开发者

Equality of $is_admin for custom created role users

I have created a site-admin role for 开发者_运维百科my client to edit page contents.

Are users under this site-admin included to $is_admin condition? I tested and as I see it is not unless I miss something. So, what is the equality of $is_admin for my custom created role users?

Appreciate helps!! Thanks a lot


Looks like the following:

if (user_access('access administration pages')) {
 $variables['is_admin'] = TRUE;
}

According to http://api.drupal.org/api/function/template_preprocess/6

But that permission is overreaching, and this really depends on what you are trying to achieve.

Alternatively, you can do something like:

global $user;

if ($user->uid != 0 && in_array('some_role', $user->roles)) {
  $user_is_some_role = TRUE;
}


It is recommended that you do not check if a user has a specific role, but if the user has a specific permission. It's a basic rule in security: it's not about who you are, it's about what you're allowed to do.

The $is_admin variable is a little confusing because the name suggests that it checks for a certain role. However, the code Kevin posted shows that $is_admin is in fact checking for a permission.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜