In reading over what has been said about this here and in the documentation, several things still remain unclear to me:
Who has the ability to create roles and set permissions for them? Who has the ability to assign users to roles?
In the documentation, there are core level and module level permissions? But what about permissions for specific instances of modules? That doesn't seem to be spelled out anywhere, but it is implied in the following example:
For example, Jeff has a naughty student role that prohibits him from postings in any forums (for the whole site), but he's also assigned a facilitator role in "Science forum" in the course Science and Math 101.
I'm assuming this means we will be able to fine grain permissions on a module-instance level? I'm assuming the specs will be the same as the overall permissions for those modules? Am I correct?
Following from that, if the capability of doing anything related to a particular instance of a module for a particular role is set to prohibit or prevent, wiill someone in that role still be able to see the instance of that module on the course page? Or will it be invisible to them?
And again, related to the previous question, in terms of making things easier to use, could there be a way of simply setting all permissions for a particular module (or module-instance) to one of the various capabilities at once? For example, forum has 15 different permissions that can be set for it-it would be helpful if we could set all 15 to the same thing at once if necessary, rather than have to set 15 individually.
Also, what about the enrollment process? Will it be possible to enroll in courses directly into particular roles? If so, how will that be handled vis-a-vis something like the Paypal module?
Thanks in advance for any answers you provide, but if things actually will work as they seem to be described, this new feature will solve a big problem I have had that I thought wouldn't be fixed until 2.0 at the earliest, so I'm very excited about this.
>Who has the ability to create roles and set permissions for them? Who has the ability to assign users to roles?
People who you give roles that include that capability to (like any other permission).
>In the documentation, there are core level and module level permissions? But what about permissions for specific instances of modules? That doesn't seem to be spelled out anywhere, but it is implied in the following example:
For example, Jeff has a naughty student role that prohibits him from postings in any forums (for the whole site), but he's also assigned a facilitator role in "Science forum" in the course Science and Math 101.
Yes, this is exactly right. Read the documentation more closely about contexts. Roles are granted to a user in a context.
> I'm assuming this means we will be able to fine grain permissions on a module-instance level? I'm assuming the specs will be the same as the overall permissions for those modules? Am I correct?
Yes.
>Following from that, if the capability of doing anything related to a particular instance of a module for a particular role is set to prohibit or prevent, wiill someone in that role still be able to see the instance of that module on the course page? Or will it be invisible to them?
Currently they will still see it, because testing ALL permissions for every activity on a course page would be too expensive. This will be solved later as part of conditional activities and new groups.
> And again, related to the previous question, in terms of making things easier to use, could there be a way of simply setting all permissions for a particular module (or module-instance) to one of the various capabilities at once? For example, forum has 15 different permissions that can be set for it-it would be helpful if we could set all 15 to the same thing at once if necessary, rather than have to set 15 individually.
We might add this to the GUI later but you won't need it as much as you think you will because you aren't assigning these capabilities to individual people, but to Roles.
>Also, what about the enrollment process? Will it be possible to enroll in courses directly into particular roles? If so, how will that be handled vis-a-vis something like the Paypal module?
This is one of the things yet to do, but yes. It needs to be done because "students" and "teachers" are fluid concepts now and the user_students and user_teachers tables are going away.
There are two ways of referring to the Roles for something like this. The first way is by direct reference, though this can be fragile because you might remove/change roles. The second way is indirect, by referencing the "legacy capabilities", which act like tags to say that "this role is really the 'student' role, even though I'm calling it something else and have changed what these people can do". So you can still make people "students" in the old language and the plugin will be able to find which role(s) to assign to those users.
People who you give roles that include that capability to (like any other permission).
>In the documentation, there are core level and module level permissions? But what about permissions for specific instances of modules? That doesn't seem to be spelled out anywhere, but it is implied in the following example:
For example, Jeff has a naughty student role that prohibits him from postings in any forums (for the whole site), but he's also assigned a facilitator role in "Science forum" in the course Science and Math 101.
Yes, this is exactly right. Read the documentation more closely about contexts. Roles are granted to a user in a context.
> I'm assuming this means we will be able to fine grain permissions on a module-instance level? I'm assuming the specs will be the same as the overall permissions for those modules? Am I correct?
Yes.
>Following from that, if the capability of doing anything related to a particular instance of a module for a particular role is set to prohibit or prevent, wiill someone in that role still be able to see the instance of that module on the course page? Or will it be invisible to them?
Currently they will still see it, because testing ALL permissions for every activity on a course page would be too expensive. This will be solved later as part of conditional activities and new groups.
> And again, related to the previous question, in terms of making things easier to use, could there be a way of simply setting all permissions for a particular module (or module-instance) to one of the various capabilities at once? For example, forum has 15 different permissions that can be set for it-it would be helpful if we could set all 15 to the same thing at once if necessary, rather than have to set 15 individually.
We might add this to the GUI later but you won't need it as much as you think you will because you aren't assigning these capabilities to individual people, but to Roles.
>Also, what about the enrollment process? Will it be possible to enroll in courses directly into particular roles? If so, how will that be handled vis-a-vis something like the Paypal module?
This is one of the things yet to do, but yes. It needs to be done because "students" and "teachers" are fluid concepts now and the user_students and user_teachers tables are going away.
There are two ways of referring to the Roles for something like this. The first way is by direct reference, though this can be fragile because you might remove/change roles. The second way is indirect, by referencing the "legacy capabilities", which act like tags to say that "this role is really the 'student' role, even though I'm calling it something else and have changed what these people can do". So you can still make people "students" in the old language and the plugin will be able to find which role(s) to assign to those users.
I posted this over in the docs but I'll post this question here too, as this is really one of the key things I am trying to understand about roles. I'm not so interested in what role is the "student" role even if it is different, what I am wondering about is the possibility of assigning different roles from the outset to what might be called a "legacy" student in a course. For example, now we have a single button that allows a student to enroll in a course as a student. In this case, they are enrolling directly into a student role. But what if you have a course where you have different types of student roles each with different capabilities assigned to them? In what role will those students be enrolled? Will they be able to choose a role when they enroll? Or will there be a default "student" role for that course? At the moment, you talk about certain higher level people having the ability to assign roles. What I am thinking about is in a way is giving a student a way to assign a role themselves, but only to themselves? Is this possible?
In looking over the feature requests for an improved payment plugin, a lot of what people are looking for involves selling different types of course packages and I think roles would really help with satisfying a lot of those needs if they could be tied in with roles. For example, imagine a course with a trial membership role (with read-only priveleges) and a full partiicpant role (with the ability to do anything a student normally can do). The trial membership costs $5 and the full participant option costs $50. I realize the ability to set different prices doesn't exist yet (nor different enrollment periods) but that is something I think can be incorporated into a new payment plugin, so for the moment let's just imagine they do. What I need to know is there going to be any built-in ability to self-select a role for themselves or must it always be assigned to them by someone else?
In looking over the feature requests for an improved payment plugin, a lot of what people are looking for involves selling different types of course packages and I think roles would really help with satisfying a lot of those needs if they could be tied in with roles. For example, imagine a course with a trial membership role (with read-only priveleges) and a full partiicpant role (with the ability to do anything a student normally can do). The trial membership costs $5 and the full participant option costs $50. I realize the ability to set different prices doesn't exist yet (nor different enrollment periods) but that is something I think can be incorporated into a new payment plugin, so for the moment let's just imagine they do. What I need to know is there going to be any built-in ability to self-select a role for themselves or must it always be assigned to them by someone else?
The enrolment plugins will have to decide what roles people are assigned, it's not a function of Moodle core. They may choose to allow students to choose, they might not. I look forward to seeing what happens with new plugins there.