Checking if a Drupal User has a Role

	Recent blog posts
	Merry Christmas Keeping Up with the Latest Drupal Modules Daylight by Brave Saint Saturn Using Drupal Covering Ubercart Ubercart Sessions at Drupalcon DC Practicing righteousness to be seen by men... NASA's first foray into stillsuits... Jesus and Professions of Faith I love it... Selling Customizable Products with Ubercart more

	Topics
	Bible Books Christianity Drupal Drupalcon drupalconszeged2008 Family Food Marriage Ministry Music Programming Space Ubercamp Ubercart more tags

	Fast Invoicing
	I use FreshBooks for project time tracking and client invoicing. Also see my Drupal integration.

Checking if a Drupal User has a Role

Submitted by Ryan on Thu, 10/25/2007 - 08:53.

I'm a little curious why a simple function to check if a user has a role doesn't exist in Drupal yet. Such curiosity that makes me wonder if I've just managed to miss it as long as I've been working with Drupal, so someone feel free to enlighten me. If anyone is looking for the same, please read on...

A fairly common task for me when adding PHP to CCK fields, Views arguments, content templates, etc. is to check whether the current user has been assigned a certain role. Generally in module development you're dealing with permissions and use user_access(), but when you're just customizing a site you often need such role based logic. (Drupal core has some, like the access settings for blocks.)

Use the following simple snippet to check if a user (in this example, it's the logged in user since I'm getting the global $user) has been assigned a certain role on your site:

<?php
  global $user;

  // Check to see if $user has the administrator role.
  if (in_array('administrator', array_values($user->roles))) {
    // Do something.
  }
?>

Replace 'administrator' with whatever role it is you're trying to check against. Alternatively, if you keep a helper module for use on your projects, go ahead and drop this function in it:

<?php
/**
 * Check to see if a user has been assigned a certain role.
 *
 * @param $role
 *   The name of the role you're trying to find.
 * @param $user
 *   The user object for the user you're checking; defaults to the current user.
 * @return
 *   TRUE if the user object has the role, FALSE if it does not.
 */
function user_has_role($role, $user = NULL) {
  if ($user == NULL) {
    global $user;
  }

  if (is_array($user->roles) && in_array($role, array_values($user->roles))) {
    return TRUE;
  }

  return FALSE;
}
?>

Please let me know if I put a typo up here or you know of an existing or easier way to do this!

#1Submitted by Guest (not verified) on Thu, 10/25/2007 - 15:06.

It might be better to add a

It might be better to add a user access permission and then use that instead of just checking if they're part of that role:

<?php
function mymodule_perm() {
  return array('access something special');
}

function dosomethingspecial() {
  // For current user
  if (user_access('access something special')) {
    // Doing something special!
  }

  // For a specific user
  if (user_access('access something special', $theuser)) {
    // Doing something special!
  }
}
?>

The benefit to using this instead is that it isn't targeted to one role. You can have the access permission across a number of different roles. Drupal also already provides a GUI for managing this in admin/user/access.

#2Submitted by Ryan on Thu, 10/25/2007 - 22:21.

Well, I understand when

Well, I understand when developing a module to use hook_perm() and user_access() to check for permissions level access... but on the fly, when building out a CCK type for example, if I want the available values to differ depending on a user's role, I would use this snippet. I suppose I could use a helper module to define all the special access permissions for a site just as well as I could go through the GUI to create more roles.

Perhaps an answer would be to be a module that lets you create arbitrary permissions and assign those to roles on your site then use user_access() in the CCK/Views custom PHP fields... but then I may as well be checking a user role.

#3Submitted by greggles (not verified) on Fri, 10/26/2007 - 07:26.

In the long run that becomes

In the long run that becomes quite rigid. Someone changes the role names and you are in trouble - or someone wants to change which roles mean the ability to edit that field and you have to edit code to fix that.

Instead, I tend to use a site specific module (on www.example.com the module would be example.module) where I define a lot of _perms for situations like this and then I use those perms throughout my code.

#4Submitted by Ryan on Fri, 10/26/2007 - 08:39.

The more I think about it,

The more I think about it, that seems like the right thing to do here. So maybe this post turned out to be more about asking a different question than providing an answer. Thanks for the input, Greg. Smiling

#5Submitted by moshe weitzman (not verified) on Thu, 10/25/2007 - 16:04.

thats how i would do

thats how i would do it.

however, you are usually asking the wrong question if this function is your answer. permissions are far more often checked than inclusion in a role. this function is so specialized that i don't think it needs to be in core.

#6Submitted by Ryan on Thu, 10/25/2007 - 22:22.

Agreed... I realized that

Agreed... I realized that this isn't something I'd use when creating a module but more when just adding a bit of custom functionality to a node/block's contents or a CCK field/Views argument custom PHP values. Not quite widespread usage.

#7Submitted by Nicholas Thompson (not verified) on Thu, 10/25/2007 - 16:43.

There

There is...
http://api.drupal.org/api/function/user_access/5

<?php
$u = user_load(array('uid' => 12'));
if (user_access('Administer Nodes', $u)) {
  return t('User 12 does have access to this');
}
else {
  return t('User 12 does not have access to this');
}



if (user_access('Administer Nodes')) {
  return t('Current User does have access to this');
}
else {
  return t('Current User does not have access to this');
}
?>

#8Submitted by Ken Rickard (not verified) on Fri, 10/26/2007 - 12:42.

It wouldn't be terribly hard

It wouldn't be terribly hard to add this to user_roles().

http://api.drupal.org/api/function/user_roles/5

Given the description of the function -- "Retrieve an array of roles matching specified conditions." -- specifying the $user seems a perfectly valid condition, much like user_load() allowing an array of arguments.

I can see some use cases for it -- mostly in theming -- so I'd file a patch for D7.

#9Submitted by Guest (not verified) on Sun, 10/28/2007 - 18:19.

Hi, it is very useful to

Hi,

it is very useful to point me using the $user-roles array, but it looks like since Drupal 5 the roles array no longer contain the `administrator`? It only contains those roles name we created from admin

#10Submitted by Ryan on Sun, 10/28/2007 - 20:20.

You're right... my apologies

You're right... my apologies for not pointing it out. The administrator role in the example is just a custom user role I generally use on the sites I create... you can replace that with whatever role you're checking for.

#11Submitted by Alan D. (not verified) on Mon, 02/11/2008 - 19:26.

Hi Just a small side note.

Just a small side note. The super administrator has an ID of 1, so a check like this should also be carried out.

    // User #1 has all privileges:
    if ($user->uid == 1) return TRUE;

Otherwise, it may be possible for the primary administrator to be blocked.

Regards

Recent blog posts

Topics

Fast Invoicing