user_access

• Drupal 4.6
• Drupal 4.7
• Drupal 5
• Drupal 6
• Drupal 7

• View documentation
• List references

Definition

user_access($string, $account = NULL, $reset = FALSE)
modules/user/user.module, line 525

Description

Determine whether the user has a given privilege.

All permission checks in Drupal should go through this function. This way, we guarantee consistent behavior, and ensure that the superuser can perform all actions.

Parameters

$string The permission, such as "administer nodes", being checked for.

$account (optional) The account to check, if not given use currently logged in user.

$reset (optional) Resets the user's permissions cache, which will result in a recalculation of the user's permissions. This is necessary to support dynamically added user roles.

Return value

Boolean TRUE if the current user has the requested permission.

Code

<?php
function user_access($string, $account = NULL, $reset = FALSE) {
  global $user;
  static $perm = array();

  if ($reset) {
    unset($perm);
  }

  if (is_null($account)) {
    $account = $user;
  }

  // User #1 has all privileges:
  if ($account->uid == 1) {
    return TRUE;
  }

  // To reduce the number of SQL queries, we cache the user's permissions
  // in a static variable.
  if (!isset($perm[$account->uid])) {
    $role_permissions = user_role_permissions($account->roles, $reset);

    $perms = array();
    foreach ($role_permissions as $one_role) {
      $perms += $one_role;
    }
    $perm[$account->uid] = $perms;
  }

  return isset($perm[$account->uid][$string]);
}
?>