Hi all,
this is a spin-off of https://tracker.moodle.org/browse/MDL-50666 to start a discussion about creating the possibility to hide the existence of roles from users.
I'd like to start with a real-world example:
We have a role which can be applied at system level and which gives teachers the moodle/user:ignoreuserquota capability. And we have other system roles like that for giving support staff the necessary rights in all courses. Nobody at course level should know that a user has such a role at system level.
However, the fact that these role exists and a user has one of them is leaked (at least) on /enrol/otherusers.php?id=<COURSE-ID> and on /enrol/users.php?id=<COURSE-ID> in the role filter and in the enrolments table.
On the first page, I can prevent the leakage by withdrawing moodle/course:reviewotherusers from all users, the leakage on the second page can't be prevented at the moment.
I hesitate to accept the status quo and thought about a solution for the problem.
I think we could build a quick solution and populate the filter and the enrolled user list on /enrol/users.php?id=<COURSE-ID> only with the roles which can be applied at course level together with the roles which are applied at upper levels if the user has the moodle/course:reviewotherusers capability. This might be feasible and hopefully not too performance hungry.
But thinking more about that, I came to the conclusion that this quick solution is no perfect solution. It would only solve the symptoms on one page, but not the underlying problem that there are roles in the system which only admins should know that they exist, but which might be leaked somewhere sometime.
How do you think about adding a new option "hide this role within the system" on /admin/roles/define.php?action=edit&roleid=<ROLE-ID>, introduce a new capability "can view hidden roles" and patch all role-fetching API functions to respect this new option and capability? Would this be a sufficient solution and would it, if we created a pull request, accepted for Moodle core?
As I said before, I hesitate to accept the status quo, therefore I am looking forward for your feedback.
Thanks,
Alex