1. drupal
    1. 5
    2. 6
    3. 7
    4. 8
5 user_access($string, $account = NULL)
6 user_access($string, $account = NULL, $reset = FALSE)
7 – 8 user_access($string, $account = NULL)

Determine whether the user has a given privilege.


$string The permission, such as "administer nodes", being checked for.

$account (optional) The account to check, if not given use currently logged in user.

Return value

Boolean TRUE if the current user has the requested permission.

All permission checks in Drupal should go through this function. This way, we guarantee consistent behavior, and ensure that the superuser can perform all actions.

▾ 156 functions call user_access()

action_example_node_sticky_action_form in examples/action_example/action_example.module
Generates settings form for action_example_node_sticky_action().
aggregator_block_view in modules/aggregator/aggregator.module
Implements hook_block_view().
authorize_access_allowed in ./authorize.php
Determines if the current user is allowed to run authorize.php.
block_admin_configure in modules/block/
Form builder for the block configuration form.
blog_block_view in modules/blog/blog.module
Implements hook_block_view().
blog_menu_local_tasks_alter in modules/blog/blog.module
Implements hook_menu_local_tasks_alter().
blog_page_user_access in modules/blog/blog.module
Access callback for user blog pages.
blog_user_view in modules/blog/blog.module
Implements hook_user_view().
book_export_html in modules/book/
This function is called by book_export() to generate HTML for export.
book_form_node_form_alter in modules/book/book.module
Implements hook_form_BASE_FORM_ID_alter().
book_node_prepare in modules/book/book.module
Implements hook_node_prepare().
book_node_presave in modules/book/book.module
Implements hook_node_presave().
book_node_view_link in modules/book/book.module
Inject links into $node as needed.
CommentInterfaceTest::assertCommentLinks in modules/comment/comment.test
Asserts that comment links appear according to the passed environment setup.
comment_access in modules/comment/comment.module
Determines whether the current user has access to a particular comment.
comment_block_view in modules/comment/comment.module
Implements hook_block_view().
comment_file_download_access in modules/comment/comment.module
Implements hook_file_download_access().
comment_form in modules/comment/comment.module
Generate the basic commenting form, for appending to a node or display on a separate page.
comment_form_node_form_alter in modules/comment/comment.module
Implements hook_form_BASE_FORM_ID_alter().
comment_form_node_type_form_alter in modules/comment/comment.module
Implements hook_form_FORM_ID_alter().
comment_form_submit in modules/comment/comment.module
Process comment form submissions; prepare the comment, store it, and set a redirection target.
comment_get_display_ordinal in modules/comment/comment.module
Get the display ordinal for a comment, starting from 0.
comment_get_thread in modules/comment/comment.module
Retrieve comments for a thread.
comment_links in modules/comment/comment.module
Helper function, build links for an individual comment.
comment_node_page_additions in modules/comment/comment.module
Build the comment-related elements for node detail pages.
comment_node_search_result in modules/comment/comment.module
Implements hook_node_search_result().
comment_node_view in modules/comment/comment.module
Implements hook_node_view().
comment_reply in modules/comment/
This function is responsible for generating a comment reply form. There are several cases that have to be handled, including:
comment_save in modules/comment/comment.module
Accepts a submission of new or changed comment content.
contact_personal_form in modules/contact/
Form builder; the personal contact form.
contact_personal_form_submit in modules/contact/
Form submission handler for contact_personal_form().
contact_site_form in modules/contact/
Form builder; the site-wide contact form.
contextual_preprocess in modules/contextual/contextual.module
Template variable preprocessor for contextual links.
dashboard_admin in modules/dashboard/dashboard.module
Dashboard page callback.
field_test_entity_form in modules/field/tests/
Test_entity form.
FilterFormatAccessTestCase::testFormatPermissions in modules/filter/filter.test
filter_access in modules/filter/filter.module
Checks if a user has access to a particular text format.
filter_permission in modules/filter/filter.module
Implements hook_permission().
filter_process_format in modules/filter/filter.module
Expands an element into a base element with text format selector attached.
forum_block_view in modules/forum/forum.module
Implements hook_block_view().
hook_block_view in modules/block/block.api.php
Return a rendered or renderable view of a block.
hook_field_access in modules/field/field.api.php
Determine whether the user has access to a given field.
hook_file_download in modules/system/system.api.php
Control access to private file downloads and specify HTTP headers.
hook_node_access in modules/node/node.api.php
Control access to a node.
hook_node_grants in modules/node/node.api.php
Inform the node access system what permissions the user has.
hook_preprocess in modules/system/theme.api.php
Preprocess theme variables.
hook_query_TAG_alter in modules/system/system.api.php
Perform alterations to a structured query for a given tag.
hook_search_access in modules/search/search.api.php
Define access to a custom search routine.
hook_user_cancel_methods_alter in modules/user/user.api.php
Modify account cancellation methods.
hook_user_view in modules/user/user.api.php
The user's account information is being displayed.
locale_language_selector_form in modules/locale/locale.module
Form builder callback to display language selection widget.
menu_form_node_form_alter in modules/menu/menu.module
Implements hook_form_BASE_FORM_ID_alter().
node_access in modules/node/node.module
Determine whether the current user may perform the given operation on the specified node.
node_access_example_node_grants in examples/node_access_example/node_access_example.module
Implements hook_node_grants().
node_access_test_node_grants in modules/node/tests/node_access_test.module
Implements hook_node_grants().
node_admin_nodes in modules/node/
Form builder: Builds the node administration overview.
node_block_view in modules/node/node.module
Implements hook_block_view().
node_form in modules/node/
Generate the node add/edit form array.
node_form_search_form_alter in modules/node/node.module
Implements hook_form_FORM_ID_alter().
node_get_recent in modules/node/node.module
Finds the most recently changed nodes that are available to the current user.
node_help in modules/node/node.module
Implements hook_help().
node_node_access in modules/node/node.module
Implements hook_node_access().
node_revision_overview in modules/node/
Generate an overview table of older revisions of a node.
node_search_access in modules/node/node.module
Implements hook_search_access().
overlay_disable_message in modules/overlay/overlay.module
Returns a renderable array representing a message for disabling the overlay.
overlay_form_user_profile_form_alter in modules/overlay/overlay.module
Implements hook_form_FORM_ID_alter().
overlay_init in modules/overlay/overlay.module
Implements hook_init().
path_admin_delete_confirm in modules/path/
Menu callback; confirms deleting an URL alias
path_form_node_form_alter in modules/path/path.module
Implements hook_form_BASE_FORM_ID_alter().
path_form_taxonomy_form_term_alter in modules/path/path.module
Implements hook_form_FORM_ID_alter().
poll_block_view in modules/poll/poll.module
Implements hook_block_view().
poll_form in modules/poll/poll.module
Implements hook_form().
poll_insert in modules/poll/poll.module
Implements hook_insert().
poll_load in modules/poll/poll.module
Implements hook_load().
profile_block_view in modules/profile/profile.module
Implements hook_block_view().
profile_browse in modules/profile/
Menu callback; display a list of user information.
profile_category_access in modules/profile/profile.module
Menu item access callback - check if a user has access to a profile category.
profile_user_form_validate in modules/profile/profile.module
Form validation handler for the user register/profile form.
profile_user_view in modules/profile/profile.module
Implements hook_user_view().
profile_view_field in modules/profile/profile.module
rdf_preprocess_node in modules/rdf/rdf.module
Implements MODULE_preprocess_HOOK().
search_block_view in modules/search/search.module
Implements hook_block_view().
search_is_active in modules/search/search.module
Determines access for the ?q=search path.
shortcut_help in modules/shortcut/shortcut.module
Implements hook_help().
shortcut_set_delete_access in modules/shortcut/shortcut.module
Access callback for deleting a shortcut set.
shortcut_set_edit_access in modules/shortcut/shortcut.module
Access callback for editing a shortcut set.
shortcut_set_switch in modules/shortcut/
Form callback: builds the form for switching shortcut sets.
shortcut_set_switch_access in modules/shortcut/shortcut.module
Access callback for switching the shortcut set assigned to a user account.
simpletest_example_node_access in examples/simpletest_example/simpletest_example.module
Implements hook_node_access().
statistics_block_view in modules/statistics/statistics.module
Implements hook_block_view().
statistics_node_view in modules/statistics/statistics.module
Implements hook_node_view().
statistics_top_visitors in modules/statistics/
Menu callback; presents the "top visitors" page.
system_admin_config_page in modules/system/
Menu callback; Provide the administration overview page.
system_custom_theme in modules/system/system.module
Implements hook_custom_theme().
system_modules in modules/system/
Menu callback; provides module enable/disable interface.
taxonomy_form_term in modules/taxonomy/
Form function for the term edit form.
taxonomy_term_edit_access in modules/taxonomy/taxonomy.module
Return edit access for a given term.
template_preprocess_aggregator_feed_source in modules/aggregator/
Process variables for aggregator-feed-source.tpl.php.
template_preprocess_poll_results in modules/poll/poll.module
Preprocess the poll_results theme hook.
template_preprocess_username in includes/
Preprocesses variables for theme_username().
template_preprocess_user_picture in modules/user/user.module
Process variables for user-picture.tpl.php.
theme_book_admin_table in modules/book/
Returns HTML for a book administration form.
theme_node_recent_block in modules/node/node.module
Returns HTML for a list of recent content.
theme_poll_choices in modules/poll/poll.module
Returns HTML for an admin poll form for choices.
toolbar_page_build in modules/toolbar/toolbar.module
Implements hook_page_build().
toolbar_preprocess_html in modules/toolbar/toolbar.module
Implements hook_preprocess_html().
translation_form_node_form_alter in modules/translation/translation.module
Implements hook_form_BASE_FORM_ID_alter().
translation_node_prepare in modules/translation/translation.module
Implements hook_node_prepare().
update_access_allowed in ./update.php
Determines if the current user is allowed to run update.php.
update_init in modules/update/update.module
Implements hook_init().
update_manager_access in modules/update/update.module
Determine if the current user can access the updater menu items.
UserPermissionsTestCase::testAdministratorRole in modules/user/user.test
Test assigning of permissions for the administrator role.
UserPermissionsTestCase::testUserPermissionChanges in modules/user/user.test
Change user permissions and check user_access().
UserPermissionsTestCase::testUserRoleChangePermissions in modules/user/user.test
Verify proper permission changes by user_role_change_permissions().
user_account_form in modules/user/user.module
Helper function to add default user account fields to user registration and edit form.
user_block_view in modules/user/user.module
Implements hook_block_view().
user_build_filter_query in modules/user/user.module
Extends a query object for user administration filters based on session.
user_cancel_access in modules/user/user.module
Menu access callback; limit access to account cancellation pages.
user_cancel_confirm_form in modules/user/
Form builder; confirm form for cancelling user account.
user_cancel_confirm_form_submit in modules/user/
Submit handler for the account cancellation confirm form.
user_cancel_methods in modules/user/
Helper function to return available account cancellation methods.
user_edit_access in modules/user/user.module
Access callback for user account editing.
user_menu_site_status_alter in modules/user/user.module
Implements hook_menu_site_status_alter().
user_profile_form in modules/user/
Form builder; edit a user account or one of their profile categories.
user_register_form in modules/user/user.module
Form builder; the user registration form.
user_register_submit in modules/user/user.module
Submit handler for the user registration form.
user_role_edit_access in modules/user/user.module
Menu access callback for user role editing.
user_search_access in modules/user/user.module
Implements hook_search_access().
user_search_execute in modules/user/user.module
Implements hook_search_execute().
user_user_operations in modules/user/user.module
Implements hook_user_operations().
user_view_access in modules/user/user.module
User view access callback.
_aggregator_has_categories in modules/aggregator/aggregator.module
Find out whether there are any aggregator categories.
_aggregator_page_list in modules/aggregator/
Prints an aggregator page listing a number of feed items.
_block_themes_access in modules/block/block.module
Menu item access callback - only admin or enabled themes can be accessed.
_book_add_form_elements in modules/book/book.module
Build the common elements of the book form for the node and outline forms.
_book_outline_access in modules/book/book.module
Menu item access callback - determine if the outline tab is accessible.
_contact_personal_tab_access in modules/contact/contact.module
Menu access callback for a user's personal contact form.
_field_ui_view_mode_menu_access in modules/field_ui/field_ui.module
Menu access callback for the 'view mode display settings' pages.
_filter_disable_format_access in modules/filter/filter.module
Access callback for deleting text formats.
_menu_check_access in includes/
Check access to a menu item using the access callback
_menu_site_is_offline in includes/
Checks whether the site is in maintenance mode.
_node_add_access in modules/node/node.module
_node_query_node_access_alter in modules/node/node.module
Helper for node access functions.
_node_revision_access in modules/node/node.module
_poll_choice_form in modules/poll/poll.module
_poll_menu_access in modules/poll/poll.module
Callback function to see if a node is acceptable for poll menu items.
_profile_get_fields in modules/profile/profile.module
_search_menu_access in modules/search/search.module
Access callback for search tabs.
_system_themes_access in modules/system/system.module
Menu item access callback - only admin or enabled themes can be accessed.
_template_preprocess_default_variables in includes/
Returns hook-independent variables to template_preprocess().
_token_example_get_comment in examples/token_example/token_example.module
Builds a list of available comments.
_token_example_get_node in examples/token_example/token_example.module
Builds a list of available content.
_token_example_get_user in examples/token_example/token_example.module
Builds a list of available user accounts.
_tracker_myrecent_access in modules/tracker/tracker.module
Access callback for tracker/%user_uid_optional.
_tracker_user_access in modules/tracker/tracker.module
Access callback for user/%user/track.
_translation_tab_access in modules/translation/translation.module
Menu access callback.


modules/user/user.module, line 782

function user_access($string, $account = NULL) {
  global $user;

  if (!isset($account)) {
    $account = $user;

  // User #1 has all privileges:
  if ($account->uid == 1) {
    return TRUE;

  // To reduce the number of SQL queries, we cache the user's permissions
  // in a static variable.
  // Use the advanced drupal_static() pattern, since this is called very often.
  static $drupal_static_fast;
  if (!isset($drupal_static_fast)) {
    $drupal_static_fast['perm'] = &drupal_static(__FUNCTION__);
  $perm = &$drupal_static_fast['perm'];
  if (!isset($perm[$account->uid])) {
    $role_permissions = user_role_permissions($account->roles);

    $perms = array();
    foreach ($role_permissions as $one_role) {
      $perms += $one_role;
    $perm[$account->uid] = $perms;

  return isset($perm[$account->uid][$string]);