AnsweredAssumed Answered

Creating a custom course role without destructive entitlements

Question asked by miroslav.lulic on Jun 6, 2017
Latest reply on Jun 9, 2017 by kaspars.dzerins

Hi Everyone

I have been trying to create a custom course role that would mostly be read only. However i have found that it looks like there is a certain set of entitlements that are not exposed in the GUI which provide access to certain destructive features for a custom course role even if no privileges are selected.

Here is the list:

COURSE_ROLE    ENTITLEMENT_UID    PK1

View_only    course.MODIFY    3658

View_only    course.areas.MODIFY    3652

View_only    course.assessment.results.DELETE    3625

View_only    course.assessment.results.MODIFY    3626

View_only    course.calendar.MODIFY    3669

View_only    course.communication.MODIFY    3655

View_only    course.configure-settings.EXECUTE    3640

View_only    course.content.report.CREATE    3647

View_only    course.content.report.EXECUTE    3641

View_only    course.courseobjective.alignment.CREATE    3644

View_only    course.courseobjective.alignment.DELETE    3645

View_only    course.dropbox.admin.VIEW    3661

View_only    course.homepage.MODIFY    3668

View_only    course.pool.CREATE    3623

View_only    course.pool.DELETE    3624

View_only    course.properties.MODIFY    3651

View_only    discussion.forum.copy.EXECUTE    3634

View_only    discussion.forum.settings.copy.EXECUTE    3635

View_only    learn.course.gradecenter.column.stats.report.EXECUTE    3636

View_only    learn.course.rubric.stats.report.CREATE    3638

View_only    learn.course.rubric.stats.report.EXECUTE    3637

 

The worst is the discussion forum which allows for deletion of forum threads. Does anyone have any great workarounds or solutions to this issue?

Long term i would really like if all these were exposed in the GUI privileges.

Outcomes