Administrator role damaged - urgent

Administrator role damaged - urgent

by Joe Griffin -
Number of replies: 6
Apologies for cross posting but this is a major problem now and I would appreciate some urgent assisntance.

hello
I've be experiementing with roles and I have done something to the administrator role and seem to have locked myself out now. I have just received this erro message:

"A serious but unspecified error occured while trying to assign a role to you" and when I click to see more I get this on Moodle docs: "

error/moodle/couldnotassignrole"

Also when I log in as an administrator I can only see Users option (and Search) in the Admin block. This option only allows me to list all users. I cannot any longer log into courses unless I have the enrolment key for these course. I cannot make any changes to roles or capabilities. Have I killed the admin role permission to make changes and if so how do I get back to where I was before? I have two current groups of students using Moodle and I cannot communicate with them any longer. So a bit of urgency (why do these problems always happen just when a holiday weekend is looming sad)

Thanks in advance for any help


Average of ratings: -
In reply to Joe Griffin

Re: Administrator role damaged - urgent

by Oswald Zangerle -
You don´t tell which version of Moodle you use; with 1.8 Petr Skoda helped me in a great way.
Have a look:
http://moodle.org/mod/forum/discuss.php?d=66281

Oswald
Average of ratings: -
In reply to Oswald Zangerle

Re: Administrator role damaged - urgent

by Joe Griffin -
Sorry, I'm using 1.7.1 and I have tried the script from Petr but it didn't work.

When I try and override admin role at site level the only capability I am shown is Access all groups. Everything else is now gonesad
Average of ratings: -
In reply to Oswald Zangerle

Re: Administrator role damaged - urgent

by Julie Pichon -
The script doesn't work for 1.7 because it uses functions that are defined only in 1.8. So, I downloaded Moodle 1.8 and copy-pasted the missing function and functions it depends on, at the end of Petr script, and it seems to have worked for Joe (I'm one of his students).

<?php
require 'config.php';

$systemcontext = get_context_instance(CONTEXT_SYSTEM);
$adminroleid = create_role('new admin7', 'admin7', 'delete me later', 'moodle/legacy:admin');
reset_role_capabilities($adminroleid);
$user = get_record('user', 'username', 'admin');
role_assign($adminroleid, $user->id, 0, $systemcontext->id);
echo 'done';

/**
* Reset role capabilitites to default according to selected legacy capability.
* If several legacy caps selected, use the first from get_default_capabilities.
* If no legacy selected, removes all capabilities.
*
* @param int @roleid
*/
function reset_role_capabilities($roleid) {
$sitecontext = get_context_instance(CONTEXT_SYSTEM);
$legacyroles = get_legacy_roles();

$defaultcaps = array();
foreach($legacyroles as $ltype=>$lcap) {
$localoverride = get_local_override($roleid, $sitecontext->id, $lcap);
if (!empty($localoverride->permission) and $localoverride->permission == CAP_ALLOW) {
//choose first selected legacy capability
$defaultcaps = get_default_capabilities($ltype);
break;
}
}

delete_records('role_capabilities', 'roleid', $roleid);
if (!empty($defaultcaps)) {
foreach($defaultcaps as $cap=>$permission) {
assign_capability($cap, $permission, $roleid, $sitecontext->id);
}
}
}

/**
* Returns array of all legacy roles.
*/
function get_legacy_roles() {
return array(
'admin' => 'moodle/legacy:admin',
'coursecreator' => 'moodle/legacy:coursecreator',
'editingteacher' => 'moodle/legacy:editingteacher',
'teacher' => 'moodle/legacy:teacher',
'student' => 'moodle/legacy:student',
'guest' => 'moodle/legacy:guest',
'user' => 'moodle/legacy:user'
);
}

/**
* Returns default capabilities for given legacy role type.
*
* @param string legacy role name
* @return array
*/
function get_default_capabilities($legacyrole) {
if (!$allcaps = get_records('capabilities')) {
error('Error: no capabilitites defined!');
}
$alldefs = array();
$defaults = array();
$components = array();
foreach ($allcaps as $cap) {
if (!in_array($cap->component, $components)) {
$components[] = $cap->component;
$alldefs = array_merge($alldefs, load_capability_def($cap->component));
}
}
foreach($alldefs as $name=>$def) {
if (isset($def['legacy'][$legacyrole])) {
$defaults[$name] = $def['legacy'][$legacyrole];
}
}

//some exceptions
$defaults['moodle/legacy:'.$legacyrole] = CAP_ALLOW;
if ($legacyrole == 'admin') {
$defaults['moodle/site:doanything'] = CAP_ALLOW;
}
return $defaults;
}

?>

Perhaps it will help somebody else too.
Average of ratings: Useful (1)
In reply to Julie Pichon

Re: Administrator role damaged - urgent

by Joe Griffin -
And an excellent student also smile

Thanks to Julie things are now back to normal and there is code for those who are using 1.7.1 that also works.

Now to try and discover what I did wrong thoughtful

Perhaps some documentation on what are default values and which changes can result in catastrophe? Just a thought.
Average of ratings: -
In reply to Julie Pichon

Re: Administrator role damaged - urgent

by Filip Giesz -
This is just a friendly warning to someone else who may have seemingly a similar problem and wants to try things script - back up your data FIRST (you'll have to do it manually or through your ISP's UI).

While this script may seem to 'fix' some things, because moodle 1.7 doesn't have too much sanity-checking itself, there is a VERY good possibility that things will go down the crapper soon after you run this script. I ended up with totally unusable system - admin was sometimes an admin and at other times gave just completely blank pages, etc.

The developers' assumption seems to be that everyone is an expert in PHP and mysql - what ever happened to a portal that isolates the teacher from the OS/Internet and lets them do their work? At the very least, I'll wait until my ISP offers 1.8; I've deleted moodle until then.

I hope that my experience slows down some desperate teacher from running this script before doing a backup! Wait a few days for your question to be answered, there is danger in quick-fixes!
Average of ratings: -
In reply to Filip Giesz

Re: Administrator role damaged - urgent

by Helder Raposo -
Julie said:

"The script doesn't work for 1.7 because it uses functions that are defined only in 1.8. So, I downloaded Moodle 1.8 and copy-pasted the missing function and functions it depends on, at the end of Petr script, and it seems to have worked for Joe (I'm one of his students).

<?php
require 'config.php';

$systemcontext = get_context_instance(CONTEXT_SYSTEM);
$adminroleid = create_role('new admin7', 'admin7', 'delete me later', 'moodle/legacy:admin');
reset_role_capabilities($adminroleid);
$user = get_record('user', 'username', 'admin');
role_assign($adminroleid, $user->id, 0, $systemcontext->id);
echo 'done';

/**
* Reset role capabilitites to default according to selected legacy capability.
* If several legacy caps selected, use the first from get_default_capabilities.
* If no legacy selected, removes all capabilities.
*
* @param int @roleid
*/
function reset_role_capabilities($roleid) {
$sitecontext = get_context_instance(CONTEXT_SYSTEM);
$legacyroles = get_legacy_roles();

$defaultcaps = array();
foreach($legacyroles as $ltype=>$lcap) {
$localoverride = get_local_override($roleid, $sitecontext->id, $lcap);
if (!empty($localoverride->permission) and $localoverride->permission == CAP_ALLOW) {
//choose first selected legacy capability
$defaultcaps = get_default_capabilities($ltype);
break;
}
}

delete_records('role_capabilities', 'roleid', $roleid);
if (!empty($defaultcaps)) {
foreach($defaultcaps as $cap=>$permission) {
assign_capability($cap, $permission, $roleid, $sitecontext->id);
}
}
}

/**
* Returns array of all legacy roles.
*/
function get_legacy_roles() {
return array(
'admin' => 'moodle/legacy:admin',
'coursecreator' => 'moodle/legacy:coursecreator',
'editingteacher' => 'moodle/legacy:editingteacher',
'teacher' => 'moodle/legacy:teacher',
'student' => 'moodle/legacy:student',
'guest' => 'moodle/legacy:guest',
'user' => 'moodle/legacy:user'
);
}

/**
* Returns default capabilities for given legacy role type.
*
* @param string legacy role name
* @return array
*/
function get_default_capabilities($legacyrole) {
if (!$allcaps = get_records('capabilities')) {
error('Error: no capabilitites defined!');
}
$alldefs = array();
$defaults = array();
$components = array();
foreach ($allcaps as $cap) {
if (!in_array($cap->component, $components)) {
$components[] = $cap->component;
$alldefs = array_merge($alldefs, load_capability_def($cap->component));
}
}
foreach($alldefs as $name=>$def) {
if (isset($def['legacy'][$legacyrole])) {
$defaults[$name] = $def['legacy'][$legacyrole];
}
}

//some exceptions
$defaults['moodle/legacy:'.$legacyrole] = CAP_ALLOW;
if ($legacyrole == 'admin') {
$defaults['moodle/site:doanything'] = CAP_ALLOW;
}
return $defaults;
}

?>"

Witch files you copy and paste in witch directory

And this lines of php, belong of witch file? In witch directory?
Average of ratings: -