Moodle

two roles on hidden course prevents access

Details

  • Type: Bug Bug
  • Status: Closed Closed
  • Priority: Major Major
  • Resolution: Fixed
  • Affects Version/s: 1.9.5
  • Fix Version/s: 2.0
  • Component/s: Enrolments
  • Labels:
    None
  • Affected Branches:
    MOODLE_19_STABLE
  • Fixed Branches:
    MOODLE_20_STABLE

Description

If I have two roles on a moodle course - one which does allow view of hidden courses and one which doesn't the latter overrides the former and prevents access to site. I am returned notice:

This course is currently unavailable to students

Issue Links

This issue has been marked as being related by:
MDL-10664 Teachers can't respond on hidden forums Major Closed

Activity

Ascending order - Click to sort in descending order
Hide
Permalink
Sam Hemelryk added a comment -

Hi Paolo,

I've just attempted to replicate this on 1.9.5 (from CVS) and was unable to.

I created a course, hid it, and then assigned three users to the following roles within the course as follows:

User 1: Teacher
User 2: Teacher and Student
User 3: Student

Users 1 and 2 could then access the course, and user 3 could not.

Did you go through a similar process or is there something else that I need to do in order to replicate this problem?

Cheers
Sam

Show
Sam Hemelryk added a comment - Hi Paolo, I've just attempted to replicate this on 1.9.5 (from CVS) and was unable to. I created a course, hid it, and then assigned three users to the following roles within the course as follows: User 1: Teacher User 2: Teacher and Student User 3: Student Users 1 and 2 could then access the course, and user 3 could not. Did you go through a similar process or is there something else that I need to do in order to replicate this problem? Cheers Sam
Hide
Permalink
Helen Foster added a comment -

Hi Paolo,

Just wondering which contexts the two roles were assigned in - are they both assigned in the course context?

PS Discussion about this issue: http://moodle.org/mod/forum/discuss.php?d=132517

Show
Helen Foster added a comment - Hi Paolo, Just wondering which contexts the two roles were assigned in - are they both assigned in the course context? PS Discussion about this issue: http://moodle.org/mod/forum/discuss.php?d=132517
Hide
Permalink
Paolo Oprandi added a comment -

Hi Sam,
Thanks for trying this. Yes I have done something similar, but using Guest instead of Student. In selected instances only user 1 got access. I haven't worked the different conditions are yet.
Hi Helen,
Yes, at course level.
Paolo

Show
Paolo Oprandi added a comment - Hi Sam, Thanks for trying this. Yes I have done something similar, but using Guest instead of Student. In selected instances only user 1 got access. I haven't worked the different conditions are yet. Hi Helen, Yes, at course level. Paolo
Hide
Permalink
Paolo Oprandi added a comment -

Actually its not selected instances its all instances. Sam, could you try the same thing with Guest access

User 1: Teacher
User 2: Teacher and Guest
User 3: Guest

Thanks,
Paolo

Show
Paolo Oprandi added a comment - Actually its not selected instances its all instances. Sam, could you try the same thing with Guest access User 1: Teacher User 2: Teacher and Guest User 3: Guest Thanks, Paolo
Hide
Permalink
Paolo Oprandi added a comment -

I notice now it is my use of the Guest role that is causing the problem.

To explain, some departments have requested access to all Moodle courses in their department. In order to do this I decided to give these "auditors" the Guest role. As a result, sometimes Editing Teachers manually add other users to new roles such as Teacher without removing them from the Guest role, inadvertently creating a user with two roles in the course context.

However, it seems if a user has both a Guest and a Tutor role they are not able to enter the course. Instead they are returned the error message:

This course site is currently unavailable to students

Please note if the user had a Student and a Tutor role they could have entered the site with the correct permissions.

For more information follow Helen's link to the discussion.

Thanks,
Paolo

Show
Paolo Oprandi added a comment - I notice now it is my use of the Guest role that is causing the problem. To explain, some departments have requested access to all Moodle courses in their department. In order to do this I decided to give these "auditors" the Guest role. As a result, sometimes Editing Teachers manually add other users to new roles such as Teacher without removing them from the Guest role, inadvertently creating a user with two roles in the course context. However, it seems if a user has both a Guest and a Tutor role they are not able to enter the course. Instead they are returned the error message: This course site is currently unavailable to students Please note if the user had a Student and a Tutor role they could have entered the site with the correct permissions. For more information follow Helen's link to the discussion. Thanks, Paolo
Hide
Permalink
David Mudrak added a comment -

Assigning this to Petr, I am pretty sure he has something to add here

Show
David Mudrak added a comment - Assigning this to Petr, I am pretty sure he has something to add here
Hide
Permalink
David Mudrak added a comment -

Paolo, as far as I know, this is unfortunately expected behaviour. If you have two roles in the course and one of them prevents you from something while the other allows you to do it, you can't do it. There is a long ongoing discussion among core developers on whether such behaviour is natural or not. Common access right control systems usually expect that once at least one your role gives you some permission, you should be able to do it. Or, in your case, the Guest role should not have a chance of influencing the other (Teacher) role. Unless you use prohibit, of course.

Show
David Mudrak added a comment - Paolo, as far as I know, this is unfortunately expected behaviour. If you have two roles in the course and one of them prevents you from something while the other allows you to do it, you can't do it. There is a long ongoing discussion among core developers on whether such behaviour is natural or not. Common access right control systems usually expect that once at least one your role gives you some permission, you should be able to do it. Or, in your case, the Guest role should not have a chance of influencing the other (Teacher) role. Unless you use prohibit, of course.
Hide
Permalink
Petr Škoda (skodak) added a comment -

Yes, this is a known "feature" in 1.9.x - we are discussing possibilities to change this in 2.0dev because it is confusing for many people including myself

At present I would strongly discourage admins from using PREVENT in any role like Guest, registered user or frontpage user.

Show
Petr Škoda (skodak) added a comment - Yes, this is a known "feature" in 1.9.x - we are discussing possibilities to change this in 2.0dev because it is confusing for many people including myself At present I would strongly discourage admins from using PREVENT in any role like Guest, registered user or frontpage user.
Hide
Permalink
Petr Škoda (skodak) added a comment -

This should be finally solved in 2.0dev, the changes were fundamental, it is not possible to backport the solution to previous versions.

Thank you for the report.

Petr Skoda

Show
Petr Škoda (skodak) added a comment - This should be finally solved in 2.0dev, the changes were fundamental, it is not possible to backport the solution to previous versions. Thank you for the report. Petr Skoda

People

Vote (0)
Watch (2)

Dates

  • Created:
    Updated:
    Resolved:
Atlassian JIRA (v4.4.5#665-sha1:422aead) | Report a problem
Powered by a free Atlassian JIRA open source license for Moodle. Try JIRA - bug tracking software for your team.