Limit 'login as' to administrators only

Limit 'login as' to administrators only

by Paul Nijbakker -
Number of replies: 17
Hi fellow Moodlers,

I have not found this specific topic elsewhere (at least not with the advanced search facility) at moodle.org

Is there a way (e.g. modifying the course/loginas.php file) to limit the 'login as' function to administrators only. Theoretically, we could be sued if teachers use this option, because the privacy of the students is protected by law. (Even the administrator is officially not allowed to use this function, but sometimes it is necessary to check a problem that a student may have from the view of the student.)

For the time being I have blocked the function crudely by disabling the cours/loginas file, but there should be a more graceful solutionsmile.

Thanks beforehand for any suggestions,
Paul.
Average of ratings: -
In reply to Paul Nijbakker

Re: Limit 'login as' to administrators only

by Ben Goodwin -

Sorry not posting a solution....

BUT I am interested why the privacy of a moodle course for a student on it is covered by law. Surely the student can only be 'logged in as' by a tutor who is responsible for the content of the course and who is most likley also responsible for moderating forums and assignment submissions/marking and grading work and so on.

If you are referring to student data does the fact that a member of staff has access to this outside of moodle (well where i work in the UK we do legally have permission provided it is used in the course of ones work) not pertain to the ability for them to access such data collected through Moodle.

maybe Finnish Lapland law is different to ours???

Average of ratings: -
In reply to Ben Goodwin

Re: Limit 'login as' to administrators only

by A. T. Wyatt -
In the US, there are federal laws that cover student privacy and information. Family Educational Rights and Privacy Act (FERPA) There are "need to know" exceptions, of course.  In general, I would think that other instructors do not "need to know" what students posted on forums in other classes, messaged to other students, received as grades on individual assignments, or uploaded.  Of course, in Moodle, you are limited to logging in as a student to the current course.  Even if you, as the student, try to visit another course in which the student is enrolled, Moodle will stop you.

In our case, I am more concerned because I think that there are a number of classes where students may well be given "instructor" rights.  This happens when we use Moodle for things like social clubs or allow students to build their own courses/portfolios.  Moodle 2 will doubtless provide new tools!  But right now, we push moodle to accomplish purposes a bit outside the original design specs!  At our University, we are hoping to set up a second moodle instance to handle student owned courses, and on that system, the "login as" feature will have to be removed.
Average of ratings: -
In reply to A. T. Wyatt

Re: Limit 'login as' to administrators only

by A. T. Wyatt -
Retraction: 

"Even if you, as the student, try to visit another course in which the student is enrolled, Moodle will stop you."

I did test it again before posting, but my sysadmin had applied some of Dr. Hyndman's hacks before I realized it.  I don't think Moodle DOES stop you from logging in as a student and visiting other classes as the student otherwise.  At least it doesn't on my local install.  So my previous post isn't very accurate.  We have restricted the capability on our instance.

Apologies,
atw
Average of ratings: -
In reply to Ben Goodwin

Re: Limit 'login as' to administrators only

by Paul Nijbakker -
Hi Ben,

Indeed the law in Finland is more protective of the privacy of people than in many other countries I know. It approximately states that anything a web user writes/posts that is not addressed to you is covered by the privacy law (thus employers have no right to monitor e-mail sent to others by their employees). If teachers go around loggin in as students, they have access to private messages sent and received by the students and, while we have full confidence in the integrity of our teaching staff, we want to limit the risk of anyone inadvertently breaking the law.smile

Rgrds,
Paul.
Average of ratings: -
In reply to Paul Nijbakker

Re: Limit 'login as' to administrators only

by Steve Hyndman -
That is a great law Paul...I wish we had one like it in the US.
Average of ratings: -
In reply to Paul Nijbakker

Re: Limit 'login as' to administrators only

by Visvanath Ratnaweera -
Picture of Particularly helpful Moodlers Picture of Translators
So you think that there are technical methods of making sure that nobody breaks the law "inadvertently"?

A side question: If you are going to "protect" teachers from this pitfall, why not the administrators?
Average of ratings: -
In reply to Visvanath Ratnaweera

Re: Limit 'login as' to administrators only

by Paul Nijbakker -

Hello Mr Ratneweera,

No, we cannot make sure, but we can limit the risk. Many of our teachers are not that experienced yet with Moodle and might be trying out functions just to see what they do.

We want to reserve this function for administrators, because some problems that may occur require to see the problem from the eyes of the student that experiences the problem, before due remedial action can be taken.

Rgrds,
Paul.

Average of ratings: -
In reply to Paul Nijbakker

Re: Limit 'login as' to administrators only

by Steve Hyndman -

Paul,

I understand your concern. I have the same concerns with both university faculty and public school teachers on my sites. I really don't understand why a teacher or admin for that matter would want, or need, to login as a student. Just create a "dummy" student account and use that. Anyway...here is what I have done. As always...use at your own risk...I'm a hacker, not a programmer smile. This seems to work on my sites.

1. Disable moodle/course/loginas.php. I just renamed the file...I don't like to delete things just in case I find some problems later and have to undo some stuff.

2. Open moodle/user/view.php and comment out lines around 270 to 287...note the first part of this code is already commented, so you just need to extend the comment to the end of the second section. This will remove the loginas buttom from the student profile. See below.

loing as code

3. Open moodle/lib/weblib.php and comment out lines around 2598 to 2602...see below. This will remove the loginas link when a teacher or admin looks at the list of Participants in a class in the Detailed View.

loing as code

I'm not sure this is very graceful, but hopefully it will help.

Steve

Average of ratings: Useful (1)
In reply to Steve Hyndman

Re: Limit 'login as' to administrators only

by Paul Nijbakker -
Hi Steve,

Thanks for your suggestion. I have only temporarily disabled the loginas.php file, for we feel that at least administrators should be able to login as other users so as to be able to look at/solve problems through the eyes of the individual user. For example, as a teacher I cannot see what is wrong when certain students encounter a bug in the workshop tool that others (including the teacher) do not see.

So, do you know, if I enable the moodle/course/loginas.php again and I comment out what you mentioned under 3. But in the part mentioned under 2. I comment out only the first part and in the second part I remove or (isteacher($course->id) would that remove the function for teachers but not for administrators?

I am afraid to try it out in our production server and our test server will not be on-line for some weeks.

Rgrds,
Paul.
Average of ratings: -
In reply to Paul Nijbakker

Re: Limit 'login as' to administrators only

by Steve Hyndman -

Paul,

I just woke-up, still on my first cup of coffee, so my brain isn't working well yet smile, but if you know how to comment php, then give it a try and see. Just don't delete any code...if the comment doesn't work like you want, then simply go back and uncomment. I do this all the time on my production sites...may not be good practice, but commenting in this area won't hurt anything.

However, look at it this way. If a student is having a problem, then you should be able to log in as a different student and experience the same problem...if you don't, then changes are, you wouldn't experience that problem even if you were logged in as that studdent...the problem is likley with the student's system and not the server or Moodle.

Average of ratings: -
In reply to Steve Hyndman

Re: Limit 'login as' to administrators only

by Paul Nijbakker -

Hi Steve,

The problem I was specifically concerned with (in the workshop tool) occurred only with some students and by logging in as them and looking at the database as admin I have been able to correct their problem (although it does not solve the bug, which has something to do with several empty entries being created by the student, perhaps by double-clicking on a save button?).

I will try your suggestion, with an extra security. I will copy the original file and keep it safe under a different name and make the changes in the copy to see if they work. Thanks for the help.

Rgrds,
Paul.

Average of ratings: -
In reply to Paul Nijbakker

Re: Limit 'login as' to administrators only

by Res Hotz-Pohlmann -

Hi Paul

Edit line 37ff. of \course\loginas.php:

    // $user must be defined to go on

//    if (!isteacher($course->id)) {
//        error("Only teachers can use this page!");
//    }
    if (!isadmin()) {
        error("Only administrators can use this page!");
    }

In actual fact this is all you have to do to achieve your aim. But now, all teachers have still [Login as] command buttons on their students profile sites. Notabene: These buttons just evoke the error message "Only administrators can use this page!" (see above). But if you want to get rid of these needless command buttons, do some more php editing work:

Edit line 278 of \user\view.php

//    if ((isadmin() and !isadmin($user->id)) or (isteacher($course->id) and ($USER->id != $user->id) and !iscreator($user->id))) {
    if ((isadmin() and !isadmin($user->id)) and ($USER->id != $user->id) and !iscreator($user->id))) {

 

 

Average of ratings: Useful (1)
In reply to Res Hotz-Pohlmann

Re: Limit 'login as' to administrators only

by Paul Nijbakker -

Thanks a lot Res,

This hack does just what we wantedapprove. We have decided to leave the button visible for teachers, so that, if a problem occurs that would require logging in as a student, they will be alerted to contact us.

Rgrds,
Paul.

Average of ratings: -
In reply to Res Hotz-Pohlmann

Re: Limit 'login as' to administrators only

by A. H. -
Hi All,
So the only way to disable this button is by editing (not hacking) the code?
We are trying to keep "code editing" the very last step.

We still want the teacher to login as a student, but we used to do that on WebCT coz some issues cannot be tested unless u were a studen. So we create for each professor a ficticious student id.

Thank you for your help in advance.
Amer
Average of ratings: -
In reply to A. H.

Re: Limit 'login as' to administrators only

by Petr Skoda -
Picture of Core developers Picture of Documentation writers Picture of Particularly helpful Moodlers Picture of Peer reviewers Picture of Plugin developers
Hi!

There is a new feature in 1.6 - you can set global "loginas" password in config.php

skodak
Average of ratings: -
In reply to Res Hotz-Pohlmann

Re: Limit 'login as' to administrators only

by Michael Spall -
Picture of Core developers Picture of Testers
There is an error in the second code snippet. The parentheses don't match up.

Edit line 278 of \user\view.php

//    if ((isadmin() and !isadmin($user->id)) or (isteacher($course->id) and ($USER->id != $user->id) and !iscreator($user->id))) {
    if ((isadmin() and !isadmin($user->id)) and ($USER->id != $user->id) and !iscreator($user->id))) {

                                        ^

Since this is a change to allow only administrators to have the login, the entire right hand side of the or isn't neccessary.

Edit line 278 of \user\view.php

//    if ((isadmin() and !isadmin($user->id)) or (isteacher($course->id) and ($USER->id != $user->id) and !iscreator($user->id))) {
    if (isadmin() and !isadmin($user->id)) {


Average of ratings: -