You are viewing an old revision of this post, from August 4, 2015 @ 16:54:13. See below for differences between this version and the current revision.

Custom module: Access denied (ACL Problem)

I created a module, and it works perfectly; however, I hit a wall. When I'm logged in as admin, everthing is good. I added this in the acl:

 

  

<?xml version="1.0"?>
<config>
    <menu>
        <erp translate="title" module="firtal_deadstock">
            <title>ERP</title>
            <sort_order>99</sort_order>
            <children>
                <stock_management module="firtal_deadstock">
                                <title>Stock Management</title>
                                <children>
                                    <firtal_deadstock>
                                        <title><![CDATA[Firtal Stock Analysis]]></title>
                                        <sort_order>99</sort_order>
                                        <action>adminhtml/deadstock</action>
                                    </firtal_deadstock>
                                </children>
                </stock_management>
            </children>
        </erp>
    </menu>
    <acl>
        <resources> 
            <all>
                <title>Allow Everything</title>
            </all>
            <admin>
                <children>
                    <system>
                        <children>
                            <config>
                                <children>
                                    <firtal_deadstock translate="title">
                                        <title>Firtal Stock Analysis settings</title>
                                        <sort_order>100</sort_order>
                                    </firtal_deadstock>
                                </children>
                            </config>
                        </children>
                    </system>
                    <erp module="firtal_deadstock">
                        <children>
                            <stock_management module="firtal_deadstock">
                                <children>
                                    <firtal_deadstock translate="title" module="firtal_deadstock">
                                        <title>Firtal Stock Analysis</title>
                                    </firtal_deadstock>
                                </children>
                            </stock_management>
                        </children>
                    </erp>
                </children>
            </admin>
        </resources>
    </acl>
</config>

But if I grant the permission to a role and login as a user with that role, they do see the menu point (not the config, but the actual menu point), but if I press it, I get an Access Denied error.

What am I missing?

-------------------------------------------------------------------------------------

Here is the solution:

I have a hunch you have in your admin controller a method called _isAllowed.
If that's true, I think it returns the wrong thing.
It should look like this: 

protected function _isAllowed()
{
    return Mage::getSingleton('admin/session')->isAllowed('erp/stock_management/firtal_deadstock');  
    //or at least
    //return Mage::getSingleton('admin/session')->isAllowed('erp/stock_management');  

}

 

 

 

Revisions

  • August 4, 2015 @ 16:54:13 [Current Revision] by admin
  • August 4, 2015 @ 16:54:13 by admin

Revision Differences

There are no differences between the August 4, 2015 @ 16:54:13 revision and the current revision. (Maybe only post meta information was changed.)

No comments yet.

Leave a Reply