interactions (forums/surveys/polls etc), grades assigned (e.g. in assignments).&lt;br /&gt;
&lt;br /&gt;
===External Examiner===&lt;br /&gt;
Has all the rights of inpectors, but would also need to be able to review assignments and feedback, view forums, glossaries etc. However, would not want to post, feedback onto the site at all.&lt;br /&gt;
&lt;br /&gt;
===Parent===&lt;br /&gt;
A parent will have one or more children in one or more institutions which could be using one or more moodle instances or a mixture of Learning Platforms. A parent&#039;s role will vary depending on the age of their children and whether they are contributing as a parent or a school supporter.&lt;br /&gt;
&lt;br /&gt;
In Early Years (EY=3+4 yr olds) and Key Stage 1 (KS1=5+6 yr olds) they may play/learn on an activity or write for the child. Parents often interpret homework tasks and read to their children perhaps filling in a joint reading diary. In Key Stage 2 (KS2=7-11 yr olds) parents would be more monitoring but may join in as well.&lt;br /&gt;
&lt;br /&gt;
In Key stages 3 (KS3=12-14 yr olds) and 4 (KS4=15+16 yr olds) this changes to more of a monitoring/awareness role where a parent would expect to have a summary report of attendance, attainment and general achievement on a weekly/monthly/termly or annual basis. Parents will often be asked to sign and write back comments about this review report.&lt;br /&gt;
&lt;br /&gt;
In all Key Stages there is a great need for parents to receive communication from the school which they can confirm they have received by signing a form. In some cases this may also involve making choices from a list. It may also involve payment for a trip or disco being returned so there could be the possibility of electronic payments. Also in all Key Satges there may be a home-school agreement which may be signed up to. Could this form part of a site policy system that incorporates a tickable list of activities the parent agrees to the child using (blogs/wikis/forums etc.)?&lt;br /&gt;
&lt;br /&gt;
Parent&#039;s evenings often involve complex booking systems that attempt to get parent&#039;s and teachers together. Easy for EY/KS1/KS2 very difficult for KS3/KS4. Wow would this help if it was built into the Learning Platform.&lt;br /&gt;
&lt;br /&gt;
In some cases there needs to be confidential communication between the parent and the teacher without the child being party to this. It may involve teaching and learning but could also involve a behaviour or medical issue. Often this may be done via a sealed letter or face to face. &lt;br /&gt;
&lt;br /&gt;
The latest incarnation of OfSTED with the Self Review Framework (SEF) there is a greater emphasis on schools gathering parent voice via surveys and discussion. There is a clear match here with parents have access to parental votes, questionnaires and discussions and for schools to be able to publish news, results and reports back to parents.&lt;br /&gt;
&lt;br /&gt;
In the UK the LP framework and agenda as being pushed by the DfES via Becta emphasises that within the mandatory groups and roles functionality the parent role is likely to be required to meet the LP Framework procurement standard.&lt;br /&gt;
&lt;br /&gt;
Again in the UK, parents have their own independent right of access to a child&#039;s educational records. Obviously, children&#039;s records must not be made available to other parties, including the parents of other children in the same class. Thus it would be necessary to associate parent accounts with their own child&#039;s accounts in such a way that they could, if so desired, have read access to their child&#039;s grades, answers and contributions, but generally not those of other children - this may be problematic in the case of wiki activities or forum posts.&lt;br /&gt;
&lt;br /&gt;
There is some concern that children&#039;s forum contributions etc may be constrained if their parents are able to read all that they write; this may be particularly problematic in areas such as Personal, Social and Health Education (PSHE), where some schools may choose to use obfuscated usernames.&lt;br /&gt;
&lt;br /&gt;
===Manager===&lt;br /&gt;
&#039;&#039;Please add text here...&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Weekly Seminar Leader===&lt;br /&gt;
&#039;&#039;In a university seminar, typically 8-15 students in their 3rd/4th year, each student is responsible for leading one topic in a study series.  I ask each student to research 5-10 resources, then give a powerpoint presentation to the other students.  This is followed by an in-class discussion and then online homework.  The homework involves some fun quiz questions and then some reflective journal questions.  I ask each seminar leader to prepare the quiz questions and journal questions as well as their presentation.  To do that, I would like to assign activity-making/authoring roles to the student--either for a short period, or for duration of the whole course.  Thus &amp;quot;Allow Quiz Authoring Role&amp;quot; or &amp;quot;Allow Assignment Authoring Role&amp;quot; at the course level or, if possible, even the Topic level (in a topic or week format course) would be important.&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Mentor/Mentee===&lt;br /&gt;
&#039;&#039;Please add text here...&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Community-Designed Rating Criteria===&lt;br /&gt;
&#039;&#039;The gradebook tends to be the domain of the teacher.  What if community/peer ratings/marks could also be entered there? What if peer assessment criteria could be designed by the students, not just the teacher?&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Visitor===&lt;br /&gt;
&lt;br /&gt;
This would be a role whereby one could allow a visitor to visit one&#039;s classroom. This might be a colleague interested in seeing your course, or a journalist who might be writing an article about one&#039;s site. They should not be able to see the names of any students anywhere (eg recent activity, forum posts) for privacy reasons. They should be able to try out things like quizzes, and lessons but no grades would be recorded (like in teacher preview mode). They would not be able to participate in choices and forums but could view them. It would be read only in a way like former-student role below but without access to a particular student&#039;s records that former student role would grant.&lt;br /&gt;
&lt;br /&gt;
===Guest Speaker===&lt;br /&gt;
&lt;br /&gt;
This role would be similar to the Visitor role above, but would allow seeing student names, and also allow both reading and posting to a specific forum or forums. We often have &amp;quot;guest speakers&amp;quot; who read and respond to student forum posts. Right now we have to add them as students, which isn&#039;t ideal.&lt;br /&gt;
&lt;br /&gt;
===Former Student===&lt;br /&gt;
This role would be of particular use for courses with rolling enrollments. This role would be one where a student had completed all of the requirements of a course (ie assignments, quizzes etc.) but wished to have continued access to the course material for review or consultation. The key factor is that one would give access to the completed student to the notes he read, his work and the teacher&#039;s comments on it, but he would not be allowed to do anything that would take up the teacher&#039;s time. In other words, a sort-of read-only access to the course. How forums, which might contain pertinent information and would continue to grow, would be handled is a question. Perhaps the student would be shown only what was in the forums at the time he completed the course. He would not be allowed to see any new posts or add any himself. Same thing for database and glossary entries. In other words, a snapshot of the course at the time his regular enrollment ended. He shouldn&#039;t be able to see the names or profiles of any newly enrolled students for privacy reasons-hence the restrictions on forum access. One issue that would have to be dealt with would be changes to existing modules-such as resources. Does the student get access to the module as it was or as it is? We have no versioning of resources in Moodle so this would be a problem. What about a teacher changing a quiz question so that the answer is different? What would a former student see?&lt;br /&gt;
&lt;br /&gt;
===Alumnus=== An ALUMNUS should be able to search for all other ALUMNI of the school, interact with them and be enrolled in a seperate course - which is like a META course with all the content of his learning and interaction - as well as capabilities to be a part of this ALUMNI only course.  All the teachers of courses during school years should automatically be a part of the ALUMNI course .. which means when an ALUMNUS is enrolled in a course, the original teachers of all his courses get enrolled ?  --[[User:Anil Sharma|Anil Sharma]] 20:54, 15 July 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Librarian===&lt;br /&gt;
&lt;br /&gt;
Reference Librarians have an active role in most of the courses taught at Earlham College (with Bibliographic Instruction). The Librarian role within Moodle could encompass default read access to all courses (unless prohibited by course teacher) and read access to all components of the course unless access is barred (again by teacher). The Librarians would also perhaps have a block called perhaps Reference Services or Reference Desk with write access where they could deposit resources. Also this block might have a chat applet whereby enrolled students could chat to the Reference Librarian on duty about their bibliographic research needs.&lt;br /&gt;
&lt;br /&gt;
In schools there is often a book review system. This may be covered by the lending system database but may not in which case a librarian may neeed to have a course area they can create a database template to handle the reviews in which case they may have a normal teacher style role? Off topic but course an integration with common schools database systems would be great.&lt;br /&gt;
&lt;br /&gt;
===Teacher===&lt;br /&gt;
&lt;br /&gt;
Teachers should have read access to other Teacher&#039;s courses unless explictly prohibited. They should be able to set parts of their own course to be totally private (perhaps even to admin?). Just as each activity can currently be set to have group access, each activity could have a permissions field. Teachers could set default permissions for all activities on their course (eg they might disallow Librarian access for example) and then change the access permission for an individual activity. &lt;br /&gt;
&lt;br /&gt;
I think that what is needed is a simple heirarchy of permissions and levels of granularity.&lt;br /&gt;
&lt;br /&gt;
I would take issue with &amp;quot;teachers should have read access to other teacher&#039;s courses unless explicitly prohibited.&amp;quot; This is a violation of the students&#039; privacy as how they perform and what they do in one class isn&#039;t the business of another teacher. Moreover, in the real world a teacher wouldn&#039;t suddenly go sit in on a colleague&#039;s class without asking permission first. I would not have appreciated such an invasion of privacy as either a teacher or a student. It could be an option, but shouldn&#039;t be default.--[[User:N Hansen|N Hansen]] 19:54, 12 June 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Community Education Tutors/Trainers===&lt;br /&gt;
Teachers may be community adult education trainers making use of a school moodle so must only have access to their courses unless given access elsewhere. They would not necessarily get the default teacher privileges.&lt;br /&gt;
&lt;br /&gt;
===Secretary/Student Worker===&lt;br /&gt;
&lt;br /&gt;
We often have faculty who want their departmental secretary or student worker to scan and upload files and perhaps create resources. Currently they have to be given teacher access to the course. This is dangerous from a FERPA standpoint since they could easily get access to grades.&lt;br /&gt;
&lt;br /&gt;
===Teaching Assistant===&lt;br /&gt;
&lt;br /&gt;
Our Faculty frequently have undergraduate students acting as Teaching Assistants. These students need to be able to add resources, create assignments, and possibly grade assignments. However, due to FERPA they cannot have access to other students&#039; overall grade information. I think the requirements here are slightly different than those of Secretary/Student Worker&lt;br /&gt;
&lt;br /&gt;
===Student - FERPA rights===&lt;br /&gt;
&lt;br /&gt;
A student that has asserted their FERPA rights to non-disclosure.  Typically includes not publishing their name&lt;br /&gt;
in any public place.  Could include this student only being seen with an &amp;quot;alias&amp;quot; within course spaces.  Is this an attribute rather&lt;br /&gt;
than a role?&lt;br /&gt;
&lt;br /&gt;
===Help Desk===&lt;br /&gt;
&lt;br /&gt;
Help desk agents that have read access for the purposes of trouble shooting.  Some care in placing this role within a hierarchy&lt;br /&gt;
of inheritance is needed, full access will be problematic with FERPA.&lt;br /&gt;
&lt;br /&gt;
===Admin - Catgory based===&lt;br /&gt;
&lt;br /&gt;
Basically a person in between full Admin and Creator that has the permissions of an Admin but only with respect to courses and students. Currently a Creator has permissions site-wide which does not always meet the requirements of a given organisation (e.g. Department A may not be happy that a person from Department B can create/modify courses within Department A&#039;s area). The ability to designate a Creator within a specific category would allow areas to be set up for a faculty/department/organisation and allow the Admin for that area to create/delete courses, upload users, add site-wide entries to the calendar etc.&lt;br /&gt;
&lt;br /&gt;
===PROCESS ROLES===&lt;br /&gt;
&lt;br /&gt;
organising the learning process for a group you wish to have the choice to place students in differnt roles: examples of this are:&lt;br /&gt;
&amp;lt;li&amp;gt;1. Give a student the role of forum-moderator with edit and chunk-rights&lt;br /&gt;
&amp;lt;li&amp;gt;2. Give students different roles &amp;amp; rights in a Webquest design (and change these roles next week&lt;br /&gt;
&amp;lt;li&amp;gt;3. Give students different resources, depending of their roles in a rolegame/simulation&lt;br /&gt;
&amp;lt;li&amp;gt;4. Give a student the rights to create the section content of next week (and only that week..)&lt;br /&gt;
&amp;lt;li&amp;gt;5. ..&lt;br /&gt;
&lt;br /&gt;
==See also==&lt;br /&gt;
&lt;br /&gt;
*Using Moodle [http://moodle.org/mod/forum/discuss.php?d=38788 Roles and Permissions architecture] forum discussion&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[Category:Future]]&lt;br /&gt;
[[Category:Roles]]&lt;br /&gt;
&lt;br /&gt;
[[ru:Роли]]&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Roles&amp;diff=3071</id>
		<title>Roles</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Roles&amp;diff=3071"/>
		<updated>2006-08-22T06:12:55Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* Module-level Capabilities */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&#039;&#039;&#039;Roles and permissions&#039;&#039;&#039; will be in Moodle 1.7 and are available in the developer version of Moodle.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Definitions==&lt;br /&gt;
&lt;br /&gt;
A role is an identifier of the user&#039;s status in some context, for example, teacher, student and forum moderator are examples of roles.&lt;br /&gt;
&lt;br /&gt;
A capability is a description of some particular Moodle feature. Capabilities are associated with roles. For example, &#039;&#039;mod/forum:replypost&#039;&#039; is a capability.&lt;br /&gt;
&lt;br /&gt;
A permission is some value that is assigned for a capability for a particular role.  For example, allow or prevent.&lt;br /&gt;
&lt;br /&gt;
A context is a &amp;quot;space&amp;quot; in the Moodle, such as courses, activity modules, blocks etc.&lt;br /&gt;
&lt;br /&gt;
==The existing system==&lt;br /&gt;
&lt;br /&gt;
Currently in Moodle, we have a fixed set of roles i.e. primary admin, admins, course creators, editing teachers, non-editing teachers, students, and guests. For each role, the capability or actions that they can performed are fixed. For example, the role student allows the user to submit an assignment, but doesn&#039;t allow the user to browse/edit other users&#039; work. By using this setup we limit ourselves to a rather rigid set of capabilities for each role. If we want, say a particular student or group to be able to mark assignments in a particular course, we can&#039;t do that without giving these users teacher privileges.&lt;br /&gt;
&lt;br /&gt;
==The new roles and capability system==&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{{Moodle 1.7}}The new system will allow authorized users to define an arbitrary number of roles (eg a teacher) &lt;br /&gt;
&lt;br /&gt;
A role consists of a list of permissions for different possible actions within Moodle (eg delete discussions, add activities etc)&lt;br /&gt;
&lt;br /&gt;
Roles can be applied to users in a context (eg assign Fred as a teacher in a particular course)&lt;br /&gt;
&lt;br /&gt;
Here are the possible contexts, listed from the most general to the most specific. &lt;br /&gt;
&lt;br /&gt;
#CONTEXT_SYSTEM&lt;br /&gt;
#CONTEXT_PERSONAL&lt;br /&gt;
#CONTEXT_USERID&lt;br /&gt;
#CONTEXT_COURSECAT&lt;br /&gt;
#CONTEXT_COURSE&lt;br /&gt;
#CONTEXT_GROUP&lt;br /&gt;
#CONTEXT_MODULE&lt;br /&gt;
#CONTEXT_BLOCK&lt;br /&gt;
&lt;br /&gt;
An authorized user will be able to assign an arbitrary number of roles to each user in any context.&lt;br /&gt;
&lt;br /&gt;
Capabilities can have the following permissions:&lt;br /&gt;
&lt;br /&gt;
#CAP_INHERIT&lt;br /&gt;
#CAP_ALLOW&lt;br /&gt;
#CAP_PREVENT&lt;br /&gt;
#CAP_PROHIBIT&lt;br /&gt;
&lt;br /&gt;
If no permission is defined, then the capability permission is inherited from a context that is more general than the current context. If we define different permission values for the same capability in different contexts, we say that we are overriding the capability in the more specific context.&lt;br /&gt;
&lt;br /&gt;
Since the capabilities in each role could be different, there could be conflict in capabilities. This is resolved by enforcing the rule that the capability defined for a more specific context will win, unless a prohibit is encountered in a less specific context.&lt;br /&gt;
&lt;br /&gt;
For example, Mark has a student role at course level, which allows him to write into a wiki. But Mark also got assigned a Visitor role at a module context level (for a particular wiki) which prevents him from writing to the wiki (read only). Therefore, for this particular wiki, Mark will not be able to write to the wiki since the more specific context wins.&lt;br /&gt;
&lt;br /&gt;
If we set a prohibit on a capability, it means that the capability cannot be overridden and will always have a permission of prevent (deny). Prohibit always wins. For example, Jeff has a naughty student role that prohibits him from postings in any forums (for the whole site), but he&#039;s also assigned a facilitator role in &amp;quot;Science forum&amp;quot; in the course Science and Math 101. Since prohibit always wins, Jeff is unable to post in &amp;quot;Science forum&amp;quot;.&lt;br /&gt;
&lt;br /&gt;
Allow and prevent will cancel each other out if set for the same capability at the same context level. If this happens, we refer to the previous context level to determine the permission for the capability.&lt;br /&gt;
&lt;br /&gt;
This may sound more complex than it really is in practice.  The upshot is that the system can be flexible enough to allow any combination of permissions.&lt;br /&gt;
&lt;br /&gt;
==Upgrading from 1.6==&lt;br /&gt;
&lt;br /&gt;
A smooth upgrade will be provided with 1.7. The existing roles (admin, teacher, student, etc), and the existing capabilities will be automatically retained.  This is done by creating default roles at site/course levels, and assigning the current users to these roles accordingly. The default roles will have default capabilities associated with them, mirroring what we have  in 1.6.   With no modifications, Moodle will operate exactly the same before and after the upgrade.&lt;br /&gt;
&lt;br /&gt;
===Teachers===&lt;br /&gt;
&lt;br /&gt;
Users who were teachers will be assigned the default legacy teacher role (or non-editing teacher role) in all courses they were teacher.&lt;br /&gt;
&lt;br /&gt;
===Students===&lt;br /&gt;
&lt;br /&gt;
Users who were students will be assigned the default student role in all courses they were student.&lt;br /&gt;
&lt;br /&gt;
===Guests===&lt;br /&gt;
&lt;br /&gt;
There will still be a single guest user with no default role at site level.   For each course that allows guest access, the guest role will be assigned to the guest user for that course context.   The guest control for the course will be modified from three to two options (guests always need to enter enrolment key - on/off).  This setting is checked as now to force guests to enter key.&lt;br /&gt;
&lt;br /&gt;
==Capabilities==&lt;br /&gt;
&lt;br /&gt;
This will be a comprehensive list of capabilities (it&#039;s not complete yet). It is important that capability names are unique.&lt;br /&gt;
&lt;br /&gt;
===Core-level Capabilities===&lt;br /&gt;
&lt;br /&gt;
Moodle core capability names start with &#039;moodle/&#039;.  The next word indicates what type of core capability it is, and the last word is the actual capability itself.  The capabilities for the Moodle core are defined in lib/db/access.php&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
#moodle/legacy:guest - legacy capabilities are used to transition existing users to the new roles system during the upgrade to Moodle 1.7&lt;br /&gt;
#moodle/legacy:student&lt;br /&gt;
#moodle/legacy:teacher&lt;br /&gt;
#moodle/legacy:editingteacher&lt;br /&gt;
#moodle/legacy:coursecreator&lt;br /&gt;
#moodle/legacy:admin&lt;br /&gt;
#moodle/site:doanything - special capability, meant for admins, if is set, overrides all other capability settings&lt;br /&gt;
#moodle/site:config - applicable in admin/index.php and config.php (might break down later) : 1)admin/config.php 2)admin/configure.php 3)blocks/admin/block_admin.php load_content_for_site()&lt;br /&gt;
#moodle/site:manageblocks - adding/removing/editing blocks (site, course contexts only for now) : 1)_add_edit_controls moodleblock.class.php &lt;br /&gt;
#moodle/site:backup - can create a course backup : 1)course/category.php 2)block_admin.php&lt;br /&gt;
#moodle/site:restore - can restore into this context : 1)course/category.php 2)block_admin.php&lt;br /&gt;
#moodle/site:import - can import other courses into this context : 1)block_admin.php&lt;br /&gt;
#moodle/site:accessallgroups - able to access all groups irrespective of what group the user is in&lt;br /&gt;
#moodle/site:viewfullnames - able to see fullnames of other users&lt;br /&gt;
#moodle/site:viewreports - able to view site/course reports&lt;br /&gt;
#moodle/blog:view - read blogs&lt;br /&gt;
#moodle/blog:create - write new blog posts&lt;br /&gt;
#moodle/blog:manageofficialtags - create/delete official blog tags that others can use&lt;br /&gt;
#moodle/blog:managepersonaltags - create/delete official blog tags that others can use&lt;br /&gt;
#moodle/blog:manageentries - edit/delete all blog entries&lt;br /&gt;
#moodle/course:create - create courses : 1)course/edit.php 2)course/category.php 3)course/index.php&lt;br /&gt;
#moodle/course:delete - create courses : 1)course/category.php&lt;br /&gt;
#moodle/course:update - update course settings&lt;br /&gt;
#moodle/course:view - can use this to find participants&lt;br /&gt;
#moodle/course:viewparticipants - allows a user to view participant list&lt;br /&gt;
#moodle/course:viewscales - view scales (i.e. in a help window?) : 1)course/scales.php&lt;br /&gt;
#moodle/course:manageactivities - adding/removing/editing activities and resources (don&#039;t think it makes any sense to split these)&lt;br /&gt;
#moodle/course:managescales - add, delete, edit scales, move scales up and down : 1)blocks/block_admin.php 2)course/scales.php&lt;br /&gt;
#moodle/course:managegroups - managing groups, add, edit, delete : 1)course/groups.php 2)course/group.php&lt;br /&gt;
#moodle/course:managefiles - manage course files and folders&lt;br /&gt;
#moodle/course:managequestions - manage course questions&lt;br /&gt;
#moodle/course:reset - able to reset the course&lt;br /&gt;
#moodle/course:visibility - hide/show courses : 1)course/category.php&lt;br /&gt;
#moodle/course:activityvisibility - hide/show activities within a course&lt;br /&gt;
#moodle/course:viewhiddenactivities - able to see activities that have been hidden&lt;br /&gt;
#moodle/category:create - create category : 1)course/index.php&lt;br /&gt;
#moodle/category:delete - delete category : 1)course/index.php&lt;br /&gt;
#moodle/category:update - update category settings : 1)course/category.php&lt;br /&gt;
#moodle/category:visibility - hide/show categories : 1)course/index.php&lt;br /&gt;
#moodle/user:create - create user : 1) user/edit.php&lt;br /&gt;
#moodle/user:delete - delete user : 1) admin/user.php&lt;br /&gt;
#moodle/user:update - update user settings : 1) user/edit.php&lt;br /&gt;
#moodle/user:viewdetails - view personally-identifying user details (e.g. name, photo). This ties in with the &amp;quot;visitor&amp;quot; scenario described below.&lt;br /&gt;
#moodle/calendar:manageownentries - create/edit/delete &lt;br /&gt;
#moodle/calendar:manageentries - create/edit/delete&lt;br /&gt;
#moodle/role:assign - assign roles to users&lt;br /&gt;
#moodle/role:override - can override role capabilities (depending on context)&lt;br /&gt;
#moodle/role:manage - create/edit/delete roles, set capability permissions for each role&lt;br /&gt;
#moodle/question:import - imports questions (course level?) - Yes, question permissions currently need to be course-level.--[[User:Tim Hunt|Tim Hunt]]&lt;br /&gt;
#moodle/question:export - exports questions (course level?)&lt;br /&gt;
#moodle/question:managecateory - add/delete/edit question categories (course level?)&lt;br /&gt;
#moodle/question:manage - add/edit/delete a question (course level)&lt;br /&gt;
&lt;br /&gt;
===User-level Capabilities===&lt;br /&gt;
# moodle/user:readuserposts -read individual user posts on profile page (parent?)&lt;br /&gt;
# moodle/user:readuserblogs -read individual user blogs on profile page (parent?)&lt;br /&gt;
# moodle/user:viewuseractivitiesreport-read individual activity report on profile page (parent?)&lt;br /&gt;
&lt;br /&gt;
===Module-level Capabilities===&lt;br /&gt;
The capabilities are cached into a database table when a module is installed or updated. Whenever the capability definitions are updated, the module version number should be bumped up so that the database table can be updated.&lt;br /&gt;
&lt;br /&gt;
The naming convention for capabilities that are specific to modules and blocks is &#039;mod/mod_name:capability&#039;.  The part before the colon is the full path to the module in the Moodle code.  The module capabilities are defined in mod/mod_name/db/access.php.&lt;br /&gt;
&lt;br /&gt;
#Assignment&lt;br /&gt;
##mod/assignment:view- reading the assignment description&lt;br /&gt;
##mod/assignment:submit - turn assignment in&lt;br /&gt;
##mod/assignment:grade - grading, viewing of list of submitted assignments&lt;br /&gt;
#Chat&lt;br /&gt;
##mod/chat:chat - allows a user to participate in this chat&lt;br /&gt;
##mod/chat:readlog - allows a user to read past chat session logs&lt;br /&gt;
##mod/chat:deletelog - allows a user to delete past chat logs&lt;br /&gt;
#Choice&lt;br /&gt;
##mod/choice:choose - make a choice&lt;br /&gt;
##mod/choice:readresponses - read all responses&lt;br /&gt;
##mod/choice:deleteresponses - deletes all responses&lt;br /&gt;
##mod/choice:downloadresponses - download responses&lt;br /&gt;
#Database&lt;br /&gt;
##mod/data:readentry - reads other people&#039;s entry&lt;br /&gt;
##mod/data:writeentry - add / edit and delete (own) entries&lt;br /&gt;
##mod/data:managetemplates - add, delete, edit fields and templates&lt;br /&gt;
##mod/data:manageentries - edit/delete all entries&lt;br /&gt;
##mod/data:comment - comment&lt;br /&gt;
##mod/data:managecomments - edit/delete all comments&lt;br /&gt;
##mod/data:rate - rate an entry&lt;br /&gt;
##mod/data:approve - approves an entry&lt;br /&gt;
##mod/data:uploadentries - batch upload of entries&lt;br /&gt;
#Exercise&lt;br /&gt;
##mod/exercise:assess&lt;br /&gt;
#Forum&lt;br /&gt;
##mod/forum:viewforum&lt;br /&gt;
##mod/forum:viewdiscussion&lt;br /&gt;
##mod/forum:viewdiscussionsfromallgroups&lt;br /&gt;
##mod/forum:viewhiddentimedposts&lt;br /&gt;
##mod/forum:startdiscussion&lt;br /&gt;
##mod/forum:replypost&lt;br /&gt;
##mod/forum:viewrating&lt;br /&gt;
##mod/forum:viewanyrating&lt;br /&gt;
##mod/forum:rate&lt;br /&gt;
##mod/forum:createattachment&lt;br /&gt;
##mod/forum:deleteownpost&lt;br /&gt;
##mod/forum:deleteanypost&lt;br /&gt;
##mod/forum:splitdiscussions&lt;br /&gt;
##mod/forum:movediscussions&lt;br /&gt;
##mod/forum:editanypost&lt;br /&gt;
##mod/forum:viewqandawithoutposting&lt;br /&gt;
##mod/forum:viewsubscribers&lt;br /&gt;
##mod/forum:managesubscriptions&lt;br /&gt;
##mod/forum:throttlingapplies&lt;br /&gt;
#Glossary&lt;br /&gt;
##mod/glossary:view - read entries&lt;br /&gt;
##mod/glossary:write - add entries&lt;br /&gt;
##mod/glossary:manageentries - add, edit, delete entries&lt;br /&gt;
##mod/glossary:managecategories - create, delete, edit categories&lt;br /&gt;
##mod/glossary:comment - comment on an entry&lt;br /&gt;
##mod/glossary:managecomments - edit, delete comments&lt;br /&gt;
##mod/glossary:import - import glossaries&lt;br /&gt;
##mod/glossary:export - export glossaries&lt;br /&gt;
##mod/glossary:approve - approve glossaries&lt;br /&gt;
##mod/glossary:rate - rates glossary&lt;br /&gt;
##mod/glossary:viewrating - view ratings&lt;br /&gt;
#Hotpot&lt;br /&gt;
##mod/hotpot:view&lt;br /&gt;
#Label&lt;br /&gt;
##none&lt;br /&gt;
#Lams&lt;br /&gt;
##TBD&lt;br /&gt;
#Lesson&lt;br /&gt;
##TBD&lt;br /&gt;
#Quiz&lt;br /&gt;
##mod/quiz:grade - comment, override grade, manual grade&lt;br /&gt;
##mod/quiz:preview - previews the quiz&lt;br /&gt;
##mod/quiz:viewreports - view quiz result reports&lt;br /&gt;
##mod/quiz:manage - add/delete/move (up or down) questions for a quiz&lt;br /&gt;
##mod/quiz:attempt - attempt the quiz--[[User:Tim Hunt|Tim Hunt]]&lt;br /&gt;
#Resource&lt;br /&gt;
##mod/resource:view&lt;br /&gt;
#Scorm&lt;br /&gt;
##mod/scorm:view&lt;br /&gt;
##mod/scorm:viewgrades&lt;br /&gt;
#Survey&lt;br /&gt;
##mod/survey:download - downloads survery result&lt;br /&gt;
##mod/survey:participate - participate/ do survey&lt;br /&gt;
##mod/survey:readresponses - read all user&#039;s responese&lt;br /&gt;
#Wiki&lt;br /&gt;
##Waiting on new wiki&lt;br /&gt;
#Workshop&lt;br /&gt;
##Waiting on new Workshop&lt;br /&gt;
&lt;br /&gt;
===Enrolment-level Capabilities===&lt;br /&gt;
&lt;br /&gt;
The naming convention for capabilities that are specific to enrolment is &#039;enrol/enrol_name:capability&#039;. The enrolment capabilities are defined in enrol/enrol_name/db/access.php.&lt;br /&gt;
&lt;br /&gt;
#Authorize.net Payment Gateway &lt;br /&gt;
##enrol/authorize:managepayments - manage user payments, capture, void, refund, delete etc.&lt;br /&gt;
&lt;br /&gt;
Will it be possible to enroll people into different roles in a course as part of the enrollment process itself? I mean could you have an option to self-enroll (either involving payment or not) into multiple roles? In fact, will there be any possibility of a student self-selecting a role for themselves, but no one else but themselves?--[[User:N Hansen|N Hansen]] 02:00, 14 August 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Blocks===&lt;br /&gt;
&lt;br /&gt;
===Questions===&lt;br /&gt;
I am adding question categories here because they seem to have been forgotten in the whole scheme of things since having been removed from the quiz module itself. I&#039;ve made a suggestion on how these could be handled in [http://www.moodle.org/bugs/bug.php?op=show&amp;amp;bugid=6118&amp;amp;pos= bug 6118].&lt;br /&gt;
&lt;br /&gt;
See [http://moodle.org/mod/forum/discuss.php?d=51143 this forum thread] for a discussion about the current problems wth publishing question categories.[[User:Tim Hunt|Tim Hunt]] 18:50, 8 August 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
==Programming Interface==&lt;br /&gt;
&lt;br /&gt;
Although the Roles system may look complicated at first glance, implementing it in Moodle code is fairly simple.&lt;br /&gt;
&lt;br /&gt;
* You need to define each capability once, so that Moodle can upgrade existing roles to take advantage of it.  You do this in an access.php inside the db folder of any module (eg see mod/forum/db/access.php).  The array contains entries like this (note the descriptions for the legacy roles which provides forward compatibility):&lt;br /&gt;
    &#039;mod/forum:viewforum&#039; =&amp;gt; array(&lt;br /&gt;
        &#039;captype&#039; =&amp;gt; &#039;read&#039;,&lt;br /&gt;
        &#039;contextlevel&#039; =&amp;gt; CONTEXT_MODULE,&lt;br /&gt;
        &#039;legacy&#039; =&amp;gt; array(&lt;br /&gt;
            &#039;guest&#039; =&amp;gt; CAP_PREVENT,&lt;br /&gt;
            &#039;student&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;teacher&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;editingteacher&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;coursecreator&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;admin&#039; =&amp;gt; CAP_ALLOW&lt;br /&gt;
        )&lt;br /&gt;
    ),&lt;br /&gt;
* To load/change these capabilities you need to bump the module version.   There&#039;s no need to provide changes or differences as Moodle will scan the whole array and sort it out.&lt;br /&gt;
* On each page you need to find the context the user is working in, using the get_context_instance() function.  For example, in the forum module:&lt;br /&gt;
&lt;br /&gt;
  $context = get_context_instance(CONTEXT_MODULE, $cm-&amp;gt;id);&lt;br /&gt;
* Then, whenever you want to check that the current user has rights to do something, call has_capability() like this:&lt;br /&gt;
    if (!has_capability(&#039;mod/forum:viewforum&#039;, $context)) {&lt;br /&gt;
        print_error(&#039;nopermissiontoviewforum&#039;);&lt;br /&gt;
    }&lt;br /&gt;
* If you just want to assert a capability and then finish with an error message if it&#039;s not met (as we did above), then a shorter way it to use require_capability() like this:&lt;br /&gt;
&lt;br /&gt;
    require_capability(&#039;mod/forum:viewforum&#039;, $context);&lt;br /&gt;
&lt;br /&gt;
* Note that there are extra parameters you can specify to get a custom error message, otherwise users get an automated &amp;quot;No permissions&amp;quot; message that lists the permission they were missing.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
As a result of the new Roles System, all calls to isadmin(), iscoursecreator, isteacheredit(), isteacher(), isstudent(), and isguest() will have to be replaced with calls to has_capability() or require_capability().   However, these functions will be retained for some backward compatibility with old code, using the legacy capabilities to try and work out what to do.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Problem areas we are working on ==&lt;br /&gt;
&lt;br /&gt;
===Student view===&lt;br /&gt;
===Teacher forum===&lt;br /&gt;
===Enrolment plugins===&lt;br /&gt;
&lt;br /&gt;
==Scenario brainstorming==&lt;br /&gt;
&lt;br /&gt;
This section is for brainstorming some example roles that we would like to support.  Note some of these *may* not be possible in 1.7.&lt;br /&gt;
&lt;br /&gt;
===Student===&lt;br /&gt;
Has this one been missed?&lt;br /&gt;
&lt;br /&gt;
===Site Designers===&lt;br /&gt;
Is there a role for people involved in how the site looks but not full administrators? Thinking here of online control of themes rather than FTP theme uploading. But in either case they caneditlogos, caneditcss, candeditlevelatwhichthemeapplies.&lt;br /&gt;
&lt;br /&gt;
===Educational Authority Adviser===&lt;br /&gt;
Someone who would want to browse the site and may be asked to comment or contribute to particular discussions or developments in school. Access for this role would be controlled by the school in the case of school level moodles but may be different if there were to be a Local Authority wide Moodle.&lt;br /&gt;
&lt;br /&gt;
===Educational Inspector===&lt;br /&gt;
Someone who will visit the site to verify the school&#039;s self review that comments on home school relationships, extending the classroom etc. They may want to see summaries of usage and reports from surveys garnering parent and pupil views.&lt;br /&gt;
&lt;br /&gt;
===Second Marker / Moderator===&lt;br /&gt;
A teacher within ths site that has access to assignments and quizzes from another teacher&#039;s course for second marking purposes. This may need additional functionality adding to the assignment module so that two sets of grades/feedback can be given to one set of assignments.&lt;br /&gt;
&lt;br /&gt;
===Peer observer of teaching===&lt;br /&gt;
Many institutions encourage peer observation of teaching, to encourage reflection on practice. In online environments this will be similar to moderation or inspection. The peer observer would need to be able to experience the course &amp;quot;as a student&amp;quot;, but also to be able to view summaries of usage, transcripts of interactions (forums/surveys/polls etc), grades assigned (e.g. in assignments).&lt;br /&gt;
&lt;br /&gt;
===External Examiner===&lt;br /&gt;
Has all the rights of inpectors, but would also need to be able to review assignments and feedback, view forums, glossaries etc. However, would not want to post, feedback onto the site at all.&lt;br /&gt;
&lt;br /&gt;
===Parent===&lt;br /&gt;
A parent will have one or more children in one or more institutions which could be using one or more moodle instances or a mixture of Learning Platforms. A parent&#039;s role will vary depending on the age of their children and whether they are contributing as a parent or a school supporter.&lt;br /&gt;
&lt;br /&gt;
In Early Years (EY=3+4 yr olds) and Key Stage 1 (KS1=5+6 yr olds) they may play/learn on an activity or write for the child. Parents often interpret homework tasks and read to their children perhaps filling in a joint reading diary. In Key Stage 2 (KS2=7-11 yr olds) parents would be more monitoring but may join in as well.&lt;br /&gt;
&lt;br /&gt;
In Key stages 3 (KS3=12-14 yr olds) and 4 (KS4=15+16 yr olds) this changes to more of a monitoring/awareness role where a parent would expect to have a summary report of attendance, attainment and general achievement on a weekly/monthly/termly or annual basis. Parents will often be asked to sign and write back comments about this review report.&lt;br /&gt;
&lt;br /&gt;
In all Key Stages there is a great need for parents to receive communication from the school which they can confirm they have received by signing a form. In some cases this may also involve making choices from a list. It may also involve payment for a trip or disco being returned so there could be the possibility of electronic payments. Also in all Key Satges there may be a home-school agreement which may be signed up to. Could this form part of a site policy system that incorporates a tickable list of activities the parent agrees to the child using (blogs/wikis/forums etc.)?&lt;br /&gt;
&lt;br /&gt;
Parent&#039;s evenings often involve complex booking systems that attempt to get parent&#039;s and teachers together. Easy for EY/KS1/KS2 very difficult for KS3/KS4. Wow would this help if it was built into the Learning Platform.&lt;br /&gt;
&lt;br /&gt;
In some cases there needs to be confidential communication between the parent and the teacher without the child being party to this. It may involve teaching and learning but could also involve a behaviour or medical issue. Often this may be done via a sealed letter or face to face. &lt;br /&gt;
&lt;br /&gt;
The latest incarnation of OfSTED with the Self Review Framework (SEF) there is a greater emphasis on schools gathering parent voice via surveys and discussion. There is a clear match here with parents have access to parental votes, questionnaires and discussions and for schools to be able to publish news, results and reports back to parents.&lt;br /&gt;
&lt;br /&gt;
In the UK the LP framework and agenda as being pushed by the DfES via Becta emphasises that within the mandatory groups and roles functionality the parent role is likely to be required to meet the LP Framework procurement standard.&lt;br /&gt;
&lt;br /&gt;
Again in the UK, parents have their own independent right of access to a child&#039;s educational records. Obviously, children&#039;s records must not be made available to other parties, including the parents of other children in the same class. Thus it would be necessary to associate parent accounts with their own child&#039;s accounts in such a way that they could, if so desired, have read access to their child&#039;s grades, answers and contributions, but generally not those of other children - this may be problematic in the case of wiki activities or forum posts.&lt;br /&gt;
&lt;br /&gt;
There is some concern that children&#039;s forum contributions etc may be constrained if their parents are able to read all that they write; this may be particularly problematic in areas such as Personal, Social and Health Education (PSHE), where some schools may choose to use obfuscated usernames.&lt;br /&gt;
&lt;br /&gt;
===Manager===&lt;br /&gt;
&#039;&#039;Please add text here...&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Weekly Seminar Leader===&lt;br /&gt;
&#039;&#039;In a university seminar, typically 8-15 students in their 3rd/4th year, each student is responsible for leading one topic in a study series.  I ask each student to research 5-10 resources, then give a powerpoint presentation to the other students.  This is followed by an in-class discussion and then online homework.  The homework involves some fun quiz questions and then some reflective journal questions.  I ask each seminar leader to prepare the quiz questions and journal questions as well as their presentation.  To do that, I would like to assign activity-making/authoring roles to the student--either for a short period, or for duration of the whole course.  Thus &amp;quot;Allow Quiz Authoring Role&amp;quot; or &amp;quot;Allow Assignment Authoring Role&amp;quot; at the course level or, if possible, even the Topic level (in a topic or week format course) would be important.&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Mentor/Mentee===&lt;br /&gt;
&#039;&#039;Please add text here...&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Community-Designed Rating Criteria===&lt;br /&gt;
&#039;&#039;The gradebook tends to be the domain of the teacher.  What if community/peer ratings/marks could also be entered there? What if peer assessment criteria could be designed by the students, not just the teacher?&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Visitor===&lt;br /&gt;
&lt;br /&gt;
This would be a role whereby one could allow a visitor to visit one&#039;s classroom. This might be a colleague interested in seeing your course, or a journalist who might be writing an article about one&#039;s site. They should not be able to see the names of any students anywhere (eg recent activity, forum posts) for privacy reasons. They should be able to try out things like quizzes, and lessons but no grades would be recorded (like in teacher preview mode). They would not be able to participate in choices and forums but could view them. It would be read only in a way like former-student role below but without access to a particular student&#039;s records that former student role would grant.&lt;br /&gt;
&lt;br /&gt;
===Guest Speaker===&lt;br /&gt;
&lt;br /&gt;
This role would be similar to the Visitor role above, but would allow seeing student names, and also allow both reading and posting to a specific forum or forums. We often have &amp;quot;guest speakers&amp;quot; who read and respond to student forum posts. Right now we have to add them as students, which isn&#039;t ideal.&lt;br /&gt;
&lt;br /&gt;
===Former Student===&lt;br /&gt;
This role would be of particular use for courses with rolling enrollments. This role would be one where a student had completed all of the requirements of a course (ie assignments, quizzes etc.) but wished to have continued access to the course material for review or consultation. The key factor is that one would give access to the completed student to the notes he read, his work and the teacher&#039;s comments on it, but he would not be allowed to do anything that would take up the teacher&#039;s time. In other words, a sort-of read-only access to the course. How forums, which might contain pertinent information and would continue to grow, would be handled is a question. Perhaps the student would be shown only what was in the forums at the time he completed the course. He would not be allowed to see any new posts or add any himself. Same thing for database and glossary entries. In other words, a snapshot of the course at the time his regular enrollment ended. He shouldn&#039;t be able to see the names or profiles of any newly enrolled students for privacy reasons-hence the restrictions on forum access. One issue that would have to be dealt with would be changes to existing modules-such as resources. Does the student get access to the module as it was or as it is? We have no versioning of resources in Moodle so this would be a problem. What about a teacher changing a quiz question so that the answer is different? What would a former student see?&lt;br /&gt;
&lt;br /&gt;
===Alumnus=== An ALUMNUS should be able to search for all other ALUMNI of the school, interact with them and be enrolled in a seperate course - which is like a META course with all the content of his learning and interaction - as well as capabilities to be a part of this ALUMNI only course.  All the teachers of courses during school years should automatically be a part of the ALUMNI course .. which means when an ALUMNUS is enrolled in a course, the original teachers of all his courses get enrolled ?  --[[User:Anil Sharma|Anil Sharma]] 20:54, 15 July 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Librarian===&lt;br /&gt;
&lt;br /&gt;
Reference Librarians have an active role in most of the courses taught at Earlham College (with Bibliographic Instruction). The Librarian role within Moodle could encompass default read access to all courses (unless prohibited by course teacher) and read access to all components of the course unless access is barred (again by teacher). The Librarians would also perhaps have a block called perhaps Reference Services or Reference Desk with write access where they could deposit resources. Also this block might have a chat applet whereby enrolled students could chat to the Reference Librarian on duty about their bibliographic research needs.&lt;br /&gt;
&lt;br /&gt;
In schools there is often a book review system. This may be covered by the lending system database but may not in which case a librarian may neeed to have a course area they can create a database template to handle the reviews in which case they may have a normal teacher style role? Off topic but course an integration with common schools database systems would be great.&lt;br /&gt;
&lt;br /&gt;
===Teacher===&lt;br /&gt;
&lt;br /&gt;
Teachers should have read access to other Teacher&#039;s courses unless explictly prohibited. They should be able to set parts of their own course to be totally private (perhaps even to admin?). Just as each activity can currently be set to have group access, each activity could have a permissions field. Teachers could set default permissions for all activities on their course (eg they might disallow Librarian access for example) and then change the access permission for an individual activity. &lt;br /&gt;
&lt;br /&gt;
I think that what is needed is a simple heirarchy of permissions and levels of granularity.&lt;br /&gt;
&lt;br /&gt;
I would take issue with &amp;quot;teachers should have read access to other teacher&#039;s courses unless explicitly prohibited.&amp;quot; This is a violation of the students&#039; privacy as how they perform and what they do in one class isn&#039;t the business of another teacher. Moreover, in the real world a teacher wouldn&#039;t suddenly go sit in on a colleague&#039;s class without asking permission first. I would not have appreciated such an invasion of privacy as either a teacher or a student. It could be an option, but shouldn&#039;t be default.--[[User:N Hansen|N Hansen]] 19:54, 12 June 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Community Education Tutors/Trainers===&lt;br /&gt;
Teachers may be community adult education trainers making use of a school moodle so must only have access to their courses unless given access elsewhere. They would not necessarily get the default teacher privileges.&lt;br /&gt;
&lt;br /&gt;
===Secretary/Student Worker===&lt;br /&gt;
&lt;br /&gt;
We often have faculty who want their departmental secretary or student worker to scan and upload files and perhaps create resources. Currently they have to be given teacher access to the course. This is dangerous from a FERPA standpoint since they could easily get access to grades.&lt;br /&gt;
&lt;br /&gt;
===Teaching Assistant===&lt;br /&gt;
&lt;br /&gt;
Our Faculty frequently have undergraduate students acting as Teaching Assistants. These students need to be able to add resources, create assignments, and possibly grade assignments. However, due to FERPA they cannot have access to other students&#039; overall grade information. I think the requirements here are slightly different than those of Secretary/Student Worker&lt;br /&gt;
&lt;br /&gt;
===Student - FERPA rights===&lt;br /&gt;
&lt;br /&gt;
A student that has asserted their FERPA rights to non-disclosure.  Typically includes not publishing their name&lt;br /&gt;
in any public place.  Could include this student only being seen with an &amp;quot;alias&amp;quot; within course spaces.  Is this an attribute rather&lt;br /&gt;
than a role?&lt;br /&gt;
&lt;br /&gt;
===Help Desk===&lt;br /&gt;
&lt;br /&gt;
Help desk agents that have read access for the purposes of trouble shooting.  Some care in placing this role within a hierarchy&lt;br /&gt;
of inheritance is needed, full access will be problematic with FERPA.&lt;br /&gt;
&lt;br /&gt;
===Admin - Catgory based===&lt;br /&gt;
&lt;br /&gt;
Basically a person in between full Admin and Creator that has the permissions of an Admin but only with respect to courses and students. Currently a Creator has permissions site-wide which does not always meet the requirements of a given organisation (e.g. Department A may not be happy that a person from Department B can create/modify courses within Department A&#039;s area). The ability to designate a Creator within a specific category would allow areas to be set up for a faculty/department/organisation and allow the Admin for that area to create/delete courses, upload users, add site-wide entries to the calendar etc.&lt;br /&gt;
&lt;br /&gt;
===PROCESS ROLES===&lt;br /&gt;
&lt;br /&gt;
organising the learning process for a group you wish to have the choice to place students in differnt roles: examples of this are:&lt;br /&gt;
&amp;lt;li&amp;gt;1. Give a student the role of forum-moderator with edit and chunk-rights&lt;br /&gt;
&amp;lt;li&amp;gt;2. Give students different roles &amp;amp; rights in a Webquest design (and change these roles next week&lt;br /&gt;
&amp;lt;li&amp;gt;3. Give students different resources, depending of their roles in a rolegame/simulation&lt;br /&gt;
&amp;lt;li&amp;gt;4. Give a student the rights to create the section content of next week (and only that week..)&lt;br /&gt;
&amp;lt;li&amp;gt;5. ..&lt;br /&gt;
&lt;br /&gt;
==See also==&lt;br /&gt;
&lt;br /&gt;
*Using Moodle [http://moodle.org/mod/forum/discuss.php?d=38788 Roles and Permissions architecture] forum discussion&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[Category:Future]]&lt;br /&gt;
[[Category:Roles]]&lt;br /&gt;
&lt;br /&gt;
[[ru:Роли]]&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Roles&amp;diff=3070</id>
		<title>Roles</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Roles&amp;diff=3070"/>
		<updated>2006-08-22T02:24:02Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* Module-level Capabilities */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&#039;&#039;&#039;Roles and permissions&#039;&#039;&#039; will be in Moodle 1.7 and are available in the developer version of Moodle.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Definitions==&lt;br /&gt;
&lt;br /&gt;
A role is an identifier of the user&#039;s status in some context, for example, teacher, student and forum moderator are examples of roles.&lt;br /&gt;
&lt;br /&gt;
A capability is a description of some particular Moodle feature. Capabilities are associated with roles. For example, &#039;&#039;mod/forum:replypost&#039;&#039; is a capability.&lt;br /&gt;
&lt;br /&gt;
A permission is some value that is assigned for a capability for a particular role.  For example, allow or prevent.&lt;br /&gt;
&lt;br /&gt;
A context is a &amp;quot;space&amp;quot; in the Moodle, such as courses, activity modules, blocks etc.&lt;br /&gt;
&lt;br /&gt;
==The existing system==&lt;br /&gt;
&lt;br /&gt;
Currently in Moodle, we have a fixed set of roles i.e. primary admin, admins, course creators, editing teachers, non-editing teachers, students, and guests. For each role, the capability or actions that they can performed are fixed. For example, the role student allows the user to submit an assignment, but doesn&#039;t allow the user to browse/edit other users&#039; work. By using this setup we limit ourselves to a rather rigid set of capabilities for each role. If we want, say a particular student or group to be able to mark assignments in a particular course, we can&#039;t do that without giving these users teacher privileges.&lt;br /&gt;
&lt;br /&gt;
==The new roles and capability system==&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{{Moodle 1.7}}The new system will allow authorized users to define an arbitrary number of roles (eg a teacher) &lt;br /&gt;
&lt;br /&gt;
A role consists of a list of permissions for different possible actions within Moodle (eg delete discussions, add activities etc)&lt;br /&gt;
&lt;br /&gt;
Roles can be applied to users in a context (eg assign Fred as a teacher in a particular course)&lt;br /&gt;
&lt;br /&gt;
Here are the possible contexts, listed from the most general to the most specific. &lt;br /&gt;
&lt;br /&gt;
#CONTEXT_SYSTEM&lt;br /&gt;
#CONTEXT_PERSONAL&lt;br /&gt;
#CONTEXT_USERID&lt;br /&gt;
#CONTEXT_COURSECAT&lt;br /&gt;
#CONTEXT_COURSE&lt;br /&gt;
#CONTEXT_GROUP&lt;br /&gt;
#CONTEXT_MODULE&lt;br /&gt;
#CONTEXT_BLOCK&lt;br /&gt;
&lt;br /&gt;
An authorized user will be able to assign an arbitrary number of roles to each user in any context.&lt;br /&gt;
&lt;br /&gt;
Capabilities can have the following permissions:&lt;br /&gt;
&lt;br /&gt;
#CAP_INHERIT&lt;br /&gt;
#CAP_ALLOW&lt;br /&gt;
#CAP_PREVENT&lt;br /&gt;
#CAP_PROHIBIT&lt;br /&gt;
&lt;br /&gt;
If no permission is defined, then the capability permission is inherited from a context that is more general than the current context. If we define different permission values for the same capability in different contexts, we say that we are overriding the capability in the more specific context.&lt;br /&gt;
&lt;br /&gt;
Since the capabilities in each role could be different, there could be conflict in capabilities. This is resolved by enforcing the rule that the capability defined for a more specific context will win, unless a prohibit is encountered in a less specific context.&lt;br /&gt;
&lt;br /&gt;
For example, Mark has a student role at course level, which allows him to write into a wiki. But Mark also got assigned a Visitor role at a module context level (for a particular wiki) which prevents him from writing to the wiki (read only). Therefore, for this particular wiki, Mark will not be able to write to the wiki since the more specific context wins.&lt;br /&gt;
&lt;br /&gt;
If we set a prohibit on a capability, it means that the capability cannot be overridden and will always have a permission of prevent (deny). Prohibit always wins. For example, Jeff has a naughty student role that prohibits him from postings in any forums (for the whole site), but he&#039;s also assigned a facilitator role in &amp;quot;Science forum&amp;quot; in the course Science and Math 101. Since prohibit always wins, Jeff is unable to post in &amp;quot;Science forum&amp;quot;.&lt;br /&gt;
&lt;br /&gt;
Allow and prevent will cancel each other out if set for the same capability at the same context level. If this happens, we refer to the previous context level to determine the permission for the capability.&lt;br /&gt;
&lt;br /&gt;
This may sound more complex than it really is in practice.  The upshot is that the system can be flexible enough to allow any combination of permissions.&lt;br /&gt;
&lt;br /&gt;
==Upgrading from 1.6==&lt;br /&gt;
&lt;br /&gt;
A smooth upgrade will be provided with 1.7. The existing roles (admin, teacher, student, etc), and the existing capabilities will be automatically retained.  This is done by creating default roles at site/course levels, and assigning the current users to these roles accordingly. The default roles will have default capabilities associated with them, mirroring what we have  in 1.6.   With no modifications, Moodle will operate exactly the same before and after the upgrade.&lt;br /&gt;
&lt;br /&gt;
===Teachers===&lt;br /&gt;
&lt;br /&gt;
Users who were teachers will be assigned the default legacy teacher role (or non-editing teacher role) in all courses they were teacher.&lt;br /&gt;
&lt;br /&gt;
===Students===&lt;br /&gt;
&lt;br /&gt;
Users who were students will be assigned the default student role in all courses they were student.&lt;br /&gt;
&lt;br /&gt;
===Guests===&lt;br /&gt;
&lt;br /&gt;
There will still be a single guest user with no default role at site level.   For each course that allows guest access, the guest role will be assigned to the guest user for that course context.   The guest control for the course will be modified from three to two options (guests always need to enter enrolment key - on/off).  This setting is checked as now to force guests to enter key.&lt;br /&gt;
&lt;br /&gt;
==Capabilities==&lt;br /&gt;
&lt;br /&gt;
This will be a comprehensive list of capabilities (it&#039;s not complete yet). It is important that capability names are unique.&lt;br /&gt;
&lt;br /&gt;
===Core-level Capabilities===&lt;br /&gt;
&lt;br /&gt;
Moodle core capability names start with &#039;moodle/&#039;.  The next word indicates what type of core capability it is, and the last word is the actual capability itself.  The capabilities for the Moodle core are defined in lib/db/access.php&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
#moodle/legacy:guest - legacy capabilities are used to transition existing users to the new roles system during the upgrade to Moodle 1.7&lt;br /&gt;
#moodle/legacy:student&lt;br /&gt;
#moodle/legacy:teacher&lt;br /&gt;
#moodle/legacy:editingteacher&lt;br /&gt;
#moodle/legacy:coursecreator&lt;br /&gt;
#moodle/legacy:admin&lt;br /&gt;
#moodle/site:doanything - special capability, meant for admins, if is set, overrides all other capability settings&lt;br /&gt;
#moodle/site:config - applicable in admin/index.php and config.php (might break down later) : 1)admin/config.php 2)admin/configure.php 3)blocks/admin/block_admin.php load_content_for_site()&lt;br /&gt;
#moodle/site:manageblocks - adding/removing/editing blocks (site, course contexts only for now) : 1)_add_edit_controls moodleblock.class.php &lt;br /&gt;
#moodle/site:backup - can create a course backup : 1)course/category.php 2)block_admin.php&lt;br /&gt;
#moodle/site:restore - can restore into this context : 1)course/category.php 2)block_admin.php&lt;br /&gt;
#moodle/site:import - can import other courses into this context : 1)block_admin.php&lt;br /&gt;
#moodle/site:accessallgroups - able to access all groups irrespective of what group the user is in&lt;br /&gt;
#moodle/site:viewfullnames - able to see fullnames of other users&lt;br /&gt;
#moodle/site:viewreports - able to view site/course reports&lt;br /&gt;
#moodle/blog:view - read blogs&lt;br /&gt;
#moodle/blog:create - write new blog posts&lt;br /&gt;
#moodle/blog:manageofficialtags - create/delete official blog tags that others can use&lt;br /&gt;
#moodle/blog:managepersonaltags - create/delete official blog tags that others can use&lt;br /&gt;
#moodle/blog:manageentries - edit/delete all blog entries&lt;br /&gt;
#moodle/course:create - create courses : 1)course/edit.php 2)course/category.php 3)course/index.php&lt;br /&gt;
#moodle/course:delete - create courses : 1)course/category.php&lt;br /&gt;
#moodle/course:update - update course settings&lt;br /&gt;
#moodle/course:view - can use this to find participants&lt;br /&gt;
#moodle/course:viewparticipants - allows a user to view participant list&lt;br /&gt;
#moodle/course:viewscales - view scales (i.e. in a help window?) : 1)course/scales.php&lt;br /&gt;
#moodle/course:manageactivities - adding/removing/editing activities and resources (don&#039;t think it makes any sense to split these)&lt;br /&gt;
#moodle/course:managescales - add, delete, edit scales, move scales up and down : 1)blocks/block_admin.php 2)course/scales.php&lt;br /&gt;
#moodle/course:managegroups - managing groups, add, edit, delete : 1)course/groups.php 2)course/group.php&lt;br /&gt;
#moodle/course:managefiles - manage course files and folders&lt;br /&gt;
#moodle/course:managequestions - manage course questions&lt;br /&gt;
#moodle/course:reset - able to reset the course&lt;br /&gt;
#moodle/course:visibility - hide/show courses : 1)course/category.php&lt;br /&gt;
#moodle/course:activityvisibility - hide/show activities within a course&lt;br /&gt;
#moodle/course:viewhiddenactivities - able to see activities that have been hidden&lt;br /&gt;
#moodle/category:create - create category : 1)course/index.php&lt;br /&gt;
#moodle/category:delete - delete category : 1)course/index.php&lt;br /&gt;
#moodle/category:update - update category settings : 1)course/category.php&lt;br /&gt;
#moodle/category:visibility - hide/show categories : 1)course/index.php&lt;br /&gt;
#moodle/user:create - create user : 1) user/edit.php&lt;br /&gt;
#moodle/user:delete - delete user : 1) admin/user.php&lt;br /&gt;
#moodle/user:update - update user settings : 1) user/edit.php&lt;br /&gt;
#moodle/user:viewdetails - view personally-identifying user details (e.g. name, photo). This ties in with the &amp;quot;visitor&amp;quot; scenario described below.&lt;br /&gt;
#moodle/calendar:manageownentries - create/edit/delete &lt;br /&gt;
#moodle/calendar:manageentries - create/edit/delete&lt;br /&gt;
#moodle/role:assign - assign roles to users&lt;br /&gt;
#moodle/role:override - can override role capabilities (depending on context)&lt;br /&gt;
#moodle/role:manage - create/edit/delete roles, set capability permissions for each role&lt;br /&gt;
#moodle/question:import - imports questions (course level?) - Yes, question permissions currently need to be course-level.--[[User:Tim Hunt|Tim Hunt]]&lt;br /&gt;
#moodle/question:export - exports questions (course level?)&lt;br /&gt;
#moodle/question:managecateory - add/delete/edit question categories (course level?)&lt;br /&gt;
#moodle/question:manage - add/edit/delete a question (course level)&lt;br /&gt;
&lt;br /&gt;
===User-level Capabilities===&lt;br /&gt;
# moodle/user:readuserposts -read individual user posts on profile page (parent?)&lt;br /&gt;
# moodle/user:readuserblogs -read individual user blogs on profile page (parent?)&lt;br /&gt;
# moodle/user:viewuseractivitiesreport-read individual activity report on profile page (parent?)&lt;br /&gt;
&lt;br /&gt;
===Module-level Capabilities===&lt;br /&gt;
The capabilities are cached into a database table when a module is installed or updated. Whenever the capability definitions are updated, the module version number should be bumped up so that the database table can be updated.&lt;br /&gt;
&lt;br /&gt;
The naming convention for capabilities that are specific to modules and blocks is &#039;mod/mod_name:capability&#039;.  The part before the colon is the full path to the module in the Moodle code.  The module capabilities are defined in mod/mod_name/db/access.php.&lt;br /&gt;
&lt;br /&gt;
#Assignment&lt;br /&gt;
##mod/assignment:view- reading the assignment description&lt;br /&gt;
##mod/assignment:submit - turn assignment in&lt;br /&gt;
##mod/assignment:grade - grading, viewing of list of submitted assignments&lt;br /&gt;
#Chat&lt;br /&gt;
##mod/chat:chat - allows a user to participate in this chat&lt;br /&gt;
##mod/chat:readlog - allows a user to read past chat session logs&lt;br /&gt;
##mod/chat:deletelog - allows a user to delete past chat logs&lt;br /&gt;
#Choice&lt;br /&gt;
##mod/choice:choose - make a choice&lt;br /&gt;
##mod/choice:readresponses - read all responses&lt;br /&gt;
##mod/choice:deleteresponses - deletes all responses&lt;br /&gt;
##mod/choice:downloadresponses - download responses&lt;br /&gt;
#Database&lt;br /&gt;
##mod/data:readentry - reads other people&#039;s entry&lt;br /&gt;
##mod/data:writeentry - add / edit and delete (own) entries&lt;br /&gt;
##mod/data:managetemplates - add, delete, edit fields and templates&lt;br /&gt;
##mod/data:manageentries - edit/delete all entries&lt;br /&gt;
##mod/data:comment - comment&lt;br /&gt;
##mod/data:managecomments - edit/delete all comments&lt;br /&gt;
##mod/data:rate - rate an entry&lt;br /&gt;
##mod/data:approve - approves an entry&lt;br /&gt;
##mod/data:uploadentries - batch upload of entries&lt;br /&gt;
#Exercise&lt;br /&gt;
##mod/exercise:assess&lt;br /&gt;
#Forum&lt;br /&gt;
##mod/forum:viewforum&lt;br /&gt;
##mod/forum:viewdiscussion&lt;br /&gt;
##mod/forum:viewdiscussionsfromallgroups&lt;br /&gt;
##mod/forum:viewhiddentimedposts&lt;br /&gt;
##mod/forum:startdiscussion&lt;br /&gt;
##mod/forum:replypost&lt;br /&gt;
##mod/forum:viewrating&lt;br /&gt;
##mod/forum:viewanyrating&lt;br /&gt;
##mod/forum:rate&lt;br /&gt;
##mod/forum:createattachment&lt;br /&gt;
##mod/forum:deleteownpost&lt;br /&gt;
##mod/forum:deleteanypost&lt;br /&gt;
##mod/forum:splitdiscussions&lt;br /&gt;
##mod/forum:movediscussions&lt;br /&gt;
##mod/forum:editanypost&lt;br /&gt;
##mod/forum:viewqandawithoutposting&lt;br /&gt;
##mod/forum:viewsubscribers&lt;br /&gt;
##mod/forum:managesubscriptions&lt;br /&gt;
##mod/forum:throttlingapplies&lt;br /&gt;
#Glossary&lt;br /&gt;
##mod/glossary:view - read entries&lt;br /&gt;
##mod/glossary:write - add entries&lt;br /&gt;
##mod/glossary:manageentries - add, edit, delete entries&lt;br /&gt;
##mod/glossary:managecategories - create, delete, edit categories&lt;br /&gt;
##mod/glossary:comment - comment on an entry&lt;br /&gt;
##mod/glossary:managecomments - edit, delete comments&lt;br /&gt;
##mod/glossary:import - import glossaries&lt;br /&gt;
##mod/glossary:export - export glossaries&lt;br /&gt;
##mod/glossary:approve - approve glossaries&lt;br /&gt;
##mod/glossary:rate - rates glossary&lt;br /&gt;
##mod/glossary:viewrating - view ratings&lt;br /&gt;
#Hotpot&lt;br /&gt;
##mod/hotpot:view&lt;br /&gt;
#Label&lt;br /&gt;
##none&lt;br /&gt;
#Lams&lt;br /&gt;
##TBD&lt;br /&gt;
#Lesson&lt;br /&gt;
##TBD&lt;br /&gt;
#Quiz&lt;br /&gt;
##mod/quiz:preview - previews the quiz&lt;br /&gt;
##mod/quiz:viewreports - view quiz result reports&lt;br /&gt;
##mod/quiz:manage - add/delete/move (up or down) questions for a quiz&lt;br /&gt;
##mod/quiz:attempt - attempt the quiz--[[User:Tim Hunt|Tim Hunt]]&lt;br /&gt;
#Resource&lt;br /&gt;
##mod/resource:view&lt;br /&gt;
#Scorm&lt;br /&gt;
##mod/scorm:view&lt;br /&gt;
##mod/scorm:viewgrades&lt;br /&gt;
#Survey&lt;br /&gt;
##mod/survey:download - downloads survery result&lt;br /&gt;
##mod/survey:participate - participate/ do survey&lt;br /&gt;
##mod/survey:readresponses - read all user&#039;s responese&lt;br /&gt;
#Wiki&lt;br /&gt;
##Waiting on new wiki&lt;br /&gt;
#Workshop&lt;br /&gt;
##Waiting on new Workshop&lt;br /&gt;
&lt;br /&gt;
===Enrolment-level Capabilities===&lt;br /&gt;
&lt;br /&gt;
The naming convention for capabilities that are specific to enrolment is &#039;enrol/enrol_name:capability&#039;. The enrolment capabilities are defined in enrol/enrol_name/db/access.php.&lt;br /&gt;
&lt;br /&gt;
#Authorize.net Payment Gateway &lt;br /&gt;
##enrol/authorize:managepayments - manage user payments, capture, void, refund, delete etc.&lt;br /&gt;
&lt;br /&gt;
Will it be possible to enroll people into different roles in a course as part of the enrollment process itself? I mean could you have an option to self-enroll (either involving payment or not) into multiple roles? In fact, will there be any possibility of a student self-selecting a role for themselves, but no one else but themselves?--[[User:N Hansen|N Hansen]] 02:00, 14 August 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Blocks===&lt;br /&gt;
&lt;br /&gt;
===Questions===&lt;br /&gt;
I am adding question categories here because they seem to have been forgotten in the whole scheme of things since having been removed from the quiz module itself. I&#039;ve made a suggestion on how these could be handled in [http://www.moodle.org/bugs/bug.php?op=show&amp;amp;bugid=6118&amp;amp;pos= bug 6118].&lt;br /&gt;
&lt;br /&gt;
See [http://moodle.org/mod/forum/discuss.php?d=51143 this forum thread] for a discussion about the current problems wth publishing question categories.[[User:Tim Hunt|Tim Hunt]] 18:50, 8 August 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
==Programming Interface==&lt;br /&gt;
&lt;br /&gt;
Although the Roles system may look complicated at first glance, implementing it in Moodle code is fairly simple.&lt;br /&gt;
&lt;br /&gt;
* You need to define each capability once, so that Moodle can upgrade existing roles to take advantage of it.  You do this in an access.php inside the db folder of any module (eg see mod/forum/db/access.php).  The array contains entries like this (note the descriptions for the legacy roles which provides forward compatibility):&lt;br /&gt;
    &#039;mod/forum:viewforum&#039; =&amp;gt; array(&lt;br /&gt;
        &#039;captype&#039; =&amp;gt; &#039;read&#039;,&lt;br /&gt;
        &#039;contextlevel&#039; =&amp;gt; CONTEXT_MODULE,&lt;br /&gt;
        &#039;legacy&#039; =&amp;gt; array(&lt;br /&gt;
            &#039;guest&#039; =&amp;gt; CAP_PREVENT,&lt;br /&gt;
            &#039;student&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;teacher&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;editingteacher&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;coursecreator&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;admin&#039; =&amp;gt; CAP_ALLOW&lt;br /&gt;
        )&lt;br /&gt;
    ),&lt;br /&gt;
* To load/change these capabilities you need to bump the module version.   There&#039;s no need to provide changes or differences as Moodle will scan the whole array and sort it out.&lt;br /&gt;
* On each page you need to find the context the user is working in, using the get_context_instance() function.  For example, in the forum module:&lt;br /&gt;
&lt;br /&gt;
  $context = get_context_instance(CONTEXT_MODULE, $cm-&amp;gt;id);&lt;br /&gt;
* Then, whenever you want to check that the current user has rights to do something, call has_capability() like this:&lt;br /&gt;
    if (!has_capability(&#039;mod/forum:viewforum&#039;, $context)) {&lt;br /&gt;
        print_error(&#039;nopermissiontoviewforum&#039;);&lt;br /&gt;
    }&lt;br /&gt;
* If you just want to assert a capability and then finish with an error message if it&#039;s not met (as we did above), then a shorter way it to use require_capability() like this:&lt;br /&gt;
&lt;br /&gt;
    require_capability(&#039;mod/forum:viewforum&#039;, $context);&lt;br /&gt;
&lt;br /&gt;
* Note that there are extra parameters you can specify to get a custom error message, otherwise users get an automated &amp;quot;No permissions&amp;quot; message that lists the permission they were missing.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
As a result of the new Roles System, all calls to isadmin(), iscoursecreator, isteacheredit(), isteacher(), isstudent(), and isguest() will have to be replaced with calls to has_capability() or require_capability().   However, these functions will be retained for some backward compatibility with old code, using the legacy capabilities to try and work out what to do.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Problem areas we are working on ==&lt;br /&gt;
&lt;br /&gt;
===Student view===&lt;br /&gt;
===Teacher forum===&lt;br /&gt;
===Enrolment plugins===&lt;br /&gt;
&lt;br /&gt;
==Scenario brainstorming==&lt;br /&gt;
&lt;br /&gt;
This section is for brainstorming some example roles that we would like to support.  Note some of these *may* not be possible in 1.7.&lt;br /&gt;
&lt;br /&gt;
===Student===&lt;br /&gt;
Has this one been missed?&lt;br /&gt;
&lt;br /&gt;
===Site Designers===&lt;br /&gt;
Is there a role for people involved in how the site looks but not full administrators? Thinking here of online control of themes rather than FTP theme uploading. But in either case they caneditlogos, caneditcss, candeditlevelatwhichthemeapplies.&lt;br /&gt;
&lt;br /&gt;
===Educational Authority Adviser===&lt;br /&gt;
Someone who would want to browse the site and may be asked to comment or contribute to particular discussions or developments in school. Access for this role would be controlled by the school in the case of school level moodles but may be different if there were to be a Local Authority wide Moodle.&lt;br /&gt;
&lt;br /&gt;
===Educational Inspector===&lt;br /&gt;
Someone who will visit the site to verify the school&#039;s self review that comments on home school relationships, extending the classroom etc. They may want to see summaries of usage and reports from surveys garnering parent and pupil views.&lt;br /&gt;
&lt;br /&gt;
===Second Marker / Moderator===&lt;br /&gt;
A teacher within ths site that has access to assignments and quizzes from another teacher&#039;s course for second marking purposes. This may need additional functionality adding to the assignment module so that two sets of grades/feedback can be given to one set of assignments.&lt;br /&gt;
&lt;br /&gt;
===Peer observer of teaching===&lt;br /&gt;
Many institutions encourage peer observation of teaching, to encourage reflection on practice. In online environments this will be similar to moderation or inspection. The peer observer would need to be able to experience the course &amp;quot;as a student&amp;quot;, but also to be able to view summaries of usage, transcripts of interactions (forums/surveys/polls etc), grades assigned (e.g. in assignments).&lt;br /&gt;
&lt;br /&gt;
===External Examiner===&lt;br /&gt;
Has all the rights of inpectors, but would also need to be able to review assignments and feedback, view forums, glossaries etc. However, would not want to post, feedback onto the site at all.&lt;br /&gt;
&lt;br /&gt;
===Parent===&lt;br /&gt;
A parent will have one or more children in one or more institutions which could be using one or more moodle instances or a mixture of Learning Platforms. A parent&#039;s role will vary depending on the age of their children and whether they are contributing as a parent or a school supporter.&lt;br /&gt;
&lt;br /&gt;
In Early Years (EY=3+4 yr olds) and Key Stage 1 (KS1=5+6 yr olds) they may play/learn on an activity or write for the child. Parents often interpret homework tasks and read to their children perhaps filling in a joint reading diary. In Key Stage 2 (KS2=7-11 yr olds) parents would be more monitoring but may join in as well.&lt;br /&gt;
&lt;br /&gt;
In Key stages 3 (KS3=12-14 yr olds) and 4 (KS4=15+16 yr olds) this changes to more of a monitoring/awareness role where a parent would expect to have a summary report of attendance, attainment and general achievement on a weekly/monthly/termly or annual basis. Parents will often be asked to sign and write back comments about this review report.&lt;br /&gt;
&lt;br /&gt;
In all Key Stages there is a great need for parents to receive communication from the school which they can confirm they have received by signing a form. In some cases this may also involve making choices from a list. It may also involve payment for a trip or disco being returned so there could be the possibility of electronic payments. Also in all Key Satges there may be a home-school agreement which may be signed up to. Could this form part of a site policy system that incorporates a tickable list of activities the parent agrees to the child using (blogs/wikis/forums etc.)?&lt;br /&gt;
&lt;br /&gt;
Parent&#039;s evenings often involve complex booking systems that attempt to get parent&#039;s and teachers together. Easy for EY/KS1/KS2 very difficult for KS3/KS4. Wow would this help if it was built into the Learning Platform.&lt;br /&gt;
&lt;br /&gt;
In some cases there needs to be confidential communication between the parent and the teacher without the child being party to this. It may involve teaching and learning but could also involve a behaviour or medical issue. Often this may be done via a sealed letter or face to face. &lt;br /&gt;
&lt;br /&gt;
The latest incarnation of OfSTED with the Self Review Framework (SEF) there is a greater emphasis on schools gathering parent voice via surveys and discussion. There is a clear match here with parents have access to parental votes, questionnaires and discussions and for schools to be able to publish news, results and reports back to parents.&lt;br /&gt;
&lt;br /&gt;
In the UK the LP framework and agenda as being pushed by the DfES via Becta emphasises that within the mandatory groups and roles functionality the parent role is likely to be required to meet the LP Framework procurement standard.&lt;br /&gt;
&lt;br /&gt;
Again in the UK, parents have their own independent right of access to a child&#039;s educational records. Obviously, children&#039;s records must not be made available to other parties, including the parents of other children in the same class. Thus it would be necessary to associate parent accounts with their own child&#039;s accounts in such a way that they could, if so desired, have read access to their child&#039;s grades, answers and contributions, but generally not those of other children - this may be problematic in the case of wiki activities or forum posts.&lt;br /&gt;
&lt;br /&gt;
There is some concern that children&#039;s forum contributions etc may be constrained if their parents are able to read all that they write; this may be particularly problematic in areas such as Personal, Social and Health Education (PSHE), where some schools may choose to use obfuscated usernames.&lt;br /&gt;
&lt;br /&gt;
===Manager===&lt;br /&gt;
&#039;&#039;Please add text here...&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Weekly Seminar Leader===&lt;br /&gt;
&#039;&#039;In a university seminar, typically 8-15 students in their 3rd/4th year, each student is responsible for leading one topic in a study series.  I ask each student to research 5-10 resources, then give a powerpoint presentation to the other students.  This is followed by an in-class discussion and then online homework.  The homework involves some fun quiz questions and then some reflective journal questions.  I ask each seminar leader to prepare the quiz questions and journal questions as well as their presentation.  To do that, I would like to assign activity-making/authoring roles to the student--either for a short period, or for duration of the whole course.  Thus &amp;quot;Allow Quiz Authoring Role&amp;quot; or &amp;quot;Allow Assignment Authoring Role&amp;quot; at the course level or, if possible, even the Topic level (in a topic or week format course) would be important.&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Mentor/Mentee===&lt;br /&gt;
&#039;&#039;Please add text here...&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Community-Designed Rating Criteria===&lt;br /&gt;
&#039;&#039;The gradebook tends to be the domain of the teacher.  What if community/peer ratings/marks could also be entered there? What if peer assessment criteria could be designed by the students, not just the teacher?&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Visitor===&lt;br /&gt;
&lt;br /&gt;
This would be a role whereby one could allow a visitor to visit one&#039;s classroom. This might be a colleague interested in seeing your course, or a journalist who might be writing an article about one&#039;s site. They should not be able to see the names of any students anywhere (eg recent activity, forum posts) for privacy reasons. They should be able to try out things like quizzes, and lessons but no grades would be recorded (like in teacher preview mode). They would not be able to participate in choices and forums but could view them. It would be read only in a way like former-student role below but without access to a particular student&#039;s records that former student role would grant.&lt;br /&gt;
&lt;br /&gt;
===Guest Speaker===&lt;br /&gt;
&lt;br /&gt;
This role would be similar to the Visitor role above, but would allow seeing student names, and also allow both reading and posting to a specific forum or forums. We often have &amp;quot;guest speakers&amp;quot; who read and respond to student forum posts. Right now we have to add them as students, which isn&#039;t ideal.&lt;br /&gt;
&lt;br /&gt;
===Former Student===&lt;br /&gt;
This role would be of particular use for courses with rolling enrollments. This role would be one where a student had completed all of the requirements of a course (ie assignments, quizzes etc.) but wished to have continued access to the course material for review or consultation. The key factor is that one would give access to the completed student to the notes he read, his work and the teacher&#039;s comments on it, but he would not be allowed to do anything that would take up the teacher&#039;s time. In other words, a sort-of read-only access to the course. How forums, which might contain pertinent information and would continue to grow, would be handled is a question. Perhaps the student would be shown only what was in the forums at the time he completed the course. He would not be allowed to see any new posts or add any himself. Same thing for database and glossary entries. In other words, a snapshot of the course at the time his regular enrollment ended. He shouldn&#039;t be able to see the names or profiles of any newly enrolled students for privacy reasons-hence the restrictions on forum access. One issue that would have to be dealt with would be changes to existing modules-such as resources. Does the student get access to the module as it was or as it is? We have no versioning of resources in Moodle so this would be a problem. What about a teacher changing a quiz question so that the answer is different? What would a former student see?&lt;br /&gt;
&lt;br /&gt;
===Alumnus=== An ALUMNUS should be able to search for all other ALUMNI of the school, interact with them and be enrolled in a seperate course - which is like a META course with all the content of his learning and interaction - as well as capabilities to be a part of this ALUMNI only course.  All the teachers of courses during school years should automatically be a part of the ALUMNI course .. which means when an ALUMNUS is enrolled in a course, the original teachers of all his courses get enrolled ?  --[[User:Anil Sharma|Anil Sharma]] 20:54, 15 July 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Librarian===&lt;br /&gt;
&lt;br /&gt;
Reference Librarians have an active role in most of the courses taught at Earlham College (with Bibliographic Instruction). The Librarian role within Moodle could encompass default read access to all courses (unless prohibited by course teacher) and read access to all components of the course unless access is barred (again by teacher). The Librarians would also perhaps have a block called perhaps Reference Services or Reference Desk with write access where they could deposit resources. Also this block might have a chat applet whereby enrolled students could chat to the Reference Librarian on duty about their bibliographic research needs.&lt;br /&gt;
&lt;br /&gt;
In schools there is often a book review system. This may be covered by the lending system database but may not in which case a librarian may neeed to have a course area they can create a database template to handle the reviews in which case they may have a normal teacher style role? Off topic but course an integration with common schools database systems would be great.&lt;br /&gt;
&lt;br /&gt;
===Teacher===&lt;br /&gt;
&lt;br /&gt;
Teachers should have read access to other Teacher&#039;s courses unless explictly prohibited. They should be able to set parts of their own course to be totally private (perhaps even to admin?). Just as each activity can currently be set to have group access, each activity could have a permissions field. Teachers could set default permissions for all activities on their course (eg they might disallow Librarian access for example) and then change the access permission for an individual activity. &lt;br /&gt;
&lt;br /&gt;
I think that what is needed is a simple heirarchy of permissions and levels of granularity.&lt;br /&gt;
&lt;br /&gt;
I would take issue with &amp;quot;teachers should have read access to other teacher&#039;s courses unless explicitly prohibited.&amp;quot; This is a violation of the students&#039; privacy as how they perform and what they do in one class isn&#039;t the business of another teacher. Moreover, in the real world a teacher wouldn&#039;t suddenly go sit in on a colleague&#039;s class without asking permission first. I would not have appreciated such an invasion of privacy as either a teacher or a student. It could be an option, but shouldn&#039;t be default.--[[User:N Hansen|N Hansen]] 19:54, 12 June 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Community Education Tutors/Trainers===&lt;br /&gt;
Teachers may be community adult education trainers making use of a school moodle so must only have access to their courses unless given access elsewhere. They would not necessarily get the default teacher privileges.&lt;br /&gt;
&lt;br /&gt;
===Secretary/Student Worker===&lt;br /&gt;
&lt;br /&gt;
We often have faculty who want their departmental secretary or student worker to scan and upload files and perhaps create resources. Currently they have to be given teacher access to the course. This is dangerous from a FERPA standpoint since they could easily get access to grades.&lt;br /&gt;
&lt;br /&gt;
===Teaching Assistant===&lt;br /&gt;
&lt;br /&gt;
Our Faculty frequently have undergraduate students acting as Teaching Assistants. These students need to be able to add resources, create assignments, and possibly grade assignments. However, due to FERPA they cannot have access to other students&#039; overall grade information. I think the requirements here are slightly different than those of Secretary/Student Worker&lt;br /&gt;
&lt;br /&gt;
===Student - FERPA rights===&lt;br /&gt;
&lt;br /&gt;
A student that has asserted their FERPA rights to non-disclosure.  Typically includes not publishing their name&lt;br /&gt;
in any public place.  Could include this student only being seen with an &amp;quot;alias&amp;quot; within course spaces.  Is this an attribute rather&lt;br /&gt;
than a role?&lt;br /&gt;
&lt;br /&gt;
===Help Desk===&lt;br /&gt;
&lt;br /&gt;
Help desk agents that have read access for the purposes of trouble shooting.  Some care in placing this role within a hierarchy&lt;br /&gt;
of inheritance is needed, full access will be problematic with FERPA.&lt;br /&gt;
&lt;br /&gt;
===Admin - Catgory based===&lt;br /&gt;
&lt;br /&gt;
Basically a person in between full Admin and Creator that has the permissions of an Admin but only with respect to courses and students. Currently a Creator has permissions site-wide which does not always meet the requirements of a given organisation (e.g. Department A may not be happy that a person from Department B can create/modify courses within Department A&#039;s area). The ability to designate a Creator within a specific category would allow areas to be set up for a faculty/department/organisation and allow the Admin for that area to create/delete courses, upload users, add site-wide entries to the calendar etc.&lt;br /&gt;
&lt;br /&gt;
===PROCESS ROLES===&lt;br /&gt;
&lt;br /&gt;
organising the learning process for a group you wish to have the choice to place students in differnt roles: examples of this are:&lt;br /&gt;
&amp;lt;li&amp;gt;1. Give a student the role of forum-moderator with edit and chunk-rights&lt;br /&gt;
&amp;lt;li&amp;gt;2. Give students different roles &amp;amp; rights in a Webquest design (and change these roles next week&lt;br /&gt;
&amp;lt;li&amp;gt;3. Give students different resources, depending of their roles in a rolegame/simulation&lt;br /&gt;
&amp;lt;li&amp;gt;4. Give a student the rights to create the section content of next week (and only that week..)&lt;br /&gt;
&amp;lt;li&amp;gt;5. ..&lt;br /&gt;
&lt;br /&gt;
==See also==&lt;br /&gt;
&lt;br /&gt;
*Using Moodle [http://moodle.org/mod/forum/discuss.php?d=38788 Roles and Permissions architecture] forum discussion&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[Category:Future]]&lt;br /&gt;
[[Category:Roles]]&lt;br /&gt;
&lt;br /&gt;
[[ru:Роли]]&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
	<entry>
		<id>https://docs.moodle.org/dev/index.php?title=Roles&amp;diff=3067</id>
		<title>Roles</title>
		<link rel="alternate" type="text/html" href="https://docs.moodle.org/dev/index.php?title=Roles&amp;diff=3067"/>
		<updated>2006-08-21T07:09:27Z</updated>

		<summary type="html">&lt;p&gt;Lazyfish: /* Module-level Capabilities */&lt;/p&gt;
&lt;hr /&gt;
&lt;div&gt;&#039;&#039;&#039;Roles and permissions&#039;&#039;&#039; will be in Moodle 1.7 and are available in the developer version of Moodle.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Definitions==&lt;br /&gt;
&lt;br /&gt;
A role is an identifier of the user&#039;s status in some context, for example, teacher, student and forum moderator are examples of roles.&lt;br /&gt;
&lt;br /&gt;
A capability is a description of some particular Moodle feature. Capabilities are associated with roles. For example, &#039;&#039;mod/forum:replypost&#039;&#039; is a capability.&lt;br /&gt;
&lt;br /&gt;
A permission is some value that is assigned for a capability for a particular role.  For example, allow or prevent.&lt;br /&gt;
&lt;br /&gt;
A context is a &amp;quot;space&amp;quot; in the Moodle, such as courses, activity modules, blocks etc.&lt;br /&gt;
&lt;br /&gt;
==The existing system==&lt;br /&gt;
&lt;br /&gt;
Currently in Moodle, we have a fixed set of roles i.e. primary admin, admins, course creators, editing teachers, non-editing teachers, students, and guests. For each role, the capability or actions that they can performed are fixed. For example, the role student allows the user to submit an assignment, but doesn&#039;t allow the user to browse/edit other users&#039; work. By using this setup we limit ourselves to a rather rigid set of capabilities for each role. If we want, say a particular student or group to be able to mark assignments in a particular course, we can&#039;t do that without giving these users teacher privileges.&lt;br /&gt;
&lt;br /&gt;
==The new roles and capability system==&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
{{Moodle 1.7}}The new system will allow authorized users to define an arbitrary number of roles (eg a teacher) &lt;br /&gt;
&lt;br /&gt;
A role consists of a list of permissions for different possible actions within Moodle (eg delete discussions, add activities etc)&lt;br /&gt;
&lt;br /&gt;
Roles can be applied to users in a context (eg assign Fred as a teacher in a particular course)&lt;br /&gt;
&lt;br /&gt;
Here are the possible contexts, listed from the most general to the most specific. &lt;br /&gt;
&lt;br /&gt;
#CONTEXT_SYSTEM&lt;br /&gt;
#CONTEXT_PERSONAL&lt;br /&gt;
#CONTEXT_USERID&lt;br /&gt;
#CONTEXT_COURSECAT&lt;br /&gt;
#CONTEXT_COURSE&lt;br /&gt;
#CONTEXT_GROUP&lt;br /&gt;
#CONTEXT_MODULE&lt;br /&gt;
#CONTEXT_BLOCK&lt;br /&gt;
&lt;br /&gt;
An authorized user will be able to assign an arbitrary number of roles to each user in any context.&lt;br /&gt;
&lt;br /&gt;
Capabilities can have the following permissions:&lt;br /&gt;
&lt;br /&gt;
#CAP_INHERIT&lt;br /&gt;
#CAP_ALLOW&lt;br /&gt;
#CAP_PREVENT&lt;br /&gt;
#CAP_PROHIBIT&lt;br /&gt;
&lt;br /&gt;
If no permission is defined, then the capability permission is inherited from a context that is more general than the current context. If we define different permission values for the same capability in different contexts, we say that we are overriding the capability in the more specific context.&lt;br /&gt;
&lt;br /&gt;
Since the capabilities in each role could be different, there could be conflict in capabilities. This is resolved by enforcing the rule that the capability defined for a more specific context will win, unless a prohibit is encountered in a less specific context.&lt;br /&gt;
&lt;br /&gt;
For example, Mark has a student role at course level, which allows him to write into a wiki. But Mark also got assigned a Visitor role at a module context level (for a particular wiki) which prevents him from writing to the wiki (read only). Therefore, for this particular wiki, Mark will not be able to write to the wiki since the more specific context wins.&lt;br /&gt;
&lt;br /&gt;
If we set a prohibit on a capability, it means that the capability cannot be overridden and will always have a permission of prevent (deny). Prohibit always wins. For example, Jeff has a naughty student role that prohibits him from postings in any forums (for the whole site), but he&#039;s also assigned a facilitator role in &amp;quot;Science forum&amp;quot; in the course Science and Math 101. Since prohibit always wins, Jeff is unable to post in &amp;quot;Science forum&amp;quot;.&lt;br /&gt;
&lt;br /&gt;
Allow and prevent will cancel each other out if set for the same capability at the same context level. If this happens, we refer to the previous context level to determine the permission for the capability.&lt;br /&gt;
&lt;br /&gt;
This may sound more complex than it really is in practice.  The upshot is that the system can be flexible enough to allow any combination of permissions.&lt;br /&gt;
&lt;br /&gt;
==Upgrading from 1.6==&lt;br /&gt;
&lt;br /&gt;
A smooth upgrade will be provided with 1.7. The existing roles (admin, teacher, student, etc), and the existing capabilities will be automatically retained.  This is done by creating default roles at site/course levels, and assigning the current users to these roles accordingly. The default roles will have default capabilities associated with them, mirroring what we have  in 1.6.   With no modifications, Moodle will operate exactly the same before and after the upgrade.&lt;br /&gt;
&lt;br /&gt;
===Teachers===&lt;br /&gt;
&lt;br /&gt;
Users who were teachers will be assigned the default legacy teacher role (or non-editing teacher role) in all courses they were teacher.&lt;br /&gt;
&lt;br /&gt;
===Students===&lt;br /&gt;
&lt;br /&gt;
Users who were students will be assigned the default student role in all courses they were student.&lt;br /&gt;
&lt;br /&gt;
===Guests===&lt;br /&gt;
&lt;br /&gt;
There will still be a single guest user with no default role at site level.   For each course that allows guest access, the guest role will be assigned to the guest user for that course context.   The guest control for the course will be modified from three to two options (guests always need to enter enrolment key - on/off).  This setting is checked as now to force guests to enter key.&lt;br /&gt;
&lt;br /&gt;
==Capabilities==&lt;br /&gt;
&lt;br /&gt;
This will be a comprehensive list of capabilities (it&#039;s not complete yet). It is important that capability names are unique.&lt;br /&gt;
&lt;br /&gt;
===Core-level Capabilities===&lt;br /&gt;
&lt;br /&gt;
Moodle core capability names start with &#039;moodle/&#039;.  The next word indicates what type of core capability it is, and the last word is the actual capability itself.  The capabilities for the Moodle core are defined in lib/db/access.php&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
#moodle/legacy:guest - legacy capabilities are used to transition existing users to the new roles system during the upgrade to Moodle 1.7&lt;br /&gt;
#moodle/legacy:student&lt;br /&gt;
#moodle/legacy:teacher&lt;br /&gt;
#moodle/legacy:editingteacher&lt;br /&gt;
#moodle/legacy:coursecreator&lt;br /&gt;
#moodle/legacy:admin&lt;br /&gt;
#moodle/site:doanything - special capability, meant for admins, if is set, overrides all other capability settings&lt;br /&gt;
#moodle/site:config - applicable in admin/index.php and config.php (might break down later) : 1)admin/config.php 2)admin/configure.php 3)blocks/admin/block_admin.php load_content_for_site()&lt;br /&gt;
#moodle/site:manageblocks - adding/removing/editing blocks (site, course contexts only for now) : 1)_add_edit_controls moodleblock.class.php &lt;br /&gt;
#moodle/site:backup - can create a course backup : 1)course/category.php 2)block_admin.php&lt;br /&gt;
#moodle/site:restore - can restore into this context : 1)course/category.php 2)block_admin.php&lt;br /&gt;
#moodle/site:import - can import other courses into this context : 1)block_admin.php&lt;br /&gt;
#moodle/site:accessallgroups - able to access all groups irrespective of what group the user is in&lt;br /&gt;
#moodle/site:viewfullnames - able to see fullnames of other users&lt;br /&gt;
#moodle/site:viewreports - able to view site/course reports&lt;br /&gt;
#moodle/blog:view - read blogs&lt;br /&gt;
#moodle/blog:create - write new blog posts&lt;br /&gt;
#moodle/blog:manageofficialtags - create/delete official blog tags that others can use&lt;br /&gt;
#moodle/blog:managepersonaltags - create/delete official blog tags that others can use&lt;br /&gt;
#moodle/blog:manageentries - edit/delete all blog entries&lt;br /&gt;
#moodle/course:create - create courses : 1)course/edit.php 2)course/category.php 3)course/index.php&lt;br /&gt;
#moodle/course:delete - create courses : 1)course/category.php&lt;br /&gt;
#moodle/course:update - update course settings&lt;br /&gt;
#moodle/course:view - can use this to find participants&lt;br /&gt;
#moodle/course:viewparticipants - allows a user to view participant list&lt;br /&gt;
#moodle/course:viewscales - view scales (i.e. in a help window?) : 1)course/scales.php&lt;br /&gt;
#moodle/course:manageactivities - adding/removing/editing activities and resources (don&#039;t think it makes any sense to split these)&lt;br /&gt;
#moodle/course:managescales - add, delete, edit scales, move scales up and down : 1)blocks/block_admin.php 2)course/scales.php&lt;br /&gt;
#moodle/course:managegroups - managing groups, add, edit, delete : 1)course/groups.php 2)course/group.php&lt;br /&gt;
#moodle/course:managefiles - manage course files and folders&lt;br /&gt;
#moodle/course:managequestions - manage course questions&lt;br /&gt;
#moodle/course:reset - able to reset the course&lt;br /&gt;
#moodle/course:visibility - hide/show courses : 1)course/category.php&lt;br /&gt;
#moodle/course:activityvisibility - hide/show activities within a course&lt;br /&gt;
#moodle/course:viewhiddenactivities - able to see activities that have been hidden&lt;br /&gt;
#moodle/category:create - create category : 1)course/index.php&lt;br /&gt;
#moodle/category:delete - delete category : 1)course/index.php&lt;br /&gt;
#moodle/category:update - update category settings : 1)course/category.php&lt;br /&gt;
#moodle/category:visibility - hide/show categories : 1)course/index.php&lt;br /&gt;
#moodle/user:create - create user : 1) user/edit.php&lt;br /&gt;
#moodle/user:delete - delete user : 1) admin/user.php&lt;br /&gt;
#moodle/user:update - update user settings : 1) user/edit.php&lt;br /&gt;
#moodle/user:viewdetails - view personally-identifying user details (e.g. name, photo). This ties in with the &amp;quot;visitor&amp;quot; scenario described below.&lt;br /&gt;
#moodle/calendar:manageownentries - create/edit/delete &lt;br /&gt;
#moodle/calendar:manageentries - create/edit/delete&lt;br /&gt;
#moodle/role:assign - assign roles to users&lt;br /&gt;
#moodle/role:override - can override role capabilities (depending on context)&lt;br /&gt;
#moodle/role:manage - create/edit/delete roles, set capability permissions for each role&lt;br /&gt;
#moodle/question:import - imports questions (course level?)&lt;br /&gt;
#moodle/question:export - exports questions (course level?)&lt;br /&gt;
#moodle/question:managecateory - add/delete/edit question categories (course level?)&lt;br /&gt;
#moodle/question:manage - add/edit/delete a question (course level)&lt;br /&gt;
&lt;br /&gt;
===User-level Capabilities===&lt;br /&gt;
# moodle/user:readuserposts -read individual user posts on profile page (parent?)&lt;br /&gt;
# moodle/user:readuserblogs -read individual user blogs on profile page (parent?)&lt;br /&gt;
# moodle/user:viewuseractivitiesreport-read individual activity report on profile page (parent?)&lt;br /&gt;
&lt;br /&gt;
===Module-level Capabilities===&lt;br /&gt;
The capabilities are cached into a database table when a module is installed or updated. Whenever the capability definitions are updated, the module version number should be bumped up so that the database table can be updated.&lt;br /&gt;
&lt;br /&gt;
The naming convention for capabilities that are specific to modules and blocks is &#039;mod/mod_name:capability&#039;.  The part before the colon is the full path to the module in the Moodle code.  The module capabilities are defined in mod/mod_name/db/access.php.&lt;br /&gt;
&lt;br /&gt;
#Assignment&lt;br /&gt;
##mod/assignment:view- reading the assignment description&lt;br /&gt;
##mod/assignment:submit - turn assignment in&lt;br /&gt;
##mod/assignment:grade - grading, viewing of list of submitted assignments&lt;br /&gt;
#Chat&lt;br /&gt;
##mod/chat:chat - allows a user to participate in this chat&lt;br /&gt;
##mod/chat:readlog - allows a user to read past chat session logs&lt;br /&gt;
##mod/chat:deletelog - allows a user to delete past chat logs&lt;br /&gt;
#Choice&lt;br /&gt;
##mod/choice:choose - make a choice&lt;br /&gt;
##mod/choice:readresponses - read all responses&lt;br /&gt;
##mod/choice:deleteresponses - deletes all responses&lt;br /&gt;
##mod/choice:downloadresponses - download responses&lt;br /&gt;
#Database&lt;br /&gt;
##mod/data:readentry - reads other people&#039;s entry&lt;br /&gt;
##mod/data:writeentry - add / edit and delete (own) entries&lt;br /&gt;
##mod/data:managetemplates - add, delete, edit fields and templates&lt;br /&gt;
##mod/data:manageentries - edit/delete all entries&lt;br /&gt;
##mod/data:comment - comment&lt;br /&gt;
##mod/data:managecomments - edit/delete all comments&lt;br /&gt;
##mod/data:rate - rate an entry&lt;br /&gt;
##mod/data:approve - approves an entry&lt;br /&gt;
##mod/data:uploadentries - batch upload of entries&lt;br /&gt;
#Exercise&lt;br /&gt;
##mod/exercise:assess&lt;br /&gt;
#Forum&lt;br /&gt;
##mod/forum:viewforum&lt;br /&gt;
##mod/forum:viewdiscussion&lt;br /&gt;
##mod/forum:viewdiscussionsfromallgroups&lt;br /&gt;
##mod/forum:viewhiddentimedposts&lt;br /&gt;
##mod/forum:startdiscussion&lt;br /&gt;
##mod/forum:replypost&lt;br /&gt;
##mod/forum:viewrating&lt;br /&gt;
##mod/forum:viewanyrating&lt;br /&gt;
##mod/forum:rate&lt;br /&gt;
##mod/forum:createattachment&lt;br /&gt;
##mod/forum:deleteownpost&lt;br /&gt;
##mod/forum:deleteanypost&lt;br /&gt;
##mod/forum:splitdiscussions&lt;br /&gt;
##mod/forum:movediscussions&lt;br /&gt;
##mod/forum:editanypost&lt;br /&gt;
##mod/forum:viewqandawithoutposting&lt;br /&gt;
##mod/forum:viewsubscribers&lt;br /&gt;
##mod/forum:managesubscriptions&lt;br /&gt;
##mod/forum:throttlingapplies&lt;br /&gt;
#Glossary&lt;br /&gt;
##mod/glossary:view - read entries&lt;br /&gt;
##mod/glossary:write - add entries&lt;br /&gt;
##mod/glossary:manageentries - add, edit, delete entries&lt;br /&gt;
##mod/glossary:managecategories - create, delete, edit categories&lt;br /&gt;
##mod/glossary:comment - comment on an entry&lt;br /&gt;
##mod/glossary:managecomments - edit, delete comments&lt;br /&gt;
##mod/glossary:import - import glossaries&lt;br /&gt;
##mod/glossary:export - export glossaries&lt;br /&gt;
##mod/glossary:approve - approve glossaries&lt;br /&gt;
##mod/glossary:rate - rates glossary&lt;br /&gt;
##mod/glossary:viewrating - view ratings&lt;br /&gt;
#Hotpot&lt;br /&gt;
##mod/hotpot:view&lt;br /&gt;
#Label&lt;br /&gt;
##none&lt;br /&gt;
#Lams&lt;br /&gt;
##TBD&lt;br /&gt;
#Lesson&lt;br /&gt;
##TBD&lt;br /&gt;
#Quiz&lt;br /&gt;
##mod/quiz:viewreports - view quiz result reports&lt;br /&gt;
##mod/quiz:manage - add/delete/move (up or down) questions for a quiz&lt;br /&gt;
#Resource&lt;br /&gt;
##mod/resource:view&lt;br /&gt;
#Scorm&lt;br /&gt;
##mod/scorm:view&lt;br /&gt;
##mod/scorm:viewgrades&lt;br /&gt;
#Survey&lt;br /&gt;
##mod/survey:download - downloads survery result&lt;br /&gt;
##mod/survey:participate - participate/ do survey&lt;br /&gt;
##mod/survey:readresponses - read all user&#039;s responese&lt;br /&gt;
#Wiki&lt;br /&gt;
##Waiting on new wiki&lt;br /&gt;
#Workshop&lt;br /&gt;
##Waiting on new Workshop&lt;br /&gt;
&lt;br /&gt;
===Enrolment-level Capabilities===&lt;br /&gt;
&lt;br /&gt;
The naming convention for capabilities that are specific to enrolment is &#039;enrol/enrol_name:capability&#039;. The enrolment capabilities are defined in enrol/enrol_name/db/access.php.&lt;br /&gt;
&lt;br /&gt;
#Authorize.net Payment Gateway &lt;br /&gt;
##enrol/authorize:managepayments - manage user payments, capture, void, refund, delete etc.&lt;br /&gt;
&lt;br /&gt;
Will it be possible to enroll people into different roles in a course as part of the enrollment process itself? I mean could you have an option to self-enroll (either involving payment or not) into multiple roles? In fact, will there be any possibility of a student self-selecting a role for themselves, but no one else but themselves?--[[User:N Hansen|N Hansen]] 02:00, 14 August 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Blocks===&lt;br /&gt;
&lt;br /&gt;
===Questions===&lt;br /&gt;
I am adding question categories here because they seem to have been forgotten in the whole scheme of things since having been removed from the quiz module itself. I&#039;ve made a suggestion on how these could be handled in [http://www.moodle.org/bugs/bug.php?op=show&amp;amp;bugid=6118&amp;amp;pos= bug 6118].&lt;br /&gt;
&lt;br /&gt;
See [http://moodle.org/mod/forum/discuss.php?d=51143 this forum thread] for a discussion about the current problems wth publishing question categories.[[User:Tim Hunt|Tim Hunt]] 18:50, 8 August 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
==Programming Interface==&lt;br /&gt;
&lt;br /&gt;
Although the Roles system may look complicated at first glance, implementing it in Moodle code is fairly simple.&lt;br /&gt;
&lt;br /&gt;
* You need to define each capability once, so that Moodle can upgrade existing roles to take advantage of it.  You do this in an access.php inside the db folder of any module (eg see mod/forum/db/access.php).  The array contains entries like this (note the descriptions for the legacy roles which provides forward compatibility):&lt;br /&gt;
    &#039;mod/forum:viewforum&#039; =&amp;gt; array(&lt;br /&gt;
        &#039;captype&#039; =&amp;gt; &#039;read&#039;,&lt;br /&gt;
        &#039;contextlevel&#039; =&amp;gt; CONTEXT_MODULE,&lt;br /&gt;
        &#039;legacy&#039; =&amp;gt; array(&lt;br /&gt;
            &#039;guest&#039; =&amp;gt; CAP_PREVENT,&lt;br /&gt;
            &#039;student&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;teacher&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;editingteacher&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;coursecreator&#039; =&amp;gt; CAP_ALLOW,&lt;br /&gt;
            &#039;admin&#039; =&amp;gt; CAP_ALLOW&lt;br /&gt;
        )&lt;br /&gt;
    ),&lt;br /&gt;
* To load/change these capabilities you need to bump the module version.   There&#039;s no need to provide changes or differences as Moodle will scan the whole array and sort it out.&lt;br /&gt;
* On each page you need to find the context the user is working in, using the get_context_instance() function.  For example, in the forum module:&lt;br /&gt;
&lt;br /&gt;
  $context = get_context_instance(CONTEXT_MODULE, $cm-&amp;gt;id);&lt;br /&gt;
* Then, whenever you want to check that the current user has rights to do something, call has_capability() like this:&lt;br /&gt;
    if (!has_capability(&#039;mod/forum:viewforum&#039;, $context)) {&lt;br /&gt;
        print_error(&#039;nopermissiontoviewforum&#039;);&lt;br /&gt;
    }&lt;br /&gt;
* If you just want to assert a capability and then finish with an error message if it&#039;s not met (as we did above), then a shorter way it to use require_capability() like this:&lt;br /&gt;
&lt;br /&gt;
    require_capability(&#039;mod/forum:viewforum&#039;, $context);&lt;br /&gt;
&lt;br /&gt;
* Note that there are extra parameters you can specify to get a custom error message, otherwise users get an automated &amp;quot;No permissions&amp;quot; message that lists the permission they were missing.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
As a result of the new Roles System, all calls to isadmin(), iscoursecreator, isteacheredit(), isteacher(), isstudent(), and isguest() will have to be replaced with calls to has_capability() or require_capability().   However, these functions will be retained for some backward compatibility with old code, using the legacy capabilities to try and work out what to do.&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
==Problem areas we are working on ==&lt;br /&gt;
&lt;br /&gt;
===Student view===&lt;br /&gt;
===Teacher forum===&lt;br /&gt;
===Enrolment plugins===&lt;br /&gt;
&lt;br /&gt;
==Scenario brainstorming==&lt;br /&gt;
&lt;br /&gt;
This section is for brainstorming some example roles that we would like to support.  Note some of these *may* not be possible in 1.7.&lt;br /&gt;
&lt;br /&gt;
===Student===&lt;br /&gt;
Has this one been missed?&lt;br /&gt;
&lt;br /&gt;
===Site Designers===&lt;br /&gt;
Is there a role for people involved in how the site looks but not full administrators? Thinking here of online control of themes rather than FTP theme uploading. But in either case they caneditlogos, caneditcss, candeditlevelatwhichthemeapplies.&lt;br /&gt;
&lt;br /&gt;
===Educational Authority Adviser===&lt;br /&gt;
Someone who would want to browse the site and may be asked to comment or contribute to particular discussions or developments in school. Access for this role would be controlled by the school in the case of school level moodles but may be different if there were to be a Local Authority wide Moodle.&lt;br /&gt;
&lt;br /&gt;
===Educational Inspector===&lt;br /&gt;
Someone who will visit the site to verify the school&#039;s self review that comments on home school relationships, extending the classroom etc. They may want to see summaries of usage and reports from surveys garnering parent and pupil views.&lt;br /&gt;
&lt;br /&gt;
===Second Marker / Moderator===&lt;br /&gt;
A teacher within ths site that has access to assignments and quizzes from another teacher&#039;s course for second marking purposes. This may need additional functionality adding to the assignment module so that two sets of grades/feedback can be given to one set of assignments.&lt;br /&gt;
&lt;br /&gt;
===Peer observer of teaching===&lt;br /&gt;
Many institutions encourage peer observation of teaching, to encourage reflection on practice. In online environments this will be similar to moderation or inspection. The peer observer would need to be able to experience the course &amp;quot;as a student&amp;quot;, but also to be able to view summaries of usage, transcripts of interactions (forums/surveys/polls etc), grades assigned (e.g. in assignments).&lt;br /&gt;
&lt;br /&gt;
===External Examiner===&lt;br /&gt;
Has all the rights of inpectors, but would also need to be able to review assignments and feedback, view forums, glossaries etc. However, would not want to post, feedback onto the site at all.&lt;br /&gt;
&lt;br /&gt;
===Parent===&lt;br /&gt;
A parent will have one or more children in one or more institutions which could be using one or more moodle instances or a mixture of Learning Platforms. A parent&#039;s role will vary depending on the age of their children and whether they are contributing as a parent or a school supporter.&lt;br /&gt;
&lt;br /&gt;
In Early Years (EY=3+4 yr olds) and Key Stage 1 (KS1=5+6 yr olds) they may play/learn on an activity or write for the child. Parents often interpret homework tasks and read to their children perhaps filling in a joint reading diary. In Key Stage 2 (KS2=7-11 yr olds) parents would be more monitoring but may join in as well.&lt;br /&gt;
&lt;br /&gt;
In Key stages 3 (KS3=12-14 yr olds) and 4 (KS4=15+16 yr olds) this changes to more of a monitoring/awareness role where a parent would expect to have a summary report of attendance, attainment and general achievement on a weekly/monthly/termly or annual basis. Parents will often be asked to sign and write back comments about this review report.&lt;br /&gt;
&lt;br /&gt;
In all Key Stages there is a great need for parents to receive communication from the school which they can confirm they have received by signing a form. In some cases this may also involve making choices from a list. It may also involve payment for a trip or disco being returned so there could be the possibility of electronic payments. Also in all Key Satges there may be a home-school agreement which may be signed up to. Could this form part of a site policy system that incorporates a tickable list of activities the parent agrees to the child using (blogs/wikis/forums etc.)?&lt;br /&gt;
&lt;br /&gt;
Parent&#039;s evenings often involve complex booking systems that attempt to get parent&#039;s and teachers together. Easy for EY/KS1/KS2 very difficult for KS3/KS4. Wow would this help if it was built into the Learning Platform.&lt;br /&gt;
&lt;br /&gt;
In some cases there needs to be confidential communication between the parent and the teacher without the child being party to this. It may involve teaching and learning but could also involve a behaviour or medical issue. Often this may be done via a sealed letter or face to face. &lt;br /&gt;
&lt;br /&gt;
The latest incarnation of OfSTED with the Self Review Framework (SEF) there is a greater emphasis on schools gathering parent voice via surveys and discussion. There is a clear match here with parents have access to parental votes, questionnaires and discussions and for schools to be able to publish news, results and reports back to parents.&lt;br /&gt;
&lt;br /&gt;
In the UK the LP framework and agenda as being pushed by the DfES via Becta emphasises that within the mandatory groups and roles functionality the parent role is likely to be required to meet the LP Framework procurement standard.&lt;br /&gt;
&lt;br /&gt;
Again in the UK, parents have their own independent right of access to a child&#039;s educational records. Obviously, children&#039;s records must not be made available to other parties, including the parents of other children in the same class. Thus it would be necessary to associate parent accounts with their own child&#039;s accounts in such a way that they could, if so desired, have read access to their child&#039;s grades, answers and contributions, but generally not those of other children - this may be problematic in the case of wiki activities or forum posts.&lt;br /&gt;
&lt;br /&gt;
There is some concern that children&#039;s forum contributions etc may be constrained if their parents are able to read all that they write; this may be particularly problematic in areas such as Personal, Social and Health Education (PSHE), where some schools may choose to use obfuscated usernames.&lt;br /&gt;
&lt;br /&gt;
===Manager===&lt;br /&gt;
&#039;&#039;Please add text here...&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Weekly Seminar Leader===&lt;br /&gt;
&#039;&#039;In a university seminar, typically 8-15 students in their 3rd/4th year, each student is responsible for leading one topic in a study series.  I ask each student to research 5-10 resources, then give a powerpoint presentation to the other students.  This is followed by an in-class discussion and then online homework.  The homework involves some fun quiz questions and then some reflective journal questions.  I ask each seminar leader to prepare the quiz questions and journal questions as well as their presentation.  To do that, I would like to assign activity-making/authoring roles to the student--either for a short period, or for duration of the whole course.  Thus &amp;quot;Allow Quiz Authoring Role&amp;quot; or &amp;quot;Allow Assignment Authoring Role&amp;quot; at the course level or, if possible, even the Topic level (in a topic or week format course) would be important.&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Mentor/Mentee===&lt;br /&gt;
&#039;&#039;Please add text here...&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Community-Designed Rating Criteria===&lt;br /&gt;
&#039;&#039;The gradebook tends to be the domain of the teacher.  What if community/peer ratings/marks could also be entered there? What if peer assessment criteria could be designed by the students, not just the teacher?&#039;&#039;&lt;br /&gt;
&lt;br /&gt;
===Visitor===&lt;br /&gt;
&lt;br /&gt;
This would be a role whereby one could allow a visitor to visit one&#039;s classroom. This might be a colleague interested in seeing your course, or a journalist who might be writing an article about one&#039;s site. They should not be able to see the names of any students anywhere (eg recent activity, forum posts) for privacy reasons. They should be able to try out things like quizzes, and lessons but no grades would be recorded (like in teacher preview mode). They would not be able to participate in choices and forums but could view them. It would be read only in a way like former-student role below but without access to a particular student&#039;s records that former student role would grant.&lt;br /&gt;
&lt;br /&gt;
===Guest Speaker===&lt;br /&gt;
&lt;br /&gt;
This role would be similar to the Visitor role above, but would allow seeing student names, and also allow both reading and posting to a specific forum or forums. We often have &amp;quot;guest speakers&amp;quot; who read and respond to student forum posts. Right now we have to add them as students, which isn&#039;t ideal.&lt;br /&gt;
&lt;br /&gt;
===Former Student===&lt;br /&gt;
This role would be of particular use for courses with rolling enrollments. This role would be one where a student had completed all of the requirements of a course (ie assignments, quizzes etc.) but wished to have continued access to the course material for review or consultation. The key factor is that one would give access to the completed student to the notes he read, his work and the teacher&#039;s comments on it, but he would not be allowed to do anything that would take up the teacher&#039;s time. In other words, a sort-of read-only access to the course. How forums, which might contain pertinent information and would continue to grow, would be handled is a question. Perhaps the student would be shown only what was in the forums at the time he completed the course. He would not be allowed to see any new posts or add any himself. Same thing for database and glossary entries. In other words, a snapshot of the course at the time his regular enrollment ended. He shouldn&#039;t be able to see the names or profiles of any newly enrolled students for privacy reasons-hence the restrictions on forum access. One issue that would have to be dealt with would be changes to existing modules-such as resources. Does the student get access to the module as it was or as it is? We have no versioning of resources in Moodle so this would be a problem. What about a teacher changing a quiz question so that the answer is different? What would a former student see?&lt;br /&gt;
&lt;br /&gt;
===Alumnus=== An ALUMNUS should be able to search for all other ALUMNI of the school, interact with them and be enrolled in a seperate course - which is like a META course with all the content of his learning and interaction - as well as capabilities to be a part of this ALUMNI only course.  All the teachers of courses during school years should automatically be a part of the ALUMNI course .. which means when an ALUMNUS is enrolled in a course, the original teachers of all his courses get enrolled ?  --[[User:Anil Sharma|Anil Sharma]] 20:54, 15 July 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Librarian===&lt;br /&gt;
&lt;br /&gt;
Reference Librarians have an active role in most of the courses taught at Earlham College (with Bibliographic Instruction). The Librarian role within Moodle could encompass default read access to all courses (unless prohibited by course teacher) and read access to all components of the course unless access is barred (again by teacher). The Librarians would also perhaps have a block called perhaps Reference Services or Reference Desk with write access where they could deposit resources. Also this block might have a chat applet whereby enrolled students could chat to the Reference Librarian on duty about their bibliographic research needs.&lt;br /&gt;
&lt;br /&gt;
In schools there is often a book review system. This may be covered by the lending system database but may not in which case a librarian may neeed to have a course area they can create a database template to handle the reviews in which case they may have a normal teacher style role? Off topic but course an integration with common schools database systems would be great.&lt;br /&gt;
&lt;br /&gt;
===Teacher===&lt;br /&gt;
&lt;br /&gt;
Teachers should have read access to other Teacher&#039;s courses unless explictly prohibited. They should be able to set parts of their own course to be totally private (perhaps even to admin?). Just as each activity can currently be set to have group access, each activity could have a permissions field. Teachers could set default permissions for all activities on their course (eg they might disallow Librarian access for example) and then change the access permission for an individual activity. &lt;br /&gt;
&lt;br /&gt;
I think that what is needed is a simple heirarchy of permissions and levels of granularity.&lt;br /&gt;
&lt;br /&gt;
I would take issue with &amp;quot;teachers should have read access to other teacher&#039;s courses unless explicitly prohibited.&amp;quot; This is a violation of the students&#039; privacy as how they perform and what they do in one class isn&#039;t the business of another teacher. Moreover, in the real world a teacher wouldn&#039;t suddenly go sit in on a colleague&#039;s class without asking permission first. I would not have appreciated such an invasion of privacy as either a teacher or a student. It could be an option, but shouldn&#039;t be default.--[[User:N Hansen|N Hansen]] 19:54, 12 June 2006 (WST)&lt;br /&gt;
&lt;br /&gt;
===Community Education Tutors/Trainers===&lt;br /&gt;
Teachers may be community adult education trainers making use of a school moodle so must only have access to their courses unless given access elsewhere. They would not necessarily get the default teacher privileges.&lt;br /&gt;
&lt;br /&gt;
===Secretary/Student Worker===&lt;br /&gt;
&lt;br /&gt;
We often have faculty who want their departmental secretary or student worker to scan and upload files and perhaps create resources. Currently they have to be given teacher access to the course. This is dangerous from a FERPA standpoint since they could easily get access to grades.&lt;br /&gt;
&lt;br /&gt;
===Teaching Assistant===&lt;br /&gt;
&lt;br /&gt;
Our Faculty frequently have undergraduate students acting as Teaching Assistants. These students need to be able to add resources, create assignments, and possibly grade assignments. However, due to FERPA they cannot have access to other students&#039; overall grade information. I think the requirements here are slightly different than those of Secretary/Student Worker&lt;br /&gt;
&lt;br /&gt;
===Student - FERPA rights===&lt;br /&gt;
&lt;br /&gt;
A student that has asserted their FERPA rights to non-disclosure.  Typically includes not publishing their name&lt;br /&gt;
in any public place.  Could include this student only being seen with an &amp;quot;alias&amp;quot; within course spaces.  Is this an attribute rather&lt;br /&gt;
than a role?&lt;br /&gt;
&lt;br /&gt;
===Help Desk===&lt;br /&gt;
&lt;br /&gt;
Help desk agents that have read access for the purposes of trouble shooting.  Some care in placing this role within a hierarchy&lt;br /&gt;
of inheritance is needed, full access will be problematic with FERPA.&lt;br /&gt;
&lt;br /&gt;
===Admin - Catgory based===&lt;br /&gt;
&lt;br /&gt;
Basically a person in between full Admin and Creator that has the permissions of an Admin but only with respect to courses and students. Currently a Creator has permissions site-wide which does not always meet the requirements of a given organisation (e.g. Department A may not be happy that a person from Department B can create/modify courses within Department A&#039;s area). The ability to designate a Creator within a specific category would allow areas to be set up for a faculty/department/organisation and allow the Admin for that area to create/delete courses, upload users, add site-wide entries to the calendar etc.&lt;br /&gt;
&lt;br /&gt;
===PROCESS ROLES===&lt;br /&gt;
&lt;br /&gt;
organising the learning process for a group you wish to have the choice to place students in differnt roles: examples of this are:&lt;br /&gt;
&amp;lt;li&amp;gt;1. Give a student the role of forum-moderator with edit and chunk-rights&lt;br /&gt;
&amp;lt;li&amp;gt;2. Give students different roles &amp;amp; rights in a Webquest design (and change these roles next week&lt;br /&gt;
&amp;lt;li&amp;gt;3. Give students different resources, depending of their roles in a rolegame/simulation&lt;br /&gt;
&amp;lt;li&amp;gt;4. Give a student the rights to create the section content of next week (and only that week..)&lt;br /&gt;
&amp;lt;li&amp;gt;5. ..&lt;br /&gt;
&lt;br /&gt;
==See also==&lt;br /&gt;
&lt;br /&gt;
*Using Moodle [http://moodle.org/mod/forum/discuss.php?d=38788 Roles and Permissions architecture] forum discussion&lt;br /&gt;
&lt;br /&gt;
&lt;br /&gt;
[[Category:Future]]&lt;br /&gt;
[[Category:Roles]]&lt;br /&gt;
&lt;br /&gt;
[[ru:Роли]]&lt;/div&gt;</summary>
		<author><name>Lazyfish</name></author>
	</entry>
</feed>