Drupal Roles and Permissions Tutorial

How to manage user roles and permissions in Drupal

In Drupal you can specify the things that users are allowed to do on your site by assigning them to particular roles. You can create user roles and set the permissions for those roles. By default, Drupal (version 7) comes preconfigured with three user roles: anonymous user, authenticated user, administrator. Anonymous users are all the visitors to your site. By default, these visitors can create an account on your Drupal site, and thus when they log in they become authenticated users (registered users). The administrator role has all the privileges and permissions to do anything. That's the role that you're assigned to when you install your Drupal. The account is created during the installation process. These three roles are preconfigured with appropriate permissions but you can edit them to give additional permissions to a role or to deny some actions to a role. You can also create new roles with permissions of your choice.

To edit the permissions of an existing role or to add a new role, after you log in to the administration panel of your Drupal application click on the People tab in the top navigation bar. A new panel will open; click on its Permissions tab:

Admin Panel-People Tab

On the page that opens you'll see a table with the three default roles and all the permissions. To enable a particular permission for a role mark the checkbox corresponding to the permission and the role. To disable it, unmark the checkbox. Keep in mind that by default when you enable a permission for the authenticated user role, all roles which are hierarchically higher are also automatically allowed to perform the particular action; this, however, is not the case with the anonymous user role. Each additional role that you create is considered hierarchically above (or equal to) the role authenticated user. If you edit the permissions, don't forget to click on the Save permissions button at the bottom of the page. To create a role click on the Roles button that's in the upper right corner of the Permissions page:

Admin Panel-Permissions Page

On the page that opens type the name of the role in the text field at the bottom and click on the Add role button that's next to the field. In our example, we're about to create role called moderator:

Admin Panel-Creating a Role

The role will be listed at the bottom of the table with the currently existing roles. You can move the role and change the order. To do this, hover the mouse pointer over the four-arrow button that's in front of the role's name. The mouse pointer will turn into a four-arrow pointer itself. Then press and hold the left mouse button, and drag and drop the role in the desired position. In our example we want the moderator role to have more permissions than the regular user but less than the administrator, so we put it between the roles authenticated user and administrator. To save the change click on the Save order button that's below the table:

Admin Panel-Ordering Roles

The new role will automatically be assigned all the permissions of the authenticated user role. Changing its order within the table won't make any difference on this, but it's done for the sake of convenience. In our example, we want the moderator role to have more permissions than the authenticated user role, but fewer than the administrator role. After the role is created you can edit its permissions. You can do this by clicking on the Permissions button in the upper right corner of the Permissions page. This will take you back to the page with all the permissions for each role. Alternatively, you can click on the edit permissions link for the particular role. This will bring you to a page where you can configure the permissions just for that role.

Admin Panel-Permissions Links

Now you can use the newly created role and assign users to it. By default, when new users register they are assigned to the authenticated user role. To assign a user(s) to a role, click on the People tab in the top navigation bar of your Drupal's admin panel. On the page that opens all the users are listed in a table at the bottom. Mark the checkbox in front of the name of the particular user (you can select many users). From the update drop-down menu that's just above the table select the particular role, and click on the Update button:

Admin Panel-Assigning Roles