mirror_php/moodle
1
0
Fork 0
mirror of https://github.com/moodle/moodle.git synced 2025-02-21 01:48:45 +01:00
Code Issues Projects Releases Wiki Activity
moodle/mod/quiz/db/access.php
Tim Hunt 5ffd1421a5 manual grading: MDL-20581 Fix potential XSS problem. 
Thanks to Penny for spotting this.
Merged from MOODLE_19_STABLE.
2009-11-19 17:31:41 +00:00

136 lines
3.9 KiB
PHP
Raw Blame History

<?php
/**
* Capability definitions for the quiz module.
*
* For naming conventions, see lib/db/access.php.
*/
$capabilities = array(
// Ability to see that the quiz exists, and the basic information
// about it, for example the start date and time limit.
'mod/quiz:view' => array(
'captype' => 'read',
'contextlevel' => CONTEXT_MODULE,
'legacy' => array(
'guest' => CAP_ALLOW,
'student' => CAP_ALLOW,
'teacher' => CAP_ALLOW,
'editingteacher' => CAP_ALLOW,
'admin' => CAP_ALLOW
)
),
// Ability to do the quiz as a 'student'.
'mod/quiz:attempt' => array(
'riskbitmask' => RISK_SPAM,
'captype' => 'write',
'contextlevel' => CONTEXT_MODULE,
'legacy' => array(
'student' => CAP_ALLOW
)
),
// Ability for a 'Student' to review their previous attempts. Review by
// 'Teachers' is controlled by mod/quiz:viewreports.
'mod/quiz:reviewmyattempts' => array(
'captype' => 'read',
'contextlevel' => CONTEXT_MODULE,
'legacy' => array(
'student' => CAP_ALLOW
),
'clonepermissionsfrom' => 'moodle/quiz:attempt'
),
// Edit the quiz settings, add and remove questions.
'mod/quiz:manage' => array(
'riskbitmask' => RISK_SPAM,
'captype' => 'write',
'contextlevel' => CONTEXT_MODULE,
'legacy' => array(
'editingteacher' => CAP_ALLOW,
'admin' => CAP_ALLOW
)
),
// Preview the quiz.
'mod/quiz:preview' => array(
'captype' => 'write', // Only just a write.
'contextlevel' => CONTEXT_MODULE,
'legacy' => array(
'teacher' => CAP_ALLOW,
'editingteacher' => CAP_ALLOW,
'admin' => CAP_ALLOW
)
),
// Manually grade and comment on student attempts at a question.
'mod/quiz:grade' => array(
'riskbitmask' => RISK_SPAM,
'captype' => 'write',
'contextlevel' => CONTEXT_MODULE,
'legacy' => array(
'teacher' => CAP_ALLOW,
'editingteacher' => CAP_ALLOW,
'admin' => CAP_ALLOW
)
),
// Regrade quizzes.
'mod/quiz:regrade' => array(
'riskbitmask' => RISK_SPAM,
'captype' => 'write',
'contextlevel' => CONTEXT_MODULE,
'legacy' => array(
'teacher' => CAP_ALLOW,
'editingteacher' => CAP_ALLOW,
'admin' => CAP_ALLOW
),
'clonepermissionsfrom' => 'mod/quiz:grade'
),
// View the quiz reports.
'mod/quiz:viewreports' => array(
'riskbitmask' => RISK_PERSONAL,
'captype' => 'read',
'contextlevel' => CONTEXT_MODULE,
'legacy' => array(
'teacher' => CAP_ALLOW,
'editingteacher' => CAP_ALLOW,
'admin' => CAP_ALLOW
)
),
// Delete attempts using the overview report.
'mod/quiz:deleteattempts' => array(
'riskbitmask' => RISK_DATALOSS,
'captype' => 'write',
'contextlevel' => CONTEXT_MODULE,
'legacy' => array(
'editingteacher' => CAP_ALLOW,
'admin' => CAP_ALLOW
)
),
// Do not have the time limit imposed. Used for accessibility legislation compliance.
'mod/quiz:ignoretimelimits' => array(
'captype' => 'read',
'contextlevel' => CONTEXT_MODULE,
'legacy' => array()
),
// Receive email confirmation of own quiz submission
'mod/quiz:emailconfirmsubmission' => array(
'captype' => 'read',
'contextlevel' => CONTEXT_MODULE,
'legacy' => array()
),
// Receive email notification of other peoples quiz submissions
'mod/quiz:emailnotifysubmission' => array(
'captype' => 'read',
'contextlevel' => CONTEXT_MODULE,
'legacy' => array()
)
);
Reference in New Issue View Git Blame Copy Permalink