[MDL-68455] Avoiding the "Critical" status on "Security check" for "Default role for all users". - Moodle Tracker

XML

Word

Printable

Details

Type: Bug
Status: Open
Priority: Major
Resolution: Unresolved
Affects Version/s: 3.8.2, 3.9
Fix Version/s: None
Component/s: Administration
Labels:
None

Affected Branches:
MOODLE_38_STABLE, MOODLE_39_STABLE
Pull from Repository:
https://github.com/mitstek/moodle
Pull 3.5 Branch:
MDL-68455
Pull 3.5 Diff URL:
https://github.com/moodle/moodle/compare/master...mitstek:MDL-68455

Description

To avoid "Critical (The default user role "Authenticated user" is incorrectly defined!)" status on "Security check" for "Default role for all users", it's better for us to change the 'riskbitmask' for 'tool/dataprivacy:requestdelete' as below (RISK_DATALOSS -> RISK_PERSONAL).

File to change:
admin/tool/dataprivacy/db/access.php

Line:
91

[Before]
// Capability for users to create delete data request for their own.
'tool/dataprivacy:requestdelete' => [
'riskbitmask' => RISK_DATALOSS,
'captype' => 'write',
'contextlevel' => CONTEXT_USER,
'archetypes' => [
'user' => CAP_ALLOW
]
]

[After]
// Capability for users to create delete data request for their own.
'tool/dataprivacy:requestdelete' => [
'riskbitmask' => RISK_PERSONAL,
'captype' => 'write',
'contextlevel' => CONTEXT_USER,
'archetypes' => [
'user' => CAP_ALLOW
]
]

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Mitsuhiro Yoshida

Participants:: Mitsuhiro Yoshida

Component watchers:: Andrew Nicols, Jun Pataleta, Michael Hawkins, Shamim Rezaie, Simey Lameze

Votes:: 1 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 18/Apr/20 9:36 AM

Updated:: 18/Apr/20 9:57 AM