Magento 2 – How to Disable Product Edit Fields Based on Admin Role

adminhtmlmagento-2.1magento2productuser-roles

I need to create one admin account for seo editer. This user only edit seo fields in Product edit form and category edit form

Default magento 2 Only disable menus, not a fields, I enabled only Product menu for this user.

Now, this user allows to edit, add, and delete the product and category. I need to restrict only enable seo fields in Product edit form and category edit form

reference:

Product Edit Form:

enter image description here

Category Edit Form:

enter image description here

What i did:

di.xml in below path app/code/Vendor/Module/etc/di.xml

    <?xml version="1.0"?>
    <config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:framework:ObjectManager/etc/config.xsd">
        <preference for="Magento\Catalog\Controller\Adminhtml\Product\Edit" type="Vendor\Module\Controller\Adminhtml\Product\Edit" />
    </config>

Then Override the Product Edit Controller.

Vendor\Module\Controller\Adminhtml\Product\Edit.php:

    <?php
    /**
     *
     * Copyright © 2013-2017 Magento, Inc. All rights reserved.
     * See COPYING.txt for license details.
     */
    namespace Vendor\Module\Controller\Adminhtml\Product;

    class Edit extends \Magento\Catalog\Controller\Adminhtml\Product\Edit
    {

        protected $_publicActions = ['edit'];
        protected $resultPageFactory;
        protected $logger;
        protected $authSession;
        public function __construct(
            \Magento\Backend\App\Action\Context $context,
            \Magento\Catalog\Controller\Adminhtml\Product\Builder $productBuilder,
            \Magento\Framework\View\Result\PageFactory $resultPageFactory,
            \Psr\Log\LoggerInterface $logger,
            \Magento\Backend\Model\Auth\Session $authSession
        ) {
            parent::__construct($context, $productBuilder,$resultPageFactory );
            $this->resultPageFactory = $resultPageFactory;
            $this->logger =$logger;
            $this->authSession = $authSession;
        }

        public function execute()
        {
            $this->logger->addDebug("product Edit Controller");

            if ($this->authSession->getUser()->getAclRole() == 4) {
                ?>

                <script type="text/x-magento-init">
                    {
                        "*": {
                            "Vendor_Module/js/seo_field":{}
                        }
                    }
                </script>

                <?php
            }
            return parent::execute();
        }
    }

This is My Script:

seo_field.js create following app/code/Vendor/Module/view/adminhtml/web/js/seo_field.js

 define([
        'jquery'
    ], function ($) {
        'use strict';

        console.log("testing");

        $('input[name="product[attribute_set_id]"]').prop('disabled', true);
        $('input[name="product[name]"]').prop('disabled', true);
        $('input[name="product[sku]"]').prop('disabled', true);
    });

Then, Disable the product edit fields based on name, But Not worked for me, script is being called fine,

Suggest me, why these fields are not disabled and how to fix this.

Best Answer

Follow following steps if you want to hide/disable your fields according to admin user. First include a phtml to product edit page in before.body.end

<?xml version="1.0"?>
<page xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:framework:View/Layout/etc/page_configuration.xsd">
    <body>
        <referenceContainer name="before.body.end">
          <block class="Magento\Framework\View\Element\Template" template="Vendor_Module::hideattribute.phtml" name="after"/> 
        </referenceContainer>
    </body>
</page>

Now in this phtml check the user using role id and hide corresponding attributes using given css (js is tricky because the attributes are rendered using knockout js).

    <?php 
    $role_id = ; //user's role id
    $objectManager = \Magento\Framework\App\ObjectManager::getInstance();
    $adminSession = $objectManager->get('Magento\Backend\Model\Auth\Session');
     $current_adminuser =    $adminSession->getUser()->getRole()->getRoleId();
    if($role_id == $current_adminuser): ?>
        <style>
/*check data-index for your required attributes as it is unique and does not changes with each refresh*/
    [data-index = approved] {
            display: none;
        }
        </style>
    <?php endif; ?>
Related Topic