.
.permissions
and additional_permissions
. Let's start with the normal permissions.permissions
:product
viewer
product.viewer
permissions
this is usually the module name, product
in this case. Other keys could be for example manufacturer
, shopping_experiences
or customers
. The key is used to group the admin privileges, as seen in the picture above.permissions
:viewer
: The viewer is allowed to view entitieseditor
: The editor is allowed to edit entitiescreator
: The Creator is allowed to create new entitiesdeleter
: The Deleter is allowed to delete entitiespermissions
, which represent CRUD functionality, there are also additional_permissions
. These are intended for all functions that cannot be represented by CRUD.additional_permissions
have their own card below the normal permissions grid. An example for additional_permissions
would be: "clearing the cache". This is an individual action without CRUD functionalities. The key is still used for grouping. Therefore the role can be individual and does not have to follow the scheme.additional_permissions
:system
clear_cache
system.clear_cache
addPrivilegeMappingEntry
of the privilege service:permissions
grid or in the additional_permissions
null
.permissions
each role will be in the same row.permissions
: Use viewer
, editor
, creator
and deleter
.additional_permissions
: Use a custom key because the additional permissions don´t enforce a structure.entity_name:operation
, e.g. 'product:read'.product.viewer
.addPrivilegeMappingEntry
to add a new entry:main.js
file which has to be placed in the <plugin root>/src/Resources/app/administration/src
directory in order to be automatically found by Shopware 6.additional_permissions
you need to set additional_permissions
in the property category. The main difference to normal permissions is that you can choose every role key you want.additional_permissions
:system
to group the permission together with other system specific permissions. However, you can feel free to add your own names here.getPrivileges
of the service.product.viewer
automatically have access to all privileges from the rule.viewer
.rule
module.privilege
to the meta
property in your route:privilege
to your navigation settings to hide it:additional_permissions
):acl
service to check if the user has the correct privileges to view or edit things, regardless of location in your app. The method you need is acl.can(identifier)
: It checks automatically if the user has admin rights or the privilege for the identifier.Shopware.Service('acl')
) or inject the service in your component:active
which then returns a boolean or just the property active
as boolean. In our case we need a function to check if the user has the privilege required to use the shortcut.