Uploaded image for project: 'Moodle'
  1. Moodle
  2. MDL-19125

New addinstance capabilities for activity modules to replace the old complicated course restricted modules

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Minor Minor
    • 2.3
    • 2.0, 2.2
    • Course
    • MOODLE_20_STABLE, MOODLE_22_STABLE
    • MOODLE_23_STABLE
    • MDL-19125_module_security
    • Hide

      We are mostly testing the new functionality in 2.3, but part of that is testing that data is upgraded and restored properly from 2.2.

      1. With default settings, go to any course and ensure you can add any type of activity.

      2. Change the role definition for the Teacher role, to remove mod/chat:addinstance, and make sure you cannot add a Chat in any course when logged in as a Teacher.

      3. Using a Moodle 2.2 site, turn on the Module security feature, and set it to restrict modules for all courses, with a default list. (Using the old http://docs.moodle.org/22/en/Managing_activities#Module_security feature)

      4. Go into a course in this site, go to the course settings, make sure module security is turned on there, and that the list of allowed modules is right, then Save the form.

      5. Backup this course, and restore it into your Moodle 2.3 dev install. Verify that role overrides are created to prevent Teachers from adding the disallowed modules.

      6. As for steps 4. and 5. but set things up on, and backup and restore from, a Moodle 1.9 site.

      7. Upgrade the Moodle 2.2 site that you used in steps 4. and 5. to the latest master. Verify that the correct role overrides are created; and that the old course_allowed_modules table, and course.retrictmodules column and restrictmodulesfor, restrictbydefault and defaultallowedmodules config settings are dropped.)

      8. Test a fresh install just to be sure

      Show
      We are mostly testing the new functionality in 2.3, but part of that is testing that data is upgraded and restored properly from 2.2. 1. With default settings, go to any course and ensure you can add any type of activity. 2. Change the role definition for the Teacher role, to remove mod/chat:addinstance, and make sure you cannot add a Chat in any course when logged in as a Teacher. 3. Using a Moodle 2.2 site, turn on the Module security feature, and set it to restrict modules for all courses, with a default list. (Using the old http://docs.moodle.org/22/en/Managing_activities#Module_security feature) 4. Go into a course in this site, go to the course settings, make sure module security is turned on there, and that the list of allowed modules is right, then Save the form. 5. Backup this course, and restore it into your Moodle 2.3 dev install. Verify that role overrides are created to prevent Teachers from adding the disallowed modules. 6. As for steps 4. and 5. but set things up on, and backup and restore from, a Moodle 1.9 site. 7. Upgrade the Moodle 2.2 site that you used in steps 4. and 5. to the latest master. Verify that the correct role overrides are created; and that the old course_allowed_modules table, and course.retrictmodules column and restrictmodulesfor, restrictbydefault and defaultallowedmodules config settings are dropped.) 8. Test a fresh install just to be sure

      Currently the way this works is:

      • Enforce settings (as defaults) for newly created courses.
      • Per course, use a whitelist to determine which modules can be added.

      This is kind of useless, as an empty whitelist is ambiguous. It could either mean "use the site default", or it could mean "i don't want to allow anything at all".

      One way to get around this is a new setting (maybe course.restrictedmodules) which indicates that the course has overridden the site default.

      Another way is to add a capability to each module 'canaddtocourse' or similar, and override it for a role at a course context. I think the latter is probably more correct in a 'moodle sense' but has the following drawbacks:

      1. Third party module authors must implement this capability, for their module to implement this setting (stupid)
      2. Eh, roles are complicated enough as it is, and Howard will kill me if we must override things further.

      The former is probably simpler (and easier to implement) but means adding yet another field to course. Do courses have extra settings? Maybe we could have a course_preferences table or something.

        1. Possible admin interface.bmml
          5 kB
        2. Possible course settings UI.bmml
          5 kB
        3. Possible course settings UI.bmml
          5 kB
        4. sam proposed - course settings UI.bmml
          3 kB
        5. sam proposed - course settings UI.png
          sam proposed - course settings UI.png
          23 kB
        6. Possible admin interface.bmml
          9 kB
        7. Possible admin interface.png
          Possible admin interface.png
          57 kB
        8. Possible course settings UI.bmml
          3 kB
        9. Possible course settings UI.png
          Possible course settings UI.png
          16 kB
        10. Alter roles by capability.bmml
          2 kB
        11. Alter roles by capability.png
          Alter roles by capability.png
          15 kB
        12. Alter roles by capability 2.bmml
          2 kB
        13. Alter roles by capability 2.bmml
          7 kB
        14. Alter roles by capability 2.bmml
          7 kB
        15. Alter roles by capability 2.png
          Alter roles by capability 2.png
          36 kB

            timhunt Tim Hunt
            mjollnir Penny Leach (Inactive)
            Dan Poltawski Dan Poltawski
            Sam Hemelryk Sam Hemelryk
            Rossiani Wijaya Rossiani Wijaya
            Votes:
            6 Vote for this issue
            Watchers:
            10 Start watching this issue

              Created:
              Updated:
              Resolved:

                Error rendering 'clockify-timesheets-time-tracking-reports:timer-sidebar'. Please contact your Jira administrators.