Moodle in English: Why is it possible to allow actions for sub-roles, even if one didn't has the permission himself?

Forums
Documentation
Downloads
Demo
Tracker
Development
Translation
Search

Search
Moodle Sites

Moodle.org

Home

Why is it possible to allow actions for sub-roles, even if one didn't has the permission himself?

◄ Service field is empty while creating a Token
Need help on student's assignment become searchable on google scholars ►

This discussion has been locked so you can no longer reply to it.

Re: Why is it possible to allow actions for sub-roles, even if one didn't has the permission himself?

by Tim Hunt - Friday, 20 December 2013, 3:23 AM

Note that, if a use has one role which PROHIBIT's a capability, that that user can never have that capability themselves.

An example of why you need to be able to assign a role that has a capability you don't have:

Student has mod/quiz:attempt.
Teacher does not have mod/quiz:attempt (but does have mod/quiz:preview).
Teacher needs to be able to assign Student.

There is control of which roles can assign which other roles built into the roles system. When you go to the define roles page, look at the tabs across the top.

Average of ratings: Useful (1)

◄ Service field is empty while creating a Token
Need help on student's assignment become searchable on google scholars ►

Security and privacy

Why is it possible to allow actions for sub-roles, even if one didn't has the permission himself?

Re: Why is it possible to allow actions for sub-roles, even if one didn't has the permission himself?

Empowering educators to improve our world

Moodle

Support

Get Involved

Contributions

Downloads

Tracker

Development

Empowering educators to improve our world