Default “Access Control List” functionality (ACL) in nopCommerce allows store admins to grant access to predefined processes and also deny them. Nevertheless, they can restrict customers and other admins to access URLs and actions which aren’t defined in ACL. With using this plugin, store admins can deny customers to access URLs in any part of the website, especially the admin panel. In addition to static URLs, dynamic URLs can be defined by Regex patterns. These URLs can also be defined by “Controller” and “Action” of MVC routing. If an URL is limited for a user in panel admin, the plugin removes it from admin panel menu for them automatically. Also, plugin can restrict public store routes and if users try to access a restricted URL, the plugin will redirect them to 404 Not found page.
In the configure page, admin can specify whether the plugin’s functionality is enabled or not. If the plugin was disabled, defined restrictions aren't be applied at all.
In this page, admin can define restricted routes with these options: