[MDL-8521] New capability for "safe" overriding - Moodle Tracker

XML

Word

Printable

Details

Type: Improvement
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: 1.7
Fix Version/s: 1.9.3
Component/s: Roles / Access
Labels:
None

Affected Branches:
MOODLE_17_STABLE
Fixed Branches:
MOODLE_19_STABLE

Description

At present only admins can use moodle/role:override by default - the reason is security.

We could create a new capability moodle/role:safeoverride - and enable it for normal teachers, it would allow them to override only those capabilities without RISK_PERSONAL | RISK_XSS | RISK_CONFIG in roles they can assign

we could then move some more module and course settings into roles.

time needed for implementation and testing: cca 1 day

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

safeoverrides16.patch
25 kB
24/Jul/08 12:17 AM

Issue Links

has a non-specific relationship to

MDL-15841 moodle/role:safeoverride should be Not set by default in the Teacher role.

Closed

has been marked as being related by

MDL-15737 skodak's list of bugs - work for tul

Closed

MDL-15805 document safeoverrides in docs wiki

Closed

MDL-7859 Capability definition should include list of contexts where usable

Closed

MDL-8524 Roles administration improvements - META

Closed

Activity

People

Assignee:: Petr Skoda

Reporter:: Petr Skoda

Tester:: Helen Foster

Participants:: Eloy Lafuente (stronk7), Helen Foster, Martin Dougiamas, Petr Skoda

Component watchers:: David Woloszyn, Huong Nguyen, Jake Dallimore, Meirza, Michael Hawkins, Raquel Ortega, Safat Shahin, Stevani Andolo

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 15/Feb/07 3:28 PM

Updated:: 30/Jul/08 1:58 AM

Resolved:: 24/Jul/08 10:06 PM

Fix Release Date:: 15/Oct/08