自定义创建的角色用户的 $is_admin 相等
我为我的客户创建了一个site-admin角色来编辑页面内容。
此站点管理员下的用户是否包含在 $is_admin 条件中?我测试过,据我所知,除非我错过了什么,否则不会。那么,对于我自定义创建的角色用户来说,$is_admin 的等式是什么?
感谢帮忙!!多谢
I have created a site-admin role for my client to edit page contents.
Are users under this site-admin included to $is_admin condition? I tested and as I see it is not unless I miss something. So, what is the equality of $is_admin for my custom created role users?
Appreciate helps!! Thanks a lot
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
如下所示:
根据 http://api.drupal.org/api/function /template_preprocess/6
但是这个权限太过分了,这实际上取决于您想要实现的目标。
或者,您可以执行以下操作:
Looks like the following:
According to http://api.drupal.org/api/function/template_preprocess/6
But that permission is overreaching, and this really depends on what you are trying to achieve.
Alternatively, you can do something like:
建议您不要检查用户是否具有特定角色,而是检查用户是否具有特定权限。这是安全的基本规则:这与你是谁无关,而与你被允许做什么有关。
$is_admin 变量有点令人困惑,因为它的名称表明它检查某个角色。然而,Kevin 发布的代码显示 $is_admin 实际上正在检查权限。
It is recommended that you do not check if a user has a specific role, but if the user has a specific permission. It's a basic rule in security: it's not about who you are, it's about what you're allowed to do.
The $is_admin variable is a little confusing because the name suggests that it checks for a certain role. However, the code Kevin posted shows that $is_admin is in fact checking for a permission.