Restrict user access to viewing prices in the admin panel (acl)
-
14-04-2021 - |
解決
great question. The acl in Magento allows any customisation (if not coming out of the box) but indeed we have to do it directly interacting with the code as below:
I have added a plugin and an acl resource, it is straightforward as you will see but quite deep in the code. good luck with this.
acl.xml
<?xml version="1.0"?>
<config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:framework:Acl/etc/acl.xsd">
<acl>
<resources>
<resource id="Magento_Backend::admin">
<resource id="Magento_Catalog::catalog">
<resource id="Magento_Catalog::catalog_inventory">
<resource id="Magento_Catalog::products">
<resource id="Magento_Catalog::update_attributes">
<resource id="Mbs_HidePrice::AccessPrice" title="Access Price" translate="title" sortOrder="10" />
</resource>
</resource>
</resource>
</resource>
</resource>
</resources>
</acl>
</config>
di.xml
<?xml version="1.0"?>
<config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:framework:ObjectManager/etc/config.xsd">
<type name="Magento\Catalog\Ui\DataProvider\Product\Form\Modifier\Eav">
<plugin name="product_form_modifier" type="Mbs\HidePrice\Plugin\ProductAttributeModifier" />
</type>
</config>
and finally, the plugin
<?php
namespace Mbs\HidePrice\Plugin;
use Magento\Catalog\Ui\DataProvider\Product\Form\Modifier\AbstractModifier;
class ProductAttributeModifier
{
/**
* @var \Magento\Framework\AuthorizationInterface
*/
private $authorization;
public function __construct(
\Magento\Framework\AuthorizationInterface $authorization
) {
$this->authorization = $authorization;
}
public function afterModifyMeta(
\Magento\Catalog\Ui\DataProvider\Product\Form\Modifier\Eav $subject,
array $meta
) {
$parsedMeta = [];
foreach ($meta as $groupCode => $group) {
if ($groupCode === AbstractModifier::DEFAULT_GENERAL_PANEL) {
$attributes = $group['children'];
$newAttributes = [];
foreach ($attributes as $key => $attribute) {
if (preg_match('%'. AbstractModifier::CONTAINER_PREFIX .'(.+)%', $key, $m)) {
$attributeCode = $m[1];
if ($attributeCode !== 'price') {
$newAttributes[] = $attribute;
} else if ($this->canShowPriceInBackend()) {
$newAttributes[] = $attribute;
}
}
}
$group['children'] = $newAttributes;
$parsedMeta[$groupCode] = $group;
} else {
$parsedMeta[$groupCode] = $group;
}
}
return $parsedMeta;
}
/**
* @return bool
*/
private function canShowPriceInBackend(): bool
{
return $this->authorization->isAllowed('Mbs_AdminScreen::Mbs_HidePrice::AccessPrice');
}
}
所属していません magento.stackexchange