I've created one role and provide rights for my custom module using System->Permissions->Role. When any user from that role logs into system, gets access denied for my custom module. My config.xml looks this
<acl>
<resources>
<all>
<title>Allow Everything</title>
</all>
<admin>
<children>
<vendor translate="title" module="vendor">
<title>Vendor</title>
<sort_order>1000</sort_order>
<children>
<vendor translate="title">
<title>Manage Vendor</title>
<sort_order>0</sort_order>
</vendor>
</children>
</vendor>
</children>
</admin>
</resources>
</acl>
And my adminhtml.xml looks like this
<config>
<acl>
<resources>
<admin>
<children>
<system>
<children>
<config>
<children>
<vendor translate="title" module="vendor">
<title>Vendor Section</title>
<sort_order>300</sort_order>
</vendor>
</children>
</config>
</children>
</system>
</children>
</admin>
</resources>
</acl>
</config>
Best Answer
It's a very bad decision. In you case right way is: