I just wanted to muse on our issues with the moodle/view:courses and the assumption in the Moodle codebase that these equates to a course enrolment.
We have a couple of role use cases that this affects:
1) We want all our logged in users to be able to view any course unless the tutor has said guests aren't allowed. Access for non-logged in guests i.e. the Moodle guest users should be controlled separately. i.e. a tutor should be allowed to decide whether they will allow anonymous guests, logged in users not enrolled on their course or neither. By default we want logged in users to see courses so they can make module choices and get course materials until their module choices are reflected via the student record system as enrolments.
To do this we create a previewer role which has the same capabilities as our student role except cannot view grades, take assignments, quizzes or choices.
2) Departmental Administrators need editing access to all courses in their department category without appearing as tutors. We call these non-teaching editors so are the reverse of non-editing teachers. We assign these at category level.
The problem is both these roles need the moodle/course:view capability to provide access to courses but this then causes problems as by having this assignment they are often assumed to be course participants. As our Preview role is the role assigned by default by logged in users this often means that all our users (over 13,000) are considered course participants.
This has causes problems in areas like:
- the My Courses Block (users see every course)
- backups with users (all siste users are included)
- users who haven't responded to a choice (all site users are displayed)
I thought this might be an example of the kind of issues you get when your business roles require you to twist Moodle in unusual ways but I'm really interested to visit the forums and see that others are challenged by this problem:
http://moodle.org/mod/forum/discuss.php?d=107267
http://moodle.org/mod/forum/discuss.php?d=106274
The issue is that has_capability(moodle/course:view)is often used in place of an explicit role assignment check in a context. So the code doesn't derive course participation from role assignment but the presence of a capability in that context. Because the contexts are hierarchical and has_capabilty checks recursively up the entire context hierarchy then role assignments at a higher level i.e. category or system include these users.
My plea to the developers is to try and break this relationship between being a course participant and having the moodle/course:view capability in some way to allow for roles that are assigned this capability in contexts above course level allowed without them being considered a course participant. Perhaps by checking explicit role assignment instead, only checking for the moodle/course:view capability in the course context when used to determine course participants, or making the capability used to determine course participants configurable rather than hard coded as this constrains custom role configurations.
It is of course possible that what we want to do with our roles could be achieved in other ways that wouldn't incur this problem and any approaches to this would be welcome (or maybe not now that I can't change what we've done this academic year anyway!). We also wanted to minimise the use of overrides in specific contexts - how fussy are we??
The lightest touch approach we have taken to fix these issues (although it does involve modifying core files which again we aren't keen on) is to create a configuration value $CFG->courseusercap and replace the use of moodle/course:view with this in places where it has caused us a problem. We've then set the value of $CFG->courseusercap to a capability that we allow for students/teachers but not for our other roles.
I'm not sure this is a great solution but it is a workaround that seems to have resolved most of our problems at the moment.
We're going to do an architecture review of our Moodle install this year so we may rethink how we do things, but I just thought I'd add our experience to the discussions on the use of course view capability within Moodle in case it helps other Moodlers and also provide the developers with an example use case.
Regards,
Alison
This is an issue that I have recently faced. I created a new row in the mdl_capabilities table for moodle/course:enrolled (and an entry in the lang file to go with).
Then I changed the definition of get_my_courses in lib/datalib.php to check for course:enrolled instead of course:view.
I have set course:enrolled for roles like student, but not for system wide roles (HODs managers etc) and it seems to be working.
Mike
Then I changed the definition of get_my_courses in lib/datalib.php to check for course:enrolled instead of course:view.
I have set course:enrolled for roles like student, but not for system wide roles (HODs managers etc) and it seems to be working.
Mike
I've found that the following line:
$canviewroles = get_roles_with_capability('moodle/course:view', CAP_ALLOW, $context);
needs to change to:
$canviewroles = get_roles_with_capability('moodle/course:enrolled', CAP_ALLOW, $context);
in user/index.php
Mike
$canviewroles = get_roles_with_capability('moodle/course:view', CAP_ALLOW, $context);
needs to change to:
$canviewroles = get_roles_with_capability('moodle/course:enrolled', CAP_ALLOW, $context);
in user/index.php
Mike
I'm curious if this has worked for other folks. I've put in an inquiry with our administrator to consider this hack to do the following:
1) Create role with capability to view all courses
2) Created role would not make individual admin for all courses
3) Created role would not make individual participant if not enroled
4) Created role would allow individual to see courses, whether a metacourse or child course
I think what I'm envisioning is what this 'user/index.php' edit will provide.
Also, one more vote for this ability to be a part of Moodle 2.0, as well as the ability for guests in metacourses, with or without a key as needed.
1) Create role with capability to view all courses
2) Created role would not make individual admin for all courses
3) Created role would not make individual participant if not enroled
4) Created role would allow individual to see courses, whether a metacourse or child course
I think what I'm envisioning is what this 'user/index.php' edit will provide.
Also, one more vote for this ability to be a part of Moodle 2.0, as well as the ability for guests in metacourses, with or without a key as needed.
"making the capability used to determine course participants configurable rather than hard coded"This seems to be the crux of what you're saying. My guess is that it would affect any Moodle installation where there was a need for world:read type access over certain parts of every course. Have you thought about creating a Tracker entry for this? I think you'd get a lot of votes.
"We're going to do an architecture review of our Moodle install this year so we may rethink how we do things"
What do you mean by 'architecture review'? I'm intrigued.
I've found a tracker entry already exists for this here.
I've added a comment with a link to this thread.
Mike
I've added a comment with a link to this thread.
Mike
Marvellous, good spot Mike, I've added my vote!
Alison
Alison
Hi Mark,
I'm not supposed to be working on Moodle anymore you know so my time to do anything with it has to be stolen. Hence I hadn't worked up to a tracker entry yet but I now see Mike has found one.
By architecture review we will be taking a look at our Moodle setup after 3 years or running it and reviewing:
- infrastructure we run it on
- the configuration decisions we have made related to the application. This will probably include:
- our roles and capabilities
- course categories
- integration with our student record system and how we structure courses and enrol participants
- how past to synchronise user profiles with our enterprise directory
- academic rollover
- how best to store older courses (we are committed to keeping courses for 3 years)
- whether to consider to run in a single installation or break into a federation of intsances within a Moodle network
- and all our business processes and workflows surrounding Moodle now it is starting to reach critical mass in our organisation
This will basically be to look at some performance and administration issues we've run into with our early decisions now that Moodle usage has grown. Should be pretty interesting...
Alison
I'm not supposed to be working on Moodle anymore you know so my time to do anything with it has to be stolen. Hence I hadn't worked up to a tracker entry yet but I now see Mike has found one.
By architecture review we will be taking a look at our Moodle setup after 3 years or running it and reviewing:
- infrastructure we run it on
- the configuration decisions we have made related to the application. This will probably include:
- our roles and capabilities
- course categories
- integration with our student record system and how we structure courses and enrol participants
- how past to synchronise user profiles with our enterprise directory
- academic rollover
- how best to store older courses (we are committed to keeping courses for 3 years)
- whether to consider to run in a single installation or break into a federation of intsances within a Moodle network
- and all our business processes and workflows surrounding Moodle now it is starting to reach critical mass in our organisation
This will basically be to look at some performance and administration issues we've run into with our early decisions now that Moodle usage has grown. Should be pretty interesting...
Alison
Thanks. Very helpful.
M
M
Around 1.8/1.9 we discussed this in the General Dev Forum. My take on it is that what you are doing is technically correct, but there might be issues with the current implementation of the code. If you can keep track of them - and the patches you apply to fix them - then we can evaluate whether it's doable for 2.0.
(And actually, Petr may have done something similar in 2.0 already. I've been out of touch...)
From the POV of 2.0, my main concern would be how to handle upgrades. The ambiguity in the 2 meanings of 'course:view' in 1.7-1.9 will need to be clarified by an admin in some cases...
(And actually, Petr may have done something similar in 2.0 already. I've been out of touch...)
From the POV of 2.0, my main concern would be how to handle upgrades. The ambiguity in the 2 meanings of 'course:view' in 1.7-1.9 will need to be clarified by an admin in some cases...
Yes I can appreciate the implications of this may run deeper. I have to record every Moodle core change I make so I'll have a list of what we have done.
Yes, TiddlyWiki is the way to go here I feel. I track all my changes, workarounds, problems, solutions etc for moodle in a Tiddlywiki I call Moodle Issues and for Elgg in one I call Elgg occurences
Surely the default option for upgrades is simple. It would be to enable both capabilities all users with current view capability and to alert admin that they can now choose to distinguish switch "course:participate" off.
Just adding a few more role use cases to the preview and department admin ones above, where course viewing and participation capabilities need to be separate.
- Inspector role - assigned at site or category level, doesn't need to be listed as participant or see every course in their course list.
- Category management role - similar to department administrator, but with capability combinations currently being discussed at http://moodle.org/mod/forum/discuss.php?d=111459
- Networked admin role - under Moodle networking arrangements, allowing roaming user (e.g. admin) to have some course management capabilities to manage users on your Moodle - at course or category level.