user_access

Versions
4.6 – 5: user_access($string, $account = NULL)
6: user_access($string, $account = NULL, $reset = FALSE)
7: user_access($string, $account = NULL)

Determine whether the user has a given privilege.

All permission checks in Drupal should go through this function. This way, we guarantee consistent behavior, and ensure that the superuser can perform all actions.

Parameters

$string The permission, such as "administer nodes", being checked for.

$account (optional) The account to check, if not given use currently logged in user.

Return value

TRUE iff the current user has the requested permission.

▸ 104 functions call user_access()

▾ 104 functions call user_access()

aggregator_block in modules/aggregator.module: Implementation of hook_block().
aggregator_menu in modules/aggregator.module: Implementation of hook_menu().
archive_block in modules/archive.module: Implementation of hook_block().
archive_menu in modules/archive.module: Implementation of hook_menu().
block_menu in modules/block.module: Implementation of hook_menu().
blogapi_menu in modules/blogapi.module
blogapi_validate_user in modules/blogapi.module: Ensure that the given user has permission to edit a blog.
blog_access in modules/blog.module: Implementation of hook_access().
blog_block in modules/blog.module: Implementation of hook_block().
blog_menu in modules/blog.module: Implementation of hook_menu().
blog_page_user in modules/blog.module: Displays a Drupal page containing recent blog entries of a given user.
blog_user in modules/blog.module: Implementation of hook_user().
book_access in modules/book.module: Implementation of hook_access().
book_form in modules/book.module: Implementation of hook_form().
book_menu in modules/book.module: Implementation of hook_menu().
book_nodeapi in modules/book.module: Implementation of hook_nodeapi().
book_toc in modules/book.module
book_validate in modules/book.module: Implementation of hook_validate().
comment_block in modules/comment.module: Implementation of hook_block().
comment_link in modules/comment.module: Implementation of hook_link().
comment_links in modules/comment.module
comment_menu in modules/comment.module: Implementation of hook_menu().
comment_moderate in modules/comment.module
comment_nodeapi in modules/comment.module: Implementation of hook_nodeapi().
comment_post in modules/comment.module
comment_render in modules/comment.module
comment_reply in modules/comment.module
comment_user_can_moderate in modules/comment.module
contact_mail_user in modules/contact.module
fileupload_access in developer/examples/fileupload.module
fileupload_file_download in developer/examples/fileupload.module
fileupload_link in developer/examples/fileupload.module: Integrate with Drupal
filter_access in modules/filter.module: Returns true if the user is allowed to access this format.
filter_formats in modules/filter.module: Retrieve a list of input formats.
filter_menu in modules/filter.module: Implementation of hook_menu().
format_name in includes/common.inc: Format a username.
forum_access in modules/forum.module: Implementation of hook_access().
forum_block in modules/forum.module: Implementation of hook_block().
forum_menu in modules/forum.module: Implementation of hook_menu().
help_menu in modules/help.module: Implementation of hook_menu().
hook_access in developer/hooks/node.php: Define access restrictions.
hook_menu in developer/hooks/core.php: Define menu items and page callbacks.
hook_nodeapi in developer/hooks/core.php: Act on nodes defined by other modules.
hook_node_grants in developer/hooks/core.php: Grant access to nodes.
locale_menu in modules/locale.module: Implementation of hook_menu().
menu_menu in modules/menu.module: Implementation of hook_menu().
node_access in modules/node.module: Determine whether the current user may perform the given operation on the specified node.
node_access_example_node_grants in developer/examples/node_access_example.module: Implementation of hook_node_grants().
node_example_access in developer/examples/node_example.module: Implementation of hook_access().
node_example_link in developer/examples/node_example.module: Implementation of hook_link().
node_example_menu in developer/examples/node_example.module: Implementation of hook_menu().
node_form in modules/node.module: Generate the node editing form.
node_menu in modules/node.module: Implementation of hook_menu().
node_revision_delete in modules/node.module: Delete the revision with specified revision number.
node_revision_overview in modules/node.module: Generate an overview table of older revisions of a node.
node_revision_rollback in modules/node.module: Roll back to the revision with the specified revision number.
node_validate in modules/node.module: Perform validation checks on the given node.
page_access in modules/page.module: Implementation of hook_access().
page_example_menu in developer/examples/page_example.module: Implementation of hook_menu().
path_menu in modules/path.module: Implementation of hook_menu().
path_nodeapi in modules/path.module: Implementation of hook_nodeapi().
poll_access in modules/poll.module: Implementation of hook_access().
poll_block in modules/poll.module: Implementation of hook_block().
poll_form in modules/poll.module: Implementation of hook_form().
poll_insert in modules/poll.module
poll_load in modules/poll.module: Implementation of hook_load().
poll_menu in modules/poll.module: Implementation of hook_menu().
profile_browse in modules/profile.module: Menu callback; display a list of user information.
profile_menu in modules/profile.module: Implementation of hook_menu().
profile_validate_profile in modules/profile.module
profile_view_field in modules/profile.module
profile_view_profile in modules/profile.module
queue_block in modules/queue.module: Implementation of hook_block().
queue_menu in modules/queue.module: Implementation of hook_menu().
queue_nodeapi in modules/queue.module: Implementation of hook_nodeapi().
search_block in modules/search.module: Implementation of hook_block().
search_menu in modules/search.module: Implementation of hook_menu().
search_view in modules/search.module: Menu callback; presents the search form and/or search results.
statistics_block in modules/statistics.module: Implementation of hook_block().
statistics_menu in modules/statistics.module: Implementation of hook_menu().
story_access in modules/story.module: Implementation of hook_access().
story_menu in modules/story.module: Implementation of hook_menu().
system_menu in modules/system.module: Implementation of hook_menu().
taxonomy_menu in modules/taxonomy.module: Implementation of hook_menu().
theme_aggregator_block_item in modules/aggregator.module: Format an individual feed item for display in the block.
theme_aggregator_feed in modules/aggregator.module: Format a news feed.
theme_forum_display in modules/forum.module: Format the forum body.
tracker_menu in modules/tracker.module: Implementation of hook_menu().
upload_file_download in modules/upload.module
upload_form in modules/upload.module
upload_link in modules/upload.module: Implementation of hook_link().
upload_menu in modules/upload.module: Implementation of hook_menu().
upload_nodeapi in modules/upload.module: Implementation of hook_nodeapi().
user_block in modules/user.module: Implementation of hook_block().
user_edit in modules/user.module
user_edit_form in modules/user.module
user_edit_validate in modules/user.module
user_menu in modules/user.module: Implementation of hook_menu().
user_page in modules/user.module
user_search in modules/user.module: Implementation of hook_search().
watchdog_menu in modules/watchdog.module: Implementation of hook_menu().
_aggregator_page_list in modules/aggregator.module: Prints an aggregator page listing a number of feed items. Various menu callbacks use this function to print their feeds.
_node_access_join_sql in modules/node.module: Generate an SQL join clause for use in fetching a node listing.
_node_access_where_sql in modules/node.module: Generate an SQL where clause for use in fetching a node listing.

Code

modules/user.module, line 325

<?php
function user_access($string, $account = NULL) {
  global $user;
  static $perm = array();

  if (is_null($account)) {
    $account = $user;
  }

  // User #1 has all privileges:
  if ($account->uid == 1) {
    return 1;
  }

  // To reduce the number of SQL queries, we cache the user's permissions
  // in a static variable.
  if (!isset($perm[$account->uid])) {
    $result = db_query('SELECT DISTINCT(p.perm) FROM {role} r INNER JOIN {permission} p ON p.rid = r.rid INNER JOIN {users_roles} ur ON ur.rid = r.rid WHERE ur.uid = %d', $account->uid);

    while ($row = db_fetch_object($result)) {
      $perm[$account->uid] .= "$row->perm, ";
    }
  }

  return strpos($perm[$account->uid], "$string, ") !== FALSE;
}
?>