Drupal is a registered trademark of Dries Buytaert
drupal 11.3.8 Update released for Drupal core (11.3.8)! drupal 11.3.7 Update released for Drupal core (11.3.7)! drupal 11.2.11 Update released for Drupal core (11.2.11)! drupal 10.6.7 Update released for Drupal core (10.6.7)! drupal 10.5.9 Update released for Drupal core (10.5.9)! cms 2.1.1 Update released for Drupal core (2.1.1)! drupal 11.3.6 Update released for Drupal core (11.3.6)! drupal 10.6.6 Update released for Drupal core (10.6.6)! cms 2.1.0 Update released for Drupal core (2.1.0)! linkit 7.0.14 Minor update available for module linkit (7.0.14). masquerade 8.x-2.2 Minor update available for module masquerade (8.x-2.2). video_embed_field 3.1.0 Minor update available for module video_embed_field (3.1.0). bootstrap 8.x-3.40 Minor update available for theme bootstrap (8.x-3.40). menu_link_attributes 8.x-1.7 Minor update available for module menu_link_attributes (8.x-1.7). editoria11y 3.0.0 Major update available for module editoria11y (3.0.0). trash 3.0.27 Minor update available for module trash (3.0.27). twig_tweak 4.0.0-alpha2 New alpha version released for module twig_tweak (4.0.0-alpha2). twig_tweak 4.0.0-alpha1 First alpha version released for module twig_tweak (4.0.0-alpha1). node_revision_delete 2.1.1 Minor update available for module node_revision_delete (2.1.1). commerce_paypal 2.1.2 Minor update available for module commerce_paypal (2.1.2).
← All modules

role_audit

70 sites Security covered
View on drupal.org

Role Audit provides a visual comparison of permissions and route access between different Drupal roles. Easily identify overlapping or unique access rights using a logic-driven interface similar to a Venn diagram.

Features

Managing complex access control in Drupal can be opaque. Role Audit simplifies site governance by allowing to compare two or more roles side-by-side to understand exactly where access levels diverge.

  • Permission Comparison: Quickly see which permissions are unique to Role A, unique to Role B, or shared by both.
  • Routing Audit: Analyze static routing definitions to see which roles have access to specific system paths.
  • Security Gap Analysis: Identify risks where a "lower" role might accidentally have more power than a "higher" role.
  • Conflict Resolution: Perfect for debugging why a specific user can or cannot perform an action based on their assigned roles.

Post-Installation

Once installed, navigate to People > Role Audit (/admin/people/role-audit), where you will find two primary tools:

  1. Permissions Audit: Select your roles to generate a filtered table highlighting the differences and commonalities in their permission sets.
  2. Route Audit: Compare how different roles access system routes based on static definitions.

Disclaimer: The Route Audit examines static routing definitions (e.g., _permission and _role). It does not account for dynamic access checks or custom AccessCheck services. For a 100% accurate vision of access, always test specific routes with specific parameters for each user role.

Additional Requirements

  • This module relies solely on Drupal Core (User and Routing modules) and has no external dependencies.

Activity

Total releases
2
First release
Mar 2026
Latest release
2 weeks ago
Release cadence
31 days
Stability
50% stable

Releases

Version Type Release date
1.0.1 Stable Apr 9, 2026
1.0.x-dev Dev Mar 9, 2026