Skip to main content

Using ACL(Access Control List) in Magento2

 Using ACL(Access Control List) in Magento2


ACL is used to add our resource under the resource tree so that we can allow or deny access to the particular users to that resource using ACL rules. 

ACL resource tree is visible under System > Permission > User Roles area in the admin section.



To add our custom resource under this resource tree we have to create acl.xml inside etc/ folder of our module. 

etc/acl.xml :- 


<?xml version="1.0"?>

<config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:framework:Acl/etc/acl.xsd">

  <acl>

    <resources>

       <resource id="Magento_Backend::admin">

          <resource id="Custom_Module::menu" title="Custom Menu" sortOrder="10" >

         </resource>

       </resource>

    </resources>

  </acl>

</config>

 

  1. Here resource id is a unique identifier which will be added to the menu's resource attribute and controller to restrict and allow access according to the ACL roles. And the format for the id attribute is:- vendor_module::resorcename

  2. Title is the name of the resource. 

  3. Sortorder decides the position of the resource in the resource tree. The lower the number the position will be upper. 


Using acl.xml we have added our resource now we can see our resource under user roles after clicking Add New Role inside the roles resources tab. 





 Now we have only one user and by default Magento has only one role as Administrator with all the permissions. In order to restrict the user we have to create a new admin user and a new role. 



  1. Role Name will be the name of the role.

  2. Current user verification :- We need to mention the password of our current user in order to save the rule. 

 

Then under the role resources tab we can select the resource for which i want to give access to my user as here i am giving the access of only custom menu to this role. 


After creating the role i will assign this role to any user so that particular user will have access to the custom menu only. 



This MagentoUser will have access to only custom menu. 


As we can see step by step that we have to add our resource in the resource tree in order to allow or restrict, then we will create a role in which we can decide the resource and then we can assign that role to a particular user with the limited access using ACL. 


In the next blog I will describe how to use ACL to restrict users, menu and controllers. 
Labels:

Comments

Post a Comment

Popular posts from this blog

Magento2 CLI

Magento2 CLI  Back after a long break! Starting again with this blog because I found it the most important to understand if we are doing the magento development as magento commands play the most important role here. It really helps us a lot if we know that lĺwhich command we need to run on this action or after any changes.  Let’s start with the basic commands that we use a lot of times during our development.  cache:clean or cache:flush php bin/magento cache:clean Or  php bin/magento  cache:flush Both of these commands are used to clean the cache of Magento2 so that your new changes can be reflected to your store.  Using cache:clean it deletes all the enabled cache of magento2. Disabled caches are not affected with cache:clean but if you are doing cache:flush then it purges all the cache storage of magento wherever its enabled or disabled or it even deletes all the third party cache along with the magento cache.  If you are doing any changes in admin configuration, layout xml file, u
Post a Comment
Read more

How EAV Model Works in Magento2?

                         How EAV Model Works in Magento2?  EAV Model stands for Entity-Attribute-Value is a very important concept of magento2 to understand how the attributes of entities are stored and works in magento2.  EAV Model is described as :-  Entity - Entity refers to the data items such as customers,orders,catalog,category etc.  Attribute - Attributes of the entities like price is an attribute of the product(entity) is referred here is an attribute. Value - A value of the attribute as $20 is a value for price attribute is referred here is a value.  Use of EAV Model EAV(Entity-Attribute-Value) is used to create new attributes of entities such as products, categories etc. With the use of eav models we don’t need to change the structure of the core tables of attributes thus it increases the scalability of the system.  Let’s have a look at how eav works in Magento2 -  Eav model used many several tables to store the data of the entity attributes. The top most table for the e
Post a Comment
Read more

Plugins in Magento2

Plugins in Magento2 Unlike Magento1, Magento2 introduces a whole new concept of Plugins or Interceptor. A plugin or interceptor is used to change the behaviour of the method of any class without affecting the actual class. This is a very powerful way to customize the core classes of Magento2.  Plugins are one of the customization methods in Magento2. In plugins, there is a design pattern called “Interception” which means “Inserting code dynamically without changing original class behaviour” and this is what plugins exactly do in Magento2. Plugins modify the behaviour of a plugin class function by intercepting a function call and adding code before, after and around that function’s call.  Plugins are used with public methods only.  Declaring Plugins To declare plugins in Magento2, we have to create di.xml according to the specific area.  Create di.xml inside Vendor/Module/etc for global.   < config >     < type name = "{ObservedType}" >       < plugin name
Post a Comment
Read more