1 user.module user_access($permission_name, $account = NULL)

Determine whether the user has a given privilege.


$string: The permission, such as "administer nodes", being checked for.

$account: (optional) The account to check, if not given use currently logged in user.

Return value

Boolean TRUE if the user has the requested permission.:

All permission checks in Backdrop should go through this function. This way, we guarantee consistent behavior, and ensure that the superuser can perform all actions.


core/modules/user/user.module, line 517
Enables the user registration and login system.


function user_access($permission_name, $account = NULL) {
  global $user;

  if (!isset($account)) {
    $account = $user;

  // User #1 has all privileges:
  if ($account->uid == 1) {
    return TRUE;

  // To reduce the number of SQL queries, we cache the user's permissions
  // in a static variable.
  // Use the advanced backdrop_static() pattern, since this is called very often.
  static $backdrop_static_fast;
  if (!isset($backdrop_static_fast)) {
    $backdrop_static_fast['perm'] = &backdrop_static(__FUNCTION__);
  $perm = &$backdrop_static_fast['perm'];
  if (!isset($perm[$account->uid])) {
    $perm[$account->uid] = user_role_permissions($account->roles);

  return in_array($permission_name, $perm[$account->uid]);