Security and privacy

Allow view-only access to user list

 
Picture of Joe Behymer
Allow view-only access to user list
 

I am looking for some help setting up a system role to allow student services staff to view a list of all users and see their last access date without giving them the ability to modify/delete users. 

 

So far, I have created a new role that gives them view access to other user's grades, assignments, etc and have selected "Delete Users" under define system roles. This allows them to view the list of users under Site Administration > Users > Accounts > Browse List of Users.

The drawback of this is that it also enables them to delete user accounts. Does anyone know of a way to allow staff to see usernames and last access time without giving them authority to delete users? 

 
Average of ratings: -
Picture of Emma Richardson
Re: Allow view-only access to user list
Group Documentation writersGroup Particularly helpful Moodlers

Ok, I am a little confused.  You say you gave them permission to delete users but then say you don't want them to have that permission!  Block their access to Delete Users. Just select View Participants instead. That should allow them to see what they need.

 
Average of ratings: -
Picture of Joe Behymer
Re: Allow view-only access to user list
 

This view does not allow them to filter by role. For example, they need to be able to see staff users that have not logged in for a while, or never. 

 
Average of ratings: -
Picture of Petras Purlys
Re: Allow view-only access to user list
 

This still remains a very frustrating problem. Any news perhaps?

 
Average of ratings: -
Picture of Delvon Forrester
Re: Allow view-only access to user list
Group Plugin developers

You need these two capabilities at the sitecontext:

moodle/user:update
moodle/user:delete


If you look at the Browse list of Users screen it always has the icons to update and delete users that is why it is so.

In the code admin/user.php where this is done it clearly askes for these two capabilities or the nopermssion error is returned.

 
Average of ratings: -
Randy Thornton
Re: Allow view-only access to user list
Group Documentation writersGroup Particularly helpful Moodlers

I would go about this in a different way.

I would add Configurable Reports to do this, by adding it to a course set up for just for those support staff users.

I would create the report they need there, available just in that one course, and then in CR give permissions to their role (non-editing teacher or even student) on the Permissions tab.

This skips the entire issue of having to adjust roles capabilities and tinker with Browse list of users.

In addition, it would allow you to add ANY sql report you could build and the support people would be able to see the data without any possibility they could modify anything: it's just reports.

I have done it this way in the past, where I code the reports, and staff use them to see what it going on in the site, without needing to give them any Moodle permissions to Browse list or Site admin reports at all.

You can even do the requested report - user names and last access times - in CR without using any SQL code at it.

 
Average of ratings: -