Skip to content

Allow ACL settings for system config "groups" #4326

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 19 commits into from
Oct 13, 2025
Merged

Allow ACL settings for system config "groups" #4326

merged 19 commits into from
Oct 13, 2025

Conversation

sreichel
Copy link
Contributor

@sreichel sreichel commented Oct 31, 2024
edited
Loading

Fixed Issues (if relevant)

  1. See Adds configurable columns to product grid #3451 (comment)

To add ACL-checks to config groups you have to:

  1. add resource to adminhtml.xml
  2. adds acl_resource node to system.xmls config groups. Eg.
<acl_resource>system/config/sitemap/category</acl_resource>

Example usage: 70312f3

@github-actions github-actions bot added Component: Adminhtml Relates to Mage_Adminhtml Component: Sitemap Relates to Mage_Sitemap labels Oct 31, 2024
@sreichel sreichel marked this pull request as draft November 1, 2024 23:00
@github-actions github-actions bot removed the Component: Sitemap Relates to Mage_Sitemap label Nov 6, 2024
@sreichel sreichel marked this pull request as ready for review November 6, 2024 06:52
@kiatng
Copy link
Contributor

kiatng commented Nov 10, 2024

A brief description on how to test this would be helpful.

@sreichel
Copy link
Contributor Author

Example: 70312f3.

@sreichel sreichel requested review from addison74 and kiatng November 19, 2024 06:20
@kiatng
Copy link
Contributor

kiatng commented Nov 19, 2024

I am not sure how to disable a user from accessing a field. Can you explain how to test this PR?

@sreichel
Copy link
Contributor Author

This is not used in core, yet!

I did not want to add acl-resources in that PR.

@empiricompany "asked" for that feature. And imho its very useful for extensions.

To test see linked commit.

@sreichel
Copy link
Contributor Author

sreichel commented Dec 9, 2024

Can you explain how to test this PR?

Is updated description enough?

@sreichel sreichel added this to the 20.13.0 milestone Jan 7, 2025
@sreichel sreichel removed this from the 20.13.0 milestone Jan 17, 2025
@sreichel sreichel added this to the 20.14.0 milestone Jan 17, 2025
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@sreichel sreichel modified the milestones: 20.14.0, 20.15.0 May 5, 2025
@sreichel
Copy link
Contributor Author

Ping @empiricompany

Based on your idea. Please take a minute.

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@sreichel sreichel modified the milestones: 20.15.0, 20.16.0 Jul 5, 2025
@sreichel sreichel requested a review from Copilot October 2, 2025 05:43
Copilot
Copilot AI reviewed Oct 2, 2025
View reviewed changes
Copy link
Contributor

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR adds ACL (Access Control List) support for system configuration groups, allowing administrators to control access to specific configuration sections based on user permissions. This feature enables finer-grained permission control over system configuration areas.

  • Adds ACL resource checking for configuration groups using an acl_resource XML node
  • Integrates with existing admin session permission validation
  • Extends the _canShowField method to respect ACL permissions

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@sreichel sreichel mentioned this pull request Oct 13, 2025
Open
1 task
@sreichel
Copy link
Contributor Author

This PR does nothingt at the moment, but can be used in 3rd-party code.

To add acl_resourcenode to core, i have to make sure all permission still work. Another PR.

Merged.

@sreichel sreichel merged commit df9f3bf into OpenMage:main Oct 13, 2025
21 checks passed
@sreichel sreichel deleted the cfg-acl branch October 13, 2025 14:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@empiricompany empiricompany Awaiting requested review from empiricompany

@kiatng kiatng Awaiting requested review from kiatng

@addison74 addison74 Awaiting requested review from addison74

Assignees

No one assigned

Labels

Component: Adminhtml Relates to Mage_Adminhtml documentation needed new feature

Projects

None yet

Milestone

20.16.0

Development

Successfully merging this pull request may close these issues.

2 participants

@sreichel @kiatng