Disable custom module functions for user roles
https://magento.stackexchange.com/questions/219014
-
04-01-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian题
I've created a custom module that allows you to delete orders. Now what I want is that when another user has logged in with a custom role (so not the Administrator), this function won't work. If I disable the resource responsible for deleting orders for the custom user, the user can still perform the action although the settings for disabling and enabling are not visible.
The .php file responsible checks if the module is enabled, and if so, it will run the code. If it is disabled, it should throw the following
else {
$this->messageManager->addError(__("Either you're not allowed to delete orders or the function has been disabled"));
$resultRedirect = $this->resultRedirectFactory->create();
$resultRedirect->setPath($this->getComponentRefererUrl());
return $resultRedirect;
}
But unfortunately, when the function has been enabled by the Administrator, the function will also be enabled for other users.
Is there a work around for this, so that when the administrator is not logged in, the function will not work?
Thanks in advance.
-- SOLUTION (thanks to Shireen N) --
add the following function and use it as validation like so:
protected function _isAllowed() {
return $this->_authorization->isAllowed('Vendor_Module::resource');
}
if ($enabled and $this->_isAllowed()) {
// your code here
}
解决方案
Follow this tutorial to achieve the desired results - https://www.magestore.com/magento-2-tutorial/3194-2/
