I have seen that below method.
protected function _isAllowed()
{
return $this->_authorization->isAllowed('Custom_Module::moduleslider_banners');
}
- What exactly it will do?
- Will it check the user is logged in or not?
- When it's called?
Why i'm asking because in my custom Module i'm using this, but when session expire on Admin side & if i'm on my Custom Module Page then it gives below error
Magento 2: Fatal error: Uncaught Error: Call to a member function getId()
When session expire it should automatically redirect to Login page of Admin, but it's not working like that.
Best Answer
isAllowed() is used to check if your controller(for specific method) is authorized for logged in user or not.
It by default returns true so you should define it to restrict from user.
As you can see, by default, this method returns true. That means if you don’t define your own _isAllowed method your Admin Panel features will be open to any user with an Admin Panel account, and people using your code will have no way to restrict access to your features