Has anyone successfully been able to make an old Moodle site read only? If yes, can you kindly share the steps to take to acheive this .
Thanks in advance.
Has anyone successfully been able to make an old Moodle site read only? If yes, can you kindly share the steps to take to acheive this .
Thanks in advance.
You can't make it completely read-only - that is, you cannot get it to a state where you can change the Database user to only have read-only privilidges - because almost any action in Moodle causes a row to be writted to the mdl_log table.
However, you can get very close just by editing all the role definitions to remove any capability that updates things from all the roles.
Limiting your roles is probably the best way to do this. Strip down Student and Teacher, and any other roles you actually use.
If you work for a large college, it might be worth disabling people's logins or posting a notice on Site News linking to the new site. When my college merged, we moved three Moodle 1.9 sites and a Blackboard into one Moodle 2.1 site.
The problem was, we left the old sites running for a while. We discovered that some staff had kept using the old sites, since that's what they knew and they hadn't attended our well-advertised training sessions.
They'd given out their 'teacher' password to students, so they could access their courses on the old system.
Thank you for that. I'll give it a go. Apologies for delay in getting back to you.
We actually do this at the university I work for at the end of each semester. All I do is copy the Moodle instance (moodledata, database, and htdocs) to a new server (and new database) and make the appropriate changes in Moodle so it knows it is on a new host. Then I make it so the web server only has read access to the moodledata dir. After that I create a new database user and give it only select on the copy of the Moodle database. There is one line of code that I comment out so that emails are not sent every time it tries (and fails) to write to the mdl_log table. Just comment out line 1951 (the call of mail()) in /lib/datalib.php.
That being said, we have actually changed the process this semester to allow mdl_log to be written to when needed (just gave the user insert and select on mdl_log). Also, we are running 1.9.13 (probably should have said that at the beginning). I hope this helps!
Have you used this approach successfully with 2.x at all?
Cheers
Yes, but we had to modify it just a little. Instead of commenting out a line in /lib/datalib.php I just added "$CFG->noemailever = true;" to the config.php and I had to grant a few more inserts and updates to some of the tables. I have done this on 2.2 and 2.4 and it is working fine.
Hi Chris,
Possible for you to share the tables that you granted insert and update permissions to ?
Regards,
Hittesh
mdl_log
mdl_logstore_standard_log
mdl_log_queries
mdl_log_display
mdl_mnet_log
mdl_profiling
mdl_sessions
mdl_user_lastaccess
mdl_user
These enabled me to log in and view content - not sure they are all needed
Every year, with the end of the academic period, I make a clone of the main moodle site and I keep it in read-only mode as a kind of historical archive containing a snapshot of the former year. This is what I do to make Moodle 2.7 read only. It's not very well tested, so do it under your own responsibility:
To do that, you can use mysqldump utility:
mysqldump moodle27_db | gzip -c > moodle27_db.sql.gz
In case you need to restore it later, you can do the following:
gunzip -c moodle27_db.sql.gz | mysql moodle27_db
Additionally, it could be interesting to backup moodledata directory.
With the following changes in the Moodle database, students will only be able to view things inside courses, but they won't be able to view their own submissions or answers to questionnaires. Additionally, we will prevent users from editing their own profile and changing their passwords, if we consider that it is necessary.
You can check students capabilities before doing any changes:
SELECT * FROM mdl_role_capabilities WHERE roleid = 5;
To downgrade student role capabilities:
UPDATE mdl_role_capabilities
SET permission = -1000
WHERE roleid = 5 AND capability IN (
'enrol/self:unenrolself',
'mod/assign:view',
'mod/assignment:view',
'mod/quiz:reviewmyattempts',
'mod/chat:chat',
'mod/data:viewentry',
'mod/feedback:view',
'mod/chat:chat',
'mod/data:viewentry',
'mod/feedback:view',
'mod/forum:viewdiscussion',
'mod/glossary:view',
'mod/wiki:viewpage',
'mod/wiki:viewcomment',
'mod/workshop:view',
'moodle/blog:view',
'moodle/comment:view');
UPDATE mdl_role_capabilities
SET permission = -1000
WHERE roleid = 7 AND capability = 'moodle/user:editownprofile';
UPDATE mdl_role_capabilities
SET permission = -1000
WHERE roleid = 7 AND capability = 'moodle/user:changeownpassword';
The following will allow teachers to view everithing, including students submissions or answers to questionnaires, while preventing them from changing courses or grades.
UPDATE mdl_role_assignments
SET roleid = 4
WHERE roleid = 3;
UPDATE mdl_role_capabilities
SET permission = -1000
WHERE roleid = 4 AND capability NOT LIKE "%view%";
I don't think this is necessary but, for additional protection, you can change moodledata permissions if you want:
cd /var/moodledata/
chmod 550 filedir
cd filedir
find -type f -exec chmod 440 {} \;
find -type d -exec chmod 550 {} \;