Downloads

Downloads

To download support materials, please select your product from the list below. You will automatically be shown all downloads for that product, including extensions, brochures, sales presenters and technotes.

  • 1. Select your section, category and chosen product.
  • 2. Click on the Manual, brochure, sales presenter or technote of your choice.
  • 3. Take careful note of any applicable instructions, especially for extensions.
  • 4. Download the file to your hard drive.
Knowledge Base

Knowledge Base

Access Control Lists in Magento

Date Created: 21 Apr 2016
Last Updated: 9 Dec 2018

As you may concern, Magento uses an Access Control Lists (ACL) to authorize and control user access within the system with the purpose of effectively managing the site. So today I will share how to setup and authorize a backend menu.

1. Declararing location

Go to  <adminhtml> (in config.xml file or in adminhtml.xml file)

2. Declaring Configuration in the system

<acl>
           <resources>
             <all>
               <title>Allow Everything</title>
             </all>
             <admin>
               <children>
                 <system>
                   <children>
                     <config>
                       <children>
                         <name of section>
                           <title>Title of section</title>
                         </name of section>
                       </children>
                     </config>
                   </children>
                 </system>     
               </children>
             </admin>
           </resources>
         </acl>

3. Declaring menu

For example, create a new menu named “Hello” in Catalog Menu

<menu>
      <catalog>
         <title>Catalog</title>
         <sort_order>71>/sort_order>              
         <children>
           <hello>
             <title>Manage Hello Menu</title>
             <sort_order>0</sort_order>
             <action>hello/adminhtml_index</action>
           </hello>
         </children>
       </catalog>
     </menu>

 - Declare acl for this above menu:

<acl>
        <resources>
            <admin>
                <children>
                    <catalog>
                        <children>
                            <hello translate="title">
                                <title>Manage Hello Menu</title>
                                <sort_order>15</sort_order>
                            </hello>
                        </children>
                    </catalog>
                  </children>
            </admin>
        </resources>
    </acl>

4. Declaring Action in Controller

 - Create custom acl for the module which contains Router admin “Hello”, set Manage for Controller and other Actions in Controller are Index , View , Edit , delete :

<acl>
      <resources>
        <admin>
          <children>
            <hello translate="title">
              <sort_order>60</sort_order>
              <children>
                <manage translate="title">
                  <title>Manage</title>
                  <children>
                    <actions translate="title">
                      <title>Actions</title>
                      <children>
                        <index translate="title"><title>Index</title></index>
                        <view translate="title"><title>View</title>lt;/view>
                        <edit translate="title"><title>Edit</title></edit>
                        <delete translate="title"><title>Delete</title></delete>
                      </children>
                    </actions>
                  </children>
                  <sort_order>10</sort_order>
                </manage>
              </children>
            </hello>
          </children>
        </admin>
      </resources>
    </acl>

- Edit controller admin to grant permission to Action according to each user’s permission (check again)

Declare function _isAllowed        

protected function _isAllowed()
    {
                   //get the name of action
        $action = strtolower($this->getRequest()->getActionName());
       //set true and allow to access to action if resource acl is chosen
        return Mage::getSingleton('admin/session')->isAllowed(hello/manage/actions/'.$action);
    }

5. Set up permission for each account

- Go to Roles to declare permission

 

 - Choose the applications that are allowed to access to that Roles  

 

- Set Roles for User

 

That's it. I hope this article will help you find the way to handle your problems.

Support Enquiry

Support Enquiry

If you have a question or require technical support for a Magespacex hosting or extensions you have purchased, please fill out the form below and a member of our support team will contact you shortly.

  • * Required Fields

Warranty