Skip to main content

Using ACL in Magento2

 Using ACL in Magento2




In the last blog, we’ve discussed how to create an acl and assign a custom role to a user in order to give access or restrict that user. As Magento allows separate access to different users. 

In this part we’ll discuss how we can use acl in Menu, Configurations and Controller. 


First we’ll create acl.xml as we have discussed in our last blog:- https://magento2withsakshi.blogspot.com/2020/05/using-acl-magento2.htm


Create ACL Rule

etc/acl.xml :- 

<?xml version="1.0"?>

<config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:framework:Acl/etc/acl.xsd">

  <acl>

    <resources>

       <resource id="Magento_Backend::admin">

          <resource id="Custom_Module::menu" title="CustomMenu" sortOrder="10" >

          <resource id="Custom_Module::create" title="Create" sortOrder="10" >

         </resource>

         </resource>

       </resource>

    </resources>

  </acl>

</config>



Now we’ll see how we can restrict our custom menu using ACL rules. 


ACL for Menu 


Create a custom menu


In menu.xml the resource attribute determines which access this resource of the menu has. We can manage permissions of the resource from role resources in the admin section. 


Create menu.xml inside etc/adminhtml folder of your module. 


<?xml version="1.0"?>

<config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:module:Magento_Backend:etc/menu.xsd">

   <menu>

    <add id="Custom_Module::menu" title="Custom Menu" module="Custom_Module" sortOrder="10" resource="Custom_Module::menu"/>

    <add id="Custom_Module::create" title="Create" module="Custom_Module" sortOrder="10" parent="Custom_Module::menu" action="custom/post/create" resource="Custom_Module::create"/>

  </menu>

</config>


Here,

Id is a unique identifier for every menu.

title of the menu which will be displayed in the admin section.

module is a Vendor_Module name of the current module we’re working on. 

sortorder decides the position of the menu.

parent is used to define that this menu is nested, add id of the parent menu. 

resource defines the resource of the menu as we’ve mentioned in acl.xml as the ACL rule.


Flush cache and check your menu in the admin section. 


For now this user is able to access this custom menu, we’ve already added the resource of the menu in the acl resource tree. 


ACL for Controller


We can also restrict controllers of our module by overriding _isAllowed() method. 

This method belongs to \Magento\Framework\App\Action\Action Class which we extend while creating the admin controller.


Override _isAllowed method in your controller, 


protected function _isAllowed()

{

return $this->_authorization->isAllowed(Custom_Module::create');

}


 Here Custom_Module::create is a resource which we have to mention in our acl.xml. 


By default if we don’t override isAllowed() method then it returns true. Magento saves role resources in the admin_role table with permissions deny/allow. If we are not saving any new rule it returns true so we have to save a new rule after creating the one. 


ACL for System Configuration


We can add ACL rules in the configuration section to hide any configuration from other users. 


Add resource tag in section tag to add acl rule in your configurations. 


<resource>Custom_Module::configuration</resource>


Just in case you’ve missed reading other blogs:- https://magento2withsakshi.blogspot.com/
Labels:

Comments

Post a Comment

Popular posts from this blog

Magento2 CLI

Magento2 CLI  Back after a long break! Starting again with this blog because I found it the most important to understand if we are doing the magento development as magento commands play the most important role here. It really helps us a lot if we know that lĺwhich command we need to run on this action or after any changes.  Let’s start with the basic commands that we use a lot of times during our development.  cache:clean or cache:flush php bin/magento cache:clean Or  php bin/magento  cache:flush Both of these commands are used to clean the cache of Magento2 so that your new changes can be reflected to your store.  Using cache:clean it deletes all the enabled cache of magento2. Disabled caches are not affected with cache:clean but if you are doing cache:flush then it purges all the cache storage of magento wherever its enabled or disabled or it even deletes all the third party cache along with the magento cache.  If you are doing any changes in admin configuration, layout xml file, u
Post a Comment
Read more

How EAV Model Works in Magento2?

                         How EAV Model Works in Magento2?  EAV Model stands for Entity-Attribute-Value is a very important concept of magento2 to understand how the attributes of entities are stored and works in magento2.  EAV Model is described as :-  Entity - Entity refers to the data items such as customers,orders,catalog,category etc.  Attribute - Attributes of the entities like price is an attribute of the product(entity) is referred here is an attribute. Value - A value of the attribute as $20 is a value for price attribute is referred here is a value.  Use of EAV Model EAV(Entity-Attribute-Value) is used to create new attributes of entities such as products, categories etc. With the use of eav models we don’t need to change the structure of the core tables of attributes thus it increases the scalability of the system.  Let’s have a look at how eav works in Magento2 -  Eav model used many several tables to store the data of the entity attributes. The top most table for the e
Post a Comment
Read more

Plugins in Magento2

Plugins in Magento2 Unlike Magento1, Magento2 introduces a whole new concept of Plugins or Interceptor. A plugin or interceptor is used to change the behaviour of the method of any class without affecting the actual class. This is a very powerful way to customize the core classes of Magento2.  Plugins are one of the customization methods in Magento2. In plugins, there is a design pattern called “Interception” which means “Inserting code dynamically without changing original class behaviour” and this is what plugins exactly do in Magento2. Plugins modify the behaviour of a plugin class function by intercepting a function call and adding code before, after and around that function’s call.  Plugins are used with public methods only.  Declaring Plugins To declare plugins in Magento2, we have to create di.xml according to the specific area.  Create di.xml inside Vendor/Module/etc for global.   < config >     < type name = "{ObservedType}" >       < plugin name
Post a Comment
Read more