Restricting access to courses is completed via the course not the user. You should ensure courses have enrolment keys to prevent unauthorised access, alternatively you can remove the 'All courses' link and use hidden course categories to prevent users browsing through the site.
Probably not what you were hoping to hear but I hope this helps
Why hide?? just use a different access-key for every course and give the user only that key.
(If you fear that studenst exchange keys: change the keys every week... every day... every ) You can do this with a script:
- change the keys at random
- generate a list of the new keys
- send by email the enroll-key for this week.. this day..
We have the rule that every course should have a key, otherwise the admin puts a key on it. Now and then we run a check script
I put it in the /admin/report/newkey/index.php section, something like:
require_capability('moodle/site:viewreports', get_context_instance(CONTEXT_SYSTEM, SITEID));
srand ((double) microtime*1000000);
$random_number = rand;
$result4 = mysql_query("UPDATE mdl_course SET password="$random_number." where id>1 and password='' ");
mtrace ("Ok new key... (".$result4.") ");
// not complete for you: all courses in one run get the same key, for us ok
// mcrotime and rand brackets look now like an Easter egg, done by this funny WYSIWYG editor???
We use a more complex version of this script for creating zones(categories) with (parent)guest-access and other closed zones..
We upload our users in bulk. So, we set "Course enrollable" to No, and that prevents strangers from wandering into classrooms where they don't belong. It won't stop them from seeing links to classrooms, but, hey, all the doors but one are locked.
With courses unenrollable, you simply go into the student teacher's classroom and add the prof manually.