Details
-
Type:
Bug
-
Status:
Open
-
Priority:
Minor
-
Resolution: Unresolved
-
Affects Version/s: 1.8.7, 1.9.3
-
Fix Version/s: STABLE backlog
-
Component/s: Database activity module
-
Labels:
-
Affected Branches:MOODLE_18_STABLE, MOODLE_19_STABLE
Description
mod/data:writeentries capability
It seems that this permission controls only creation (writing new records), although the name could imply also editing (writing to existing records).
mod/data:manageentries capability
It is not clear what actual capabilites are included here. I am guessing Edit and Delete. Manage is vague as a word, and the docs say nothing more concrete. There is a whole range of "manage" permissions.
For example, with those capabilities, it is not possible to produce a database where records may be added and deleted only by teachers or administrators but can be edited by all students since manageentries is a combination of permissions.
It be useful to rename the ambigous permissions and have more atomic capabilities. For example, instead of writeentries and manageentries:
mod/data:createentries
mod/data:editownentries
mod/data:editanyentry
mod/data:deleteownentries
mod/data:deleteanyentry
Issue Links
| This issue will be resolved by: | ||||
| MDL-17271 | review plugin capabilities in terms of naming and what they control, provide guidelines for plugin writers |
|
|
|
| This issue has a non-specific relationship to: | ||||
| MDL-11511 | Write entries mod/data:writeentry <-- should not treat adding, editing and deleting all together |
|
|
|
| This issue has been marked as being related by: | ||||
| MDL-17223 | Fields of database instancees with restricted aceess |
|
|
|
I think we should be more or less consistent across those type of permissions, not only in database module but in cousins like forum, glossary... Perhaps this could be a good moment for a review.
Assigning to Martin Dougiamas for his consideration and addressing this initially for 2.0 (I think we cannot change this in stable releases).
Ciao