Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-68455

Avoiding the "Critical" status on "Security check" for "Default role for all users".

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 3.8.2, 3.9
    • Fix Version/s: None
    • Component/s: Administration
    • Labels:
      None

      Description

      To avoid "Critical (The default user role "Authenticated user" is incorrectly defined!)" status on "Security check" for "Default role for all users", it's better for us to change the 'riskbitmask' for 'tool/dataprivacy:requestdelete' as below (RISK_DATALOSS -> RISK_PERSONAL).

      File to change:
      admin/tool/dataprivacy/db/access.php

      Line:
      91

      [Before]
      // Capability for users to create delete data request for their own.
      'tool/dataprivacy:requestdelete' => [
      'riskbitmask' => RISK_DATALOSS,
      'captype' => 'write',
      'contextlevel' => CONTEXT_USER,
      'archetypes' => [
      'user' => CAP_ALLOW
      ]
      ]

      [After]
      // Capability for users to create delete data request for their own.
      'tool/dataprivacy:requestdelete' => [
      'riskbitmask' => RISK_PERSONAL,
      'captype' => 'write',
      'contextlevel' => CONTEXT_USER,
      'archetypes' => [
      'user' => CAP_ALLOW
      ]
      ]

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            mits Mitsuhiro Yoshida
            Participants:
            Component watchers:
            Andrew Nicols, Jun Pataleta, Michael Hawkins, Shamim Rezaie, Simey Lameze
            Votes:
            1 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated: