Rights management: work with Tim to ensure nothing gets through which should not, and nothing that should get through is blocked
Confirm a list of operations which require a certain level of rights. See that these operations are treated according to Moodle guidelines.
- quiz_print_pagecontrols(): //TODO: check user privileges for all the controls
- quiz_simple_question_list(); TODO: check the below for checks etc that may have been missed in the new code of question_tostring
- minor: $hasattempts disables elements in the UI, but checks should be made for it also in command processing, if $hasattempts don't allow changes. Giving feedback to user in case they are trying something that is not possible would be optimal, but since the UI elements are disabled already, it requires "hacking" to try to do so anyway and feedback is less than critical.