Magento – How to add admin user role programatically

acladmin-useradminhtmlmagento2user-roles

I need to add user role and set that user to edit/add/view only specific products on admin page.

Best Answer

Here we create admin user role programmatically by custom module installer with specific resources.

First you need to create a installer file name InstallData.php in our custom module Setup folder

complete path:

app/code/ModuleNameSpace/YourModuleName/Setup

<?php 

namespace ModuleNameSpace\YourModuleName\Setup; 

use Magento\Framework\Setup\InstallDataInterface; 
use Magento\Framework\Setup\ModuleContextInterface; 
use Magento\Framework\Setup\ModuleDataSetupInterface; 
use Magento\Authorization\Model\UserContextInterface; 

// For get RoleType and UserType for create Role
use Magento\Authorization\Model\Acl\Role\Group as RoleGroup; 

class InstallData implements InstallDataInterface 
{ 
    /** 
     * RoleFactory
     * 
     * @var roleFactory 
     */ 
    private $roleFactory; 

    /** 
     * RulesFactory 
     * 
     * @var rulesFactory 
     */ 
    private $rulesFactory; 

    /** 
     * Init 
     */ 
    public function __construct( 
        \Magento\Authorization\Model\RoleFactory $roleFactory, // Instance of Role
        \Magento\Authorization\Model\RulesFactory $rulesFactory // Instance of Rule 
    ) { 
        // this define that which resource permitted to wich role 
        $this->roleFactory = $roleFactory; 
        $this->rulesFactory = $rulesFactory; 
    } 

    public function install(
        ModuleDataSetupInterface $setup,
        ModuleContextInterface $context
    ) { 
        // Create Warehouse role
        $role = $this->roleFactory->create();
        $role
            ->setName('YourRoleName') //Set Role Name Which you want to create 
            ->setPid(0) //set parent role id of your role 
            ->setRoleType(RoleGroup::ROLE_TYPE) 
            ->setUserType(UserContextInterface::USER_TYPE_ADMIN); 

        $role->save(); 
        
        // Now we set that which resources we allow to this role
        $resource=[
            'Magento_Backend::admin',
            'Magento_Sales::sales',
            'Magento_Sales::create',
            'Magento_Sales::actions_view',  // you will use resource id which you want tp allow
            'Magento_Sales::cancel'
        ]; 

        // Array of resource ids which we want to allow this role
        $this->rulesFactory->create()
            ->setRoleId($role->getId())
            ->setResources($resource)
            ->saveRel(); 
    } 
}

You can get resources id as explain in following snap

After adding these file install your custom module in your magento2 instance

then by terminal run following commend in your magento2 root directory

php bin/magento setup:upgrade

Now your admin user role created you can check it from System > Permission > User Role.

Reference: Create user role programmatically using custom module installer

Related Solutions

Magento 2 – How to Get Admin User Role

You need to use DI in your class -
1. add property of AdminSession class to class 2. add including of the variable using dependensy injection:

/**
 * @var \Magento\Backend\Model\Auth\Session
 */
protected $_adminSession;

public function __construct(
    \Magento\Backend\Model\Auth\Session $adminSession
) {
    $this->_adminSession = $adminSession;
}

and then where you need to use it:

public function someMethod()
{
    $roleData = $this->_adminSession->getUser()->getRole()->getData();
    $userData = $this->_adminSession->getUser()->getData();
}

Magento 1.9 – How to Remove Delete Product Functionality for Specific User Role

Create a custom module. Make the necessary name changes and add this to the etc/config.xml. Rewriting adminthtml to remove the delete and mass delete. Events are to lock a particular attribute if you don't want to give the user role to edit that attribute.

             <blocks>
                        <custom_catalog>
                            <class>Custom_Catalog_Block</class>
                        </custom_catalog>
                        <adminhtml>
                            <rewrite>
                                 <catalog_product_edit>Custom_Catalog_Block_Adminhtml_Product_Edit</catalog_product_edit>
                                 <catalog_product_grid>Custom_Catalog_Block_Adminhtml_Product_Grid</catalog_product_grid>
                            </rewrite>
                        </adminhtml>
           </blocks>
           <events>
                <catalog_product_edit_action>
                <observers>
                    <custom_catalog>
                        <type>singleton</type>
                        <class>custom_catalog/observer</class>
                        <method>lockAttributes</method>
                    </custom_catalog>
                </observers>
            </catalog_product_edit_action>
            <catalog_product_new_action>
                <observers>
                    <custom_catalog>
                        <type>singleton</type>
                        <class>custom_catalog/observer</class>
                        <method>lockAttributes</method>
                    </custom_catalog>
                </observers>
            </catalog_product_new_action>    
            </events>

Block/Adminhtml/Product/Edit.php (This is to remove the delete button in the product edit page)

class Custom_Catalog_Block_Adminhtml_Product_Edit extends Mage_Adminhtml_Block_Catalog_Product_Edit
{
 public function getDeleteButtonHtml()
    {
        $currentUser = Mage::getSingleton('admin/session')->getUser();
        $currentRole = $currentUser->getRole();
        $roleId = $currentRole->getId();
        //hardcoded the user role id for demo purposes
        if($roleId == 1){
            return $this->getChildHtml('delete_button');
        }else{
             return '';
        }

    }
}

Block/Adminhtml/Product/Grid.php (This is to remove the mass delete from actions in all products page)

class Custom_Catalog_Block_Adminhtml_Product_Grid extends Mage_Adminhtml_Block_Catalog_Product_Grid
{
    protected function _prepareMassaction()
    {
        parent::_prepareMassaction();
         $currentUser = Mage::getSingleton('admin/session')->getUser();
        $currentRole = $currentUser->getRole();
        $roleId = $currentRole->getId();
        //hardcoded the user role id for demo purposes
        if($roleId != 1){
            //like this you can remove other actions as well. eg:- status
            $this->getMassactionBlock()->removeItem('delete');               
        }
        return $this;
    }
}

Model/Observer.php (To lock attributes in product edit page if required)

class Custom_Catalog_Model_Observer {

    public function lockAttributes($observer) {
        $event = $observer->getEvent();
        $product = $event->getProduct();
        $currentUser = Mage::getSingleton('admin/session')->getUser();
        $currentRole = $currentUser->getRole();
        $roleId = $currentRole->getId();
        //hardcoded the user role id for demo purposes
        if($roleId != 1){
            //like this you can lock any attribute you like in product edit
            $product->lockAttribute('price');
            $product->lockAttribute('status');
        }
    }
}

Best Answer

Related Solutions

Magento 2 – How to Get Admin User Role

Magento 1.9 – How to Remove Delete Product Functionality for Specific User Role

Related Topic