Original description:

It would be useful to be able to restrict the file types that can be uploaded to a File or Folder activity. In particular we would like to be able to make it so that .exe files can only be uploaded by an administrator.

Expanded description:

STEPS:

1. Log in to a Moodle site as an Editing Teacher.
2. Navigate to a course on which your Editing Teacher has permission to add new activities/resources
3. Click the Turn editing on button
4. Click Add an activity or resource
5. Select the File resource and click Add
6. Enter a resource name in the required Name field
7. Upload or drag-and-drop a Windows executable file (with extension .exe) to the file area
8. Click Save and return to course

WHAT ACTUALLY HAPPENS:

The executable file is successfully uploaded to Moodle and can then be downloaded by anyone with access to the course page onto which it has been uploaded. The same applies to Folder resources containing Windows executable .exe files.

REQUESTED ENHANCEMENT:

A new setting and a new permission should be created. The setting should contain a blacklist of file extensions, and the permission, which should be assigned by default to any class of user lower than Administrator, should define who it should be enforced against. This permission should apply specifically to the File and Folder resource types. The setting can be empty by default (so that no file extensions are blacklisted and the default behaviour would not change from what is currently extant), but adding .exe to this blacklist would then result in some kind of error if a user below Administrator level attempted to create a File or Folder resource containing a Windows executable file.

REASONING:

Administrators are typically much better positioned than other staff members to understand the issues surrounding licensing of executable software applications, both in general and in the context of what licenses their organisation holds.