In Drupal, there are roles and permissions used to define robust access control lists for users. Modules use permissions to check whether the current user has access to perform an action, view specific items, or other operations. Modules then define the permissions used so that Drupal is aware of them. Developers can then construct roles, which are made up of enabled permissions.
In this recipe, we will define a new permission to view custom pages defined in a module. The permission will be added to a custom route and restrict access to the route path to users who have a role containing the permission.
Create a new module like the one in the first recipe. We will refer to the module as
mymodule throughout the recipe. ...