7.x user.module user_has_role($rid, $account = NULL)

Checks if a user has a role.


int $rid: A role ID.

object|null $account: (optional) A user account. Defaults to the current user.

Return value

bool TRUE if the user has the role, or FALSE if not.


modules/user/user.module, line 861
Enables the user registration and login system.


function user_has_role($rid, $account = NULL) {
  if (!$account) {
    $account = $GLOBALS['user'];

  return isset($account->roles[$rid]);


mikeker’s picture

This API function maps to User::hasRole in Drupal 8.

arulraj.m’s picture

It’s really good to see the new function to check a user have specific role or not.

I have a concerns here, Instead of checking role id we can check role name because am not sure we may have same data entry in roles table in development and Production servers (if records miss match it will give wrong matches with role id).

function user_has_role($role_name, $user = NULL) {
if ($user == NULL) {
global $user;
if (is_array($user->roles) && in_array($role_name, array_values($user->roles))) {
return TRUE;

return FALSE;

stickywes’s picture

By all means, use the role name instead in your own implementations!

A search by name is definitely a better way to do it (in my opinion) because the strings we're naming our roles is probably reliably unique in an installation (just like module names). Unfortunately, the primary ID of a role is the integer so that is what we're probably stuck with... not to mention, you don't want to change an element of the API like this one now that it has been in a wild for a while.

Luckily this fundamental problem in D7's user roles (it's easier to be confident about a string being reliably unique than an the integer ID in the user_roles table unless you are a core module) is going away in Drupal 8; the ids are strings!

opdavies’s picture

Maybe add a new function - something like user_has_role_name(), and submit a patch to core? I'm happy to help with this if you need.

I tend to set variables in environment-specific settings files, such as $conf['new_rid'] = 100, so that they can then be accessed with variable_get().

The advantage of doing it this way is that it will still work if the role name is changed in the future.

cosmicdreams’s picture

If you're like me and you found this page and the very next question you had was: What are the rids of the default roles? Here ya go

Role Name | rid
anonymous | 1
authenticated user | 2
administrator | 3

robbdavis’s picture

I just lost some time assuming user_has_role('role name') would work. As @opdavies suggested above, user_has_role_name() would be useful.

ragnarkurm’s picture

+1 for user_has_role_name()

To convert role name to role id:

James Marks’s picture

You could use the role name but keep in mind that the role name can be easily edited through the UI making this approach somewhat brittle. Imagine a helpful admin thinking "Oh, someone misspelled 'suprevisor'. I'll just fix that" and promptly breaking your code.