Allow Additional Permissions in Company User Roles by default in Magento 2 B2B

Allow Additional Permissions in Company User Roles by default in Magento 2 B2B

Allow Additional Permissions in Company User Roles allows you to optimize and enhance default permissions for managing company-level permissions.

Magento 2 B2B comes with the Company Roles and Permissions feature which allows company owners to create roles and permission to manage company profiles and user access to resources.

If the user is not authorized to a particular resource it redirects the user to the access denied page.

The B2B setup comes with one predefined Default User role, Which will be created for each registered company. You can use it as it is or modify it as per the requirement. You can also create additional roles as much as you want.

There are many pre-defined permissions available that you can allow to particular roles to manage your company resource access.

Some default permissions are automatically allowed as shown in the below Table.

Permission ResourceDescriptionDefault Value
Magento_Sales::place_orderAllow Checkout (place order)allow
Magento_Sales::payment_accountUse Pay On Account methoddeny
Magento_Sales::view_ordersView Ordersallow
Magento_Sales::view_orders_subView orders of subordinate usersdeny
Magento_NegotiableQuote::manageRequest, Edit, Deleteallow
Magento_NegotiableQuote::checkoutCheckout with quoteallow
Magento_NegotiableQuote::view_quotes_subView quotes of subordinate usersdeny
Magento_PurchaseOrder::allOrder Approvalsallow
Magento_PurchaseOrder::view_purchase_ordersView My Purchase Ordersallow
Magento_PurchaseOrder::view_purchase_orders_for_subordinatesView for subordinatesallow
Magento_PurchaseOrder::view_purchase_orders_for_companyView for all companydeny
Magento_PurchaseOrder::autoapprove_purchase_orderAuto-approve POs created within this roledeny
Magento_PurchaseOrderRule::super_approve_purchase_orderApprove Purchase Orders without other approvalsdeny
Magento_PurchaseOrderRule::view_approval_rulesView Approval Rulesallow
Magento_PurchaseOrderRule::manage_approval_rulesCreate, Edit, and Deletedeny
Magento_Company::viewCompany Profileallow
Magento_Company::view_accountAccount Information (View)allow
Magento_Company::view_addressLegal Addressallow
Magento_Company::contactsContacts (View)allow
Magento_Company::payment_informationPayment Information (View)allow
Magento_Company::shipping_informationShipping Information (View)allow
Magento_Company::user_managementCompany User Managementallow
Magento_Company::roles_viewView roles and permissionsdeny
Magento_Company::roles_editManage roles and permissionsdeny
Magento_Company::users_viewView users and teamsallow
Magento_Company::users_editManage users and teamsdeny
Magento_Company::creditCompany Creditdeny

In this tutorial, we will see how we can allow any permission in the Default User role from the above list which are set to deny.

Here, I’m considering Magento_Sales::view_orders_sub which is not by default set as allowed while the role is created for the company.

We can use Magento\Company\Model\ResourcePool to add this permission to the by default allowed permissions list.

To do this, Create di.xml in your custom module and add the below code.

As shown above, I have added Magento_Sales::view_orders_sub to the Magento\Company\Model\ResourcePool‘s Items list arguments.

So when the new company is created,

Magento will create the Default User role and retrieveDefaultPermissions() to assign in Default User role as defined in Magento\Company\Model\Authorization\PermissionProvider::class

So, Our permission will be automatically loaded and assigned with other permissions.

So, Now when you register a new company account and check the default user role’s permission you will see that our added permission will be toggled as allowed permission.

That’s it for this tutorial, If you like this tutorial please share and comment your views on this.

You will also like,

how to get shared catalog data by ID in Magento 2?

Get Company using Customer ID programmatically Magento 2 B2B

Get Company Admin using company ID programmatically Magento 2 B2B

Happy Coding !!!!

Leave a Reply

Your email address will not be published. Required fields are marked *