Hide or not render admin menu items based on ACL

This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.
4 years ago
I am sorry in advance for possible duplication, because it seems like this has been a common question of the years per version.

I have added a custom PermissionRecord to specific controllers and have added the appropriate permissions to the roles via the ACL. What else do I need to do to not have those same items rendered in the admin menu in 3.8 and/or 4.1?
0
4 years ago
Hi,

When creating the SiteMapNode you can set the Visible parameter based on the current customer permissions.

var visible = _permissionService.Authorize(StandardPermissionProvider.AccessAdminPanel);

Regards,
Stoyan
www.Nop-Templates.com - the best place for nopCommerce themes and plugins

Follow us on
Facebook: http://www.facebook.com/NopTemplates
Blog: http://www.nop-templates.com/blog

www.Nop-Templates.com
nopCommerce Solution Partners
0
4 years ago
first should not add permission records directly in database, they most be added by a plugin.
if so then you most check access in ManageSiteMap method of your plugin.

here is sample:


        public void ManageSiteMap(SiteMapNode rootNode)
        {
            if (!_permissionService.Authorize(StandardPermissionProvider.ManagePayments))
                return;

            var peymentsNode = new SiteMapNode()
            {
                Title = this._localizationService.GetResource("Plugins.Payments.PaymentsManager.Menu"),
                Url = "~/Admin/Plugins/PaymentsManager/Transaction/List",
                IconClass = "fa-dot-circle-o",
                SystemName = "PluginPaymentManager-payments",
                Visible = true,
                RouteValues = new RouteValueDictionary() { { "Namespaces", "Plugin.Payments.PaymentsManager" }, {"area", "admin" } },
            };

            var salesNode = rootNode.ChildNodes.FirstOrDefault(x => x.SystemName == "Sales");
            salesNode.ChildNodes.Add(peymentsNode);
        }



in case if you didn't know how to create a new permission record in a plugin:



namespace Nop.Plugin.Misc.PaymentManager.Security
{
    public class PaymanetManagerPermissionProvider : IPermissionProvider
    {
        public static readonly PermissionRecord AccessPayments;

        static PaymanetManagerPermissionProvider()
        {
            var permissionRecord = new PermissionRecord()
            {
                Name = "Access. Payments",
                SystemName = "AccessPluginPayments",
                Category = "Plugin"
            };

            PaymanetManagerPermissionProvider.AccessPayments = permissionRecord;
        }

        public virtual IEnumerable<PermissionRecord> GetPermissions()
        {
            return new PermissionRecord[1] { PaymanetManagerPermissionProvider.AccessPayments };
        }

        public virtual IEnumerable<DefaultPermissionRecord> GetDefaultPermissions()
        {
            DefaultPermissionRecord[] permissionRecordArray = new DefaultPermissionRecord[1]
                {
                    new DefaultPermissionRecord()
                    {
                        CustomerRoleSystemName = (SystemCustomerRoleNames.Administrators),
                        PermissionRecords = (new PermissionRecord[1] { AccessPayments })
                    }
                };

            return permissionRecordArray;
        }
    }
}

ParshanNdr.
0
This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.