View User Email
A Drupal module I created to solve a common admin headache.
This started as a solution to a problem I kept running into on Drupal sites. Admins needed selective access to user emails. What began as a simple fix has grown into a module used by hundreds of sites. It has been great to see it evolve through Drupal 8, 9, and 10.
The problem
Drupal 8 through 9.1 had no built-in way to selectively let non-admin roles see user email addresses. Sites needed moderators or support staff to view emails without granting full admin elevation. The only options were custom code or oversharing.
The approach
A small Drupal module that adds one permission and hooks hook_entity_field_access() to filter email-field visibility at access-check time. No config UI, no schema, no surprise behavior. The permission can be assigned per role through Drupal's native RBAC.
Notable decisions
- Permissions-first. Leverages Drupal's existing role-based access, so admins do not have to learn another configuration surface.
- Field-level access hook. Filters at the entity and field layer, so the rule applies uniformly across REST, GraphQL, the admin UI, and user pages.
- Zero ceremony. One permission, one hook, no settings form. The module is small enough to audit in minutes.
Status
Functionality merged into Drupal core as of 9.2, which is the best outcome a contrib module can hope for. Still maintained for sites on Drupal 8 and 9.0 to 9.1. Hundreds of sites adopted it before core caught up. Published on Drupal.org.
Want similar work for your team?
AI-native senior engineering for AI, cloud, and web. Open to consulting engagements and full-time roles.