/
Moodle

Moodle

Moodle: Roles and Permissions

Role hierarchy

Moodle employs a hierarchical structure for roles, which determines how permissions are inherited. This hierarchy is structured as follows:

  • System Level (no parent): The highest level in the hierarchy. 

  • Font Page (parent = system): The Moodle site's main page.

  • Course Category (parent = parent category or system): Categories used to organize courses.

  • Course (parent = category or system): Individual courses within categories.

  • Module (parent = course or system): Activities and resources within courses.

  • Block (parent = course or system): Blocks that provide additional functionality

  • User (parent = system): Individual user accounts.

 

Roles can be inherited down this hierarchy. If a user has a specific role in a higher context, they automatically inherit the same role and its associated permissions in all lower contexts. For instance, if a user is assigned the Teacher role in a course category, they will automatically have the Teacher role in all courses within that category.

To handle exceptions or specific scenarios, Moodle offers an override feature to modify permissions at lower levels.

Default Roles

Moodle provides a set of standard roles to manage users and their capabilities:

  • Manager: The most powerful role with full control over the Moodle site. They have access to all settings, features, and user data.

  • Course Creator: Can create courses but may have limited management capabilities within those courses.

  • Teacher (editing): Responsible for managing and adding content to their assigned courses. They can create and grade activities, moderate discussions, and interact with students.

  • Teacher (non-editing): Can interact with students and grade their work, but cannot edit or add content to courses.

  • Student: Primary participants in courses who access learning materials, submit assignments, and engage in course activities.

  • Guest: Can view limited course content without needing to log in.

  • Authenticated User: The basic role assigned to all logged-in users.

  • Authenticated User on Frontpage: This role applies only to logged-in users while they are on the Moodle site's main page.

 

Role Customization

Moodle enables the creation of custom roles to tailor user permissions to specific needs. Custom roles can be created by duplicating an existing role and then modifying its permissions. Users can select the context of the role they are creating.

Permission Management

Moodle utilizes a system of capabilities to define specific actions a user can perform within different contexts. These capabilities control a wide range of actions, from basic tasks like viewing content to administrative functions like managing courses.

Capabilities can be managed at different levels:

  • System Level: These capabilities affect the entire Moodle site.

  • Course Level: These capabilities apply to a specific course.

  • Activity Level: These capabilities control actions within a particular activity or resource, like a forum or quiz.

 

Moodle allows for overriding inherited permissions to fine-tune user access in specific situations. This can be done through the "Override permissions" settings found in various administration areas.

Moodle offers four permission override settings:

  • Inherit: The role inherits the permissions from a higher context.

  • Allow: The role is explicitly granted permission.

  • Prevent: The permission is specifically denied for this role, even if it is allowed in a higher context.

  • Prohibit: The permission is completely blocked for this role, and this cannot be overridden in any lower context.

 

Permissions set at a lower context generally override those from a higher context. For example, if a user is prevented from posting in a specific forum, that override will take precedence over their general permission to post in forums at the course level. However, the "Prohibit" setting is absolute and cannot be overridden by lower-level settings.

Check Permissions:

Teachers can verify permissions within their courses through the "Check permissions" feature, accessible in Course Administration> Users > Permissions or directly within an activity's settings. Administrators can check system-wide permissions through Site administration > Users > Permissions > Check system permissions.

 

Source Material

Index

https://docs.moodle.org/405/en/Roles_and_permissions  

 

Permissions

https://docs.moodle.org/405/en/Permissions  

https://docs.moodle.org/405/en/Override_permissions

 

Roles 

https://docs.moodle.org/405/en/Using_roles  

 

Role Management:

https://docs.moodle.org/405/en/Managing_roles  

 

Standard Roles

https://docs.moodle.org/405/en/Standard_roles  

 

Custom roles

https://docs.moodle.org/405/en/Creating_custom_roles