How to Built Admin ACL in Magento 2

Admin Access Control List(ACL )  Rules magento 2 allows users to authorize access to the admin in Magento system. In this blog, we will explain you how to create and employ the acl to authorize administrator menu and the controller in Magento 2.

Step 1: Build acl.xml file

Step 2: Build a latest role with custom resources

Step 3: Use Acl for the menu

Step 4: Use Acl for action

  1. Build acl.xml file

Magento 2 uses XML files to explain ACL role. We can create ACL role from our module. In this topic, we will work with CustomMenu module.

File directory: app/code/Webnexs/CustomSetting/etc/acl.xml

<?xml version="1.0"?>

<config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:framework:Acl/etc/acl.xsd">

    <acl>

        <resources>

            <resource id="Magento_Backend::admin">

                <resource id="Webnexs_CustomMenu::menu" title="Custom Menu" sortOrder="10" >

                    <resource id="Webnexs_CustomMenu::create" title="Manage Items" sortOrder="0" />

                    <resource id="Webnexs_CustomMenu::menu_configuration" title="Settings" sortOrder="100" />

                </resource>

            </resource>

        </resources>

    </acl>

</config>

In the above mentioned example, we have created 3 ACL resources for the “custom menu” parent and “manage item” and “settings” are children. There are 3 attributes for every resource:

ID: illustrate Acl resource (unique)

Title: The name of the source is given in the source tree.

SortOrder: Resource’s place in resource tree

Conclusion: Notice Step 2

  1. Construct a latest role with custom resources
  • Go to System > Permissions > User Roles then tap to “Add New Role”. Input role information then select Resource tab.
  • A resource tree will show:

 create admin ACL in magento 2

File: app/code/Webnexs/CustomSetting/etc/adminhtml/menu.xml

<?xml version="1.0"?>

<config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:module:Magento_Backend:etc/menu.xsd">

    <menu>

     <add id="Webnexs_CustomMenu::menu" title="Custom Menu" module="Webnexs_CustomMenu" sortOrder="10" resource="Webnexs_CustomMenu::create"/>

     <add id="Webnexs_CustomMenu::menu_item" title="Manage Items" module="Webnexs_CustomMenu" sortOrder="10" parent="Webnexs_CustomMenu::menu" action="custommenu/create/index" resource="Webnexs_CustomMenu::menu_item"/>

     <add id="Webnexs_CustomMenu::menu_configuration" title="Setting" module="Webnexs_CustomMenu" sortOrder="20" parent="Webnexs_CustomMenu::menu" action="adminhtml/system_config/edit/section/menu" resource="Webnexs_CustomMenu::menu_configuration"/>

    </menu>

</config>

4. Use Acl for action

    • Magento 2 uses an interface to check user permission Magento\Framework\AuthorizationInterface
    • All admin controller file extends \Magento\Framework\App\Action\Action demonstrate we want only rewrite _isAllow() protected function
    • File: app/code/Webnexs/CustomSetting/Controller/Adminhtml/Create/Index.php
Protected function _isAllowed()

{

 return $this->_authorization->isAllowed(Webnexs_CustomMenu::menu');

}

If the user does not have permission, this action page will illustrate like that:

 create admin ACL in magento 2

These steps are the easiest process for you to build Admin ACL in Magento 2. By following this guide, you can hold the Admin ACL in Magento 2 simply. Every store has an Admin ACL in Magento 2 in Magento 2 with different features.

Last Update: September 30, 2019  

March 9, 2018   2217   Nandini Ramachandran    Operations    
Total 0 Votes:
0

Tell us how can we improve this post?

+ = Verify Human or Spambot ?

Leave a Reply

Your email address will not be published. Required fields are marked *

Facebook
Twitter
INSTAGRAM
LinkedIn