| 5 user.module | user_access($string, $account = NULL) |
| 6 user.module | user_access($string, $account = NULL, |
| 7 user.module | user_access($string, $account = NULL) |
| 8 user.module | user_access($string, $account = NULL) |
Determine whether the user has a given privilege.
Parameters
$string: The permission, such as "administer nodes", being checked for.
$account: (optional) The account to check, if not given use currently logged in user.
Return value
Boolean TRUE if the current user has the requested permission.
All permission checks in Drupal should go through this function. This way, we guarantee consistent behavior, and ensure that the superuser can perform all actions.
▾ 152 functions call user_access()
- aggregator_block_view in modules/
aggregator/ aggregator.module - Implements hook_block_view().
- authorize_access_allowed in ./
authorize.php - Determines if the current user is allowed to run authorize.php.
- block_admin_configure in modules/
block/ block.admin.inc - Form constructor for the block configuration form.
- blog_block_view in modules/
blog/ blog.module - Implements hook_block_view().
- blog_menu_local_tasks_alter in modules/
blog/ blog.module - Implements hook_menu_local_tasks_alter().
- blog_page_user_access in modules/
blog/ blog.module - Access callback for user blog pages.
- blog_user_view in modules/
blog/ blog.module - Implements hook_user_view().
- book_export_html in modules/
book/ book.pages.inc - This function is called by book_export() to generate HTML for export.
- book_form_node_form_alter in modules/
book/ book.module - Implements hook_form_BASE_FORM_ID_alter().
- book_node_prepare in modules/
book/ book.module - Implements hook_node_prepare().
- book_node_presave in modules/
book/ book.module - Implements hook_node_presave().
- book_node_view_link in modules/
book/ book.module - Inject links into $node as needed.
- CommentInterfaceTest::assertCommentLinks in modules/
comment/ comment.test - Asserts that comment links appear according to the passed environment setup.
- comment_access in modules/
comment/ comment.module - Determines whether the current user has access to a particular comment.
- comment_block_view in modules/
comment/ comment.module - Implements hook_block_view().
- comment_file_download_access in modules/
comment/ comment.module - Implements hook_file_download_access().
- comment_form in modules/
comment/ comment.module - Generate the basic commenting form, for appending to a node or display on a separate page.
- comment_form_node_form_alter in modules/
comment/ comment.module - Implements hook_form_BASE_FORM_ID_alter().
- comment_form_node_type_form_alter in modules/
comment/ comment.module - Implements hook_form_FORM_ID_alter().
- comment_form_submit in modules/
comment/ comment.module - Process comment form submissions; prepare the comment, store it, and set a redirection target.
- comment_get_display_ordinal in modules/
comment/ comment.module - Get the display ordinal for a comment, starting from 0.
- comment_get_thread in modules/
comment/ comment.module - Retrieve comments for a thread.
- comment_links in modules/
comment/ comment.module - Helper function, build links for an individual comment.
- comment_node_page_additions in modules/
comment/ comment.module - Build the comment-related elements for node detail pages.
- comment_node_search_result in modules/
comment/ comment.module - Implements hook_node_search_result().
- comment_node_view in modules/
comment/ comment.module - Implements hook_node_view().
- comment_reply in modules/
comment/ comment.pages.inc - This function is responsible for generating a comment reply form. There are several cases that have to be handled, including:
- comment_save in modules/
comment/ comment.module - Accepts a submission of new or changed comment content.
- contact_personal_form in modules/
contact/ contact.pages.inc - Form constructor for the personal contact form.
- contact_personal_form_submit in modules/
contact/ contact.pages.inc - Form submission handler for contact_personal_form().
- contact_site_form in modules/
contact/ contact.pages.inc - Form constructor for the site-wide contact form.
- contextual_preprocess in modules/
contextual/ contextual.module - Implements hook_preprocess().
- dashboard_admin in modules/
dashboard/ dashboard.module - Dashboard page callback.
- field_test_entity_form in modules/
field/ tests/ field_test.entity.inc - Test_entity form.
- FilterFormatAccessTestCase::testFormatPermissions in modules/
filter/ filter.test - filter_access in modules/
filter/ filter.module - Checks if a user has access to a particular text format.
- filter_permission in modules/
filter/ filter.module - Implements hook_permission().
- filter_process_format in modules/
filter/ filter.module - Expands an element into a base element with text format selector attached.
- forum_block_view in modules/
forum/ forum.module - Implements hook_block_view().
- hook_block_view in modules/
block/ block.api.php - Return a rendered or renderable view of a block.
- hook_field_access in modules/
field/ field.api.php - Determine whether the user has access to a given field.
- hook_file_download in modules/
system/ system.api.php - Control access to private file downloads and specify HTTP headers.
- hook_node_access in modules/
node/ node.api.php - Control access to a node.
- hook_node_grants in modules/
node/ node.api.php - Inform the node access system what permissions the user has.
- hook_preprocess in modules/
system/ theme.api.php - Preprocess theme variables.
- hook_query_TAG_alter in modules/
system/ system.api.php - Perform alterations to a structured query for a given tag.
- hook_search_access in modules/
search/ search.api.php - Define access to a custom search routine.
- hook_user_cancel_methods_alter in modules/
user/ user.api.php - Modify account cancellation methods.
- hook_user_view in modules/
user/ user.api.php - The user's account information is being displayed.
- locale_language_selector_form in modules/
locale/ locale.module - Form builder callback to display language selection widget.
- menu_form_node_form_alter in modules/
menu/ menu.module - Implements hook_form_BASE_FORM_ID_alter().
- node_access in modules/
node/ node.module - Determine whether the current user may perform the given operation on the specified node.
- node_access_test_node_grants in modules/
node/ tests/ node_access_test.module - Implements hook_node_grants().
- node_admin_nodes in modules/
node/ node.admin.inc - Form builder: Builds the node administration overview.
- node_block_view in modules/
node/ node.module - Implements hook_block_view().
- node_form in modules/
node/ node.pages.inc - Generate the node add/edit form array.
- node_form_search_form_alter in modules/
node/ node.module - Implements hook_form_FORM_ID_alter().
- node_get_recent in modules/
node/ node.module - Finds the most recently changed nodes that are available to the current user.
- node_help in modules/
node/ node.module - Implements hook_help().
- node_node_access in modules/
node/ node.module - Implements hook_node_access().
- node_revision_overview in modules/
node/ node.pages.inc - Generate an overview table of older revisions of a node.
- node_search_access in modules/
node/ node.module - Implements hook_search_access().
- overlay_disable_message in modules/
overlay/ overlay.module - Returns a renderable array representing a message for disabling the overlay.
- overlay_form_user_profile_form_alter in modules/
overlay/ overlay.module - Implements hook_form_FORM_ID_alter().
- overlay_init in modules/
overlay/ overlay.module - Implements hook_init().
- path_admin_delete_confirm in modules/
path/ path.admin.inc - Menu callback; confirms deleting an URL alias
- path_form_node_form_alter in modules/
path/ path.module - Implements hook_form_BASE_FORM_ID_alter().
- path_form_taxonomy_form_term_alter in modules/
path/ path.module - Implements hook_form_FORM_ID_alter().
- poll_block_view in modules/
poll/ poll.module - Implements hook_block_view().
- poll_form in modules/
poll/ poll.module - Implements hook_form().
- poll_insert in modules/
poll/ poll.module - Implements hook_insert().
- poll_load in modules/
poll/ poll.module - Implements hook_load().
- profile_block_view in modules/
profile/ profile.module - Implements hook_block_view().
- profile_browse in modules/
profile/ profile.pages.inc - Menu callback; display a list of user information.
- profile_category_access in modules/
profile/ profile.module - Menu item access callback - check if a user has access to a profile category.
- profile_user_form_validate in modules/
profile/ profile.module - Form validation handler for the user register/profile form.
- profile_user_view in modules/
profile/ profile.module - Implements hook_user_view().
- profile_view_field in modules/
profile/ profile.module - rdf_preprocess_node in modules/
rdf/ rdf.module - Implements MODULE_preprocess_HOOK().
- search_block_view in modules/
search/ search.module - Implements hook_block_view().
- search_is_active in modules/
search/ search.module - Determines access for the ?q=search path.
- shortcut_help in modules/
shortcut/ shortcut.module - Implements hook_help().
- shortcut_set_delete_access in modules/
shortcut/ shortcut.module - Access callback for deleting a shortcut set.
- shortcut_set_edit_access in modules/
shortcut/ shortcut.module - Access callback for editing a shortcut set.
- shortcut_set_switch in modules/
shortcut/ shortcut.admin.inc - Form callback: builds the form for switching shortcut sets.
- shortcut_set_switch_access in modules/
shortcut/ shortcut.module - Access callback for switching the shortcut set assigned to a user account.
- statistics_block_view in modules/
statistics/ statistics.module - Implements hook_block_view().
- statistics_node_view in modules/
statistics/ statistics.module - Implements hook_node_view().
- statistics_top_visitors in modules/
statistics/ statistics.admin.inc - Menu callback; presents the "top visitors" page.
- system_admin_config_page in modules/
system/ system.admin.inc - Menu callback; Provide the administration overview page.
- system_custom_theme in modules/
system/ system.module - Implements hook_custom_theme().
- system_modules in modules/
system/ system.admin.inc - Menu callback; provides module enable/disable interface.
- taxonomy_form_term in modules/
taxonomy/ taxonomy.admin.inc - Form function for the term edit form.
- taxonomy_term_edit_access in modules/
taxonomy/ taxonomy.module - Return edit access for a given term.
- template_preprocess_aggregator_feed_source in modules/
aggregator/ aggregator.pages.inc - Processes variables for aggregator-feed-source.tpl.php.
- template_preprocess_poll_results in modules/
poll/ poll.module - Preprocess the poll_results theme hook.
- template_preprocess_username in includes/
theme.inc - Preprocesses variables for theme_username().
- template_preprocess_user_picture in modules/
user/ user.module - Process variables for user-picture.tpl.php.
- theme_book_admin_table in modules/
book/ book.admin.inc - Returns HTML for a book administration form.
- theme_node_recent_block in modules/
node/ node.module - Returns HTML for a list of recent content.
- theme_poll_choices in modules/
poll/ poll.module - Returns HTML for an admin poll form for choices.
- toolbar_page_build in modules/
toolbar/ toolbar.module - Implements hook_page_build().
- toolbar_preprocess_html in modules/
toolbar/ toolbar.module - Implements hook_preprocess_html().
- translation_form_node_form_alter in modules/
translation/ translation.module - Implements hook_form_BASE_FORM_ID_alter().
- translation_node_prepare in modules/
translation/ translation.module - Implements hook_node_prepare().
- update_access_allowed in ./
update.php - Determines if the current user is allowed to run update.php.
- update_helpful_links in ./
update.php - update_init in modules/
update/ update.module - Implements hook_init().
- update_manager_access in modules/
update/ update.module - Determine if the current user can access the updater menu items.
- update_results_page in ./
update.php - UserPermissionsTestCase::testAdministratorRole in modules/
user/ user.test - Test assigning of permissions for the administrator role.
- UserPermissionsTestCase::testUserPermissionChanges in modules/
user/ user.test - Change user permissions and check user_access().
- UserPermissionsTestCase::testUserRoleChangePermissions in modules/
user/ user.test - Verify proper permission changes by user_role_change_permissions().
- user_account_form in modules/
user/ user.module - Helper function to add default user account fields to user registration and edit form.
- user_block_view in modules/
user/ user.module - Implements hook_block_view().
- user_build_filter_query in modules/
user/ user.module - Extends a query object for user administration filters based on session.
- user_cancel_access in modules/
user/ user.module - Menu access callback; limit access to account cancellation pages.
- user_cancel_confirm_form in modules/
user/ user.pages.inc - Form builder; confirm form for cancelling user account.
- user_cancel_confirm_form_submit in modules/
user/ user.pages.inc - Submit handler for the account cancellation confirm form.
- user_cancel_methods in modules/
user/ user.pages.inc - Helper function to return available account cancellation methods.
- user_edit_access in modules/
user/ user.module - Access callback for user account editing.
- user_menu_site_status_alter in modules/
user/ user.module - Implements hook_menu_site_status_alter().
- user_profile_form in modules/
user/ user.pages.inc - Form builder; edit a user account or one of their profile categories.
- user_register_form in modules/
user/ user.module - Form builder; the user registration form.
- user_register_submit in modules/
user/ user.module - Submit handler for the user registration form.
- user_role_edit_access in modules/
user/ user.module - Menu access callback for user role editing.
- user_search_access in modules/
user/ user.module - Implements hook_search_access().
- user_search_execute in modules/
user/ user.module - Implements hook_search_execute().
- user_user_operations in modules/
user/ user.module - Implements hook_user_operations().
- user_view_access in modules/
user/ user.module - User view access callback.
- _aggregator_has_categories in modules/
aggregator/ aggregator.module - Determines whether there are any aggregator categories.
- _aggregator_page_list in modules/
aggregator/ aggregator.pages.inc - Prints an aggregator page listing a number of feed items.
- _block_themes_access in modules/
block/ block.module - Menu item access callback - only admin or enabled themes can be accessed.
- _book_add_form_elements in modules/
book/ book.module - Build the common elements of the book form for the node and outline forms.
- _book_outline_access in modules/
book/ book.module - Menu item access callback - determine if the outline tab is accessible.
- _contact_personal_tab_access in modules/
contact/ contact.module - Menu access callback for a user's personal contact form.
- _field_ui_view_mode_menu_access in modules/
field_ui/ field_ui.module - Menu access callback for the 'view mode display settings' pages.
- _filter_disable_format_access in modules/
filter/ filter.module - Access callback for deleting text formats.
- _menu_check_access in includes/
menu.inc - Check access to a menu item using the access callback
- _menu_site_is_offline in includes/
menu.inc - Checks whether the site is in maintenance mode.
- _node_add_access in modules/
node/ node.module - _node_query_node_access_alter in modules/
node/ node.module - Helper for node access functions.
- _node_revision_access in modules/
node/ node.module - _poll_choice_form in modules/
poll/ poll.module - _poll_menu_access in modules/
poll/ poll.module - Callback function to see if a node is acceptable for poll menu items.
- _profile_get_fields in modules/
profile/ profile.module - _search_menu_access in modules/
search/ search.module - Access callback for search tabs.
- _system_themes_access in modules/
system/ system.module - Menu item access callback - only admin or enabled themes can be accessed.
- _template_preprocess_default_variables in includes/
theme.inc - Returns hook-independent variables to template_preprocess().
- _tracker_myrecent_access in modules/
tracker/ tracker.module - Access callback for tracker/%user_uid_optional.
- _tracker_user_access in modules/
tracker/ tracker.module - Access callback for user/%user/track.
- _translation_tab_access in modules/
translation/ translation.module - Menu access callback.
File
- modules/
user/ user.module, line 782 - Enables the user registration and login system.
Code
<?php
function user_access($string, $account = NULL) {
global $user;
if (!isset($account)) {
$account = $user;
}
// User #1 has all privileges:
if ($account->uid == 1) {
return TRUE;
}
// To reduce the number of SQL queries, we cache the user's permissions
// in a static variable.
// Use the advanced drupal_static() pattern, since this is called very often.
static $drupal_static_fast;
if (!isset($drupal_static_fast)) {
$drupal_static_fast['perm'] = &drupal_static(__FUNCTION__);
}
$perm = &$drupal_static_fast['perm'];
if (!isset($perm[$account->uid])) {
$role_permissions = user_role_permissions($account->roles);
$perms = array();
foreach ($role_permissions as $one_role) {
$perms += $one_role;
}
$perm[$account->uid] = $perms;
}
return isset($perm[$account->uid][$string]);
}
?>
Comments
Lowercase
It should be noted that any permission string entered into this function should be all lowercase. If one were to copy and paste a permission from the admin/people/permissions page that included an uppercase first letter, then the function will return false.
Lowercase, A good practice but there are exceptions to the rule.
I just used user access for the first time.
I installed devel.
admin/config/development/devel turn on Display $page array
admin/people/permissions click on the array box (screen top)
This array box area expands to give you the correct name for the user access permissions. Notice that the names don't always match the rule of lowercase. See block IP addresses.
array >> content > system main > permission
Permission names are different from admin/people/permissions
If you want to find a permission you can look in admin/people/permissions but they will not relate directly, for example I wanted the permission "Basic page: Edit own content" but to use as an argument for user_access I'd use "edit own page content". I discovered this by dumping the users roles to my webpage by doing
$roles = array(2=>'2'); // 2 = the role ID, which is passed as the Key.
$check = user_role_permissions($roles)
print('');
var_dump($check);
print ('');
A useful query
SELECT r.name,p.module,p.permission FROM role_permission pleft join role r on p.rid=r.rid
order by name,module, permission
3rd column is what you are looking for.