In this blog, I’ll walk you through a simple method for retrieving role permissions in Magento 2 based on role id using the Magento\Company\Model\Authorization\PermissionProvider class.
Managing user roles and permissions is crucial for controlling access to different features in any eCommerce platform. Whether you are running a B2B store or managing multiple departments within your organization, knowing how to retrieve role permissions is a key part of your administrative toolkit.
Why Role Permissions Matter in Magento 2
Role-based permissions allow you to control what each user can and cannot do in your Magento store. For instance, you may have different roles like Administrator, Customer Support, Sales Manager, or custom roles for B2B customers. Managing these permissions ensures that each role has the appropriate level of access, enhancing both security and operational efficiency.
Magento 2 provides several built-in tools for handling user permissions, and one of the key components used in B2B setups is the Magento\Company\Model\Authorization\PermissionProvider class from the Magento_Company module.
Let’s check a quick example below.
Example
<?php
namespace Jigar\Blogs\Helper;
use Magento\Company\Model\Authorization\PermissionProvider;
class Data
{
/**
* @var PermissionProvider
*/
protected $permissionProvider;
/**
* Data constructor.
*
* @param PermissionProvider $permissionProvider
*/
public function __construct(PermissionProvider $permissionProvider)
{
// Inject the PermissionProvider dependency
$this->permissionProvider = $permissionProvider;
}
/**
* Retrieve role permissions based on the provided role ID.
*
* @param int $roleId The ID of the role you want to retrieve permissions for
* @return array|null Returns an array of permissions or null if not found
*/
public function getRolePermissionsByRoleId(int $roleId): ?array
{
// Use PermissionProvider to retrieve permissions by role ID
return $this->permissionProvider->retrieveRolePermissions($roleId);
}
}The method getRolePermissionsByRoleId(6) fetches permissions for the role with the ID 6. This role ID is linked to a specific user role in your Magento 2 store, and the method returns all the permissions assigned to that role.
Output
The output will be something like this,
[
"Magento_Company::index" => "allow",
"Magento_Sales::all" => "allow",
"Magento_Sales::place_order" => "allow",
"Magento_Sales::payment_account" => "deny",
"Magento_Sales::view_orders" => "allow",
"Magento_Sales::view_orders_sub" => "deny",
"Magento_NegotiableQuote::all" => "allow",
"Magento_NegotiableQuote::view_quotes" => "allow",
"Magento_NegotiableQuote::manage" => "allow",
"Magento_NegotiableQuote::checkout" => "allow",
"Magento_NegotiableQuote::view_quotes_sub" => "deny",
"Magento_PurchaseOrder::all" => "allow",
"Magento_PurchaseOrder::view_purchase_orders" => "allow",
"Magento_PurchaseOrder::view_purchase_orders_for_subordinates" => "allow",
"Magento_PurchaseOrder::view_purchase_orders_for_company" => "deny",
"Magento_PurchaseOrder::autoapprove_purchase_order" => "deny",
"Magento_PurchaseOrderRule::super_approve_purchase_order" => "deny",
"Magento_PurchaseOrderRule::view_approval_rules" => "allow",
"Magento_PurchaseOrderRule::manage_approval_rules" => "deny",
"Magento_Company::view" => "allow",
"Magento_Company::view_account" => "allow",
"Magento_Company::edit_account" => "deny",
"Magento_Company::view_address" => "allow",
"Magento_Company::edit_address" => "deny",
"Magento_Company::contacts" => "allow",
"Magento_Company::payment_information" => "allow",
"Magento_Company::shipping_information" => "allow",
"Magento_Company::user_management" => "allow",
"Magento_Company::roles_view" => "deny",
"Magento_Company::roles_edit" => "deny",
"Magento_Company::users_view" => "allow",
"Magento_Company::users_edit" => "deny",
"Magento_Company::credit" => "deny",
"Magento_Company::credit_history" => "deny",
]Following this guide, you can easily implement the code and start controlling what each role can access in your Magento 2 store.
Happy B2B 🙂
You may also like,
Allow Additional Permissions in Company User Roles by default in Magento 2 B2B
how to get shared catalog data by ID in Magento 2?
Get Company using Customer ID programmatically Magento 2 B2B
Get Company Admin using company ID programmatically Magento 2 B2B
Leave a Comment