user_access
function user_access
user_access($string, $account = NULL)
Determine whether the user has a given privilege.
Parameters
$string: The permission, such as "administer nodes", being checked for.
$account: (optional) The account to check, if not given use currently logged in user.
Return value
Boolean TRUE if the user has the requested permission.
All permission checks in Drupal should go through this function. This way, we guarantee consistent behavior, and ensure that the superuser can perform all actions.
File
- modules/user/user.module, line 800
- Enables the user registration and login system.
Code
function user_access($string, $account = NULL) {
global $user;
if (!isset($account)) {
$account = $user;
}
// User #1 has all privileges:
if ($account->uid == 1) {
return TRUE;
}
// To reduce the number of SQL queries, we cache the user's permissions
// in a static variable.
// Use the advanced drupal_static() pattern, since this is called very often.
static $drupal_static_fast;
if (!isset($drupal_static_fast)) {
$drupal_static_fast['perm'] = &drupal_static(__FUNCTION__);
}
$perm = &$drupal_static_fast['perm'];
if (!isset($perm[$account->uid])) {
$role_permissions = user_role_permissions($account->roles);
$perms = array();
foreach ($role_permissions as $one_role) {
$perms += $one_role;
}
$perm[$account->uid] = $perms;
}
return isset($perm[$account->uid][$string]);
}
© 2001–2016 by the original authors
Licensed under the GNU General Public License, version 2 and later.
Drupal is a registered trademark of Dries Buytaert.
https://api.drupal.org/api/drupal/modules!user!user.module/function/user_access/7.x
