A user is anyone who visits your website, including you, whether or not they have an account on the site. Drupal manages what different users can view and do on your site through an access control system that uses roles and permissions. Permissions are very granular and determine specific access, like "administer users", while roles bundle sets of permissions together to make them easier to assign to different users. Drupal core comes with 3 default roles: anonymous, authenticated, and administrator. You can add to this list and customize the permissions for all of them.
As a module developer, you can programmatically get information about users. You can also add your own custom permissions to the site to allow or restrict access to features or tasks.
- Create a new user
- Allow a user to create content
- Define a role with a limited set of permissions
This is a stable core feature without significant changes since 8.0.
We are still filling out our Drupal 8 library and this page will be updated with new tutorials as they are created.
Spotlight: Drupal Access Control (Drupal 7)
- Explains users, roles, and permissions, and how they work together.
Working with People - Roles and Permissions (Drupal 7)
- Create a new role, add permissions to it, and then assign the role to a user.
Get Information about the Current User (Drupal 8)
- Shows how to use the 'current_user' service to load an object that contains information about the current user.
Define Permissions for a Module (Drupal 8)
- How to create permissions for your custom modules.