Role Audit Module Brings Visual Permission Comparison to Drupal
A new Drupal module, Role Audit, introduces a visual approach to comparing user roles and permissions, addressing the difficulty of interpreting access control in complex Drupal installations. Shared by Jorge Tutor of Metadrop, the module is co-maintained by Ricardo Sanz Ante and was released on 9 March 2026, making it available for Drupal sites requiring clearer visibility into role-based access differences.
The module allows administrators to compare roles side by side, highlighting which permissions are unique to each role and which are shared. This logic-driven interface, similar to a Venn diagram, is designed to make differences in access levels easier to interpret without manually reviewing permission tables.
In addition to permission comparison, Role Audit includes a routing audit feature that analyses static route definitions to determine which roles have access to specific system paths. Together, these tools support governance tasks such as identifying unintended permission overlaps, detecting cases where lower-level roles may have elevated access, and diagnosing why users can or cannot perform specific actions.
The module integrates with Drupal’s core User and Routing systems and does not require additional dependencies. Its routing analysis is limited to static definitions and does not account for dynamic access checks or custom logic, meaning administrators may still need to validate behaviour in real-world scenarios.
Role Audit provides its functionality through the Drupal administration interface at /admin/people/role-audit, offering permission and route comparison tools within a single workspace.


