user_access

5 user.module	`user_access($string, $account = NULL)`
6 user.module	`user_access($string, $account = NULL, $reset = FALSE)`
7 user.module	`user_access($string, $account = NULL)`
8 user.module	`user_access($string, $account = NULL)`

Determine whether the user has a given privilege.

Parameters

$string: The permission, such as "administer nodes", being checked for.

$account: (optional) The account to check, if not given use currently logged in user.

$reset: (optional) Resets the user's permissions cache, which will result in a recalculation of the user's permissions. This is necessary to support dynamically added user roles.

Return value

Boolean TRUE if the current user has the requested permission.

All permission checks in Drupal should go through this function. This way, we guarantee consistent behavior, and ensure that the superuser can perform all actions.

▸ 120 functions call user_access()

▾ 120 functions call user_access()

aggregator_block in modules/aggregator/aggregator.module: Implementation of hook_block().
aggregator_categorize_items_validate in modules/aggregator/aggregator.pages.inc: Validate aggregator_categorize_items form submissions.
block_admin_configure in modules/block/block.admin.inc: Menu callback; displays the block configuration form.
blogapi_blogger_edit_post in modules/blogapi/blogapi.module: Blogging API callback. Modifies the specified blog node.
blogapi_blogger_new_post in modules/blogapi/blogapi.module: Blogging API callback. Inserts a new blog post as a node.
blogapi_mt_publish_post in modules/blogapi/blogapi.module: Blogging API callback. Publishes the given node
blogapi_status_error_check in modules/blogapi/blogapi.module: Check that the user has permission to save the node with the chosen status.
blogapi_validate_user in modules/blogapi/blogapi.module: Ensure that the given user has permission to edit a blog.
blog_access in modules/blog/blog.module: Implementation of hook_access().
blog_block in modules/blog/blog.module: Implementation of hook_block().
blog_page_last in modules/blog/blog.pages.inc: Menu callback; displays a Drupal page containing recent blog entries of all users.
blog_page_user in modules/blog/blog.pages.inc: Menu callback; displays a Drupal page containing recent blog entries of a given user.
blog_page_user_access in modules/blog/blog.module: Access callback for user blog pages.
blog_user in modules/blog/blog.module: Implementation of hook_user().
book_export_html in modules/book/book.pages.inc: This function is called by book_export() to generate HTML for export.
book_form_alter in modules/book/book.module: Implementation of hook_form_alter(). Adds the book fieldset to the node form.
book_link in modules/book/book.module: Implementation of hook_link().
book_nodeapi in modules/book/book.module: Implementation of hook_nodeapi().
comment_access in modules/comment/comment.module: This is *not* a hook_access() implementation. This function is called to determine whether the current user has access to a particular comment.
comment_block in modules/comment/comment.module: Implementation of hook_block().
comment_form in modules/comment/comment.module: Generate the basic commenting form, for appending to a node or display on a separate page.
comment_form_alter in modules/comment/comment.module: Implementation of hook_form_alter().
comment_link in modules/comment/comment.module: Implementation of hook_link().
comment_links in modules/comment/comment.module: Build command links for a comment (e.g.\ edit, reply, delete) with respect to the current user's access permissions.
comment_render in modules/comment/comment.module: Renders comment(s).
comment_reply in modules/comment/comment.pages.inc: This function is responsible for generating a comment reply form. There are several cases that have to be handled, including:
comment_save in modules/comment/comment.module: Accepts a submission of new or changed comment content.
filter_access in modules/filter/filter.module: Returns TRUE if the user is allowed to access this format.
filter_formats in modules/filter/filter.module: Retrieve a list of input formats.
forum_access in modules/forum/forum.module: Implementation of hook_access().
forum_block in modules/forum/forum.module: Implementation of hook_block().
hook_access in developer/hooks/node.php: Define access restrictions.
hook_file_download in developer/hooks/core.php: Control access to private file downloads and specify HTTP headers.
hook_form_alter in developer/hooks/core.php: Perform alterations before a form is rendered.
hook_link in developer/hooks/core.php: Define internal Drupal links.
hook_nodeapi in developer/hooks/core.php: Act on nodes defined by other modules.
hook_node_grants in developer/hooks/core.php: Inform the node access system what permissions the user has.
locale_user in modules/locale/locale.module: Implementation of hook_user().
menu_form_alter in modules/menu/menu.module: Implementation of hook_form_alter(). Adds menu item fields to the node form.
node_access in modules/node/node.module: Determine whether the current user may perform the given operation on the specified node.
node_content_access in modules/node/node.module: Implementation of hook_access().
node_form in modules/node/node.pages.inc: Generate the node add/edit form array.
node_form_alter in modules/node/node.module: Implementation of hook_form_alter().
node_help in modules/node/node.module: Implementation of hook_help().
node_revision_overview in modules/node/node.pages.inc: Generate an overview table of older revisions of a node.
node_submit in modules/node/node.module: Prepares a node for saving by populating teaser, author, and creation date.
node_validate in modules/node/node.module: Perform validation checks on the given node.
path_admin_delete_confirm in modules/path/path.admin.inc: Menu callback; confirms deleting an URL alias
path_form_alter in modules/path/path.module: Implementation of hook_form_alter().
path_nodeapi in modules/path/path.module: Implementation of hook_nodeapi().
poll_access in modules/poll/poll.module: Implementation of hook_access().
poll_block in modules/poll/poll.module: Implementation of hook_block().
poll_form in modules/poll/poll.module: Implementation of hook_form().
poll_insert in modules/poll/poll.module: Implementation of hook_insert().
poll_load in modules/poll/poll.module: Implementation of hook_load().
profile_block in modules/profile/profile.module: Implementation of hook_block().
profile_browse in modules/profile/profile.pages.inc: Menu callback; display a list of user information.
profile_category_access in modules/profile/profile.module: Menu item access callback - check if a user has access to a profile category.
profile_validate_profile in modules/profile/profile.module
profile_view_field in modules/profile/profile.module
profile_view_profile in modules/profile/profile.module
search_block in modules/search/search.module: Implementation of hook_block().
statistics_block in modules/statistics/statistics.module: Implementation of hook_block().
statistics_link in modules/statistics/statistics.module: Implementation of hook_link().
system_get_module_admin_tasks in modules/system/system.module: Generate a list of tasks offered by a specified module.
system_main_admin_page in modules/system/system.admin.inc: Menu callback; Provide the administration overview page.
system_requirements in modules/system/system.install: Test and report Drupal installation requirements.
system_theme_select_form in modules/system/system.module: Returns a fieldset containing the theme select form.
template_preprocess in includes/theme.inc: Adds a default set of helper variables for preprocess functions and templates. This comes in before any other preprocess function which makes it possible to be used in default theme implementations (non-overriden theme functions).
template_preprocess_aggregator_feed_source in modules/aggregator/aggregator.pages.inc: Process variables for aggregator-feed-source.tpl.php.
template_preprocess_poll_results in modules/poll/poll.module: Preprocess the poll_results theme hook.
template_preprocess_user_picture in modules/user/user.module: Process variables for user-picture.tpl.php.
theme_aggregator_block_item in modules/aggregator/aggregator.module: Format an individual feed item for display in the block.
theme_book_admin_table in modules/book/book.admin.inc: Theme function for the book administration page form.
theme_get_settings in includes/theme.inc: Retrieve an associative array containing the settings for a theme.
theme_username in includes/theme.inc: Format a username.
translation_form_alter in modules/translation/translation.module: Implementation of hook_form_alter().
translation_nodeapi in modules/translation/translation.module: Implementation of hook_nodeapi().
trigger_access_check in modules/trigger/trigger.module: Access callback for menu system.
update_help in modules/update/update.module: Implementation of hook_help().
upload_file_download in modules/upload/upload.module: Implementation of hook_file_download().
upload_form_alter in modules/upload/upload.module
upload_link in modules/upload/upload.module: Implementation of hook_link().
upload_nodeapi in modules/upload/upload.module: Implementation of hook_nodeapi().
upload_node_form_submit in modules/upload/upload.module: Save new uploads and store them in the session to be associated to the node on upload_save.
user_block in modules/user/user.module: Implementation of hook_block().
user_build_filter_query in modules/user/user.module: Build query for user administration filters based on session.
user_delete_access in modules/user/user.module: Menu access callback; limit access to account deletion pages.
user_edit_access in modules/user/user.module: Access callback for user account editing.
user_edit_form in modules/user/user.module
user_edit_validate in modules/user/user.pages.inc
user_profile_form in modules/user/user.pages.inc: Form builder; edit a user account or one of their profile categories.
user_profile_form_validate in modules/user/user.pages.inc: Validation function for the user account and profile editing form.
user_register in modules/user/user.module: Form builder; The user registration form.
user_register_submit in modules/user/user.module: Submit handler for the user registration form.
user_save in modules/user/user.module: Save changes to a user account or add a new user.
user_search in modules/user/user.module: Implementation of hook_search().
user_user_operations in modules/user/user.module: Implementation of hook_user_operations().
user_view_access in modules/user/user.module
_aggregator_has_categories in modules/aggregator/aggregator.module: Find out whether there are any aggregator categories.
_aggregator_page_list in modules/aggregator/aggregator.pages.inc: Prints an aggregator page listing a number of feed items.
_block_themes_access in modules/block/block.module: Menu item access callback - only admin or enabled themes can be accessed
_book_add_form_elements in modules/book/book.module: Build the common elements of the book form for the node and outline forms.
_book_outline_access in modules/book/book.module: Menu item access callback - determine if the outline tab is accessible.
_contact_user_tab_access in modules/contact/contact.module: Menu access callback for a user's personal contact form.
_menu_check_access in includes/menu.inc: Check access to a menu item using the access callback
_menu_site_is_offline in includes/menu.inc: Checks whether the site is off-line for maintenance.
_node_access_join_sql in modules/node/node.module: Generate an SQL join clause for use in fetching a node listing.
_node_access_where_sql in modules/node/node.module: Generate an SQL where clause for use in fetching a node listing.
_node_revision_access in modules/node/node.module
_poll_choice_form in modules/poll/poll.module
_poll_menu_access in modules/poll/poll.module: Callback function to see if a node is acceptable for poll menu items.
_profile_get_fields in modules/profile/profile.module
_search_menu in modules/search/search.module
_system_themes_access in modules/system/system.module: Menu item access callback - only admin or enabled themes can be accessed.
_tracker_myrecent_access in modules/tracker/tracker.module: Access callback for tracker/%user_uid_optional
_tracker_user_access in modules/tracker/tracker.module: Access callback for user/%user/track
_translation_tab_access in modules/translation/translation.module: Menu access callback.
_upload_form in modules/upload/upload.module
_user_edit_validate in modules/user/user.module

File

modules/user/user.module, line 508: Enables the user registration and login system.

Code

<?php
function user_access($string, $account = NULL, $reset = FALSE) {
  global $user;
  static $perm = array();

  if ($reset) {
    $perm = array();
  }

  if (!isset($account)) {
    $account = $user;
  }

  // User #1 has all privileges:
  if ($account->uid == 1) {
    return TRUE;
  }

  // To reduce the number of SQL queries, we cache the user's permissions
  // in a static variable.
  if (!isset($perm[$account->uid])) {
    $result = db_query("SELECT p.perm FROM {role} r INNER JOIN {permission} p ON p.rid = r.rid WHERE r.rid IN (" . db_placeholders($account->roles) . ")", array_keys($account->roles));

    $perms = array();
    while ($row = db_fetch_object($result)) {
      $perms += array_flip(explode(', ', $row->perm));
    }
    $perm[$account->uid] = $perms;
  }

  return isset($perm[$account->uid][$string]);
}
?>

Comments

Usage Example

Posted by EvanDonovan on July 9, 2010 at 5:06pm

1) Define a permission in hook_perm() in your module, here called "coolstuff.module".

<?php
function coolstuff_perm() {
  return array('do cool stuff', 'do uncool stuff');
}
?>

2) Grant it to your users at admin/user/permissions.

3) Check it in a function.

<?php
function coolstuff_init() {
  if (user_access('do cool stuff')) {
   drupal_set_message(t('You can do cool stuff!'));
  }
  elseif (user_access('do uncool stuff')) {
    drupal_set_message(t('You can do uncool stuff.'));
  }
  elseif (!user_access('do cool stuff') && !user_access('do uncool stuff')) {
   drupal_set_message(t("You can't do stuff at all."));
  }
}
?>

I personally have never used the $account parameter, but presume it could be used as follows:

<?php
function check_coolstuff($uid) {
  $account = user_load($uid);
  if (user_access('do cool stuff', $account)) {
    drupal_set_message(t("The user @username with uid @uid has the permission to do cool stuff.", array('@username' => $account->name, '@uid' => $account->uid));
  }
}
?>

Easy usage example

Posted by mosys on September 16, 2011 at 11:46am

Use this to forward administrators or editor to the administration page upon login:

<?php
  global $user;
  if ($user->uid == 1 || user_access('access administration pages')) {
    // Redirect admin to the administration page
    return 'admin';
  } else {
    return 'node';
  }
?>

Easy usage example more simple

Posted by promes on October 28, 2011 at 10:46am

Your example can be written even shorter since user_access() does the check for userid 1 for you.

<?php
  if (user_access('access administration pages')) {
    // Redirect admin to the administration page
    return 'admin';
  } else {
    return 'node';
  }
?>

Shorter, you say?

Posted by Madbreaks on January 16, 2012 at 11:11pm

<?php
return user_access('access administration pages') ? 'admin' : 'node';
?>