In magento , I can create a sub-admin giving access to limited resources. But if I allow any sub-admin to create new sub-admin role and user then he is allowed to give all the access to the new sub-admin even which are not available to him..
(I mean all the module are available to him in Role Resources Tree Under add New Role, even which are not assigned to him)
For example: If sub admin is not having access to reports,Order he can not allow the reports,Order access to the other user he is creating from his access.
Any suggestions?
If you are giving User & Role access to sub-admin, then he/she can create new user as well as role. Magento doesn't check it's own access level. According to your requirement, you have to override admin Permission module.
Create custom extension to overcome from this issue or try any ready extension for it.
Related
My client wants the access to create users and roles in magento, i have already given him a limited users created by myself, in that users there is not permission to add users and roles.
My question: Is there any way i can give him permissions to add users and roles but, all the menus that i have made hidden should stay hidden.
What i Want to achieve
I want to give access of creating roles and users to my client, but i don't to revel some menu like "System" to him
In Magento 1.X:
System->Permission->Roles->(Role Name)->Roles Resources->Custom
In Magneto 2.X:
System->User Roles->(Role Name)->Roles Resources->Custom
To give the access for "Roles and User" you have to reveal the
"system" menu to the user as it's the parent of "Roles and User". But, you can disable other inner menus by unchecking them.
You have to only check the System > Permission > Roles > User Bosex from Roles Resouce Tree and it will only allow the user to access the Roles and User.
By default, Magento shows different widget types as options in the backend, such as 'Cms Page Link' and 'Catalog Category Link'. However, I want to provide my client only with the theme's relevant widgets, so I want to be able to remove some widgets, at least as an admin option.
The options for the backend are set via the respective core modules /etc/widget.xml. What is the best way to override this, without a core hack?
Any suggestion would be much appreciated!
#Daco
Magento has features to implement the above. It is achieved with the help of "ROLES" and "USERS" in the system tab of magento admin panel.
Solution
Create a role for your client "client_xyz" by going to
System->Permission->Roles.
Add Resources to the role, these resources are the links that you
would like to restrict the users upon or grant them permissions.
After creating the roles and resources, create a user to be given to the client. The Users can be created under System->Permissions->Users.
Create the users assign the roles that are already created. And now when the users login using this newly created credentials. They will only see what is granted by the Admin.
In magento , I can create a sub-admin giving access to limited resources. But if I allow any sub-admin to create new sub-admin user then he is allowed to give all the access to the new sub-admin even which are not available to him..
Sub-admin should only allow the access, whatever he is holding.
For eg. : If sub admin is not having access to reports, he can not allow the report access to the other user he is creating from his access.
Any Suggestions.. ?
You can change into table admin_role, change the number in parent_id and tree_level columns of your user.
I am learning through the Magento theme customization and Module creation steps, i have a question about user roles in Magento
If i have multiple stores in my website, will the admin of one store can access details of another store. And is there any super admin like user role who can view all the stores products?
Thanks
The backend for magento is one so different users with different privilege can enter the same backend for all store...
you can also limit access of user to different features and configurations. Like you can give one user the privilege to see orders and another one to approve invoices.
Plus you can define the scope so that one user can enter certain store values.
The default admin have access to all store all features.
I know how to use isAllowed to check if the current user has access to this or that role resource. However, isAllowed() does not seem to work for any other than the currently logged in user.
I need to produce a list of administrator users with a specific permission at role resource level, how would I go about that ?
Magento - How to query admin's role name?