role_audit
Role Audit provides a visual comparison of permissions and route access between different Drupal roles. Easily identify overlapping or unique access rights using a logic-driven interface similar to a Venn diagram.
Features
Managing complex access control in Drupal can be opaque. Role Audit simplifies site governance by allowing to compare two or more roles side-by-side to understand exactly where access levels diverge.
- Permission Comparison: Quickly see which permissions are unique to Role A, unique to Role B, or shared by both.
- Routing Audit: Analyze static routing definitions to see which roles have access to specific system paths.
- Security Gap Analysis: Identify risks where a "lower" role might accidentally have more power than a "higher" role.
- Conflict Resolution: Perfect for debugging why a specific user can or cannot perform an action based on their assigned roles.
Post-Installation
Once installed, navigate to People > Role Audit (/admin/people/role-audit), where you will find two primary tools:
- Permissions Audit: Select your roles to generate a filtered table highlighting the differences and commonalities in their permission sets.
- Route Audit: Compare how different roles access system routes based on static definitions.
Disclaimer: The Route Audit examines static routing definitions (e.g.,
_permissionand_role). It does not account for dynamic access checks or custom AccessCheck services. For a 100% accurate vision of access, always test specific routes with specific parameters for each user role.
Additional Requirements
- This module relies solely on Drupal Core (User and Routing modules) and has no external dependencies.