Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-34270

Block restrictions - addinstance

XMLWordPrintable

    • Icon: New Feature New Feature
    • Resolution: Fixed
    • Icon: Minor Minor
    • 2.4
    • 2.3.1
    • Blocks
    • MOODLE_23_STABLE
    • MOODLE_24_STABLE
    • MDL-34270_master
    • Hide
      1. Create a 2.3 Moodle site.
      2. Create a new role called 'Manage blocks role ALL' with no archetype.
      3. Grant the following capabilities 'moodle/my:manageblocks' and 'moodle/site:manageblocks'.
      4. Create another role called 'Manage blocks role MY' with no archetype.
      5. Grant the capability 'moodle/my:manageblocks'.
      6. Create another role called 'Manage blocks role SITE' with no archetype.
      7. Grant the capability 'moodle/site:manageblocks'.
      8. Upgrade to the latest integration master branch.
      9. Check that 'Manage blocks role ALL' has allow for the myaddinstance and addinstance capability for each block.
      10. Check that 'Manage blocks role MY' has allow for only the myaddinstance capability for each block.
      11. Check that 'Manage blocks role SITE' has allow for only the addinstance capability for each block.
      12. Log in as a student.
      13. Visit the My Moodle page.
      14. Check that you can add/remove blocks.
      15. Remove some blocks, but not all.
      16. Log in as an administrator on separate browser.
      17. Go to Users -> Permissions -> Define roles and select authenticated users.
      18. Disallow the user to add the blocks you deleted as the student by unselecting allow for the myaddinstance capability, eg. block/<blockname>:myaddinstance.
      19. Go back to the user's My Moodle page and confirm you can not add these blocks.
      20. Visit a course as this student and ensure they can not add a block.
      21. As the administrator visit Users -> Permissions -> Define roles and select authenticated users.
      22. Allow the user to add some blocks by selecting allow for the addinstance capability (note. different than myaddinstance), eg. block/<blockname>:addinstance.
      23. Allow the user to 'Edit a block's settings' (moodle/block:edit) and 'Manage blocks on a page' (moodle/site:manageblocks).
      24. Go back to the user and visit that course.
      25. Check that you can add blocks to the course, but only those you specified.

      Note, if you remove the myaddinstance capability for a block currently on the users page, then they will not be able to remove it. This seems unavoidable without creating a dirty hack.

      Show
      Create a 2.3 Moodle site. Create a new role called 'Manage blocks role ALL' with no archetype. Grant the following capabilities 'moodle/my:manageblocks' and 'moodle/site:manageblocks'. Create another role called 'Manage blocks role MY' with no archetype. Grant the capability 'moodle/my:manageblocks'. Create another role called 'Manage blocks role SITE' with no archetype. Grant the capability 'moodle/site:manageblocks'. Upgrade to the latest integration master branch. Check that 'Manage blocks role ALL' has allow for the myaddinstance and addinstance capability for each block. Check that 'Manage blocks role MY' has allow for only the myaddinstance capability for each block. Check that 'Manage blocks role SITE' has allow for only the addinstance capability for each block. Log in as a student. Visit the My Moodle page. Check that you can add/remove blocks. Remove some blocks, but not all. Log in as an administrator on separate browser. Go to Users -> Permissions -> Define roles and select authenticated users. Disallow the user to add the blocks you deleted as the student by unselecting allow for the myaddinstance capability, eg. block/<blockname>:myaddinstance. Go back to the user's My Moodle page and confirm you can not add these blocks. Visit a course as this student and ensure they can not add a block. As the administrator visit Users -> Permissions -> Define roles and select authenticated users. Allow the user to add some blocks by selecting allow for the addinstance capability (note. different than myaddinstance), eg. block/<blockname>:addinstance. Allow the user to 'Edit a block's settings' (moodle/block:edit) and 'Manage blocks on a page' (moodle/site:manageblocks). Go back to the user and visit that course. Check that you can add blocks to the course, but only those you specified. Note, if you remove the myaddinstance capability for a block currently on the users page, then they will not be able to remove it. This seems unavoidable without creating a dirty hack.

      We love the possibilities created in MDL-19125 with mod/foo:addinstance - think it's required in blocks too though!

      When releasing new integrations, or new blocks, it's often handy to give access only to a pilot group of people and a block/foo:addinstance capability would fit perfectly there.

            markn Mark Nelson
            dobedobedoh Andrew Lyons
            Adrian Greeve Adrian Greeve
            Dan Poltawski Dan Poltawski
            Ankit Agarwal Ankit Agarwal
            Votes:
            4 Vote for this issue
            Watchers:
            10 Start watching this issue

              Created:
              Updated:
              Resolved:

                Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.