How to Create an Access Control List (ACL) rule?

12Jul 2022 by admin No Comments

Access Control List(ACL) Rule in Magento 2

Magento 2 allows us to customize and add new items to the backend menu. We can also regulate the access rights to them using the appropriate access control list (ACL) rules and create new ACL rules. Access Control List (ACL) rules allow an admin to limit the permissions of users in Magento 2.

Here are the steps on how we can do it.

Step 1 : Create the 2 mandatory files :

Refer this blog and create module.xml file inside etc folder and registration.php file inside Code5fixer/Accesscontrol folder. Here, CustomerCollection is the name of the module folder.

app/code/Code5fixer/Accesscontrol/etc/module.xml
app/code/Code5fixer/Accesscontrol/registration.php

Step 2 : Create acl.xml file :

This file defines a menu that will be hidden from unauthorized users. The resource attributes in the add nodes determine which resource each action accesses. Create an xml file inside etc folder of our module and name it as acl.xml

The contents of acl.xml file will be :

app/code/Code5fixer/Accesscontrol/etc/acl.xml

acl.xml

<?xml version="1.0"?>
<config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:framework:Acl/etc/acl.xsd">
    <acl>
        <resources>
            <resource id="Magento_Backend::admin">
                <resource id="Code5fixer_Accesscontrol::helloworld" title="Hello World" sortOrder="51">
                    <resource id="Code5fixer_Accesscontrol::post" title="Posts" sortOrder="10"/>
                    <resource id="Code5fixer_Accesscontrol::helloworld_configuration" title="Configuration" sortOrder="99" />
                </resource>
                <resource id="Magento_Backend::stores">
                    <resource id="Magento_Backend::stores_settings">
                        <resource id="Magento_Config::config">
                            <resource id="Code5fixer_Accesscontrol::helloworld_config" title="Hello World"/>
                        </resource>
                    </resource>
                </resource>
            </resource>
        </resources>
    </acl>
</config>

Here,

id is a resource identifier. It is used in the menu configuration and controllers to specify the resource. Must be unique and specified in the format: Vendor_Module :: resource_name.
title is the name of the resource
sortOrder is the position of the resources in the resource tree

Step 3 : Create menu.xml file

This file defines a menu that will be hidden from unauthorized users. Create a folder inside etc folder and name it as adminhtml. Inside this adminhtml folder, create an xml file and name it as menu.xml

app/code/Code5fixer/Accesscontrol/etc/adminhtml/menu.xml

The contents of this file will be:

menu.xml

<?xml version="1.0"?>
<config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:module:Magento_Backend:etc/menu.xsd">
    <menu>
     <add id="Code5fixer_Accesscontrol::menu" title="Custom Menu" module="Code5fixer_Accesscontrol" sortOrder="10" resource="Code5fixer_Accesscontrol::menu"/>
     <add id="Code5fixer_Accesscontrol::create" title="Create" module="Code5fixer_Accesscontrol" sortOrder="10" parent="Code5fixer_Accesscontrol::menu" action="custommenu/create/index" resource="Code5fixer_Accesscontrol::create"/>
     <add id="Code5fixer_Accesscontrol::delete" title="Delete" module="Code5fixer_Accesscontrol" sortOrder="20" parent="Code5fixer_Accesscontrol::menu" action="custommenu/delete/index" resource="Code5fixer_Accesscontrol::delete"/>
     <add id="Code5fixer_Accesscontrol::view" title="View" module="Code5fixer_Accesscontrol" sortOrder="30" parent="Code5fixer_Accesscontrol::menu" action="custommenu/view/index" resource="Code5fixer_Accesscontrol::view"/>
    </menu>
</config>

Here,

id is a record identifier (must be unique). {Vendor_Module}::{menu_description};
title is the name to be displayed;
module determines the module which the menu item belongs to in the Vendor_Module format;
sortOrder determines the position of the menu item. Items with a lower value of sortOrder will be displayed higher;
parent is the id of other menu items. Defines this menu as nested;
action is the page url referenced by the menu item;
resource defines the ACL rule necessary to see this menu item.

Step 4 : Run all the necessary commands

We need to run commands like setup:upgrade, static-content:deploy, setup:di:compile, reindex and cache:flush from the Magento root directory.

To know more about more magento commands, refer this blog.

Now, we could see the below menu in admin.

You could also check this by providing admin users to access this menu in the resource tree as below.

We hope, with the help of the above steps, you will easily create an ACL in Magento2. Also, share this blog with your developer friends.

You could also download the above module here

After downloading this module:

Extract the downloaded zip file
Paste the extracted Code5fixer folder into /app/code/ folder in your magento root directory.
Run all the necessary 5 commands and check for output.

This module is developed using Magento ver. 2.4.3-p1 version. But if you try this in older or newer versions, it may give some errors.

You could also refer to this demo video for better understanding.

We hope our guide would be very useful for you. If you have any questions, feel free to reach us anytime by leaving a comment below.

Check out our new blogs here