Virtual Roles

Virtual Roles is a module that allows user roles to be assigned to a user's account dynamically, which can differ depending on the URL being viewed.

Virtual Roles (hereafter referred to as VR) was developed and is supported by the fine folks at AllPlayers.com. Port to Drupal 7 was made possible by the support of Virtuolink.com and Choice Wireless.

VR provides an API so that other modules can provide "contexts" (tests) to decide whether or not a role should be granted to a user. This allows for complex handling of user permissions within any Drupal system. Administration pages are found as tabs on the User Roles administration page (admin/user/roles/virtual_roles).

Use Case Examples

Possible use cases are as follows:

• A role that only gets assigned after a user has posted X number of posts or comments, or has hit a post limit for the hour/day/week, etc.
• A role is assigned if the user is looking at a node for which a special relationship exists with the author.
• A user is granted "administer nodes" if they are the the author of that node.

I do not mean to imply that VR provides the contexts necessary for these use cases, since they all contain a custom element that cannot be anticipated in a general module release. VR does, however, provide the framework (API) necessary to make them work. I am willing to include contexts for core modules into VR, but VR contexts for other contrib modules should be added to those modules.

Look at the included README.txt for more information about VR and how to write your own contexts using the VR API.

Features

In order to work, VR must execute very early in the page loading mechanism (as in hook_boot() early). In order to not kill your site's performance, VR provides a sanity check, designed as a quick bail-out if it can be easily determined that VR does not need to be applied. The default sanity check will only allow processing of registered users.

Because some contexts and tests can be database-intensive to run, VR provides a flexible caching mechanism which not only stores variables for the specified lifetime, but allows the site admin to choose where the variables should be stored: in the session variable, in the database cache table, or no caching at all. In addition, the site admin can also choose how many variables to store to avoid a bloated database table.

VR also has the ability to remove roles from the user edit page, so that roles will not accidentally be permanently assigned on the user edit page. It is recommended that this feature is used.

Other Modules That Play Nicely With VR

A second module is included with VR which integrates with the Masquerade module. It allows for a user to inherit some or all of their original roles while masquerading as someone else.

If you know of any other modules that provide contexts for VR, then please let me know so that I can list them here.