[#MDL-7796] Default permissions for Course Creators are too permissive

Issue Details (XML | Word | Printable)

Key:	MDL-7796
Type:	Bug
Status:	Closed
Resolution:	Fixed
Priority:	Major
Assignee:	Vy-Shane Sin Fat
Reporter:	Matt Gibson
Votes:	8
Watchers:	12

Operations

Add/Edit UI Mockup to this issue

If you were logged in you would be able to see more operations.

Moodle

Default permissions for Course Creators are too permissive

Created: 05/Dec/06 01:05 AM Updated: 31/Dec/07 08:57 PM

Return to search

Component/s:

Authentication, Roles

Affects Version/s:

1.7

Fix Version/s:

1.7.2, 1.8, 1.9

Environment:

Apache, Win2k3, Active directory

Database:	Any
Participants:	Alick Brown, Martin Dougiamas, Matt Gibson, Nicolas Martignoni, Rich T and Vy-Shane Sin Fat
Security Level:	None
QA Assignee:	Nicolas Martignoni
Resolved date:	16/Feb/07
Affected Branches:	MOODLE_17_STABLE
Fixed Branches:	MOODLE_17_STABLE, MOODLE_18_STABLE, MOODLE_19_STABLE

Description

« Hide

The LDAP course creator function no longer functions in a usable way compared to 1.6.3. Course creators now have administrator rights to other people's courses and are not constrained to just the ones they have created. There needs to be a way to re-create the old function using the new roles so that it is possible for a course creator not to have editing rights everywhere. Even being able to edit just within a category is not satisfactory as people can still interfere with each other's work.

I suggest some sort of primary course user feature like there is currently a primary site admin who cannot be removed. The primary course user would be the person who created the course and would be permanently assigned as admin at course level. That way, moodle/course:create can be the only capability a course creator has at site level, but when they create a course, they will have total control and can always be hidden using the upcoming hide assignments in 1.8.

All

Comments

Change History

Version Control

Sort Order:

Vy-Shane Sin Fat committed 21 files to 'Moodle CVS' on branch 'MOODLE_17_STABLE' - 16/Feb/07 05:15 PM

Fix for ~~MDL-7796~~ "Default permissions for Course Creators are too permissive". Changed some permissions from allow to inherit. Changed course deletion checks to allow course creators to delete courses.

MODIFY	mod/lesson/db/access.php	Rev. 1.5.2.2	(+1 -3 lines)
MODIFY	mod/exercise/db/Attic/access.php	Rev. 1.3.2.2	(+0 -1 lines)
MODIFY	mod/assignment/db/access.php	Rev. 1.5.2.2	(+0 -2 lines)
MODIFY	lib/db/access.php	Rev. 1.38.2.7	(+0 -30 lines)
MODIFY	mod/survey/db/access.php	Rev. 1.3.2.2	(+0 -3 lines)
MODIFY	course/category.php	Rev. 1.80.2.5	(+2 -2 lines)
MODIFY	course/lib.php	Rev. 1.446.2.8	(+34 -2 lines)
MODIFY	mod/wiki/db/access.php	Rev. 1.7.2.2	(+1 -3 lines)
MODIFY	mod/quiz/db/access.php	Rev. 1.3.2.2	(+0 -6 lines)
MODIFY	mod/glossary/db/access.php	Rev. 1.7.2.3	(+0 -10 lines)
MODIFY	mod/hotpot/db/access.php	Rev. 1.4.2.2	(+0 -4 lines)
MODIFY	mod/forum/db/access.php	Rev. 1.10.2.3	(+0 -16 lines)
MODIFY	blocks/rss_client/db/access.php	Rev. 1.4.2.2	(+0 -3 lines)
MODIFY	mod/chat/db/access.php	Rev. 1.5.2.2	(+0 -3 lines)
MODIFY	course/edit.php	Rev. 1.92.2.2	(+2 -2 lines)
MODIFY	course/delete.php	Rev. 1.25.2.1	(+4 -2 lines)
MODIFY	mod/forum/lib.php	Rev. 1.489.2.30	(+2 -2 lines)
MODIFY	mod/workshop/db/Attic/access.php	Rev. 1.5.2.2	(+1 -2 lines)
MODIFY	mod/choice/db/access.php	Rev. 1.4.2.2	(+0 -4 lines)
MODIFY	mod/scorm/db/access.php	Rev. 1.7.2.2	(+0 -3 lines)
MODIFY	mod/data/db/access.php	Rev. 1.8.2.4	(+0 -10 lines)

All content on this web site is made available under the GNU General Public License, unless otherwise stated.