Skip to content

Commit be72706

Browse files
magento-engcom-teammagento-engcom-team
committed
ENGCOM-3995: Granular Magento_Customer ACL #20436
- Merge Pull Request #20436 from kassner/magento2:patch-13 - Merged commits: 1. 3cd2be1 2. 4dee7d2 3. f87179b
2 parents b8eb424 + f87179b commit be72706

File tree

8 files changed

+38
-1
lines changed

8 files changed

+38
-1
lines changed

app/code/Magento/Customer/Block/Adminhtml/Edit/DeleteButton.php

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -53,6 +53,7 @@ public function getButtonData()
5353
],
5454
'on_click' => '',
5555
'sort_order' => 20,
56+
'aclResource' => 'Magento_Customer::delete',
5657
];
5758
}
5859
return $data;

app/code/Magento/Customer/Block/Adminhtml/Edit/InvalidateTokenButton.php

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -27,6 +27,7 @@ public function getButtonData()
2727
'class' => 'invalidate-token',
2828
'on_click' => 'deleteConfirm("' . $deleteConfirmMsg . '", "' . $this->getInvalidateTokenUrl() . '")',
2929
'sort_order' => 65,
30+
'aclResource' => 'Magento_Customer::invalidate_tokens',
3031
];
3132
}
3233
return $data;

app/code/Magento/Customer/Block/Adminhtml/Edit/ResetPasswordButton.php

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -27,6 +27,7 @@ public function getButtonData()
2727
'class' => 'reset reset-password',
2828
'on_click' => sprintf("location.href = '%s';", $this->getResetPasswordUrl()),
2929
'sort_order' => 60,
30+
'aclResource' => 'Magento_Customer::reset_password',
3031
];
3132
}
3233
return $data;

app/code/Magento/Customer/Controller/Adminhtml/Customer/InvalidateToken.php

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -27,6 +27,13 @@
2727
*/
2828
class InvalidateToken extends \Magento\Customer\Controller\Adminhtml\Index
2929
{
30+
/**
31+
* Authorization level of a basic admin session
32+
*
33+
* @see _isAllowed()
34+
*/
35+
const ADMIN_RESOURCE = 'Magento_Customer::invalidate_tokens';
36+
3037
/**
3138
* @var CustomerTokenServiceInterface
3239
*/

app/code/Magento/Customer/Controller/Adminhtml/Index/Delete.php

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,13 @@
1010

1111
class Delete extends \Magento\Customer\Controller\Adminhtml\Index implements HttpPostActionInterface
1212
{
13+
/**
14+
* Authorization level of a basic admin session
15+
*
16+
* @see _isAllowed()
17+
*/
18+
const ADMIN_RESOURCE = 'Magento_Customer::delete';
19+
1320
/**
1421
* Delete customer action
1522
*

app/code/Magento/Customer/Controller/Adminhtml/Index/MassDelete.php

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,13 @@
1818
*/
1919
class MassDelete extends AbstractMassAction implements HttpPostActionInterface
2020
{
21+
/**
22+
* Authorization level of a basic admin session
23+
*
24+
* @see _isAllowed()
25+
*/
26+
const ADMIN_RESOURCE = 'Magento_Customer::delete';
27+
2128
/**
2229
* @var CustomerRepositoryInterface
2330
*/

app/code/Magento/Customer/Controller/Adminhtml/Index/ResetPassword.php

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,13 @@
1616
*/
1717
class ResetPassword extends \Magento\Customer\Controller\Adminhtml\Index implements HttpGetActionInterface
1818
{
19+
/**
20+
* Authorization level of a basic admin session
21+
*
22+
* @see _isAllowed()
23+
*/
24+
const ADMIN_RESOURCE = 'Magento_Customer::reset_password';
25+
1926
/**
2027
* Reset password handler
2128
*

app/code/Magento/Customer/etc/acl.xml

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,13 @@
1010
<resources>
1111
<resource id="Magento_Backend::admin">
1212
<resource id="Magento_Customer::customer" title="Customers" translate="title" sortOrder="40">
13-
<resource id="Magento_Customer::manage" title="All Customers" translate="title" sortOrder="10" />
13+
<resource id="Magento_Customer::manage" title="All Customers" translate="title" sortOrder="10">
14+
<resource id="Magento_Customer::actions" title="Actions" translate="title" sortOrder="10">
15+
<resource id="Magento_Customer::delete" title="Delete" translate="title" sortOrder="10" />
16+
<resource id="Magento_Customer::reset_password" title="Reset password" translate="title" sortOrder="20" />
17+
<resource id="Magento_Customer::invalidate_tokens" title="Invalidate tokens" translate="title" sortOrder="30" />
18+
</resource>
19+
</resource>
1420
<resource id="Magento_Customer::online" title="Now Online" translate="title" sortOrder="20" />
1521
<resource id="Magento_Customer::group" title="Customer Groups" translate="title" sortOrder="30" />
1622
</resource>

0 commit comments

Comments
 (0)