This module provides the ability to have more fine-grained control over what users with the permission 'administer permissions' can configure. You can decide which user roles will see a limited permissions table at admin/user/permissions, and who has unrestricted access to it. The modules allows you to lock certain permissions and / or certain roles. This means that these permissions / roles will not be available for configuration to a user with limited permission configuration rights.

This module could be useful if you want to allow a client to control website permissions for relatively harmless things like posting comments, creating content, administering taxonomy etc..., but you don't want the client to have the opportunity to change permissions for things like Views, content types, themes, ...


  • Remove a configurable set of permissions/roles in the permissions administration table for users in roles that you want to give the 'administer permissions' permission, but don't trust completely with that power.
  • Integrates with User Permissions module
  • Provides a hook_permissions_lock() to define locked permissions / role from within your (custom) module. This makes it easier to deploy / repeat permissions_lock module settings
Supporting organizations: 

Project information